1

I'm making a socket program having key exchanging algorithm. This algorithm is very similar with SSL key exchanging in between web browser and web server. These are the steps in this algorithm.

  1. Server makes a socket with client.
  2. If the socket was established, server generates rsa public key, private key, and sends public key to client.
  3. Client receives rsa public key from server, and also generates rsa public key, private key, and sends public key to server.
  4. Server receives rsa public key from server.
  5. Server generates AES secret key, type is string.
  6. Server encrypt AESkey with client's rsa public key.

In this step, i have an error.

Because the type of key server received from client is not RSA Public Key, but byte array.

How can i change byte array to RSA Public key?

or is there the other way to restore RSA public key? like key Factory method in java?

Jungmin Yoon
  • 13
  • 3
  • 2
    Just to make sure you know: your encryption protocol is not safe at all. – Klaus D. Dec 01 '18 at 09:10
  • @KlausD. It is not safe against active attackers / MitM attacks as the public key cannot not be trusted but it is safe against eavesdroppers. So it does provide *some* security, although *practically* speaking this will not be of much use - without additional protection of the public key anyway. – Maarten Bodewes Dec 04 '18 at 12:33
  • @maarten-bodewes Unluckily you can not choose one attack vector and say it is safe if your protocol is immune to it. It has to be immune to all known attack vectors to be safe. That's rather tricky and an implementation requires experience in the area. – Klaus D. Dec 04 '18 at 12:44
  • 1
    Thanks for reminding me on that (check my profile) :P But I don't know his attack vectors nor if there are more parts to this protocol. I just commented because "not safe at all" *could be* overstating it and because it didn't make clear why the protocol is insecure. And I like to tease a bit as well if I cannot help myself :) – Maarten Bodewes Dec 04 '18 at 12:50
  • Code at bottom of this answer helped me: https://stackoverflow.com/a/32804289/257299 – kevinarpe Nov 24 '22 at 02:29

1 Answers1

0

There is X509EncodedKeySpec which can be used for a "RSA" instance of KeyFactory. This takes a byte array that is encoded as a SubjectPublicKeyInfo found in X.509 certificates (hence the name).

There are other ways of encoding a public key. One of the most basic encodings is a PKCS#1 compatible key format. You can see how to handle those kind of keys here as there is no direct support to decode those in Java.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263