Java Code Examples for javacardx.crypto.Cipher#getInstance()
The following examples show how to use
javacardx.crypto.Cipher#getInstance() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: Crypto.java From status-keycard with Apache License 2.0 | 6 votes |
|
Crypto() {
random = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
sha256 = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
ecdh = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH_PLAIN, false);
sha512 = MessageDigest.getInstance(MessageDigest.ALG_SHA_512, false);
aesCbcIso9797m2 = Cipher.getInstance(Cipher.ALG_AES_CBC_ISO9797_M2,false);
try {
hmacSHA512 = Signature.getInstance(Signature.ALG_HMAC_SHA_512, false);
hmacKey = (HMACKey) KeyBuilder.buildKey(KeyBuilder.TYPE_HMAC_TRANSIENT_DESELECT, KeyBuilder.LENGTH_AES_256, false);
} catch (CryptoException e) {
hmacSHA512 = null;
hmacBlock = JCSystem.makeTransientByteArray(HMAC_BLOCK_SIZE, JCSystem.CLEAR_ON_RESET);
}
}
Example 2
| Source File: OpenPGPSecureMessaging.java From javacard-openpgpcard with GNU General Public License v2.0 | 6 votes |
|
/**
* Construct a new secure messaging wrapper.
*/
public OpenPGPSecureMessaging() {
ssc = JCSystem.makeTransientByteArray(SSC_SIZE,
JCSystem.CLEAR_ON_DESELECT);
tmp = JCSystem.makeTransientByteArray(TMP_SIZE,
JCSystem.CLEAR_ON_DESELECT);
signer = Signature.getInstance(
Signature.ALG_DES_MAC8_ISO9797_1_M2_ALG3, false);
verifier = Signature.getInstance(
Signature.ALG_DES_MAC8_ISO9797_1_M2_ALG3, false);
cipher = Cipher.getInstance(
Cipher.ALG_DES_CBC_ISO9797_M2, false);
decipher = Cipher.getInstance(
Cipher.ALG_DES_CBC_ISO9797_M2, false);
keyMAC = (DESKey) KeyBuilder.buildKey(
KeyBuilder.TYPE_DES_TRANSIENT_DESELECT,
KeyBuilder.LENGTH_DES3_2KEY, false);
keyENC = (DESKey) KeyBuilder.buildKey(
KeyBuilder.TYPE_DES_TRANSIENT_DESELECT,
KeyBuilder.LENGTH_DES3_2KEY, false);
ssc_set = JCSystem.makeTransientBooleanArray((short)1, JCSystem.CLEAR_ON_DESELECT);
ssc_set[0] = false;
}
Example 3
| Source File: PinTests.java From GidsApplet with GNU General Public License v3.0 | 6 votes |
|
@Test
public void authenticateGeneralReplayAttack() {
byte[] challenge, challengeresponse = new byte[8];
byte[] key = DatatypeConverter.parseHexBinary("010203040506070801020304050607080102030405060708");
Cipher cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
DESKey deskey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);
deskey.setKey(key, (short) 0);
// select admin key
execute("00 22 81 A4 03 83 01 80");
// get a challenge
ResponseAPDU response = execute("00 87 00 00 04 7C 02 81 00 00");
if (!Arrays.equals(Arrays.copyOfRange(response.getBytes(), 0, 4), new byte[] {0x7C,0x0A,(byte) 0x81,0x08})) {
fail("not a challenge:" + DatatypeConverter.printHexBinary(response.getBytes()));
}
// compute the response
challenge = Arrays.copyOfRange(response.getBytes(), 4, 12);
//solve challenge
cipherDES.init(deskey, Cipher.MODE_ENCRYPT);
cipherDES.doFinal(challenge, (short) 0, (short)8, challengeresponse, (short) 0);
// send the response
execute("00 87 00 00 0C 7C 0A 82 08" + DatatypeConverter.printHexBinary(challengeresponse), 0x9000);
execute("00 87 00 00 0C 7C 0A 82 08" + DatatypeConverter.printHexBinary(challengeresponse), 0x6985);
}
Example 4
| Source File: GidsBaseTestClass.java From GidsApplet with GNU General Public License v3.0 | 6 votes |
|
protected void authenticateGeneral(byte[] key, boolean successexpected) {
byte[] challenge, challengeresponse = new byte[8];
Cipher cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
DESKey deskey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);
deskey.setKey(key, (short) 0);
// select admin key
execute("00 22 81 A4 03 83 01 80");
// get a challenge
ResponseAPDU response = execute("00 87 00 00 04 7C 02 81 00 00");
if (!Arrays.equals(Arrays.copyOfRange(response.getBytes(), 0, 4), new byte[] {0x7C,0x0A,(byte) 0x81,0x08})) {
fail("not a challenge:" + DatatypeConverter.printHexBinary(response.getBytes()));
}
// compute the response
challenge = Arrays.copyOfRange(response.getBytes(), 4, 12);
//solve challenge
cipherDES.init(deskey, Cipher.MODE_ENCRYPT);
cipherDES.doFinal(challenge, (short) 0, (short)8, challengeresponse, (short) 0);
// send the response
execute("00 87 00 00 0C 7C 0A 82 08" + DatatypeConverter.printHexBinary(challengeresponse), (successexpected?0x9000: 0x6982));
}
Example 5
| Source File: FIDOStandalone.java From ledger-u2f-javacard with Apache License 2.0 | 6 votes |
|
/**
* Init cipher engines and allocate memory.
