Invalid Key Exception: Unsupported key type: Sun RSA public key, 1024 bits

Similar Messages

• Unsupported key type: Sun DSA Public Key

  Hi all,
  Does anyone know how to use the SHA1withDSA algorithm with WSS4J/Axis?
  When using a private key generated by keytool with type DSA, I get the errors:
  org.apache.ws.security.WSSecurityException: Cannot encrypt data
  Caused by: java.security.InvalidKeyException: Unsupported key type: Sun DSA Public Key
  It seems I have to generate the key using type RSA.
  Regards,
  Alex
  Edited by: ao on 2012-mar-12 12:53

  DSA (Digital Signature Algorithm) keys, by definition, can only be used for digital signature and not for encryption. As EJP suggested, you must use the RSA key-type and the SHA1withRSA - I would recommend using SHA256withRSA - construct to enable message-confidentiality.
  Arshad Noor
  StrongAuth, Inc.

• Can't read load RSA public key with JDK 1.4.2_08?

  We have been using Bouncy Castle's provider to provide RSA encryption and decryption of a login name and password for several years ... with JDKs in the 1.4.2 series up through 1.4.2_07.
  Recently, however, Sun released JDK 1.4.2_08, and suddenly any of our Java Web Start client applications are unable to successfully load the public key that we use to encrypt their login name and password before shipping it to the server for authentication with the 1.4.2_08 JRE. But, if we revert back to 1.4.2_07, everything works again.
  This public key itself has been in use for several years and the same code to read the public key has been in use for a long time ... including multiple versions of the BouncyCastle provider and all versions of the JDK up through 1.4.2_07. But suddenly things appear to break with JDK 1.4.2_08.
  This smells like a problem with JDK 1.4.2_08 so I thought that I'd check on this forum to see if any other Bouncy Castle users have experienced this problem. Is there anything further that I can do to check this out? Has any Bouncy Castle user successfully loaded a RSA public key from a byte stream with JDK 1.4.2_08? Or have people using other providers seen any problems reading similar public keys with JDK 1.4.2_08?
  The code that is failing on the client side is:
  try {
     encKey = new byte[this.publicKeyInputStream.available()];
     this.publicKeyInputStream.read(encKey);
     spec = new X509EncodedKeySpec(encKey);
     keyFactory = KeyFactory.getInstance("RSA",  "org.bouncycastle.jce.provide.BouncyCastleProvider");
     myPublicKey = keyFactory.generatePublic(spec);
     return myPublicKey;
  catch (Exception e) {
     e.printStackTrace();
  }The stack trace that I'm getting includes ...
  java.security.spec.InvalidKeySpecException: java.lang.IllegalArgumentException: invalid info structure in RSA public key
     at org.bouncycastle.jce.provider.JDKKeyFactory$RSA.engineGeneratePublic(JDKKeyFactory.java:330)
     at java.security.KeyFactory.generatePublic(Unknown Source)
     at org.opencoral.util.Encryption.loadPublicKey(SourceFile:450)
     at org.opencoral.util.Encryption.<init>(SourceFile:119)
     at org.opencoral.main.Coral.<init>(SourceFile:338)
     at org.opencoral.main.Coral.main(SourceFile:1919)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
     at java.lang.reflect.Method.invoke(Unknown Source)
     at com.sun.javaws.Launcher.executeApplication(Unknown Source)
     at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
     at com.sun.javaws.Launcher.continueLaunch(Unknown Source)
     at com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)
     at com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)
     at com.sun.javaws.Launcher.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)While it clearly indicates that it thinks that there is an "invalid info structure in RSA public key", I believe that nothing has changed in the structure of our key ... and this same key still works properly if I revert to JDK 1.4.2_07.
  Any thoughts or insights?
  Thanks,
  John Shott

  I'm facing the same Exception here,
  With JDK 1.5 (SUNJce) i'm getting --
  Exception in thread "main" java.security.spec.InvalidKeySpecException: java.secu
  rity.InvalidKeyException: Invalid RSA public key
  at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(Unknown Source)
  With BouncyCastle i'm getting --
  Exception in thread "main" java.security.spec.InvalidKeySpecException: java.lang
  .IllegalArgumentException: invalid info structure in RSA public key
  at org.bouncycastle.jce.provider.JDKKeyFactory$RSA.engineGeneratePublic(
  JDKKeyFactory.java:345)
  Any Solution?

