本文整理汇总了Java中javacard.framework.ISO7816.OFFSET_CDATA属性的典型用法代码示例。如果您正苦于以下问题:Java ISO7816.OFFSET_CDATA属性的具体用法?Java ISO7816.OFFSET_CDATA怎么用?Java ISO7816.OFFSET_CDATA使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类javacard.framework.ISO7816
的用法示例。
在下文中一共展示了ISO7816.OFFSET_CDATA属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: computeHmac
private void computeHmac(APDU apdu, byte[] buffer) {
if (buffer[ISO7816.OFFSET_P1] != (byte)20 && buffer[ISO7816.OFFSET_P1] != (byte)64)
ISOException.throwIt(SW_INCORRECT_P1);
if (buffer[ISO7816.OFFSET_P2] != (byte) 0x00)
ISOException.throwIt(SW_INCORRECT_P2);
short avail = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (apdu.setIncomingAndReceive() != avail)
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
short pos= ISO7816.OFFSET_CDATA;//apdu.getOffsetCdata(); //(short) ISO7816.OFFSET_CDATA;
short key_size=Util.getShort(buffer, pos);
pos+=2;
pos+=key_size;
short msg_size=Util.getShort(buffer, pos);
pos+=2;
short hashSize=0;
if (buffer[ISO7816.OFFSET_P1]==(byte)20)
hashSize= HmacSha160.computeHmacSha160(buffer, (short)(ISO7816.OFFSET_CDATA+2), key_size, buffer, pos, msg_size, buffer, (short)0);
else if (buffer[ISO7816.OFFSET_P1]==(byte)64)
hashSize= HmacSha512.computeHmacSha512(buffer, (short)(ISO7816.OFFSET_CDATA+2), key_size, buffer, pos, msg_size, buffer, (short)0);
apdu.setOutgoingAndSend((short) 0, hashSize);
return;
}
示例2: handleAdmSetKeycardSeed
private static void handleAdmSetKeycardSeed(APDU apdu, boolean airgap) throws ISOException {
byte[] buffer = apdu.getBuffer();
short offset = ISO7816.OFFSET_CDATA;
byte keyLength;
apdu.setIncomingAndReceive();
if ((setup == TC.TRUE) || (setup != TC.FALSE)) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
if (buffer[ISO7816.OFFSET_LC] != (byte)(KEYCARD_KEY_LENGTH + 1)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
}
if ((buffer[offset] == (byte)0) || (buffer[offset] > TC.MAX_KEYCARD_DIGIT_ADDRESS)) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
if (!airgap) {
Keycard.setIssuer(buffer[offset], buffer, (short)(offset + 1));
}
else {
Crypto.initCipherAES(pairingKey, false);
Crypto.blobEncryptDecryptAES.doFinal(buffer, (short)(offset + 1), (short)16, scratch256, (short)0);
Keycard.setIssuer(buffer[offset], scratch256, (short)0);
}
}
示例3: GetOperationParamsOffset
short GetOperationParamsOffset(byte operationCode, APDU apdu) {
byte[] apdubuf = apdu.getBuffer();
short dataLen = apdu.getIncomingLength();
// Check correctness of basic structure and expected operation
short offset = ISO7816.OFFSET_CDATA;
if (apdubuf[offset] != Consts.TLV_TYPE_MPCINPUTPACKET) ISOException.throwIt(Consts.SW_INVALIDPACKETSTRUCTURE);
offset++;
short packetLen = Util.getShort(apdubuf, offset);
if (packetLen < 1 || packetLen > dataLen) ISOException.throwIt(Consts.SW_INVALIDPACKETSTRUCTURE); // at least 1 byte of packet content required for operationCode
offset += 2;
if (apdubuf[offset] != operationCode) ISOException.throwIt(Consts.SW_INVALIDPACKETSTRUCTURE);
return offset;
}
示例4: processGeneralAuthenticate
/**
* \brief Process the general authentication process
*/
public void processGeneralAuthenticate(APDU apdu) {
byte[] buf = apdu.getBuffer();
byte p1 = buf[ISO7816.OFFSET_P1];
byte p2 = buf[ISO7816.OFFSET_P2];
short lc;
if(isInInitializationMode) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
}
if(p1 != (byte) 0x00 || p2 != (byte) 0x00 ) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
// Bytes received must be Lc.
lc = apdu.setIncomingAndReceive();
short innerPos = 0, innerLen = 0;
if (buf[ISO7816.OFFSET_CDATA] != (byte) 0x7C) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
try {
innerLen = UtilTLV.decodeLengthField(buf, (short) (ISO7816.OFFSET_CDATA+1));
innerPos = (short) (ISO7816.OFFSET_CDATA + 1 + UtilTLV.getLengthFieldLength(buf, (short) (ISO7816.OFFSET_CDATA+1)));
} catch (InvalidArgumentsException e1) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
// inner functions never return if their input tag is found
if (CheckForExternalChallenge(apdu, buf, innerPos, innerLen)) {
return;
}
if (CheckForChallengeResponse(apdu, buf, innerPos, innerLen)) {
return;
}
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
示例5: CreatePIN
/**
* This function creates a PIN with parameters specified by the P1, P2 and DATA
* values. P2 specifies the maximum number of consecutive unsuccessful
* verifications before the PIN blocks. PIN can be created only if one of the logged identities
* allows it.
