SafeAPI v1.20

com.safeapi
Class CryptoAsymRawRSA

java.lang.Object
  extended bycom.safeapi.CryptoCommon
      extended bycom.safeapi.CryptoAsymRawRSA

public final class CryptoAsymRawRSA
extends CryptoCommon

Pure/raw RSA Asymmetric Cryptography APIs Module


Constructor Summary
CryptoAsymRawRSA()
          Loads an instance of CryptoAsymRawRSA.
 
Method Summary
 byte[] decryptBufferRawKey(byte[] bD_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bBuffer)
          Decrypts a buffer with the specified raw RSA private key
 byte[] encryptBufferRawKey(byte[] bN_Modulus, byte[] bE_Exponent, byte[] bBuffer)
          Encrypts a buffer with the specified raw RSA public key
 String getHexInverseOfQModP()
          Gets Inverse Of Q Mod P as hexadecimal string
 String getHexModulus()
          Gets public key modulus as hexadecimal string
 String getHexP()
          Get private key P factor as hexadecimal string
 String getHexPrivateKeyExponent()
          Gets private key exponent as hexadecimal string
 String getHexPublicKeyExponent()
          Gets public key exponent as hexadecimal string
 String getHexQ()
          Get private key Q factor as hexadecimal string
 byte[] getInverseOfQModP()
          Gets Inverse Of Q Mod P as bytes
 byte[] getModulus()
          Gets public key modulus as bytes
 byte[] getP()
          Get private key P factor as bytes
 byte[] getPrivateKeyExponent()
          Gets private key exponent as bytes
 byte[] getPublicKeyExponent()
          Gets public key exponent as bytes
 byte[] getQ()
          Gets private key Q factor as bytes
 void loadPrivateKey(String sKeyID, char[] caPassphrase)
          Loads the private key in memory
 void loadPublicKey(String sKeyID)
          Loads the public key in memory
 byte[] rsa(byte[] bN_Modulus, byte[] b_Exponent, byte[] bBuffer)
          Operates RSA computation on a buffer with the specified rsa key elements
Computes the RSA algorithm, without using the Chinese Remainder Theorem.
 byte[] rsaWithCrt(byte[] bN_Modulus, byte[] b_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bU_InverseOfQModP, byte[] bBuffer)
          Operates RSA computation on a buffer with the specified rsa key elements.
 byte[] signBufferRawKey(byte[] bD_Exponent, byte[] bP_Factor, byte[] bQ_Factor, byte[] bBufferToSign)
          Signs a buffer with the specified raw RSA private key
 boolean verifyBufferRawKey(byte[] bN_Modulus, byte[] bE_Exponent, byte[] bBufferToVerify, byte[] bSignature)
          Verifies a buffer with the specified raw RSA public key
 
Methods inherited from class com.safeapi.CryptoCommon
createSeedFile, getParameter, getRandomBytes, getRawError, getRegisteredError, getVersion, isOperationOK, setParameter, wipe
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CryptoAsymRawRSA

public CryptoAsymRawRSA()
Loads an instance of CryptoAsymRawRSA.

Method Detail

encryptBufferRawKey

public byte[] encryptBufferRawKey(byte[] bN_Modulus,
                                  byte[] bE_Exponent,
                                  byte[] bBuffer)
Encrypts a buffer with the specified raw RSA public key

Parameters:
bN_Modulus - N, the public modulus
bE_Exponent - E, the public exponent
bBuffer - The buffer to encrypt
Returns:
The encrypted buffer

decryptBufferRawKey

public byte[] decryptBufferRawKey(byte[] bD_Exponent,
                                  byte[] bP_Factor,
                                  byte[] bQ_Factor,
                                  byte[] bBuffer)
Decrypts a buffer with the specified raw RSA private key

Parameters:
bD_Exponent - D, the private exponent
bP_Factor - P, the first factor of the public modulus
bQ_Factor - Q, the second factor of the public modulus
bBuffer - The buffer to encrypt
Returns:
The decrypted buffer

signBufferRawKey

public byte[] signBufferRawKey(byte[] bD_Exponent,
                               byte[] bP_Factor,
                               byte[] bQ_Factor,
                               byte[] bBufferToSign)
Signs a buffer with the specified raw RSA private key

Parameters:
bD_Exponent - D, the private exponent
bP_Factor - P, the first factor of the public modulus
bQ_Factor - Q, the second factor of the public modulus
bBufferToSign - The buffer to sign
Returns:
The buffer signature

verifyBufferRawKey

public boolean verifyBufferRawKey(byte[] bN_Modulus,
                                  byte[] bE_Exponent,
                                  byte[] bBufferToVerify,
                                  byte[] bSignature)
Verifies a buffer with the specified raw RSA public key

Parameters:
bN_Modulus - N, the public modulus
bE_Exponent - E, the public exponent
bBufferToVerify - the buffer to be verified
bSignature - the signature for the specified buffer
Returns:
true if the signature is verified else false

rsa

public byte[] rsa(byte[] bN_Modulus,
                  byte[] b_Exponent,
                  byte[] bBuffer)
Operates RSA computation on a buffer with the specified rsa key elements
Computes the RSA algorithm, without using the Chinese Remainder Theorem.

