I started developing an app in node.js for the german Sparkasse (banking provider). They provide an API to their service. German Link to their API
in the secondstep I get a RSA-2048-SHA1 publickey from their server. in the fourth step, I should use that public key, to encrypt a session key created in step 3. but when encrypting with:
var key = 'password';
var sha256 = crypto.createHash('sha256');
sha256.update(key);
var iv = new Buffer([0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);
var cipher = crypto.createCipheriv('aes-256-cbc', sha256.digest(), iv);
let sessionKey = cipher.final('base64')
let publicKey = response.publicKey.value
crypto.publicEncrypt(publicKey,new Buffer(sessionKey))
I get the following Error message, that I think is from OpenSSL. I don't really know how to fix that issue as I cannot evaluate if the publicKey I get from the API is valid.
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
The public key you received is in the wrong format. It needs to be a "PEM" formatted key. You'll have to convert it by wrapping it in "BEGIN ..." and "END..." lines, and possibly splitting into 64 character lines.
Here is an example of a properly formatted public key:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytBCDJR5/6JAlB7ErBge
22YwN/u0K63wrnCMLde+hQQCYs7pBuYtbyxXF2PBFuHS+ytD9PSpY9t3NiGbk/9U
s9GYCnqaK+vg2hz+T86LjJVkTJe0HWuE6g+HQ9GjyDGiO7ZBQw31HKxHYA2cMMVj
tiO97VKLR9Fp6c6X33uNtdAaUZg57PjyNl6TjPwc52tJz8H5g0aV4tYelsTMaSSE
4nVwPLBoDzZaT84ktW1RuGToC4gEB/bctFrRBVaxp/KSebpds9P2xGMVweWgrvml
cLnHGLKBxcCxh9kbgHS/nrgYXPjj92hxk2se/C7QmYeRSUs4ikEWO06NJ7Cgk+bQ
8wIDAQAB
-----END PUBLIC KEY-----