summaryrefslogtreecommitdiff
path: root/src/cz/crcs/ectester/applet
diff options
context:
space:
mode:
Diffstat (limited to 'src/cz/crcs/ectester/applet')
-rw-r--r--src/cz/crcs/ectester/applet/ECKeyTester.java204
-rw-r--r--src/cz/crcs/ectester/applet/ECTesterApplet.java184
-rw-r--r--src/cz/crcs/ectester/applet/EC_Consts.java7
3 files changed, 116 insertions, 279 deletions
diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java
index 0b3c1e0..732cb4c 100644
--- a/src/cz/crcs/ectester/applet/ECKeyTester.java
+++ b/src/cz/crcs/ectester/applet/ECKeyTester.java
@@ -3,7 +3,6 @@ package cz.crcs.ectester.applet;
import javacard.framework.CardRuntimeException;
import javacard.framework.ISO7816;
-import javacard.framework.ISOException;
import javacard.security.*;
/**
@@ -13,77 +12,35 @@ import javacard.security.*;
* @author Jan Jancar johny@neuromancer.sk
*/
public class ECKeyTester {
-
- private KeyAgreement ecdhKeyAgreement = null;
- private KeyAgreement ecdhcKeyAgreement = null;
+ private KeyAgreement ecKeyAgreement = null;
+ private short kaType = 0;
private Signature ecdsaSignature = null;
+ private short sigType = 0;
private short sw = ISO7816.SW_NO_ERROR;
- public short allocateECDH(byte algorithm) {
+ public short allocateKA(byte algorithm) {
sw = ISO7816.SW_NO_ERROR;
try {
- ecdhKeyAgreement = KeyAgreement.getInstance(algorithm, false);
+ ecKeyAgreement = KeyAgreement.getInstance(algorithm, false);
+ kaType = algorithm;
} catch (CardRuntimeException ce) {
sw = ce.getReason();
}
return sw;
}
- public short allocateECDHC(byte algorithm) {
+ public short allocateSig(byte algorithm) {
sw = ISO7816.SW_NO_ERROR;
try {
- ecdhcKeyAgreement = KeyAgreement.getInstance(algorithm, false);
+ ecdsaSignature = Signature.getInstance(algorithm, false);
+ sigType = algorithm;
} catch (CardRuntimeException ce) {
sw = ce.getReason();
}
return sw;
}
- public short allocateECDSA() {
- sw = ISO7816.SW_NO_ERROR;
- try {
- ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
- } catch (CardRuntimeException ce) {
- sw = ce.getReason();
- }
- return sw;
- }
-
- private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
- short length = 0;
- try {
- sw = AppletUtil.kaCheck(ka);
- sw = AppletUtil.keypairCheck(privatePair);
- sw = AppletUtil.keypairCheck(publicPair);
- short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset);
- // reached ok
- ka.init(privatePair.getPrivate()); // throws UNITIALIZED KEY when ALG_EC_SVDP_DHC_PLAIN is used
- //ISOException.throwIt((short) 0x666);
-
- pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength);
- length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset);
- } catch (CardRuntimeException ce) {
- sw = ce.getReason();
- }
- return length;
- }
-
- private short testKA_direct(KeyAgreement ka, KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) {
- short length = 0;
- try {
- sw = AppletUtil.kaCheck(ka);
- sw = AppletUtil.keypairCheck(privatePair);
-
- ka.init(privatePair.getPrivate());
- pubkeyLength = EC_Consts.corruptParameter(corruption, pubkey, pubkeyOffset, pubkeyLength);
- length = ka.generateSecret(pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset);
- } catch (CardRuntimeException ce) {
- sw = ce.getReason();
- }
- return length;
- }
-
/**
* Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}.
* Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
@@ -98,100 +55,48 @@ public class ECKeyTester {
* @param corruption (EC_Consts.CORRUPTION_* | ...)
* @return derived secret length
**/
- public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
- return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
- }
-
- public short testECDH_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) {
- return testKA_direct(ecdhKeyAgreement, privatePair, pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset, corruption);
- }
-
- /**
- * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}.
- * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations.
- * Output should equal to ECDH output.
- *
- * @param privatePair KeyPair from which the private key is used
- * @param publicPair KeyPair from which the public key is used
- * @param pubkeyBuffer buffer to be used for the public key
- * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key
- * @param outputBuffer buffer to be used for the secret output
- * @param outputOffset offset into the outputBuffer
- * @param corruption (EC_Consts.CORRUPTION_* | ...)
