13

I am trying to implement the RSA-Algorithm in an Android Application. I am using the java.math.BigInteger.modPow() function for the en-/decryption which works fine for my Computer (Windows and Xubuntu) and my Raspberry Pi (also Debian). When the same Code is executed on my Phone (Android 4.4.4) the following Exception is thrown on the 2nd call to modPow():

java.jang.ArithmeticException: error:0306B06B:bignum routines:BN_div:not initialized
    at java.math.NativeBN.BN_mod_exp(NativeMethod)
    at java.math.BigInt.modExp(BigInt.java:327)
    at java.math.BigInteger.modPow(BigInteger.java:997)
    at "where I call java.math.BigInteger.modPow()"

I checked the exponent and modulus: both are positive so the Documentation doesn't really help. Reducing the size of the key (exponent and modulus) also did not change anything. Unfortunately I could not find the source to the native function and are out of ideas what might be going on.

Do you have any idea why this exception might be thrown or what the errorcode is supposed to mean?

qwerty
  • 171
  • 1
  • 11
  • Out of curiosity, try on an older version of Android (e.g. 4.2.2) - there have been a lot of changes in 4.4 and quite a few bugs as well. – Aleks G Oct 21 '14 at 14:36
  • 2
    That looks like an error from the underlying openssl native code, which suggests this is an Android bug. – President James K. Polk Oct 21 '14 at 14:40
  • are you using SpongyCastle? – EpicPandaForce Oct 21 '14 at 14:46
  • @GregS @Zhuinden I implemented the whole Algorithm myself and are not using any openssl-librarys so I know I caused the bugs myself. ;) Is `NativeBN` also part of openssl? – qwerty Oct 21 '14 at 14:51
  • 2
    @qwerty: I know that, but under the hood the Android implementation of Java's BigIntegers uses the openssl library. It's not something you can control. – President James K. Polk Oct 21 '14 at 22:00
  • 1
    I agree, this is certainly some kind of bug, you should never be able to generate a `BN_div:not initialized` from just Java code. BN functions are certainly part of OpenSSL. – Maarten Bodewes Oct 22 '14 at 00:04
  • 1
    Ignoring whether this is a bug or not, we'll not be able to help diagnose your problem without sample code that reproduces it. Please add that to your question. – Duncan Jones Oct 22 '14 at 12:21
  • "Java's BigIntegers uses the openssl library" ? Who made that bone-headed decision? That seems akin to my AVL tree code using Xlib :-) – paxdiablo Sep 10 '15 at 01:41

1 Answers1

0

Because its telling you not initialized, the creating of the BigInteger must have been failed somehow.

As of libcrypto:

The BIGNUM library generally lives in libcrypto, which comes with OpenSSL. Its API is defined in openssl/bn.h. This library exports the BIGNUM type. BIGNUM objects always need to be initialized before use, even if they're statically declared.

So check if you can initialize it from within your code or try a lower api version, as i´m not that deep into this.

Also check if the bundled libs are corresponding to your platform architecture 32/64 bit.

Another guess: Android 4.4.4 has a possible [bug] (code.google.com/p/android/issues/detail?id=77262) on creating BigIntegers if the SSL error queue is not empty, maybe thats what you ran into.

gantners
  • 471
  • 4
  • 16