*/
public FIDOStandalone() {
scratch = JCSystem.makeTransientByteArray((short) 64, JCSystem.CLEAR_ON_DESELECT);
keyPair = new KeyPair(
(ECPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, KeyBuilder.LENGTH_EC_FP_256, false),
(ECPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, KeyBuilder.LENGTH_EC_FP_256, false));
Secp256r1.setCommonCurveParameters((ECKey) keyPair.getPrivate());
Secp256r1.setCommonCurveParameters((ECKey) keyPair.getPublic());
random = RandomData.getInstance(RandomData.ALG_KEYGENERATION);
// Initialize the unique wrapping key
chipKey = (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_256, false);
random.nextBytes(scratch, (short) 0, (short) 32);
chipKey.setKey(scratch, (short) 0);
cipherEncrypt = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
cipherEncrypt.init(chipKey, Cipher.MODE_ENCRYPT, IV_ZERO_AES, (short) 0, (short) IV_ZERO_AES.length);
cipherDecrypt = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
cipherDecrypt.init(chipKey, Cipher.MODE_DECRYPT, IV_ZERO_AES, (short) 0, (short) IV_ZERO_AES.length);
}
Example 6
| Source File: PinTests.java From GidsApplet with GNU General Public License v3.0 | 5 votes |
|
@Test
public void authenticateMutualReplayAttack() {
byte[] key = DatatypeConverter.parseHexBinary("010203040506070801020304050607080102030405060708");
byte[] myChallenge= new byte [16], globalchallenge = new byte[40], challengeresponse = new byte[40];
byte[] challenge;
Cipher cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
DESKey deskey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);
deskey.setKey(key, (short) 0);
RandomData randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
randomData.generateData(myChallenge, (short) 0, (short) myChallenge.length);
// select admin key
execute("00 22 81 A4 03 83 01 80");
// get a challenge
ResponseAPDU response = execute("00 87 00 00 14 7C 12 81 10" + DatatypeConverter.printHexBinary(myChallenge) + "00");
if (!Arrays.equals(Arrays.copyOfRange(response.getBytes(), 0, 4), new byte[] {0x7C,0x12,(byte) 0x81,0x10})) {
fail("not a challenge:" + DatatypeConverter.printHexBinary(response.getBytes()));
}
// compute the response
challenge = Arrays.copyOfRange(response.getBytes(), 4, 20);
//solve challenge
//R2
System.arraycopy(challenge, 0, globalchallenge, 0, 16);
//R1
System.arraycopy(myChallenge, 0, globalchallenge, 16, 16);
// keep Z1 random
globalchallenge[(short)39] = (byte) 0x80;
cipherDES.init(deskey, Cipher.MODE_ENCRYPT);
cipherDES.doFinal(globalchallenge, (short) 0, (short)40, challengeresponse, (short) 0);
// send the response
execute("00 87 00 00 2C 7C 2A 82 28" + DatatypeConverter.printHexBinary(challengeresponse), 0x9000);
execute("00 87 00 00 2C 7C 2A 82 28" + DatatypeConverter.printHexBinary(challengeresponse), 0x6985);
}
Example 7
| Source File: CardEdge.java From SatochipApplet with GNU Affero General Public License v3.0 | 5 votes |
|
/**
* This function allows to set the 2FA key and enable 2FA.
* Once activated, 2FA can only be deactivated when the seed is reset.