- * @return derived secret length
- */
- public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
- return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
- }
-
- public short testECDHC_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) {
- return testKA_direct(ecdhcKeyAgreement, privatePair, pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset, corruption);
- }
-
- /**
- * @param privatePair KeyPair from which the private key is used
- * @param publicPair KeyPair from which the public key is used
- * @param pubkeyBuffer buffer to be used for the public key
- * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key
- * @param outputBuffer buffer to be used for the secret output
- * @param outputOffset offset into the outputBuffer
- * @param corruption (EC_Consts.CORRUPTION_* | ...)
- * @return
- */
- public short testBOTH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
- short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
- if (sw != ISO7816.SW_NO_ERROR) {
- return ecdhLength;
- }
- short ecdhcLength = testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption);
- short length = (short) (ecdhLength + ecdhcLength);
- if (sw != ISO7816.SW_NO_ERROR) {
- return length;
- }
- if (javacard.framework.Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) {
- sw = ECTesterApplet.SW_DH_DHC_MISMATCH;
- }
- return length;
- }
+ public short testKA(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
+ short length = 0;
+ try {
+ sw = AppletUtil.kaCheck(ecKeyAgreement);
+ sw = AppletUtil.keypairCheck(privatePair);
+ sw = AppletUtil.keypairCheck(publicPair);
+ short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset);
+ // reached ok
+ ecKeyAgreement.init(privatePair.getPrivate()); // throws UNITIALIZED KEY when ALG_EC_SVDP_DHC_PLAIN is used
+ //ISOException.throwIt((short) 0x666);
- public short testBOTH_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset, short corruption) {
- short ecdhLength = testECDH_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption);
- if (sw != ISO7816.SW_NO_ERROR) {
- return ecdhLength;
- }
- short ecdhcLength = testECDHC_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption);
- short length = (short) (ecdhLength + ecdhcLength);
- if (sw != ISO7816.SW_NO_ERROR) {
- return length;
- }
- if (javacard.framework.Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) {
- sw = ECTesterApplet.SW_DH_DHC_MISMATCH;
+ pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength);
+ length = ecKeyAgreement.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset);
+ } catch (CardRuntimeException ce) {
+ sw = ce.getReason();
}
return length;
}
/**
- * @param privatePair KeyPair from which the private key is used
- * @param publicPair KeyPair from which the public key is used
- * @param pubkeyBuffer buffer to be used for the public key
- * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key
- * @param outputBuffer buffer to be used for the secret output
- * @param outputOffset offset into the outputBuffer
- * @param corruption (EC_Consts.CORRUPTION_* | ...)
+ * @param privatePair
+ * @param pubkey
+ * @param pubkeyOffset
+ * @param pubkeyLength
+ * @param outpuBuffer
+ * @param outputOffset
+ * @param corruption
* @return
*/
- public short testANY(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) {
- short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
- if (sw == ISO7816.SW_NO_ERROR)
- return ecdhLength;
- return testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
- }
+ public short testKA_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) {
+ short length = 0;
+ try {
+ sw = AppletUtil.kaCheck(ecKeyAgreement);
+ sw = AppletUtil.keypairCheck(privatePair);
- public short testANY_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset, short corruption) {
- short ecdhLength = testECDH_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption);
- if (sw == ISO7816.SW_NO_ERROR)
- return ecdhLength;
- return testECDHC_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption);
+ ecKeyAgreement.init(privatePair.getPrivate());
+ pubkeyLength = EC_Consts.corruptParameter(corruption, pubkey, pubkeyOffset, pubkeyLength);
+ length = ecKeyAgreement.generateSecret(pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset);
