RSA key generation on JCOP31 v2.4.1 times out

Similar Messages

• On-board RSA key generation on Cyberflex Access 64K V2 / Memory leak?

  The description of the Cyberflex Access 64K V2 card states that "On-board key generation RSA up to 2048 bit" (http://www.youcard.de/datenblaetter/chipkarten/DS%20Cyberflex_Access.pdf). So I assume that this implicates that it should somehow be able to instantiate a KeyPair object on which genKeyPair() can be called.
  When I first tried to instantiate an Object either by using KeyBuilder.buildKey or KeyPair I just received an 0x6F00 error. After removing all of the other objects that were also instantiated I was able to create one Key object using KeyBuilder (RSAPrivateKey or RSAPublicKey). However, as soon as I tried to instantiate two Key objects at the same time I just received the 0x6F00 error again.
  I create these objects by using:
  private static RSAPublicKey pubKey;
  private static RSAPrivateCrtKey privKey;
  protected Foo() {
      pubKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_1024, true);
      privKey = (RSAPrivateCrtKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_CRT_PRIVATE, KeyBuilder.LENGTH_RSA_1024, true);
      register();
  }So it seems that there is not enough free (EEPROM) memory for both objects. Is this a known problem with the Cyberflex cards? Is there some workaround? Could it be possible that some former test-applets that I've used (and already deleted) on the card leaked some memory that is missing now?

  I think that I've just found the problem. The value of "-nvDataLimit" in the install APDU that I've sent via gpshell was too low. It seems to work with a higher value.

• Pleasse Help Me (RSA Key Generation Problem)

  Hi All,
  The following code throws an exception called "java.lang.NoClassDefFoundError: java/security/SecureRandom: Cannot create class in system package"
  private void generateRSAKeyPair() throws Exception
            try
                 System.out.println("Inside try");
                 SecureRandom theSecureRandom = new SecureRandom();
                 BigInteger thePublicExponent = new BigInteger("10001", 16);
                 RSAKeyGenerationParameters theRSAKeyGenParam =
                 new RSAKeyGenerationParameters(thePublicExponent, theSecureRandom, 1024, 80);
                 RSAKeyPairGenerator theRSAKeyPairGen = new RSAKeyPairGenerator();
                 theRSAKeyPairGen.init(theRSAKeyGenParam);
                 AsymmetricCipherKeyPair theKeyPair = theRSAKeyPairGen.generateKeyPair();
                 _RSAPrivateKey = (RSAPrivateCrtKeyParameters) theKeyPair.getPrivate();
                 _RSAPublicKey = (RSAKeyParameters) theKeyPair.getPublic();
            catch (Exception e)
                 e.printStackTrace();
  Please tell me the reason

  Too many variables - memory, CPU, architecture, do you have hardware crypto, etc. etc. etc.. But it's quite expensive to generate RSA keypairs, your numbers look "reasonable" (given that I know nothing about the hardware you're running them on) to me.
  Grant

• RSA key and block size

  Let's say that I have an RSA key pair that has been generated in a keystore using the keytool utility.
  I am now accessing this key pair through some java code (using the Keystore class) and I want to encrypt/decrypt data using this public/private key.
  In order to encrypt/decrypt arbitray length data, I need to know the maximum block size that I can encrypt/decrypt.
  Based upon my experiment, this block size seems to be the size of the key divided by 8 and minus 11.
  But how can I determine all that programatically when the only thing that I have is the keystore?
  I did not find a way to figure out the size of the key from the keystore (unless it can be computed from the RSA exponent or modulus, but this is where my knowledged of RSA keys stops) and I did not find a way to figure out where this "magic" number 11 is coming from.
  I can always encrypt 1 byte of data and look at the size of the result. This will give me the blocksize and the key size by multiplying it by 8. But it means that I always need the public key around to compute this size (I cannot do it if I have only the private key).
  And this is not helping much on the number 11 side.
  Am I missing something obvious?
  Thanks.

  It is probably a bug. A naive implementation of RSA key generation that would exhibit this bug would work as follows (I'm ignoring the encrypt and decrypt exponents intentionally):
  input: an rsa modulus bit size k, k is even:
  output: the rsa modulus n.
  k is even, so let k=2*l
  step1: generate an l bit prime p, 2^l(-1) < p < 2^l
  step2: generate another l bit prime q, 2^l(-1) < q < 2^l
  step3: output n = p*q
  Now the above might seem reasonable, but when you multiply the inequalities you get
  2^(2*l -2) < n < 2^(2l)
  That lower bound means that n can be 1 bit smaller than you expect.. The correct smallest lower bound for generating the primes p and q is (2^l) / sqrt(2), rounded up to the nearest integer.
  I'll bet the IBM code implements something like the first algorithm.

