Our Online Store have the new products: RFID antenna board. Currently it can work with JC10M24R and JCOP4 card chips.
Compared with normal cards, the antenna board module has a smaller size and fixed holes, which is easy to integrate in the IOT(Internet Of Things) project.

Javacard KeyAgreement differs from BouncyCastle KeyAgreement

Communication

Moderator: UNKNwYSHSA

User avatar
mabel
Posts: 237
Joined: Mon May 18, 2015 3:09 am
Points :1705
Contact:

Javacard KeyAgreement differs from BouncyCastle KeyAgreement

Post by mabel » Tue Jun 16, 2015 4:00 am

I am confused about KeyAgreement. Both the server side and card side have the same keys-the card public and private keys and the terminals public and private keys.

If i generate KeyAgreement for the card and server as private on the server side ,the secters are the same, so the generation is OK and i get a 24 bytes (192 bit) secret. But if i generate the secrets on the card (2 cases like on the terminal) ,the secrets are also the same, but they ale shorter - 20 bytes (160 bit). The codes are as followings.

THE SERVER SIDE:

Code: Select all

ECPublicKey publicKey;
ECPrivateKey privateKey;
...

KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDH", "BC");
aKeyAgree.init(privateKey);
aKeyAgree.doPhase(publicKey, true);
byte[] aSecret = aKeyAgree.generateSecret();


THE CARD SIDE:

Code: Select all

eyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false);
short length = terminalEcPublicKey.getW(array, (short) 0);

keyAgreement.init(cardEcPrivateKey);
short secretlength = keyAgreement.generateSecret(array, (short)0, length, buffer, (short)0);

User avatar
horse dream
Posts: 76
Joined: Thu May 21, 2015 11:48 pm
Points :138
Contact:

Re: Javacard KeyAgreement differs from BouncyCastle KeyAgreement

Post by horse dream » Tue Jun 16, 2015 4:19 am

There is a problem in your implementation of KeyAgreement.ALG_EC_SVDP_DH on the server side. The correct length of output of the this method of key agreement should always be 20 bytes since SHA-1 is being performed on the derived output.

So in your terminal side, you should perform SHA-1 after generating the secret data.

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 13 guests

JavaCard OS : Disclaimer