+ } catch (CardRuntimeException ce) {
+ sw = ce.getReason();
+ }
+ return length;
}
/**
@@ -227,32 +132,31 @@ public class ECKeyTester {
return length;
}
- public KeyAgreement getECDH() {
- return ecdhKeyAgreement;
+ public KeyAgreement getKA() {
+ return ecKeyAgreement;
}
- public KeyAgreement getECDHC() {
- return ecdhcKeyAgreement;
+ public Signature getSig() {
+ return ecdsaSignature;
}
- public Signature getECDSA() {
- return ecdsaSignature;
+ public boolean hasKA() {
+ return ecKeyAgreement != null;
}
- public boolean hasECDH() {
- return ecdhKeyAgreement != null;
+ public boolean hasSig() {
+ return ecdsaSignature != null;
}
- public boolean hasECDHC() {
- return ecdhcKeyAgreement != null;
+ public short getKaType() {
+ return kaType;
}
- public boolean hasECDSA() {
- return ecdsaSignature != null;
+ public short getSigType() {
+ return sigType;
}
public short getSW() {
return sw;
}
-
}
diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java
index deb3aae..870fb3d 100644
--- a/src/cz/crcs/ectester/applet/ECTesterApplet.java
+++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java
@@ -26,11 +26,7 @@
package cz.crcs.ectester.applet;
import javacard.framework.*;
-import javacard.security.ECPrivateKey;
-import javacard.security.ECPublicKey;
-import javacard.security.KeyAgreement;
-import javacard.security.KeyPair;
-import javacard.security.RandomData;
+import javacard.security.*;
import javacardx.apdu.ExtendedLength;
/**
@@ -55,8 +51,9 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
public static final byte INS_ECDH_DIRECT = (byte) 0x71;
public static final byte INS_ECDSA = (byte) 0x72;
public static final byte INS_CLEANUP = (byte) 0x73;
- public static final byte INS_SUPPORT = (byte) 0x74;
+ //public static final byte INS_SUPPORT = (byte) 0x74;
public static final byte INS_ALLOCATE_KA = (byte) 0x75;
+ public static final byte INS_ALLOCATE_SIG = (byte) 0x76;
// PARAMETERS for P1 and P2
@@ -88,6 +85,13 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
public static final byte KeyAgreement_ALG_EC_SVDP_DH_PLAIN_XY = 6;
public static final byte KeyAgreement_ALG_DH_PLAIN = 7;
+ // Class javacard.security.Signature
+ // javacard.security.Signature Fields:
+ public static final byte Signature_ALG_ECDSA_SHA = 17;
+ public static final byte Signature_ALG_ECDSA_SHA_256 = 33;
+ public static final byte Signature_ALG_ECDSA_SHA_384 = 34;
+ public static final byte Signature_ALG_ECDSA_SHA_224 = 37;
+ public static final byte Signature_ALG_ECDSA_SHA_512 = 38;
private static final short ARRAY_LENGTH = (short) 0xff;
private static final short APDU_MAX_LENGTH = (short) 1024;
@@ -98,13 +102,9 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
// PERSISTENT ARRAY IN EEPROM
private byte[] dataArray = null; // unused
-
private RandomData randomData = null;
private ECKeyTester keyTester = null;
- private short ecdhSW;
- private short ecdhcSW;
- private short ecdsaSW;
private ECKeyGenerator keyGenerator = null;
private KeyPair localKeypair = null;
private KeyPair remoteKeypair = null;
@@ -133,11 +133,6 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
keyGenerator = new ECKeyGenerator();
keyTester = new ECKeyTester();
- ecdhSW = keyTester.allocateECDH(KeyAgreement.ALG_EC_SVDP_DH);
- ecdhcSW = keyTester.allocateECDHC(KeyAgreement.ALG_EC_SVDP_DHC);
- //ecdhSW = keyTester.allocateECDH((byte) 3);
- //ecdhcSW = keyTester.allocateECDHC((byte) 4);
- ecdsaSW = keyTester.allocateECDSA();
}
register();
}
@@ -166,6 +161,9 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
case INS_ALLOCATE_KA:
length = insAllocateKA(apdu);
break;
+ case INS_ALLOCATE_SIG:
+ length = insAllocateSig(apdu);
+ break;
case INS_ALLOCATE:
length = insAllocate(apdu);
break;
@@ -196,9 +194,6 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
case INS_CLEANUP:
length = insCleanup(apdu);
break;
- case INS_SUPPORT:
- length = insSupport(apdu);
- break;
default:
// The INS code is not supported by the dispatcher
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
@@ -210,7 +205,7 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
}
/**
- * Allocates KeyAgreement object. returns allocate SW
+ * Allocates KeyAgreement object, returns allocate SW.
