diff options
| -rw-r--r-- | src/applets/ECKeyGenerator.java | 27 | ||||
| -rw-r--r-- | src/applets/ECKeyTester.java | 8 | ||||
| -rw-r--r-- | src/applets/EC_Consts.java | 18 | ||||
| -rw-r--r-- | src/applets/SimpleECCApplet.java | 23 |
4 files changed, 35 insertions, 41 deletions
diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index c7155de..393c249 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -70,7 +70,7 @@ public class ECKeyGenerator { } if (sw != ISO7816.SW_NO_ERROR) return sw; - for (byte param = EC_Consts.PARAMETER_A; param < EC_Consts.PARAMETER_K; ++param) { + for (byte param = EC_Consts.PARAMETER_A; param <= EC_Consts.PARAMETER_K; param = (byte)(param << 1)) { length = EC_Consts.getCurveParameter(curve, param, buffer, offset); sw = setExternalParameter(KEY_BOTH, param, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) break; @@ -86,8 +86,17 @@ public class ECKeyGenerator { short sw = setCustomCurve(curve, buffer, offset); if (sw != ISO7816.SW_NO_ERROR) return sw; - short length = EC_Consts.getCorruptCurveParameter(curve, param, buffer, offset, corruptionType); - sw = setExternalParameter(key, param, buffer, offset, length); + //go through param bit by bit, and invalidate all selected params + byte paramMask = 0x01; + while (paramMask <= EC_Consts.PARAMETER_K) { + byte masked = (byte)(paramMask & param); + if (masked != 0){ + short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); + sw = setExternalParameter(key, masked, buffer, offset, length); + if (sw != ISO7816.SW_NO_ERROR) return sw; + } + paramMask = (byte)(paramMask << 1); + } return sw; } @@ -139,12 +148,6 @@ public class ECKeyGenerator { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); } break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); - break; default: result = ISO7816.SW_UNKNOWN; } @@ -189,12 +192,6 @@ public class ECKeyGenerator { if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); length = 2; break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); - break; default: length = -1; } diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index 757ece7..1031b06 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -13,10 +13,6 @@ public class ECKeyTester { private KeyAgreement ecdhcKeyAgreement = null; private Signature ecdsaSignature = null; - //TODO: move these SW definitions to the main applet class. - public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; - public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; - public short allocateECDH() { short result = ISO7816.SW_NO_ERROR; try { @@ -150,12 +146,12 @@ public class ECKeyTester { short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); if (sigLength != 20) { // per javacard.security.Signature an ALG_ECDSA_SHA should be 20 bytes. - result = ECKeyTester.SW_SIG_LENGTH_MISMATCH; + result = SimpleECCApplet.SW_SIG_LENGTH_MISMATCH; } else { ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); if (!correct) { - result = ECKeyTester.SW_SIG_VERIFY_FAIL; + result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; } } } catch (CryptoException ce) { diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 7521979..8bfa7ff 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -17,18 +17,14 @@ public class EC_Consts { private static byte[] EC_F2M_F2M = null; //[short ii, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - public static final byte PARAMETER_FP = 1; - public static final byte PARAMETER_F2M = 2; + public static final byte PARAMETER_FP = 0x01; + public static final byte PARAMETER_F2M = 0x02; - public static final byte PARAMETER_A = 3; - public static final byte PARAMETER_B = 4; - public static final byte PARAMETER_G = 5; - public static final byte PARAMETER_R = 6; - public static final byte PARAMETER_K = 7; - - //TODO make params maskable, to allow for PARAMETER_A | PARAMETER_B passed to for example ECKeyGenerator.setInvalidCustomCurve - public static final byte PARAMETER_S = 8; //private key - public static final byte PARAMETER_W = 9; //public key + public static final byte PARAMETER_A = 0x04; + public static final byte PARAMETER_B = 0x08; + public static final byte PARAMETER_G = 0x10; + public static final byte PARAMETER_R = 0x20; + public static final byte PARAMETER_K = 0x40; public static RandomData m_random = null; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 79abd0e..683e61d 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -7,24 +7,24 @@ package applets; import javacard.framework.*; import javacard.security.*; -import javax.print.attribute.standard.MediaSize; public class SimpleECCApplet extends javacard.framework.Applet { + // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; + final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; + final static byte INS_GENERATEKEY = (byte) 0x5a; + final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; + final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; + final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; + final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; + final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; final static short ARRAY_LENGTH = (short) 0xff; @@ -61,6 +61,8 @@ public class SimpleECCApplet extends javacard.framework.Applet { public final static short SW_SKIPPED = (short) 0x0ee1; public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; + public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; + public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; /* public static final byte[] EC192_FP_PUBLICW = new byte[]{ (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, @@ -454,6 +456,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { ecPrivKey = ecKeyGenerator.getPrivateKey(); ecPubKey = ecKeyGenerator.getPublicKey(); + m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store valid B short startOffset = bufferOffset; short i; @@ -511,6 +514,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { ecPubKey = ecKeyGenerator.getPublicKey(); sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); + m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store B Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; break; //stop execution, return B @@ -553,6 +557,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { return (short) (bufferOffset - baseOffset); } + //TODO: generalize invalid B setting to all curve params void TestECSupportInvalidCurve_lastUsedParams(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); apdu.setIncomingAndReceive(); |