9 Replies Latest reply: Apr 30, 2012 2:01 PM by 893199 RSS

    RSA off card error { message is larger than modulus}

    rohit007
      512 bit rsa keys here:-
      
      byte[] p              ={(byte) 0xd2,(byte) 0x94,(byte) 0xe8,(byte) 0x98,(byte) 0x92,(byte) 0x0a,(byte) 0xa2,
                                   (byte) 0xec,(byte) 0x99,(byte) 0x67,(byte) 0xf1,(byte) 0x06,(byte) 0x05,(byte) 0x61,
                                   (byte) 0x0e,(byte) 0xa8,(byte) 0x1d,(byte) 0x9e,(byte) 0x5d,(byte) 0x87,(byte) 0xcf,
                                   (byte) 0x29,(byte) 0x59,(byte) 0x5b,(byte) 0x33,(byte) 0x20,(byte) 0x50,(byte) 0xc8,
                                   (byte) 0xe4,(byte) 0xf2,(byte) 0xef,(byte) 0x03 };
           
           byte[] q           ={(byte) 0xae,(byte) 0xf9,(byte) 0xc7,(byte) 0xb9,(byte) 0x43,(byte) 0xdd,(byte) 0x3b,
                                   (byte) 0xb0,(byte) 0xd1,(byte) 0xe8,(byte) 0xc4,(byte) 0x32,(byte) 0xea,(byte) 0x02,
                                   (byte) 0xdc,(byte) 0x29,(byte) 0x0a,(byte) 0xa1,(byte) 0x83,(byte) 0x8b,(byte) 0x59, 
                                   (byte) 0x8b,(byte) 0xe5,(byte) 0xca,(byte) 0xc4,(byte) 0x5c,(byte) 0x95,(byte) 0xbe,
                                   (byte) 0xfb,(byte) 0x7c,(byte) 0xde,(byte) 0xd1 };
           
           byte[] modulus_pq ={(byte) 0x8f,(byte) 0xee,(byte) 0xad,(byte) 0x38,(byte) 0x15,(byte) 0xe6,(byte) 0xeb,
                                 (byte) 0x63,(byte) 0x95,(byte) 0x50,(byte) 0x7c,(byte) 0xc0,(byte) 0xd9,(byte) 0x66,
                                 (byte) 0xf8,(byte) 0xdc,(byte) 0x68,(byte) 0x6f,(byte) 0x9d,(byte) 0xa4,(byte) 0x87,
                                 (byte) 0xb3,(byte) 0x80,(byte) 0x29,(byte) 0xd8,(byte) 0xc7,(byte) 0xe9,(byte) 0x48,
                                 (byte) 0xcf,(byte) 0xae,(byte) 0x7b,(byte) 0x20,(byte) 0xed,(byte) 0xe6,(byte) 0xf5,
                                 (byte) 0x37,(byte) 0xe1,(byte) 0x01,(byte) 0x58,(byte) 0xf7,(byte) 0xe9,(byte) 0x3d,
                                 (byte) 0x88,(byte) 0x87,(byte) 0xe9,(byte) 0x2a,(byte) 0x06,(byte) 0x27,(byte) 0xbe,
                                 (byte) 0x73,(byte) 0x10,(byte) 0x05,(byte) 0x11,(byte) 0x28,(byte) 0xec,(byte) 0xac,
                                 (byte) 0x5f,(byte) 0xb7,(byte) 0x63,(byte) 0xcb,(byte) 0x4c,(byte) 0x0d,(byte) 0xbb,
                                 (byte) 0x73 };
           byte[] exponent_enc={(byte) 0x01, (byte) 0x00, (byte) 0x01 };
           
