I am signing some data on a Javacard applet, then verifying it in java on my PC. To test this I have a message I know should verify, but when running my code verification fails.
This is my code:
//message = byte array of message from java card
//signature = byte array of signature from java card
BigInteger bigIntX = new BigInteger(1, xArray);
BigInteger bigIntY = new BigInteger(1, yArray);
boolean verified = false;
ECPoint w = new ECPoint(bigIntX, bigIntY);
KeyFactory newKeyFact = KeyFactory.getInstance("EC");
ECNamedCurveParameterSpec paramSpec = ECNAMEDCurveTable.getParameterSpec("secp256r1");
ECParameterSpec params = new ECNamedCurveSpec("secp256r1", paramSpec.getCurve(), paramSpec.getG(), paramSpec.getN(), paramSpec.getH());
ECPublicKey ecPublicKey - (ECPublicKey) newKeyFact.generatePublic(new ECPublicKeySpec(w, params));
Signature sig = Signature.getInstance("SHA256withECDSAinP1363Format");
sig.initVerify(ecPublicKey);
sig.update(message);
verified = sig.verify(signature);
if (verified) {
//print True
} else {
//print false
}
verified never gets set to true, even though I know this message should verify fine. Am I re-constructing the key wrong? Or is there something else I'm missing?
This is my javacard code where the signature is generated:
KeyPair key = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
ECPublicKey pubKey = (ECPublicKey) key.getPublic();
ECPrivateKey privKey = (ECPrivateKey) key.getPrivate();
initDomainParams(pubKey);
initDomainParams(privKey); //initDomainParams is just where I set A, B, G, R and K to the secp256r1 curve parameters using setA, setB etc
key.genKeyPair();
Signature sig = Signature.getInstance(Signature.ALG_ECDSA_SHA_256, false);
sig.init(key.getPrivate(), Signature.MODE_SIGN);
sig.sign(srcArr, srcoffset, srclength, destArr, destoffset);
