Java – PGP data encryption for yubico OpenPGP smart card

Java

I try to implement PGP encryption in Java applications based on yubikey Neo OpenPGP smart card applet It seems to be a dark art. It's not easy to Google this thing, but here's what I've done so far:

>The card is initialized and the GPG tool is used to generate the key It usually works My public key is ASC format and load it into org bouncycastle. In OpenPGP > use javax Connect smartcardio API to smart card in USB dongle. > Select OpenPGP applet

val pgpAID = bytes(0xD2,0x76,0x00,0x01,0x24,0x01)
val answer = cardChannel.transmit(CommandAPDU(0x00,0xA4,0x04,pgpAID))

>Successfully provided the correct pin to the card

val pin = "123456"
return bytes(0x00,0x20,0x82,pin.length) + pin.toByteArray(Charsets.UTF_8)

>Send quasi successful (see below) decryption command

bytes(0x00,0x2a,0x80,0x86,data.size) + data + bytes(0x00)

When data = "XXXX" When tobytearray(), the result is SW = 9000 (= success), but no data is returned This is a naive test, as mentioned in the OpenPGP applet documentation on page 52

I don't know how to encrypt data and get pkcs#1 format

I also try to read yubico OpenPGP card implementation tests, but it only provides another example of "failure" (line 196) I tried to run, but the results were different: the test expected SW = 0050 (indicating exception?), I got SW = 6f00 (there is no accurate diagnosis according to this document)

I created a GitHub repository with the entire code It's written in kotlin, but it should be easy to read

Solution

Your question is a little confused, but I'm sure you want to use the RSA public key corresponding to the RSA private key on the smart card to create PGP encrypted messages, and then decrypt them using the RSA private key on the smart card (help) PGP (like everything else) uses mixed encryption, so PGP encrypted messages in relevant parts include:

>The actual message is encrypted with a randomly generated work key using an appropriate symmetric algorithm (such as TDES or AES), which is called k > work key K. together with some metadata encrypted by RSA using the recipient's public key and the filling defined by the original pkcs#1 standard, it is now officially called rsaes-pkcs1-v1_ 5, but it is still widely known as pkcs1

You do not need to perform encryption steps, because any software that implements standards can perform encryption steps, including gnupg or bouncy castle's bcpg library If you want to do it yourself, you may use fake K test data without real messages. You need to do filling and RSA modular exponentiation; In Java, at least Oracle or openjdk java with standard encryption providers that you can use Javax obtained by getInstance ("RSA / ECB / pkcs1padding") crypto. Cipher.

"Pkcs1" encryption padding (for RSA) is described at the bottom of page 52 and at the top of page 53 of this document. Although it is not in the same format as current OpenPGP spec (and earlier versions), it is referenced and effectively the same as near current pkcs#1 spec (and earlier versions), all of which say:

>One byte 00 > one byte 02 > enough non-zero random bytes to make the result correct length and Security > one byte 00 > "plaintext". PGP encryption is actually the working symmetric key K format specified in the PGP spec

Pay attention to the beginning of the paragraph

It seems to be a different option than PGP afaics, described on the previous page

So ignore it

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>