Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Java Card 2.2.2: temporary RSA public key as transient

Tags:

smartcard

javacard

I'm designing a Java Card (2.2.2 thus Classic) applet that will, at each use, receive a RSA public key (validated using means immaterial to the question), then use that RSA public key to verify an RSA signature.

How can I keep that RSA public key in RAM (rather than writing it in EEPROM/Flash), for performance and device lifetime reasons ?

My problem is, in javacard.security.KeyBuilder of JC 2.2.2, the buildKey(byte keyType, short keyLength, boolean keyEncryption) API does not seem to have an option to specify transient memory; I see neither

  • a suitable keyType combining TYPE_RSA_PUBLIC and transcient, as we have with TYPE_DES_TRANSIENT_DESELECT;
  • not even TYPE_RSA_PRIVATE_TRANSIENT_DESELECT which conceivably could be abused into a public key (on platforms with no test for the size of d), for this is a novelty of Java Card Classic 3;
  • the buildKey(byte algorithmicKeyType, byte keyMemoryType, short keyLength, boolean keyEncryption) with a keyMemoryTypeparameter, which also is a novelty of Java Card Classic 3.

Would bracketing all changes and uses of my RSA public key with beginTransaction() and abortTransaction() achieve my goal?

like image 206
fgrieu Avatar asked Mar 09 '16 09:03

fgrieu

1 Answers

I have been dealing with exactly the same problem and had to use persistent memory and wear leveling (which worked).

Even had the same idea with beginTransaction()/abortTransaction(), but was told by the card manufacturer that this won't work (They said it would make things even worse regarding EEPROM lifetime). YMMV.

Some remarks:

  • The performance was sufficient for given use case (which surprised me).

  • Card lifetime can be estimated quite well (given you know how many re-write cycles the persistent memory has, it's block size, the frequency of different public key uses and wear leveling overhead).

  • Consider wear leveling both RSAPublicKey and Cipher objects together.

  • Use as much memory for object pool as you can.

There may be some vendor specific API which allows RSA computation (in our case there was no such possibility)

Good luck!

like image 94
vlp Avatar answered Sep 18 '22 08:09

vlp
Sign in to Comment

Related questions

Reading EMV card's serial number
What does "has carrier priviliges" means in android 5.1.1
Access certificate and private key from pkcs#11 token or smart-card
Difference between "EMV" and "Global Platform"
How to send response APDU containing return data AND status word other than 0x9000?
How to write smart card with pyscard

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!