javacard.framework.APDU Java Examples
The following examples show how to use
javacard.framework.APDU.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: Gpg.java From OpenPGP-Card with GNU General Public License v3.0 | 7 votes |
|
private void internalAuthenticate(APDU apdu) {
byte[] buffer = apdu.getBuffer();
// PW1 with 0x82
if (!pins[PIN_INDEX_PW1].isValidated() || !pinSubmitted[1]) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
short len = apdu.setIncomingAndReceive();
if (len > (short) 102 || len != (buffer[ISO7816.OFFSET_LC] & 0xFF)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
if (!authenticationKey.getPrivate().isInitialized()) {
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
}
cipherRSA.init(authenticationKey.getPrivate(), Cipher.MODE_ENCRYPT);
cipherRSA.doFinal(buffer, ISO7816.OFFSET_CDATA, len, buffer, (short) 0);
apdu.setOutgoingAndSend((short) 0, RSA_KEY_LENGTH_BYTES);
}
Example #2
| Source File: TransitApplet.java From JCMathLib with MIT License | 6 votes |
|
/**
* Verifies the PIN.
*
* @param apdu
* The APDU
*/
private void verify(APDU apdu) {
byte[] buffer = apdu.getBuffer();
byte numBytes = buffer[ISO7816.OFFSET_LC];
byte count = (byte) apdu.setIncomingAndReceive();
if (numBytes != count) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
// Verify PIN
if (pin.check(buffer, ISO7816.OFFSET_CDATA, numBytes) == false) {
ISOException.throwIt(SW_VERIFICATION_FAILED);
}
}
Example #3
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_INV_MOD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_BN_INV_MOD_1);
Bignat num1 = m_testBN1;
num1.set_size(p1);
PM.check(PM.TRAP_BN_INV_MOD_2);
Bignat mod = m_testBN2;
mod.set_size((short) (dataLen - p1));
PM.check(PM.TRAP_BN_INV_MOD_3);
num1.from_byte_array(p1, (short)0, apdubuf, ISO7816.OFFSET_CDATA);
mod.from_byte_array((short)(dataLen-p1), (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
PM.check(PM.TRAP_BN_INV_MOD_4);
num1.mod_inv(mod);
PM.check(PM.TRAP_BN_INV_MOD_5);
short len = num1.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #4
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_POW2_MOD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
short p2 = (short) (apdubuf[ISO7816.OFFSET_P2] & 0x00FF);
PM.check(PM.TRAP_BN_POW2_MOD_1);
Bignat num1 = m_testBN1;
num1.set_size(p1);
Bignat mod = m_testBN3;
mod.set_size((short) (dataLen - p1));
num1.from_byte_array(p1, (short) 0, apdubuf, ISO7816.OFFSET_CDATA);
mod.from_byte_array((short) (dataLen - p1), (short) 0, apdubuf, (short) (ISO7816.OFFSET_CDATA + p1));
PM.check(PM.TRAP_BN_POW2_MOD_2);
//num1.pow2Mod_RSATrick(mod);
num1.mod_exp2(mod);
PM.check(PM.TRAP_BN_POW2_MOD_3);
short len = num1.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #5
| Source File: LedgerWalletApplet.java From ledger-javacard with GNU Affero General Public License v3.0 | 6 votes |
|
private static void handleAdmSetKeycardSeed(APDU apdu, boolean airgap) throws ISOException {
byte[] buffer = apdu.getBuffer();
short offset = ISO7816.OFFSET_CDATA;
byte keyLength;
apdu.setIncomingAndReceive();
if ((setup == TC.TRUE) || (setup != TC.FALSE)) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
if (buffer[ISO7816.OFFSET_LC] != (byte)(KEYCARD_KEY_LENGTH + 1)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
if ((buffer[offset] == (byte)0) || (buffer[offset] > TC.MAX_KEYCARD_DIGIT_ADDRESS)) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
if (!airgap) {
Keycard.setIssuer(buffer[offset], buffer, (short)(offset + 1));
}
else {
Crypto.initCipherAES(pairingKey, false);
Crypto.blobEncryptDecryptAES.doFinal(buffer, (short)(offset + 1), (short)16, scratch256, (short)0);
