Unable to load RSA public key

StackOverflow https://stackoverflow.com/questions/17817508

  •  04-06-2022
  •  | 
  •  

Question

I'm trying to read RSA public key shown below, but I get an exception at line 6: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: algid parse error, not a sequence

My code:

String rsaPublicKey = rsaPublicKeyString.replace(
    "-----BEGIN RSA PUBLIC KEY-----\n", "");
rsaPublicKey = rsaPublicKey.replace("\n-----END RSA PUBLIC KEY-----", "");
byte[] bytes = EncryptionUtils.decodeBase64(rsaPublicKey);

KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(bytes);
pubKey = (RSAPublicKey)keyFactory.generatePublic(keySpec);

RSA public key:

-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwVACPi9w23mF3tBkdZz+zwrzKOaaQdr01vAbU4E1pvkfj4sqDsm6
lyDONS789sVoD/xCS9Y0hkkC3gtL1tSfTlgCMOOul9lcixlEKzwKENj1Yz/s7daS
an9tqw3bfUV/nqgbhGX81v/+7RFAEd+RwFnK7a+XYl9sluzHRyVVaTTveB2GazTw
Efzk2DWgkBluml8OREmvfraX3bkHZJTKX4EQSjBbbdJ2ZXIsRrYOXfaA+xayEGB+
8hdlLmAjbCVfaigxX0CDqWeR1yFL9kwd9P0NsZRPsmoqVwMbMu7mStFai6aIhc3n
Slv8kg9qv1m6XHVQY3PnEw+QQtqSIXklHwIDAQAB
-----END RSA PUBLIC KEY-----

What am I doing wrong?

UPD:

public static byte[] decodeBase64(String data) throws EncryptionException {
    try {
        BASE64Decoder decoder = new BASE64Decoder();
        return decoder.decodeBuffer(data);
    } catch (Exception e) {
        throw new EncryptionException(e);
    }
}
Was it helpful?

Solution 2

Your problem is caused because your public key is an RSAPublicKey object rather than a SubjectPublicKeyInfo object (see this answer for a good description of the difference). You will need to convert from one to the other before your code will work.

BouncyCastle can do the conversion for you. The following code snippet will work, although I dislike it for two reasons:

  1. It uses a deprecated class PEMReader.

  2. It requires the BouncyCastle provider to be loaded.

Code:

Security.addProvider(new BouncyCastleProvider());    
PEMReader reader = new PEMReader(new StringReader(rsaPublicKeyString));    
BCRSAPublicKey key = (BCRSAPublicKey) reader.readObject();
bytes[] = key.getEncoded(); // now in SubjectPublicKeyInfo format.

// as before...

With BouncyCastle, there is always many ways to skin a cat. Perhaps someone can find a more elegant solution than the one above?

OTHER TIPS

For me, I was missing the OID in the public key. I had to correct that on the iOS side using help from here: http://blog.wingsofhermes.org/?p=42

Also, my public key didn't have to be casted to an RSAPublicKey, the standard worked just fine:

X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(publicKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top