• ASA 8.4+ RSA Public Key for SSH user authentication

    I have seen in the configuration guide and a separate post in the support community that RSA Public Key authentication is support for SSH sessions in 8.4 and after.  I have tried implementing this on both an 8.4 ASA and a 9.1 ASA and I get the same error on both.  I have tried specifying SSH version 2 to see if that is the issue but I still get the error.  Is there a step I am missing?
  Here is the output of the configuration commands:
  ciscoasa(config)#username test nopassword privilege 15
  ciscoasa(config)#username test attributes
  ciscoasa(config-username)# ssh authentication publickey
                               ^
  ERROR: % Invalid Hostname
  The links referenced above:
  https://supportforums.cisco.com/thread/2150480
  http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_aaa.html#wp1053558
  http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/aaa_servers.html#wp1176050
  Thanks!

  That would be great if the resolution was that simple.  I am using a public key I generated using the putty key generator.  Below is the key I would use if I got that far.  However I get an error on the "ssh authentication publickey" attribute so I never get the chance to enter a public key.  What code version and hardware version are you running that this worked on?
  AAAAB3NzaC1yc2EAAAABJQAAAIEA2h00RCKBbpbrTWSe/3TYAvRpkJz7tLwQDCf9
  4fDJUWUGrmxXHeomuBhNGZh7tyfFjRL2CKY6nWmFyKN/eDm0PF4IWhhCArzOPVDu
  q7Nu2y/pD8wWH8dH4a3zRpkLSekNJtH6lzuqmY0zqz9TnZlpS6g4LI1a+lOGSmhU
  /HySw9s=
  ciscoasa(config)#username test nopassword privilege 15
  ciscoasa(config)#username test attributes
  ciscoasa(config-username)#ssh ?
  configure mode commands/options:
    Hostname or A.B.C.D  The IP address of the host and/or network authorized to
                         login to the system
    X:X:X:X::X/<0-128>   IPv6 address/prefix authorized to login to the system
    scopy                Secure Copy mode
    timeout              Configure ssh idle timeout
    version              Specify protocol version to be supported
  exec mode commands/options:
    disconnect  Specify SSH session id to be disconnected after this keyword
  ciscoasa(config-username)# ssh
  ciscoasa(config-username)# sh ver | in Ver
  Cisco Adaptive Security Appliance Software Version 9.1(1)
  Device Manager Version 7.1(1)52
  ciscoasa(config-username)#

• Java Card RSA public key problem

  Hello,
       I have a problem when I try to set the modulus part of a RSA public Key. There is always an error 6F 00.
  The code is very simple :
  private void saisie_modulus(APDU apdu)
            byte apduBuffer[] = apdu.getBuffer();
            if (!pin.isValidated ())
                 ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
            byte byteRead = (byte)(apdu.setIncomingAndReceive());
            rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
            return;
  What is really strange is that when I replace
  rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  with rsa_PublicKey.setModulus(rsaPublicKey, (short)6, (short)128); that works. (rsaPublicKey is an array containing the key and it's taken from the sample CryptoTest that comes with Axalto software)
  I tried to enter on the apdu the exact same modulus value of the public key of the sample CryptoTestand it doesn't work
  I tried another examples that I tested elseware and it doesn't work either
  the rest setKey composents work (same functions but with
  rsa_PublicKey2.setExponent(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  rsa_PublicKey2.setP(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  rsa_PublicKey2.setQ(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  rsa_PublicKey2.setPQ(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  rsa_PublicKey2.setDP1(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  rsa_PublicKey2.setDQ1(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead);
  in the place of
  rsa_PublicKey2.setModulus(apduBuffer, (short)ISO7816.OFFSET_CDATA, (short)byteRead); )
  Do you have any ideas? Is this possible to have a bug in the card? I use a Cyberflex 64k V2
  Thank you in advance

  Yes, I did enter the key by hand (as I did with the Exponent, P, Q , PQ, DP1 et DQ1 and it worked).
  And I did enter by hand the EXACT same key (128 bytes) of the array rsaPublicKey to test.
  I repeat that when I type
  rsa_PublicKey.setModulus(rsaPublicKey, (short)6, (short)128);
  that works
  but when I enter manually (by hand) the EXACT same key (128 bytes beginning from byte 6) it doesn't work
  I even generated a key in the card and I exported its modulus (128 bytes). I entered by hand the exact same modulus (copy - paste to be precise) that was exported and the card did not accept it.
  This problem only happen with the modulus I repeat
  Any ideas?
  I begin to suspect a technical problem. I don't

• Encrypting with an RSA Public Key

  Hi everyone. I'm trying to encrypt some characters with an already generated RSA public key. Can anybody help with a SUN provider sample script?
  Thanx

  First of all RSA cipher is not suitable for encription of data more then one block (about 80 bytes for the OAEP mode), so it is paractically only good for the secret key wrapping (like Blowfish or DES) and second thing is that SUN JCE provider doesn't include RSA cipher implementation.

