Implement ALG_EC_PACE_GM

Author: dufkan

src/main/java/com/licel/jcardsim/crypto/KeyAgreementImpl.java

@@ -67,6 +67,9 @@ public KeyAgreementImpl(byte algorithm) {
             case ALG_DH_PLAIN:
                 engine = new DHBasicAgreement();
                 break;
+            case ALG_EC_PACE_GM:
+                engine = new ECGMAgreement();
+                break;
             default:
                 CryptoException.throwIt(CryptoException.NO_SUCH_ALGORITHM);
                 break;
@@ -112,7 +115,7 @@ public short generateSecret(byte[] publicData,
             byte[] num = engine.calculateAgreement(ecp).toByteArray();
 
             byte[] result;
-            if (algorithm != ALG_EC_SVDP_DH_PLAIN_XY) {
+            if (algorithm != ALG_EC_SVDP_DH_PLAIN_XY && algorithm != ALG_EC_PACE_GM) {
                 // truncate/zero-pad to field size as per the spec:
                 int fieldSize = ((ECPrivateKeyImpl) privateKey).getDomainParameters().getCurve().getFieldSize();
                 result = new byte[(fieldSize + 7) / 8];
@@ -139,7 +142,8 @@ public short generateSecret(byte[] publicData,
                     return (short) hashResult.length;
                 case ALG_EC_SVDP_DHC_PLAIN: // no break
                 case ALG_EC_SVDP_DH_PLAIN: // no break
-                case ALG_EC_SVDP_DH_PLAIN_XY:
+                case ALG_EC_SVDP_DH_PLAIN_XY: // no break
+                case ALG_EC_PACE_GM:
                     // plain output
                     Util.arrayCopyNonAtomic(result, (short) 0, secret, secretOffset, (short) result.length);
                     return (short) result.length;
@@ -168,12 +172,8 @@ public void init(CipherParameters privateKey) {
             this.key = (ECPrivateKeyParameters)privateKey;
         }
 
-        /**
-         * return the field size for the agreement algorithm in bytes.
-         */
-        @Override
         public int getFieldSize() {
-            throw new UnsupportedOperationException("Not supported yet.");
+            return (this.key.getParameters().getCurve().getFieldSize() + 7) / 8;
         }
 
         public BigInteger calculateAgreement(CipherParameters publicKey) {
@@ -182,4 +182,30 @@ public BigInteger calculateAgreement(CipherParameters publicKey) {
             return new BigInteger(1, result.getEncoded(false));
         }
     }
+
+    /**
+     * BouncyCastle doesn't offer KeyAgreement analogous to <code>ALG_EC_PACE_GM</code>.
+     * So do it here instead and squeeze the resulting point through byte encoding
+     * in a BigInteger.
+     */
+    static class ECGMAgreement implements BasicAgreement {
+        private ECPrivateKeyParameters key;
+
+        public ECGMAgreement() {
+        }
+
+        public void init(CipherParameters privateKey) {
+            this.key = (ECPrivateKeyParameters) privateKey;
+        }
+
+        public int getFieldSize() {
+            return (this.key.getParameters().getCurve().getFieldSize() + 7) / 8;
+        }
+
+        public BigInteger calculateAgreement(CipherParameters publicKey) {
+            ECPublicKeyParameters pub = (ECPublicKeyParameters) publicKey;
+            ECPoint result = this.key.getParameters().getG().multiply(this.key.getD()).add(pub.getQ());
+            return new BigInteger(1, result.getEncoded(false));
+        }
+    }
 }

src/test/java/com/licel/jcardsim/crypto/KeyAgreementImplTest.java

@@ -59,6 +59,9 @@ public void testGenerateSecretECDH() {
         testGenerateSecret(KeyPair.ALG_EC_F2M, KeyBuilder.LENGTH_EC_F2M_113, KeyAgreement.ALG_EC_SVDP_DHC_PLAIN);
         testGenerateSecret(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_112, KeyAgreement.ALG_EC_SVDP_DHC);
         testGenerateSecret(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_112, KeyAgreement.ALG_EC_SVDP_DHC_PLAIN);
+        System.out.println("test ecgm");
+        testGenerateSecret(KeyPair.ALG_EC_F2M, KeyBuilder.LENGTH_EC_F2M_113, KeyAgreement.ALG_EC_PACE_GM);
+        testGenerateSecret(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_112, KeyAgreement.ALG_EC_PACE_GM);
     }
 
      /**
@@ -147,7 +150,8 @@ public void testGenerateSecret(byte keyAlg, short keySize, byte keyAgreementAlg)
                 assertEquals(secret1Size, (int) Math.ceil(keySize / 8.0));
                 assertEquals(secret2Size, (int) Math.ceil(keySize / 8.0));
                 break;
-            case KeyAgreement.ALG_EC_SVDP_DH_PLAIN_XY:
+            case KeyAgreement.ALG_EC_SVDP_DH_PLAIN_XY: // no break
+            case KeyAgreement.ALG_EC_PACE_GM:
                 int fieldSize = (int) Math.ceil(keySize / 8.0);
                 assertEquals(secret1Size, 1 + fieldSize + fieldSize);
                 assertEquals(secret2Size, 1 + fieldSize + fieldSize);