*
* ins: 0x40
* p1: PIN number (0x00-0x07)
* p2: max attempt number
* data: [PIN_size(1b) | PIN | UBLK_size(1b) | UBLK]
* return: none
*/
private void CreatePIN(APDU apdu, byte[] buffer) {
byte pin_nb = buffer[ISO7816.OFFSET_P1];
byte num_tries = buffer[ISO7816.OFFSET_P2];
/* Check that Identity n.0 is logged */
if ((create_pin_ACL == (byte) 0xFF)
|| (((logged_ids & create_pin_ACL) == (short) 0x0000) && (create_pin_ACL != (byte) 0x00)))
ISOException.throwIt(SW_UNAUTHORIZED);
if ((pin_nb < 0) || (pin_nb >= MAX_NUM_PINS) || (pins[pin_nb] != null))
ISOException.throwIt(SW_INCORRECT_P1);
/* Allow pin lengths > 127 (useful at all ?) */
short avail = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (apdu.setIncomingAndReceive() != avail)
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// At least 1 character for PIN and 1 for unblock code (+ lengths)
if (avail < 4)
ISOException.throwIt(SW_INVALID_PARAMETER);
byte pin_size = buffer[ISO7816.OFFSET_CDATA];
if (avail < (short) (1 + pin_size + 1))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (!CheckPINPolicy(buffer, (short) (ISO7816.OFFSET_CDATA + 1), pin_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
byte ucode_size = buffer[(short) (ISO7816.OFFSET_CDATA + 1 + pin_size)];
if (avail != (short) (1 + pin_size + 1 + ucode_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (!CheckPINPolicy(buffer, (short) (ISO7816.OFFSET_CDATA + 1 + pin_size + 1), ucode_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
pins[pin_nb] = new OwnerPIN(num_tries, PIN_MAX_SIZE);
pins[pin_nb].update(buffer, (short) (ISO7816.OFFSET_CDATA + 1), pin_size);
ublk_pins[pin_nb] = new OwnerPIN((byte) 3, PIN_MAX_SIZE);
// Recycle variable pin_size
pin_size = (byte) (ISO7816.OFFSET_CDATA + 1 + pin_size + 1);
ublk_pins[pin_nb].update(buffer, pin_size, ucode_size);
}
示例6: CreateObject
/**
* This function creates an object that will be identified by the provided object ID.
* The object�s space and name will be allocated until deleted using MSCDeleteObject.
* The object will be allocated upon the card's memory heap.
* Object creation is only allowed if the object ID is available and logged in
* identity(-ies) have sufficient privileges to create objects.
*
* ins: 0x5A
* p1: 0x00
* p2: 0x00
* data: [object_id(4b) | object_size(4b) | object_ACL(6b)]
* where ACL is Read-Write-Delete
* return: none
*/
private void CreateObject(APDU apdu, byte[] buffer) {
short bytesLeft = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (bytesLeft != apdu.setIncomingAndReceive())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
if ((create_object_ACL == (byte) 0xFF)
|| (((logged_ids & create_object_ACL) == (short) 0x0000) && (create_object_ACL != (byte) 0x00)))
ISOException.throwIt(SW_UNAUTHORIZED);
// ID + Size + ACL = 14 bytes
if (bytesLeft != (short) (4 + 4 + ObjectManager.OBJ_ACL_SIZE))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (buffer[ISO7816.OFFSET_P1] != 0x00)
ISOException.throwIt(SW_INCORRECT_P1);
if (buffer[ISO7816.OFFSET_P2] != 0x00)
ISOException.throwIt(SW_INCORRECT_P2);
// Retrieve Object ID.
