author: J08nY 2017-04-19 01:10:17 +0200
committer: J08nY 2017-04-19 01:10:17 +0200
commit: a7eef06134bef0861e43261640d61153ebb2a6e5 (patch)
tree: 2ef308843b4e8b1770be6681c15b98dcd78d40ff /src/cz/crcs/ectester/applet
parent: f4a66768ed6dfcfd7156ad0c8c364cdbf6e45e9c (diff)
download: ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.tar.gz
ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.tar.zst
ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.zip
4 files changed, 63 insertions, 42 deletions
diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
index b412370..a36bd0c 100644
--- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java
+++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
@@ -39,8 +39,8 @@ public class ECKeyGenerator {
     }
 
     public short clearPair(KeyPair keypair, byte key) {
-        sw = ISO7816.SW_NO_ERROR;
         try {
+            sw = ECUtil.nullCheck(keypair);
             if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey();
             if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey();
         } catch (CardRuntimeException ce) {
@@ -54,8 +54,8 @@ public class ECKeyGenerator {
      * @return
      */
     public short generatePair(KeyPair keypair) {
-        sw = ISO7816.SW_NO_ERROR;
         try {
+            sw = ECUtil.nullCheck(keypair);
             keypair.genKeyPair();
         } catch (CardRuntimeException ce) {
             sw = ce.getReason();
@@ -155,11 +155,12 @@ public class ECKeyGenerator {
      * @return
      */
     public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) {
-        sw = ISO7816.SW_NO_ERROR;
-        ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
-        ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
-
         try {
+            sw = ECUtil.nullCheck(keypair);
+
+            ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
+            ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
+
             switch (param) {
                 case EC_Consts.PARAMETER_FP:
                     if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length);
@@ -174,8 +175,11 @@ public class ECKeyGenerator {
                         short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]);
                         short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]);
                         short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]);
-                        if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3);
-                        if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3);
+//                        if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3);
+//                        if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3);
+                        // TODO fix this
+                        if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1);
+                        if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1);
                     } else {
                         sw = ISO7816.SW_UNKNOWN;
                     }
@@ -275,12 +279,12 @@ public class ECKeyGenerator {
      * @return length of data written
      */
     public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) {
-        sw = ISO7816.SW_NO_ERROR;
-        ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
-        ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
-
         short length = 0;
         try {
+            sw = ECUtil.nullCheck(keypair);
+            ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
+            ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
+
             switch (param) {
                 case EC_Consts.PARAMETER_FP:
                     if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset);
@@ -385,8 +389,10 @@ public class ECKeyGenerator {
      * @return sw
      */
     public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) {
-        sw = ISO7816.SW_NO_ERROR;
         try {
+            sw = ECUtil.nullCheck(from);
+            sw = ECUtil.nullCheck(to);
+
             short param = EC_Consts.PARAMETER_FP;
             while (param <= EC_Consts.PARAMETER_K) {
                 short masked = (short) (param & params);
diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java
index 64f3024..c4b58e0 100644
--- a/src/cz/crcs/ectester/applet/ECKeyTester.java
+++ b/src/cz/crcs/ectester/applet/ECKeyTester.java
@@ -4,10 +4,7 @@ package cz.crcs.ectester.applet;
 import javacard.framework.CardRuntimeException;
 import javacard.framework.ISO7816;
 import javacard.framework.Util;
-import javacard.security.ECPrivateKey;
-import javacard.security.ECPublicKey;
-import javacard.security.KeyAgreement;
-import javacard.security.Signature;
+import javacard.security.*;
 
 /**
  * Class capable of testing ECDH/C and ECDSA.
@@ -53,11 +50,15 @@ public class ECKeyTester {
         return sw;
     }
 
-    private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) {
-        sw = ISO7816.SW_NO_ERROR;
+    private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
         short length = 0;
         try {
-            ka.init(privateKey);
+            sw = ECUtil.nullCheck(privatePair);
+            sw = ECUtil.nullCheck(publicPair);
+
+            ka.init(privatePair.getPrivate());
+            short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset);
+            pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength);
             length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset);
         } catch (CardRuntimeException ce) {
             sw = ce.getReason();
@@ -66,12 +67,12 @@ public class ECKeyTester {
     }
 
