Search code examples
signingjavacardecdsa

How to sign using ECDSA in Javacard

I'm trying to implement the signing code using ECDSA. But I always get a Error SW (6F00) during install phase. I tried by changing parameters several times. (ex. ALG_EC_FP / ALG_EC_F2M, LENGTH_EC_FP_xxx / LENGTH_EC_F2M_xxx) Could you tell me my mistake in my code below. (Ver - JCDK 2.2.1, JDK 1.4.2)

package Test;

import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;

public class Test extends Applet{

private byte[] PLAINTEXT ;
private ECPrivateKey objECDSAPriKey=null;   // Object for ECDSA Private Key
private ECPublicKey objECDSAPubKey=null;    // Object for ECDSA Public Key
private KeyPair objECDSAKeyPair=null;       // Object for ECDSA Key Pair
private Signature objECDSASign=null;        // Object for ECDSA Signature

final static short BAS =  0;

//------------------------------------------------------------------------
public static void install(byte[] bArray, short bOffset, byte bLength){
  new Test(bArray, bOffset, bLength);
}

private Test(byte bArray[], short bOffset, byte bLength){ 
  PLAINTEXT = new byte[0x100] ; // Data file
  Util.arrayFillNonAtomic(PLAINTEXT,  BAS, (short)0x100, (byte)0);

  // Error position (6F00)
  objECDSAKeyPair= new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);          // Error position (6F00)

  // Create Signature Object
  objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);

  register();
}

//------------------------------------------------------------------------
public void process(APDU apdu){
  byte buf[] = apdu.getBuffer();

  switch(buf[1])
  {
  case (byte)0xA4: break;

  case (byte)0x46:
  objECDSAKeyPair.genKeyPair();
  objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
  objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();
  break;

  case (byte)0x2E:
  short Le = apdu.setOutgoing();
  short sSignLen=0 ;

  // Init with Private Key
  objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);
  //objECDSASign.init(objECDSAKeyPair.getPrivate(), Signature.MODE_SIGN);

  // Sign Data
  sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);

  apdu.setOutgoingLength(sSignLen);
  apdu.sendBytes(BAS, sSignLen);
  break;

  default:
  ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
  }

  return;
} }

I got a JCOP card and its specification, and I read that the card support ECC in the spec. But I doubt that the spec is the card's spec and the card really support ECC. Is there any way to check that???

Thank you in advance.

Solution

  • Please modify your code to

    try
  {
     // Error position (6F00)
     objECDSAKeyPair= new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192); 
  }
  catch(CryptoException c)
  {    
      //this line will give you the reason of problem ![see image][1]
      byte reason = c.getReason();   
  }

    *image link : https://i.sstatic.net/dFXVd.png