Keycard.setIssuer(buffer[offset], scratch256, (short)0);
}
}
Example #6
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_MUL_MOD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
short p2 = (short) (apdubuf[ISO7816.OFFSET_P2] & 0x00FF);
PM.check(PM.TRAP_BN_MUL_MOD_1);
Bignat num1 = m_testBN1;
num1.set_size(p1);
PM.check(PM.TRAP_BN_MUL_MOD_2);
Bignat num2 = m_testBN2;
num2.set_size(p2);
PM.check(PM.TRAP_BN_MUL_MOD_3);
Bignat mod = m_testBN3;
mod.set_size((short) (dataLen - p1 - p2));
PM.check(PM.TRAP_BN_MUL_MOD_4);
num1.from_byte_array(p1, (short)0, apdubuf, ISO7816.OFFSET_CDATA);
num2.from_byte_array(p2, (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
mod.from_byte_array((short)(dataLen-p1-p2), (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1+p2));
PM.check(PM.TRAP_BN_MUL_MOD_5);
num1.mod_mult(num1, num2, mod);
PM.check(PM.TRAP_BN_MUL_MOD_6);
short len = num1.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #7
| Source File: STPayP.java From CardExamples with The Unlicense | 6 votes |
|
private void getMobileKey(APDU apdu) throws ISOException {
byte[] apduBuffer = apdu.getBuffer();
// Check if P1=0x00 and P2=0x00.
if (Util.getShort(apduBuffer, ISO7816.OFFSET_P1) != (short) 0x0000) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
short dataLength = apdu.setOutgoing();
// Check if Le=0x00.
if (dataLength != (short) 256) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
// Check if Mobile Key is initialized.
if (!this.dataEncryption.isMobileKeyInit()) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
dataLength = this.dataEncryption.getMobileKey(apduBuffer, (short) 0);
apdu.setOutgoingLength(dataLength);
apdu.sendBytes((short) 0, dataLength);
}
Example #8
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_ADD_MOD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
short p2 = (short) (apdubuf[ISO7816.OFFSET_P2] & 0x00FF);
PM.check(PM.TRAP_BN_ADD_MOD_1);
Bignat num1 = m_testBN1;
num1.set_size(p1);
PM.check(PM.TRAP_BN_ADD_MOD_2);
Bignat num2 = m_testBN2;
num2.set_size(p2);
PM.check(PM.TRAP_BN_ADD_MOD_3);
Bignat mod = m_testBN3;
mod.set_size((short) (dataLen - p1 - p2));
PM.check(PM.TRAP_BN_ADD_MOD_4);
num1.from_byte_array(p1, (short)0, apdubuf, ISO7816.OFFSET_CDATA);
num2.from_byte_array(p2, (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
PM.check(PM.TRAP_BN_ADD_MOD_5);
mod.from_byte_array((short)(dataLen-p1-p2), (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1+p2));
PM.check(PM.TRAP_BN_ADD_MOD_6);
num1.mod_add(num2, mod);
PM.check(PM.TRAP_BN_ADD_MOD_7);
short len = num1.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #9
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_INT_ADD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_INT_ADD_1);
//Integer num_add_1 = new Integer(dataLen, (short) 0, apdubuf, ISO7816.OFFSET_CDATA);
Integer num_add_1 = m_testINT1;
num_add_1.fromByteArray(apdubuf, ISO7816.OFFSET_CDATA, p1);
PM.check(PM.TRAP_INT_ADD_2);
//Integer num_add_2 = new Integer((short) (dataLen - p1), (short) 0, apdubuf, (short) (ISO7816.OFFSET_CDATA + p1));
Integer num_add_2 = m_testINT2;
num_add_2.fromByteArray(apdubuf, (short) (ISO7816.OFFSET_CDATA + p1), p1);
PM.check(PM.TRAP_INT_ADD_3);
num_add_1.add(num_add_2);
PM.check(PM.TRAP_INT_ADD_4);
short len = num_add_1.toByteArray(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #10
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_INT_SUB(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_INT_SUB_1);
Integer num_sub_1 = m_testINT1;
num_sub_1.fromByteArray(apdubuf, ISO7816.OFFSET_CDATA, p1);