*
* ins: 0x79
* p1: 0x00
* p2: 0x00
* data: [hmacsha1_key(20b) | amount_limit(8b)]
* return: (none)
*/
private short set2FAKey(APDU apdu, byte[] buffer){
// check that PIN[0] has been entered previously
if (!pins[0].isValidated())
ISOException.throwIt(SW_UNAUTHORIZED);
// cannot modify an existing 2FA!
if (needs_2FA)
ISOException.throwIt(SW_2FA_INITIALIZED_KEY);
//check input length
short bytesLeft = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (bytesLeft < (short)(20+8))
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
if (!done_once_2FA){
data2FA= new byte[OFFSET_2FA_SIZE];
randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
aes128_cbc= Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
key_2FA= (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128, false);
done_once_2FA= true;
}
short offset= ISO7816.OFFSET_CDATA;
Util.arrayCopyNonAtomic(buffer, offset, data2FA, OFFSET_2FA_HMACKEY, (short)20);
offset+=(short)20;
Util.arrayCopyNonAtomic(buffer, offset, data2FA, OFFSET_2FA_LIMIT, (short)8);
offset+=(short)8;
// hmac derivation for id_2FA & key_2FA
HmacSha160.computeHmacSha160(data2FA, OFFSET_2FA_HMACKEY, (short)20, CST_2FA, (short)0, (short)6, data2FA, OFFSET_2FA_ID);
HmacSha160.computeHmacSha160(data2FA, OFFSET_2FA_HMACKEY, (short)20, CST_2FA, (short)6, (short)7, recvBuffer, (short)0);
key_2FA.setKey(recvBuffer,(short)0); // AES-128: 16-bytes key!!
needs_2FA= true;
return (short)0;
}
Example 8
| Source File: Bignat_Helper.java From JCMathLib with MIT License | 4 votes |
|
void initialize(short modRSAEngineMaxBits, short multRSAEngineMaxBits) {
MODULO_RSA_ENGINE_MAX_LENGTH_BITS = modRSAEngineMaxBits;
MULT_RSA_ENGINE_MAX_LENGTH_BITS = multRSAEngineMaxBits;
fnc_deep_resize_tmp = rm.helper_BN_array1;
fnc_mult_resultArray1 = rm.helper_BN_array1;
fnc_mult_resultArray2 = rm.helper_BN_array2;
fnc_same_value_array1 = rm.helper_BN_array1;
fnc_same_value_hash = rm.helper_BN_array2;
fnc_shift_bytes_right_tmp = rm.helper_BN_array1;
// BN below are just reassigned allocated helper_BN_? so that same helper_BN_? is not used in parallel (checked by lock() unlock())
fnc_mod_add_tmp = rm.helper_BN_A;
fnc_mod_sub_tmpThis = rm.helper_BN_A;
fnc_mod_sub_tmp = rm.helper_BN_B;
fnc_mod_sub_tmpOther = rm.helper_BN_C;
fnc_mult_mod_tmpThis = rm.helper_BN_A;
fnc_mult_mod_tmp_mod = rm.helper_BN_B;
fnc_mult_mod_tmp_x = rm.helper_BN_C;
fnc_exponentiation_tmp = rm.helper_BN_A;
fnc_exponentiation_i = rm.helper_BN_B;
fnc_mod_minus_2 = rm.helper_BN_B;
fnc_negate_tmp = rm.helper_BN_B;
fnc_sqrt_S = rm.helper_BN_A;
fnc_sqrt_exp = rm.helper_BN_A;
fnc_sqrt_p_1 = rm.helper_BN_B;
fnc_sqrt_Q = rm.helper_BN_C;
fnc_sqrt_tmp = rm.helper_BN_D;
fnc_sqrt_z = rm.helper_BN_E;
fnc_mod_mult_tmpThis = rm.helper_BN_E; // mod_mult is called from fnc_sqrt => requires helper_BN_E not being locked in fnc_sqrt when mod_mult is called
fnc_divide_tmpThis = rm.helper_BN_E; // divide is called from fnc_sqrt => requires helper_BN_E not being locked in fnc_sqrt when divide is called
fnc_mod_exp_modBN = rm.helper_BN_F; // mod_exp is called from fnc_sqrt => requires helper_BN_F not being locked in fnc_sqrt when mod_exp is called
