Javacard KeyAgreement differs from BouncyCastle KeyAgreement
Posted: Tue Jun 16, 2015 4:00 am
I am confused about KeyAgreement. Both the server side and card side have the same keys-the card public and private keys and the terminals public and private keys.
If i generate KeyAgreement for the card and server as private on the server side ,the secters are the same, so the generation is OK and i get a 24 bytes (192 bit) secret. But if i generate the secrets on the card (2 cases like on the terminal) ,the secrets are also the same, but they ale shorter - 20 bytes (160 bit). The codes are as followings.
THE SERVER SIDE:
THE CARD SIDE:
If i generate KeyAgreement for the card and server as private on the server side ,the secters are the same, so the generation is OK and i get a 24 bytes (192 bit) secret. But if i generate the secrets on the card (2 cases like on the terminal) ,the secrets are also the same, but they ale shorter - 20 bytes (160 bit). The codes are as followings.
THE SERVER SIDE:
Code: Select all
ECPublicKey publicKey;
ECPrivateKey privateKey;
...
KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDH", "BC");
aKeyAgree.init(privateKey);
aKeyAgree.doPhase(publicKey, true);
byte[] aSecret = aKeyAgree.generateSecret();THE CARD SIDE:
Code: Select all
eyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false);
short length = terminalEcPublicKey.getW(array, (short) 0);
keyAgreement.init(cardEcPrivateKey);
short secretlength = keyAgreement.generateSecret(array, (short)0, length, buffer, (short)0);