Integer num_sub_2 = m_testINT2;
num_sub_2.fromByteArray(apdubuf, (short) (ISO7816.OFFSET_CDATA + p1), p1);
PM.check(PM.TRAP_INT_SUB_2);
num_sub_1.subtract(num_sub_2);
PM.check(PM.TRAP_INT_SUB_3);
short len = num_sub_1.toByteArray(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #11
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_EXP(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
short p2 = (short) (apdubuf[ISO7816.OFFSET_P2] & 0x00FF);
PM.check(PM.TRAP_BN_EXP_1);
Bignat base = m_testBN1;
base.set_size(p1);
PM.check(PM.TRAP_BN_EXP_2);
Bignat exp = m_testBN2;
exp.set_size((short) (dataLen - p1));
PM.check(PM.TRAP_BN_EXP_3);
Bignat res = m_testBN3;
res.set_size((short) (m_ecc.MAX_BIGNAT_SIZE / 2));
PM.check(PM.TRAP_BN_EXP_4);
base.from_byte_array(p1, (short) 0, apdubuf, ISO7816.OFFSET_CDATA);
exp.from_byte_array((short) (dataLen - p1), (short) 0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
PM.check(PM.TRAP_BN_EXP_5);
res.exponentiation(base, exp);
PM.check(PM.TRAP_BN_EXP_6);
short len = res.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #12
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_INT_MUL(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_INT_MUL_1);
Integer num_mul_1 = m_testINT1;
num_mul_1.fromByteArray(apdubuf, ISO7816.OFFSET_CDATA, p1);
Integer num_mul_2 = m_testINT2;
num_mul_2.fromByteArray(apdubuf, (short) (ISO7816.OFFSET_CDATA + p1), p1);
PM.check(PM.TRAP_INT_MUL_2);
num_mul_1.multiply(num_mul_2);
PM.check(PM.TRAP_INT_MUL_3);
short len = num_mul_1.toByteArray(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #13
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_SUB(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_BN_SUB_1);
Bignat sub1 = m_testBN1;
sub1.set_size(p1);
PM.check(PM.TRAP_BN_SUB_2);
Bignat sub2 = m_testBN2;
sub2.set_size((short) (dataLen - p1));
PM.check(PM.TRAP_BN_SUB_3);
Bignat result = m_testBN3;
result.set_size((short) (p1 + 1));
PM.check(PM.TRAP_BN_SUB_4);
sub1.from_byte_array(dataLen, (short)0, apdubuf, ISO7816.OFFSET_CDATA);
sub2.from_byte_array(dataLen, (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
PM.check(PM.TRAP_BN_SUB_5);
result.copy(sub1);
PM.check(PM.TRAP_BN_SUB_6);
result.subtract(sub2);
PM.check(PM.TRAP_BN_SUB_7);
short len = result.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #14
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_INT_DIV(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_INT_DIV_1);
Integer num_div_1 = m_testINT1;
num_div_1.fromByteArray(apdubuf, ISO7816.OFFSET_CDATA, p1);
Integer num_div_2 = m_testINT2;
num_div_2.fromByteArray(apdubuf, (short) (ISO7816.OFFSET_CDATA + p1), p1);
PM.check(PM.TRAP_INT_DIV_2);
num_div_1.divide(num_div_2);
PM.check(PM.TRAP_INT_DIV_3);
short len = num_div_1.toByteArray(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #15
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_INT_MOD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_INT_MOD_1);
Integer num_mod_1 = m_testINT1;
num_mod_1.fromByteArray(apdubuf, ISO7816.OFFSET_CDATA, p1);
Integer num_mod_2 = m_testINT2;
num_mod_2.fromByteArray(apdubuf, (short) (ISO7816.OFFSET_CDATA + p1), p1);
PM.check(PM.TRAP_INT_MOD_2);
num_mod_1.modulo(num_mod_2);
PM.check(PM.TRAP_INT_MOD_3);
short len = num_mod_1.toByteArray(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #16
| Source File: Gpg.java From OpenPGP-Card with GNU General Public License v3.0 | 6 votes |
|
/**
* Store the fixed length incoming APDU data in a buffer. If the APDU data length is less than the
* maximum length, the data will be padded with zeroes.
