RSA key interfaces

Rodrigo Sodre (rsodre@mymail.com.br)
Tue, 25 Aug 1998 20:17:01 -0300

Date: Tue, 25 Aug 1998 20:17:01 -0300
From: Rodrigo Sodre <rsodre@mymail.com.br>
To: java-security@java.Sun.COM
Subject: RSA key interfaces

Thanks to Jan for the very complete answer.

Where can I find the RSAPrivateKey encoding? PKCS#1 describes only the
encoding to RSAPublicKey and RSAPrivateCrtKey (it gives a reference to
how recovering the PrivateCrtKey fom the public and private keys, but I
don't think it is the solution). I also looked for RawRSA, as some
previous JCA Reference documents says, but its links are wrong (to DSA
NIST FIPS!).

At last, will the new JCE API & Reference (from beta 4) be available to
non-US developers?

Thanks in advance and best regards.

Rodrigo Sodre
4Safe Team

Jan Luehe wrote:
>
> > Why the same class/interface has opaque and transparent methods?
> > Shouldn'd RSAPrivateKey have only opaque methods and use a
> > RSAKeyFactory to the translation? If not, Why should anyone use
> > RSAPrivateKeySpec since we have all the methods in RSAPrivateKey
> > class?
>
> RSAPrivateKey is a specialized key interface, which returns
> algorithm specific details about the underlying key object
> in addition to the "opaque" information (e.g., algorithm, encoding,
> and format) available from any Key object.
>
> RSAPrivateKeySpec allows you to instantiate an RSA key specification
> from RSA private-key material in a provider-independent fashion.
>
> You then pass this specification to a (provider-based) RSA
> key factory and have it return a provider-based PrivateKey object
> for RSA, which you could then use to initialize a Signature object
> for signing, etc.
>
> Provider implementations of RSA PrivateKey objects are encouraged
> to also implement the RSAPrivateKey interface (if possible), so that
> different provider implementations of RSA PrivateKey objects can
> interoperate more easily (without having to go through a KeyFactory).
>
> For example, provider A may implement the "engineInitSign" method
> (which takes a PrivateKey object) of java.security.SignatureSpi for
> RSA signatures as follows:
>
> 1. Check if the PrivateKey object passed is an instance of
> A's implementation of RSA PrivateKey objects. If yes, use
> it directly. If no, goto 2.
>
> 2. Check if the PrivateKey object passed implements the
> RSAPrivateKey interface. If yes, call its "get*" methods
> to retrieve the underlying material. If no, goto 3.
>
> 3. Try to convert the PrivateKey object passed into an instance
> of A's implementation of RSA PrivateKey objects. For example,
> call the key's getEncoded() method, instantiate A's key factory
> for RSA, and pass the encoding to the factory's generatePrivate()
> method.
>
>
> Jan
>