fnc_int_add_tmpMag = rm.helper_BN_A;
fnc_int_multiply_mod = rm.helper_BN_A;
fnc_int_multiply_tmpThis = rm.helper_BN_B;
fnc_int_divide_tmpThis = rm.helper_BN_A;
// Allocate BN constants always in EEPROM (only reading)
ONE = new Bignat((short) 1, JCSystem.MEMORY_TYPE_PERSISTENT, this);
ONE.one();
TWO = new Bignat((short) 1, JCSystem.MEMORY_TYPE_PERSISTENT, this);
TWO.two();
THREE = new Bignat((short) 1, JCSystem.MEMORY_TYPE_PERSISTENT, this);
THREE.three();
tmp_array_short = rm.memAlloc.allocateByteArray((short) 2, JCSystem.MEMORY_TYPE_TRANSIENT_RESET); // only 2b RAM for faster add(short)
fnc_NmodE_cipher = Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false);
fnc_NmodE_pubKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, MODULO_RSA_ENGINE_MAX_LENGTH_BITS, false);
// Speedup for fast multiplication
fnc_mult_keypair = new KeyPair(KeyPair.ALG_RSA_CRT, MULT_RSA_ENGINE_MAX_LENGTH_BITS);
fnc_mult_keypair.genKeyPair();
fnc_mult_pubkey_pow2 = (RSAPublicKey) fnc_mult_keypair.getPublic();
//mult_privkey_pow2 = (RSAPrivateCrtKey) mult_keypair.getPrivate();
fnc_mult_pubkey_pow2.setExponent(CONST_TWO, (short) 0, (short) CONST_TWO.length);
fnc_mult_cipher = Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false);
hashEngine = rm.hashEngine;
FLAG_FAST_MULT_VIA_RSA = false; // set true only if succesfully allocated and tested below
try { // Subsequent code may fail on some real (e.g., Infineon CJTOP80K) cards - catch exception
fnc_mult_cipher.init(fnc_mult_pubkey_pow2, Cipher.MODE_ENCRYPT);
// Try operation - if doesn't work, exception SW_CANTALLOCATE_BIGNAT is emitted
Util.arrayFillNonAtomic(fnc_mult_resultArray1, (short) 0, (short) fnc_mult_resultArray1.length, (byte) 6);
fnc_mult_cipher.doFinal(fnc_mult_resultArray1, (short) 0, (short) fnc_mult_resultArray1.length, fnc_mult_resultArray1, (short) 0);
FLAG_FAST_MULT_VIA_RSA = true;
} catch (Exception ignored) {
} // discard exception
}
Example 9
| Source File: GidsApplet.java From GidsApplet with GNU General Public License v3.0 | 4 votes |
|
/**
* \brief Only this class's install method should create the applet object.
*/
protected GidsApplet() {
// by default the pin manager is in "initialization mode"
pinManager = new GidsPINManager();
transmitManager = new TransmitManager();
currentAlgorithmRef = JCSystem.makeTransientByteArray((short)1, JCSystem.CLEAR_ON_DESELECT);
currentKey = JCSystem.makeTransientObjectArray((short)1, JCSystem.CLEAR_ON_DESELECT);
rsaPkcs1Cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
try {
rsaOaepCipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1_OAEP, false);
} catch (CryptoException e) {
if(e.getReason() == CryptoException.NO_SUCH_ALGORITHM) {
rsaOaepCipher = null;
} else {
throw e;
}
}
rsaRawCipher = Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false);
byte mechanisms = (byte) 0xC0;
fs = new GidsFileSystem(pinManager, transmitManager, (short) 0x3F00,
// FCP
new byte[] {
(byte)0x62, (byte)0x08,
(byte)0x82, (byte)0x01, (byte)0x38, // File descriptor byte.