*/
void storeFixedLength(APDU apdu, byte[] destination, short offset, short maximum_length) {
byte[] buffer = apdu.getBuffer();
// When writing DOs, PW1 really means PW1 submitted as PW2.
if (!pins[PIN_INDEX_PW3].isValidated()) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
}
short length = (short) (buffer[ISO7816.OFFSET_LC] & 0x00FF);
if (length > maximum_length || apdu.setIncomingAndReceive() != length) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
Util.arrayCopy(buffer, ISO7816.OFFSET_CDATA, destination, offset, length);
if (maximum_length > length) {
Util.arrayFillNonAtomic(destination, (short) (offset + length),
(short) (maximum_length - length), (byte) 0);
}
}
Example #17
| Source File: IsoApplet.java From IsoApplet with GNU General Public License v3.0 | 6 votes |
|
/**
* \brief Process the GET RESPONSE APDU (INS=C0).
*
* If there is content available in ram_buf that could not be sent in the last operation,
* the host should use this APDU to get the data. The data is cached in ram_buf.
*
* \param apdu The GET RESPONSE apdu.
*
* \throw ISOException SW_CONDITIONS_NOT_SATISFIED, SW_UNKNOWN, SW_CORRECT_LENGTH.
*/
private void processGetResponse(APDU apdu) {
byte[] buf = apdu.getBuffer();
short le = apdu.setOutgoing();
if( ! pin.isValidated() ) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
}
if(ram_chaining_cache[RAM_CHAINING_CACHE_OFFSET_BYTES_REMAINING] <= (short) 0) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
short expectedLe = ram_chaining_cache[RAM_CHAINING_CACHE_OFFSET_BYTES_REMAINING] > 256 ?
256 : ram_chaining_cache[RAM_CHAINING_CACHE_OFFSET_BYTES_REMAINING];
if(le != expectedLe) {
ISOException.throwIt( (short)(ISO7816.SW_CORRECT_LENGTH_00 | expectedLe) );
}
sendLargeData(apdu, ram_chaining_cache[RAM_CHAINING_CACHE_OFFSET_CURRENT_POS],
ram_chaining_cache[RAM_CHAINING_CACHE_OFFSET_BYTES_REMAINING]);
}
Example #18
| Source File: LedgerWalletApplet.java From ledger-javacard with GNU Affero General Public License v3.0 | 6 votes |
|
private static void handleVerifyPin(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
if ((setup == TC.FALSE) || (setup != TC.TRUE)) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
if (buffer[ISO7816.OFFSET_P1] == P1_GET_REMAINING_ATTEMPTS) {
buffer[0] = walletPin.getTriesRemaining();
apdu.setOutgoingAndSend((short)0, (short)1);
return;
}
apdu.setIncomingAndReceive();
if (buffer[ISO7816.OFFSET_LC] != walletPinSize) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
Util.arrayFillNonAtomic(scratch256, (short)0, WALLET_PIN_SIZE, (byte)0xff);
Util.arrayCopyNonAtomic(buffer, ISO7816.OFFSET_CDATA, scratch256, (short)0, walletPinSize);
if (!walletPin.check(scratch256, (short)0, WALLET_PIN_SIZE)) {
if (walletPin.getTriesRemaining() == 0) {
reset();
}
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
}
}
Example #19
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_BN_ADD(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
short p1 = (short) (apdubuf[ISO7816.OFFSET_P1] & 0x00FF);
PM.check(PM.TRAP_BN_ADD_1);
Bignat num1 = m_testBN1;
num1.set_size(p1);
PM.check(PM.TRAP_BN_ADD_2);
Bignat num2 = m_testBN2;
