Can't read load RSA public key with JDK 1.4.2_08?

We have been using Bouncy Castle's provider to provide RSA encryption and decryption of a login name and password for several years ... with JDKs in the 1.4.2 series up through 1.4.2_07.
Recently, however, Sun released JDK 1.4.2_08, and suddenly any of our Java Web Start client applications are unable to successfully load the public key that we use to encrypt their login name and password before shipping it to the server for authentication with the 1.4.2_08 JRE. But, if we revert back to 1.4.2_07, everything works again.
This public key itself has been in use for several years and the same code to read the public key has been in use for a long time ... including multiple versions of the BouncyCastle provider and all versions of the JDK up through 1.4.2_07. But suddenly things appear to break with JDK 1.4.2_08.
This smells like a problem with JDK 1.4.2_08 so I thought that I'd check on this forum to see if any other Bouncy Castle users have experienced this problem. Is there anything further that I can do to check this out? Has any Bouncy Castle user successfully loaded a RSA public key from a byte stream with JDK 1.4.2_08? Or have people using other providers seen any problems reading similar public keys with JDK 1.4.2_08?
The code that is failing on the client side is:
try {
   encKey = new byte[this.publicKeyInputStream.available()];
   this.publicKeyInputStream.read(encKey);
   spec = new X509EncodedKeySpec(encKey);
   keyFactory = KeyFactory.getInstance("RSA",  "org.bouncycastle.jce.provide.BouncyCastleProvider");
   myPublicKey = keyFactory.generatePublic(spec);
   return myPublicKey;
catch (Exception e) {
   e.printStackTrace();
}The stack trace that I'm getting includes ...
java.security.spec.InvalidKeySpecException: java.lang.IllegalArgumentException: invalid info structure in RSA public key
   at org.bouncycastle.jce.provider.JDKKeyFactory$RSA.engineGeneratePublic(JDKKeyFactory.java:330)
   at java.security.KeyFactory.generatePublic(Unknown Source)
   at org.opencoral.util.Encryption.loadPublicKey(SourceFile:450)
   at org.opencoral.util.Encryption.<init>(SourceFile:119)
   at org.opencoral.main.Coral.<init>(SourceFile:338)
   at org.opencoral.main.Coral.main(SourceFile:1919)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
   at java.lang.reflect.Method.invoke(Unknown Source)
   at com.sun.javaws.Launcher.executeApplication(Unknown Source)
   at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
   at com.sun.javaws.Launcher.continueLaunch(Unknown Source)
   at com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)
   at com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)
   at com.sun.javaws.Launcher.run(Unknown Source)
   at java.lang.Thread.run(Unknown Source)While it clearly indicates that it thinks that there is an "invalid info structure in RSA public key", I believe that nothing has changed in the structure of our key ... and this same key still works properly if I revert to JDK 1.4.2_07.
Any thoughts or insights?
Thanks,
John Shott

I'm facing the same Exception here,
With JDK 1.5 (SUNJce) i'm getting --
Exception in thread "main" java.security.spec.InvalidKeySpecException: java.secu
rity.InvalidKeyException: Invalid RSA public key
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(Unknown Source)
With BouncyCastle i'm getting --
Exception in thread "main" java.security.spec.InvalidKeySpecException: java.lang
.IllegalArgumentException: invalid info structure in RSA public key
at org.bouncycastle.jce.provider.JDKKeyFactory$RSA.engineGeneratePublic(
JDKKeyFactory.java:345)
Any Solution?

Similar Messages

  • Can I put RSA Public Key into the ISD in the JCOP?

