This discussion is archived
1 2 Previous Next 18 Replies Latest reply: Jan 24, 2013 11:58 PM by Nara Go to original post RSS
  • 15. Re: Elliptive Curve Cryptography using ALG_EC_FP
    816119 Journeyer
    Currently Being Moderated
    The keys are initialized to default automatically when you call GenKeyPair() right?
    i commented this lines:
    /*
    ecPrivateKey = (ECPrivateKey) keyPairECC.getPrivate();
    ecPublicKey = (ECPublicKey) keyPairECC.getPublic();
    ecPrivateKey.setFieldFP(valFP, (short)0,(short)valFP.length);
    ecPrivateKey.setA(valA,(short)0,(short)valA.length);
    ecPublicKey.setA(valA,(short)0,(short)valA.length);
    ecPrivateKey.setB(valB, (short)0, (short)valB.length);
    ecPublicKey.setB(valB, (short)0, (short)valB.length);
    ecPrivateKey.setG(valG, (short)0, (short)valG.length);
    ecPublicKey.setG(valG, (short)0, (short)valG.length);
    ecPrivateKey.setR(valN, (short)0, (short)valN.length);
    ecPublicKey.setR(valN, (short)0, (short)valN.length);
    ecPrivateKey.setS(valS,(short)0,(short)valS.length);
    ecPublicKey.setW(valW,(short)0,(short)valW.length);
    ecPrivateKey.setS(buf, ISO7816.OFFSET_CDATA, ISO7816.OFFSET_LC);
    ecPrivateKey.setK(k);
    ecPublicKey.setK(k);
    */
    and used LENGTH_EC_FP_192. Aftet that genKeyPair(); does not rise exception.

    Edited by: 666 on 24.01.2013 4:25
  • 16. Re: Elliptive Curve Cryptography using ALG_EC_FP
    801926 Explorer
    Currently Being Moderated
    Here example from the JCOP training
    package com.nxp.id.test.ecc.gfp;
    
    import javacard.framework.APDU;
    import javacard.framework.Applet;
    import javacard.framework.ISO7816;
    import javacard.framework.ISOException;
    import javacard.framework.JCSystem;
    import javacard.framework.Util;
    import javacard.security.CryptoException;
    import javacard.security.ECKey;
    import javacard.security.ECPrivateKey;
    import javacard.security.ECPublicKey;
    import javacard.security.KeyAgreement;
    import javacard.security.KeyBuilder;
    import javacard.security.KeyPair;
    import javacard.security.Signature;
    
    public class EccTest extends Applet {
         private static final short VERSION_INFO_MAJOR_MINOR = (short)0x0001;
         
         private short keyLength;
         private static final byte INS_SET_KEYLENGTH = (byte)0x01;     
         private static final byte INS_SET_p = (byte)0x02; 
         private static final byte INS_SET_A = (byte)0x03;      
         private static final byte INS_SET_B = (byte)0x04;
         private static final byte INS_SET_P = (byte)0x05;
         private static final byte INS_SET_M = (byte)0x06;
         private static final byte INS_SET_T = (byte)0x07;
         private static final byte INS_SET_Q = (byte)0x08;
         private static final byte OBJECT_DELETION = (byte)0x0A;
         private static final byte DEFINE_KEY = (short)0x0B;
         private static final byte DO_KA_TEST = 0x0C;
         private static final byte DO_SIG_TEST = 0x0D;
         private static final byte DO_KEY_GEN = 0x0E;
         private static final byte DO_GET_POINT = 0x0F;
         
         private KeyPair keyPairECC;
         private KeyAgreement keyAgreement;
         private ECPrivateKey ecPrivateKey;
         private ECPublicKey ecPublicKey;
         private ECKey keyContext;
         private Signature sig;
    
        EccTest() {
            keyContext = ecPrivateKey; // initially
            sig = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
        }
        
         public static void install(byte[] bArray, short bOffset, byte bLength) {
              new EccTest().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
         }
    
         public void process(APDU apdu) {
              byte[] buf = apdu.getBuffer();
              
              if (selectingApplet()) {
                Util.setShort(buf, (short) 0, VERSION_INFO_MAJOR_MINOR);
                apdu.setOutgoingAndSend((short) 0, (short) 2);
                   return;
              }
              short publicPartLength =0;
              
              try {
                   switch (buf[ISO7816.OFFSET_INS]) {
                        case DEFINE_KEY:
                             if (buf[ISO7816.OFFSET_CDATA] == (byte) 0x01)
                                  keyContext = ecPublicKey;
                             else
                                  keyContext = ecPrivateKey;
                             break;
                        case INS_SET_KEYLENGTH: // resets ECC keys with new key length
                             keyLength = Util.getShort(buf, ISO7816.OFFSET_CDATA);
                           keyPairECC = new KeyPair(KeyPair.ALG_EC_FP, keyLength);
                           ecPrivateKey = (ECPrivateKey) keyPairECC.getPrivate();
                           ecPublicKey = (ECPublicKey) keyPairECC.getPublic();
    //                       keyPairECC.genKeyPair();
    //                         keyLength = Util.getShort(buf, ISO7816.OFFSET_CDATA);
                             break;
                        case INS_SET_p: 
                             keyContext.setFieldFP(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
         
