Any JavaCard supporting 2048 bit RSA?

Hi all,
I am finding a java card that supports 2048-bit RSA. I know there are existing products in the market. However, they are black-box operating, e.g. process digital signature. What I need is PLAIN RSA computation - if there is a plain Java card, I can program it by myself.
I have found some vendor, however, it seems they don't provide such plain Java cards.
Anyone know if there is such a 2048-bit Java card?
Thank in advance.
Cheers,
Hue

Oh thanks!!!!!!!!!!!!!!
Would you please give more detail to me?
At the mean time, I am searching on the web!!~~
=D thz!!!!

Similar Messages

  • IOS version that support 2048 bits certificate

    Hello,
    I need to update a 2504  Wireless Controller to a version that supports 2048 bits certificates.
    I´m checking release notes for release 7.4.110.0 and I don´t see any information about a limitation in certification size (2048 bytes in my case).
    Do you know any restriction about the certificate size in this or another version?
    Thanks and Regards.
    Iván.

    2048 bit is supported on the WLC. I use it for WebAuth and 3rd party certificates as these vendors only issue 2048 these days.
    Sent from Cisco Technical Support iPhone App

  • Libsapcrypto - does it support 4096 - bit RSA keys

    I have a few questions about the libsapcrypto library and it's use with SSL server certificates.  Will it support
    4096 bit RSA keys?    Will transaction STRUST support openssl server certificates 4096 bit or otherwise with
    the libsapcrypto installed?
    Thanks.

    Yes - see [SAP note 690999|https://service.sap.com/sap/support/notes/690999], point 4 as well as [SAP note 836367|https://service.sap.com/sap/support/notes/836367].

  • ConfigMgr Certificate Support Clarification: CAs with 4096-bit RSA Key Lengths

    Hello,
    Does anyone know if ConfigMgr 2012 R2's certificate authentication will work with the following PKI configuration?
    Root CA - 4096 bit RSA
    Issuing CA - 4096 bit RSA
    ConfigMgr Client / ConfigMgr Servers - 2048 bit RSA
    I saw on the
    ConfigMgr Certificate Support Page that "AMT-based computers cannot support CA certificates with a key length larger than 2048 bits", but the other certificates are somewhat unclear. In this environment, I will not deploy AMT functionality.
    For example, the Windows client computers certificate requirements state "Maximum supported key length is 2048 bits.", but it isn't clear if that rule applies to the ConfigMgr Client certificate itself, or to the whole certificate chain including
    CAs.
    Dropps' post on
    this forum page seems to indicate that he has it working with a 4096-bit CA, but I'd like to hear some additional confirmation.
    Anyone out there running ConfigMgr certificates with a 4096-bit CA?
    Thanks!
    Frank Lesniak

    TL;DR: With the exception of out-of-band management/AMT, ConfigMgr 2012 works fine with a PKI hierarchy that includes 4096-bit key length RSA Root CA, Policy CA, and/or Issuing CA certificates. Just make sure that the certificates issued to
    the ConfigMgr servers and clients have a 2048-bit key length.
    Longer answer: Since I did not have any takers on this question, and since I needed an answer quickly, I decided to build a lab environment. I built a PKI hierarchy that is 4096-bit RSA with a SHA-256 signing algorithm. I created certificates templates per
    ConfigMgr requirements (with a 2048-bit key length) and deployed the appropriate certs to both the ConfigMgr server and client. Next, I installed ConfigMgr and configured site boundaries. Then I installed the ConfigMgr client on my client machine and
    watched the logs.
    Not only did the client initialize properly, the certificatemaintenance.log, clientidmanagerstartup.log, and clientlocation.log files all appeared happy.
    I think it's safe to say that ConfigMgr supports a 4096-bit PKI for everything but out of band management/AMT. Just make sure you limit the certs deployed to the ConfigMgr servers or clients to a 2048-bit key length.