    Dear All,
    Can I put RSA Public Key into the ISD in the JCOP? the command I put into the card as follows:
    cm> /terminal "winscard:4|FT SCR2000 0"
    --Opening terminal
    /atrresetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B 69 00 FF 4A 43 4F 50 34 31 56 32 32 ;i..JCOP41V22
    ATR: T=0, N=-1, Hist="JCOP41V22"
    /card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B 69 00 FF 4A 43 4F 50 34 31 56 32 32 ;i..JCOP41V22
    ATR: T=0, N=-1, Hist="JCOP41V22"
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (86244 usec)
    <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
    01 FF 90 00 ....
    Status: No Error
    cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 255
    => 80 50 00 00 08 51 39 AE 8E 0C 8B D9 50 00 .P...Q9.....P.
    (132953 usec)
    <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 84 FC 69 ..c..&)..u.....i
    60 80 B4 9C 9C 03 DB 99 9E F8 F4 67 90 00 `..........g..
    Status: No Error
    cm> ext-auth plain
    => 84 82 00 00 10 E6 A4 12 36 FD 7E 57 D0 2B 9D 5F ........6.~W.+._
    65 30 D8 1B 00 e0...
    (89378 usec)
    <= 90 00 ..
    Status: No Error
    cm> put-key --mode add 115/1/RSA-PUB/0301000180ad97a22fe7cb29accc3a0b68844f0cb11d057ed8c80c5a4db856138030c419d0a27556902a939152ce79376b1cd0955ce4303bf7560c95230714c583ff8a8f12f1cf23d867e469773d15f0e708332651110cb615c8d373e86d57b5ffe7ff44bcc7690a4d68cbe07743b19879ac5beaeef6e1af133a1fd37b86a5339960b36e53
    => 80 D8 00 01 88 73 A1 80 AD 97 A2 2F E7 CB 29 AC .....s...../..).
    CC 3A 0B 68 84 4F 0C B1 1D 05 7E D8 C8 0C 5A 4D .:.h.O....~...ZM
    B8 56 13 80 30 C4 19 D0 A2 75 56 90 2A 93 91 52 .V..0....uV.*..R
    CE 79 37 6B 1C D0 95 5C E4 30 3B F7 56 0C 95 23 .y7k...\.0;.V..#
    07 14 C5 83 FF 8A 8F 12 F1 CF 23 D8 67 E4 69 77 ..........#.g.iw
    3D 15 F0 E7 08 33 26 51 11 0C B6 15 C8 D3 73 E8 =....3&Q......s.
    6D 57 B5 FF E7 FF 44 BC C7 69 0A 4D 68 CB E0 77 mW....D..i.Mh..w
    43 B1 98 79 AC 5B EA EE F6 E1 AF 13 3A 1F D3 7B C..y.[......:..{
    86 A5 33 99 60 B3 6E 53 A0 03 01 00 01 00 ..3.`.nS......
    (281664 usec)
    <= 6A 86 j.
    Status: Incorrect parameters (P1,P2)
    jcshell: Error code: 6a86 (Incorrect parameters (P1,P2))
    jcshell: Wrong response APDU: 6A86
    Why the card return error code ? I think the P1 P2 is correct, according to the GP2.1.1?
    Thank you!

