Generating RSA keys based on p, q, and public exponent

Hi,
The problem is the following. I need to generate an RSA key pair on the card based on pre-defined P, Q and public exponent. The KeyPair specs syas that if the public exponent is pre-initialized it will be retained. All other values are overwritten though (I checked with a test applet on jcop41). So two questions:
1. Do you know of any card that can also retain p and q and generate (calculate) dp, dq, pq, and public modulus. This is contrary to the specification so I doubt there would be any, but it is always good to ask.
2. Do any of you have a Java code that would do this (ie. calculate the missing key components) that can be run on Java Card, ie. does not use BigInteger or similar classes.
Cheers,
Woj

That is exactly the point I was trying to make, I actually forgot about this thread, because the problem at hand went on the shelf for the moment. To reformulate:
1. I have only certain parts of the RSA key, but enough parts to determine a valid private/public key pair.
2. Now I want to generate the missing parts on the card. The JC API requires all the parts to be supplied, it is not possible to provide only partial (but determining the whole key) key information. The KeyPair class can only retain the public exponent during key generation, but not the other parts (according to the specs and my own tests).
3. My wild guess is that it would probably be doable without too much hassle with host JCE, but it's not an option for me, it has to be done on the card.
4. I could try to write my own Java Card code that would do this based on, say, openssl implementation, but now I am too lazy, so that's why I asked if somebody possibly has the code that does this.
Cheers,
Woj

Similar Messages

How could I generate RSA Key on Java Card

I am coding program base on javacard .
I can generate DES Key ,but I can't generate RSA key.
Any help is appreiciated.
Thanks in advance.
Regards.

I think you need a '3rd party' for this, I'm pretty sure that there is no in-built support for RSA - though there is Diffie-Hellman.

Create RSA keys based on p and q

Is there a way to create a KeyPair based on p and q (BigIntegers or byte[])
The reason i need this is because i need to encrypt files that need to be decrypted in a c# program (and vice versa). The encryption needs to be RSA (so no DES or....) although i know that there is not really a need for asymetric encryption.
The problem is I can generate a keypair in Java but then i cannot get the data for that keypair in c# (and vice versa).
In c# i can create an equivalent of a keyPair based on p and q or on so if there would be a way to get the p and the q of a generated keypair that would also help (or all the other paramets, d, n, e, phi,....).
Thanks

You can generate a PKCS8 private key bytes and X509 public key byte using something like
            final KeyPairGenerator rsaKeyPairGenerator = KeyPairGenerator.getInstance("RSA");
            rsaKeyPairGenerator.initialize(2048); // or whatever size you want
            final KeyPair rseKeyPair = rsaKeyPairGenerator.generateKeyPair();
            // The private key as PKCS8 bytes
            final byte[] privateKeyAsBytes = rseKeyPair.getPrivate().getEncoded();
            // The public key as X509 bytes
            final byte[] publicKeyAsBytes = rseKeyPair.getPublic().getEncoded();then you can import the X509 into C# (C# must have a way of importing an X509).
OR
do a similar thing in C# and export the X509 public key and import it into Java.
The private key should only be used by either the C# or Java application (not both) and I would expect whichever needs the private key should generate the key pair.

BC4J Designer generator problem (key based link)

Hi,
I have created an module in Designer. This module has a key based link to another tables usage of a different module, based on a foreign key constraint. I have tried to generate BC4J objects in JDeveloper 9.0.3 from this modul relationship and I got an error message:
'Module VepCrmCtrPackage: KeyBasedLink contains or references an object outside the current workarea. This module cannot be generated.'
Could Anybody help me?
Thanks,
G�bor

I assume the table will have relationships with other occurrences of the same table. Then you need a Foreign key to the primary key of the table. After that the generator will consider this relationship as a master detail and will generate the Form.

Where can I get a program that generates RSA keys?

I am doing a project using RSA crypto and need to generate key pairs every now and then. I am working with smart cards and there are no keygen capabilities on them so I'd like to have a program that generates keypairs of desired length for me. I know I'm lazy but this project is not at all about the generation but about the use. ;)
There should be some program to download I suppose but I haven't been able to find one as of yet.
Thanks in advance

As always, I found a program that did this right after this post was written. Strange since I searched for several hours before posting. Well ignore this post then!

