CODEWITHSUNDEEP
digital-signaturesmartcardjavacardapduecdsa
bp14
bp14

Reputation: 254

Sending signature data in response APDU - Java Card

I would like to sign some data (the MESSAGE byte array) on my Java Card and then return the signature in a response APDU. My code works fine (or at least I think it does and it returns 9000) without the line apdu.sendBytes(BAS, sSignLen), but when I uncomment it I get an unknown error (0xC000002B (Unknown error.)).

When I try to send other data in a response APDU it works flawlessly.

apdu.setIncomingAndReceive();
Util.arrayCopyNonAtomic(MESSAGE, (short) 0, buffer, (short) 0, (short) MESSAGE.length);
apdu.setOutgoingAndSend((short) 0, (short) MESSAGE.length);

Here is my code. What am I doing wrong or missing? Thank you!

public class TestApplet extends Applet {

    ...

    private final static byte SIGN = (byte) 0x01;

    ...

    private final static byte[] MESSAGE = new byte[] { 'M', 'e', 's', 's', 'a', 'g', 'e' };

    final static short BAS = 0;

    public void process(APDU apdu) {
        if (this.selectingApplet())
            return;

        byte buffer[] = apdu.getBuffer();

        ...

        switch (buffer[ISO7816.OFFSET_INS]) {
        case SIGN:
            try {
                ECDSAKeyPair = Secp256k1Domain.getKeyPairParameter();
                ECDSAKeyPair.genKeyPair();

                ECDSAPublicKey = (ECPublicKey) ECDSAKeyPair.getPublic();
                ECDSAPrivateKey = (ECPrivateKey) ECDSAKeyPair.getPrivate();

                ECDSASignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);

                short signLen = 0;

                byte[] signatureArray = new byte[70];

                ECDSASignature.init(ECDSAPrivateKey, Signature.MODE_SIGN);
                signLen = ECDSASignature.sign(MESSAGE, BAS, (short) MESSAGE.length, signatureArray, BAS);

                apdu.setIncomingAndReceive();
                Util.arrayCopyNonAtomic(signatureArray, (short) 0, buffer, (short) 0, (short) signatureArray.length);
                apdu.setOutgoingAndSend((short) 0, (short) signatureArray.length);
            } catch (CryptoException c) {
                short reason = c.getReason();
                ISOException.throwIt((short) ((short) (0x9C00) | reason));
            }

            break;

        ...

        return;
    }
}

Upvotes: 1

Views: 1114

Answers (1)

Maarten Bodewes
Maarten Bodewes

Reputation: 94038

It's probably that signLen is larger than the Ne value (incorrectly called Le in the JavaCard specifications). You are also abusing the Le value to mean (short) MESSAGE.length by the way. Ne indicates the maximum number of bytes that are expected to be send back.

Upvotes: 2

Related Questions