Excited to tell you that our welfare activity has been upgraded - Paying only $5.00 + Freight to get JCOP J3H145 card and A40CR card.
Please check this post for more details.

Moreover, if you want to get Free Samples by Paying Freight only , please check this page.

Export encrypted private key

JavaCard Applet Development Related Questions and Answers.
nikonai
Posts: 16
Joined: Mon Feb 22, 2016 4:37 am
Points :163
Contact:

Export encrypted private key

Post by nikonai » Thu Sep 07, 2017 10:44 pm

My Java App creates a RSA-keypair. I send the public key to the card. The card generated 1 keypair before, too. Now the card sets another keypairs public key to the sent parameters, so that the card now can encrypt something for the offcard private key.

Now I try to encrypt the parameters of the cards' private key (p, q, mod p,....). And here I get the error. The export of the private key parameters to the offcard application works fine, only when I try to encrypt the parameters on the card before, I get errors. I think it fails when I try to call the encrypt function on the card.

Code: Select all

private void exportPrivateKey(APDU apdu)
     {         
          byte[] baAPDUBuffer = apdu.getBuffer();
          short sLc = (short)(baAPDUBuffer[ISO7816.OFFSET_LC] & 0x00FF);
          byte    P2 = (byte)(baAPDUBuffer[ISO7816.OFFSET_P2] & 0xFF);
              switch (P2)     {
          case 0x00: // Get Prime P
               baAPDUBuffer[0] = (byte)(PrivateRSAKey1024).getP(baAPDUBuffer, (short)1);
               try
               {
                    encrypt(apdu, (short)((baAPDUBuffer[0]& 0xFF) + 1));
               }
               catch (Exception ex)
               {
                    ISOException.throwIt((short) 0xbbb3);
               }



Code: Select all

private void encrypt(APDU apdu, short dataToEncrypt)
     {
          try
     {
               data = new byte[ (short) 0x40];
               cipher.init(publicExportKey, Cipher.MODE_ENCRYPT);
               short outbytes;
               outbytes = cipher.doFinal(bytesValue(dataToEncrypt),(short)2, (short) 0x40, data, (short)0);
               apdu.setOutgoing();
               apdu.setOutgoingLength(outbytes);
               apdu.sendBytesLong(data, (short)ISO7816.OFFSET_CDATA, (short)outbytes);
          }
                    catch (Exception ex)
          {
               ISOException.throwIt((short) 0xbbb7);
          }
     }


User avatar
mabel
Posts: 234
Joined: Mon May 18, 2015 3:09 am
Points :1655
Contact:

Re: Export encrypted private key

Post by mabel » Fri Sep 08, 2017 5:45 am

It is probably a CryptoException where can retrieve the reason code.

nikonai
Posts: 16
Joined: Mon Feb 22, 2016 4:37 am
Points :163
Contact:

Re: Export encrypted private key

Post by nikonai » Fri Sep 08, 2017 5:53 am

I changed my encrypt method to this:

Code: Select all

private void encrypt(APDU apdu, byte[] dataToEncrypt, short len)
{
  try
  {
    short outbytes;
    byte[] apduBuffer = apdu.getBuffer();
    outbytes = cipher.doFinal(dataToEncrypt,(short)0, len, apduBuffer, (short)0);
    apdu.setOutgoing();
    apdu.setOutgoingLength(outbytes);
    apdu.sendBytesLong(apduBuffer, (short)0, (short)outbytes);
  }
  catch(CryptoException ce)
          {
               if (ce.getReason() == CryptoException.UNINITIALIZED_KEY)
                    ISOException.throwIt((short)0xbbb0);
                    else if (ce.getReason() == CryptoException.INVALID_INIT)
                         ISOException.throwIt((short)0xbbb1);
                    else if (ce.getReason() == CryptoException.ILLEGAL_USE)
                         ISOException.throwIt((short)0xbbb2);
                    else if (ce.getReason() == CryptoException.NO_SUCH_ALGORITHM)
                         ISOException.throwIt((short)0xbbb3);
                    //else
                    //     ISOException.throwIt((short)lineNum);
          }}



The error happens in

Code: Select all

 outbytes = cipher.doFinal(dataToEncrypt,(short)0, len, apduBuffer, (short)0);

it says "Invalid_Init". Perhaps something is wrong with my cipher. In my constructor:

Code: Select all

cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false );

Or do I need to set the second parameter "true" ?

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: Baidu [Spider] and 5 guests

JavaCard OS : Disclaimer