• Can I put RSA Public Key into the ISD in the JCOP?

  Dear All,
  Can I put RSA Public Key into the ISD in the JCOP? the command I put into the card as follows:
  cm> /terminal "winscard:4|FT SCR2000 0"
  --Opening terminal
  /atrresetCard with timeout: 0 (ms)
  --Waiting for card...
  ATR=3B 69 00 FF 4A 43 4F 50 34 31 56 32 32 ;i..JCOP41V22
  ATR: T=0, N=-1, Hist="JCOP41V22"
  /card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
  --Waiting for card...
  ATR=3B 69 00 FF 4A 43 4F 50 34 31 56 32 32 ;i..JCOP41V22
  ATR: T=0, N=-1, Hist="JCOP41V22"
  => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
  (86244 usec)
  <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
  01 FF 90 00 ....
  Status: No Error
  cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
  cm> init-update 255
  => 80 50 00 00 08 51 39 AE 8E 0C 8B D9 50 00 .P...Q9.....P.
  (132953 usec)
  <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 84 FC 69 ..c..&)..u.....i
  60 80 B4 9C 9C 03 DB 99 9E F8 F4 67 90 00 `..........g..
  Status: No Error
  cm> ext-auth plain
  => 84 82 00 00 10 E6 A4 12 36 FD 7E 57 D0 2B 9D 5F ........6.~W.+._
  65 30 D8 1B 00 e0...
  (89378 usec)
  <= 90 00 ..
  Status: No Error
  cm> put-key --mode add 115/1/RSA-PUB/0301000180ad97a22fe7cb29accc3a0b68844f0cb11d057ed8c80c5a4db856138030c419d0a27556902a939152ce79376b1cd0955ce4303bf7560c95230714c583ff8a8f12f1cf23d867e469773d15f0e708332651110cb615c8d373e86d57b5ffe7ff44bcc7690a4d68cbe07743b19879ac5beaeef6e1af133a1fd37b86a5339960b36e53
  => 80 D8 00 01 88 73 A1 80 AD 97 A2 2F E7 CB 29 AC .....s...../..).
  CC 3A 0B 68 84 4F 0C B1 1D 05 7E D8 C8 0C 5A 4D .:.h.O....~...ZM
  B8 56 13 80 30 C4 19 D0 A2 75 56 90 2A 93 91 52 .V..0....uV.*..R
  CE 79 37 6B 1C D0 95 5C E4 30 3B F7 56 0C 95 23 .y7k...\.0;.V..#
  07 14 C5 83 FF 8A 8F 12 F1 CF 23 D8 67 E4 69 77 ..........#.g.iw
  3D 15 F0 E7 08 33 26 51 11 0C B6 15 C8 D3 73 E8 =....3&Q......s.
  6D 57 B5 FF E7 FF 44 BC C7 69 0A 4D 68 CB E0 77 mW....D..i.Mh..w
  43 B1 98 79 AC 5B EA EE F6 E1 AF 13 3A 1F D3 7B C..y.[......:..{
  86 A5 33 99 60 B3 6E 53 A0 03 01 00 01 00 ..3.`.nS......
  (281664 usec)
  <= 6A 86 j.
  Status: Incorrect parameters (P1,P2)
  jcshell: Error code: 6a86 (Incorrect parameters (P1,P2))
  jcshell: Wrong response APDU: 6A86
  Why the card return error code ? I think the P1 P2 is correct, according to the GP2.1.1?
  Thank you!