*
* @param apdu DATA = byte KeyAgreementType
* @return length of response
@@ -218,35 +213,25 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
private short insAllocateKA(APDU apdu) {
short cdata = apdu.getOffsetCdata();
byte kaType = apduArray[cdata];
-/*
- short sw = SW_KA_UNSUPPORTED;
- switch (kaType) {
- case KeyAgreement_ALG_EC_SVDP_DH: // no break
- case KeyAgreement_ALG_EC_SVDP_DH_PLAIN:
- case KeyAgreement_ALG_EC_PACE_GM:
- case KeyAgreement_ALG_EC_SVDP_DH_PLAIN_XY:
- sw = keyTester.allocateECDH(kaType);
- break;
- case KeyAgreement_ALG_EC_SVDP_DHC:
- case KeyAgreement_ALG_EC_SVDP_DHC_PLAIN:
- sw = keyTester.allocateECDHC(kaType);
- break;
- default:
- sw = SW_KA_UNSUPPORTED;
- break;
- }
-*/
- // Allocate given type into both DH and DHC objects
- short sw = keyTester.allocateECDH(kaType);
- short offset = 0;
- Util.setShort(apdu.getBuffer(), offset, sw);
- offset += 2;
+ short sw = keyTester.allocateKA(kaType);
+ Util.setShort(apdu.getBuffer(), (short) 0, sw);
+ return 2;
+ }
- //sw = keyTester.allocateECDHC(kaType);
- Util.setShort(apdu.getBuffer(), offset, sw);
- offset += 2;
- return offset;
+ /**
+ * Allocates a Signature object, returns allocate SW.
+ *
+ * @param apdu DATA = byte SignatureType
+ * @return length of response
+ */
+ private short insAllocateSig(APDU apdu) {
+ short cdata = apdu.getOffsetCdata();
+ byte sigType = apduArray[cdata];
+ short sw = keyTester.allocateSig(sigType);
+ Util.setShort(apdu.getBuffer(), (short) 0, sw);
+ return 2;
}
+
/**
* Allocates local and remote keyPairs.
* returns allocate SWs
@@ -449,7 +434,8 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
*
* @param apdu P1 = byte keyPair (KEYPAIR_*)
* P2 = byte export (EXPORT_TRUE || EXPORT_FALSE)
- * DATA = short dataLength (00 = random data generated, !00 = data length)
+ * DATA = byte sigType
+ * short dataLength (00 = random data generated, !00 = data length)
* byte[] data
* @return length of response
*/
@@ -457,13 +443,14 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
byte keyPair = apduArray[ISO7816.OFFSET_P1];
byte export = apduArray[ISO7816.OFFSET_P2];
short cdata = apdu.getOffsetCdata();
+ byte sigType = apduArray[cdata];
short len = 0;
if ((keyPair & KEYPAIR_LOCAL) != 0) {
- len += ecdsa(localKeypair, export, apduArray, cdata, apdu.getBuffer(), (short) 0);
+ len += ecdsa(localKeypair, sigType, export, apduArray, cdata, apdu.getBuffer(), (short) 0);
}
if ((keyPair & KEYPAIR_REMOTE) != 0) {
- len += ecdsa(remoteKeypair, export, apduArray, cdata, apdu.getBuffer(), len);
+ len += ecdsa(remoteKeypair, sigType, export, apduArray, cdata, apdu.getBuffer(), len);
}
return len;
@@ -482,19 +469,6 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
}
/**
- * Returns data about card support for various EC related tasks collected on applet
- * install.
- *
- * @param apdu no data
- * @return length of response
- */
- private short insSupport(APDU apdu) {
- byte[] apdubuf = apdu.getBuffer();
-
- return support(apdubuf, (short) 0);
- }
-
- /**
* @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...)
* @param keyLength key length to set
* @param keyClass key class to allocate
@@ -625,7 +599,7 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
* @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE)
* @param export whether to export ECDH secret
* @param corruption whether to invalidate the pubkey before ECDH
- * @param type KeyAgreement type to test (EC_Consts.KA_* || ...)