short obj_class = Util.getShort(buffer, ISO7816.OFFSET_CDATA);
short obj_id = Util.getShort(buffer, (short) (ISO7816.OFFSET_CDATA + (short) 2));
// Check if object exists
if (om.exists(obj_class, obj_id))
ISOException.throwIt(SW_OBJECT_EXISTS);
// Check if object size in supported range: M.S.Word must be 0x0000 AND
// M.S.Bit of L.S.Word must be 0
if ((Util.getShort(buffer, (short) (ISO7816.OFFSET_CDATA + 4)) != 0x0000)
|| (buffer[(short) (ISO7816.OFFSET_CDATA + 6)] < 0))
ISOException.throwIt(SW_NO_MEMORY_LEFT);
// Check for zero size
if (Util.getShort(buffer, (short) (ISO7816.OFFSET_CDATA + 6)) == 0x0000)
ISOException.throwIt(SW_INVALID_PARAMETER);
// Actually create object
om.createObject(obj_class, obj_id,
// Skip 2 M.S.Bytes of Size (only handle short sizes)
Util.getShort(buffer, (short) (ISO7816.OFFSET_CDATA + 6)), buffer, (short) (ISO7816.OFFSET_CDATA + 8));
}
示例7: handleDelete
private void handleDelete(byte[] buf) {
short offs = ISO7816.OFFSET_CDATA;
if(buf[offs++] != NAME_TAG) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
short len = getLength(buf, offs);
offs += getLengthBytes(len);
OathObj object = OathObj.findObject(buf, offs, len);
if(object != null) {
object.setActive(false);
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
}
示例8: personalise
/**
* Store a number of attributes (with corresponding signatures) on the card
*
* @param apdu APDU containing attribute/signature pairs
*/
private void personalise(APDU apdu) {
short offset = ISO7816.OFFSET_CDATA;
byte[] buffer = apdu.getBuffer();
// Set attributeCount
short attribute_count = Util.getShort(buffer, offset);
offset += 2;
for (short k = 0; k < attribute_count; k++) {
// Store the attribute ID (1 byte)
short index = (short)(buffer[offset]-1);
attribute_id[index] = buffer[offset];
offset += 1;
// Store the attribute signature (POINT_SIZE bytes)
Util.arrayCopyNonAtomic(buffer, offset, (byte[]) attribute_signature[index], _0, POINT_SIZE);
offset += POINT_SIZE;
// Store the length of the attribute (1 short == 2 bytes)
attribute_length[index] = Util.getShort(buffer, offset);
offset += 2;
// Store the attribute value and its length (length bytes)
Util.arrayCopyNonAtomic(buffer, offset, (byte[]) attribute_value[index], _0, attribute_length[index]);
offset += attribute_length[index];
}
}
示例9: handleHasCachedPublicKey
private static void handleHasCachedPublicKey(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
apdu.setIncomingAndReceive();
short offset = ISO7816.OFFSET_CDATA;
byte derivationSize = buffer[offset++];
if (derivationSize > MAX_DERIVATION_PATH) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
boolean result = Bip32Cache.hasPublic(buffer, offset, derivationSize);
buffer[0] = (result ? (byte)0x01 : (byte)0x00);
apdu.setOutgoingAndSend((short)0, (short)1);
}
示例10: handleStorePublicKey
private static void handleStorePublicKey(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
apdu.setIncomingAndReceive();
short offset = ISO7816.OFFSET_CDATA;
byte derivationSize = buffer[offset++];
byte i;
if (Crypto.keyAgreement == null) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
if (derivationSize > MAX_DERIVATION_PATH) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
Crypto.initCipher(chipKey, false);
Crypto.blobEncryptDecrypt.doFinal(masterDerived, (short)0, (short)DEFAULT_SEED_LENGTH, scratch256, (short)0);
i = Bip32Cache.copyPrivateBest(buffer, (short)(ISO7816.OFFSET_CDATA + 1), derivationSize, scratch256, (short)0);
for (; i<derivationSize; i++) {
Util.arrayCopyNonAtomic(buffer, (short)(offset + 4 * i), scratch256, Bip32.OFFSET_DERIVATION_INDEX, (short)4);
if ((proprietaryAPI == null) && ((scratch256[Bip32.OFFSET_DERIVATION_INDEX] & (byte)0x80) == 0)) {
if (!Bip32Cache.setPublicIndex(buffer, (short)(ISO7816.OFFSET_CDATA + 1), i)) {
ISOException.throwIt(SW_PUBLIC_POINT_NOT_AVAILABLE);
}
}
if (!Bip32.derive(buffer)) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
Bip32Cache.storePrivate(buffer, (short)(ISO7816.OFFSET_CDATA + 1), (byte)(i + 1), scratch256);
}
offset += (short)(derivationSize * 4);
Crypto.random.generateData(scratch256, (short)32, (short)32);
signTransientPrivate(scratch256, (short)0, scratch256, (short)32, scratch256, (short)64);
if (Crypto.verifyPublic(buffer, offset, scratch256, (short)32, scratch256, (short)64)) {
