aspose file tools*
The moose likes Security and the fly likes RSA key retrieval from String representation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "RSA key retrieval from String representation" Watch "RSA key retrieval from String representation" New topic
Author

RSA key retrieval from String representation

Anuradha Karunamuni
Ranch Hand

Joined: Dec 08, 2007
Posts: 64
Hi,
I have the requirement of sending an object, more specifically a RSA PublicKey and a PrivateKey to a mobile device when the J2ME application is being downloaded to the mobile device.
I initially thought of serializing the objects in to a file and sending it, but unfortunately J2ME does not support serialization so that I cannot de-serialize the object on the mobile device.

I can convert the key to their String representations and send them, but I want the exact PublicKey and PrivateKey objects for the rest of the tasks.

What I want to know is that, is there any possibility for me to retrieve the RSA keys from their String representation. Or is it possible to break down a key in to a set of attributes and then form the object again using those attributes.

Thanks in advance.


"Simplicity is the ultimate sophistication..." ~Leonardo da Vinci~
SCJP 1.4
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42285
    
  64
I'm not sure what you mean by "string representation" of a key, but a common way to do this would be to use base-64 encoding. That has a low computation overhead so it should be easily reversible on the mobile device.


Ping & DNS - my free Android networking tools app
Anuradha Karunamuni
Ranch Hand

Joined: Dec 08, 2007
Posts: 64
For an example, when I call the toString() method on the PrivateKey and PublicKey objects, I get an output similar to the following;

----------------------------------------------------------------------------
Private key :

Sun RSA private CRT key, 1024 bits

modulus: 92668814846214894704006090956359588930552488785651855629727668981541851340521421617344301038679403786409554221621291537561738029052438789569305384050462388902381013256842501359697320447285681807543339499188132857082349271596382710378928847448455998466852006349872009503310771899860207013659270056066522427783

public exponent: 65537

private exponent: 89963847533081716597459199093755016038535049613169868358115159547761092965642841890564319533773874094122731858285137445806613368943228489976005702959040203259503512582450540855659693230009341520437277845240005125831755906085603103141584797968074987786916130918013509361792167484370191290765997455783711205313

prime p: 10588271097316514709980740371341850811393623954791456755997404196229768631143213146860888550607777786485277672277840335832828425585187305829456083811884403

prime q: 8752025141262280810741817358460157581730012401837375941553321498527538612711221640736333045550462246671707591229163229979929865886339384196678511299106461

prime exponent p: 8840173178996105030532617771620795136289804567409618067929718562111543863623040324653054592422689124358987112532257955899184780547548618537167531897018155

prime exponent q: 6187059596787791170814477290957155511566771054169791528024862063060269220850983392821067641185176555049822431628654537817876172032807477758092610715894873

crt coefficient: 6854861613342184102432215989978510965947450724858923519296449787911697012458561618617224924292442507704910518351653381073358023114208183096323638100011823


Public key :

Sun RSA public key, 1024 bits

modulus: 92668814846214894704006090956359588930552488785651855629727668981541851340521421617344301038679403786409554221621291537561738029052438789569305384050462388902381013256842501359697320447285681807543339499188132857082349271596382710378928847448455998466852006349872009503310771899860207013659270056066522427783

public exponent: 65537
----------------------------------------------------------------------------


What I need to know is, if I have the above values but not the actual objects of the PrivateKey and the PublicKey, will I be able to regenerate the actual objects using those values?
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
There is not much in the j2me runtime environment to support crypto. What classes were you planning to use to handle these RSA keys?


Nice to meet you.
Anuradha Karunamuni
Ranch Hand

Joined: Dec 08, 2007
Posts: 64
I am using the Bouncy Castle Cryptography API lcrypto-j2me-137. I cannot figure out a way to send the key objects to the mobile client, which are generated generated at the server end.

Is there any alternative method to achieve this?
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
You can certainly use your method to send the components, but the downside is you have to parse the pieces out of the strings. It should be easier to use instead the getEncoded() methods on the server side and send these byte arrays instead. On the mobile side, you could provide these bytes to RSAPublicKeyStructure and RSAPrivateKeyStructure classes.
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
Forget my previous post, I tried using those classes and it was so painful I gave up. Instead, on the server side just cast the private key to RSAPrivateCrtKey and extract the components as individual BigIntegers, send these and reconstruct them.

Are you really going to send the private key to the mobile device? It isn't going to be private anymore...
Anuradha Karunamuni
Ranch Hand

Joined: Dec 08, 2007
Posts: 64
Hey thanks...I too was trying your first approach and I have to agree with the fact that it's a pain.

>> Are you really going to send the private key to the mobile device? It isn't going to be private anymore...

Agreed! Actually it's the private key of the mobile client. I first thought of generating it on the server side and sending it to the client without storing it. But still as you said it won't be private anymore. So now what I'm doing is, generate the keys of the mobile client at the first run of the mobile app on the device.

Still I have to come up with a way to persist the keys on mobile. To do that I have to convert the keys to String, int or boolean because those are the only types which can be stored in RMS. And I should be able to reconstruct the keys as well.

I will try your new approach and will let you know the results.
Thanks again...
Anuradha Karunamuni
Ranch Hand

Joined: Dec 08, 2007
Posts: 64
Hey...It worked!!!
Thanks a lot...
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: RSA key retrieval from String representation