           byte[] exponent_dec={(byte) 04,(byte) 0x81,(byte) 0x20,(byte) 0xb4,(byte) 0xa7,(byte) 0xa2,(byte) 0xd1,
                                  (byte) 0x6d,(byte) 0x0d,(byte) 0x68,(byte) 0x36,(byte) 0x6f,(byte) 0x46,(byte) 0x9e,
                                  (byte) 0x7d,(byte) 0x5d,(byte) 0x50,(byte) 0x7b,(byte) 0x65,(byte) 0xc0,(byte) 0x97,
                                  (byte) 0x6a,(byte) 0x9b,(byte) 0xb1,(byte) 0x33,(byte) 0x92,(byte) 0x96,(byte) 0x0f,
                                  (byte) 0x6c,(byte) 0x48,(byte) 0x76,(byte) 0x9b,(byte) 0xf6,(byte) 0x25,(byte) 0x11,
                                  (byte) 0x0a,(byte) 0xed,(byte) 0xff,(byte) 0xff,(byte) 0x1f,(byte) 0x43,(byte) 0xdf,
                                  (byte) 0x9c,(byte) 0x81,(byte) 0x55,(byte) 0x39,(byte) 0xc8,(byte) 0xf3,(byte) 0x3d,
                                  (byte) 0xc2,(byte) 0x1e,(byte) 0x4e,(byte) 0xfd,(byte) 0xca,(byte) 0x58,(byte) 0xfc,
                                  (byte) 0xe2,(byte) 0xd8,(byte) 0x29,(byte) 0xc1,(byte) 0x69,(byte) 0x65,(byte) 0xc8,
                                  (byte) 0xe1};
           
      for on card when i am using this key for Encryption and decryption , it is working fine, but i need to encrypt on card by public key and decrypt off card by private key.

      on card code for encryption-
      public void encryption(APDU apdu)
      {
      
                rsa_public_key =(RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC , KeyBuilder.LENGTH_RSA_512, false);
                rsa_public_key.setModulus(modulus_pq, (short) 0, (short) 64);
                rsa_public_key.setExponent(exponent_enc, (short) 0, (short) 3);
                     byte[] buffer = apdu.getBuffer();
                     cipher=Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false);
                     cipher.init(rsa_public_key, Cipher.MODE_ENCRYPT);
                     short lc=  (short) (buffer[ISO7816.OFFSET_LC] & 0xff );
                     apdu.setOutgoing();
                     processed_length = cipher.doFinal(buffer, ISO7816.OFFSET_CDATA, lc, encrypted_cipher, (short) 0);
                     apdu.setOutgoingLength(processed_length);
                     apdu.sendBytesLong(encrypted_cipher, (short) 0, processed_length);
      off card i m generating a 10 byte number And with this making a array of 64 byte { use dummy bytes like 0x00 }and send it to card to encrypt, it return 64 byte , here i am using this 64 byte to decrypt by private key { given above}

      off card code is
      1- code for generate random data.
      // GENERATE RANDOM DATA
                     byte[] GENERATE_RANDOM_DATA = {(byte) 0x80,(byte) 0x21,(byte) 0x00,(byte) 0x00, (byte) 0x01 , (byte) 0x0f };
                     CommandAPDU cmdapdu2= new CommandAPDU(GENERATE_RANDOM_DATA);
                     System.out.println("send APDU comand is--");
                     for ( int i=0; i< GENERATE_RANDOM_DATA.length; i++)
                     {
                          System.out.format(" %02X  ",GENERATE_RANDOM_DATA);
                     }
                     ResponseAPDU r2 = channel.transmit(cmdapdu2);
                     System.out.println(r2);
                     byte[] random_data = r2.getData();


      2- code for encryption-
      CommandAPDU DECRYPT_APDU= new CommandAPDU((int) 0x80, (int) 0x23, (int) 0x00, (int) 0x00, random_data);
                     System.out.println("send APDU comand is--");
                     System.out.println("0x80");
                     System.out.println("0x22");
                     System.out.println("0x00");
                     System.out.println("0x00");
                     for ( int i=0; i< random_data.length; i++)
                     {
                          System.out.format(" %02X  ",random_data);
                     }
                     ResponseAPDU r3 = channel.transmit(DECRYPT_APDU);
                     System.out.println(r3);
                     byte[] decrypted_data = r3.getData();// here it will get 64 byte of encrypted data.


