user2642459
Reputation: 507
How to sign using ECDSA in Javacard
I'm trying to implement the signing code using ECDSA. But I always get a Error SW (6F00) during install phase. I tried by changing parameters several times. (ex. ALG_EC_FP / ALG_EC_F2M, LENGTH_EC_FP_xxx / LENGTH_EC_F2M_xxx) Could you tell me my mistake in my code below. (Ver - JCDK 2.2.1, JDK 1.4.2)
package Test;
import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;
public class Test extends Applet{
private byte[] PLAINTEXT ;
private ECPrivateKey objECDSAPriKey=null; // Object for ECDSA Private Key
private ECPublicKey objECDSAPubKey=null; // Object for ECDSA Public Key
private KeyPair objECDSAKeyPair=null; // Object for ECDSA Key Pair
private Signature objECDSASign=null; // Object for ECDSA Signature
final static short BAS = 0;
//------------------------------------------------------------------------
public static void install(byte[] bArray, short bOffset, byte bLength){
new Test(bArray, bOffset, bLength);
}
private Test(byte bArray[], short bOffset, byte bLength){
PLAINTEXT = new byte[0x100] ; // Data file
Util.arrayFillNonAtomic(PLAINTEXT, BAS, (short)0x100, (byte)0);
// Error position (6F00)
objECDSAKeyPair= new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192); // Error position (6F00)
// Create Signature Object
objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
register();
}
//------------------------------------------------------------------------
public void process(APDU apdu){
byte buf[] = apdu.getBuffer();
switch(buf[1])
{
case (byte)0xA4: break;
case (byte)0x46:
objECDSAKeyPair.genKeyPair();
objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();
break;
case (byte)0x2E:
short Le = apdu.setOutgoing();
short sSignLen=0 ;
// Init with Private Key
objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);
//objECDSASign.init(objECDSAKeyPair.getPrivate(), Signature.MODE_SIGN);
// Sign Data
sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);
apdu.setOutgoingLength(sSignLen);
apdu.sendBytes(BAS, sSignLen);
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
return;
} }
I got a JCOP card and its specification, and I read that the card support ECC in the spec. But I doubt that the spec is the card's spec and the card really support ECC. Is there any way to check that???
Thank you in advance.
Upvotes: 2
Views: 1245
Answers (1)
Anurag Sharma
Reputation: 502
Please modify your code to
try
{
// Error position (6F00)
objECDSAKeyPair= new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);
}
catch(CryptoException c)
{
//this line will give you the reason of problem ![see image][1]
byte reason = c.getReason();
}
*image link : https://i.sstatic.net/dFXVd.png
Upvotes: 3
Related Questions
- Can I use ECDSA certificate to generate signature with xades4j?
- Cannot sign a JWT using Elliptic Curve (EC) cryptography
- how to sign CSR using pkcs11 wrapper ECDSA key
- How to RSA Sign in java card?
- Signing document with qualified certificate - smart card
- How to convert ECDSA curve parameters for Java Card
- How to sign the Certificates with Elliptic curve private keys and ECDSA algorithm?
- ECDSA Signature in Javacard
- (1)Convert the ECDSA private & public key, (2)Verification by ECDSA
- JavaCard> sign and verify