aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/applets/ECKeyGenerator.java31
-rw-r--r--src/applets/EC_Consts.java50
-rw-r--r--src/applets/SimpleECCApplet.java64
-rw-r--r--src/simpleapdu/SimpleAPDU.java19
4 files changed, 134 insertions, 30 deletions
diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java
index e9bdfa6..c4b71c0 100644
--- a/src/applets/ECKeyGenerator.java
+++ b/src/applets/ECKeyGenerator.java
@@ -73,39 +73,39 @@ public class ECKeyGenerator {
if (sw != ISO7816.SW_NO_ERROR) return sw;
//go through all params
- byte param = EC_Consts.PARAMETER_A;
- while (param > 0) {
+ short param = EC_Consts.PARAMETER_A;
+ while (param <= EC_Consts.PARAMETER_K) {
length = EC_Consts.getCurveParameter(curve, param, buffer, offset);
sw = setParameter(KEY_BOTH, param, buffer, offset, length);
if (sw != ISO7816.SW_NO_ERROR) break;
- param = (byte) (param << 1);
+ param = (short) (param << 1);
}
return sw;
}
- public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, byte param, short corruptionType, byte[] buffer, short offset) {
+ public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, short param, short corruptionType, byte[] buffer, short offset) {
return setCustomInvalidCurve(EC_Consts.getCurve(keyClass, keyLength), key, param, corruptionType, buffer, offset);
}
- public short setCustomInvalidCurve(byte curve, byte key, byte param, short corruptionType, byte[] buffer, short offset) {
+ public short setCustomInvalidCurve(byte curve, byte key, short param, short corruptionType, byte[] buffer, short offset) {
short sw = setCustomCurve(curve, buffer, offset);
if (sw != ISO7816.SW_NO_ERROR) return sw;
//go through param bit by bit, and invalidate all selected params
- byte paramMask = 0x01;
- while (paramMask > 0) {
- byte masked = (byte) (paramMask & param);
+ short paramMask = 0x01;
+ while (paramMask <= EC_Consts.PARAMETER_K) {
+ short masked = (short) (paramMask & param);
if (masked != 0) {
short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType);
sw = setParameter(key, masked, buffer, offset, length);
if (sw != ISO7816.SW_NO_ERROR) return sw;
}
- paramMask = (byte) (paramMask << 1);
+ paramMask = (short) (paramMask << 1);
}
return sw;
}
- public short setParameter(byte key, byte param, byte[] data, short offset, short length) {
+ public short setParameter(byte key, short param, byte[] data, short offset, short length) {
short result = ISO7816.SW_NO_ERROR;
try {
switch (param) {
@@ -160,6 +160,12 @@ public class ECKeyGenerator {
}
break;
}
+ case EC_Consts.PARAMETER_S:
+ if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length);
+ break;
+ case EC_Consts.PARAMETER_W:
+ if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length);
+ break;
default: {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
}
@@ -237,6 +243,11 @@ public class ECKeyGenerator {
if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK());
length = 2;
break;
+ case EC_Consts.PARAMETER_S:
+ if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset);
+ break;
+ case EC_Consts.PARAMETER_W:
+ if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset);
default:
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
}
diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java
index 24d854c..bcf2b14 100644
--- a/src/applets/EC_Consts.java
+++ b/src/applets/EC_Consts.java
@@ -21,14 +21,16 @@ public class EC_Consts {
private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1
- public static final byte PARAMETER_FP = 0x01;
- public static final byte PARAMETER_F2M = 0x02;
+ public static final short PARAMETER_FP = 0x0001;
+ public static final short PARAMETER_F2M = 0x0002;
- public static final byte PARAMETER_A = 0x04;
- public static final byte PARAMETER_B = 0x08;
- public static final byte PARAMETER_G = 0x10;
- public static final byte PARAMETER_R = 0x20;
- public static final byte PARAMETER_K = 0x40;
+ public static final short PARAMETER_A = 0x0004;
+ public static final short PARAMETER_B = 0x0008;
+ public static final short PARAMETER_G = 0x0010;
+ public static final short PARAMETER_R = 0x0020;
+ public static final short PARAMETER_K = 0x0040;
+ public static final short PARAMETER_S = 0x0080;
+ public static final short PARAMETER_W = 0x0100;