Generating date records based on a start_date and end_date

Hello,
I am looking for a pure sql solution for the following scenario. I tried some of other suggested methods, but couldn't get it to do I wanted.
Here is the detail of the sql I need.
A existing table has the following.
Patient id First Visit Date Last Visit Date
1111 Jan 1, 2008 Jan 08, 2008
1112 Jan 15, 2008 Mar 10, 2008
1130 Mar 10,2007 Mar 15, 2007
Now I need to generate following output from a sql query to be joined with another sql later.
Dates fields could be of any date format. This has to be a pure sql solution without the use of any temp tables.
Patientid Patient Dates
1111 Jan 1, 2008
1111 Jan 2, 2008
1111 Jan 3, 2008
1111 Jan 4, 2008
1111 Jan 5, 2008
1111 Jan 6, 2008
1111 Jan 7, 2008
1111 Jan 8, 2008
1130 Mar 10, 2007
1130 Mar 11, 2007
1130 Mar 12, 2007
1130 Mar 13, 2007
1130 Mar 14, 2007
1130 Mar 15, 2007
Your help is appreciated.
Thanks,
Pasha

The dates you mentioned as hardcoded are simply put to represent your data. In the following example you can simply omit all before the line with comments and look, whether you get desired results ( however, simply join your table with any big table is the most simple (and easiest to read) solution in my opinion)
SQL> with pat_visit as (
2    select 1111 patientid,date '2008-01-01' dt_dov from dual union all
3    select 1111,date '2008-01-08' from dual union all
4    select 1130,date '2008-03-10' from dual union all
5    select 1130,date '2008-03-15' from dual
6 )
7 -- end test data
8 select dov.patientid, to_char(dov.mind + (level - 1),'DD-MON-YYYY') my_date
9 from
10 (select patientid, max(dt_dov) maxd, min(dt_dov)mind from pat_visit
11 group by patientid) dov
12 connect by prior patientid = patientid
13         and prior dbms_random.value is not null
14         and level <= maxd - mind + 1
15 ;
PATIENTID MY_DATE
      1111 01-JAN-2008
      1111 02-JAN-2008
      1111 03-JAN-2008
      1111 04-JAN-2008
      1111 05-JAN-2008
      1111 06-JAN-2008
      1111 07-JAN-2008
      1111 08-JAN-2008
      1130 10-MAR-2008
      1130 11-MAR-2008
      1130 12-MAR-2008
      1130 13-MAR-2008
      1130 14-MAR-2008
      1130 15-MAR-2008
14 rows selected.Best regards
Maxim

Generating a report based on two analytics(for ex:PO and PR)

I have a question regarding generating reports on two analytics.
In our scenarios,
We need to generate a report based on Purchase order and Purchase request.Is it possible in OBIA?
if yes,please provide the solution.
Thanks in advance

Hi ,
Thanks for your valuable time.
We are in designing phase of the project. we need to know ,Is there any inbuilt dashboards or reports built using both PO and PR repositories?
I would like to explain with ex:
Let's say we need a report or dashboard containing few fields from PO and few fields from PR.Let's assume both PO and PR data available at same granularity.
Do we have any such inbuilt reports or dashboard?
If not,could we customize the report generation using both PO and PS tables?
Please provide the solution.
Thanks in advance.
Edited by: user3561029 on Aug 31, 2008 9:03 PM

How to get the private and public key?

there is my code,i want to get the public key and the private key �Cbut i could not find the the approprite method to solve the problem.
import java.security.Key;
import javax.crypto.Cipher;
import java.security.KeyPairGenerator;
import java.security.KeyPair;
import java.security.Security;
public class PublicExample {
public static void main(String[] args) throws Exception {
if (args.length != 1) {
System.err.println("Usage:java PublicExample <text>");
System.exit(1);
byte[] plainText = args[0].getBytes("UTF8");
System.out.println("\nStart generating RSA key");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512);
KeyPair key = keyGen.generateKeyPair();
System.out.println("Finish generating RSA key");
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
//System.out.println("\n" + cipher.getProvider().getInfo());
System.out.println("\nStart encryption");
cipher.init(Cipher.ENCRYPT_MODE, key.getPublic());
byte[] cipherText = cipher.doFinal(plainText);
System.out.println("Finish encryption:");
System.out.println(new String(cipherText, "UTF8"));
System.out.println("\nStart decryption");
cipher.init(Cipher.DECRYPT_MODE, key.getPrivate());
/*i want to get the private and public key in this method ,but i found the result was not
the one i expected to get,how to solve the problem?
thanks in advance!
System.out.println("private key:" + key.getPrivate().toString());
System.out.println("public key:" + key.getPublic().toString());
byte[] newPlainText = cipher.doFinal(cipherText);
System.out.println("Finish decryption:");
System.out.println(new String(newPlainText, "UTF8"));
thanks in advance!

