1

I've been trying for days to implement an RSA scheme for a Google Web Toolkit application running over Google App Engine. Client-side encryption and key management is a requirement, so I'm using gwt-crypto (gwt-crypto-2.3.0.jar). Part of the documentation is broken so I followed references from Bouncy Castle, like this answer. I have a static method to create an AsymmetricCipherKeyPair that is supposed to hold the private and public keys, as it follows.

public static AsymmetricCipherKeyPair getRsaKeyPair() {
    RSAKeyPairGenerator keyPairGenerator = new RSAKeyPairGenerator();
    RSAKeyGenerationParameters param = new RSAKeyGenerationParameters(RSA_PUBLIC_EXPONENT_FERMAT, SECURE_RANDOM, RSA_STRENGTH, RSA_CERTAINTY);
    keyPairGenerator.init(param);
    /* RSAKeyPairGenerator.generateKeyPair() freezes on Google App Engine */
    return keyPairGenerator.generateKeyPair();
}

It works fine while I'm running development mode in localhost (from Eclipse with Jetty, I believe). However, when I deploy it to Google App Engine, it freezes on the keyPairGenerator.generateKeyPair() call. I'm using the parameters below. I tried scalling down the RSA_STRENGTH from 256 to 1024 and RSA_CERTAINTY from 1 to 80. I also tried RSA_PUBLIC_EXPONENT_FERMAT either 3 (F0, 0x3) or 65537 (F4, 0x10001)

private static final int RSA_STRENGTH = 1024;
private static final int RSA_CERTAINTY = 4;
private static final BigInteger RSA_PUBLIC_EXPONENT_FERMAT = new BigInteger("3", 16);
private static final SecureRandom SECURE_RANDOM = SecureRandom.getInstance("SHA1PRNG");

I tried multiple browsers, but they always say the script has stopped responding or is taking too long and if I try to proceed they freeze or crash. There are no other errors on the server side, console or Google App Engine environment in general. I don't know what to do, since it works perfectly and fast on the browser while running on localhost, but I can't get it to work after deploying to the cloud and I have no clue about how to debug it. Can anyone help me? Could be Google App Engine structure's the problem? Or some kind of resource restriction?

I'm also using SmartGWT, not sure if it matters. I'm really stuck here.

Thanks in advance.

Community
  • 1
  • 1
Ricardo Gonçalves
  • 15
  • 3
  • Smells like [this](http://code.google.com/p/gwt-crypto/issues/detail?id=21), that leds to [this](https://code.google.com/p/google-web-toolkit/issues/detail?id=8310) and [this](http://code.google.com/p/gwt-crypto/issues/detail?id=26). Does it freeze when running in prod mode (compiled) on localhost? – Andrea Boscolo Mar 13 '14 at 20:24

1 Answers1

0

Some time ago I coded a gwt application to do the same. After a long hacking of gwt-crypto I finished using an external js solution.

gwt-crypto key generation was terribly slow, logically it works in dev-mode because it runs java, but when the code is compiled BigInteger performs really bad.

Read my answer to the question: how to import java.security.* in my gwt application .

Community
  • 1
  • 1
Manolo Carrasco Moñino
  • 9,723
  • 1
  • 22
  • 27
  • This question is related: http://stackoverflow.com/questions/25777287/how-do-i-use-rsa-between-server-and-gwt-client – Michael Sep 25 '14 at 14:31