• Generating RSA keys based on p, q, and public exponent

  Hi,
  The problem is the following. I need to generate an RSA key pair on the card based on pre-defined P, Q and public exponent. The KeyPair specs syas that if the public exponent is pre-initialized it will be retained. All other values are overwritten though (I checked with a test applet on jcop41). So two questions:
  1. Do you know of any card that can also retain p and q and generate (calculate) dp, dq, pq, and public modulus. This is contrary to the specification so I doubt there would be any, but it is always good to ask.
  2. Do any of you have a Java code that would do this (ie. calculate the missing key components) that can be run on Java Card, ie. does not use BigInteger or similar classes.
  Cheers,
  Woj

  That is exactly the point I was trying to make, I actually forgot about this thread, because the problem at hand went on the shelf for the moment. To reformulate:
  1. I have only certain parts of the RSA key, but enough parts to determine a valid private/public key pair.
  2. Now I want to generate the missing parts on the card. The JC API requires all the parts to be supplied, it is not possible to provide only partial (but determining the whole key) key information. The KeyPair class can only retain the public exponent during key generation, but not the other parts (according to the specs and my own tests).
  3. My wild guess is that it would probably be doable without too much hassle with host JCE, but it's not an option for me, it has to be done on the card.
  4. I could try to write my own Java Card code that would do this based on, say, openssl implementation, but now I am too lazy, so that's why I asked if somebody possibly has the code that does this.
  Cheers,
  Woj

• Key Generation in console

  Hi Folks,
  I have defined key generation in console .I need some information in key generation such as ,if i define None ,range and Qualifed Range.
  Where it effect and what are significance of it.
  Secondaly., We create clone in Import manager and then we do mapping to remote key to the clone of the main table. I am looking for the business significance and techanical signifiance of it.
  Thanks in advance,
  Rohit

  Hi Rohit,
  If you choose
  NONE: - Then remote key will not be generated automatically and has to be applied explicitly either using import manager or in data manager.
  RANGE: - Here we can specify a range using TO and FROM. This generates the key automatically for that client between that range.
  Qualified range: - Here we specify a range for a qualified table for key generation.
  Keys are generated on a per value basis i.e. MDM automatically generates keys for the specified single-valued lookup field based on values you specify
  using the Range property. You can specify Qualified Range values by selecting the
  single-valued lookup field from the drop-down list and specifying From
  and To values for each lookup table value.
  Let me know if this helped your cause.
  BR,
  Siddharth

• Key Generation, doesnt work

  Hi, every body
  I want to generate new Material Number automatically for new Materials
  I have done the following steps
  - I have set Key Mapping to YES in Products main table
  - In the remote systems I added a new remote system called SAP_ECC
  - In this remote system I set the Key Generation to Qualified Range and set the Look Field to Material Type, also fill the Qualified Range to something like this
    [NULL]  9990000001 to 9999999999
    ZHOR   9010000001 to 9019999999
    ZVER   9020000001 to 9029999999
    ZHIB    9030000001 to 9039999999
  - In the syndicator I configured a port called TO_ECC to work with SAP_ECC remote system
  - Mapped the [Remote Key]/[Value] to MATNR field in iDOC MATMAS05
  In the Preview pane I only see Material Numbers (MATNR) which I have manually edited    its mapping value. Material Numbers are empty for new Materials.
  Please tell me. What I'm missing?

  Hi Rafael
  In my experience with Key Generation, the keys are only created for the remote system  once a Syndication job has actually processed the record. I'd guess that this is so in order to minimise the amount of work done by the MDM Server and to avoid "wasting" keys.
  To see that it does work : execute the Syndication job then refresh the Record view (press F5) in the Syndicator. The Destination Preview tab should now contain the newly generated key.
  HTH,
  Mark

• Key generation in Remote Systems.

  Hi,
     When we are creating a remote Sytem we have a filed called Key Generation , where we can specify the from , to Range.
  Can any one provide me the business scenario where this key generation is used?
            I have an idea about key mapping which is used to differentiate filed values which are different in connected remote systems.
  regards,
  Venki.