num2.set_size((short) (dataLen - p1));
PM.check(PM.TRAP_BN_ADD_3);
Bignat sum = m_testBN3;
sum.set_size((short) (p1 + 1));
PM.check(PM.TRAP_BN_ADD_4);
num1.from_byte_array(p1, (short)0, apdubuf, ISO7816.OFFSET_CDATA);
num2.from_byte_array((short) (dataLen - p1), (short)0, apdubuf, (short)(ISO7816.OFFSET_CDATA+p1));
PM.check(PM.TRAP_BN_ADD_5);
sum.copy(num1);
PM.check(PM.TRAP_BN_ADD_6);
sum.add(num2);
PM.check(PM.TRAP_BN_ADD_7);
short len = sum.copy_to_buffer(apdubuf, (short) 0);
apdu.setOutgoingAndSend((short) 0, len);
}
Example #20
| Source File: OCUnitTests.java From JCMathLib with MIT License | 6 votes |
|
void test_EC_SETCURVE_G(APDU apdu, short dataLen) {
byte[] apdubuf = apdu.getBuffer();
Util.arrayCopyNonAtomic(apdubuf, ISO7816.OFFSET_CDATA, m_customG, (short) 0, dataLen);
PM.check(PM.TRAP_EC_SETCURVE_1);
if (apdubuf[ISO7816.OFFSET_P2] == 1) { // If required, complete new custom curve and point is allocated
m_testCurveCustom = new ECCurve(false, SecP256r1.p, SecP256r1.a, SecP256r1.b, m_customG, SecP256r1.r);
m_testPointCustom = new ECPoint(m_testCurveCustom, m_ecc.ech);
PM.check(PM.TRAP_EC_SETCURVE_2);
// Release unused previous objects
if (!bIsSimulator) {
JCSystem.requestObjectDeletion();
}
}
else {
// Otherwise, only G is set and relevant objects are updated
m_testCurveCustom.setG(apdubuf, (short) ISO7816.OFFSET_CDATA, m_testCurveCustom.POINT_SIZE);
m_testPointCustom.updatePointObjects(); // After changing curve parameters, internal objects needs to be actualized
}
}
Example #21
| Source File: PayPassAgent.java From CardExamples with The Unlicense | 6 votes |
|
private byte[] queryCache(APDU apdu, short len)
{
//check the cache for a response
byte[] cmd = new byte[len];
for(short i=0;i<len;i++)
cmd[i] = apdu.getBuffer()[i];
byte[] rsp = null;
if(cache!=null)
{
rsp = cache.getRsp(cmd);
if(rsp==null)
sendApduCFailure();
}
else
sendApduCFailure();
return rsp;
}
Example #22
| Source File: NdefApplet.java From openjavacard-ndef with GNU General Public License v3.0 | 6 votes |
|
/**
* Check if file access should be granted
*
* This will perform all necessary checks to determine
* if an operation can currently be allowed within the
* policy specified in ACCESS.
*
* @param access policy to be checked
* @return true if access granted, false otherwise
*/
private boolean checkAccess(byte[] data, byte access) {
if(!FEATURE_ADVANCED_ACCESS_CONTROL) {
// simple access control
return access == FILE_ACCESS_OPEN;
} else {
// get protocol and media information
byte protocol = APDU.getProtocol();
byte media = (byte) (protocol & APDU.PROTOCOL_MEDIA_MASK);
// make the decision
switch (access) {
case FILE_ACCESS_OPEN:
return true;
case FILE_ACCESS_PROP_CONTACT_ONLY:
return media == APDU.PROTOCOL_MEDIA_DEFAULT;
case FILE_ACCESS_PROP_WRITE_ONCE:
return data[0] == 0 && data[1] == 0;
default:
case FILE_ACCESS_NONE:
return false;
}
}
}
Example #23
| Source File: NdefApplet.java From openjavacard-ndef with GNU General Public License v3.0 | 5 votes |
|
/**
* Process an APDU
*
* This is the outer layer of our APDU dispatch.
*
* It deals with the CLA and INS of the APDU,
* leaving the rest to an INS-specific function.
