我正在 Javacard 中使用 ECDSA 实现签名代码。

我的代码在异常部分输出 0x0003(NO_SUCH_ALGORITHM),这意味着该卡不支持该算法。我不明白,因为我的供应商告诉我它支持 ECC。我得出的结论是我不知道如何与 ECDSA 签约,我想知道这一点。

这是我的完整源代码

package MyECDSA;

import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;

public class MyECDSA extends Applet{

private byte[] PLAINTEXT ;
private ECPrivateKey            objECDSAPriKey=null;    // Object for ECDSA Private Key
private ECPublicKey             objECDSAPubKey=null;    // Object for ECDSA Public Key
private KeyPair                 objECDSAKeyPair=null;   // Object for ECDSA Key Pair
private Signature               objECDSASign=null;      // Object for ECDSA Signature

final static short  BAS     =  0;

public static void install(byte[] bArray, short bOffset, byte bLength){
    new MyECDSA(bArray, bOffset, bLength);
}

private MyECDSA(byte bArray[], short bOffset, byte bLength){

    PLAINTEXT       = new byte[0x100] ;         // Data file

    Util.arrayFillNonAtomic(PLAINTEXT,  BAS, (short)0x100, (byte)0);

    register();
}

//======================================================================================
public void process(APDU apdu){
    byte buf[] = apdu.getBuffer();

    switch(buf[1])
    {
        //--------------------------------------------------------
        case (byte)0xA4:                    break;

        case (byte)0x46:
            // Create ECDSA Keys and Pair
            try {
                // <<<<<<<<<<<<<<<< Here is the problem >>>>>>>>>>>>>>>>>
                objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);
                //objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_F2M, KeyBuilder.LENGTH_EC_F2M_193);
            }
            catch(CryptoException c)
            {
                short reason = c.getReason();
                ISOException.throwIt(reason);
            }
            ISOException.throwIt((short)0x9999);        // for check

            // Generate Key pair
            objECDSAKeyPair.genKeyPair();

            // Create Signature Object
            objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);

            objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
            objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();

        break;

        case (byte)0x2E:
            short       Le              = apdu.setOutgoing();
            short   sSignLen=0 ;

            // Init with Private Key
            objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);

            // Sign Data
            sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);

            apdu.setOutgoingLength(sSignLen);
            apdu.sendBytes(BAS, sSignLen);

        break;
        //--------------------------------------------------------
        default:
            ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
    }

    return;
}

}

而APDU命令如下
[  Card  ] <==  00A4040007D4106509900090
[  Card  ] ==>  9000

[  Card  ] <==  0046000000
[  Card  ] ==>  0003

我的开发环境如下。
  • 操作系统:Windows 7
  • JCDK Ver 2.2.1
  • JDK Ver 1.4.2
  • 芯片:恩智浦
  • 终端:ACR122 NFC 非接触式智能卡读卡器


  • 我已经更改了我的代码来设置域参数。但是卡仍然输出相同的结果(0x0003)。这是我的完整源代码。
    package MyECDSA;
    
    import javacard.framework.*;
    import javacard.security.*;
    import javacardx.crypto.*;
    
    public class MyECDSA extends Applet{
    
    private byte[] PLAINTEXT ;
    private ECPrivateKey            objECDSAPriKey=null;    // Object for ECDSA Private Key
    private ECPublicKey             objECDSAPubKey=null;    // Object for ECDSA Public Key
    private KeyPair                 objECDSAKeyPair=null;   // Object for ECDSA Key Pair
    private Signature               objECDSASign=null;      // Object for ECDSA Signature
    
    final static short  BAS     =  0;
    
    final static byte[] SecP192r1_P = {     // 24
        (byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
        (byte)0xFE,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
        (byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
    final static byte[] SecP192r1_A = {     // 24
        (byte)0xFC,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
        (byte)0xFE,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
        (byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
    final static byte[] SecP192r1_B = {     // 24
      (byte)0xB1,(byte)0xB9,(byte)0x46,(byte)0xC1,(byte)0xEC,(byte)0xDE,(byte)0xB8,(byte)0xFE,
      (byte)0x49,(byte)0x30,(byte)0x24,(byte)0x72,(byte)0xAB,(byte)0xE9,(byte)0xA7,(byte)0x0F,
      (byte)0xE7,(byte)0x80,(byte)0x9C,(byte)0xE5,(byte)0x19,(byte)0x05,(byte)0x21,(byte)0x64};
    final static byte[] SecP192r1_S = {     // 20
      (byte)0xD5,(byte)0x96,(byte)0x21,(byte)0xE1,(byte)0xEA,(byte)0x20,(byte)0x81,(byte)0xD3,
      (byte)0x28,(byte)0x95,(byte)0x57,(byte)0xED,(byte)0x64,(byte)0x2F,(byte)0x42,(byte)0xC8,
      (byte)0x6F,(byte)0xAE,(byte)0x45,(byte)0x30};
    final static byte[] SecP192r1_G = {     // 25
      (byte)0x12,(byte)0x10,(byte)0xFF,(byte)0x82,(byte)0xFD,(byte)0x0A,(byte)0xFF,(byte)0xF4,
      (byte)0x00,(byte)0x88,(byte)0xA1,(byte)0x43,(byte)0xEB,(byte)0x20,(byte)0xBF,(byte)0x7C,
      (byte)0xF6,(byte)0x90,(byte)0x30,(byte)0xB0,(byte)0x0E,(byte)0xA8,(byte)0x8D,(byte)0x18,(byte)0x03};
    final static byte[] SecP192r1_N = {     // 24
      (byte)0x31,(byte)0x28,(byte)0xD2,(byte)0xB4,(byte)0xB1,(byte)0xC9,(byte)0x6B,(byte)0x14,
      (byte)0x36,(byte)0xF8,(byte)0xDE,(byte)0x99,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,
      (byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF,(byte)0xFF};
    final static short  SecP192r1_H =  1;
    