  It also can't input the RSA Public Key to the card, as follows:
  cm> /terminal "winscard:4|FT SCR2000 0"
  --Opening terminal
  /atrresetCard with timeout: 0 (ms)
  --Waiting for card...
  ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
  32 A7 2.
  ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
  /card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
  --Waiting for card...
  ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
  32 A7 2.
  ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
  => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
  (86180 usec)
  <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
  01 FF 90 00 ....
  Status: No Error
  cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
  cm> init-update 255
  => 80 50 00 00 08 80 29 78 6F 21 1B 34 89 00 .P....)xo!.4..
  (129908 usec)
  <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 00 93 73 ..c..&)..u.....s
  3A B8 2C 0F D2 4C 06 E2 50 66 7F D8 90 00 :.,..L..Pf....
  Status: No Error
  cm> ext-auth plain
  => 84 82 00 00 10 3E 88 4D 33 FD 7D A5 56 B6 90 84 .....>.M3.}.V...
  78 94 BD B3 7A x...z
  (97237 usec)
  <= 90 00 ..
  Status: No Error
  cm> card-info
  => 80 F2 80 00 02 4F 00 00 .....O..
  (60917 usec)
  <= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
  Status: No Error
  => 80 F2 40 00 02 4F 00 00 [email protected]..
  (41315 usec)
  <= 6A 88 j.
  Status: Reference data not found
  => 80 F2 10 00 02 4F 00 00 .....O..
  (73177 usec)
  <= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
  03 53 50 41 90 00 .SPA..
  Status: No Error
  Card Manager AID : A000000003000000
  Card Manager state : OP_READY
  Load File : LOADED (--------) A0000000035350 (Security Domain)
  Module : A000000003535041
  cm> install -b -s -i A000000003535041 A0000000035350 A000000003535041
  => 80 E6 0C 00 20 07 A0 00 00 00 03 53 50 08 A0 00 .... ......SP...
  00 00 03 53 50 41 08 A0 00 00 00 03 53 50 41 01 ...SPA......SPA.
  C0 02 C9 00 00 00 ......
  (227436 usec)
  <= 90 00 ..
  Status: No Error
  cm> ls
  => 80 F2 80 00 02 4F 00 00 .....O..
  (61204 usec)
  <= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
  Status: No Error
  => 80 F2 40 00 02 4F 00 00 [email protected]..
  (66302 usec)
  <= 08 A0 00 00 00 03 53 50 41 07 C0 90 00 ......SPA....
  Status: No Error
  => 80 F2 10 00 02 4F 00 00 .....O..
  (72365 usec)
  <= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
  03 53 50 41 90 00 .SPA..
  Status: No Error
  Card Manager AID : A000000003000000
  Card Manager state : OP_READY
  Sec. Domain: SELECTABLE (SV------) A000000003535041
  Load File : LOADED (--------) A0000000035350 (Security Domain)
  Module : A000000003535041
  cm> select A000000003535041
  => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
  (84625 usec)
  <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
  01 FF 90 00 ....
  Status: No Error
  cm> /card -a a000000003000000 -c com.ibm.jc.CardManager
  resetCard with timeout: 0 (ms)
  --Waiting for card...
  ATR=3B E9 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 32 ;....1.EJCOP41V2
  32 A7 2.
  ATR: T=1, N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V22"
  => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
  (83836 usec)
  <= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
  01 FF 90 00 ....
  Status: No Error
  cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
  cm> init-update 255
  => 80 50 00 00 08 FA 3B 98 E7 B4 60 A8 CC 00 .P....;...`...
  (128562 usec)
  <= 00 00 63 06 00 26 29 91 06 75 FF 02 00 01 26 F7 ..c..&)..u....&.
  25 4D B0 B9 D2 1D 18 99 F1 1F E8 25 90 00 %M.........%..
  Status: No Error
  cm> ext-auth plain
  => 84 82 00 00 10 C9 5D 27 4B C4 54 AC E5 D3 3C 8B ......]'K.T...<.
  5F 2D B5 6B 87 _-.k.
  (97825 usec)
  <= 90 00 ..
  Status: No Error
  cm> set-key 1/1/DES-ECB/505152535455565758595a5b5c5d5e5f 1/2/DES-ECB/505152535455565758595a5b5c5d5e5f 1/3/DES-ECB/505152535455565758595a5b5c5d5e5f
  cm> put-keyset 1
  => 80 D8 00 81 43 01 80 10 B3 6A 9E 82 2D 9E 8E 06 ....C....j..-...
  8F B9 52 EA CA 63 FA 6B 03 A4 B7 D6 80 10 B3 6A ..R..c.k.......j
  9E 82 2D 9E 8E 06 8F B9 52 EA CA 63 FA 6B 03 A4 ..-.....R..c.k..
  B7 D6 80 10 B3 6A 9E 82 2D 9E 8E 06 8F B9 52 EA .....j..-.....R.
  CA 63 FA 6B 03 A4 B7 D6 00 .c.k.....
  (263198 usec)
  <= 01 A4 B7 D6 A4 B7 D6 A4 B7 D6 90 00 ............
  Status: No Error
  cm> put-key 115/1/RSA-PUB/0301000180ad97a22fe7cb29accc3a0b68844f0cb11d057ed8c80c5a4db856138030c419d0a27556902a939152ce79376b1cd0955ce4303bf7560c95230714c583ff8a8f12f1cf23d867e469773d15f0e708332651110cb615c8d373e86d57b5ffe7ff44bcc7690a4d68cbe07743b19879ac5beaeef6e1af133a1fd37b86a5339960b36e53
  => 80 D8 00 01 88 73 A1 80 AD 97 A2 2F E7 CB 29 AC .....s...../..).
  CC 3A 0B 68 84 4F 0C B1 1D 05 7E D8 C8 0C 5A 4D .:.h.O....~...ZM
  B8 56 13 80 30 C4 19 D0 A2 75 56 90 2A 93 91 52 .V..0....uV.*..R
  CE 79 37 6B 1C D0 95 5C E4 30 3B F7 56 0C 95 23 .y7k...\.0;.V..#
  07 14 C5 83 FF 8A 8F 12 F1 CF 23 D8 67 E4 69 77 ..........#.g.iw
  3D 15 F0 E7 08 33 26 51 11 0C B6 15 C8 D3 73 E8 =....3&Q......s.
  6D 57 B5 FF E7 FF 44 BC C7 69 0A 4D 68 CB E0 77 mW....D..i.Mh..w
  43 B1 98 79 AC 5B EA EE F6 E1 AF 13 3A 1F D3 7B C..y.[......:..{
  86 A5 33 99 60 B3 6E 53 A0 03 01 00 01 00 ..3.`.nS......
  (251210 usec)
  <= 6A 80 j.
  Status: Wrong data
  Add new key set didn't work, try modify ...
  jcshell: Error code: -3 (Invalid API parameter)
  jcshell: Command failed: Invalid RSA public key
  Is it something wrong ?

