aboutsummaryrefslogtreecommitdiff
path: root/src/cz/crcs/ectester/applet
diff options
context:
space:
mode:
Diffstat (limited to 'src/cz/crcs/ectester/applet')
-rw-r--r--src/cz/crcs/ectester/applet/ECKeyGenerator.java32
-rw-r--r--src/cz/crcs/ectester/applet/ECKeyTester.java49
-rw-r--r--src/cz/crcs/ectester/applet/ECTesterApplet.java7
-rw-r--r--src/cz/crcs/ectester/applet/ECUtil.java17
4 files changed, 63 insertions, 42 deletions
diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
index b412370..a36bd0c 100644
--- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java
+++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
@@ -39,8 +39,8 @@ public class ECKeyGenerator {
}
public short clearPair(KeyPair keypair, byte key) {
- sw = ISO7816.SW_NO_ERROR;
try {
+ sw = ECUtil.nullCheck(keypair);
if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey();
if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey();
} catch (CardRuntimeException ce) {
@@ -54,8 +54,8 @@ public class ECKeyGenerator {
* @return
*/
public short generatePair(KeyPair keypair) {
- sw = ISO7816.SW_NO_ERROR;
try {
+ sw = ECUtil.nullCheck(keypair);
keypair.genKeyPair();
} catch (CardRuntimeException ce) {
sw = ce.getReason();
@@ -155,11 +155,12 @@ public class ECKeyGenerator {
* @return
*/
public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) {
- sw = ISO7816.SW_NO_ERROR;
- ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
- ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
-
try {
+ sw = ECUtil.nullCheck(keypair);
+
+ ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
+ ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
+
switch (param) {
case EC_Consts.PARAMETER_FP:
if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length);
@@ -174,8 +175,11 @@ public class ECKeyGenerator {
short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]);
short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]);
short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]);
- if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3);
- if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3);
+// if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3);
+// if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3);
+ // TODO fix this
+ if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1);
+ if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1);
} else {
sw = ISO7816.SW_UNKNOWN;
}
@@ -275,12 +279,12 @@ public class ECKeyGenerator {
* @return length of data written
*/
public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) {
- sw = ISO7816.SW_NO_ERROR;
- ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
- ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
-
short length = 0;
try {
+ sw = ECUtil.nullCheck(keypair);
+ ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
+ ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
+
switch (param) {
case EC_Consts.PARAMETER_FP:
if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset);
@@ -385,8 +389,10 @@ public class ECKeyGenerator {
* @return sw
*/
public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) {
- sw = ISO7816.SW_NO_ERROR;
try {
+ sw = ECUtil.nullCheck(from);
+ sw = ECUtil.nullCheck(to);
+
short param = EC_Consts.PARAMETER_FP;
while (param <= EC_Consts.PARAMETER_K) {
short masked = (short) (param & params);
diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java
index 64f3024..c4b58e0 100644
--- a/src/cz/crcs/ectester/applet/ECKeyTester.java
+++ b/src/cz/crcs/ectester/applet/ECKeyTester.java
@@ -4,10 +4,7 @@ package cz.crcs.ectester.applet;
import javacard.framework.CardRuntimeException;
import javacard.framework.ISO7816;
import javacard.framework.Util;
-import javacard.security.ECPrivateKey;
-import javacard.security.ECPublicKey;
-import javacard.security.KeyAgreement;
-import javacard.security.Signature;
+import javacard.security.*;
/**
* Class capable of testing ECDH/C and ECDSA.
@@ -53,11 +50,15 @@ public class ECKeyTester {
return sw;
}
- private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) {
- sw = ISO7816.SW_NO_ERROR;
+ private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
short length = 0;
try {
- ka.init(privateKey);
+ sw = ECUtil.nullCheck(privatePair);
+ sw = ECUtil.nullCheck(publicPair);
+
+ ka.init(privatePair.getPrivate());
+ short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset);
+ pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength);
length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset);
} catch (CardRuntimeException ce) {
sw = ce.getReason();
@@ -66,12 +67,12 @@ public class ECKeyTester {
}
/**
- * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}.
+ * Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}.
* Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
* Output should equal with ECDHC output.
*
- * @param privateKey
- * @param publicKey
+ * @param privatePair
+ * @param publicPair
* @param pubkeyBuffer
* @param pubkeyOffset
* @param outputBuffer
@@ -79,19 +80,17 @@ public class ECKeyTester {
* @param corruption
* @return derived secret length
**/
- public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
- short length = publicKey.getW(pubkeyBuffer, pubkeyOffset);
- length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length);
- return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset);
+ public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+ return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
}
/**
- * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}.
+ * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}.
* Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
* Output should equal to ECDH output.
*
- * @param privateKey
- * @param publicKey
+ * @param privatePair
+ * @param publicPair
* @param pubkeyBuffer
* @param pubkeyOffset
* @param outputBuffer
@@ -99,16 +98,14 @@ public class ECKeyTester {
* @param corruption
* @return derived secret length
*/
- public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
- short length = publicKey.getW(pubkeyBuffer, pubkeyOffset);
- length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length);
- return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset);
+ public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+ return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
}
/**
*
- * @param privateKey
- * @param publicKey
+ * @param privatePair
+ * @param publicPair
* @param pubkeyBuffer
* @param pubkeyOffset
* @param outputBuffer
@@ -116,12 +113,12 @@ public class ECKeyTester {
* @param corruption
* @return
*/
- public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
- short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
+ public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+ short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
if (sw != ISO7816.SW_NO_ERROR) {
return ecdhLength;
}
- short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption);
+ short ecdhcLength = testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption);
short length = (short) (ecdhLength + ecdhcLength);
if (sw != ISO7816.SW_NO_ERROR) {
return length;
diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java
index 98f59c4..f802233 100644
--- a/src/cz/crcs/ectester/applet/ECTesterApplet.java
+++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java
@@ -64,6 +64,7 @@ public class ECTesterApplet extends Applet {
// STATUS WORDS
public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1;
public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2;
+ public static final short SW_KEYPAIR_NULL = (short) 0x0ee3;
private static final short ARRAY_LENGTH = (short) 0xff;
@@ -551,13 +552,13 @@ public class ECTesterApplet extends Applet {
short secretLength = 0;
switch (type) {
case EC_Consts.KA_ECDH:
- secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ secretLength = keyTester.testECDH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
break;
case EC_Consts.KA_ECDHC:
- secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
break;
case EC_Consts.KA_BOTH:
- secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
break;
default:
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java
new file mode 100644
index 0000000..e7e4a8a
--- /dev/null
+++ b/src/cz/crcs/ectester/applet/ECUtil.java
@@ -0,0 +1,17 @@
+package cz.crcs.ectester.applet;
+
+import javacard.framework.ISO7816;
+import javacard.framework.ISOException;
+import javacard.security.KeyPair;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class ECUtil {
+
+ static short nullCheck(KeyPair keyPair) {
+ if (keyPair == null)
+ ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL);
+ return ISO7816.SW_NO_ERROR;
+ }
+}
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 14:33:16 +0000