From 7d27524a72bbedcab5b30c87ffcf43270e356e10 Mon Sep 17 00:00:00 2001
From: Arthur Chan <arthur.chan@adalogics.com>
Date: Fri, 24 Mar 2023 10:58:04 +0000
Subject: [PATCH 1/2] Wrap illegal state exception

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
---
 .../src/main/java/dev/sigstore/encryption/Keys.java  | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java b/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
index 27fd4058..3fbb9313 100644
--- a/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
+++ b/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
@@ -90,7 +90,17 @@ public static PublicKey parsePublicKey(byte[] keyBytes)
     // otherwise, we are dealing with PKIX X509 encoded keys
     byte[] content = section.getContent();
     EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(content);
-    AsymmetricKeyParameter keyParameters = PublicKeyFactory.createKey(content);
+    AsymmetricKeyParameter keyParameters = null;
+
+    // Ensure PEM content can be parsed correctly
+    try {
+      keyParameters = PublicKeyFactory.createKey(content);
+    } catch (IllegalStateException e) {
+      throw new InvalidKeySpecException("Invlid key, could not parse PEM content");
+    }
+    if (keyParameters == null) {
+      throw new InvalidKeySpecException("Invlid key, could not parse PEM content");
+    }
 
     // get algorithm inspecting the created class
     String keyAlgorithm = extractKeyAlgorithm(keyParameters);

From c13b6d80f5ae1786ab3696529e052e5994752e69 Mon Sep 17 00:00:00 2001
From: Arthur Chan <arthur.chan@adalogics.com>
Date: Fri, 24 Mar 2023 11:01:30 +0000
Subject: [PATCH 2/2] Fix typo

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
---
 sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java b/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
index 3fbb9313..70828428 100644
--- a/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
+++ b/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
@@ -96,10 +96,10 @@ public static PublicKey parsePublicKey(byte[] keyBytes)
     try {
       keyParameters = PublicKeyFactory.createKey(content);
     } catch (IllegalStateException e) {
-      throw new InvalidKeySpecException("Invlid key, could not parse PEM content");
+      throw new InvalidKeySpecException("Invalid key, could not parse PEM content");
     }
     if (keyParameters == null) {
-      throw new InvalidKeySpecException("Invlid key, could not parse PEM content");
+      throw new InvalidKeySpecException("Invalid key, could not parse PEM content");
     }
 
     // get algorithm inspecting the created class