*
* @param apdu to be processed
* @throws ISOException on error
*/
public final void process(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
byte ins = buffer[ISO7816.OFFSET_INS];
// handle selection of the applet
if(selectingApplet()) {
vars[VAR_SELECTED_FILE] = FILEID_NONE;
return;
}
// secure messaging is not supported
if(apdu.isSecureMessagingCLA()) {
ISOException.throwIt(ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED);
}
// process commands to the applet
if(apdu.isISOInterindustryCLA()) {
if (ins == INS_SELECT) {
processSelect(apdu);
} else if (ins == INS_READ_BINARY) {
processReadBinary(apdu);
} else if (ins == INS_UPDATE_BINARY) {
if(FEATURE_WRITING) {
processUpdateBinary(apdu);
} else {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
}
} else {
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
} else {
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}
}
Example #24
| Source File: LedgerWalletApplet.java From ledger-javacard with GNU Affero General Public License v3.0 | 5 votes |
|
private static void handleHasCachedPublicKey(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
apdu.setIncomingAndReceive();
short offset = ISO7816.OFFSET_CDATA;
byte derivationSize = buffer[offset++];
if (derivationSize > MAX_DERIVATION_PATH) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
boolean result = Bip32Cache.hasPublic(buffer, offset, derivationSize);
buffer[0] = (result ? (byte)0x01 : (byte)0x00);
apdu.setOutgoingAndSend((short)0, (short)1);
}
Example #25
| Source File: GidsPINManager.java From GidsApplet with GNU General Public License v3.0 | 5 votes |
|
/**
* \brief Process the RESET RETRY COUNTER apdu (INS = 2C).
*
* This is used to unblock the PIN with the PUK and set a new PIN value.
*
* \param apdu The RESET RETRY COUNTER apdu.
*
* \throw ISOException SW_COMMAND_NOT_ALLOWED, ISO7816.SW_WRONG_LENGTH, SW_INCORRECT_P1P2,
* SW_PIN_TRIES_REMAINING.
*/
public void processResetRetryCounter(APDU apdu) throws ISOException {
byte[] buf = apdu.getBuffer();
byte p1 = buf[ISO7816.OFFSET_P1];
byte p2 = buf[ISO7816.OFFSET_P2];
short lc;
GidsPIN pin = null;
if(isInInitializationMode) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
}
if(p1 == (byte) 0x02) {
// this suppose a previous authentication of the admin via
// external or mutual authenticate
lc = apdu.setIncomingAndReceive();
// only P2 = 80 is specified
if (p2 != (byte) 0x80) {
ISOException.throwIt(ErrorCode.SW_REFERENCE_DATA_NOT_FOUND);
}
try {
pin = GetPINByReference(p2);
} catch(NotFoundException e) {
ISOException.throwIt(ErrorCode.SW_REFERENCE_DATA_NOT_FOUND);
}
if (!CheckExternalOrMutualAuthentication()) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
}
// Check length.
pin.CheckLength((byte) lc);
// Set PIN value
pin.update(buf, ISO7816.OFFSET_CDATA, (byte)lc);
pin.resetAndUnblock();
// admin is deauthenticated at the end of the process
DeauthenticateAllPin();
} else {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
}
Example #26
| Source File: CardAgent.java From CardExamples with The Unlicense | 5 votes |
|
@Override
public void sentApdu() {
// Check if last APDU sent.
if (this.apduState == APDU_SENDING_LAST) {
// Reset parameter.
this.selected = false;
if (APDU.getCurrentAPDU().getTransactionSuccess()) {
// DEBUG
long transactionStopTime = System.currentTimeMillis();
Log.i(LOG_TAG, "Transaction Timestamp=" + transactionStopTime +
" Elapsed=" + (transactionStopTime - this.transactionStartTime) + "ms");
if (this.transactionVerificationLogs != null) {
// Save transaction data in Transaction Verification Log.
TransactionVerificationLog transactionVerificationLog = new TransactionVerificationLog(this.accountParametersIndex,
this.transactionType,
this.unpredictableNumber);
this.transactionVerificationLogs.put(String.valueOf(transactionVerificationLog.getUtcTimestamp()),
transactionVerificationLog);
// Attempt to save Transaction Verification Log in remote card applet.
putTransactionVerificationLog();
}
}
}
this.apduState = APDU_SENT;
}
Example #27
| Source File: GidsPINManager.java From GidsApplet with GNU General Public License v3.0 | 5 votes |
|
/**
* \brief Process the general authentication process
*/
public void processGeneralAuthenticate(APDU apdu) {
byte[] buf = apdu.getBuffer();
byte p1 = buf[ISO7816.OFFSET_P1];
byte p2 = buf[ISO7816.OFFSET_P2];
short lc;
if(isInInitializationMode) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
}
if(p1 != (byte) 0x00 || p2 != (byte) 0x00 ) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
// Bytes received must be Lc.
