Javacard中的ECDSA签名
我正在Javacard中使用ECDSA实现签名代码 我的代码在异常部分输出0x0003(没有这样的算法),这意味着该卡不支持该算法。我不明白,因为我的供应商告诉我它支持ECC。我的结论是我不知道如何与ECDSA签约,我想知道这一点 这是我的全部源代码Javacard中的ECDSA签名,java,javacard,ecdsa,Java,Javacard,Ecdsa,我正在Javacard中使用ECDSA实现签名代码 我的代码在异常部分输出0x0003(没有这样的算法),这意味着该卡不支持该算法。我不明白,因为我的供应商告诉我它支持ECC。我的结论是我不知道如何与ECDSA签约,我想知道这一点 这是我的全部源代码 package MyECDSA; import javacard.framework.*; import javacard.security.*; import javacardx.crypto.*; public class MyECDSA
package MyECDSA;
import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;
public class MyECDSA extends Applet{
private byte[] PLAINTEXT ;
private ECPrivateKey objECDSAPriKey=null; // Object for ECDSA Private Key
private ECPublicKey objECDSAPubKey=null; // Object for ECDSA Public Key
private KeyPair objECDSAKeyPair=null; // Object for ECDSA Key Pair
private Signature objECDSASign=null; // Object for ECDSA Signature
final static short BAS = 0;
public static void install(byte[] bArray, short bOffset, byte bLength){
new MyECDSA(bArray, bOffset, bLength);
}
private MyECDSA(byte bArray[], short bOffset, byte bLength){
PLAINTEXT = new byte[0x100] ; // Data file
Util.arrayFillNonAtomic(PLAINTEXT, BAS, (short)0x100, (byte)0);
register();
}
//======================================================================================
public void process(APDU apdu){
byte buf[] = apdu.getBuffer();
switch(buf[1])
{
//--------------------------------------------------------
case (byte)0xA4: break;
case (byte)0x46:
// Create ECDSA Keys and Pair
try {
// <<<<<<<<<<<<<<<< Here is the problem >>>>>>>>>>>>>>>>>
objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);
//objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_F2M, KeyBuilder.LENGTH_EC_F2M_193);
}
catch(CryptoException c)
{
short reason = c.getReason();
ISOException.throwIt(reason);
}
ISOException.throwIt((short)0x9999); // for check
// Generate Key pair
objECDSAKeyPair.genKeyPair();
// Create Signature Object
objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();
break;
case (byte)0x2E:
short Le = apdu.setOutgoing();
short sSignLen=0 ;
// Init with Private Key
objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);
// Sign Data
sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);
apdu.setOutgoingLength(sSignLen);
apdu.sendBytes(BAS, sSignLen);
break;
//--------------------------------------------------------
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
return;
}
}
cdsa包;
导入javacard.framework.*;
导入javacard.security.*;
导入javacardx.crypto.*;
公共类MyECDSA扩展Applet{
私有字节[]明文;
private ECPrivateKey对象jecdsaprikey=null;//ECDSA私钥的对象
私有ECPublicKey对象JECDSAPubKey=null;//ECDSA公钥的对象
私钥对objECDSAKeyPair=null;//ECDSA密钥对的对象
私有签名objECDSASign=null;//ECDSA签名的对象
最终静态短BAS=0;
公共静态无效安装(字节[]bArray,短bOffset,字节bLength){
新MyECDSA(bArray、bOffset、bLength);
}
私有MyECDSA(字节bArray[],短bOffset,字节bLength){
明文=新字节[0x100];//数据文件
Util.arrayFillNonAtomic(纯文本,BAS,(短)0x100,(字节)0);
寄存器();
}
//======================================================================================
公共作废流程(APDU APDU){
字节buf[]=apdu.getBuffer();
开关(buf[1])
{
//--------------------------------------------------------
大小写(字节)0xA4:中断;
大小写(字节)0x46:
//创建ECDSA密钥并配对
试一试{
// >>
objECDSAKeyPair=新密钥对(KeyPair.ALG_EC_FP,KeyBuilder.LENGTH_EC_FP_192);
//objECDSAKeyPair=新密钥对(KeyPair.ALG_EC_F2M,KeyBuilder.LENGTH_EC_F2M_193);
}
捕获(加密异常c)
{
短原因=c.getReason();