System.out.println("private key:" +
" + key.getPrivate().toString());
System.out.println("public key:" +
+ key.getPublic().toString());
key.getPrivate() returns an instance of PrivateKey and key.getPublic() returns an instance of PublicKey. Since PublicKey and PrivateKey are interfaces then they will return one of the concrete implementations. Check out the Javadoc for PublicKey and PrivateKey.
When you know which concreate implemenation you have then you can use the methods on that object (by appropriate casting) to find the information you want.

RSA key generation on JCOP31 v2.4.1 times out

I have an applet that generates both 1024-bit and 2048-bit RSA key pairs. The applet works on an NXP JCOP41 v2.2.1 smart card, but times out on an NXP JCOP31 v2.4.1 smart card. The applet was compiled with javacard 2.1.1. The JCOP41 card is at javacard 2.2.1. The JCOP31 card is at javacard 2.2.2. I am using an Omnikey CardMan 3821 smart card reader. Does anyone have any experience with generating RSA keys on the NXP JCOP31 v2.4.1 smart card? Thanks.

Hi,
The card probably doesn't timeout. It knows that RSA keygen is long, and it should send null procedure bytes in T=0 or S(WTX) blocks in T=1.
Only a protocol analyser (or oscilloscope) could tell if the card really timeouts. But that's not probable.
What is probable is that the reader timeouts. Try with another reader if possible.
Does the reader have an activity led? does it blink or something while the card is generating the key?
If you get the same behaviour, check the low level card exchanges. But I would be surprised that NXP sells card that go mute on RSA key generation. Or you have a faulty card.
Regards

How to find modulus(n) and public key exponent(e)Sor

I did the following code:
import java.security.*;
class keypair
public static void main(String args[])
try {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
        keyGen.initialize(1024);
        KeyPair keypair = keyGen.genKeyPair();
        PrivateKey privateKey = keypair.getPrivate();
        PublicKey publicKey = keypair.getPublic();
        System.out.println(publicKey);
catch (java.security.NoSuchAlgorithmException e) {
}It produced the following output:
E:\java>java keypair
Sun RSA public key, 1024 bits
modulus: 104598424699919432698042124865237006532583108525971624656815039032375
*68185931249899603942873174007833898125332457427834491991685017307342129730049040*
*85039266578793603162921901877391682504673766949037045217194339504369288262569809*
*64618725280325930282787918761626276736975012559809247463223114702205350103039131*
public exponent: 65537
How to parse modulus(n) and public exponent(e) from this output?
Similarly when i print private key, it produces the following output:
E:\java>java keypair
Sun RSA private CRT key, 1024 bits
modulus:          124578817060208658480856678950235831207402457067036419284514
*60119309486714863949162442643168408523979997168613499493638925829235693238993015*
*36861462235708805467117179894466762970147852286192228334073408407380525883650965*
*26200137024900438305422984852314541271126647102071346646999343089444655087519613*
*147762713*
public exponent: 65537
private exponent: 938527844532658207604152892230342202756165450473898580852699
*91069268853864683730106242370135012901790500054313488639918623825755509450966957*
*25996151023641565209086629652161258725723528561744214714448113895688480371394495*
*69970533766968335232379493089928062691491508442909468663624841001227918721233934*
*90451285*
prime p:          128112715803862066344339615342766575233634768887073748611821
*70613165835421234259251719401979554816266892921739504796026180704477109334458578*
*924582228715587*
prime q:          972415706579323990162180646771186062588725555167352041581263
*11833654947284058644791019214876691698044764118648637510099163830088827138987158*
*06445271350899*
prime exponent p: 102053075991522697645186596252261651077210381075096084960080
*01572103324900452503753532555651687424478224695551102238145517644352533224205327*
*850477437666141*
prime exponent q: 668659136319899226645386130685620335239039277715133737489656
*56694442226518700929665796129185316864860876985624927131126216000167126890435269*
*81971346772483*
crt coefficient: 337801534982286124613379128447816812903646302193598735486466
*78634104811105616496519276355880320340688935923186965279527763125244878069735173*
*60542121091569*
E:\java>
From this output how to parse n and d, where d is the secret exponent or decryption exponent? Thanks in advance. Apologies, for posting in this forum instead of cryptography forum.
Edited by: sowndar on Nov 28, 2009 3:12 AM

sowndar wrote:
From this output how to parse n and d, where d is the secret exponent or decryption exponent? Why do you think you need to parse anything? Why do you need the modulus and exponents?
P.S. Extract the public and private keys from the key pair, cast them to RSAPublicKey and RSAPrivateKey as appropriate then look at the methods of classes RSAPublicKey and RSAPrivateKey to see how to get modulus and exponents.