    It also can't input the RSA Public Key to the card, as follows:
    cm> /terminal "winscard:4|FT SCR2000 0"
    --Opening terminal
    /atrresetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
    32 A7 2.
    ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
    /card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
    32 A7 2.
    ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (86180 usec)
    <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
    01 FF 90 00 ....
    Status: No Error
    cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 255
    => 80 50 00 00 08 80 29 78 6F 21 1B 34 89 00 .P....)xo!.4..
    (129908 usec)
    <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 00 93 73 ..c..&)..u.....s
    3A B8 2C 0F D2 4C 06 E2 50 66 7F D8 90 00 :.,..L..Pf....
    Status: No Error
    cm> ext-auth plain
    => 84 82 00 00 10 3E 88 4D 33 FD 7D A5 56 B6 90 84 .....>.M3.}.V...
    78 94 BD B3 7A x...z
    (97237 usec)
    <= 90 00 ..
    Status: No Error
    cm> card-info
    => 80 F2 80 00 02 4F 00 00 .....O..
    (60917 usec)
    <= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
    Status: No Error
    => 80 F2 40 00 02 4F 00 00 [email protected]..
    (41315 usec)
    <= 6A 88 j.
    Status: Reference data not found
    => 80 F2 10 00 02 4F 00 00 .....O..
    (73177 usec)
    <= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
    03 53 50 41 90 00 .SPA..
    Status: No Error
    Card Manager AID : A000000003000000
    Card Manager state : OP_READY
    Load File : LOADED (--------) A0000000035350 (Security Domain)
    Module : A000000003535041
    cm> install -b -s -i A000000003535041 A0000000035350 A000000003535041
    => 80 E6 0C 00 20 07 A0 00 00 00 03 53 50 08 A0 00 .... ......SP...
    00 00 03 53 50 41 08 A0 00 00 00 03 53 50 41 01 ...SPA......SPA.
    C0 02 C9 00 00 00 ......
    (227436 usec)
    <= 90 00 ..
    Status: No Error
    cm> ls
    => 80 F2 80 00 02 4F 00 00 .....O..
    (61204 usec)
    <= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
    Status: No Error
    => 80 F2 40 00 02 4F 00 00 [email protected]..
    (66302 usec)
    <= 08 A0 00 00 00 03 53 50 41 07 C0 90 00 ......SPA....
    Status: No Error
    => 80 F2 10 00 02 4F 00 00 .....O..
    (72365 usec)
    <= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
    03 53 50 41 90 00 .SPA..
    Status: No Error
    Card Manager AID : A000000003000000
    Card Manager state : OP_READY
    Sec. Domain: SELECTABLE (SV------) A000000003535041
    Load File : LOADED (--------) A0000000035350 (Security Domain)
    Module : A000000003535041
    cm> select A000000003535041
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (84625 usec)
    <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
    01 FF 90 00 ....
    Status: No Error
    cm> /card -a a000000003000000 -c com.ibm.jc.CardManager
    resetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
    32 A7 2.
    ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (83836 usec)
    <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
    01 FF 90 00 ....
    Status: No Error
    cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 255
    => 80 50 00 00 08 FA 3B 98 E7 B4 60 A8 CC 00 .P....;...`...
    (128562 usec)
    <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 01 26 F7 ..c..&)..u....&.
    25 4D B0 B9 D2 1D 18 99 F1 1F E8 25 90 00 %M.........%..
    Status: No Error
    cm> ext-auth plain
    => 84 82 00 00 10 C9 5D 27 4B C4 54 AC E5 D3 3C 8B ......]'K.T...<.
    5F 2D B5 6B 87 _-.k.
    (97825 usec)
    <= 90 00 ..
    Status: No Error
    cm> set-key 1/1/DES-ECB/505152535455565758595a5b5c5d5e5f 1/2/DES-ECB/505152535455565758595a5b5c5d5e5f 1/3/DES-ECB/505152535455565758595a5b5c5d5e5f
    cm> put-keyset 1
    => 80 D8 00 81 43 01 80 10 B3 6A 9E 82 2D 9E 8E 06 ....C....j..-...
    8F B9 52 EA CA 63 FA 6B 03 A4 B7 D6 80 10 B3 6A ..R..c.k.......j
    9E 82 2D 9E 8E 06 8F B9 52 EA CA 63 FA 6B 03 A4 ..-.....R..c.k..
    B7 D6 80 10 B3 6A 9E 82 2D 9E 8E 06 8F B9 52 EA .....j..-.....R.
    CA 63 FA 6B 03 A4 B7 D6 00 .c.k.....
    (263198 usec)
    <= 01 A4 B7 D6 A4 B7 D6 A4 B7 D6 90 00 ............
    Status: No Error
    cm> put-key 115/1/RSA-PUB/0301000180ad97a22fe7cb29accc3a0b68844f0cb11d057ed8c80c5a4db856138030c419d0a27556902a939152ce79376b1cd0955ce4303bf7560c95230714c583ff8a8f12f1cf23d867e469773d15f0e708332651110cb615c8d373e86d57b5ffe7ff44bcc7690a4d68cbe07743b19879ac5beaeef6e1af133a1fd37b86a5339960b36e53
    => 80 D8 00 01 88 73 A1 80 AD 97 A2 2F E7 CB 29 AC .....s...../..).
    CC 3A 0B 68 84 4F 0C B1 1D 05 7E D8 C8 0C 5A 4D .:.h.O....~...ZM
    B8 56 13 80 30 C4 19 D0 A2 75 56 90 2A 93 91 52 .V..0....uV.*..R
    CE 79 37 6B 1C D0 95 5C E4 30 3B F7 56 0C 95 23 .y7k...\.0;.V..#
    07 14 C5 83 FF 8A 8F 12 F1 CF 23 D8 67 E4 69 77 ..........#.g.iw
    3D 15 F0 E7 08 33 26 51 11 0C B6 15 C8 D3 73 E8 =....3&Q......s.
    6D 57 B5 FF E7 FF 44 BC C7 69 0A 4D 68 CB E0 77 mW....D..i.Mh..w
    43 B1 98 79 AC 5B EA EE F6 E1 AF 13 3A 1F D3 7B C..y.[......:..{
    86 A5 33 99 60 B3 6E 53 A0 03 01 00 01 00 ..3.`.nS......
    (251210 usec)
    <= 6A 80 j.
    Status: Wrong data
    Add new key set didn't work, try modify ...
    jcshell: Error code: -3 (Invalid API parameter)
    jcshell: Command failed: Invalid RSA public key
    Is it something wrong ?

  • Encrypting with an RSA Public Key

    Hi everyone. I'm trying to encrypt some characters with an already generated RSA public key. Can anybody help with a SUN provider sample script?
    Thanx

    First of all RSA cipher is not suitable for encription of data more then one block (about 80 bytes for the OAEP mode), so it is paractically only good for the secret key wrapping (like Blowfish or DES) and second thing is that SUN JCE provider doesn't include RSA cipher implementation.