  • Self signed certificate, key of 2048 bits, CUOM 8.7

    Hello:
    What is the correct way to create a self signed certificate with a key of 2048 bits in Cisco Unified Operations Manager 8.7?
    I edited the file
    "NMSROOT\MDC\Apache\conf\ssl\openssl.conf",
    changing
    default_bits from 1024 to 2048 and
    prompt from no to yes and then executed
    "NMSROOT\MDC\Apache\gencert.bat"
    and now the files
    "NMSROOT\MDC\Apache\conf\ssl\server.crt" and
    "NMSROOT\MDC\Apache\conf\ssl\chain.cer"
    show public keys RSA of 2048 Bits.
    Is this the right procedure to increase the lenght of the key?
    Regards,
    Marco Antonio.

    Sure, the secure-server is the quickest and easiest method but you can create the new key, define the trustpoint manually and enroll the certificate that way.
    Below are the commands. (You can of course call the key, trustpoint, O and CN values whatever locally significant names make sense for you.)
    router(config)#crypto key generate rsa label router-rsa modulus 2048
    The name for the keys will be: router-rsa
    % The key modulus size is 2048 bits
    % Generating 2048 bit RSA keys, keys will be non-exportable...
    [OK] (elapsed time was 10 seconds)
    router(config)#
    router(config)#crypto pki trustpoint router-ca
    router(ca-trustpoint)#enrollment selfsigned
    router(ca-trustpoint)#subject-name O=Test,CN=www.router.com
    router(ca-trustpoint)#rsakeypair router-rsa
    router(config)#crypto pki enroll router-ca
    % Include the router serial number in the subject name? [yes/no]: no
    % Include an IP address in the subject name? [no]: no
    Generate Self Signed Router Certificate? [yes/no]: yes
    Router Self Signed Certificate successfully created
    router(config)#

  • "Cannot find any provider supporting RSA/ECB/PKCS1Padding" in jdk5

    i use SSLSocket, HttpsURLConnection in program , run well in jdk1.4 but
    get wrong in jdk1.5.0_06, saying "Cannot find any provider supporting RSA/ECB/PKCS1Padding".
    i also try to use the "Unlimited Strength Jurisdiction Policy Files 5.0", but still not work.
    anyone knows why?
    thanks.

    I need more info to tell you exactly. But here are some thngs that might not be working.
    1st let me say I am assuming you are trying RSA encryption?
    1) You have an external JCE provider which provides RSA support installed on your machine using the security properties file. An applet would use a different properties file if you are using either RAW applet or the plugin. You need to add the provider explictly. Aka Security.addProvider(new org.cryptix.jce.Criptix());
    2) The external provider's jar file is not being downloaded with your applet code. Note that the Sun Java plugin does not use the same jre/lib/ext directory as does the JDK.
    3) Some sort of security violation in the SecurityManager of the applet engine if you are not using the Sun Java Plugin.
    Those are just guesses. but it might help if you were to inform us as to what RSA function youa re trying to do. AKA Signature or Cipher.
    Signatures would be a bit more complicated as at least JDK 141 and above have the SunRsaSigner built in. Again if you are using RAW applets (netscape/IE engine) then that would be the problem. (aka no provider installed).