  Hi Venki,
  The key generation is a very useful concept.
  For Key Generation = Range, From=100, To= 200:
  You need to map the Remote key to MDM_Material field during syndication in which you want to maintain the value.
  So the first time you syndicate data, 100 will be assigned to the MDM_Material field for the syndicated record.. so on..
  It gets updated to your field only after syndication and you can see it on edit key mapping against the record.
  For Key Generation with Qualified range:
  You need to select the lookup table, based on whose values you want value to be maintained in MDM_Material.
  And for each value in the lookup field, you can select the range.
  Example: Assigning Material number based on Account Groups.
  Hope it help.
  Thanks,
  Priti
  Edited by: Priti Rani Patnaik on Apr 7, 2010 10:23 AM

• Save and load public/private RSA key on file

  hi
  i'm triyng to save and load an RSA key to a file
  i generate the keys:
          KeyPairGenerator generator=null;
          KeyPair coppia=null;
          PrivateKey c_privata=null;
          PublicKey c_pubblica=null;
              generator=KeyPairGenerator.getInstance("RSA");
              //imposto la dimensione
              generator.initialize(1024);
              //genero le 2 chiavi
              coppia=generator.genKeyPair();
              //imposto la privata
              c_privata=coppia.getPrivate();
              //imposo la pubblica
              c_pubblica=coppia.getPublic();
  //i save the key
          FileOutputStream file = new FileOutputStream("key");
          file.write(c_pubblica.getEncoded());
          file.close();and then i use another program that imports the key:
     Key chiave=null;
     FileInputStream file=new FileInputStream("key");
     byte[]byte_chiave=new byte[162];
               X509EncodedKeySpec chiave_spec = new X509EncodedKeySpec(byte_chiave);
              KeyFactory keyFactory = KeyFactory.getInstance("RSA");
              chiave = keyFactory.generatePublic(chiave_spec);but when i try to reload he key i get:
  java.security.InvalidKeyException: IOException : DER input, Integer tag error
  where am i wrong?
  thanks

  sorry...
  this is the correct code:
          Key chiave=null;
          FileInputStream file=new FileInputStream(path);
          byte[]byte_chiave=new byte[file.available()];
          System.out.println("leggo: "+file.read(byte_chiave));
          X509EncodedKeySpec chiave_spec = new X509EncodedKeySpec(byte_chiave);
          KeyFactory keyFactory = KeyFactory.getInstance("RSA");
          chiave = keyFactory.generatePublic(chiave_spec);

• How  to use the RSA  key files generated by Crypto++ in java

  Hi - Good day to all :)
  I have two RSA key files(private key file and public key file) generated by Crypto++ 5.2.1:
  code here:
  void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed)
       RandomPool randPool;
       randPool.Put((byte *)seed, strlen(seed));
       RSAES_OAEP_SHA_Decryptor priv(randPool, keyLength);
       HexEncoder privFile(new FileSink(privFilename));
       priv.DEREncode(privFile);
       privFile.MessageEnd();
       RSAES_OAEP_SHA_Encryptor pub(priv);
       HexEncoder pubFile(new FileSink(pubFilename));
       pub.DEREncode(pubFile);
       pubFile.MessageEnd();
  }generated private key is:
  30820273020100300D06092A864886F70D01010105000482025D3082025902010002818100E19891D888651221AF315B369873F01910D097F554723EE8748FA230F2B954EBEFC57CB402DD03333BA9514AB5256EF92BE714C710D166A1D86CB7A11EFB4499506826AB873F5036B92F07BBB3ABB8F562646DE6E11031C46542633605FDE4A31E0E0A8651B4BC7743C18266D664E59E713D7595ED3D3B6C2F94C6072E276171020111028180425A0CC7372CC918F74AC07978221970C8B5D25736F46CDAF51B2FB40B27735473B28E16D3AA6A5A5CD7724326382FB2B28F4258AA97F1026CD4AE7AAEC25F77D54DF69BB3979E2893EBB071DA5752871BC8C60F9B5546C466F3103884D6B67FADCD51B17899991989507CB16F45DD76EC0DEDA1BD979ED1A101179F9687E9E5024100FFCAAEF814F12DCBDF20D4CFDD5007738DAAE45AE7EC2FD8E23A9EFCA85FADCAF61B03BFEA6FE6023E78700F804C4C275375A85BC367FE39D5FB2E0F0A4555F7024100E1C797A20FB108ADAFECDB025665FF500FDBB4F0829BAAE95833C046005DCA593F6C2437CD3A9AB7CC04372F422B0EE2C7FED87AA53821366962AE0CBDAD89D702402D23C48621D035421851167F08F00150A08791B5B074F96282469486F0895AE794D7973FFC31DD4BB0ABD78A43D13A9D8732E1799AF43BEC16B3DAF3986696B30240351FE7716D1A98A156921569F6361DF4B86FEE56B551CDDC8D395A6AD2E8E4513C1971EF031CD91C3000FDED00829A173E1DD895540D34FDBE71925D59CE7AC9024014A4347A1E7408FBB0A9AE5064FA58CAF2BCA5C00B8082A46EECABFA5CBF61364FEE81E2C049F399A2F601C802DD54A6D9340FABE62D6D1F913026C8B3764AFEI use this key in java
  BufferedInputStream input=new BufferedInputStream(new FileInputStream("privateKey"));
            int size= input.available();
            byte[]buffer=new byte[size];
            input.read(buffer);
  X509EncodedKeySpec lX509EncodedKeySpec = new X509EncodedKeySpec(buffer);
            PrivateKey lPrivateKey = KeyFactory.getInstance("RSA").generatePrivate(lX509EncodedKeySpec);there is a exception,at generatePrivate() method
  at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:294)
       at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:171)
       at java.security.KeyFactory.generatePrivate(KeyFactory.java:322)
       at test.Main.main(Main.java:27)any body can help me?