    //======================================================================================
    public static void install(byte[] bArray, short bOffset, byte bLength){
        new MyECDSA(bArray, bOffset, bLength);
    }
    
    private MyECDSA(byte bArray[], short bOffset, byte bLength){
    
        PLAINTEXT       = new byte[0x100] ;         // Data file
    
        Util.arrayFillNonAtomic(PLAINTEXT,  BAS, (short)0x100, (byte)0);
    
        register();
    }
    
    //======================================================================================
    public void process(APDU apdu){
        byte buf[] = apdu.getBuffer();
    
        switch(buf[1])
        {
            //--------------------------------------------------------
            case (byte)0xA4:                    break;
    
            case (byte)0x46:
    
                // Create ECDSA Keys and Pair
                try {
            // <<<<<<<<<<<<<<<< Here is the problem >>>>>>>>>>>>>>>>>
                    objECDSAPriKey = (ECPrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, KeyBuilder.LENGTH_EC_FP_192, false);
                    ISOException.throwIt((short)0x8888);        // for check
                    objECDSAPubKey = (ECPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC,  KeyBuilder.LENGTH_EC_FP_192, false);
    
                    // set EC Domain Parameters
                    objECDSAPubKey.setFieldFP(SecP192r1_P, BAS, (short)24);
                    objECDSAPubKey.setA(SecP192r1_A, BAS, (short)24);
                    objECDSAPubKey.setB(SecP192r1_B, BAS, (short)24);
                    objECDSAPubKey.setG(SecP192r1_G, BAS, (short)25);
                    objECDSAPubKey.setK(SecP192r1_H);
                    objECDSAPubKey.setR(SecP192r1_N, BAS, (short)24);
    
                    objECDSAKeyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_192);
                }
              catch(CryptoException c)
              {
                short reason = c.getReason();
                ISOException.throwIt(reason);       // for check
              }
    
                // On-Card Key Generation Process
                objECDSAKeyPair.genKeyPair();
    
                // Obtain Key References
                objECDSAPriKey = (ECPrivateKey)objECDSAKeyPair.getPrivate();
                objECDSAPubKey = (ECPublicKey)objECDSAKeyPair.getPublic();
    
                // Create Signature Object
                objECDSASign = Signature.getInstance(Signature.ALG_ECDSA_SHA, false);
    
            break;
    
            case (byte)0x2E:
                short       Le              = apdu.setOutgoing();
                short   sSignLen=0 ;
    
                // Init with Private Key
                objECDSASign.init(objECDSAPriKey, Signature.MODE_SIGN);
    
                // Sign Data
                sSignLen = objECDSASign.sign(PLAINTEXT, BAS, Le, buf, BAS);
    
                apdu.setOutgoingLength(sSignLen);
                apdu.sendBytes(BAS, sSignLen);
    
            break;
            //--------------------------------------------------------
            default:
                ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
        }
    
        return;
    }
    
    }
    

    最佳答案

    Java Card 中没有默认的 EC 域参数。需要使用设置了域参数的 KeyPairECPublicKey 创建 ECPrivateKey(因此点 W 和 secret S 可以保持为空)。之后可以调用 genKeyPair() ,至少如果卡支持 F(2m) 或 F(p) 椭圆曲线加密和指定的 key 大小。

    添加

    请注意,恩智浦 JCOP 芯片可能需要为公钥和私钥设置这些参数。参数应具有 key 大小(对于单独的值)或未压缩的椭圆曲线点。问题中G的值似乎是一个压缩点。只有辅助因子(对于 setH )应该只有值 1。

    请注意,只有带有非对称协处理器的芯片才能支持椭圆曲线;并非所有卡的创建/配置都是相同的。有关详细信息,请联系您的供应商。

    关于java - Javacard 中的 ECDSA 签名,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/24467612/

    10-10 08:57