1

I'm trying to encrypt a key imported in my card and store it again in the same byte array. The import_key function below receives an apdu and extracts the message KEY, then tries to encrypt it (simple DES encryption) and store it at the same place. It seems that I have done everything necessary but unfortunately I receive 6f00 every time I uncomment the encryption part!!! this is my code:

public class Encryptor extends Applet {

private byte[] KEY                                  = new byte[128];
private byte key_len                                = (byte)0;
private byte[] ENC_KEY                              = new byte[32];
private byte enc_key_len                            = (byte)0;

Cipher MyCipher;
private byte[] TheDES_Key = new byte[24];
DESKey MyDES1Key = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES,KeyBuilder.LENGTH_DES, false);
byte ConfiguredKeyLength = 0;

{...}

private void import_key(APDU apdu) {
    byte[] buffer = new byte[maximum_buffer_len];
    buffer = apdu.getBuffer();
    key_len = buffer[ISO7816.OFFSET_LC];
    apdu.setIncomingAndReceive();
    Util.arrayCopy(buffer, (short) (ISO7816.OFFSET_CDATA), KEY, (short) 0, (short) key_len);

    Util.arrayCopyNonAtomic(ENC_KEY, (short) 0, TheDES_Key, (short) 0, (short) enc_key_len);

    MyDES1Key.setKey(TheDES_Key, (short) 0);
    MyCipher.init(MyDES1Key, Cipher.MODE_ENCRYPT);

    byte[] CipheredData = JCSystem.makeTransientByteArray((short) 32,JCSystem.CLEAR_ON_DESELECT);
    MyCipher.doFinal(KEY, (short)0,(short)key_len,CipheredData,(short)0);
    Util.arrayCopyNonAtomic(CipheredData,(short)0,KEY,(short)0,(short)key_len);

    return;
    }
}
MJay
  • 987
  • 1
  • 13
  • 36
  • Is your Lc greater than 127? If yes, `(short) key_len` is a negative value, which might cause the exception. Try `(short) (key_len & 0xFF)` instead and you will get what you want (a short of value 128). – vojta Dec 16 '15 at 11:15
  • Any progress? Is your problem solved? – vojta Dec 22 '15 at 09:46

1 Answers1

0

In the line:

DESKey MyDES1Key = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES,KeyBuilder.LENGTH_DES, false);

you defined length of MyDES1Key as LENGTH_DES that is 8 bytes, while in the line:

MyDES1Key.setKey(TheDES_Key, (short) 0);

You are filling it with a 24 bytes variable!

In the other word you must replace KeyBuilder.LENGTH_DES with KeyBuilder.LENGTH_DES3_3KEY.

Ebrahim Ghasemi
  • 5,850
  • 10
  • 52
  • 113
  • @M.Jalali Why did you defined `private byte key_len = (byte)0;` and `private byte enc_key_len = (byte)0;`? Why those are assigned with zero? The `arrayCopy` methods do nothing because of these values as length. – Ebrahim Ghasemi Dec 16 '15 at 10:45
  • those contain the length of KEY and ENC_KEY which are received somewhere else. – MJay Dec 16 '15 at 10:48
  • Throw an exception right before the line `MyDES1Key.setKey(TheDES_Key, (short) 0);` and throw an specific value other than `0x6D00` and run the program to check if the problem is before than that line or after it :) – Ebrahim Ghasemi Dec 16 '15 at 10:56
  • I've found where the problem occurs, that is in the line [MyCipher.doFinal(KEY, (short)0,(short)key_len,CipheredData,(short)0);] but I don't know why it happens! – MJay Dec 16 '15 at 11:01
  • 1
    @M.Jalali Mr.Vojta is right. And also key_length must be shorter than `32` bytes. because the length of `CipheredData` variable is `32` bytes. And also, `key_length` must be dividable by 8 if your algorithm mode is `NO_PAD` – Ebrahim Ghasemi Dec 16 '15 at 11:19
  • can you lead me to write a method which gives data and key and returns the encrypted message in data input? – MJay Dec 16 '15 at 11:26
  • @Abraham I could not find the answer there! that has the same problem as mine! 6F00 – MJay Dec 16 '15 at 11:45
  • @M.Jalali Did you installed the same program that Vojta suggested you(Without any changeds) and you still receive `6f00`? – Ebrahim Ghasemi Dec 16 '15 at 11:52
  • @Abraham I tiried your code [here](http://stackoverflow.com/questions/30148089/java-card-des-generator-applet-output-is-different-from-online-tools-output). It works perfect but even copy/paste to my code returns 6f00! and It drives me crazy :/ – MJay Dec 16 '15 at 11:53
  • @Abraham Yes I installed the same applet and it is installed successfully, but I could not send any successful apdu! but your code works correctly and I don't know why it doesn't work on mine!!! – MJay Dec 16 '15 at 11:57
  • @M.Jalali Is that possible for you to post your complete program without any change in the question and let me test it on my own computer? – Ebrahim Ghasemi Dec 16 '15 at 11:58
  • @Abraham Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/98112/discussion-between-m-jalali-and-abraham). – MJay Dec 16 '15 at 12:22