1 2 Previous Next 18 Replies Latest reply: Jan 25, 2013 1:58 AM by Nara Go to original post RSS
      • 15. Re: Elliptive Curve Cryptography using ALG_EC_FP
        816119
        The keys are initialized to default automatically when you call GenKeyPair() right?
        i commented this lines:
        /*
        ecPrivateKey = (ECPrivateKey) keyPairECC.getPrivate();
        ecPublicKey = (ECPublicKey) keyPairECC.getPublic();
        ecPrivateKey.setFieldFP(valFP, (short)0,(short)valFP.length);
        ecPrivateKey.setA(valA,(short)0,(short)valA.length);
        ecPublicKey.setA(valA,(short)0,(short)valA.length);
        ecPrivateKey.setB(valB, (short)0, (short)valB.length);
        ecPublicKey.setB(valB, (short)0, (short)valB.length);
        ecPrivateKey.setG(valG, (short)0, (short)valG.length);
        ecPublicKey.setG(valG, (short)0, (short)valG.length);
        ecPrivateKey.setR(valN, (short)0, (short)valN.length);
        ecPublicKey.setR(valN, (short)0, (short)valN.length);
        ecPrivateKey.setS(valS,(short)0,(short)valS.length);
        ecPublicKey.setW(valW,(short)0,(short)valW.length);
        ecPrivateKey.setS(buf, ISO7816.OFFSET_CDATA, ISO7816.OFFSET_LC);
        ecPrivateKey.setK(k);
        ecPublicKey.setK(k);
        */
        and used LENGTH_EC_FP_192. Aftet that genKeyPair(); does not rise exception.

        Edited by: 666 on 24.01.2013 4:25
        • 16. Re: Elliptive Curve Cryptography using ALG_EC_FP
          801926
          Here example from the JCOP training
          package com.nxp.id.test.ecc.gfp;
          
          import javacard.framework.APDU;
          import javacard.framework.Applet;
          import javacard.framework.ISO7816;
          import javacard.framework.ISOException;
          import javacard.framework.JCSystem;
          import javacard.framework.Util;
          import javacard.security.CryptoException;
          import javacard.security.ECKey;
          import javacard.security.ECPrivateKey;
          import javacard.security.ECPublicKey;
          import javacard.security.KeyAgreement;
          import javacard.security.KeyBuilder;
          import javacard.security.KeyPair;
          import javacard.security.Signature;
          
          public class EccTest extends Applet {
               private static final short VERSION_INFO_MAJOR_MINOR = (short)0x0001;
               
               private short keyLength;
               private static final byte INS_SET_KEYLENGTH = (byte)0x01;     
               private static final byte INS_SET_p = (byte)0x02; 
               private static final byte INS_SET_A = (byte)0x03;      
               private static final byte INS_SET_B = (byte)0x04;
               private static final byte INS_SET_P = (byte)0x05;
               private static final byte INS_SET_M = (byte)0x06;
               private static final byte INS_SET_T = (byte)0x07;
               private static final byte INS_SET_Q = (byte)0x08;
               private static final byte OBJECT_DELETION = (byte)0x0A;
               private static final byte DEFINE_KEY = (short)0x0B;
               private static final byte DO_KA_TEST = 0x0C;
               private static final byte DO_SIG_TEST = 0x0D;
               private static final byte DO_KEY_GEN = 0x0E;
               private static final byte DO_GET_POINT = 0x0F;
               
               private KeyPair keyPairECC;
               private KeyAgreement keyAgreement;
               private ECPrivateKey ecPrivateKey;
               private ECPublicKey ecPublicKey;
               private ECKey keyContext;
               private Signature sig;
          