lc = apdu.setIncomingAndReceive();
short innerPos = 0, innerLen = 0;
if (buf[ISO7816.OFFSET_CDATA] != (byte) 0x7C) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
try {
innerLen = UtilTLV.decodeLengthField(buf, (short) (ISO7816.OFFSET_CDATA+1));
innerPos = (short) (ISO7816.OFFSET_CDATA + 1 + UtilTLV.getLengthFieldLength(buf, (short) (ISO7816.OFFSET_CDATA+1)));
} catch (InvalidArgumentsException e1) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
// inner functions never return if their input tag is found
if (CheckForExternalChallenge(apdu, buf, innerPos, innerLen)) {
return;
}
if (CheckForChallengeResponse(apdu, buf, innerPos, innerLen)) {
return;
}
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
Example #28
| Source File: LedgerWalletApplet.java From ledger-javacard with GNU Affero General Public License v3.0 | 5 votes |
|
private static void handleGetContactlessLimit(APDU apdu) throws ISOException {
if ((setup == TC.FALSE) || (setup != TC.TRUE)) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
Util.arrayCopyNonAtomic(limits, (short)0, scratch256, (short)0, LIMIT_LAST);
apdu.setOutgoingAndSend((short)0, LIMIT_LAST);
}
Example #29
| Source File: LedgerWalletApplet.java From ledger-javacard with GNU Affero General Public License v3.0 | 5 votes |
|
private static void handleAirgapKeyAgreement(APDU apdu) throws ISOException {
short offset = (short)0;
byte[] buffer = apdu.getBuffer();
apdu.setIncomingAndReceive();
checkAirgapPersonalizationAvailable();
if (buffer[ISO7816.OFFSET_P1] == P1_INITIATE_PAIRING) {
if (buffer[ISO7816.OFFSET_LC] != (byte)65) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
pairingDone = false;
Crypto.keyPair.genKeyPair();
Crypto.keyAgreement.init((ECPrivateKey)Crypto.keyPair.getPrivate());
Crypto.keyAgreement.generateSecret(buffer, ISO7816.OFFSET_CDATA, (short)65, scratch256, (short)0);
pairingKey.setKey(scratch256, (short)0);
((ECPublicKey)Crypto.keyPair.getPublic()).getW(buffer, offset);
offset += (short)65;
Crypto.signature.init(attestationPrivate, Signature.MODE_SIGN);
Crypto.signature.sign(buffer, (short)0, (short)65, buffer, offset);
offset += (short)(buffer[(short)(offset + 1)] + 2);
apdu.setOutgoingAndSend((short)0, offset);
}
else
if (buffer[ISO7816.OFFSET_P1] == P1_CONFIRM_PAIRING) {
if (buffer[ISO7816.OFFSET_LC] != (byte)32) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
Crypto.initCipherAES(pairingKey, false);
Crypto.blobEncryptDecryptAES.doFinal(buffer, ISO7816.OFFSET_CDATA, (short)32, scratch256, (short)0);
pairingKey.setKey(scratch256, (short)0);
pairingDone = true;
}
else {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
}
Example #30
| Source File: NdefApplet.java From openjavacard-ndef with GNU General Public License v3.0 | 5 votes |
|
/**
* Process an APDU
*
* This is the outer layer of our APDU dispatch.
*
* It deals with the CLA and INS of the APDU,
* leaving the rest to an INS-specific function.
*
* @param apdu to be processed
* @throws ISOException on error
*/
public final void process(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
byte ins = buffer[ISO7816.OFFSET_INS];
// handle selection of the applet
if(selectingApplet()) {
vars[VAR_SELECTED_FILE] = FILEID_NONE;
return;
}
// secure messaging is not supported
if(apdu.isSecureMessagingCLA()) {
ISOException.throwIt(ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED);
}
// process commands to the applet
if(apdu.isISOInterindustryCLA()) {
if (ins == INS_SELECT) {
processSelect(apdu);
} else if (ins == INS_READ_BINARY) {
processReadBinary(apdu);
} else if (ins == INS_UPDATE_BINARY) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
} else {
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
} else {
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}
}