RSA key and block size

Let's say that I have an RSA key pair that has been generated in a keystore using the keytool utility.
I am now accessing this key pair through some java code (using the Keystore class) and I want to encrypt/decrypt data using this public/private key.
In order to encrypt/decrypt arbitray length data, I need to know the maximum block size that I can encrypt/decrypt.
Based upon my experiment, this block size seems to be the size of the key divided by 8 and minus 11.
But how can I determine all that programatically when the only thing that I have is the keystore?
I did not find a way to figure out the size of the key from the keystore (unless it can be computed from the RSA exponent or modulus, but this is where my knowledged of RSA keys stops) and I did not find a way to figure out where this "magic" number 11 is coming from.
I can always encrypt 1 byte of data and look at the size of the result. This will give me the blocksize and the key size by multiplying it by 8. But it means that I always need the public key around to compute this size (I cannot do it if I have only the private key).
And this is not helping much on the number 11 side.
Am I missing something obvious?
Thanks.

It is probably a bug. A naive implementation of RSA key generation that would exhibit this bug would work as follows (I'm ignoring the encrypt and decrypt exponents intentionally):
input: an rsa modulus bit size k, k is even:
output: the rsa modulus n.
k is even, so let k=2*l
step1: generate an l bit prime p, 2^l(-1) < p < 2^l
step2: generate another l bit prime q, 2^l(-1) < q < 2^l
step3: output n = p*q
Now the above might seem reasonable, but when you multiply the inequalities you get
2^(2*l -2) < n < 2^(2l)
That lower bound means that n can be 1 bit smaller than you expect.. The correct smallest lower bound for generating the primes p and q is (2^l) / sqrt(2), rounded up to the nearest integer.
I'll bet the IBM code implements something like the first algorithm.

How to generate a Unique key based on a some String value

Hello every one,
I am sorry , If I post this question in wrong group... I have a requirement to generate a unique key ( what every it may be alpha, numeric or alpha numeric) based on some String..
For ex : String str = "AbCX" - Gives a unique key based on "AbCX" value..
Is there any way we can get the unique value using Java ?
Thanks

May be not what you are looking for, but here's may idea:
use a sequence (db sequence) and add it the the string value. This way the value is unique, because the sequence is unique. So you could omit the string theoretically, but your requirement is met.
It's very easy to get a unique sequence number from the db using java, depending of the technology you use (which you did not say :-( )
Timo

Save and load public/private RSA key on file

hi
i'm triyng to save and load an RSA key to a file
i generate the keys:
        KeyPairGenerator generator=null;
        KeyPair coppia=null;
        PrivateKey c_privata=null;
        PublicKey c_pubblica=null;
            generator=KeyPairGenerator.getInstance("RSA");
            //imposto la dimensione
            generator.initialize(1024);
            //genero le 2 chiavi
            coppia=generator.genKeyPair();
            //imposto la privata
            c_privata=coppia.getPrivate();
            //imposo la pubblica
            c_pubblica=coppia.getPublic();
//i save the key
        FileOutputStream file = new FileOutputStream("key");
        file.write(c_pubblica.getEncoded());
        file.close();and then i use another program that imports the key:
   Key chiave=null;
   FileInputStream file=new FileInputStream("key");
   byte[]byte_chiave=new byte[162];
             X509EncodedKeySpec chiave_spec = new X509EncodedKeySpec(byte_chiave);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            chiave = keyFactory.generatePublic(chiave_spec);but when i try to reload he key i get:
java.security.InvalidKeyException: IOException : DER input, Integer tag error
where am i wrong?
thanks

sorry...
this is the correct code:
        Key chiave=null;
        FileInputStream file=new FileInputStream(path);
        byte[]byte_chiave=new byte[file.available()];
        System.out.println("leggo: "+file.read(byte_chiave));
        X509EncodedKeySpec chiave_spec = new X509EncodedKeySpec(byte_chiave);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        chiave = keyFactory.generatePublic(chiave_spec);

