On Tue, Dec 14, 2010 at 09:55:26PM -0800, Kannan J wrote:
>
>
> From my relentless search on the internet I hit upon this webpage
> http://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php
> which accepts prime values and generates the rest of the exponents and
> coefficients. It mentions "Enter CRT coefficient (qInv)*: qInv = q-1 mod p "
> I wonder if the smart card user guide might have printed P-1 instead of P-1.
> Even so I don't know how such a small real number obtained after taking the
> inverse can be a big integer. In fact Java BigInteger doesn't allow raising
> to a negative exponent value.
You need to brush-up on prime-field modular arithmetic. :-)
Large integers don't have ordinary (integer) reciprocals, but they do
have reciprocals modulo any number to which they are co-prime. The
reciprocal is found using Euclid's algorithm.
You are looking at all the wrong things. What's the real problem?
What tool or API is used to load the key into the card? What
key format does it expect. Are your primes exactly 128-bytes long
for a 2048-bit modulus? Is the modulus exactly 256-bytes long?
This is perhaps just a simple padding issue, or your key format
is not what the card expects?
Either way, all the number theory is likely a red-herring. Don't
waste your time trying to debug the number theory, this is almost
certainly an interface mismatch.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
