Hello,
Thanks for your anwers ,
@ sferey , yes on the card i use pkcs1:
rsa_KeyPair = new KeyPair( KeyPair.ALG_RSA_CRT,
KeyBuilder.LENGTH_RSA_1024 );
rsa_KeyPair.genKeyPair();
rsa_PublicKey = (RSAPublicKey) rsa_KeyPair.getPublic();
rsa_PrivateCrtKey = (RSAPrivateCrtKey) rsa_KeyPair.getPrivate();
cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
here is th crypt fonction that work well in the card ( like the decrypt
fonction) :
private void encryptRSA(APDU apdu)
{
byte a[] = apdu.getBuffer();
short byteRead = (short) (apdu.setIncomingAndReceive());
cipherRSA.init(rsa_PrivateCrtKey, Cipher.MODE_ENCRYPT);
short cyphertext = cipherRSA.doFinal(a, (short) dataOffset,
byteRead, a,
(short) dataOffset);
// Send results
apdu.setOutgoing();
apdu.setOutgoingLength((short) cyphertext);
apdu.sendBytesLong(a, (short) dataOffset, (short) cyphertext);
}
Yes the format of the ciphertext is 128 bytes, i have tried with nopaddind
on the pc and no padding on both , and it doesn't even want to crypt and the
program stop after setting the modulus and the exponent
just by changing this 2 lines :
cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false);
and on the pc:
cipher =Cipher.getInstance("RSA/None/NoPadding");
I have some exams this days , so i hadn't time to try your other solutions ,
but i'll do it next week ...
thanks a lot
sferey wrote:
>
> jose85 a écrit :
>>
>> Hello ,
>
> Hello,
>
>> I have exported the public key of my cyberflex 32k card
>> by sending the values of the modulus and the exponent to the pc, i put
>> these
>> values into 2 arrays of bytes (the card sent a exp which size is 3 bytes
>> and
>> a mod of 128 bytes)
>> i have converted the bytes arrays of the "exp" and the "mod" into
>> Biginteger
>> like it suggerated in the java doc
>> but the the message encrypted is different all the time whereas the
>> modulus
>> and the exponent received from the card are all time the same,
>
> The ciphertext SHALL be different for each RSA Public Key encryption
> since you're using a PKCS#1 type 2 padding.
> The goal of that padding is a) to make plaintext as wide as the key
> (so 1024 bits here) and b) to insert random text to avoid some attacks.
>
> The padding does consist in the following byte stream:
> 00 02 <random bytes> 00 <text to wrap>
> so your results are normal.
>
>
>> here is the snippet of the code that make problem:
>>
>> BigInteger Exp = new BigInteger(1, exp);
>> BigInteger Mod = new BigInteger(1, mod);
>>
>> RSAPublicKeySpec pubKeySpec;
>> KeyFactory keyFactory;
>> PublicKey pubKey;
>> try {
>> Cipher cipher =Cipher.getInstance("RSA/ECB/PKCS1Padding");
>
> is "ECB" expected here ??
> 'ECB', 'CBC', ... are relevant for blocks cipher engine only
> (meaning mainly symmetric keys based engine).
>
>> RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(Mod,Exp);
>> KeyFactory keyFactory = KeyFactory.getInstance("RSA");
>> PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
>>
>> cipher.init(Cipher.ENCRYPT_MODE,pubKey);
>> byte[] env={0x01,0x02,0x03,0x04};
>> byte[] encrypted = cipher.doFinal(env);
>
> apparently so far, so good.
>
>> so of course when i send this encrypted array to the card she isn't able
>> to
>> decrypt it : --------> erreur 6F00
>
> ("of course" ??)
> a "good" card application shall never return 6F00 which means
> unhandled exception, this is the first evidence that the applet
> code is not clean and possibly buggy.
>
>> note that the encryption an decryption work well in the card , but not if
>> i
>> crypt on the pc
>
> for which algo ? does the card also use RSA-PKCS#1 or the (poor)
> RSA-X509 (no padding) mode ?
>
> what is the format of the ciphertext returned by the card ?
> is it simply 128 bytes or does some extra padding inserted ?
>
>> it's a java problem
>
> I don't think so; more likely a JavaCard problem.
> One possible issue is cryptography of course but there are also
> dozens of possible errors with sequence error, data field format
> & content from the card side; you should try more computation
> with the card (it is able to encrypt (wrap) and decrypt (unwrap)
> with different mechanisms - basically you can wrap in PKCS1 then
> unwrap in X509 to check data padding by the card, also you can
> encrypt (in raw X509 or PKCS#1, type 1) with card private key
> and decrypt in PC with the public key (in RAW mode) to verify
> card exponentiation and optional padding.
>
> once you are sure which operation are supported by the card
> and which formats it except you will have no trouble to use it
> together with PC Java code.
>
> Sylvain.
>
>
> _______________________________________________
> Muscle mailing list
> [email protected]
> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
--
View this message in context:
http://www.nabble.com/Export-RSA-public-key-out-of-the-card-tp23239829p23332505.html
Sent from the MuscleCard mailing list archive at Nabble.com.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
