Re: [Trustedjava-support] Check signature with public key from remote peer

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Rinaldo,

ri...@li... wrote:
> I have to send to a remote peer the public part of a key created locally.
> And then I'm sending th byte array via a socket to the remote peer together
 > with the encrypted data. Then I should decrypt the data when I have
 > received it on the remote peer, how could I do it?

It cannot be done.
In asymmetric cryptography in general you can only ENcrypt with the 
public key and only DEcrypt with the private key. That's what it is all 
about.

In case you want to do something else, here is a piece of code that 
creates a standard Java public key from a modulus in a TcBlobData object 
as a start. (Note that the exponent of public TPM RSA keys is a constant.)

Regards, Ronald

import java.security.PublicKey;
import java.math.BigInteger;

   protected RSAPublicKey convertEkModulusToJavaPublicKey(TcBlobData 
pubEkBlob) {

     // BigInteger requires a leading sign-byte
     pubEkBlob.prepend(TcTssStructFactory.newBlobData().initBYTE(((byte) 
0)));
     RSAPublicKeySpec pubEkSpec = new RSAPublicKeySpec(new 
BigInteger(pubEkBlob.asByteArray()), new BigInteger("65537"));
     try {
       RSAPublicKey pubEk = (RSAPublicKey) 
KeyFactory.getInstance("RSA").generatePublic(pubEkSpec);

       byte[] finger = (new 
iaik.security.rsa.RSAPublicKey(pubEk)).getFingerprint();
       System.out.println("key fingerprint: " 
+byteArrayToHexString(finger));

       return pubEk;

     } catch (InvalidKeySpecException e) {
       e.printStackTrace();
     } catch (NoSuchAlgorithmException e) {
       e.printStackTrace();
     }
     System.exit(1);
     return