                        case INS_SET_A: 
                             keyContext.setA(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
         
                        case INS_SET_B: 
                             keyContext.setB(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
         
                        case INS_SET_P: 
                             keyContext.setG(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
         
                        case INS_SET_M: 
                             keyContext.setR(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
         
                        case INS_SET_T: 
                             ((ECPrivateKey) keyContext).setS(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
                        case INS_SET_Q: 
                             ((ECPublicKey) keyContext).setW(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                             break;
                        case OBJECT_DELETION:
                              if (JCSystem.isObjectDeletionSupported()) {
                                   JCSystem.requestObjectDeletion();
                              }
                              break;
                        // key agreement example --> common secret
                        case DO_KA_TEST:
                             if(!ecPrivateKey.isInitialized())
                                  ISOException.throwIt(ISO7816.SW_DATA_INVALID);
                             keyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); 
                             // APDU buffer organization: | 28 byte secret | 53 byte public | 
                             // set EC private key
                             keyAgreement.init(ecPrivateKey); 
                             // set public part (rest is same as private)
                             publicPartLength = ecPublicKey.getW(buf, (short) 20);
                             // generate common secret which can be used for key agreement
                             keyAgreement.generateSecret(buf, (short) 20, publicPartLength, buf, (short) 0);
                             // output common secret
                             apdu.setOutgoingAndSend((short) 0, (short) 20);
                             break;
                        case DO_KEY_GEN:
                        try {
                             keyPairECC.genKeyPair();
                        } catch (CryptoException e) {
                             ISOException.throwIt((short) (ISO7816.SW_UNKNOWN | e.getReason()));
                        }
                             break;
                        case DO_SIG_TEST:
                             // TASK
                             sig.init(ecPrivateKey, Signature.MODE_SIGN);
                             // ..
                             break;
                        case DO_GET_POINT:
                             short responseLength;
                             if(buf[ISO7816.OFFSET_P1] == (byte)0x01){
                                  responseLength = ecPublicKey.getW(buf, (short) 0);
                             } else {
                                  responseLength = ecPrivateKey.getS(buf, (short) 0);
                             }
                             apdu.setOutgoingAndSend((short) 0, responseLength);
                             break;
                        default:
                             ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
                   }
              } catch (CryptoException ce) {
                   ISOException.throwIt((short) (ISO7816.SW_UNKNOWN | ce.getReason()));
              } 
         }
    } 
    and the script
    /select |eccGfpApp
    # set key length to 256 bits
    /send 80010000020100
    
    # select EC public key, bp_256r1
    /send 800B00000101 9000
    
    # populate p == FP
    /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
    
    # populate a == A
    /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
    
    # populate b == B
    /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
    
    # populate G == P
    /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
    
    # populate m == R
    /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
    
    # populate W == Q
    #/send 80080000#(049FCDB28D12F0550D7053D6E4AC6BB848BD4A881DD3007AF18B156DB307733A2E3965BC1F479293DD48E7BD294BBFE3D5679D795630CDAEEBCD8AC909C6A2410A) 9000
           