  • Invalid Key Exception: Unsupported key type: Sun RSA public key, 1024 bits

    I am trying to retrieve certificates from Microsoft Keystore and extract its keys using SunMSCAPI in jdk 1.6. It gives me an invalid key exception, when I am trying to wrap the Symmetric key (which was previously used to perform AES encryption on data), using RSA algorithm.
    Code snippet:
               // RSA 1024 bits Asymmetric encryption of Symmetric AES key             
                // List the certificates from Microsoft KeyStore using SunMSCAPI.
                      System.out.println("List of certificates found in Microsoft Personal Keystore:");
                       KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
                       ks.load(null, null) ;
                       Enumeration en = ks.aliases() ;
                       PublicKey RSAPubKey = null;
                       Key RSAPrivKey = null;
                       int i = 0;
                       while (en.hasMoreElements()) {
                            String aliasKey = (String)en.nextElement() ;              
                            X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey) ;     
                            String sss = ks.getCertificateAlias(c);
                            if(sss.equals("C5151997"))
                            System.out.println("---> alias : " + sss) ;
                            i= i + 1;
                            String str = c.toString();
                            System.out.println(" Certificate details : " + str ) ;
                          RSAPubKey = c.getPublicKey();
                            RSAPrivKey = ks.getKey(aliasKey, null);  //"mypassword".toCharArray()
                            Certificate[] chain = ks.getCertificateChain(aliasKey);     
                       System.out.println("No of certificates found from Personal MS Keystore: " + i);
                // Encrypt the generated Symmetric AES Key using RSA cipher      
                        Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());            
                       rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
                       byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);   
                       System.out.println("Encrypted Symmetric Key :" + new String(encryptedSymmKey));
                       System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
                       // RSA Decryption of Encrypted Symmetric AES key
                       rsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
                       Key decryptedKey = rsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);Output:
    List of certificates found in Microsoft Personal Keystore:
    ---> alias : C5151997
    Certificate details : [
    Version: V3
    Subject: CN=C5151997, O=SAP-AG, C=DE
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
    Key: Sun RSA public key, 1024 bits
    modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
    public exponent: 65537
    Validity: [From: Mon Jan 24 18:17:49 IST 2011,
                   To: Wed Jan 23 18:17:49 IST 2013]
    Issuer: CN=SSO_CA, O=SAP-AG, C=DE
    SerialNumber: [    4d12c509 00000005 eb85]
    Certificate Extensions: 6
    [1]: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 07 E5 83 A1 B2 B7 DF 6B 4B 67 9C 1D 42 C9 0D F4 .......kKg..B...
    0010: 35 76 D3 F7 5v..
    [2]: ObjectId: 2.5.29.35 Criticality=false
    AuthorityKeyIdentifier [
    KeyIdentifier [
    0000: E4 C4 2C 93 20 AF DA 4C F2 53 68 4A C0 E7 EC 30 ..,. ..L.ShJ...0
    0010: 8C 0C 3B 9A ..;.
    [3]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
    Extension unknown: DER encoded OCTET string =
    0000: 04 30 30 2E 06 26 2B 06 01 04 01 82 37 15 08 82 .00..&+.....7...
    0010: D1 E1 73 84 E4 FE 0B 84 FD 8B 15 83 E5 90 1B 83 ..s.............
    0020: E6 A1 43 81 62 84 B1 DA 50 9E D3 14 02 01 64 02 ..C.b...P.....d.
    0030: 01 1B ..
    [4]: ObjectId: 2.5.29.17 Criticality=false
    SubjectAlternativeName [
    RFC822Name: [email protected]
    [5]: ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
    DigitalSignature
    Non_repudiation
    Key_Encipherment
    Data_Encipherment
    [6]: ObjectId: 2.5.29.19 Criticality=true
    BasicConstraints:[
    CA:false
    PathLen: undefined
    Algorithm: [SHA1withRSA]
    Signature:
    0000: B3 C5 92 66 8D D7 ED 6D 51 12 63 CC F4 52 18 B9 ...f...mQ.c..R..
    0010: B8 A6 78 F7 ED 7D 78 18 DA 71 09 C9 AE C8 49 23 ..x...x..q....I#
    0020: F5 32 2F 0F D1 C0 4C 08 2B 6D 3C 11 B9 5F 5B B5 .2/...L.+m<.._[.
    0030: 05 D9 CA E6 F9 0A 94 14 E7 C6 7A DB 63 FE E5 EC ..........z.c...
    0040: 48 94 8C 0D 77 92 59 DE 34 6E 77 1A 24 FE E3 C1 H...w.Y.4nw.$...
    0050: D8 0B 52 6A 7E 22 13 71 D7 F8 AF D1 17 C8 64 4F ..Rj.".q......dO
    0060: 83 EA 2D 6A CA 7F C3 84 37 15 FE 99 73 1D 7C D1 ..-j....7...s...
    0070: 6D B4 99 09 62 B9 0F 18 33 4C C6 66 7A 9F C0 DB m...b...3L.fz...
    No of certificates found from Personal MS Keystore: 1
    Exception in thread "main" java.security.InvalidKeyException: Unsupported key type: Sun RSA public key, 1024 bits
    modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
    public exponent: 65537
         at sun.security.mscapi.RSACipher.init(RSACipher.java:176)
         at sun.security.mscapi.RSACipher.engineInit(RSACipher.java:129)
         at javax.crypto.Cipher.init(DashoA13*..)
         at javax.crypto.Cipher.init(DashoA13*..)
         at com.sap.srm.crpto.client.applet.CryptoClass.main(CryptoClass.java:102)
    Edited by: sabre150 on 18-Jul-2011 03:47
    Added [ code] tags to make code readable.