     /**
-     * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}.
+     * Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}.
      * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
      * Output should equal with ECDHC output.
      *
-     * @param privateKey
-     * @param publicKey
+     * @param privatePair
+     * @param publicPair
      * @param pubkeyBuffer
      * @param pubkeyOffset
      * @param outputBuffer
@@ -79,19 +80,17 @@ public class ECKeyTester {
      * @param corruption
      * @return derived secret length
      **/
-    public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
-        short length = publicKey.getW(pubkeyBuffer, pubkeyOffset);
-        length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length);
-        return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset);
+    public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+        return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
     }
 
     /**
-     * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}.
+     * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}.
      * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
      * Output should equal to ECDH output.
      *
-     * @param privateKey
-     * @param publicKey
+     * @param privatePair
+     * @param publicPair
      * @param pubkeyBuffer
      * @param pubkeyOffset
      * @param outputBuffer
@@ -99,16 +98,14 @@ public class ECKeyTester {
      * @param corruption
      * @return derived secret length
      */
-    public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
-        short length = publicKey.getW(pubkeyBuffer, pubkeyOffset);
-        length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length);
-        return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset);
+    public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+        return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
     }
 
     /**
      *
-     * @param privateKey
-     * @param publicKey
+     * @param privatePair
+     * @param publicPair
      * @param pubkeyBuffer
      * @param pubkeyOffset
      * @param outputBuffer
@@ -116,12 +113,12 @@ public class ECKeyTester {
      * @param corruption
      * @return
      */
-    public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
-        short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
+    public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+        short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
         if (sw != ISO7816.SW_NO_ERROR) {
             return ecdhLength;
         }
-        short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption);
+        short ecdhcLength = testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption);
         short length = (short) (ecdhLength + ecdhcLength);
         if (sw != ISO7816.SW_NO_ERROR) {
             return length;
diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java
index 98f59c4..f802233 100644
--- a/src/cz/crcs/ectester/applet/ECTesterApplet.java
+++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java
@@ -64,6 +64,7 @@ public class ECTesterApplet extends Applet {
     // STATUS WORDS
     public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1;
     public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2;
+    public static final short SW_KEYPAIR_NULL = (short) 0x0ee3;
 
 
     private static final short ARRAY_LENGTH = (short) 0xff;
@@ -551,13 +552,13 @@ public class ECTesterApplet extends Applet {
         short secretLength = 0;
         switch (type) {
             case EC_Consts.KA_ECDH:
-                secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+                secretLength = keyTester.testECDH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
                 break;
             case EC_Consts.KA_ECDHC:
-                secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+                secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
                 break;
             case EC_Consts.KA_BOTH:
-                secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+                secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
                 break;
             default:
                 ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java
new file mode 100644
index 0000000..e7e4a8a
--- /dev/null
+++ b/src/cz/crcs/ectester/applet/ECUtil.java
@@ -0,0 +1,17 @@
+package cz.crcs.ectester.applet;
+
+import javacard.framework.ISO7816;
+import javacard.framework.ISOException;
+import javacard.security.KeyPair;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class ECUtil {
+
+    static short nullCheck(KeyPair keyPair) {
+        if (keyPair == null)
+            ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL);
+        return ISO7816.SW_NO_ERROR;
+    }
+}
author	J08nY	2017-04-19 01:10:17 +0200
committer	J08nY	2017-04-19 01:10:17 +0200
commit	a7eef06134bef0861e43261640d61153ebb2a6e5 (patch)
tree	2ef308843b4e8b1770be6681c15b98dcd78d40ff /src/cz/crcs/ectester/applet
parent	f4a66768ed6dfcfd7156ad0c8c364cdbf6e45e9c (diff)
download	ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.tar.gz ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.tar.zst ECTester-a7eef06134bef0861e43261640d61153ebb2a6e5.zip