无法在 JAVA 中生成 RSAPublicKey

Can't generate RSAPublicKey in JAVA

我在从字符串生成 RSAPublicKey 时遇到问题。

 public  RSAPublicKey getPublickey() throws NoSuchAlgorithmException,InvalidKeySpecException {
        String publicKeyContent = "MIIC5jCCAc6gAwIBAgIGAXFv6JtpMA0GCSqGSIb3DQEBCwUAMDQxCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwN0ZGMxFzAVBgNVBAMTDm9pLXNpZ25pbmdjZXJ0MB4XDTIwMDQxMjE5NDA0NloXDTIxMDQxMjE5NDA0N1owNDELMAkGA1UEBhMCREsxDDAKBgNVBAoTA3RkYzEXMBUGA1UEAxMOb2ktc2lnbmluZ2NlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeITu7qWYKDw1gZ/ZG2YbvulJ5RzDpC9QXGOKov2dz8f9+Il3LWuq16o0obQTPiE6ZLG/7PiTQoxtEHEr1aIexUw0NkB+kA2fqgrHDhFZPabHELFoTJ8Jc83gethziFztyCG7fLGgH2kezFndG2VKBuF6/XmDl5sHrax2QZHE5Jcepdo+bEFeA+wUGPNEfidqbOnGeimwDkt7eW/P4pjPjCeT+2Hu4Qo9N6pmxcUGYuPvJ81dA0CiEtoYlSW80aROr5welBAGM2DydSvdCp2FHj+fEFE+uxoWfClccq74KYiqHGg7WmZfLxkcK9OhxhHoqctxtFlK1OD4DkBnRBPgjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIs22S5YalOoYCi/fQCXWk8JQwFKDagriroga4gg715bOaXUkrJVgiMrlyKhXCskx3njaYDG/+UQ0EzbQzTfqC8YtijeOXpJgz9T4fieWuLuen//nHXSb/9I07J/qC31JjI2NjR2LIKumS59DF40VPsliYGhxAH17CECIWTyb5vTJcm6c38OF2MpaRBcX3tF1fncPPHmRX6K0npjWtEm5yb5/YeEIS2SlkB9dFvx+2CbzGezEwhITnMwpo2lthkC18DV8ma2kUUDjocQtwLwO1eStKG5HF29dRnUGyNTyp/a0P9PNngI7FhC1ce5L/LtB6YZyajsCFqDsMunXOlbjqQ=";

        KeyFactory kf = KeyFactory.getInstance("RSA");

        System.out.println("publicKeyContent: " + publicKeyContent);

        X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyContent));
        RSAPublicKey pubKey = (RSAPublicKey)kf.generatePublic(keySpecX509);

        System.out.println(("Pubkey: " + pubKey));

        return pubKey;
    }
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
    at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205) [?:?]
    at java.security.KeyFactory.generatePublic(KeyFactory.java:334) [?:?]
    at com.comarch.aif.proxy.processors.AuthorizeProcessor.getPublickey(AuthorizeProcessor.java:130) [30:aif-tdc-proxy:3.2.0.SNAPSHOT]
    at com.comarch.aif.proxy.processors.AuthorizeProcessor.process(AuthorizeProcessor.java:58) [30:aif-tdc-proxy:3.2.0.SNAPSHOT]
    at org.apache.camel.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:63) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:541) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:120) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:83) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198) [89:org.apache.camel.camel-core:2.19.0]
    at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:192) [95:org.apache.camel.camel-jetty-common:2.19.0]
    at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:74) [94:org.apache.camel.camel-http-common:2.19.0]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [64:javax.servlet-api:3.1.0]
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1712) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
    at org.eclipse.jetty.servlets.MultiPartFilter.doFilter(MultiPartFilter.java:148) [271:org.eclipse.jetty.servlets:9.3.14.v20161028]
    at org.apache.camel.component.jetty.CamelFilterWrapper.doFilter(CamelFilterWrapper.java:43) [95:org.apache.camel.camel-jetty-common:2.19.0]
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1699) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.server.Server.handle(Server.java:534) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [269:org.eclipse.jetty.server:9.3.14.v20161028]
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) [261:org.eclipse.jetty.io:9.3.14.v20161028]
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) [261:org.eclipse.jetty.io:9.3.14.v20161028]
    at org.eclipse.jetty.io.SelectChannelEndPoint.run(SelectChannelEndPoint.java:93) [261:org.eclipse.jetty.io:9.3.14.v20161028]
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [272:org.eclipse.jetty.util:9.3.14.v20161028]
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [272:org.eclipse.jetty.util:9.3.14.v20161028]
    at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [272:org.eclipse.jetty.util:9.3.14.v20161028]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [272:org.eclipse.jetty.util:9.3.14.v20161028]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.run(QueuedThreadPool.java:589) [272:org.eclipse.jetty.util:9.3.14.v20161028]
    at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
    at sun.security.x509.X509Key.decode(X509Key.java:397) ~[?:?]
    at sun.security.x509.X509Key.decode(X509Key.java:402) ~[?:?]
    at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:86) ~[?:?]
    at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298) ~[?:?]
    at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201) ~[?:?]
    ... 36 more

