Forum Stats

  • 3,826,581 Users
  • 2,260,667 Discussions
  • 7,897,008 Comments

Discussions

Generate public private keys inside smart card

866769
866769 Member Posts: 4
edited Jun 7, 2011 1:08AM in Java Card
Dear all,

I am using this code to generate public and private key inside the smart card.

KeyPair kp = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_512);
kp.genKeyPair();
PrivateKey prikey = kp.getPrivate();
PublicKey pubkey = kp.getPublic();

This code is executing without errors.

I need to get out the public key from the smart card. So I need to get public key to a byte array.
But I can't get those keys to plain text byte array.

The methods that I can get for pubkey object are

pubkey.clearKey();
pubkey.equals(obj);
pubkey.getSize();
pubkey.getType();
pubkey.isInitialized(); only these.

I am using
Eclipse Version: 3.4.1 (Compiler complience level = 1.4)
Jcop plugin (to communicate with the actual card and to test the java code in virtual card provided by JCOP)
OmniKey5321 card reader (In contactless type)

What is the reason to get only those above methods to pubkey object? Is it a version problem?
How can I get the public key to plain byte array? Is it possible?
If it is not possible Is there a way to get public key as a export certificate or something other solution?

If my scenario is not a possible strategy, How can I use public private keys to send specific data to applet? Is there a better way to do this?

Edited by: 863766 on Jun 6, 2011 12:16 AM
Tagged:

Best Answer

Answers

  • 816119
    816119 Member Posts: 140
    Answer ✓
    RSAPublicKey pubkey = kp.getPublic();
    then
    pubkey.getExponent(...); pubkey.getModulus(...);
  • 866769
    866769 Member Posts: 4
    edited Jun 6, 2011 4:45AM
    Thank you very much!

    I have another thing to clarify.


    I am using below code to generate symmetric key in the code.

    DESKey desKey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);

    I need to get this key in to byte array.

    So I used
    desKey.getKey(keyData, kOff);
    (without this code the above key generation statement works well. No errors)

    When I used this, I am getting
    *<= 6F 00*
    Status: No precise diagnosis

    But sir,
    There is no another way to convert this key to byte array?

    I am new to this technology and I appreciate your help.
    How can I find the error?

    Regards
    Dushantha

    Edited by: 863766 on Jun 6, 2011 1:44 AM
  • 816119
    816119 Member Posts: 140
    edited Jun 6, 2011 5:35AM
    How can I find the error?
    use try/catch statement, it helps to specify the error
    6F00 - means there is an unhandled exception
    the exceptions which can be thrown by desKey method are described in specification
    in your case it seems that the reason is that key is not initialized. buildKey method does not generate key value, it just creates key object.
    So, you need to initialize key with setKey method first.

    Edited by: 666 on Jun 6, 2011 2:30 AM

    Edited by: 666 on Jun 6, 2011 2:34 AM
    816119
  • 866769
    866769 Member Posts: 4
    edited Jun 6, 2011 6:53AM
    Thank you very much!

    I used this code

    RandomData rand = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);

    short lenBytes = (short) (KeyBuilder.LENGTH_DES/8);
    byte[] buffer = JCSystem.makeTransientByteArray(lenBytes,JCSystem.CLEAR_ON_DESELECT);

    DESKey key = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES , KeyBuilder.LENGTH_DES,false);

    rand.generateData(buffer, (short) 0 ,lenBytes);
    key.setKey(buffer, (short) 0 ) ;

    byte keyData[]= new byte[256];
    key.getKey(keyData, (short) 0);

    Now I know how to initialize the key...
    Thank you again.
    Regards,
    Dushantha

    Edited by: 863766 on Jun 6, 2011 3:52 AM
  • safarmer
    safarmer Member Posts: 2,829
    Hi,

    You do not need to store the key data in a persistent byte array. You are better off leaving it in the key object and copy it into the APDU buffer when needed. This will keep the key more secure (the card may have extra tamper resistance around keys compared to data). You also save some EEPROM and gain some performance as well.

    Cheers,
    Shane
    safarmer
  • 866769
    866769 Member Posts: 4
    Hi

    My project also consider about multi application environment and memory saving inside smart card.
    Your point iis an important point and really helpful for me.

    Thank you very much!
    Regards,
    Dushantha
This discussion has been closed.