(byte)0x8C, (byte)0x03, (byte)0x03, (byte)0x30, (byte)0x30,// security attribute
},
// FCI
new byte[] {
0x61, 0X12,
0x4F, 0x0B, (byte) 0xA0, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x97, (byte) 0x42, (byte) 0x54, (byte) 0x46, (byte) 0x59, 0x02, 0x01, // AID
0x73, 0x03,
0x40, 0x01, mechanisms, // cryptographic mechanism
},
// FMD
new byte[] {
(byte)0x64, (byte)0x09,
(byte)0x5F, (byte)0x2F, (byte) 0x01, (byte) 0x60, // pin usage policy
(byte)0x7F, (byte)0x65, 0x02, (byte) 0x80, 0x00
}
);
// FCI / FMD / FCP are hard coded
register();
}
Example 10
| Source File: GidsBaseTestClass.java From GidsApplet with GNU General Public License v3.0 | 4 votes |
|
protected void authenticateMutual(byte[] key, boolean successexpected) {
byte[] myChallenge= new byte [16], globalchallenge = new byte[40], challengeresponse = new byte[40];
byte[] cardChallenge;
Cipher cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
DESKey deskey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);
deskey.setKey(key, (short) 0);
new Random().nextBytes(myChallenge);
// select admin key
execute("00 22 81 A4 03 83 01 80");
// get a challenge
ResponseAPDU response = execute("00 87 00 00 14 7C 12 81 10" + DatatypeConverter.printHexBinary(myChallenge) + "00");
if (!Arrays.equals(Arrays.copyOfRange(response.getBytes(), 0, 4), new byte[] {0x7C,0x12,(byte) 0x81,0x10})) {
fail("not a challenge:" + DatatypeConverter.printHexBinary(response.getBytes()));
}
// compute the response
cardChallenge = Arrays.copyOfRange(response.getBytes(), 4, 20);
//solve challenge
//R2
System.arraycopy(cardChallenge, 0, globalchallenge, 0, 16);
//R1
System.arraycopy(myChallenge, 0, globalchallenge, 16, 16);
// keep Z1 random
globalchallenge[(short)39] = (byte) 0x80;
cipherDES.init(deskey, Cipher.MODE_ENCRYPT);
cipherDES.doFinal(globalchallenge, (short) 0, (short)40, challengeresponse, (short) 0);
// send the response
String command = "00 87 00 00 2C 7C 2A 82 28" + DatatypeConverter.printHexBinary(challengeresponse);
ResponseAPDU responseAPDU = execute(command, true);
if (!successexpected)
{
if(responseAPDU.getSW() != 0x6982) {
fail("expected: " + Integer.toHexString(0x6982) + " but was: " + Integer.toHexString(response.getSW()));
}
return;
}
if(responseAPDU.getSW() != 0x9000) {
fail("expected: " + Integer.toHexString(0x9000) + " but was: " + Integer.toHexString(response.getSW()));
}
byte[] cardresponse = responseAPDU.getBytes();
if (!Arrays.equals(Arrays.copyOfRange(cardresponse, 0, 4), new byte[] {0x7C,0x2A,(byte)0x82,0x28}))
{
fail("header verification failed");
}
byte[] decryptedCardResponse = new byte[40];
cipherDES.init(deskey, Cipher.MODE_DECRYPT);
cipherDES.doFinal(cardresponse, (short) 4, (short)40, decryptedCardResponse, (short) 0);
if (!Arrays.equals(Arrays.copyOfRange(decryptedCardResponse, 0, 16), myChallenge)) {
fail("R1 verification failed");
}
if (!Arrays.equals(Arrays.copyOfRange(decryptedCardResponse, 16, 32), cardChallenge)) {
fail("R2 verification failed");
}
if (decryptedCardResponse[(short)39] != (byte) 0x80) {
fail("padding failed");
}
}
Example 11
| Source File: Gpg.java From OpenPGP-Card with GNU General Public License v3.0 | 4 votes |
|
/**
* Only this class's install method should create the applet object.
*/
protected Gpg(byte[] parameters, short offset, byte length) {
pinLength = new byte[3];
pins = new OwnerPIN[3];
pins[PIN_INDEX_PW1] = new OwnerPIN(MAX_TRIES_PIN1, MAX_PIN_LENGTH);
pins[PIN_INDEX_PW1].update(defaultPIN, (short) 0, MIN_PIN1_LENGTH);
pinLength[PIN_INDEX_PW1] = MIN_PIN1_LENGTH;
pins[PIN_INDEX_PW3] = new OwnerPIN(MAX_TRIES_PIN3, MAX_PIN_LENGTH);
pins[PIN_INDEX_PW3].update(defaultPIN, (short) 0, MIN_PIN3_LENGTH);
pinLength[PIN_INDEX_PW3] = MIN_PIN3_LENGTH;
// The resetting code is disabled by default.