      3- code for decryption (off card)
      BigInteger modulus = new BigInteger (modulus_pq);
                     BigInteger exponent = new BigInteger (exponent_dec);
                     
                     key_factory = KeyFactory.getInstance("RSA");
                     
                     RSAPrivateKeySpec rsa_private_key_spec = new RSAPrivateKeySpec(modulus,exponent);
                     rsa_private_key = (RSAPrivateKey) key_factory.generatePrivate(rsa_private_key_spec);
                     
                     
                     cipher = Cipher.getInstance("RSA");// what should i write here????????????????????????
                     cipher.init(Cipher.DECRYPT_MODE, rsa_private_key);
                     byte[]  input = { (byte) 0x10,(byte) 0x10,(byte) 0x10,(byte) 0x10,(byte) 0x10 };
                     int size_modulus = modulus_pq.length;
                     int size_cipher = Decrypted_Data.length;
                     byte[] output = cipher.doFinal(Decrypted_Data);
      error
      when i am trying to run this - i got a error on last line, like- Javax.crypto.BadPaddingException:- Message is larger than modulus

      lines-
      key_factory = KeyFactory.getInstance("RSA");
      cipher = Cipher.getInstance("RSA/ECB/NoPadding");
      are bothering me because i am unable to find out right string in ().
      suggesstion for anyone would be means a lot for me....

      Edited by: rohit pathak on Apr 4, 2012 9:48 PM

      Edited by: rohit pathak on Apr 5, 2012 12:35 PM

      Edited by: rohit pathak on Apr 9, 2012 11:20 AM
        • 1. Re: RSA off card error { message is larger than modulus}
          rohit007
          After wondering here and there finally i got the solution, I just do nothing but add a byte 0x00 at start of modulus and it is working fine.........
          -- it is party today.
          • 2. Re: RSA off card error { message is larger than modulus}
            801926
            yeah. otherwise it's negative
            • 3. Re: RSA off card error { message is larger than modulus}
              rohit007
              lexdabear wrote:
              yeah. otherwise it's negative
              hello lexdabear , actually i solved my problem but i really confuse how i am bound to add 0x00 at start? can u give me your words about it?
              • 4. Re: RSA off card error { message is larger than modulus}
                EJP
                Because your modulus_pq value starts with 0x8f, which has a sign bit, which causes it to be interpreted as a negative number.
                • 5. Re: RSA off card error { message is larger than modulus}
                  932586
                  Hi, could you tell me where you added 0x00?
                  • 6. Re: RSA off card error { message is larger than modulus}
                    rohit007
                    0x00 will be the start byte of modulus...

                    Edited by: rohit pathak on Apr 24, 2012 9:28 PM
                    • 7. Re: RSA off card error { message is larger than modulus}
                      932586
                      Hi,

                      Thanks for your answer but I still have a problem.

                      This is my java code :

                      byte[] mod = {
                                     (byte)0xe2, (byte)0x9a, (byte)0x58, (byte)0x27, (byte)0x54,
                                     (byte)0x2a, (byte)0x49, (byte)0x18, (byte)0xce, (byte)0xe4,
                                     (byte)0x1a, (byte)0x60, (byte)0xdc, (byte)0x62, (byte)0x75,
                                     (byte)0xbd, (byte)0xb0, (byte)0x8d, (byte)0x15, (byte)0xa3,
                                     (byte)0x65, (byte)0xe6, (byte)0x7b, (byte)0xa9, (byte)0xdc,
                                     (byte)0x09, (byte)0x11, (byte)0x5f, (byte)0x9f, (byte)0xbf,
                                     (byte)0x29, (byte)0xe6, (byte)0xc2, (byte)0x82, (byte)0xc8,
                                     (byte)0x35, (byte)0x6b, (byte)0x0f, (byte)0x10, (byte)0x9b,
                                     (byte)0x19, (byte)0x62, (byte)0xfd, (byte)0xbd, (byte)0x96,
                                     (byte)0x49, (byte)0x21, (byte)0xe4, (byte)0x22, (byte)0x08,
                                     (byte)0x08, (byte)0x80, (byte)0x6c, (byte)0xd1, (byte)0xde,
                                     (byte)0xa6, (byte)0xd3, (byte)0xc3, (byte)0x8f, (byte)0x00,
                                     (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00};          
                      byte[] exp = {(byte)0x00, (byte)0x00,(byte)0x00};
                                