+ * @param type KeyAgreement type to test
* @param outBuffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)}
* @param outOffset output offset in buffer
* @return length of data written to the buffer
@@ -637,23 +611,14 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair;
short secretLength = 0;
- switch (type) {
- case EC_Consts.KA_ECDH:
- secretLength = keyTester.testECDH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
- break;
- case EC_Consts.KA_ECDHC:
- secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
- break;
- case EC_Consts.KA_BOTH:
- secretLength = keyTester.testBOTH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
- break;
- case EC_Consts.KA_ANY:
- secretLength = keyTester.testANY(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
- break;
- default:
- ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
+ if (keyTester.getKaType() == type) {
+ secretLength = keyTester.testKA(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ } else {
+ short allocateSW = keyTester.allocateKA(type);
+ if (allocateSW == ISO7816.SW_NO_ERROR) {
+ secretLength = keyTester.testKA(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ }
}
-
Util.setShort(outBuffer, outOffset, keyTester.getSW());
length += 2;
@@ -673,21 +638,13 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair;
short secretLength = 0;
- switch (type) {
- case EC_Consts.KA_ECDH:
- secretLength = keyTester.testECDH_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption);
- break;
- case EC_Consts.KA_ECDHC:
- secretLength = keyTester.testECDHC_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption);
- break;
- case EC_Consts.KA_BOTH:
- secretLength = keyTester.testBOTH_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption);
- break;
- case EC_Consts.KA_ANY:
- secretLength = keyTester.testANY_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption);
- break;
- default:
- ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
+ if (keyTester.getKaType() == type) {
+ secretLength = keyTester.testKA_direct(priv, apduArray, keyOffset, keyLength, ramArray2, (short) 0, corruption);
+ } else {
+ short allocateSW = keyTester.allocateKA(type);
+ if (allocateSW == ISO7816.SW_NO_ERROR) {
+ secretLength = keyTester.testKA_direct(priv, apduArray, keyOffset, keyLength, ramArray2, (short) 0, corruption);
+ }
}
Util.setShort(outBuffer, outOffset, keyTester.getSW());
@@ -704,6 +661,7 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
/**
* @param sign keyPair to use for signing and verification
+ * @param sigType Signature type to use
* @param export whether to export ECDSA signature
* @param inBuffer buffer to read dataLength and data to sign from
* @param inOffset input offset in buffer
@@ -711,7 +669,7 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
* @param outOffset output offset in buffer
* @return length of data written to the buffer
*/
- private short ecdsa(KeyPair sign, byte export, byte[] inBuffer, short inOffset, byte[] outBuffer, short outOffset) {
+ private short ecdsa(KeyPair sign, byte sigType, byte export, byte[] inBuffer, short inOffset, byte[] outBuffer, short outOffset) {
short length = 0;
short dataLength = Util.getShort(inBuffer, inOffset);
@@ -723,7 +681,15 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
Util.arrayCopyNonAtomic(inBuffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength);
}
- short signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0);
+ short signatureLength = 0;
+ if (keyTester.getSigType() == sigType) {
+ signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0);
+ } else {
+ short allocateSW = keyTester.allocateSig(sigType);
+ if (allocateSW == ISO7816.SW_NO_ERROR) {
+ signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0);
+ }
+ }
Util.setShort(outBuffer, outOffset, keyTester.getSW());
length += 2;
@@ -755,30 +721,4 @@ public class ECTesterApplet extends Applet implements ExtendedLength {
Util.setShort(buffer, offset, sw);
return 2;
}
-
- /**
- * @param buffer buffer to write sw to
- * @param offset output offset in buffer
- * @return length of data written to the buffer
- */
- private short support(byte[] buffer, short offset) {
-
- if (keyTester.hasECDH()) {
- Util.setShort(buffer, offset, ecdhSW);
- } else {
- Util.setShort(buffer, offset, ISO7816.SW_FUNC_NOT_SUPPORTED);
- }
- if (keyTester.hasECDHC()) {
- Util.setShort(buffer, (short) (offset + 2), ecdhcSW);
- } else {
- Util.setShort(buffer, (short) (offset + 2), ISO7816.SW_FUNC_NOT_SUPPORTED);
- }
- if (keyTester.hasECDSA()) {
- Util.setShort(buffer, (short) (offset + 4), ecdsaSW);
- } else {
- Util.setShort(buffer, (short) (offset + 4), ISO7816.SW_FUNC_NOT_SUPPORTED);
- }
-
- return 6;
- }
}
diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java
index 04cd55e..15cb7fa 100644
--- a/src/cz/crcs/ectester/applet/EC_Consts.java
+++ b/src/cz/crcs/ectester/applet/EC_Consts.java
@@ -59,13 +59,6 @@ public class EC_Consts {
public static final byte KEY_PRIVATE = 0x02;
public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE;
-
- // Key Agreement test identifiers
- public static final byte KA_ECDH = 0x01;
- public static final byte KA_ECDHC = 0x02;
- public static final byte KA_BOTH = KA_ECDH | KA_ECDHC;
- public static final byte KA_ANY = 0x04;
-
public static RandomData randomData = null;
// secp112r1
generated by cgit v1.2.3-70-g09d2 (git 2.52.0) at 2026-01-04 03:44:39 +0000