    A bit of research indicates that the classes of the keys obtained by
                          RSAPubKey = c.getPublicKey();
                               RSAPrivKey = ks.getKey(aliasKey, null);  //"mypassword".toCharArray()are sun.security.rsa.RSAPublicKeyImpl and sun.security.*mscapi*.RSAPrivateKey . It seems that for Cipher objects from the SunMSCAPI provider cannot accept RSA public keys of class sun.security.rsa.RSAPublicKeyImpl and that the SunMSCAPI will only accept RSA private keys of class sun.security.mscapi.RSAPrivateKey.
    This came up under different guise a couple of years ago. It makes sense since encrypting/wrapping with a public key does not represent a security problem (there is nothing secret in any of the encryption operations) when done outside of MSCAPI so one can use any provider that has the capability BUT the decryption/unwrapping must be done with the SunMSCAPI provider which delegates it to the MSCAPI.
    My working test code based on your code implementing this approach is :
            // RSA 1024 bits Asymmetric encryption of Symmetric AES key             
            // List the certificates from Microsoft KeyStore using SunMSCAPI.
            System.out.println("List of certificates found in Microsoft Personal Keystore:");
            KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
            ks.load(null, null);
            Enumeration en = ks.aliases();
            PublicKey RSAPubKey = null;
            Key RSAPrivKey = null;
            int i = 0;
            while (en.hasMoreElements())
                String aliasKey = (String) en.nextElement();
                X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey);
                String sss = ks.getCertificateAlias(c);
                if (sss.equals("rsa_key")) // The alias for my key - make sure you change it back to your alias
                    System.out.println("---> alias : " + sss);
                    i = i + 1;
                    String str = c.toString();
                    System.out.println(" Certificate details : " + str);
                    RSAPubKey = c.getPublicKey();
             System.out.println(RSAPubKey.getClass().getName());
                   RSAPrivKey = ks.getKey(aliasKey, null);  //"mypassword".toCharArray()
            System.out.println(RSAPrivKey.getClass().getName());
                    Certificate[] chain = ks.getCertificateChain(aliasKey);
            System.out.println(ks.getProvider().getName());
            System.out.println("No of certificates found from Personal MS Keystore: " + i);
            Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//, ks.getProvider().getName());       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
                rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
            byte[] keyBytes =
                1, 2, 3, 4, 5, 6, 7, 8, 2, 3, 4, 5, 6, 7, 8, 9
            SecretKey aeskey = new SecretKeySpec(keyBytes, "AES");
            byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
            System.out.println("Encrypted Symmetric Key :" + Arrays.toString(encryptedSymmKey));
            System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
            // RSA Decryption of Encrypted Symmetric AES key
            Cipher unwrapRsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());       //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
            unwrapRsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
            Key decryptedKey = unwrapRsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);
            System.out.println("Decrypted Symmetric Key :" + Arrays.toString(decryptedKey.getEncoded())); // Matches the 'keyBytes' above

  • ASA 8.4+ RSA Public Key for SSH user authentication

      I have seen in the configuration guide and a separate post in the support community that RSA Public Key authentication is support for SSH sessions in 8.4 and after.  I have tried implementing this on both an 8.4 ASA and a 9.1 ASA and I get the same error on both.  I have tried specifying SSH version 2 to see if that is the issue but I still get the error.  Is there a step I am missing?
    Here is the output of the configuration commands:
    ciscoasa(config)#username test nopassword privilege 15
    ciscoasa(config)#username test attributes
    ciscoasa(config-username)# ssh authentication publickey
                                 ^
    ERROR: % Invalid Hostname
    The links referenced above:
    https://supportforums.cisco.com/thread/2150480
    http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_aaa.html#wp1053558
    http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/aaa_servers.html#wp1176050
    Thanks!

    That would be great if the resolution was that simple.  I am using a public key I generated using the putty key generator.  Below is the key I would use if I got that far.  However I get an error on the "ssh authentication publickey" attribute so I never get the chance to enter a public key.  What code version and hardware version are you running that this worked on?
    AAAAB3NzaC1yc2EAAAABJQAAAIEA2h00RCKBbpbrTWSe/3TYAvRpkJz7tLwQDCf9
    4fDJUWUGrmxXHeomuBhNGZh7tyfFjRL2CKY6nWmFyKN/eDm0PF4IWhhCArzOPVDu
    q7Nu2y/pD8wWH8dH4a3zRpkLSekNJtH6lzuqmY0zqz9TnZlpS6g4LI1a+lOGSmhU
    /HySw9s=
    ciscoasa(config)#username test nopassword privilege 15
    ciscoasa(config)#username test attributes
    ciscoasa(config-username)#ssh ?
    configure mode commands/options:
      Hostname or A.B.C.D  The IP address of the host and/or network authorized to
                           login to the system
      X:X:X:X::X/<0-128>   IPv6 address/prefix authorized to login to the system
      scopy                Secure Copy mode
      timeout              Configure ssh idle timeout
      version              Specify protocol version to be supported
    exec mode commands/options:
      disconnect  Specify SSH session id to be disconnected after this keyword
    ciscoasa(config-username)# ssh
    ciscoasa(config-username)# sh ver | in Ver
    Cisco Adaptive Security Appliance Software Version 9.1(1)
    Device Manager Version 7.1(1)52
    ciscoasa(config-username)#

