I am writing a Java Card 3.0.2 application on an NXP J3D081 board. I have a signature and signature verification using ALG_ECDSA_SHA_256. The keys were written to the card using my test application. If I sign 32 bytes of data and transfer it back to the card, Verify code will successfully verify the signature. If I write 32 bytes to Bouncy Castle with a secret key and go to Verify on the Card, it will successfully verify the signature. Peppy Verify Code successfully validates signatures created from an incendiary signature.
BUT, if I take the returned signature from the Java map and pass it to the C # bouncy castle code, it SHOULD NOT verify the signature. I checked all the input values and they are correct. My code is here (note: I pass the public keys as 64 bytes and add them 0x04)
public bool HashAndVerifyDSA(byte[] pb, byte[] inData, byte[] sig)
{
byte[] pub = new byte[65];
pub[0] = 0x4;
Array.Copy(pb, 0, pub, 1, 64);
ECCurve curve = parameters.Curve;
ECPoint q = curve.DecodePoint(pub);
ICipherParameters Public = new ECPublicKeyParameters(algorithm, q, parameters);
ISigner bSigner = SignerUtilities.GetSigner("SHA-256withECDSA");
bSigner.Init(false, Public);
bSigner.BlockUpdate(inData, 0, inData.Length);
return (bSigner.VerifySignature(sig));
}
, P-256 . .
, , . .