  X509 is for public keys, not private keys. You need PKCS8 using PKCS8EncodedKeySpec on the hex decoded private key string.
  Your method for reading the private key from the file is flawed. The method available() does not guarantee to give you the file length. This is easy to prove since files can be longer than Integer.MAX_VALUE and available() returns an 'int'. To get the file length use File.length() which returns a 'long'. Also, reading from an InputStream using
  input.read(buffer); does not guarantee to read all the bytes. For that you need to use something like DataInputStream.readFully().

• Primary key generation: Using CounterHome?

  I can't find any documentation that talks about automatic primary key generation support on OC4J. I noticed the article on the Orion Support page that mentions their "Counter" bean. Is this the extent of support for automatic primary key generation in OC4J? When I searched for this class in the distribution, I only found it in a demo application in JDeveloper.
  Is this something that is handled directly in the Oracle DB, which is why OC4J doesn't bother to support it?

  Sorry I wasn't specific. By "going nowhere", I meant it went to an error page on the orion site. I don't know why it couldn't find it, because when I just now searched for the article with the title you just gave, the resulting URL was identical to what you gave me originally.
  As to the "counter faq", I think I've seen that before, but I can't get to it right now (server overloaded or something). The one problem I remember with trying to pursue the "counter" solution was somewhat simple. I couldn't find the code. I didn't notice a download for the "Counter" class, and I can't find it in either the jdeveloper or oc4j distributions.
  In any case, I ended up implementing the UUID solution, based on Floyd Marinescu's example in "EJB Design Patterns". I think this will work fine for our application.
  I'd still like to know more about Orion's "Counter" solution, if there's any real code available to see.

• Primary key generation

  How do use primary keys generated by database within entity bean?

  DBMS primary key generation uses a set of deployment descriptors that
  are specified at compile time to generate container code which is used
  in conjunction with a supported database to provide key generation
  support. Specify the name of the supported DBMS and the generator name,
  if required by the database. Generated primary key support for Oracle
  databases use Oracle's SEQUENCE. Once the SEQUENCE already exists in the
  database, you specify automatic key generation in the XML deployment
  descriptors. In the weblogic-cmp-rdbms-jar.xml file
  <automatic-key-generation>
  <generator-type>ORACLE</generator-type>
  <generator_name>test_sequence</generator-name>
  <key-cache-size>10</key-cache-size>
  </automatic-key-generator>
  You need to specify the name of the ORACLE SEQUENCE to be used in the
  generator-name element. If the ORACLE SEQUENCE was created with an
  INCREMENT value, then you must specify a key-cache-size. This value must
  match the Oracle SEQUENCE INCREMENT value.
  Owen wrote:
  How do use primary keys generated by database within entity bean?