  • DSEE 6.3.1 and 2048-bit SSL certificates

    Related to my previous post, I'm standing up a new 6.3.1 proxy server and directory server instance that are being added to my existing environment. We use GoDaddy for SSL certificates and they require 2048-bit CSRs, which cannot be generated with 6.3.1 software. That being the case I generated the CSR for each host using openssl with the command:
    openssl req -new -newkey rsa:2048 -nodes -out ldp05_domain_com.csr -keyout ldp05_domain_com.key -subj "/C=us/ST=Massachusetts/L=Cambridge/O=My Corp/OU=Network Operations/CN=ldp05.domain.com"I then took the CSR and received a new signed 2048-bit cert from GoDaddy. I added the GoDaddy root bundle certs into my CA cert chain and then attempted to add the server cert.
    On the directory server I have the problem:
    # dsadm add-cert /usr/local/ds/domain/ ldp05.domain.com /tmp/ldp05.domain.com.crt
    Unable to find private key for this certificate.
    Failed to add the certificate.I get the same error when attempting to add the certificate through DSCC.
    I have a different problem with the 2048-bit certificate on the proxy server. I added the CA cert and that was fine. However, when I add the server cert, it shows up in the CA cert chain.
    # dpadm add-cert /usr/local/dps/domain/ dps05.domain.com /tmp/dps05.domain.com.crt
    # dpadm list-certs /usr/local/dps/domain/
    Alias             Valid from       Expires on       Self-signed? Issued by                          Issued to    
    defaultservercert 2011/02/25 10:08 2013/02/24 10:08 y            CN=dps05.domain.com:389 Same as issuer
    1 certificate found.
    # dpadm list-certs -C /usr/local/dps/domain/|grep dps05
    dps05.domain.com     2011/02/25 11:43 2014/02/25 11:43 n         SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US      CN=dps05.domain.com, OU=Domain Control Validated, O=dps05.domain.comHas anyone successfully added 2048-bit CA signed certificates to both DPS and DS instances? Is there a limitation on the size of a certificate that can be imported as a non CA cert in directory proxy server 6.3.1?

    Sadly after opening a case with Oracle support I was told that the hotfix wasn't built for Linux (which I'm running) and would take 1-2 weeks to complete. I have managed to solve 99% of the issue on my DPS host thus far and have only one remaining issue which is upon adding the cert.
    In order to generate the 2048-bit CSR I had to run the following:
    # cd /usr/local/dps/domain/alias
    # modutil -changepw "NSS Certificate DB" -dbdir .
    # certutil -R -s "CN=dps05.domain.com,OU=Network Operations,O=My Corp,L=City,ST=State,C=US" -o /tmp/dps05.domain.com.csr -d /usr/local/dps/domain/alias -a -g 2048For reference, running the dpadm command to set the cert db password didn't work.
    # dpadm stop /usr/local/dps/domain
    # dpadm get-flags /usr/local/dps/domain
    # dpadm set-flags /usr/local/dps/domain/ cert-pwd-prompt=onOnce I had the properly sized CSR I had the cert issued and attempted to add the root certs to the CA chain and the server cert to the server certificates:
    # dpadm add-cert /usr/local/dps/domain gd-root-bundle gd_bundle.crt
    # dpadm list-certs -C /usr/local/dps/endeca |grep -i daddy
    - This shows the Go Daddy root cert bundle in the CA cert chain
    # dpadm add-cert /usr/local/dps/domain dps05.domain.com dps05.domain.com.crt
    # dpadm list-certs /usr/local/dps/domain
    - Shows only the defaultservercert
    # dpadm list-certs -C /usr/local/dps/endeca |grep -i daddy
    - The server cert now shows up in the CA chain.Does anyone have any idea how I can properly add the new cert to the server cert list so it can be used by the server?

  • Can't Windows 7 access an RD on Server 2012 that uses SHA512/2048-bit certificates

    I have a Server 2012 R2 Remote Desktop that works fine if configured with the self-signed certs (SHA1/2048-bit), but not with certs from our internal CA.
    With the self-signed certs, our remote clients can connect but of course get security warnings due to the untrusted certificates.  The clients do trust our root CA, so we should be able to eliminate those by using certs from our internal CA instead.
    However, when I do configure the Server 2012 R2 RD to use certs generated on our internal CA (SHA512/2048-bit) clients (Windows 7) cannot open RDP sessions.  They get errors and on server event log contain:
    (Source: Schannel; Event ID: 36874)  [sic] An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
    (Source: Schannel; Event ID: 36888)  A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 1205.
    The strange thing is that if I connect from client on Server 2008 R2, it can open RDP session!!!
    Thanks.

