Creating a derived RSAPublicKey

[kosullivan]

Hi folks,

I'm trying to create a class that implements RSAPublicKey, so that I can pass it through to Cipher.init(). I'm doing this because I want to override the behavior of getModulus() slightly.

Since RSAPublicKey is an interface, not a class, I cant extend it, so I created a class that implemented it.
e.g. public class DynamicRSAPublicKey implements RSAPublicKey { ... }

To make sure that I could get it working, I first created an instance of this class that did absolutely nothing to change the behavior. It is just a simple wrapper class and the code is here: http://pastebin.com/iVcMt5fU

I then create a really basic RSA encryption test, but I'm getting a CryptoException when I call Cipher.init (passing it an instance of DynamicRSAPublicKey). My test code works perfectly if I just pass an actual RSAPublicKey through.

The reason code is CryptoException.ILLEGAL_VALUE, so my theory is that the init() method is internally doing a check along the lines of 'if (!key instanceof <SomeClass>) CryptoException.throwIt(CryptoException.ILLEGAL_VALUE)'.

My problem is, because ultimately I'm using KeyBuilder.buildKey to create the interal RSAPublicKey, I have absolutely no idea what the actual class is that I should be deriving from?

Is there any way around this that anyone can think of?

Cheers,
kos

[UNKNwYSHSA]

I had test card A40CR and J3D081, they throw CryptoException (ILLEGE_USE) same as you mentioned.
You have to use the key generated by the method KeyBuilder.buildKey().

[kosullivan]

Thanks for checking on your end.

It's an unfortunate thing because ultimately if I am creating a class that implements the interface faithfully, why should it fail this in a runtime check?
There appears to be a hierarchy of classes that are completely inaccessible, because you only ever see them exposed via interfaces. Maybe there is a security justification for this but I can't see it in the JVM/JCRE documents for Javacard.

Cheers

[UNKNwYSHSA]

I found that, document for javacard.security.KeyBuilder:

public static Key buildKey(byte keyType,
short keyLength,
boolean keyEncryption)
throws CryptoExceptionCreates uninitialized cryptographic keys for signature and cipher algorithms. Only instances created by this method may be the key objects used to initialize instances of Signature, Cipher and KeyPair. Note that the object returned must be cast to their appropriate key type interface.

[kosullivan]

Yes I saw this. I think what it really comes to is that this is Javacard, not Java. The underlying types are hidden (probably for good security reasons) and so it just can't be done. Thanks for looking further.

[UNKNwYSHSA]