等异常。throwIt(理性);
}
ISOException.throwIt((短)0x9999);//用于检查
//生成密钥对
objECDSAKeyPair.genKeyPair();
//创建签名对象
objECDSASign=Signature.getInstance(Signature.ALG_ECDSA_SHA,false);
objECDSAPriKey=(ECPrivateKey)objECDSAKeyPair.getPrivate();
objECDSAPubKey=(ECPublicKey)objECDSAKeyPair.getPublic();
打破
大小写(字节)0x2E:
short Le=apdu.setOutgoing();
短sSignLen=0;
//使用私钥初始化
objECDSASign.init(objECDSAPriKey,Signature.MODE_SIGN);
//符号数据
sSignLen=对象符号(明文、BAS、Le、buf、BAS);
apdu.设置输出长度(Ssignleng);
apdu.sendBytes(BAS、sSignLen);
打破
//--------------------------------------------------------
违约:
ISOException.throwIt(ISO7816.SW不支持);
}
返回;
}
}
APDU命令如下所示
[ Card ] <== 00A4040007D4106509900090
[ Card ] ==> 9000
[ Card ] <== 0046000000
[ Card ] ==> 0003
[Card]9000
[卡片]0003
我的开发环境如下
- 操作系统:Windows7
- JCDK第2.2.1版
- JDK 1.4.2版
- 晶片:NXP
- 终端:ACR122 NFC非接触式智能卡读卡器
我已更改代码以设置域参数。但卡仍然输出相同的结果(0x0003)。这是我的全部源代码
package MyECDSA;
import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;
public class MyECDSA extends Applet{
private byte[] PLAINTEXT ;
private ECPrivateKey objECDSAPriKey=null; // Object for ECDSA Private Key
private ECPublicKey objECDSAPubKey=null; // Object for ECDSA Public Key
private KeyPair objECDSAKeyPair=null; // Object for ECDSA Key Pair
private Signature objECDSASign=null; // Object for ECDSA Signature
final static short BAS = 0;
final static byte[] SecP192r1_P = { // 24
(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
(byte)0xFE,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
final static byte[] SecP192r1_A = { // 24
(byte)0xFC,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
(byte)0xFE,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
final static byte[] SecP192r1_B = { // 24
(byte)0xB1,(byte)0xB9,(byte)0x46,(byte)0xC1,(byte)0xEC,(byte)0xDE,(byte)0xB8,(byte)0xFE,
(byte)0x49,(byte)0x30,(byte)0x24,(byte)0x72,(byte)0xAB,(byte)0xE9,(byte)0xA7,(byte)0x0F,
(byte)0xE7,(byte)0x80,(byte)0x9C,(byte)0xE5,(byte)0x19,(byte)0x05,(byte)0x21,(byte)0x64};
final static byte[] SecP192r1_S = { // 20
(byte)0xD5,(byte)0x96,(byte)0x21,(byte)0xE1,(byte)0xEA,(byte)0x20,(byte)0x81,(byte)0xD3,
(byte)0x28,(byte)0x95,(byte)0x57,(byte)0xED,(byte)0x64,(byte)0x2F,(byte)0x42,(byte)0xC8,
(byte)0x6F,(byte)0xAE,(byte)0x45,(byte)0x30};
final static byte[] SecP192r1_G = { // 25
(byte)0x12,(byte)0x10,(byte)0xFF,(byte)0x82,(byte)0xFD,(byte)0x0A,(byte)0xFF,(byte)0xF4,
(byte)0x00,(byte)0x88,(byte)0xA1,(byte)0x43,(byte)0xEB,(byte)0x20,(byte)0xBF,(byte)0x7C,
(byte)0xF6,(byte)0x90,(byte)0x30,(byte)0xB0,(byte)0x0E,(byte)0xA8,(byte)0x8D,(byte)0x18,(byte)0x03};
final static byte[] SecP192r1_N = { // 24
(byte)0x31,(byte)0x28,(byte)0xD2,(byte)0xB4,(byte)0xB1,(byte)0xC9,(byte)0x6B,(byte)0x14,
(byte)0x36,(byte)0xF8,(byte)0xDE,(byte)0x99,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
final static short SecP192r1_H = 1;
//======================================================================================
public static void install(byte[] bArray, short bOffset, byte bLength){
new MyECDSA(bArray, bOffset, bLength);
}
private MyECDSA(byte bArray[], short bOffset, byte bLength){
PLAINTEXT = new byte[0x100] ; // Data file
Util.arrayFillNonAtomic(PLAINTEXT, BAS, (short)0x100, (byte)0);
register();
}
//======================================================================================
public void process(APDU apdu){