  • Java Card RSA public key problem

    Hello,
         I have a problem when I try to set the modulus part of a RSA public Key. There is always an error 6F 00.
    The code is very simple :
    private void saisie_modulus(APDU apdu)
              byte apduBuffer[] = apdu.getBuffer();
              if (!pin.isValidated ())
                   ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
              byte byteRead = (byte)(apdu.setIncomingAndReceive());
              rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
              return;
    What is really strange is that when I replace
    rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    with rsa_PublicKey.setModulus(rsaPublicKey, (short)6, (short)128); that works. (rsaPublicKey is an array containing the key and it's taken from the sample CryptoTest that comes with Axalto software)
    I tried to enter on the apdu the exact same modulus value of the public key of the sample CryptoTestand it doesn't work
    I tried another examples that I tested elseware and it doesn't work either
    the rest setKey composents work (same functions but with
    rsa_PublicKey2.setExponent(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    rsa_PublicKey2.setP(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    rsa_PublicKey2.setQ(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    rsa_PublicKey2.setPQ(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    rsa_PublicKey2.setDP1(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    rsa_PublicKey2.setDQ1(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
    in the place of
    rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead); )
    Do you have any ideas? Is this possible to have a bug in the card? I use a Cyberflex 64k V2
    Thank you in advance

    Yes, I did enter the key by hand (as I did with the Exponent, P, Q , PQ, DP1 et DQ1 and it worked).
    And I did enter by hand the EXACT same key (128 bytes) of the array rsaPublicKey to test.
    I repeat that when I type
    rsa_PublicKey.setModulus(rsaPublicKey, (short)6, (short)128);
    that works
    but when I enter manually (by hand) the EXACT same key (128 bytes beginning from byte 6) it doesn't work
    I even generated a key in the card and I exported its modulus (128 bytes). I entered by hand the exact same modulus (copy - paste to be precise) that was exported and the card did not accept it.
    This problem only happen with the modulus I repeat
    Any ideas?
    I begin to suspect a technical problem. I don't

  • How can I read pdf files from LabVIEW with different versions of Acrobat reader?

    How can I read pdf files from LabVIEW with different versions of Acrobat reader?
    I have made a LabVIEW program where I have possibility to read a PDF document.  When I made this LabVIEW program it was Acrobat Reader 5.0.5 that was installed on the PC. Lather when the Acrobat Reader was upgraded to version 6.0, there was an error when VI tries to launch the LabVIEW program. And Later again when we upgraded to Acrobat Reader 7.0.5 I must again do some changes and rebuild the EXE files again
    It isn't so very big job to do the changes in one single LabVIEW program, but we have built a lot of LabVIEW programs so this take time to due changes every time vi update Acrobat Reader. (We have build EXE files.)
    The job is to right click the ActiveX container and Click "Insert ActiveX Object", then I can brows the computer for the new version of acrobat Reader. After this I must rebuild all the "methods" in the Activex call to make the VI executable again.
    Is there a way to build LabVIEW program so I don't have to do this job every time we update Acrobat Reader?
    This LabVIEW program is written in LabVIEW 6.1, but I se the problem is the same in LabVIEW 8.2.
    Jan Inge Gustavsen
    Attachments:
    Show PDF-file - Adobe Reader 7-0-5 - LV61.vi ‏43 KB
    Read PDF file.jpg ‏201 KB
    Show PDF-file - Adobe Reader 5-0-5 - LV61.vi ‏42 KB

    hi there
    try the vi
    ..vi.lib\platform\browser.llb\Open Acrobat Document.vi
    it uses DDE or the command line to run an external application (e.g. Adobe Acrobat)
    Best regards
    chris
    CL(A)Dly bending G-Force with LabVIEW
    famous last words: "oh my god, it is full of stars!"

  • Can Mac read a dcr file made with win?

    Hello,
    Can Mac read a dcr file made with win?
    Thanks in advance.

    Thanks Sean,
    I posted the question because of some problem of user to read the web page with dcr.
    You assumed right, it is e dcr hosted in a browser page and viewed via shockwave with safari.
    I don't know the nature of the problem but the user get an error.
    Maybe I must decide to buy a mac and do some test.
    Thank you again.

  • I using mozilla firefox so long times but it just get problem today because i can't type in english words but i can type in thai and some buttons is not english but it's other alphbets that i can't read and it's happening with yahoo and friendster and not

    I using mozilla firefox so long times but it just get problem today because i can't type in english words but i can type in thai and some buttons is not english but it's other alphbets that i can't read and it's happening with yahoo and friendster and not sure for other website
    == today ==
    == User Agent ==
    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