• Self- Signed Certificate - Change RSA Public Key & Signature Algorithim

  Hi
  My 1801 router (IOS 15x) is using the original self signed certificate (1024) with an signature algorithm MD5. I would like to change the cert to a 2048 key length , with a hash of SHA1 or better but I'm unsure how to do this.
  Should I just generate new keys or would I be better creating a new self-signed cert?  What is the procedure & explicit commands (CLI) to do this?
  Many thanks in advance.
  Regards
  Bob

  Sure, the secure-server is the quickest and easiest method but you can create the new key, define the trustpoint manually and enroll the certificate that way.
  Below are the commands. (You can of course call the key, trustpoint, O and CN values whatever locally significant names make sense for you.)
  router(config)#crypto key generate rsa label router-rsa modulus 2048
  The name for the keys will be: router-rsa
  % The key modulus size is 2048 bits
  % Generating 2048 bit RSA keys, keys will be non-exportable...
  [OK] (elapsed time was 10 seconds)
  router(config)#
  router(config)#crypto pki trustpoint router-ca
  router(ca-trustpoint)#enrollment selfsigned
  router(ca-trustpoint)#subject-name O=Test,CN=www.router.com
  router(ca-trustpoint)#rsakeypair router-rsa
  router(config)#crypto pki enroll router-ca
  % Include the router serial number in the subject name? [yes/no]: no
  % Include an IP address in the subject name? [no]: no
  Generate Self Signed Router Certificate? [yes/no]: yes
  Router Self Signed Certificate successfully created
  router(config)#

• RSA public key & transient

  It is possible to initialize the session DES key as transient object:
  sessionKey = (DESKey)KeyBuilder.buildKey(
  KeyBuilder.TYPE_DES_TRANSIENT_DESELECT,
  KeyBuilder.LENGTH_DES3_2KEY,
  false);I need to initialize the RSApublic key as transient object as well. Let's assume that we are having enough space in RAM.
  Sincerely,
  Žagar Jelena

  I did not understand you completely. I am having this code fragement.
  Applet class variable:
  public RandomData randomData;
  public RSAPublicKey key;
  Applet constructor:
  randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
  cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
  key = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC,
                                CIAKey.RSA_KEY_LENGTH_2048, false);
  Applet method:
  public void method() {
  // DH class contains Diffie-Helman parameters: p, q and g.
  short exponentLength = (short) (dh.q.length - 2);
  randomData.generateData(buffer, (byte) 0, exponentLength);
  buffer[exponentLength - 1] |= 0x01; // Exponent must be odd - set LSB
  ((RSAPublicKey) key).setExponent(buffer, (short) 0, exponentLength);
  ((RSAPublicKey) key).setModulus(dh.p, (short) 0, (short) dh.p.length);
  cipher.init((RSAPublicKey) key, Cipher.MODE_ENCRYPT);
  }The code lines that bothers me are the next lines:
  ((RSAPublicKey) key).setExponent(buffer, (short) 0, exponentLength);
  ((RSAPublicKey) key).setModulus(dh.p, (short) 0, (short)Key is the applet instance variable that is located inside the EEPROM. These two methods setExponent and setModulus updates key object and therefore they are updating the ROM. I am in feer that I will stress the EEPROM.

