從字符串到java.security.PublicKey對象gaves我非法字符

Question

我有這樣的方法：

public static PublicKey getKey(String key){ 
    try{ 
     byte[] byteKey = Base64.getDecoder().decode(key.getBytes()); 
     X509EncodedKeySpec X509publicKey = new X509EncodedKeySpec(byteKey); 
     KeyFactory kf = KeyFactory.getInstance("RSA"); 

     return kf.generatePublic(X509publicKey); 
    } 
    catch(Exception e){ 
     e.printStackTrace(); 
    } 

     return null; 
    } 
} 

這應該（從Salesforce public key endpointñ財產的人在這個JSON）轉換的公共密鑰。在我的鑰匙應該是孩子208，但是：

getKey("pTSWJvy04hAU7ev7wmaTvpwHsEbseuPl0AlwoxPHnmoOIMATRT0eTqYpLJxDp4BHRFxDTrcUKHKVHGIAVut_-l6nkEI6ALOVW9C5PP9bXwqeHJ5tiGA6AMpaY1LsJJOd2lgExr0LHUPF2TtO4LOVmlptyGPTRSWhmRpPSc5bjGFsyTFr78WmeixjEts9icAUCiBDdpwVw9qVdjJPsufyimqp8os5htm-DB_qKsnRwABVSQRKLw2y7Mr7NP31R07Mpr108dLS5Et8tKnFoiX0MHf5BbA50NG3DtyT27nSa14T0IvSWYJQhxPWXYtuXkVldpbZZn8E2B1VpcDXXGnSPXoPstE9BU7w1RaF31UeEsE8sWDFdHgJMUYMfWjxVhdJB_NaVUt7v0X9QPffXcFPWKUUeVx0g_ONMz0bB_HltFSODWJeAvcZXk14u4sjpKXNIiK8dJzMe0Qn10m5nIdVtxzXfKHiDNobX1dMENDplhDMVk1eYS9x8dh90qt68Q59vKusm6iMjSaXtzwMfqJBwNck41e9Pie2m_cdSu-RIq1u3FScGkezzqNvIuzcse2y-6ApHkkaFMVsNw3CbD87LtVgNusuom38UVC1rS0LeLYFinU3hnFwvB1UCv1_0Cs8CmrOmdifqd25aZIDf5p8f3kowq3QY1mNtdQc9-HgZ3k"); 

返回我一個錯誤：

java.lang.IllegalArgumentException: Illegal base64 character 5f at java.util.Base64$Decoder.decode0(Base64.java:714) at java.util.Base64$Decoder.decode(Base64.java:526) at testJwt.testJwt.App.getKey(App.java:52) at testJwt.testJwt.App.main(App.java:76)

我能做些什麼？我做錯了什麼？

Answer 1

您擁有的數據不是完整的RSA公鑰，而只是模數或「n」值。 「e」值是公鑰的另一部分。這裏是代碼片段來說明它。

import java.math.BigInteger; 
import java.security.KeyFactory; 
import java.security.PublicKey; 
import java.security.spec.RSAPublicKeySpec; 
import java.util.Base64; 

public class Main { 

    public static void main(String[] args) throws Exception { 
     String jsonN = "pTSWJvy04hAU7ev7wmaTvpwHsEbseuPl0AlwoxPHnmoOIMATRT0eTqYpLJxDp4BHRFxDTrcUKHKVHGIA" + 
       "Vut_-l6nkEI6ALOVW9C5PP9bXwqeHJ5tiGA6AMpaY1LsJJOd2lgExr0LHUPF2TtO4LOVmlptyGPTRSWhmRpPSc5" + 
       "bjGFsyTFr78WmeixjEts9icAUCiBDdpwVw9qVdjJPsufyimqp8os5htm-DB_qKsnRwABVSQRKLw2y7Mr7NP31R0" + 
       "7Mpr108dLS5Et8tKnFoiX0MHf5BbA50NG3DtyT27nSa14T0IvSWYJQhxPWXYtuXkVldpbZZn8E2B1VpcDXXGnSP" + 
       "XoPstE9BU7w1RaF31UeEsE8sWDFdHgJMUYMfWjxVhdJB_NaVUt7v0X9QPffXcFPWKUUeVx0g_ONMz0bB_HltFSO" + 
       "DWJeAvcZXk14u4sjpKXNIiK8dJzMe0Qn10m5nIdVtxzXfKHiDNobX1dMENDplhDMVk1eYS9x8dh90qt68Q59vKu" + 
       "sm6iMjSaXtzwMfqJBwNck41e9Pie2m_cdSu-RIq1u3FScGkezzqNvIuzcse2y-6ApHkkaFMVsNw3CbD87LtVgNu" + 
       "suom38UVC1rS0LeLYFinU3hnFwvB1UCv1_0Cs8CmrOmdifqd25aZIDf5p8f3kowq3QY1mNtdQc9-HgZ3k"; 
     String jsonE = "AQAB"; 

     byte [] nBytes = Base64.getUrlDecoder().decode(jsonN); 
     byte [] eBytes = Base64.getUrlDecoder().decode(jsonE); 

     BigInteger n = new BigInteger(1, nBytes); // need to use the sign-magnitude constructor 
     BigInteger e = new BigInteger(1, eBytes); 

     RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(n, e); 
     KeyFactory rsaKeyFactory = KeyFactory.getInstance("RSA"); 
     PublicKey rsaPub = rsaKeyFactory.generatePublic(rsaPublicKeySpec); 
     System.out.println(rsaPub); 
    } 
} 

而不是手動做這件事，我會尋找一個庫，已經這樣做，雖然庫建議是在stackoverflow脫離主題。

Answer 2

您似乎在Base64字符串中有_和-（而不是/和+）。然後它是URL安全編碼Base64：

Base64.getUrlDecoder().decode(key.getBytes())