This discussion is archived
6 Replies Latest reply: Aug 4, 2012 5:07 AM by 952006 RSS

RSA Keypair cannot be generated in javacard ?

952006 Newbie
Currently Being Moderated
Hello
I got a problem about how to generate a RSA keypair in JAVACARD, I tried many different parametres, but I cannot install my applet in my emulator.
public class RSAencry extends Applet {

    RSAPrivateKey  rsa_PrivateKey;
    RSAPublicKey rsa_PublicKey;
    KeyPair rsa_KeyPair;
    Cipher cipherRSA;
    //private byte buffer[];
    //byte TheBuffer[];
    final short dataOffset = (short) ISO7816.OFFSET_CDATA;
    
    //constructor
    
    private RSAencry()
    {
        //generate own rsa_keypair
         //rsa_KeyPair = new KeyPair( KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048 );
         //super();
         try
         {
         //TheBuffer = new byte[100];
         rsa_KeyPair = new KeyPair( KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_512 );
         //rsa_PublicKey.setExponent (TheBuffer, (short)0, (short)1);
         rsa_KeyPair.genKeyPair();
        rsa_PublicKey = (RSAPublicKey) rsa_KeyPair.getPublic();
        //rsa_PrivateCrtKey = (RSAPrivateCrtKey) rsa_KeyPair.getPrivate();
        rsa_PrivateKey = (RSAPrivateKey) rsa_KeyPair.getPrivate();
        //buffer = new byte[2048];
        cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
         }catch (CryptoException ex){
              ISOException.throwIt((short) (ex.getReason()));
         }
        //register(bArray, (short) (bOffset), bArray[bOffset]);
    }

     public static void install(byte[] bArray, short bOffset, byte bLength) {
          // GP-compliant JavaCard applet registration
          new RSAencry().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
     }

     public void process(APDU apdu) {
          // Good practice: Return 9000 on SELECT
          if (selectingApplet()) {
               return;
          }

          byte[] buf = apdu.getBuffer();
          switch (buf[ISO7816.OFFSET_INS]) {
          case (byte) 0x00:
               break;
          default:
               // good practice: If you don't know the INStruction, say so:
               ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
          }
     }

}
The log shows as below:
(2233 usec)
<= 00 90 00 ...
Status: No Error
Load report:
1358 bytes loaded in 0.0 seconds
effective code size on card:
+ package AID 6
+ applet AIDs 15
+ classes 17
+ methods 138
+ statics 0
+ exports 0
------------------------------
overall 176 bytes
cm> install -i 525341656e637279 -q C9#() 525341656e63 525341656e637279
=> 80 E6 0C 00 1F 06 52 53 41 65 6E 63 08 52 53 41 ......RSAenc.RSA
65 6E 63 72 79 08 52 53 41 65 6E 63 72 79 01 00 encry.RSAencry..
02 C9 00 00 00 .....
(122771 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting execution


I almost removed all other codes, but it still can not intalled in card emulator.
Does anyone can tell me that's why?

Edited by: 949003 on 2012-8-3 上午8:05

Edited by: 949003 on 2012-8-3 上午8:07
  • 1. Re: RSA Keypair cannot be generated in javacard ?
    safarmer Expert
    Currently Being Moderated
    I assume by your output that you are using JCOP tools. I am not sure if it supports 512 bit keys. Try using a 2048 but key instead.

    - Shane
  • 2. Re: RSA Keypair cannot be generated in javacard ?
    952006 Newbie
    Currently Being Moderated
    I tried 2048bit key instead, Its the same problem.
    and I also used JCSuite3.0 to test my program, Its cannot be installed.
  • 3. Re: RSA Keypair cannot be generated in javacard ?
    safarmer Expert
    Currently Being Moderated
    You have a class cast exception. You can use either of the following:
    RSAPrivateCrtKey rsa_PrivateKey = (RSAPrivateCrtKey) rsa_KeyPair.getPrivate();
    /* OR */
    PrivateKey rsa_PrivateKey = rsa_KeyPair.getPrivate();
    While both RSAPrivateCrtKey and RSAPrivateKey interfaces extend PrivateKey, they are not castable to each other.

    - Shane
  • 4. Re: RSA Keypair cannot be generated in javacard ?
    952006 Newbie
    Currently Being Moderated
    Thanks Shane
    I even removed those senteces.
    public class RSAencry extends Applet {
    
        private KeyPair rsa_KeyPair; 
        Cipher cipherRSA;
        
        //constructor
        
        private RSAencry()
        {
    
             try
             {
    
             new KeyPair( KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_2048 );
             rsa_KeyPair.genKeyPair();
    
             }catch (CryptoException ex){
                  ISOException.throwIt((short) (ex.getReason()));
             }
            //register(bArray, (short) (bOffset), bArray[bOffset]);
        }
    
         public static void install(byte[] bArray, short bOffset, byte bLength) {
              // GP-compliant JavaCard applet registration
              new RSAencry().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
         }
    
         public void process(APDU apdu) {
              // Good practice: Return 9000 on SELECT
              if (selectingApplet()) {
                   return;
              }
    
              byte[] buf = apdu.getBuffer();
              switch (buf[ISO7816.OFFSET_INS]) {
              case (byte) 0x00:
                   break;
              default:
                   // good practice: If you don't know the INStruction, say so:
                   ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
              }
         }
    
    }
    and I still got this log

    Status: No Error
    Load report:
    1089 bytes loaded in 0.0 seconds
    effective code size on card:
    + package AID 6
    + applet AIDs 15
    + classes 17
    + methods 101
    + statics 0
    + exports 0
    ------------------------------
    overall 139 bytes
    cm> install -i 525341656e637279 -q C9#() 525341656e63 525341656e637279
    => 80 E6 0C 00 1F 06 52 53 41 65 6E 63 08 52 53 41 ......RSAenc.RSA
    65 6E 63 72 79 08 52 53 41 65 6E 63 72 79 01 00 encry.RSAencry..
    02 C9 00 00 00 .....
    (7334 usec)
    <= 6A 80 j.
    Status: Wrong data
    jcshell: Error code: 6a80 (Wrong data)
    jcshell: Wrong response APDU: 6A80
    Unexpected error; aborting execution
  • 5. Re: RSA Keypair cannot be generated in javacard ?
    safarmer Expert
    Currently Being Moderated
    Now the problem is you changed from KeyPair.ALG_RSA_CRT to KeyPair.ALG_RSA. Many (if not most) cards only support CRT private keys as the calculation is more efficient (some parts are pre-calculated in the key itself).

    - Shane
  • 6. Re: RSA Keypair cannot be generated in javacard ?
    952006 Newbie
    Currently Being Moderated
    Thanks Sooooooooooooooooooooooooooooooooooo much. This problem makes me want to die.
    I should check all API spe more carefully and Everytime should change only one parameter.

    Edited by: 949003 on 2012-8-4 上午5:06

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points