• How to find modulus(n) and public key exponent(e)Sor

  I did the following code:
  import java.security.*;
  class keypair
  public static void main(String args[])
  try {
          KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
          keyGen.initialize(1024);
          KeyPair keypair = keyGen.genKeyPair();
          PrivateKey privateKey = keypair.getPrivate();
          PublicKey publicKey = keypair.getPublic();
          System.out.println(publicKey);
  catch (java.security.NoSuchAlgorithmException e) {
  }It produced the following output:
  E:\java>java keypair
  Sun RSA public key, 1024 bits
  modulus: 104598424699919432698042124865237006532583108525971624656815039032375
  *68185931249899603942873174007833898125332457427834491991685017307342129730049040*
  *85039266578793603162921901877391682504673766949037045217194339504369288262569809*
  *64618725280325930282787918761626276736975012559809247463223114702205350103039131*
  public exponent: 65537
  How to parse modulus(n) and public exponent(e) from this output?
  Similarly when i print private key, it produces the following output:
  E:\java>java keypair
  Sun RSA private CRT key, 1024 bits
  modulus:          124578817060208658480856678950235831207402457067036419284514
  *60119309486714863949162442643168408523979997168613499493638925829235693238993015*
  *36861462235708805467117179894466762970147852286192228334073408407380525883650965*
  *26200137024900438305422984852314541271126647102071346646999343089444655087519613*
  *147762713*
  public exponent:  65537
  private exponent: 938527844532658207604152892230342202756165450473898580852699
  *91069268853864683730106242370135012901790500054313488639918623825755509450966957*
  *25996151023641565209086629652161258725723528561744214714448113895688480371394495*
  *69970533766968335232379493089928062691491508442909468663624841001227918721233934*
  *90451285*
  prime p:          128112715803862066344339615342766575233634768887073748611821
  *70613165835421234259251719401979554816266892921739504796026180704477109334458578*
  *924582228715587*
  prime q:          972415706579323990162180646771186062588725555167352041581263
  *11833654947284058644791019214876691698044764118648637510099163830088827138987158*
  *06445271350899*
  prime exponent p: 102053075991522697645186596252261651077210381075096084960080
  *01572103324900452503753532555651687424478224695551102238145517644352533224205327*
  *850477437666141*
  prime exponent q: 668659136319899226645386130685620335239039277715133737489656
  *56694442226518700929665796129185316864860876985624927131126216000167126890435269*
  *81971346772483*
  crt coefficient:  337801534982286124613379128447816812903646302193598735486466
  *78634104811105616496519276355880320340688935923186965279527763125244878069735173*
  *60542121091569*
  E:\java>
  From this output how to parse n and d, where d is the secret exponent or decryption exponent? Thanks in advance. Apologies, for posting in this forum instead of cryptography forum.
  Edited by: sowndar on Nov 28, 2009 3:12 AM

  sowndar wrote:
  From this output how to parse n and d, where d is the secret exponent or decryption exponent? Why do you think you need to parse anything? Why do you need the modulus and exponents?
  P.S. Extract the public and private keys from the key pair, cast them to RSAPublicKey and RSAPrivateKey as appropriate then look at the methods of classes RSAPublicKey and RSAPrivateKey to see how to get modulus and exponents.

• How to store a RSA pair key in Java Key Store (jks) and VS

  Hi Everyone ,
  I have generated a RSA pair key . now I need to store my public key in a Java Key Store (.jks file) . and then I need to read this .jks file in another application and get this public key to use for verification .
  I'll appreciate it if anyone could help me with this matter with a sample code for import/export public key to/from a java key store file or any hints.
  Best Regards,
  Vivian

  I don't think this makes sense. How have you generated an RSA key pair and where is the result stored?

• Provision account key missing for condition type FRA1 in schema ZIMPOR

  Hi,
  While maintaining the condition value in PO, the below message displayed.
  "Provision account key missing for condition type FRA1 in schema ZIMPOR"
  Thanks and regards
  Murugesan

  Go to
  Spro>MM>Pur>Conditions>Define Price Determination Process>Define Calculation Schema
  here select ZIMP and click control data
  in that maintain "Account key" for FRA1 cond type in the Account key Column..
  (Second column from right side)

• [Solved] gpg --list-public-keys (removed duplicate - see my last post)

