Search code examples
digital-signaturesmartcardjavacardsymmetric-key

Generate HMAC_SHA256 Signature in JavaCard Applet

I am trying to sign a message which contains in inBuffer byte array using my own derived key S (also byte array). The snippet of the function from javacard (jc) applet module is given below. I am using javacard2.2.2 library for developing jc applet. I am using android application for sending process request. I am reciving return code '6A81' which means 'function not supported'. Now, I have no clue that how to proceed as I failed to understand that it is mentioning about HMAC_SHA256 not supported or I am making some mistake in the function. Please help.

    Signature m_sessionMAC = null;
    HMACKey keyType = null;
    Sign = new byte[64];

    bytesRead = apdu.setIncomingAndReceive();

    // Create HMAC Key Used in Mac
    m_sessionMAC = Signature.getInstance(Signature.ALG_HMAC_SHA_256, false);

    // Create HMAC Key Used in Mac
    keyType = (HMACKey) KeyBuilder.buildKey(KeyBuilder.TYPE_HMAC, KeyBuilder.LENGTH_HMAC_SHA_256_BLOCK_64, false); 
    keyType.setKey(S,(short) 0, (short) S.length);
    m_sessionMAC.init(keyType, Signature.MODE_SIGN);

    //Generate Signature on inBuffer (received data to sign)
    echoOffset = m_sessionMAC.sign(inBuffer, ISO7816.OFFSET_CDATA, ISO7816.OFFSET_LC, Sign , (short)0); 
    Util.arrayCopyNonAtomic(Sign, ( short ) 0, inBuffer, ( short ) 0, echoOffset); 
    apdu.setOutgoingAndSend( ( short ) 0, (short) echoOffset );

Please help me in this regards or also provide any pointers for implementing HMAC_SHA256 or HMAC_SHA1 symmetric crypto. in javacard applet.

Thank you in advance.

Solution

  • Most cryptographic algorithms are optional for a JavaCard. Therefore it may be that your card does not support Signature.ALG_HMAC_SHA_256. But HMAC algorithm isn't very complex therefore you should check if your card supports MessageDigest.ALG_SHA_256.

    If it is supported you can follow RFC2104 and implement HMAC yourself:

    K = HMAC key of length 32
ipad = the byte 0x36 repeated 32 times
opad = the byte 0x5C repeated 32 times.

To compute HMAC over the data `text' we perform

H(K XOR opad, H(K XOR ipad, text))

    You can test your implementation by comparing your result with the test vectors noted in RFC 4231