byte buf[] = apdu.getBuffer();
switch(buf[1])
{
//--------------------------------------------------------
case (byte)0xA4: break;
case (byte)0x46:
// Create ECDSA Keys and Pair
try {
// <<<<<<<<<<<<<<<< Here is the problem >>>>>>>>>>>>>>>>>
objECDSAPriKey = (ECPrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, KeyBuilder.LENGTH_EC_FP_192, false);
ISOException.throwIt((short)0x8888); // for check
objECDSAPubKey = (ECPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, KeyBuilder.LENGTH_EC_FP_192, false);
// set EC Domain Parameters
objECDSAPubKey.setFieldFP(SecP192r1_P, BAS, (short)24);
objECDSAPubKey.setA(SecP192r1_A, BAS, (short)24);
objECDSAPubKey.setB(SecP192r1_B, BAS, (short)24);
objECDSAPubKey.setG(SecP192r1_G, BAS, (short)25);
objECDSAPubKey.setK(SecP192r1_H);
objECDSAPubKey.setR(SecP192r1_N, BAS, (short)24);
objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);
}
catch(CryptoException c)
{
short reason = c.getReason();
ISOException.throwIt(reason); // for check
}
// On-Card Key Generation Process
objECDSAKeyPair.genKeyPair();
// Obtain Key References
objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();
// Create Signature Object
objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
break;
case (byte)0x2E:
short Le = apdu.setOutgoing();
short sSignLen=0 ;
// Init with Private Key
objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);
// Sign Data
sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);
apdu.setOutgoingLength(sSignLen);
apdu.sendBytes(BAS, sSignLen);
break;
//--------------------------------------------------------
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
return;
}
}
cdsa包;
导入javacard.framework.*;
导入javacard.security.*;
导入javacardx.crypto.*;
公共类MyECDSA扩展Applet{
私有字节[]明文;
private ECPrivateKey对象jecdsaprikey=null;//ECDSA私钥的对象
私有ECPublicKey对象JECDSAPubKey=null;//ECDSA公钥的对象
私钥对objECDSAKeyPair=null;//ECDSA密钥对的对象
私有签名objECDSASign=null;//ECDSA签名的对象
最终静态短BAS=0;
最终静态字节[]SecP192r1\u P={//24
(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,
(字节)0xFE,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,
(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF};
最终静态字节[]SecP192r1_A={//24
(字节)0xFC,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,
(字节)0xFE,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,
(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF};
最终静态字节[]SecP192r1_B={//24
(字节)0xB1,(字节)0xB9,(字节)0x46,(字节)0xC1,(字节)0xEC,(字节)0xDE,(字节)0xB8,(字节)0xFE,
(字节)0x49,(字节)0x30,(字节)0x24,(字节)0x72,(字节)0xAB,(字节)0xE9,(字节)0xA7,(字节)0x0F,
(字节)0xE7,(字节)0x80,(字节)0x9C,(字节)0xE5,(字节)0x19,(字节)0x05,(字节)0x21,(字节)0x64};
最终静态字节[]SecP192r1_S={//20
(字节)0xD5,(字节)0x96,(字节)0x21,(字节)0xE1,(字节)0xEA,(字节)0x20,(字节)0x81,(字节)0xD3,
(字节)0x28,(字节)0x95,(字节)0x57,(字节)0xED,(字节)0x64,(字节)0x2F,(字节)0x42,(字节)0xC8,
(字节)0x6F,(字节)0xAE,(字节)0x45,(字节)0x30};
最终静态字节[]SecP192r1_G={//25
(字节)0x12,(字节)0x10,(字节)0xFF,(字节)0x82,(字节)0xFD,(字节)0x0A,(字节)0xFF,(字节)0xF4,
(字节)0x00,(字节)0x88,(字节)0xA1,(字节)0x43,(字节)0xEB,(字节)0x20,(字节)0xBF,(字节)0x7C,
(字节)0xF6,(字节)0x90,(字节)0x30,(字节)0xB0,(字节)0x0E,(字节)0xA8,(字节)0x8D,(字节)0x18,(字节)0x03};
最终静态字节[]SecP192r1\u N={//24
(字节)0x31,(字节)0x28,(字节)0xD2,(字节)0xB4,(字节)0xB1,(字节)0xC9,(字节)0x6B,(字节)0x14,
(字节)0x36,(字节)0xF8,(字节)0xDE,(字节)0x99,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,
(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)