  I followed https://wiki.archlinux.org/index.php/GnuPG#Create_key and https://wiki.archlinux.org/index.php/Talk:Pacman-key, but I have ended up with my public key being listed twice. It's both first and last in the full list of public keys. Here is just mine:
  /home/colin% gpg --list-public-keys colin
  pub   4096R/0940E3F9 2014-11-18 [expires: 2015-11-18]
  uid       [ultimate] Colin Keenan <[email protected]>
  uid       [ultimate] [jpeg image of size 6283]
  sub   4096R/EDA19F9C 2014-11-18 [expires: 2015-11-18]
  pub   4096R/0940E3F9 2014-11-18 [expires: 2015-11-18]
  uid       [ultimate] Colin Keenan <[email protected]>
  uid       [ultimate] [jpeg image of size 6283]
  sub   4096R/EDA19F9C 2014-11-18 [expires: 2015-11-18]
  How do I remove just the 2nd entry so that my public key is only listed one time?
  I am afraid to start signing my packages (https://wiki.archlinux.org/index.php/De … ge_signing) before I fix this issue.
  Edit to add what I've tried so far:
  gpg -o colin.gpg --export colin            # to create a backup of my public key in a file called colin.gpg
  cp pubring.gpg pubring-backup.gpg   # in case I screw up pubring.gpg
  gpg --import colin.gpg                          # hoping it will magically merge the duplicate, but it left both unchanged
  gpg --delete-key colin                           # hoping it would delete both copies of the public key so I could import it again
  It refused to delete the public key until I delete the private key which I don't want to do.
  I also realized the export may have the duplicate as well. I tested that with:
  gpg colin.gpg
  And, sure enough, it listed my key twice.
  Another edit: I have tried a lot and exposed a bug that I will try to submit upstream. Here is what I have done:
  gpg --edit-key colin                              # this selected the first of the duplicate keys to be edited
  gpg> adduid
  Real name: Colin N Keenan
  Email address: [email protected]
  Comment:
  You selected this USER-ID:
      "Colin N Keenan <[email protected]>"
  Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
  You need a passphrase to unlock the secret key for
  user: "Colin Keenan <[email protected]>"
  4096-bit RSA key, ID 0940E3F9, created 2014-11-18
  pub  4096R/0940E3F9  created: 2014-11-18  expires: 2015-11-18  usage: SC 
                       trust: ultimate      validity: ultimate
  sub  4096R/EDA19F9C  created: 2014-11-18  expires: 2015-11-18  usage: E   
  [ultimate] (1)  Colin Keenan <[email protected]>
  [ultimate] (2)  [jpeg image of size 6283]
  [ unknown] (3). Colin N Keenan <[email protected]>
  gpg> save
  gpg --edit-key "Colin N Keenan"
  Secret key is available.
  pub  4096R/0940E3F9  created: 2014-11-18  expires: 2015-11-18  usage: SC 
                       trust: ultimate      validity: ultimate
  sub  4096R/EDA19F9C  created: 2014-11-18  expires: 2015-11-18  usage: E   
  [ultimate] (1). Colin N Keenan <[email protected]>
  [ultimate] (2)  Colin Keenan <[email protected]>
  [ultimate] (3)  [jpeg image of size 6283]
  gpg> 2
  pub  4096R/0940E3F9  created: 2014-11-18  expires: 2015-11-18  usage: SC 
                       trust: ultimate      validity: ultimate
  sub  4096R/EDA19F9C  created: 2014-11-18  expires: 2015-11-18  usage: E   
  [ultimate] (1). Colin N Keenan <[email protected]>
  [ultimate] (2)* Colin Keenan <[email protected]>
  [ultimate] (3)  [jpeg image of size 6283]
  gpg> deluid
  Really remove this user ID? (y/N) y
  pub  4096R/0940E3F9  created: 2014-11-18  expires: 2015-11-18  usage: SC 
                       trust: ultimate      validity: ultimate
  sub  4096R/EDA19F9C  created: 2014-11-18  expires: 2015-11-18  usage: E   
  [ultimate] (1). Colin N Keenan <[email protected]>
  [ultimate] (2)  [jpeg image of size 6283]
  gpg> quit
  Save changes? (y/N) y
  And now the bug:
  /home/colin% gpg --delete-key "Colin Keenan"
  gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.
  gpg: there is a secret key for public key "Colin Keenan"!
  gpg: use option "--delete-secret-keys" to delete it first.
  /home/colin% gpg --delete-secret-key "Colin Keenan"
  gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.
  gpg: key "Colin Keenan" not found: Unknown system error
  gpg: Colin Keenan: delete key failed: Unknown system error
  So, --delete-key fails because there is a secret key, and --delete-secret-key fails because it can't find the secret key!
  Last edited by colinkeenan (2014-11-19 16:26:31)

