It's our great honour to announce the Industry’s First VHBR CCID reader - VHBR Dual interface smart card reader vR504. It is able to support the world’s fastest ePassports.

To celebrate the new product release, there is Special Discount for New Registered Members in our store.
- Get $20.00 OFF instantly for smart card reader vR504, R502 and bR301

Come to get the readers now!

Export encrypted private key

JavaCard Applet Development Related Questions and Answers.
nikonai
Posts: 16
Joined: Mon Feb 22, 2016 4:37 am
Points: 163
Contact:

Export encrypted private key

Postby nikonai » Thu Sep 07, 2017 10:44 pm

My Java App creates a RSA-keypair. I send the public key to the card. The card generated 1 keypair before, too. Now the card sets another keypairs public key to the sent parameters, so that the card now can encrypt something for the offcard private key.

Now I try to encrypt the parameters of the cards' private key (p, q, mod p,....). And here I get the error. The export of the private key parameters to the offcard application works fine, only when I try to encrypt the parameters on the card before, I get errors. I think it fails when I try to call the encrypt function on the card.

Code: Select all

private void exportPrivateKey(APDU apdu)
     {         
          byte[] baAPDUBuffer = apdu.getBuffer();
          short sLc = (short)(baAPDUBuffer[ISO7816.OFFSET_LC] & 0x00FF);
          byte    P2 = (byte)(baAPDUBuffer[ISO7816.OFFSET_P2] & 0xFF);
              switch (P2)     {
          case 0x00: // Get Prime P
               baAPDUBuffer[0] = (byte)(PrivateRSAKey1024).getP(baAPDUBuffer, (short)1);
               try
               {
                    encrypt(apdu, (short)((baAPDUBuffer[0]& 0xFF) + 1));
               }
               catch (Exception ex)
               {
                    ISOException.throwIt((short) 0xbbb3);
               }



Code: Select all

private void encrypt(APDU apdu, short dataToEncrypt)
     {
          try
     {
               data = new byte[ (short) 0x40];
               cipher.init(publicExportKey, Cipher.MODE_ENCRYPT);
               short outbytes;
               outbytes = cipher.doFinal(bytesValue(dataToEncrypt),(short)2, (short) 0x40, data, (short)0);
               apdu.setOutgoing();
               apdu.setOutgoingLength(outbytes);
               apdu.sendBytesLong(data, (short)ISO7816.OFFSET_CDATA, (short)outbytes);
          }
                    catch (Exception ex)
          {
               ISOException.throwIt((short) 0xbbb7);
          }
     }


User avatar
mabel
Posts: 219
Joined: Mon May 18, 2015 3:09 am
Points: 1541
Contact:

Re: Export encrypted private key

Postby mabel » Fri Sep 08, 2017 5:45 am

It is probably a CryptoException where can retrieve the reason code.

nikonai
Posts: 16
Joined: Mon Feb 22, 2016 4:37 am
Points: 163
Contact:

Re: Export encrypted private key

Postby nikonai » Fri Sep 08, 2017 5:53 am

I changed my encrypt method to this:

Code: Select all

private void encrypt(APDU apdu, byte[] dataToEncrypt, short len)
{
  try
  {
    short outbytes;
    byte[] apduBuffer = apdu.getBuffer();
    outbytes = cipher.doFinal(dataToEncrypt,(short)0, len, apduBuffer, (short)0);
    apdu.setOutgoing();
    apdu.setOutgoingLength(outbytes);
    apdu.sendBytesLong(apduBuffer, (short)0, (short)outbytes);
  }
  catch(CryptoException ce)
          {
               if (ce.getReason() == CryptoException.UNINITIALIZED_KEY)
                    ISOException.throwIt((short)0xbbb0);
                    else if (ce.getReason() == CryptoException.INVALID_INIT)
                         ISOException.throwIt((short)0xbbb1);
                    else if (ce.getReason() == CryptoException.ILLEGAL_USE)
                         ISOException.throwIt((short)0xbbb2);
                    else if (ce.getReason() == CryptoException.NO_SUCH_ALGORITHM)
                         ISOException.throwIt((short)0xbbb3);
                    //else
                    //     ISOException.throwIt((short)lineNum);
          }}



The error happens in

Code: Select all

 outbytes = cipher.doFinal(dataToEncrypt,(short)0, len, apduBuffer, (short)0);

it says "Invalid_Init". Perhaps something is wrong with my cipher. In my constructor:

Code: Select all

cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false );

Or do I need to set the second parameter "true" ?


Return to “Questions & Answers”

Who is online

Users browsing this forum: No registered users and 2 guests

JavaCard OS : Disclaimer