    Same problem with the mouse, but with the mouse I can leave the cursor in place in the text field and move to the keyboard to type. As long as the cursor is in the field it stays editable.
    The problem with the pen is it's in my hand all of the time. I just flip it up under my thumb against my palm to type. So, as soon as I move the pen, the field goes away and I can't type in it. Hoping this is making sense.
    My tablet does have the touch function too, and I just found out I can use my finger to tap in the text field, then type. I guess that'll be my solution since I prefer not to leave a mouse set up on this iMac.
    I'm thinking now that this is just a problem with the pen itself, and nothing to do with iPhoto. So glad to have this figured out! I really like iPhoto '11! So much easier for me, a simple P&S gal, than Aperture 3. I use iPhoto Library Manager too and love it!
    Thanks so much! Debbie

  • Self- Signed Certificate - Change RSA Public Key & Signature Algorithim

    Hi
    My 1801 router (IOS 15x) is using the original self signed certificate (1024) with an signature algorithm MD5. I would like to change the cert to a 2048 key length , with a hash of SHA1 or better but I'm unsure how to do this.
    Should I just generate new keys or would I be better creating a new self-signed cert?  What is the procedure & explicit commands (CLI) to do this?
    Many thanks in advance.
    Regards
    Bob

    Sure, the secure-server is the quickest and easiest method but you can create the new key, define the trustpoint manually and enroll the certificate that way.
    Below are the commands. (You can of course call the key, trustpoint, O and CN values whatever locally significant names make sense for you.)
    router(config)#crypto key generate rsa label router-rsa modulus 2048
    The name for the keys will be: router-rsa
    % The key modulus size is 2048 bits
    % Generating 2048 bit RSA keys, keys will be non-exportable...
    [OK] (elapsed time was 10 seconds)
    router(config)#
    router(config)#crypto pki trustpoint router-ca
    router(ca-trustpoint)#enrollment selfsigned
    router(ca-trustpoint)#subject-name O=Test,CN=www.router.com
    router(ca-trustpoint)#rsakeypair router-rsa
    router(config)#crypto pki enroll router-ca
    % Include the router serial number in the subject name? [yes/no]: no
    % Include an IP address in the subject name? [no]: no
    Generate Self Signed Router Certificate? [yes/no]: yes
    Router Self Signed Certificate successfully created
    router(config)#

  • How can I read a binary file stream with many data type, as with AcqKnowledge physio binary data file?

    I would like to read in and write physiological data files which were saved by BioPac�s AcqKnowledge 3.8.1 software, in conjunction with their MP150 acquisition system. To start with, I�d like to write a converter from different physiodata file format into the AcqKnowledge binary file format for version 3.5 � 3.7 (including 3.7.3). It will allow us to read different file format into an analysis package which can only read in file written by AcqKnowledge version 3.5 � 3.7 (including 3.7.3).
    I attempted to write a reader following the Application Note AS156 entitled �AcqKnowledge File Format for PC with Windows� (see http://biopac.com/AppNotes/ app156Fi
    leFormat/FileFormat.htm ). Note the link for the Mac File format is very instructive too - it is presented in a different style and might make sense to some people with C library like look (http://biopac.com/AppNotes/ app155macffmt/macff.htm).
    I guess the problem I had was that I could not manage to read all the different byte data stream with File.vi. This is easy in C but I did not get very far in LabView 7.0. Also, I was a little unsure which LabView data types correspond to int, char , short, long, double, byte, RGB and Rect. And, since it is for PC I am also assuming the data to be written as �little endian� integer, and thus I also used byte swap vi.
    Two samples *.acq binary files are attach to this post to the list. Demo.acq is for version 3.7-3.7.2, while SCR_EKGtest1b.acq was recorded and saved with AcqKnowledge 3.8.1, which version number is 41.
    I would be grateful if you someone could explain how to handle such binary file stream with LabView and send an example to i
    llustrate it.
    Many thanks in advance for your help.
    Donat-Pierre
    Attachments:
    Demo.acq ‏248 KB
    SCR_EKG_test1b.acq ‏97 KB

    The reading of double is also straight forward : just use a dble float wired to the type cast node, after inverting the string (indian conversion).
    See the attached example.
    The measure of skin thickness is based on OCT (optical coherent tomography = interferometry) : an optical fiber system send and received light emitted to/back from the skin at a few centimeter distance. A profile of skin structure is then computed from the optical signal.
    CC
    Chilly Charly    (aka CC)
             E-List Master - Kudos glutton - Press the yellow button on the left...        
    Attachments:
    Read_AK_time_info.vi.zip ‏9 KB

  • How can I read a binary file stream with many data type, as with AcqKnowled​ge physio binary data file?