  I have solved the issue. Since I had made a backup of .gnupg while there was a duplicate of the public key for "Colin Keenan", I realized the secret key in the backup was also for "Colin Keenan", so I didn't want to delete that one. I should delete "Colin N Keenan" by deleting the secret and public key matching it, then copy the resulting public key file to the backup, then restore the backup. That solved the issue, as follows:
  gpg --delete-secret-key "Colin N Keenan"
  gpg --delete-key "Colin N Keenan"
  cp .gnupg/pubring.gpg .gnupg-backup
  rm -r .gnupg
  cp -r .gnupg-backup .gnupg
  Here is a full outline of the commands I ran to eliminate the duplicate public key, in case anyone else runs into this very unusual problem:
  cd                                     # just making sure I'm in home directory so don't have to type dreaded ~
  cp -r .gnupg .gnupg-backup
  gpg --edit-key colin
  gpg> adduid (added Colin N Keenan, original was Colin Keenan)
  gpg> save
  gpg --edit-key "Colin N Keenan"
  gpg> 2 (because "Colin Keenan" was the 2nd uid)
  gpg> deluid
  gpg> save
  gpg --delete-secret-key "Colin N Keenan"
  gpg --delete-key "Colin N Keenan"
  cp .gnupg/pubring.gpg .gnupg-backup
  rm -r .gnupg
  cp -r .gnupg-backup .gnupg
  Last edited by colinkeenan (2014-11-19 16:41:03)

• Solaris 9 LDAP client sun_ssh public key authentication

  I have directory server 6.0 up on solaris 9 system and I have a couple of solaris 9 system migrated to LDAP client. I need to configure ssh public key authentication on two Solaris 9 LDAP clients. However, I seem can't make it working. I have done 1) generate rsa public/private key pairs on one host 2) cat public key to the authorized_keys file on another host. I checked the permission on $HOME and $HOME/.ssh, they both set to 700. The file permission are also correct. But I still get prompt when ssh from one LDAP client to another. If I add my password/shadow entry back to local files, then public key authentication works. My /etc/pam.conf is set up according to the Sun documentation for LDAP client. In /etc/nsswitch.conf
  passwd: compat
  passwd_compat: ldap
  shadow: files ldap
  group: files ldap
  netgroup: ldap
  loginShell does exist for the user.and LDAP entry has objectClasses 'posixAccount' and 'shadowAccount'
  I have latest patch 112960 installed on all of LDAP clients.
  What am I missing here?
  Thanks,
  --xinhuan                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

  One more thing - I have latest patch 112960 installed on all of LDAP clients.
  --xinhuan                                                                                                                                                                               

• Unsupported control type: Volume

  Hi,
  I have a problem. I want to set the volume for my Audio player, but it won't work. I'm getting the exception: Unsupported control type: Volumein this Line:
  gain = (FloatControl)line.getControl(FloatControl.Type.VOLUME);
  import javax.sound.sampled.AudioFormat;
  import javax.sound.sampled.AudioInputStream;
  import javax.sound.sampled.AudioSystem;
  import javax.sound.sampled.DataLine;
  import javax.sound.sampled.FloatControl;
  import javax.sound.sampled.SourceDataLine;
  public class Player extends Thread{
       static boolean weiter;
       private AudioInputStream in = null;
       private SourceDataLine line = null;
       static Thread player = new Thread();
       static FloatControl gainControl;
       FloatControl gain;
       public Player(AudioInputStream aui){      
            weiter = true;
       try{     
            in = aui;
       }catch (Exception d){
       AudioFormat format = in.getFormat();
       DataLine.Info info = new DataLine.Info(SourceDataLine.class,format);
       try {
            line = (SourceDataLine)AudioSystem.getLine(info);
            line.open(format);
            System.out.println("Lautst�rke : "+ gainControl);
            }catch (Exception e) {
            System.exit(-2);
       public void stopPlaying(){
            if(player!= null){
                 player.interrupt();
            weiter = false;
            line.close();
       public void pause(){
            line.stop();
       public void resumeSound(){
            line.start();
       public void run(){
            startPlaying();
       public void startPlaying(){
            System.out.println("Thread start");
            while(weiter){
            int readBytes =0;
            byte[] data = new byte[20000];
            line.start();
            line.getControls();
            gain = (FloatControl)line.getControl(FloatControl.Type.VOLUME);
            gain.setValue(3f);
            do{
                 try {
                 readBytes = in.read(data,0,data.length);
            }catch (Exception e){
                 //MainClass.logger.error(e.getMessage());
                 System.exit(-3);
            if (readBytes!=-1) line.write(data, 0, readBytes);
            } while (readBytes != -1);
  }I hope you can help!
  Thanks a lot!

  Hi,
  I got the same trouble and used MASTER_GAIN control.
  I can't understand why the VOLUME control does NOT work in this case. Does someone knows?
  Moreover I have several line of this type and can't synchronize them (Exception tells that my mixer does NOT support synchronization).
  I think that this is related to the same trouble.
  Thanks for your help,
  Regards,
  Syl