    # select EC private key
    /send 800B00000102 9000
    
    # populate p == FP
    /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
    
    # populate a == A
    /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
    
    # populate b == B
    /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
    
    # populate P == P
    /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
    
    # populate m == M
    /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
    
    # populate S == T
    #/send 80070000#(346EF57569A83AD0DEF40DA12858B6870F4031ABD61052A02F38C37A44FD0E6B) 9000
    
    # test key agreement, output is the shared secret
    #/send 800C0000 *9000
    
    # on-card key generation
    /send 800E0000 9000
    
    /send 800F010000 *9000
    /send 800F020000 *9000
    and the log run on JCOP 2.4.2 R2
    /select |eccGfpApp
     => 00 A4 04 00 09 65 63 63 47 66 70 41 70 70 00       .....eccGfpApp.
     (265197 nsec)
     <= 00 01 90 00                                        ....
    Status: No Error
    /send 80010000020100
     => 80 01 00 00 02 01 00                               .......
     (1172 usec)
     <= 90 00                                              ..
    Status: No Error
    /send 800B00000101 9000
     => 80 0B 00 00 01 01                                  ......
     (308301 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
     => 80 02 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
        90 9D 83 8D 72 6E 3B F6 23 D5 26 20 28 20 13 48    ....rn;.#.& ( .H
        1D 1F 6E 53 77                                     ..nSw
     (333754 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
     => 80 03 00 00 20 7D 5A 09 75 FC 2C 30 57 EE F6 75    .... }Z.u.,0W..u
        30 41 7A FF E7 FB 80 55 C1 26 DC 5C 6C E9 4A 4B    0Az....U.&.\l.JK
        44 F3 30 B5 D9                                     D.0..
     (284492 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
     => 80 04 00 00 20 26 DC 5C 6C E9 4A 4B 44 F3 30 B5    .... &.\l.JKD.0.
        D9 BB D7 7C BF 95 84 16 29 5C F7 E1 CE 6B CC DC    ...|....)\...k..
        18 FF 8C 07 B6                                     .....
     (263555 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
     => 80 05 00 00 41 04 8B D2 AE B9 CB 7E 57 CB 2C 4B    ....A......~W.,K
        48 2F FC 81 B7 AF B9 DE 27 E1 E3 BD 23 C2 3A 44    H/......'...#.:D
        53 BD 9A CE 32 62 54 7E F8 35 C3 DA C4 FD 97 F8    S...2bT~.5......
        46 1A 14 61 1D C9 C2 77 45 13 2D ED 8E 54 5C 1D    F..a...wE.-..T\.
        54 C7 2F 04 69 97                                  T./.i.
     (259860 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
     => 80 06 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
        90 9D 83 8D 71 8C 39 7A A3 B5 61 A6 F7 90 1E 0E    ....q.9z..a.....
        82 97 48 56 A7                                     ..HV.
     (770548 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 800B00000102 9000
     => 80 0B 00 00 01 02                                  ......
     (189250 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
     => 80 02 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
        90 9D 83 8D 72 6E 3B F6 23 D5 26 20 28 20 13 48    ....rn;.#.& ( .H
        1D 1F 6E 53 77                                     ..nSw
     (366596 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
     => 80 03 00 00 20 7D 5A 09 75 FC 2C 30 57 EE F6 75    .... }Z.u.,0W..u
        30 41 7A FF E7 FB 80 55 C1 26 DC 5C 6C E9 4A 4B    0Az....U.&.\l.JK
        44 F3 30 B5 D9                                     D.0..
     (250829 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
     => 80 04 00 00 20 26 DC 5C 6C E9 4A 4B 44 F3 30 B5    .... &.\l.JKD.0.
        D9 BB D7 7C BF 95 84 16 29 5C F7 E1 CE 6B CC DC    ...|....)\...k..
        18 FF 8C 07 B6                                     .....
     (439668 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
     => 80 05 00 00 41 04 8B D2 AE B9 CB 7E 57 CB 2C 4B    ....A......~W.,K
        48 2F FC 81 B7 AF B9 DE 27 E1 E3 BD 23 C2 3A 44    H/......'...#.:D
        53 BD 9A CE 32 62 54 7E F8 35 C3 DA C4 FD 97 F8    S...2bT~.5......
        46 1A 14 61 1D C9 C2 77 45 13 2D ED 8E 54 5C 1D    F..a...wE.-..T\.
        54 C7 2F 04 69 97                                  T./.i.
     (409290 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
     => 80 06 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
        90 9D 83 8D 71 8C 39 7A A3 B5 61 A6 F7 90 1E 0E    ....q.9z..a.....
        82 97 48 56 A7                                     ..HV.
     (273408 nsec)
     <= 90 00                                              ..
    Status: No Error
    /send 800E0000 9000
     => 80 0E 00 00                                        ....
     (3320 msec)
     <= 90 00                                              ..
    Status: No Error
    /send 800F010000 *9000
     => 80 0F 01 00 00                                     .....
     (5311 msec)
     <= 04 5D DD 76 03 F2 E8 E0 51 83 57 8B D8 6E 2B 31    .].v....Q.W..n+1
        A1 7C 1F CB 9B 67 3F 2A C9 02 6C F6 B6 98 83 CD    .|...g?*..l.....
        5D 23 5A 85 E7 5D C8 C3 E2 A2 8F EB 34 8D 11 0F    ]#Z..]......4...
        29 00 79 A8 64 47 B4 13 94 53 DD 8D F3 FA D6 83    ).y.dG...S......
        E1 90 00                                           ...
    Status: No Error
    /send 800F020000 *9000
     => 80 0F 02 00 00                                     .....
     (6416 msec)
     <= 7B F1 87 B3 8E 79 F2 1D B9 6A CA 02 FB 7F 80 C8    {....y...j......
        27 15 6F F9 EC 88 C9 E3 51 FB AD DB 51 58 84 B6    '.o.....Q...QX..
        90 00                                              ..
    Status: No Error
  • 17. Re: Elliptive Curve Cryptography using ALG_EC_FP
    893199 Explorer
    Currently Being Moderated
    pubkey = (PublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, keylen, false);
    privatekey = (PrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, keylen, false);
    keypair = new KeyPair(pubkey, privatekey);
    
    setParams((ECPublicKey)(keypair.getPublic()), keyparam);
    
    keypair.genKeyPair();
    setParams above is the thing that sets all the curve info. I was incorrect in my original post, you only need to set the params for the public key. In this case I was generating a 256 bit key pair - (NIST P-256 curve) so the keylen parameter in buildKey was '256'.

    This works for my J3A JCOP card.

    You may want to go back and re-confirm your curve parameters, there are combinations that give illegal results.
  • 18. Re: Elliptive Curve Cryptography using ALG_EC_FP
    Nara Newbie
    Currently Being Moderated
    Thank you so much Lexdabear!! You are a Saviour!!

    It works like a champ.. I guess all that mattered was the curve parameters.
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points