    I would like to read in and write physiological data which was saved by Biopac�s AcqKnowledge 3.8.1 software, in conjunction with their MP150 acquisition system. To start with, I�d like to write a converter from different physiodata file format into the AcqKnowledge binary file format for version 3.5 � 3.7 (including 3.7.3). It will allow us to read different file format into an analysis package which can only read in file written by AcqKnowledge version 3.5 � 3.7 (including 3.7.3).
    I attempted to write a reader following the Application Note AS156 entitled �AcqKnowledge File Format for PC with Windows� (see http://biopac.com/AppNotes/app156FileFormat/FileFo​rmat.h
    tm ). Note the link for the Mac File format is very instructive too - it is presented in a different style and might make sense to some people with C library like look (http://biopac.com/AppNotes/app155macffmt/macff.ht​m) .
    I guess the problem I had was that I could not manage to read all the different byte data stream with File.vi. This is easy in C but I did not get very far in LabView 7.0. Also, because it is for PC I am assuming the data to be written as �little endian� integer, and thus I also used byte swap vi.
    I would be grateful if you someone could explain how to handle such binary file stream with LabView and send an example to illustrate it.
    Many thanks in advance for your help.
    Donat-Pierre

    One more step...
    short are U16 integer
    double are double precision float
    bool seem to be 2 bytes (= U16)
    char are string (variable length)
    rgb are U16 integer, with high order byte = 0
    rect should be 4 x U16 (top, left, bottom, right)
    Chilly Charly    (aka CC)
             E-List Master - Kudos glutton - Press the yellow button on the left...        

  • Oops. Can I read my byte stream files with missing headers?

    My fault, I know, but I wrote out an 1D array of numbers to a file using the simple Write File vi, not realising that a header would have been a good idea at the time. Now I can't read them back in because LabVIEW doesn't know what they are, and trying to put the original array element (Dbl Precision Number) on the Byte Stream Type of Read File doesn't work.
    So, is there any way that I can insert an appropriate header back into the beginning of the file so that I can then read them in successfully?
    (No, unfortunately I can't regenerate the data. Believe me, I would if I could!)
    Thanks,
    Riggy

    I suppose you used the Write File function from the File I/O pallette since there is no Write File VI?
    If that is the case your file should be exactly 8*N bytes long, if the array had N elements of type DBL.
    You can simply read back you data with the 'Read characters from File' VI (from the File I/O pallette) and then typecast the read string to a 1D array of DBL. (typecast is the first icon in the 'Advanced--Data Manipulation' pallette.
    -Franz

  • Can adobe reader Xl pro compare pdfs with images

    Can the Adobe reader Xl pro compare pdfs with images/graphics and test?

    Claudio,
    I have documents with multiple revisions. I want to know the change from revision 1 to revision 2. Can adobe show the difference between the two revisions?
    The documents(pdfs) contain some text, graphics, flowcharts etc.

  • HT4539 Can I read books on my computer with iBooks? or only on a device?

    My reaction to the latest scramble ("update") of iTunes is "GGGRRRRR." How would you like it if someone you barely know went into your house and rearranged all your furniture without telling you. And expected thanks.
    Now there is an iBooks button. What is that? Well, I can't find out. Apparently the information should have been downloaded directly to my brain. In otherwords, apparently I am just supposed to KNOW. Like f2 is delete.
    Well I missed that download and I've been trying to find my way around the new iTunes and figure out how to manage my playlists, which are primarily Audiobooks. It seems no one thought of that when they redesigned my world without telling me. OK. I DON'T HAVE AN IPAD. So shoot me, but don't assume I have one. I do have a powerful little MacBook that I carry with me always. So:
    Can I read ebooks with iBook on the laptop, or is it exclusively for iPad, iPhone, or iTouch? If it WON'T WORK ON A COMPUTER, JUST SAY SO!!

    You can't read ibooks on a computer (Mac or PC), only on an iPad, iPhone or iPod Touch via the iBooks app.
    You can get the left-hand sidebar that used to be on previous versions of iTunes to show via View > Show Sidebar (option-command-S), that might make the new version easier to navigate (it does for me anyway)

Maybe you are looking for

  • Peformance of one process is slow ( statspack report is attached)

    Hi, My version is 9.2.0.7 (HP-UX Itanium) we have recently migrated the DB from windows 2003 to Unix (HP-UX Itanium 11.23). we have one process which usually takes 15 mins before migration, now it is taking 25 mins to complete. I did not change anyth

  • How to configure different listener for each database in 11gR2 RAC

    Hi Friends, Current Prod Setup : 11gR2 (11.2..0.2) RAC on RHEL 5.5 with 3 SCAN Listeners on default 1521 port. Having 4 databases which are using SCAN-IP and listening on default port only. As per policy, we have to create separate listeners (on diff

  • Compare two fields in bex

    Hi Experts, I want to compare two characteristics in bex. Is it possible to do in BEx ? If yes, how can i do it. If char A is equal to char B, display value of this key figure other wise display value of this key figure.

  • Mac Pro Retina Screen Replacement Procedure

    So I love my Mac Pro Retina but it has the ghosting issue, everything else is fine as far as I can tell with it, its had a few kernal panics but they have all been graphics related while Chrome was open, and only in Mac OSX, so I am assuming thats fi

  • Performance: Cursor declaration versus explicit query in BEGIN/END block

    Hi guys! Anyone knows if declare an explicit cursor inside a pl/sql block is faster than using a cursor declaration, and how fast it its? Which block runs faster? And how fast? ( once, twice, once and a half ? ) Block1: DECLARE CURSOR cur_test (p1 NU