                      BigInteger modulus = new BigInteger(mod);
                      BigInteger exponent = new BigInteger(exp);
                      KeyFactory keyFactory;
                      try {
                           keyFactory = KeyFactory.getInstance("RSA");
                           RSAPublicKeySpec rsa_private_key_spec = new RSAPublicKeySpec(modulus,exponent);
                           PublicKey rsa_public_key = keyFactory.generatePublic(rsa_private_key_spec);
                           Cipher cipher = Cipher.getInstance("RSA");
                           cipher.init(Cipher.ENCRYPT_MODE, rsa_public_key);
                           byte[] input = {(byte)0x73, (byte)0x74, (byte)0x75, (byte)0x76 };     
                           byte[] output = cipher.doFinal(input);               
                                     
                      } catch (NoSuchAlgorithmException e) {
                                     // TODO Auto-generated catch block
                                     e.printStackTrace();
                      } catch (InvalidKeySpecException e) {
                                     // TODO Auto-generated catch block
                                     e.printStackTrace();
                      } catch (NoSuchPaddingException e1) {
                                     // TODO Auto-generated catch block
                                     e1.printStackTrace();
                      } catch (InvalidKeyException e) {
                                     // TODO Auto-generated catch block
                                     e.printStackTrace();
                      } catch (IllegalBlockSizeException e) {
                                     // TODO Auto-generated catch block
                                     e.printStackTrace();
                      } catch (BadPaddingException e) {
                                     // TODO Auto-generated catch block
                                     e.printStackTrace();
                      }



                      The key has been created in my javacard applet. The exponent is "00 00 00", it's weird, isn't it? If I run the code, I have the error "Message is larger than modulus".

                      If I add (byte)0x00 in front of the key, I have this output : 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x1

                      which is not correct...

                      Here is my javacard code which create the keys :

                      rsa_KeyPair = new KeyPair( KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_512 );
                           rsa_KeyPair.genKeyPair();
                      rsa_PublicKey = (RSAPublicKey) rsa_KeyPair.getPublic();
                      rsa_PrivateKey = (RSAPrivateKey) rsa_KeyPair.getPrivate();

                      cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);



                      I can get back the modulus and the exponent like this :

                      public void     getModulusPublicKey(APDU apdu){
                           byte a[] = apdu.getBuffer();
                           short size = rsa_PublicKey.getModulus(a, (short)0);
                      apdu.setOutgoing();
                      apdu.setOutgoingLength((short) size);
                      apdu.sendBytesLong(a, (short) dataOffset, (short) size );
                      }

                      public void     getExponentPublicKey(APDU apdu){
                           byte a[] = apdu.getBuffer();
                           short size = rsa_PublicKey.getExponent(a, (short)0);
                      apdu.setOutgoing();
                      apdu.setOutgoingLength((short) size);
                      apdu.sendBytesLong(a, (short) dataOffset, (short) size );
                      }

                      Do you have an idea?

                      Thanks,

                      M.
                      • 8. Re: RSA off card error { message is larger than modulus}
                        932586
                        My javacard applet and my java application work fine when I use keys created by the java application. So I think that the creation of my keys in the javacard applet is not good.
                        • 9. Re: RSA off card error { message is larger than modulus}
                          893199
                          For RSA in general, the length of the data to be encrypted (actually, the "INTEGER" value of the data) must be less than the public modulus length and data.

                          The easy way to get a positive BigInteger from an array of bytes without worrying whether the array begins with a sign bit is to use: "new BigInteger(1, valueArray)". See the javadoc for BigInteger - "1" is a sign value meaning create a positive BigInteger.