I'm having some trouble getting a decryption tool to work on production. I'm using PGPainless in Java to decrypt documents using a preset private key and key passphrase. To test locally, I'm using a custom secrets JSON file that Docker picks up. Everything, from the code to my Retool app, works great this way. (I point the app at my local Ngrok.) However, when I copy exactly the same keys/values from my local secrets to AWS Secrets Manager, the Java fails to read the private key, telling me "No key data found." I've tried a number of different ways to format the private key, specifically around the whitespace/line breaks, but nothing works.
byte[] keyBytes = ourSecretsService.getPgpPrivateKey().getBytes();
String keyPassword = ourSecretsService.getPgpPrivatePassPhrase();
SOP sop = new SOPImpl();
byte[] resultBytes = sop.decrypt()
.withKey(keyBytes)
.withKeyPassword(keyPassword)
.ciphertext(encryptedFileBytes)
.toByteArrayAndResult()
.getBytes();
The key was formatted differently when it was brought in. It should be stored in AWS using
\nfor the line breaks. Then in the code, I didreplace("\\n", "\n")before converting to bytes.