public static RandomData m_random = null;
@@ -1658,10 +1660,38 @@ public class EC_Consts {
} else {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
}
- return 0; //will not be reached
+ return 0;
}
- public static short getCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset) {
+ public static byte getAnomalousCurve(short keyClass, short keyLength) {
+ if (keyClass == KeyPair.ALG_EC_FP) {
+ switch (keyLength) {
+ case (short) 128:
+ return CURVE_sp128;
+ case (short) 160:
+ return CURVE_sp160;
+ case (short) 192:
+ return CURVE_sp192;
+ case (short) 224:
+ return CURVE_sp224;
+ case (short) 256:
+ return CURVE_sp256;
+ case (short) 384:
+ return CURVE_sp384;
+ case (short) 521:
+ return CURVE_sp521;
+ default:
+ ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
+ }
+ } else if (keyClass == KeyPair.ALG_EC_F2M) {
+ return 0;
+ } else {
+ ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
+ }
+ return 0;
+ }
+
+ public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) {
byte alg = getCurveType(curve);
switch (curve) {
case CURVE_secp128r1: {
@@ -1905,7 +1935,7 @@ public class EC_Consts {
return length;
}
- public static short getCorruptCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset, short corruptionType) {
+ public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, short corruptionType) {
short length = getCurveParameter(curve, param, outputBuffer, outputOffset);
if (length <= 0) {
return length;
diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java
index 9901aee..8cc4237 100644
--- a/src/applets/SimpleECCApplet.java
+++ b/src/applets/SimpleECCApplet.java
@@ -53,8 +53,11 @@ public class SimpleECCApplet extends Applet {
public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb;
public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc;
public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd;
- public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xce;
- public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xcf;
+ public final static byte ECTEST_SET_ANOMALOUSCURVE = (byte) 0xce;
+ public final static byte ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE = (byte) 0xcf;
+ public final static byte ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (byte) 0xd0;
+ public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xd1;
+ public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xd2;
public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001;
public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002;
@@ -65,8 +68,11 @@ public class SimpleECCApplet extends Applet {
public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040;
public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080;
public final static short FLAG_ECTEST_ECDSA_SIGNATURE = (short) 0x0100;
- public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x0200;
- public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x0400;
+ public final static short FLAG_ECTEST_SET_ANOMALOUSCURVE = (short) 0x0200;
+ public final static short FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE = (short) 0x0400;
+ public final static short FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (short) 0x0800;
+ public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x1000;
+ public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x2000;
public final static short FLAG_ECTEST_ALL = (short) 0xffff;
@@ -341,13 +347,55 @@ public class SimpleECCApplet extends Applet {
if (sw == ISO7816.SW_NO_ERROR) {
sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0);
}
+ }
+ Util.setShort(buffer, bufferOffset, sw);
+ bufferOffset += 2;
+
+ //
+ // 8. Set anomalous custom curve
+ //
+ buffer[bufferOffset] = ECTEST_SET_ANOMALOUSCURVE;
+ bufferOffset++;
+ sw = SW_SKIPPED;
+ if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) {
+ sw = ecKeyGenerator.setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLen), m_ramArray, (short) 0);
+ if (sw != ISO7816.SW_NO_ERROR) {
+ testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE;
+ }
+ }
+ Util.setShort(buffer, bufferOffset, sw);
+ bufferOffset += 2;
+
+ //
+ // 9. Generate keypair with anomalous custom curve
+ //
+
+ buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE;
+ bufferOffset++;
