|
SafeAPI v1.20 | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.safeapi.CryptoCommon
com.safeapi.CryptoAsymRawRSA
Pure/raw RSA Asymmetric Cryptography APIs Module
Constructor Summary | |
CryptoAsymRawRSA()
Loads an instance of CryptoAsymRawRSA. |
Method Summary | |
byte[] |
decryptBufferRawKey(byte[] bD_Exponent,
byte[] bP_Factor,
byte[] bQ_Factor,
byte[] bBuffer)
Decrypts a buffer with the specified raw RSA private key |
byte[] |
encryptBufferRawKey(byte[] bN_Modulus,
byte[] bE_Exponent,
byte[] bBuffer)
Encrypts a buffer with the specified raw RSA public key |
String |
getHexInverseOfQModP()
Gets Inverse Of Q Mod P as hexadecimal string |
String |
getHexModulus()
Gets public key modulus as hexadecimal string |
String |
getHexP()
Get private key P factor as hexadecimal string |
String |
getHexPrivateKeyExponent()
Gets private key exponent as hexadecimal string |
String |
getHexPublicKeyExponent()
Gets public key exponent as hexadecimal string |
String |
getHexQ()
Get private key Q factor as hexadecimal string |
byte[] |
getInverseOfQModP()
Gets Inverse Of Q Mod P as bytes |
byte[] |
getModulus()
Gets public key modulus as bytes |
byte[] |
getP()
Get private key P factor as bytes |
byte[] |
getPrivateKeyExponent()
Gets private key exponent as bytes |
byte[] |
getPublicKeyExponent()
Gets public key exponent as bytes |
byte[] |
getQ()
Gets private key Q factor as bytes |
void |
loadPrivateKey(String sKeyID,
char[] caPassphrase)
Loads the private key in memory |
void |
loadPublicKey(String sKeyID)
Loads the public key in memory |
byte[] |
rsa(byte[] bN_Modulus,
byte[] b_Exponent,
byte[] bBuffer)
Operates RSA computation on a buffer with the specified rsa key elements Computes the RSA algorithm, without using the Chinese Remainder Theorem. |
byte[] |
rsaWithCrt(byte[] bN_Modulus,
byte[] b_Exponent,
byte[] bP_Factor,
byte[] bQ_Factor,
byte[] bU_InverseOfQModP,
byte[] bBuffer)
Operates RSA computation on a buffer with the specified rsa key elements. |
byte[] |
signBufferRawKey(byte[] bD_Exponent,
byte[] bP_Factor,
byte[] bQ_Factor,
byte[] bBufferToSign)
Signs a buffer with the specified raw RSA private key |
boolean |
verifyBufferRawKey(byte[] bN_Modulus,
byte[] bE_Exponent,
byte[] bBufferToVerify,
byte[] bSignature)
Verifies a buffer with the specified raw RSA public key |
Methods inherited from class com.safeapi.CryptoCommon |
createSeedFile, getParameter, getRandomBytes, getRawError, getRegisteredError, getVersion, isOperationOK, setParameter, wipe |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public CryptoAsymRawRSA()
Method Detail |
public byte[] encryptBufferRawKey(byte[] bN_Modulus, byte[] bE_Exponent, byte[] bBuffer)
bN_Modulus
- N, the public modulusbE_Exponent
- E, the public exponentbBuffer
- The buffer to encrypt
public byte[] decryptBufferRawKey(byte[] bD_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bBuffer)
bD_Exponent
- D, the private exponentbP_Factor
- P, the first factor of the public modulusbQ_Factor
- Q, the second factor of the public modulusbBuffer
- The buffer to encrypt
public byte[] signBufferRawKey(byte[] bD_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bBufferToSign)
bD_Exponent
- D, the private exponentbP_Factor
- P, the first factor of the public modulusbQ_Factor
- Q, the second factor of the public modulusbBufferToSign
- The buffer to sign
public boolean verifyBufferRawKey(byte[] bN_Modulus, byte[] bE_Exponent, byte[] bBufferToVerify, byte[] bSignature)
bN_Modulus
- N, the public modulusbE_Exponent
- E, the public exponentbBufferToVerify
- the buffer to be verifiedbSignature
- the signature for the specified buffer
public byte[] rsa(byte[] bN_Modulus, byte[] b_Exponent, byte[] bBuffer)
bN_Modulus
- N, the public modulusb_Exponent
- The exponent
bBuffer
- The buffer to encrypt
public byte[] rsaWithCrt(byte[] bN_Modulus, byte[] b_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bU_InverseOfQModP, byte[] bBuffer)
The comments that follow, which are edited from the PGP mpilib.c file with p and q reversed, make the practical algorithmic implementation clearer:
Y = X**d (mod n) = X**d (mod pq)
We form this by evaluating:
p2 = plain**d (mod p) andand then combining the two by the CRT.
q2 = plain**d (mod q)
Two optimisations of this are possible. First, we reduce X modulo p and q before starting, since:
x**a (mod b) = (x (mod b))**a (mod b)
Second, since we know the factorisation of p and q (trivially derived from the factorisation of n = pq), and input is relatively prime to both p and q, we can use Euler's theorem:
X**phi(m) = 1 (mod m),to throw away multiples of phi(p) or phi(q) in d. Letting
ep = d (mod phi(p)) andthen combining these two speedups, we only need to evaluate:
eq = d (mod phi(q))
p2 = (X mod p)**ep (mod p) and
q2 = (X mod q)**eq (mod q).
Now we need to apply the CRT. Starting with:
Y = p2 (mod p) andwe can say that:
Y = q2 (mod q)
Y = q2 + kqand if we assume that:
0 <= q2 < q, then
0 <= Y < pq for some 0 <= k < p
Since we want:
Y = p2 (mod p),then
kq = (p2 - q2) (mod q)
Since p and q are relatively prime, q has a multiplicative inverse u mod p. In other words, uq = 1 (mod p).
Multiplying by u on both sides gives:
k = u * (p2 - q2) (mod p)
Once we have k, evaluating kq + q2 is trivial, and that gives us the result.
References:
bN_Modulus
- N, the public modulusb_Exponent
- the exponent
bP_Factor
- P, the first factor of the public modulusbQ_Factor
- Q, the second factor of the public modulusbU_InverseOfQModP
- U, the multiplicative inverse of q modulo p.bBuffer
- The buffer to encrypt
public byte[] getModulus()
public String getHexModulus()
public byte[] getPublicKeyExponent()
public String getHexPublicKeyExponent()
public byte[] getPrivateKeyExponent()
public String getHexPrivateKeyExponent()
public byte[] getP()
public String getHexP()
public byte[] getQ()
public String getHexQ()
public byte[] getInverseOfQModP()
public String getHexInverseOfQModP()
public void loadPrivateKey(String sKeyID, char[] caPassphrase)
sKeyID
- The Key ID or
the key filepath (if the key is outside the key store dir)caPassphrase
- the passphrase of the private keypublic void loadPublicKey(String sKeyID)
sKeyID
- The Key ID or
The key filepath (if the key is outside the key store dir)
|
SafeAPI v1.20 | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |