Add tests for bad keys

Author: Dave Syer

src/main/java/org/springframework/security/rsa/crypto/RsaKeyHelper.java

@@ -62,11 +62,16 @@ class RsaKeyHelper {
 			's', 'a' };
 
 	static KeyPair parseKeyPair(String pemData) {
-		Matcher m = PEM_DATA.matcher(pemData.replaceAll("\n", "").trim());
+		Matcher m = PEM_DATA.matcher(pemData.replaceAll("\n *", "").trim());
 
 		if (!m.matches()) {
 			try {
-				return new KeyPair(extractPublicKey(pemData), null);
+				RSAPublicKey publicValue = extractPublicKey(pemData);
+				if (publicValue == null) {
+					throw new IllegalArgumentException(
+							"String is not PEM encoded data, nor a public key encoded for ssh");
+				}
+				return new KeyPair(publicValue, null);
 			} catch (Exception e) {
 				throw new IllegalArgumentException(
 						"String is not PEM encoded data, nor a public key encoded for ssh");

src/test/java/org/springframework/security/rsa/crypto/RsaKeyHelperTests.java

@@ -37,4 +37,26 @@ public void parsePrivateKey() throws Exception {
 		assertEquals("RSA", result.getPrivate().getAlgorithm());
 	}
 
+	@Test
+	public void parseSpaceyKey() throws Exception {
+		String pem = StreamUtils.copyToString(new ClassPathResource("/spacey.pem", getClass()).getInputStream(),
+				Charset.forName("UTF-8"));
+		KeyPair result = RsaKeyHelper.parseKeyPair(pem);
+		assertTrue(result.getPrivate().getEncoded().length > 0);
+		assertEquals("RSA", result.getPrivate().getAlgorithm());
+	}
+
+	@Test
+	public void parseBadKey() throws Exception {
+		// ssh-keygen -m pem -b 1024 -f src/test/resources/fake.pem
+		String pem = StreamUtils.copyToString(new ClassPathResource("/bad.pem", getClass()).getInputStream(),
+				Charset.forName("UTF-8"));
+		try {
+			RsaKeyHelper.parseKeyPair(pem);
+			throw new IllegalStateException("Expected IllegalArgumentException");
+		} catch (IllegalArgumentException e) {
+			assertTrue(e.getMessage().contains("PEM"));
+		}
+	}
+
 }

src/test/resources/bad.pem

@@ -0,0 +1,2 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwClFgrRa/PUHPIJr9gvIPL6g6Rjp/TVZmVNOf2fL96DYbkj5

src/test/resources/spacey.pem

@@ -0,0 +1,25 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwClFgrRa/PUHPIJr9gvIPL6g6Rjp/TVZmVNOf2fL96DYbkj5
+4YbrwfKwjoTjk1M6gLQpOA4Blocx6zN5OnICnVGlVM9xymWxTxxCfc2tE2Fai9I1wchULCChhwm/UU5ZNi3KpXinlyamSYw+lMQkZ8gTXCgOEvs2j9E1quF4pvy1BZKvbD8tUnUQlyiKRnI6gOxQL8B6OAYPRdaa9FVNmrs1B4eDPG918L2f1pT090P1n+tw
+iejNgQvtSD78/A88qt89OhzscsufALTrBjycn89kkfBd0zbVLF0W6+ZVLZrf97/y
+LCoGSCcZL9LFPNvNqxOnleviDco7aOs4stQ9jQIDAQABAoIBAQC1TbthyN0YUe+T
+        7dIDAbbZaVrU00biOtXgzjMADmTprP7Hf18UpIIIKfzfWw6FUD+gc1t4oe5pogE9
+UwGMXUmOORxu2pMYTb5vT9CEdexYnsAZsCo8PdD9GYSNrmquQef2MFpEqYQmHrdC
+                KWpaXn2i1ak+iCRPUGp4YwHpynZVxfE8z/AIsPn6NPDh6SnCXb1rTgQe2UCfXm93
+UJe5F/OR2kQi5KFO+dxLmCOBCwr6SGCLH+VotGpuxCVRUd9sJ/d4QpDZEgjuf7Ug
+eQHfgMDS/tc09B9rl0dwKnEa31kcQ9X9KLkKP+w0Pqhh0Emny20eg9jS6XNayg61
+p/LQtW9BAoGBAO5veKMIcXfZmuh11WIIhdhLKkNtYyt5NDmrV8/IVScLFvjB0ftt
+8PAtXo/ekOHkyITyIumQ9l4VCvacNw7DyV9FYk4WvrvVYOCL8aZi+O5+12NT67eO
+Rr/voGlRoV05X7+inc90qbbYJ8lRmLSqvzmsm98mkuhw/FKGRhVZIfAJAoGBAM5R
+            I5vK6cJxOwXQOEGOd5/8B9JMFXyuendXo/N2/NxSQsbx4pc3v2rv/eGJYaY7Nx/y
+2M/vdWYkpG59PAS3k2TrCA/0SGmyVqY+c8BomKisU5VaBlIPfGuec9tDPgWCp8Ur
+3Jjt/2sVoa0vMkqymUqMb9HyH9tdI9oyh7EOOrplAoGAR6DlNNUMgVy11K/Rcqns
+y5WJFMh/ykeXENwQfTNJoXkLZZ+UXVwhzYVTqxTJoZMBSi8TnecWnBzmNj+nqp/W
+    lvBZH+xlUDhB6jMgXUPOVJd2TTigz3vGdVKfdgQ33bGmugM4NWJuuacmDKyem2fQ
+    GptoGBmWeI24v3HnC/LC50ECgYAz0iN8hRnz0db+Xc9TgAJB997LDnszJuvxv9yZ
+    UWCvwiWtrKG6U7FLnd4J4STayPLOnoOgrsexETEP43rIwIdQCMysnTH3AmlLNlKC
+    mIMHksknsUX3JJaevVziTOBuJ+QV3S96ZgUKk5NZWYprQrLIC8AmXodr5NgVfS2h
+    5i4QFQKBgFfbYHiMw5AAUQrBNkrAjLd1wIaO/6qS3w4OsCWKowhfaJLEXAbIRV7s
+vAtgtlCovdasVj4RRLXFf+73naVTQjBZI+3jWHHyFk3+Zy86mQCSGv9WuDVV1IhS
+h8InTVvK8wgdgX7qiw3pvU0roqNW4/j4j8OqJO3Zt4KO2iX8htsO
+-----END RSA PRIVATE KEY-----