Our Online Store have the new products: RFID antenna board. Currently it can work with JC10M24R and JCOP4 card chips.
Compared with normal cards, the antenna board module has a smaller size and fixed holes, which is easy to integrate in the IOT(Internet Of Things) project.

The different results with DES algorithm

Algorithm School

Moderator: UNKNwYSHSA

Heather
Posts: 24
Joined: Mon Nov 30, 2015 5:41 am
Points :121
Contact:

The different results with DES algorithm

Post by Heather » Thu Jan 19, 2017 11:07 pm

I finished a test case. Using DES Cipher, I got different encrypted results with the same APDU.
The length of the input data is random.But When I use javax.crypto to verify, the result is correct.

Here is part of applet code:

Code: Select all

case (byte)0x03:
            short updateLen = apdu.setIncomingAndReceive();
            if (updateLen != buf[ISO7816.OFFSET_LC]) {
                ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
                return;
            }
            try {
                short updatedLen = _cipher.update(buf, ISO7816.OFFSET_CDATA, updateLen, buf, (short) 0);
                apdu.setOutgoingAndSend((short) 0, updatedLen);
            } catch (CryptoException e) {
                Util.setShort(buf, (short) 0, e.getReason());
                apdu.setOutgoingAndSend((short) 0, (short) 2);
                ISOException.throwIt(ISO7816.SW_UNKNOWN);
            }
            break;


The code that use javax.crypto to verify

Code: Select all

            IvParameterSpec ivParameterSpec2 = new IvParameterSpec(iv);
            DESKeySpec desKeySpec2 = new DESKeySpec(key);
            SecretKeyFactory secretKeyFactory2 = SecretKeyFactory.getInstance("DES");
            SecretKey secretKey2 = secretKeyFactory2.generateSecret(desKeySpec2);
            Cipher cipher2 = Cipher.getInstance("DES/CBC/NoPadding");
            cipher2.init(Cipher.ENCRYPT_MODE, secretKey2, ivParameterSpec2);
            byte[] resultData_soft_once = cipher2.update(data);


When using javax.crypto to calculate, the results are always same.

Danieken
Posts: 19
Joined: Thu Sep 17, 2015 10:28 pm
Points :101
Contact:

Re: The different results with DES algorithm

Post by Danieken » Fri Jan 20, 2017 4:38 am

Could you provide the data?

Heather
Posts: 24
Joined: Mon Nov 30, 2015 5:41 am
Points :121
Contact:

Re: The different results with DES algorithm

Post by Heather » Fri Jan 20, 2017 4:47 am

Danieken wrote:Could you provide the data?

Among the result data, some blocks' data are same, but the subsequent data is inconsistent.
I used jcop/A22CR and JC30M48CR to do the test.

User avatar
mabel
Posts: 237
Joined: Mon May 18, 2015 3:09 am
Points :1705
Contact:

Re: The different results with DES algorithm

Post by mabel » Fri Jan 20, 2017 5:00 am

You don't need to check the data. The problem is that input and output used the same buffer.

You can create a temp buffer. input uses apdu buffer and output uses the temp buffer. Then have a try.

Heather
Posts: 24
Joined: Mon Nov 30, 2015 5:41 am
Points :121
Contact:

Re: The different results with DES algorithm

Post by Heather » Fri Jan 20, 2017 5:34 am

mabel wrote:You don't need to check the data. The problem is that input and output used the same buffer.

You can create a temp buffer. input uses apdu buffer and output uses the temp buffer. Then have a try.


Oops, that's it. I did as you said, it works.

Danieken
Posts: 19
Joined: Thu Sep 17, 2015 10:28 pm
Points :101
Contact:

Re: The different results with DES algorithm

Post by Danieken » Fri Jan 20, 2017 5:59 am

I just found this description from the specification, which may explain the problem.

When non-block aligned data is presented as input data, no amount of input and output buffer data overlap is allowed; if inBuff==outBuff and outOffset < inOffset+inLength, incorrect output may result.

Heather
Posts: 24
Joined: Mon Nov 30, 2015 5:41 am
Points :121
Contact:

Re: The different results with DES algorithm

Post by Heather » Fri Jan 20, 2017 6:10 am

Thanks for all the help. It's due to overlap problem, indeed.

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 17 guests

JavaCard OS : Disclaimer