Can't parse RSA Public key

Question

Can't parse RSA Public key

sssemil opened this issue 10 months ago · 2 comments

I'm trying to parse and use a public RSA key:

What I'm trying:

const PUBLIC_RSA_KEY_STR: &str = "-----BEGIN RSA PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxDiWHMTzDfIMeLVw4BGT\nOnhVv/jjccrcHFMtm0ShbOb8bu0b/hvtN2oEdWx2RTdNT7AvntB9R9vCv60lZrk0\nZtfR8p2lew++NKAfyEeqTfL8dpfjhPtTZWLjdKG9SzkN66SRXBz5fNae4qaDHG3N\nI8PtYmwRnpfy6VzpcdwOGQxv2nGmgT4AKD/A1wl+7W2KruUPlWaGRNsSiFVceNTR\nYWll5OsRM0BB9YLkwDAFm27e+XmISJlapSmD8Gqx3i5ZvpwINboj1JiEaqMe/bAs\nASYHR73qz7G/B9p7nSc6tKr3SToXivZqDC47NLa81JZuyHyc7U5r+pdcTXOCsa+T\nTS0Y+fEZZ5rOQO3nI3voDULvf1yDvWsJTJW8qi3RjtGlR3P3M0JwONF0xZUwtSal\nMOLWwNjZrC33LIuGoD4M+43/y62xkdXIE4CHXTo3annRPnktkdYxTVfIYUXH8JDA\ng7++dIE4ZaN41Eg2mWCt3SSry9BqrMhEcY7YyuVyzJnv59cGCi5sDnQHGlXs1xJG\n/5QSyhID9+J2RRtu4sZ+5aLIvcIkMsNhul0mbfTRr34f9MGqYv9mkuzHUC/ppykG\nOv1ZJ0PWMIX4WCMXLKSi5Ii4Eayrev4BZk6WtXnvgX+EY9j+/85o+XgvyaX1Z7hE\nPBYZ9E8aCK/7kzIK4tgXviECAwEAAQ==\n-----END RSA PUBLIC KEY-----\n";

use rsa::pkcs1::DecodeRsaPublicKey;
use rsa::{Oaep, RsaPublicKey};
use rsa::sha2::Sha256;

let public_key = RsaPublicKey::from_pkcs1_pem(PUBLIC_RSA_KEY_STR).unwrap();
let data = b"hello world";
let padding = Oaep::new::<Sha256>();
let enc_data = public_key.encrypt(&mut rand::thread_rng(), padding, &data[..]).expect("failed to encrypt");

What I get:

called `Result::unwrap()` on an `Err` value: Pkcs8(PublicKey(Asn1(Error { kind: TagUnexpected { expected: Some(Tag(0x02: INTEGER)), actual: Tag(0x30: SEQUENCE) }, position: Some(Length(2)) })))
thread 'circle::api::test::test_rsa_import' panicked at 'called `Result::unwrap()` on an `Err` value: Pkcs8(PublicKey(Asn1(Error { kind: TagUnexpected { expected: Some(Tag(0x02: INTEGER)), actual: Tag(0x30: SEQUENCE) }, position: Some(Length(2)) })))',

Same key works in Python like this:

from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP

public_key_string = "-----BEGIN RSA PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxDiWHMTzDfIMeLVw4BGT\nOnhVv/jjccrcHFMtm0ShbOb8bu0b/hvtN2oEdWx2RTdNT7AvntB9R9vCv60lZrk0\nZtfR8p2lew++NKAfyEeqTfL8dpfjhPtTZWLjdKG9SzkN66SRXBz5fNae4qaDHG3N\nI8PtYmwRnpfy6VzpcdwOGQxv2nGmgT4AKD/A1wl+7W2KruUPlWaGRNsSiFVceNTR\nYWll5OsRM0BB9YLkwDAFm27e+XmISJlapSmD8Gqx3i5ZvpwINboj1JiEaqMe/bAs\nASYHR73qz7G/B9p7nSc6tKr3SToXivZqDC47NLa81JZuyHyc7U5r+pdcTXOCsa+T\nTS0Y+fEZZ5rOQO3nI3voDULvf1yDvWsJTJW8qi3RjtGlR3P3M0JwONF0xZUwtSal\nMOLWwNjZrC33LIuGoD4M+43/y62xkdXIE4CHXTo3annRPnktkdYxTVfIYUXH8JDA\ng7++dIE4ZaN41Eg2mWCt3SSry9BqrMhEcY7YyuVyzJnv59cGCi5sDnQHGlXs1xJG\n/5QSyhID9+J2RRtu4sZ+5aLIvcIkMsNhul0mbfTRr34f9MGqYv9mkuzHUC/ppykG\nOv1ZJ0PWMIX4WCMXLKSi5Ii4Eayrev4BZk6WtXnvgX+EY9j+/85o+XgvyaX1Z7hE\nPBYZ9E8aCK/7kzIK4tgXviECAwEAAQ==\n-----END RSA PUBLIC KEY-----\n";

public_key = RSA.importKey(public_key_string)
cipher_rsa = PKCS1_OAEP.new(key=public_key, hashAlgo=SHA256)
text = "test"
encrypted_data = cipher_rsa.encrypt(text.encode())

Am I using it wrong? Thanks.

sssemil commented 10 months ago

Thanks!

Answer 1 · 2023-11-25T13:55:36.000Z

I'm not sure where you got this key, but it's malformed.

Specifically, it's an X.509 SPKI public key (a.k.a. the public key of PKCS#8) which has been mislabeled with PKCS#1 PEM boundaries.

It should be encapsulated as "BEGIN PUBLIC KEY"/"END PUBLIC KEY", as used by SPKI keys, NOT "BEGIN RSA PUBLIC KEY", which is used for PKCS#1 keys only.

Once you've fixed the encapsulation boundaries, it should decode fine, just follow the example here: https://docs.rs/rsa/latest/rsa/#pkcs8-rsa-key-encoding

I don't know why Python lets you decode it, but it seems to be completely ignoring the malformed PEM encapsulation boundaries.