    Hi,
    Indicates by the event, it seems that the Cipher Suites use by the client are disabled on the server.
    Please check if any Cipher Suites of TLS 1.2 are disabled on the server.
    Cipher Suites in Schannel
    http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx
    How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll
    http://support.microsoft.com/kb/245030
    Hope this helps.
    Jeremy Wu
    TechNet Community Support

  • RC4 2048 bit encryption

    I need to use RC4 key size of (256 bytes) 2048 bits. From JCE JavaDoc
    http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppE
    RC4 can only support 128 bytes/1024 bits
    I wonder, does any of the JDK/JCE version support RC4 for 2048 bits key?
    Or can you suggest a shareware provider which supports RC4 2048 bits?
    Thanks a lot.

    Yes

  • Generate CSR public key 2048 bit

    Hello all,
    I apologize if the answer is already posted here.
    Trying to generate a certificate that uses a 2048 bit.
    Going through the UI, there is no option to define the bit and it generates a 1024 bit key.
    Looked at the CLI certconfig and the option there was to paste the PEM content.
    Async OS 7.5.0-833.
    Any help is appreciated.
    Thanks
    Paul

    Paul,
    There is currently no way to generate keys other than 1024 bit keys.  It is a feature request with the current bug id's.
    CSCzv70884 - [Feature Request] Support Generating 2048bit Certificates in HTTPS Proxy
    Christian Rahl
    Customer Support Engineer
    Cisco Web Content Security Appliance
    Cisco Technical Assistance Center RTP

  • Does Elements 12 support 32 bit images in a 64 bit OS?

    Does Elements 12 support 32 bit images in a 64 bit OS?

    Yes.  It makes no difference how your image was created - on 64 bit
    software or 32 bit software.  It is still a document and so it should
    load on any system running any photo-editing software.
    PSE is still a 32 bit software for windows;  Nobody knows when will 64
    bit version come out.

  • PSE 12 support 64 bit Windows 8?

    Does PSE 12 support 64 bit Windows 8.  Note promo material trumpets support of 64 bit Mac but appears silent on Windows.

    Hi,
    The error 1935 usually means there is a conflict with something else that is running - you could try this.
    First off, restart your system.
    Then try stopping the windows update service. Control Panel -> Administrative Tools -> Services (or use the search charm). Right click on Windows Updates and select Stop.
    Now disable any antivirus that you have running.
    Try the installation again.
    Turn back on the antivirus and start the windows update again.
    Good luck
    Brian

  • New SSL certificate with 2048 bit shows error: (Fehlercode: sec_error_unknown_issuer)

    installed a new SSL certificate with 2048 bit encryption (as is now required by issuer of certificate). Everything is OK with IE, FF shows error: (Fehlercode: sec_error_unknown_issuer)
    == URL of affected sites ==
    https://www.dongil.at/

    I have also tried all the solutions mentioned - but no luck.
    I wrote to Geotrust support and the pointed out that I needed the intermediate certificate and provided me with this url:
    https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422
    Please note, this intermediate certificate was *not* the same is linked to above - seems like there are 2 different intermediate certificates, depending on what type of certificate you got from Geotrust.
    Just to recap - if you got yourself a "QuickSSL, QuickSSL Premium or SSL Trial"-certificate (like me) then use this intermediate:
    https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422
    If you got a "True BusinessID or Enterprise SSL"-certificate, you should use this:
    https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1423
    - Lasse

  • Does K7T Turbo2 mobo support 48-bit LBA

    In the "sticky" troubleshooting post theres a link to determine what harddisks your motherboard support.
    The link is:
    http://www.msi.com.tw/program/support/hdd_support/hdd/spt_hdd_list.php?CHIP=Archives&ID=4
    But it is a dead link.  Is there a newer link?  I tried searching the MSI web site and can't find the information I need.
    I have an K7T Turbo2 (bios v3.6) motherboard and use Windows XP (SP1a and all updates) and would like to install a 200 GB WD hard drive.  Does this motherboard support 48-bit LBA for HDDs over 137 GB in size.  
    MUCH THANKS!!!!!!!!!!