              EccTest() {
                  keyContext = ecPrivateKey; // initially
                  sig = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
              }
              
               public static void install(byte[] bArray, short bOffset, byte bLength) {
                    new EccTest().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
               }
          
               public void process(APDU apdu) {
                    byte[] buf = apdu.getBuffer();
                    
                    if (selectingApplet()) {
                      Util.setShort(buf, (short) 0, VERSION_INFO_MAJOR_MINOR);
                      apdu.setOutgoingAndSend((short) 0, (short) 2);
                         return;
                    }
                    short publicPartLength =0;
                    
                    try {
                         switch (buf[ISO7816.OFFSET_INS]) {
                              case DEFINE_KEY:
                                   if (buf[ISO7816.OFFSET_CDATA] == (byte) 0x01)
                                        keyContext = ecPublicKey;
                                   else
                                        keyContext = ecPrivateKey;
                                   break;
                              case INS_SET_KEYLENGTH: // resets ECC keys with new key length
                                   keyLength = Util.getShort(buf, ISO7816.OFFSET_CDATA);
                                 keyPairECC = new KeyPair(KeyPair.ALG_EC_FP, keyLength);
                                 ecPrivateKey = (ECPrivateKey) keyPairECC.getPrivate();
                                 ecPublicKey = (ECPublicKey) keyPairECC.getPublic();
          //                       keyPairECC.genKeyPair();
          //                         keyLength = Util.getShort(buf, ISO7816.OFFSET_CDATA);
                                   break;
                              case INS_SET_p: 
                                   keyContext.setFieldFP(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
               
                              case INS_SET_A: 
                                   keyContext.setA(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
               
                              case INS_SET_B: 
                                   keyContext.setB(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
               
                              case INS_SET_P: 
                                   keyContext.setG(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
               
                              case INS_SET_M: 
                                   keyContext.setR(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
               
                              case INS_SET_T: 
                                   ((ECPrivateKey) keyContext).setS(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
                              case INS_SET_Q: 
                                   ((ECPublicKey) keyContext).setW(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC]);
                                   break;
                              case OBJECT_DELETION:
                                    if (JCSystem.isObjectDeletionSupported()) {
                                         JCSystem.requestObjectDeletion();
                                    }
                                    break;
                              // key agreement example --> common secret
                              case DO_KA_TEST:
                                   if(!ecPrivateKey.isInitialized())
                                        ISOException.throwIt(ISO7816.SW_DATA_INVALID);
                                   keyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); 
                                   // APDU buffer organization: | 28 byte secret | 53 byte public | 
                                   // set EC private key
                                   keyAgreement.init(ecPrivateKey); 
                                   // set public part (rest is same as private)
                                   publicPartLength = ecPublicKey.getW(buf, (short) 20);
                                   // generate common secret which can be used for key agreement
                                   keyAgreement.generateSecret(buf, (short) 20, publicPartLength, buf, (short) 0);
                                   // output common secret
                                   apdu.setOutgoingAndSend((short) 0, (short) 20);
                                   break;
                              case DO_KEY_GEN:
                              try {
                                   keyPairECC.genKeyPair();
                              } catch (CryptoException e) {
                                   ISOException.throwIt((short) (ISO7816.SW_UNKNOWN | e.getReason()));
                              }
                                   break;
                              case DO_SIG_TEST:
                                   // TASK
                                   sig.init(ecPrivateKey, Signature.MODE_SIGN);
                                   // ..
                                   break;
                              case DO_GET_POINT:
                                   short responseLength;
                                   if(buf[ISO7816.OFFSET_P1] == (byte)0x01){
                                        responseLength = ecPublicKey.getW(buf, (short) 0);
                                   } else {
                                        responseLength = ecPrivateKey.getS(buf, (short) 0);
                                   }
                                   apdu.setOutgoingAndSend((short) 0, responseLength);
                                   break;
                              default:
                                   ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
                         }
                    } catch (CryptoException ce) {
                         ISOException.throwIt((short) (ISO7816.SW_UNKNOWN | ce.getReason()));
                    } 
               }
          } 
          and the script
          /select |eccGfpApp
          # set key length to 256 bits
          /send 80010000020100
          