• ADF BC Primary key generation with SQL Server DB

  Hi,
  I am using ADF 11.1.1.6 to develop a small application that will do some very basic CRUD operations on a SQL Server DB.
  I read through http://www.oracle.com/technetwork/developer-tools/jdev/multidatabaseapp-085183.html before I'm starting to implement the Entity objects.
  This document describes a way to do primary key generation using a table created in the DB and instructs to create an application connection to the Database :
  +2. Create a Connection to the Table+
  In your application, create a database connection named ROWIDAM_DB that points to the database containing your S_ROW_ID table. Alternatively, edit your BC project's properties and add the following Java option to the project's run configuration:
  -Djbo.rowid_am_conn_name= appconnection
  where appconnection is the name of a database connection that points to the S_ROW_ID table.
  My question is how do we do this when we mve to a production environment ?
  Also I'll be interested to hear if anyone has any pointers for developing ADF apps with SQL Server. (gotchas, performance pitfalls etc. )
  -Jeevan
  Upadte : This is SQL Server 2005
  Edited by: Jeevan Joseph on May 2, 2012 9:04 AM

  my apologies to everyone ... This should have been very simple. I just need to provide the config in my AM configuration(bc4j.xml)
  jbo.rowid_am_conn_name* should be set to the connection name you create. For production deployments, theres a similar
  jbo.rowid_am_datasource_name* that should work just fine (though I havent tried if it has any hiccups).
  I'd like to point out one thing though, for whoever might stumble upon this thread and find it useful later on...
  After I did the steps above, everything seemed to work when I tested the app from the AM tester. But when I built a UI for it in ADF Faces, I started getting an exception on Create/CreateInsert :
  java.lang.ClassCastException: com.microsoft.sqlserver.jdbc.SQLServerConnection cannot be cast to oracle.jdbc.OracleConnection
       at oracle.jbo.server.OracleSQLBuilderImpl.setSessionTimeZone(OracleSQLBuilderImpl.java:5533)
       at oracle.jbo.server.DBTransactionImpl.refreshConnectionMetadata(DBTransactionImpl.java:5311)
       at oracle.jbo.server.DBTransactionImpl.initTransaction(DBTransactionImpl.java:1194)
       at oracle.jbo.server.DBTransactionImpl.initTxn(DBTransactionImpl.java:6826)
       at oracle.jbo.server.DBTransactionImpl2.connect(DBTransactionImpl2.java:136)
       at oracle.jbo.common.ampool.DefaultConnectionStrategy.connect(DefaultConnectionStrategy.java:213)The trouble is that the ADF Faces adf-config.xml overrides the AM configuration. Oracle is the default, and it overrides the SQL flavor I set when initializing the Model project.
  This was not mentioned in the original document probably because ADF faces was out of scope for that document.
  I also found this thread extremely useful, and its what reminded me of the ADF Faces AM config overrides : Re: Locking mode 'optupdate' with SQL92
  Cheers !
  Jeevan

• Can someone help me? Why i can not build RSA key pair

  i download the java_card_kit-2_2_01-win-gl.zip from sun's web site
  and i use the keypair class to build a RSA key pair
  but it always throws NO_SUCH_ALGORITHM excption.
  how can i build a key pair

  This has been covered a million times. There isn't any crypto implementation with Sun's kit. This is mentioned in the documentation.

• Problem with automatic key generation

  Hi,
  I'm getting an exception when creating entity EJB's that use automatic primary key
  generation (I'm using MS SQL Server as the db). The data is being inserted correctly
  onto the database (including the auto generated key), but the auto generated primary
  key field in the EJB is being set to zero rather than the correct value. This causes
  a NoSuchEntityException.
  The db table has an identity set on the auto generated field, but this field is not
  the primary key.
  Does anyone have an idea as to what the problem is?
  thanks,
  Andy

  Make sure you are using a TX DataSource
  "Andy Pearson" <[email protected]> wrote in message
  news:3ccead40$[email protected]..
  >
  Hi,
  I'm getting an exception when creating entity EJB's that use automaticprimary key
  generation (I'm using MS SQL Server as the db). The data is being insertedcorrectly
  onto the database (including the auto generated key), but the autogenerated primary
  key field in the EJB is being set to zero rather than the correct value.This causes
  a NoSuchEntityException.
  The db table has an identity set on the auto generated field, but thisfield is not
  the primary key.
  Does anyone have an idea as to what the problem is?
  thanks,
  Andy