Parameters:
bN_Modulus - N, the public modulus
b_Exponent - The exponent
(e for encryption and verification, d for decryption and signing).
bBuffer - The buffer to encrypt
Returns:
The encrypted buffer

rsaWithCrt

public byte[] rsaWithCrt(byte[] bN_Modulus,
                         byte[] b_Exponent,
                         byte[] bP_Factor,
                         byte[] bQ_Factor,
                         byte[] bU_InverseOfQModP,
                         byte[] bBuffer)
Operates RSA computation on a buffer with the specified rsa key elements.
This method uses the Chinese Remainder Theorem (CRT) to compute the result given the known factorisation of the public modulus n into two relatively prime factors p and q. The arithmetic behind this method is detailed in [1] and [2].

The comments that follow, which are edited from the PGP mpilib.c file with p and q reversed, make the practical algorithmic implementation clearer:

Y = X**d (mod n) = X**d (mod pq)

We form this by evaluating:

p2 = plain**d (mod p) and
q2 = plain**d (mod q)
and then combining the two by the CRT.

Two optimisations of this are possible. First, we reduce X modulo p and q before starting, since:

x**a (mod b) = (x (mod b))**a (mod b)

Second, since we know the factorisation of p and q (trivially derived from the factorisation of n = pq), and input is relatively prime to both p and q, we can use Euler's theorem:

X**phi(m) = 1 (mod m),
to throw away multiples of phi(p) or phi(q) in d. Letting
ep = d (mod phi(p)) and
eq = d (mod phi(q))
then combining these two speedups, we only need to evaluate:
p2 = (X mod p)**ep (mod p) and
q2 = (X mod q)**eq (mod q).

Now we need to apply the CRT. Starting with:

Y = p2 (mod p) and
Y = q2 (mod q)
we can say that:
Y = q2 + kq
and if we assume that:
0 <= q2 < q, then
0 <= Y < pq for some 0 <= k < p

Since we want:

Y = p2 (mod p),
then
kq = (p2 - q2) (mod q)

Since p and q are relatively prime, q has a multiplicative inverse u mod p. In other words, uq = 1 (mod p).

Multiplying by u on both sides gives:

k = u * (p2 - q2) (mod p)

Once we have k, evaluating kq + q2 is trivial, and that gives us the result.

References:

  1. Donald E. Knuth, The Art of Computer Programming, ISBN 0-201-03822-6 (v.2) pages 270-274.

  2. ANS X9.31, Appendix B.

Parameters:
bN_Modulus - N, the public modulus
b_Exponent - the exponent
(e for encryption and verification, d for decryption and signing).
bP_Factor - P, the first factor of the public modulus
bQ_Factor - Q, the second factor of the public modulus
bU_InverseOfQModP - U, the multiplicative inverse of q modulo p.
bBuffer - The buffer to encrypt
Returns:
The encrypted buffer

getModulus

public byte[] getModulus()
Gets public key modulus as bytes

Returns:
public key modulus as bytes

getHexModulus

public String getHexModulus()
Gets public key modulus as hexadecimal string

Returns:
public key modulus a hexadecimal string

getPublicKeyExponent

public byte[] getPublicKeyExponent()
Gets public key exponent as bytes

Returns:
public key exponent as bytes

getHexPublicKeyExponent

public String getHexPublicKeyExponent()
Gets public key exponent as hexadecimal string

Returns:
public key exponent a hexadecimal string

getPrivateKeyExponent

public byte[] getPrivateKeyExponent()
Gets private key exponent as bytes

Returns:
private key exponent as bytes

getHexPrivateKeyExponent

public String getHexPrivateKeyExponent()
Gets private key exponent as hexadecimal string

Returns:
private key exponent a hexa string

getP

public byte[] getP()
Get private key P factor as bytes

Returns:
private key P factor as bytes

getHexP

public String getHexP()
Get private key P factor as hexadecimal string

Returns:
private key P factor a hexa string

getQ

public byte[] getQ()
Gets private key Q factor as bytes

Returns:
private key Q factor as bytes

getHexQ

public String getHexQ()
Get private key Q factor as hexadecimal string

Returns:
private key Q factor a hexa string

getInverseOfQModP

public byte[] getInverseOfQModP()
Gets Inverse Of Q Mod P as bytes

Returns:
private key Q factor as bytes

getHexInverseOfQModP

public String getHexInverseOfQModP()
Gets Inverse Of Q Mod P as hexadecimal string

Returns:
private key Q factor a hexa string

loadPrivateKey

public void loadPrivateKey(String sKeyID,
                           char[] caPassphrase)
Loads the private key in memory

Parameters:
sKeyID - The Key ID or the key filepath (if the key is outside the key store dir)
caPassphrase - the passphrase of the private key

loadPublicKey

public void loadPublicKey(String sKeyID)
Loads the public key in memory

Parameters:
sKeyID - The Key ID or The key filepath (if the key is outside the key store dir)

SafeAPI v1.20

Copyright © SafeLogic 2005