如何在卡外传输RSA公共[/ private]密钥？

Question

我编写了以下简单程序来生成RSA密钥对，并在APDU响应中将公钥传输到卡外：

AttributeError: 'AppenderBaseQuery' object has no attribute 'id'

但是当我向卡片发送相关的APDU命令时，我会收到public class CryptoRSA extends Applet { //Abbreviations private static final boolean NO_EXTERNAL_ACCESS = false; //Switch case parameters for selecting instruction = INS in apdu command private static final byte GENERATE_KEY_PAIR = (byte) 0xC0; //Create object of keys RSAPrivateKey thePrivateKey = (RSAPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PRIVATE, KeyBuilder.LENGTH_RSA_512, NO_EXTERNAL_ACCESS); RSAPublicKey thePublickKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_512, NO_EXTERNAL_ACCESS); KeyPair theKeyPair = new KeyPair(thePublickKey, thePrivateKey); public static void install(byte[] bArray, short bOffset, byte bLength) { new CryptoRSA(); } protected CryptoRSA() { register(); } public void process(APDU apdu) { if (selectingApplet()) { return; } byte[] buffer = apdu.getBuffer(); short privateKeySize = 0; short publicKeySize = 0; byte[] publicArray; byte[] privateArray; try { switch (buffer[ISO7816.OFFSET_INS]) { case GENERATE_KEY_PAIR: theKeyPair.genKeyPair(); PrivateKey thePrivateKey = theKeyPair.getPrivate(); PublicKey thePublicKey = theKeyPair.getPublic(); publicKeySize = thePrivateKey.getSize(); privateKeySize = thePrivateKey.getSize(); byte[] publicKey = JCSystem.makeTransientByteArray((short) (publicKeySize), JCSystem.CLEAR_ON_DESELECT); ((RSAPublicKey) thePrivateKey).getExponent(publicKey, (short) publicKeySize); Util.arrayCopyNonAtomic(publicKey, (short) 0, buffer, (short) 0, (short) (publicKeySize )); apdu.setOutgoingAndSend((short) 0, (short) (publicKeySize)); break; default: ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); } } catch (Exception e) { if (e instanceof CryptoException) { short r = ((CryptoException) e).getReason(); ISOException.throwIt(r); } else { ISOException.throwIt((short) 0x8888); } } } } ，如下所示：

0x8888

Answer 1

1. getSize()返回密钥的位长，而不是字节长度。你可能已经没用RAM了。

2。((RSAPublicKey) thePrivateKey).getExponent(publicKey, (short) publicKeySize);

这不会奏效！您要求将指数存储在数组publicKeySize中的偏移publicKey处 - 也就是说，在数组的最末端，其中只剩下0个字节来存储它。

顺便说一句，下次遇到这样的问题时，您可以使用ISOException将调试数据发送到外部世界。例如，ISOException.throwIt(privateKeySize)会发现问题1.