    Since I could not find any good awnser here I e-mailed MSI support and got this awnser.
    107-041214025RE: Harddrive limitations on MSI K7T Turbo2 motherboard ?
    Question: Does the K7T Turbo2 motherboard have 48Bit harddrive adressing in
    BIOS ???
    Dear Sir/Madam,
    Thank you for contacting MSI Technical Support.
    This board supports 48-bit LBA. It can support up to 160G or higher HDD.  Please refer to this link for more information about your issue: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q303013 then try again.  And you are recommended to use WinXP SP1 or Win2000 SP4.
    Please feel free to let us know if you still have any further issues or inquiries.
    Best regards,
    MSI Technical Support
    This means, that the motherboard supports all drives of any size thats out there, and you other people talking about limitations are wrong, as long as the bios has 48bit LBA support the only limitation is by the operatingsystem but not by the hardware.
    Reason im posting this is for others to find it so they dont have to ask the MSI support.

  • Does my late 2007(?) MacBook Pro support 64 bit Windows 7?

    I have a macbook pro with a 2.4 GHz Intel Core 2 Duo (MacBookPro3,1), and I believe it is late 2007 but I'm not sure because the apple website is a little ambiguous about it when I submit my serial number.  The support website http://support.apple.com/kb/ht1846 says that 64-bit Windows 7 is only supported on early 2008 models but I suspect it is on mine too.  I just want to be sure.  Thanks!

    Thank for your reply,This is the downloaded trial version i downloaded from Adobe website,I'm buying my new camera in about a month and want to get a headstart on learningsome editing before I put out all the money for this and software,Thanks,
    Date: Mon, 19 Mar 2012 16:00:34 -0600
    From: [email protected]
    To: [email protected]
    Subject: Installer does not support 64 bit windows 7
        Re: Installer does not support 64 bit windows 7
        created by Jeff A Wright in Trial Download & Install FAQ - View the full discussion
    Which disc are you installing from?  Also did you just purchase Premiere Elements 10 or did you buy the bundle which includes Photoshop Elements 10?
         Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page: http://forums.adobe.com/message/4276739#4276739
         To unsubscribe from this thread, please visit the message page at http://forums.adobe.com/message/4276739#4276739. In the Actions box on the right, click the Stop Email Notifications link.
         Start a new discussion in Trial Download & Install FAQ by email or at Adobe Forums
      For more information about maintaining your forum email notifications please go to http://forums.adobe.com/message/2936746#2936746.

Maybe you are looking for

  • NOW behaviour in siebel Analytics 7.8

    Hi All, We have a Calculated measure column (BIRTH_age) using NOW() in rpd we have a Answer created with a filter like BIRTH_age>18 on the column  in Siebel Analytics 7.8 and a segment is created over this analysis. when we are executing update count

  • Making a skype call on a dual phone.

    I've just installed a binatone s1545 dual landline and internet phone but it only seems to be letting me make skype calls from my contact list and not use the key pad to dial any other number. I've tried using the onscreen dial pad and this works but

  • JTabbedPane and focus problem.

    Hello. I currently have a JTabbedPane which contains the various panels that make up different tabs. These tabs are extensions of panels, and are seperate classes imported into the class which contains my JTabbedPane and then added. The frame which c

  • How do you CALL FOR SUPPORT?

    I have a problem playing video files once I've captured them - this would take too long type out here. Can anyone direct me to a number I can call to talk to an actual human being???????? MacBook Pro   Mac OS X (10.4.9)  

  • On iphone 4s how can i get my messages to look like alerts on the lock screen

    I've tried going to notifications and changing it to alerts..but it won't show up as alerts it keeps showing up as the slide kind of messages..help.