          # select EC public key, bp_256r1
          /send 800B00000101 9000
          
          # populate p == FP
          /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
          
          # populate a == A
          /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
          
          # populate b == B
          /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
          
          # populate G == P
          /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
          
          # populate m == R
          /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
          
          # populate W == Q
          #/send 80080000#(049FCDB28D12F0550D7053D6E4AC6BB848BD4A881DD3007AF18B156DB307733A2E3965BC1F479293DD48E7BD294BBFE3D5679D795630CDAEEBCD8AC909C6A2410A) 9000
                 
          # select EC private key
          /send 800B00000102 9000
          
          # populate p == FP
          /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
          
          # populate a == A
          /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
          
          # populate b == B
          /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
          
          # populate P == P
          /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
          
          # populate m == M
          /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
          
          # populate S == T
          #/send 80070000#(346EF57569A83AD0DEF40DA12858B6870F4031ABD61052A02F38C37A44FD0E6B) 9000
          
          # test key agreement, output is the shared secret
          #/send 800C0000 *9000
          
          # on-card key generation
          /send 800E0000 9000
          
          /send 800F010000 *9000
          /send 800F020000 *9000
          and the log run on JCOP 2.4.2 R2
          /select |eccGfpApp
           => 00 A4 04 00 09 65 63 63 47 66 70 41 70 70 00       .....eccGfpApp.
           (265197 nsec)
           <= 00 01 90 00                                        ....
          Status: No Error
          /send 80010000020100
           => 80 01 00 00 02 01 00                               .......
           (1172 usec)
           <= 90 00                                              ..
          Status: No Error
          /send 800B00000101 9000
           => 80 0B 00 00 01 01                                  ......
           (308301 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
           => 80 02 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
              90 9D 83 8D 72 6E 3B F6 23 D5 26 20 28 20 13 48    ....rn;.#.& ( .H
              1D 1F 6E 53 77                                     ..nSw
           (333754 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
           => 80 03 00 00 20 7D 5A 09 75 FC 2C 30 57 EE F6 75    .... }Z.u.,0W..u
              30 41 7A FF E7 FB 80 55 C1 26 DC 5C 6C E9 4A 4B    0Az....U.&.\l.JK
              44 F3 30 B5 D9                                     D.0..
           (284492 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
           => 80 04 00 00 20 26 DC 5C 6C E9 4A 4B 44 F3 30 B5    .... &.\l.JKD.0.
              D9 BB D7 7C BF 95 84 16 29 5C F7 E1 CE 6B CC DC    ...|....)\...k..
              18 FF 8C 07 B6                                     .....
           (263555 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
           => 80 05 00 00 41 04 8B D2 AE B9 CB 7E 57 CB 2C 4B    ....A......~W.,K
              48 2F FC 81 B7 AF B9 DE 27 E1 E3 BD 23 C2 3A 44    H/......'...#.:D
              53 BD 9A CE 32 62 54 7E F8 35 C3 DA C4 FD 97 F8    S...2bT~.5......
              46 1A 14 61 1D C9 C2 77 45 13 2D ED 8E 54 5C 1D    F..a...wE.-..T\.
              54 C7 2F 04 69 97                                  T./.i.
           (259860 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
           => 80 06 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
              90 9D 83 8D 71 8C 39 7A A3 B5 61 A6 F7 90 1E 0E    ....q.9z..a.....
              82 97 48 56 A7                                     ..HV.
           (770548 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 800B00000102 9000
           => 80 0B 00 00 01 02                                  ......
           (189250 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80020000#(A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377) 9000
