Discrepancy in RSA behavior between JCardSim and Javacard

[mavroudisv]

Hello,

just a heads up that RSA seems to be functioning differently in JCardSim.

A simple way to reproduce is using method testSelfRSA() (/src/test/java/com/licel/jcardsim/crypto/RSACipherTest.java) in JavaCard.

The problem is with line 92: byte[] msg = new byte[63];
However, if the array size is changed to 64B then it works on JavaCard, but not with JCardSim.

Let me know, if more info is needed.

Apologies if it's known issue or a non-issue.

Vasilis

P.S.: If it matters, I used an NXP J2E145G to verify.

[petrs]

The issue seems to be related to the fact that JCardSim uses BouncyCastle RSACoreEngine.getInputBlockSize() which states in javadoc:

Return the maximum size for an input block to this engine.
For RSA this is always one byte less than the key size on
encryption, and the same length as the key size on decryption.

So for Cipher.init(publicKey, Cipher.MODE_ENCRYPT), internal buffer attribute is allocated one byte shorter than for Cipher.init(m_modPublicKey, Cipher.MODE_DECRYPT);

At least some cards are able to process input for MODE_ENCRYPT with same length as for decrypt. Does it make sense to test this behavior more thoroughly (e.g., via JCAlgTest?)

[snlgaba]

I am facing the same issue. It works if allocated buffer in AsymmetricCipherImpl to engine.getInputBlockSize()+1