How to use the RSA key files generated by Crypto++ in java

Hi - Good day to all :)
I have two RSA key files(private key file and public key file) generated by Crypto++ 5.2.1:
code here:
void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed)
     RandomPool randPool;
     randPool.Put((byte *)seed, strlen(seed));
     RSAES_OAEP_SHA_Decryptor priv(randPool, keyLength);
     HexEncoder privFile(new FileSink(privFilename));
     priv.DEREncode(privFile);
     privFile.MessageEnd();
     RSAES_OAEP_SHA_Encryptor pub(priv);
     HexEncoder pubFile(new FileSink(pubFilename));
     pub.DEREncode(pubFile);
     pubFile.MessageEnd();
}generated private key is:
30820273020100300D06092A864886F70D01010105000482025D3082025902010002818100E19891D888651221AF315B369873F01910D097F554723EE8748FA230F2B954EBEFC57CB402DD03333BA9514AB5256EF92BE714C710D166A1D86CB7A11EFB4499506826AB873F5036B92F07BBB3ABB8F562646DE6E11031C46542633605FDE4A31E0E0A8651B4BC7743C18266D664E59E713D7595ED3D3B6C2F94C6072E276171020111028180425A0CC7372CC918F74AC07978221970C8B5D25736F46CDAF51B2FB40B27735473B28E16D3AA6A5A5CD7724326382FB2B28F4258AA97F1026CD4AE7AAEC25F77D54DF69BB3979E2893EBB071DA5752871BC8C60F9B5546C466F3103884D6B67FADCD51B17899991989507CB16F45DD76EC0DEDA1BD979ED1A101179F9687E9E5024100FFCAAEF814F12DCBDF20D4CFDD5007738DAAE45AE7EC2FD8E23A9EFCA85FADCAF61B03BFEA6FE6023E78700F804C4C275375A85BC367FE39D5FB2E0F0A4555F7024100E1C797A20FB108ADAFECDB025665FF500FDBB4F0829BAAE95833C046005DCA593F6C2437CD3A9AB7CC04372F422B0EE2C7FED87AA53821366962AE0CBDAD89D702402D23C48621D035421851167F08F00150A08791B5B074F96282469486F0895AE794D7973FFC31DD4BB0ABD78A43D13A9D8732E1799AF43BEC16B3DAF3986696B30240351FE7716D1A98A156921569F6361DF4B86FEE56B551CDDC8D395A6AD2E8E4513C1971EF031CD91C3000FDED00829A173E1DD895540D34FDBE71925D59CE7AC9024014A4347A1E7408FBB0A9AE5064FA58CAF2BCA5C00B8082A46EECABFA5CBF61364FEE81E2C049F399A2F601C802DD54A6D9340FABE62D6D1F913026C8B3764AFEI use this key in java
BufferedInputStream input=new BufferedInputStream(new FileInputStream("privateKey"));
          int size= input.available();
          byte[]buffer=new byte[size];
          input.read(buffer);
X509EncodedKeySpec lX509EncodedKeySpec = new X509EncodedKeySpec(buffer);
          PrivateKey lPrivateKey = KeyFactory.getInstance("RSA").generatePrivate(lX509EncodedKeySpec);there is a exception,at generatePrivate() method
at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:294)
     at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:171)
     at java.security.KeyFactory.generatePrivate(KeyFactory.java:322)
     at test.Main.main(Main.java:27)any body can help me?

X509 is for public keys, not private keys. You need PKCS8 using PKCS8EncodedKeySpec on the hex decoded private key string.
Your method for reading the private key from the file is flawed. The method available() does not guarantee to give you the file length. This is easy to prove since files can be longer than Integer.MAX_VALUE and available() returns an 'int'. To get the file length use File.length() which returns a 'long'. Also, reading from an InputStream using
input.read(buffer); does not guarantee to read all the bytes. For that you need to use something like DataInputStream.readFully().

4507R+E with "k9" type IOS cannot use "crypto key generate rsa" command

Hi all,
We just upgraded the IOS on our SUP7L-E supervisor in a 4507R+E from a non-k9 (crypto) image to a k9 (crypto) image so we could use SSH to manage it. The specific image we are using is: cat4500e-universalk9.SPA.03.04.04.SG.151-2.SG4.bin. We also have a pair of 2960CG-8TS-L's that are running on: c2960c405ex-universalk9-mz.152-2.E.bin. We have given the devices new hostnames and specified a domain according to instructions.
Our problem seems to be that we cannot use the "crypto key generate rsa" command to generate the keys we need to use SSH. We use this command all the time on our other 2960 and 4510 switches with no problems. We can issue other "crypto" commands but just cant generate the keys. Has anyone else experienced/fixed this problem? 

Switch#crypto key generate rsa modulus ?
<360-4096> size of the key modulus [360-4096]
I am running IOS version 3.5.3E and I can regenerate the key using the command "crypto key generate rsa modulus" command.

Generating RSA keys based on p, q, and public exponent

Similar Messages

Maybe you are looking for