pins[PIN_INDEX_RC] = new OwnerPIN(MAX_TRIES_RC, MAX_PIN_LENGTH);
pinLength[PIN_INDEX_RC] = 0;
pinSubmitted = JCSystem.makeTransientBooleanArray((short) 2, JCSystem.CLEAR_ON_DESELECT);
commandChainingBuffer =
JCSystem.makeTransientByteArray((short) (TEMP_PUT_KEY_ACCUMULATOR + RSA_KEY_LENGTH_BYTES),
JCSystem.CLEAR_ON_DESELECT);
privateDO1 = new byte[255];
privateDO2 = new byte[255];
privateDO3 = new byte[255];
privateDO4 = new byte[255];
loginData = new byte[(short) 255];
url = new byte[(short) 255];
name = new byte[(short) 40];
language = new byte[(short) 9];
sex = new byte[(short) 1];
fingerprints = new byte[(short) 60];
caFingerprints = new byte[(short) 60];
generationDates = new byte[(short) 12];
signatureCounter = new byte[(short) 3];
pinValidForMultipleSignatures = (byte) 0;
signatureKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
confidentialityKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
authenticationKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
register();
}
Example 12
| Source File: PayPass.java From CardExamples with The Unlicense | 4 votes |
|
public PayPass(byte[] bArray, short bOffset, byte bLength) {
if (bLength != 27)
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
// transaction starts
JCSystem.beginTransaction();
// set up and initialize all the DES encryption/descrytion ciphers used in the app
DESKEY_KD_PERSO_L_EN = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
DESKEY_KD_PERSO_R_DE = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
DESKEY_KD_PERSO_L_DE = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
DESKEY_KD_PERSO_R_EN = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
CIPHER_KD_PERSO_L_EN = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
CIPHER_KD_PERSO_R_DE = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
CIPHER_KD_PERSO_L_DE = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
CIPHER_KD_PERSO_R_EN = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
// transaction ends
JCSystem.commitTransaction();
// define RAM buffers for faster operation
CVC3_DATA = JCSystem.makeTransientByteArray((short) 16, JCSystem.CLEAR_ON_DESELECT);
CMD_BUF = JCSystem.makeTransientByteArray((short) 261, JCSystem.CLEAR_ON_DESELECT);
MAC = JCSystem.makeTransientByteArray((short) 8, JCSystem.CLEAR_ON_DESELECT);
// on initialize the current state is not_alive
state = not_alive;
PROFILE = new Profile();
// testing area
// pre-personalization data
// issuer supply
PROFILE.VER_KMC = (byte) 0x01; // MC version
PROFILE.VER_KMC = bArray[bOffset]; // MC version
PROFILE.KMC_ID[0] = (byte) 0x54; // key id
PROFILE.KMC_ID[1] = (byte) 0x13;
PROFILE.KMC_ID[2] = (byte) 0x12;
PROFILE.KMC_ID[3] = (byte) 0xFF;
PROFILE.KMC_ID[4] = (byte) 0xFF;
PROFILE.KMC_ID[5] = (byte) 0xFF;
Util.arrayCopyNonAtomic(bArray, (short) (bOffset + 1), PROFILE.KMC_ID, (short) 0, (short) 6);
PROFILE.KD_PERSO[0] = (byte) 0xA8; // personalization key
PROFILE.KD_PERSO[1] = (byte) 0x6A;
PROFILE.KD_PERSO[2] = (byte) 0x3D;
PROFILE.KD_PERSO[3] = (byte) 0x06;
PROFILE.KD_PERSO[4] = (byte) 0xCA;
PROFILE.KD_PERSO[5] = (byte) 0xE7;
PROFILE.KD_PERSO[6] = (byte) 0x04;
PROFILE.KD_PERSO[7] = (byte) 0x6A;
PROFILE.KD_PERSO[8] = (byte) 0x10;
PROFILE.KD_PERSO[9] = (byte) 0x63;
PROFILE.KD_PERSO[10] = (byte) 0x58;
PROFILE.KD_PERSO[11] = (byte) 0xD5;
PROFILE.KD_PERSO[12] = (byte) 0xB8;
PROFILE.KD_PERSO[13] = (byte) 0x23;
PROFILE.KD_PERSO[14] = (byte) 0x9C;
PROFILE.KD_PERSO[15] = (byte) 0xBE;
Util.arrayCopyNonAtomic(bArray, (short) (bOffset + 7), PROFILE.KD_PERSO, (short) 0, (short) 16);
PROFILE.CSN[0] = (byte) 0x89;
PROFILE.CSN[1] = (byte) 0xAA;
PROFILE.CSN[2] = (byte) 0x7F;
PROFILE.CSN[3] = (byte) 0x00;
Util.arrayCopyNonAtomic(bArray, (short) (bOffset + 23), PROFILE.CSN, (short) 0, (short) 4);
// end issuer supply
// profile can now be considered in personalization state
PROFILE.STATE = PERSO;
}