           => 80 02 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
              90 9D 83 8D 72 6E 3B F6 23 D5 26 20 28 20 13 48    ....rn;.#.& ( .H
              1D 1F 6E 53 77                                     ..nSw
           (366596 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80030000#(7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9) 9000
           => 80 03 00 00 20 7D 5A 09 75 FC 2C 30 57 EE F6 75    .... }Z.u.,0W..u
              30 41 7A FF E7 FB 80 55 C1 26 DC 5C 6C E9 4A 4B    0Az....U.&.\l.JK
              44 F3 30 B5 D9                                     D.0..
           (250829 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80040000#(26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6) 9000
           => 80 04 00 00 20 26 DC 5C 6C E9 4A 4B 44 F3 30 B5    .... &.\l.JKD.0.
              D9 BB D7 7C BF 95 84 16 29 5C F7 E1 CE 6B CC DC    ...|....)\...k..
              18 FF 8C 07 B6                                     .....
           (439668 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80050000#(048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997) 9000
           => 80 05 00 00 41 04 8B D2 AE B9 CB 7E 57 CB 2C 4B    ....A......~W.,K
              48 2F FC 81 B7 AF B9 DE 27 E1 E3 BD 23 C2 3A 44    H/......'...#.:D
              53 BD 9A CE 32 62 54 7E F8 35 C3 DA C4 FD 97 F8    S...2bT~.5......
              46 1A 14 61 1D C9 C2 77 45 13 2D ED 8E 54 5C 1D    F..a...wE.-..T\.
              54 C7 2F 04 69 97                                  T./.i.
           (409290 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 80060000#(A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7) 9000
           => 80 06 00 00 20 A9 FB 57 DB A1 EE A9 BC 3E 66 0A    .... ..W.....>f.
              90 9D 83 8D 71 8C 39 7A A3 B5 61 A6 F7 90 1E 0E    ....q.9z..a.....
              82 97 48 56 A7                                     ..HV.
           (273408 nsec)
           <= 90 00                                              ..
          Status: No Error
          /send 800E0000 9000
           => 80 0E 00 00                                        ....
           (3320 msec)
           <= 90 00                                              ..
          Status: No Error
          /send 800F010000 *9000
           => 80 0F 01 00 00                                     .....
           (5311 msec)
           <= 04 5D DD 76 03 F2 E8 E0 51 83 57 8B D8 6E 2B 31    .].v....Q.W..n+1
              A1 7C 1F CB 9B 67 3F 2A C9 02 6C F6 B6 98 83 CD    .|...g?*..l.....
              5D 23 5A 85 E7 5D C8 C3 E2 A2 8F EB 34 8D 11 0F    ]#Z..]......4...
              29 00 79 A8 64 47 B4 13 94 53 DD 8D F3 FA D6 83    ).y.dG...S......
              E1 90 00                                           ...
          Status: No Error
          /send 800F020000 *9000
           => 80 0F 02 00 00                                     .....
           (6416 msec)
           <= 7B F1 87 B3 8E 79 F2 1D B9 6A CA 02 FB 7F 80 C8    {....y...j......
              27 15 6F F9 EC 88 C9 E3 51 FB AD DB 51 58 84 B6    '.o.....Q...QX..
              90 00                                              ..
          Status: No Error
          • 17. Re: Elliptive Curve Cryptography using ALG_EC_FP
            893199
            pubkey = (PublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, keylen, false);
            privatekey = (PrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, keylen, false);
            keypair = new KeyPair(pubkey, privatekey);
            
            setParams((ECPublicKey)(keypair.getPublic()), keyparam);
            
            keypair.genKeyPair();
            setParams above is the thing that sets all the curve info. I was incorrect in my original post, you only need to set the params for the public key. In this case I was generating a 256 bit key pair - (NIST P-256 curve) so the keylen parameter in buildKey was '256'.

            This works for my J3A JCOP card.

            You may want to go back and re-confirm your curve parameters, there are combinations that give illegal results.
            • 18. Re: Elliptive Curve Cryptography using ALG_EC_FP
              Nara
              Thank you so much Lexdabear!! You are a Saviour!!

              It works like a champ.. I guess all that mattered was the curve parameters.
              1 2 Previous Next