+ sw = SW_SKIPPED;
+ if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE) != (short) 0) {
+ sw = ecKeyGenerator.generatePair();
+ }
+ Util.setShort(buffer, bufferOffset, sw);
+ bufferOffset += 2;
+ //
+ // 10. Test small degree pubkey
+ //
+
+ buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT;
+ bufferOffset++;
+ sw = SW_SKIPPED;
+ if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) {
+ ecPubKey = ecKeyGenerator.getPublicKey();
+ ecPrivKey = ecKeyGenerator.getPrivateKey();
+ sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1);
}
Util.setShort(buffer, bufferOffset, sw);
bufferOffset += 2;
//
- // 8. Set invalid custom curve
+ // 11. Set invalid custom curve
//
buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE;
bufferOffset++;
@@ -363,7 +411,7 @@ public class SimpleECCApplet extends Applet {
bufferOffset += 2;
//
- // 9. Generate keypair with invalid custom curve
+ // 12. Generate keypair with invalid custom curve
//
buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE;
bufferOffset++;
@@ -375,7 +423,7 @@ public class SimpleECCApplet extends Applet {
bufferOffset += 2;
//
- // 10. Set invalid field
+ // 13. Set invalid field
//
buffer[bufferOffset] = ECTEST_SET_INVALIDFIELD;
bufferOffset++;
@@ -393,7 +441,7 @@ public class SimpleECCApplet extends Applet {
Util.setShort(buffer, bufferOffset, sw);
bufferOffset += 2;
- // 11. Generate key with invalid field
+ // 14. Generate key with invalid field
buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDFIELD;
bufferOffset++;
sw = SW_SKIPPED;
diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java
index 77478a0..44bf302 100644
--- a/src/simpleapdu/SimpleAPDU.java
+++ b/src/simpleapdu/SimpleAPDU.java
@@ -5,6 +5,7 @@ import applets.SimpleECCApplet;
import javacard.framework.ISO7816;
import javacard.security.CryptoException;
import javacard.security.KeyPair;
+import sun.java2d.pipe.SpanShapeRenderer;
import javax.smartcardio.ResponseAPDU;
import java.io.FileNotFoundException;
@@ -73,6 +74,7 @@ public class SimpleAPDU {
static void testSupportECGivenAlg(byte[] apdu, CardMngr cardManager) throws Exception {
ReconnnectToCard();
ResponseAPDU resp = cardManager.sendAPDU(apdu);
+ //byte[] resp = cardManager.sendAPDUSimulator(apdu);
PrintECSupport(resp);
}
@@ -143,7 +145,11 @@ public class SimpleAPDU {
try {
if (testAll) {
+ //byte[] installData = new byte[10];
+ //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74};
+ //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class);
if (cardManager.ConnectToCard()) {
+
// Test all default curves for both fields
testSupportECAll(cardManager);
@@ -301,7 +307,10 @@ public class SimpleAPDU {
}
static void PrintECSupport(ResponseAPDU resp) {
- byte[] buffer = resp.getData();
+ PrintECSupport(resp.getData());
+ }
+
+ static void PrintECSupport(byte[] buffer) {
m_SystemOutLogger.println();
m_SystemOutLogger.println("### Test for support and with valid and invalid EC curves");
@@ -329,6 +338,9 @@ public class SimpleAPDU {
bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED);
bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL);
bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED);
+ bufferOffset = VerifyPrintResult("Set anomalous custom curve (may fail):", SimpleECCApplet.ECTEST_SET_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL);
+ bufferOffset = VerifyPrintResult("Generate key with anomalous curve (may fail):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL);
+ bufferOffset = VerifyPrintResult("ECDH agreement with small order point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL);
bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL);
bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL);
bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL);
@@ -339,7 +351,10 @@ public class SimpleAPDU {
}
static void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) {
- byte[] buffer = resp.getData();
+ PrintECKeyGenInvalidCurveB(resp.getData());
+ }
+
+ static void PrintECKeyGenInvalidCurveB(byte[] buffer) {
m_SystemOutLogger.println();
m_SystemOutLogger.println("### Test for computation with invalid parameter B for EC curve");
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 17:46:16 +0000