当我使用不同的 publickKeyContent 时,例如:

String publicKeyContent = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBdtgPGgQq6i856pnvj6yl+5gHAhHCgsTsrrHR4L4rkwIXYLu/i6O6gBKS2JaQ0kmye05U6S6Qgavmeek7pVefuXB1rFLnGvZJRHCJhZlXJSI5xEYpCuq1bw97iN+B5aSqIPkfbBjcmSQ14Xcm0vFZ65JJA4DjZclbVFSJpxXB4rqN8Rar2C87vMm+8z9rQ9Jn6yGBaVpZ1RnY1GDEv7OfBVcfbtwNeqOV/Qlpb+9aQML7Wf3ZU0Fvqto+WkBjgqZWcoE1qgRWWnYRPyXWsJUQY2u0H8ZVxHJtuQNnQanMBnih1Mh2cjDQKrSxMT2s5C0f+gNhp+mi2jRb0IY/J1PwIDAQAB";

evrything 工作正常,我在 JWT.IO 上使用两个证书在不同的 JSON Web 令牌上,并且在这个网站上都工作正常。我做错了什么?

抛出异常的例子是不是一个public密钥,它是一个完整的X.509证书。证书有很多字段,其中只有一个字段是 public 键。这是一个简短的示例,展示了如何从证书中提取 public 密钥。

import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Base64;

public class GetCert {
    public static void main(String[] args) throws CertificateException {
        String certBase64 = "MIIC5jCCAc6gAwIBAgIGAXFv6JtpMA0GCSqGSIb3DQEBCwUAMDQxCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwN0ZGMxFzAVBgNVBAMTDm9pLXNpZ25pbmdjZXJ0MB4XDTIwMDQxMjE5NDA0NloXDTIxMDQxMjE5NDA0N1owNDELMAkGA1UEBhMCREsxDDAKBgNVBAoTA3RkYzEXMBUGA1UEAxMOb2ktc2lnbmluZ2NlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeITu7qWYKDw1gZ/ZG2YbvulJ5RzDpC9QXGOKov2dz8f9+Il3LWuq16o0obQTPiE6ZLG/7PiTQoxtEHEr1aIexUw0NkB+kA2fqgrHDhFZPabHELFoTJ8Jc83gethziFztyCG7fLGgH2kezFndG2VKBuF6/XmDl5sHrax2QZHE5Jcepdo+bEFeA+wUGPNEfidqbOnGeimwDkt7eW/P4pjPjCeT+2Hu4Qo9N6pmxcUGYuPvJ81dA0CiEtoYlSW80aROr5welBAGM2DydSvdCp2FHj+fEFE+uxoWfClccq74KYiqHGg7WmZfLxkcK9OhxhHoqctxtFlK1OD4DkBnRBPgjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIs22S5YalOoYCi/fQCXWk8JQwFKDagriroga4gg715bOaXUkrJVgiMrlyKhXCskx3njaYDG/+UQ0EzbQzTfqC8YtijeOXpJgz9T4fieWuLuen//nHXSb/9I07J/qC31JjI2NjR2LIKumS59DF40VPsliYGhxAH17CECIWTyb5vTJcm6c38OF2MpaRBcX3tF1fncPPHmRX6K0npjWtEm5yb5/YeEIS2SlkB9dFvx+2CbzGezEwhITnMwpo2lthkC18DV8ma2kUUDjocQtwLwO1eStKG5HF29dRnUGyNTyp/a0P9PNngI7FhC1ce5L/LtB6YZyajsCFqDsMunXOlbjqQ=";
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Certificate cert = cf.generateCertificate(
                new ByteArrayInputStream(
                        Base64.getDecoder().decode(certBase64)
                )
        );

        System.out.println(cert.getPublicKey());
    }
}