Thanks to all for putting up with my rantings again. I've come to the
root of the problem and it had bugger all to do with Crypto++. For those
who are interested, opening an RSA public key (saved in X509, DER-
encoded format) in Java, that was generated and saved using Crypto++, is
achieved simply like this:
KeyFactory factory = KeyFactory.getInstance ("RSA");
X509EncodedKeySpec specification =
new X509EncodedKeySpec (X509);
RSAPublicKey key = (RSAPublicKey)
factory.generatePublic (specification);
Where X509 is a byte[] holding the X509, DER-encoded public key. The
problem I had was with Java's String class constructed by a byte[] in a
different method. For some reason when I accessed the String' internal
byte array with getBytes() - it returned more bytes than it had
originally been constructed with!
Anyway, all works now (got rid of the String object) - and thanks for
your help again.
Regards
Jim Vanns
On Tue, 2005-04-19 at 12:00 +0100, James Vanns wrote:
> In my quest for getting Java to open my Crypto++ RSA 1024-bit public key
> I've noted that RSAFunction inherits from X509PublicKey.
>
> X509PublicKey defines its method DEREncode as:
>
> void DEREncode(BufferedTransformation &bt) const {
> DERSequenceEncoder subjectPublicKeyInfo(bt);
> DERSequenceEncoder algorithm(subjectPublicKeyInfo);
> GetAlgorithmID().DEREncode(algorithm);
> DEREncodeAlgorithmParameters(algorithm);
> algorithm.MessageEnd();
>
> DERGeneralEncoder subjectPublicKey(
> subjectPublicKeyInfo, BIT_STRING);
>
> subjectPublicKey.Put(0); // unused bits
> DEREncodeKey(subjectPublicKey);
> subjectPublicKey.MessageEnd();
> subjectPublicKeyInfo.MessageEnd();
> }
>
> Now, according to ASN1 syntax X509 public keys should be represented as:
>
> SubjectPublicKeyInfo ::= SEQUENCE {
> algorithm AlgorithmIdentifier,
> subjectPublicKey BIT STRING }
>
> So my question is: in the code above why are the algorithm parameters
> included?
> And whats the extra 'unused bits' for? Now, admittedly even though I have a
> modicum of understanding of Cryptography - my knowledge of PK standards is
> practically
> non existent so I apologise in advance for any misunderstandings on my part.
>
> I'm just trying to get Java to import my friggin key!! Java throws a BER
> Decode error, is this normal?
> To decode a DER encoded key with a BER decoding algorithm? I'm guessing it is.
>
> Any comments on my rantings above?
>
> Cheers (again),
>
> Jim
>
--
James Vanns BSc (Hons) MCP
Linux Systems Administrator
Software Engineer (Linux / C & C++)
Canterbury Christ Church University College
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x24045370
