publicKeyFromPEMString error code 500

[rustymagnet3000]

Hi @ldiqual, thanks for this library. Very cool.
Is there an issue with the latest commit and publicKeyFromPEMString(pubString)?

In my Swift playground, I found the following:
privateKeyFromPEMString works.
publicKeyFromDERData works.
publicKeyFromPEMString fails.

Example to show you the error:

let rsa = SwiftyRSA()
let pubPath: String = NSBundle.mainBundle().pathForResource("public", ofType: "pem")!

if NSFileManager().fileExistsAtPath(pubPath) {
    do {
        let pubString = try NSString(contentsOfFile: pubPath, encoding: NSUTF8StringEncoding) as String
                    print(pubString)
       // let pubKey = try rsa.publicKeyFromPEMString(pubString)

    } catch let error as NSError {
        print(error.code)
        print(error.description)
    }
}

[ldiqual]

@youdy3000 Thanks for the kind words!

Would you mind sending me an example of public key that fails with publicKeyFromPEMString? Here's the test that covers this case: https://github.com/TakeScoop/SwiftyRSA/blob/master/SwiftyRSATests/SwiftyRSATests.swift#L48-L67

[ldiqual]

@youdy3000 Bump

[rustymagnet3000]

@ldiqual nothing clever from my side. The pub key that generated the error was created using your readme instructions.

$ ssh-keygen -t rsa -f ~/mykey -N ''
$ cat ~/mykey > ~/private.pem
$ ssh-keygen -f ~/mykey.pub -e -m pem > ~/public.pem

[ldiqual]

@youdy3000 I see. I'm unable to reproduce on my end, would you mind sending me your playground as well as the keys you're using? (make sure to use new keys so you don't leak anything). I'd suggest https://transfer.sh/.

[quentinlesceller]

Hi @ldiqual, I have the same problem. Your test key pass the test.
However, other RSA 2048 public key such as this one (created with SSH keygen) :

-----BEGIN PUBLIC KEY-----
MIIBCgKCAQEA5OpjaaBs0V0ZB8XluWLyA4B2wJPPPdtoWaNnS1zU1aqoKn1p/c00
3hWOg1xFzcfy52COATAwk5L4nRbE6VOm1dLIXYXIehru5exgdIH+J7EhuPFA/cQO
mKN0igSTAoEreiCkw9mzA2xncV92tiQNLJbUfTdwPy/FRJb9X0ATG+5dLWCStPmS
vFzWCi++mmLC/9VAgj5sKv0UsZB3yTkznSm9ic8QJQ3POnpGQ8KNQ2CHlXp2x00V
GjRs1OQ4gRv5dWfxKZYlowLDkglM1jHs2hKyfX6xOJ1CE8yOQ/C39Anwkh+AJ6BA
59X0kA4VPDAXiaUf98a8gaD3S2+iL/C8yQIDAQAB
-----END PUBLIC KEY-----

or this one (created with CommonCrypto) :

-----BEGIN PUBLIC KEY-----
MIIBCgKCAQEAwaDfo2f7wqX9btWgceAqSwYX4ZxrWtEbthGS540hLxCnYgCEo87W
YIlBNNTkdbrXeG+h1Ah4aD/Rt6GtnAVCt6ZmRXonAVnaxAziWy6ufM2AfTGuclyj
lPkPu1xbpQBUW5nFRan+CO/wCl8jRXYz4duE7V6QjvdIqQ+N/Mr/MZywM0cF6gEq
8VqgkNF6kzAVnJr8knXGELubfGExeHbcc4bHI4hcEA93TBmDD0da0empkl+cqaac
4BgaIU3y63X9E+alRrjI7WmeM6hSEkK35CcRBmrsItJd1F1W+U0xcNbywlFk0trO
0xxzljuoha3LcG9AhmuCZkM+1RYdxQ5LOwIDAQAB
-----END PUBLIC KEY-----

Will not pass the stripPublicKeyKeader function. The first one fails at the test byteArray[0] != 0x30, the second public key will not pass the test "byteArray[19] != 0x03".

[ldiqual]

@quentinlesceller Interesting, maybe it's 1024bits vs 2048bits that doesn't work. Will take a look.

[ldiqual]

Update on this issue. I investigated for a bit, and I can't really find why your public keys are missing the necessary bytes. However I stumbled upon this post on Stackoverflow that explains the "right way" to import public keys (by creating a self-signed certificate), and I'm leaning towards modifying SwiftyRSA to use this method. I'll give it a shot when I have a bit more time. Thanks for your patience!

[quentinlesceller]

Hi @ldiqual , I also investigated this issue and tried a lot of different librairies in order to import a 2048 RSA Public key.
I found this https://digitalleaves.com/blog/2015/10/sharing-public-keys-between-ios-and-the-rest-of-the-world/ on DigitalLeaves where the developper face a similar problem.
I fixed my solution by using https://github.com/btnguyen2k/swift-rsautils which allowed me to import the public key to the keychain. His stripPrivateKeyHeaderfunction worked with my keys. Maybe you can adapt your code with that.

[ldiqual]

@quentinlesceller Thanks a lot for sharing! Will take a look

[ldiqual]

@quentinlesceller I tried to strip the key headers with RSAUtils and it failed on both of your keys. I also tried with stripPrivateKeyHeader since you were referring to that function in your comment, but it didn't work. Would you mind sharing a project example that parses your keys with RSAUtils? Maybe I'm missing something

[quentinlesceller]

Yes sorry, I was obviously talking about stripPublicKeyHeader. I might know why this isn't working. I will keep you updated.

[ldiqual]

@quentinlesceller I think I figured it out. Your key doesn't have a header at all, as you can see in this ASN.1 parser: https://lapo.it/asn1js/#3082010A0282010100C1A0DFA367FBC2A5FD6ED5A071E02A4B0617E19C6B5AD11BB61192E78D212F10A7620084A3CED660894134D4E475BAD7786FA1D40878683FD1B7A1AD9C0542B7A666457A270159DAC40CE25B2EAE7CCD807D31AE725CA394F90FBB5C5BA500545B99C545A9FE08EFF00A5F23457633E1DB84ED5E908EF748A90F8DFCCAFF319CB0334705EA012AF15AA090D17A9330159C9AFC9275C610BB9B7C61317876DC7386C723885C100F774C19830F475AD1E9A9925F9CA9A69CE0181A214DF2EB75FD13E6A546B8C8ED699E33A8521242B7E42711066AEC22D25DD45D56F94D3170D6F2C25164D2DACED31C73963BA885ADCB706F40866B8266433ED5161DC50E4B3B0203010001

So I think all we need to do is send the raw key if we don't detect a header, I'll try to experiment with this.

[ldiqual]

@quentinlesceller I got it to work by skipping the header strip if there is no header at all. I'll commit my changes and add more tests to handle this case