Bip32Cache.storePublic(buffer, (short)(ISO7816.OFFSET_CDATA + 1), derivationSize, buffer, offset);
}
else {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
}
示例11: handleGetHalfPublicKey
private static void handleGetHalfPublicKey(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
apdu.setIncomingAndReceive();
short offset = ISO7816.OFFSET_CDATA;
byte derivationSize = buffer[offset++];
byte i;
if (Crypto.keyAgreement == null) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
if (derivationSize > MAX_DERIVATION_PATH) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
Crypto.initCipher(chipKey, false);
Crypto.blobEncryptDecrypt.doFinal(masterDerived, (short)0, (short)DEFAULT_SEED_LENGTH, scratch256, (short)0);
i = Bip32Cache.copyPrivateBest(buffer, (short)(ISO7816.OFFSET_CDATA + 1), derivationSize, scratch256, (short)0);
for (; i<derivationSize; i++) {
Util.arrayCopyNonAtomic(buffer, (short)(offset + 4 * i), scratch256, Bip32.OFFSET_DERIVATION_INDEX, (short)4);
if ((proprietaryAPI == null) && ((scratch256[Bip32.OFFSET_DERIVATION_INDEX] & (byte)0x80) == 0)) {
if (!Bip32Cache.setPublicIndex(buffer, (short)(ISO7816.OFFSET_CDATA + 1), i)) {
ISOException.throwIt(SW_PUBLIC_POINT_NOT_AVAILABLE);
}
}
if (!Bip32.derive(buffer)) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
Bip32Cache.storePrivate(buffer, (short)(ISO7816.OFFSET_CDATA + 1), (byte)(i + 1), scratch256);
}
Crypto.initTransientPrivate(scratch256, (short)0);
Crypto.keyAgreement.init(Crypto.transientPrivate);
Crypto.keyAgreement.generateSecret(Secp256k1.SECP256K1_G, (short)0, (short)Secp256k1.SECP256K1_G.length, scratch256, (short)32);
offset = 0;
Crypto.random.generateData(buffer, (short)offset, (short)32);
offset += 32;
Util.arrayCopyNonAtomic(scratch256, (short)32, buffer, offset, (short)32);
offset += 32;
signTransientPrivate(scratch256, (short)0, buffer, (short)0, buffer, offset);
offset += buffer[(short)(offset + 1)] + 2;
Crypto.digestScratch.doFinal(buffer, (short)0, (short)32, buffer, (short)0);
apdu.setOutgoingAndSend((short)0, offset);
}
示例12: handleHashSignDerive
private static void handleHashSignDerive(APDU apdu, boolean checkStage) throws ISOException {
byte[] buffer = apdu.getBuffer();
short offset = ISO7816.OFFSET_CDATA;
byte i;
apdu.setIncomingAndReceive();
if (checkStage) {
checkInterfaceConsistency();
if (TC.ctx[TC.TX_B_TRANSACTION_STATE] != Transaction.STATE_SIGN_READY) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
}
byte derivationSize = buffer[offset++];
if (derivationSize > MAX_DERIVATION_PATH) {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
Crypto.initCipher(chipKey, false);
Crypto.blobEncryptDecrypt.doFinal(masterDerived, (short)0, (short)DEFAULT_SEED_LENGTH, scratch256, (short)0);
i = Bip32Cache.copyPrivateBest(buffer, (short)(ISO7816.OFFSET_CDATA + 1), derivationSize, scratch256, (short)0);
offset += (short)(i * 4);
for (; i<derivationSize; i++) {
Util.arrayCopyNonAtomic(buffer, offset, scratch256, Bip32.OFFSET_DERIVATION_INDEX, (short)4);
if ((proprietaryAPI == null) && ((scratch256[Bip32.OFFSET_DERIVATION_INDEX] & (byte)0x80) == 0)) {
if (!Bip32Cache.setPublicIndex(buffer, (short)(ISO7816.OFFSET_CDATA + 1), i)) {
ISOException.throwIt(SW_PUBLIC_POINT_NOT_AVAILABLE);
}
}
if (!Bip32.derive(buffer)) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
}
Bip32Cache.storePrivate(buffer, (short)(ISO7816.OFFSET_CDATA + 1), (byte)(i + 1), scratch256);
offset += (short)4;
}
}
示例13: GenerateSymmetricKey
/**
* This function generates a symmetric key using the card's on board key generation
* process. The key number, key type, and key size (in bits) are specified
* by arguments P1 and P2 and by provided DATA.
*
* ins: 0x31
* p1: symmetric key number (0x00-0x0F)
* p2: 0x00
* data: [key_type(1) | key_size(2) | key_ACL(6)]
* return: none
*/
private void GenerateSymmetricKey(APDU apdu, byte[] buffer) {
short bytesLeft = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (bytesLeft != apdu.setIncomingAndReceive())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
byte key_nb = buffer[ISO7816.OFFSET_P1];
if ((key_nb < 0) || (key_nb >= MAX_NUM_KEYS))
ISOException.throwIt(SW_INCORRECT_P1);
/* If we're going to overwrite a key contents, check ACL */
if ((keys[key_nb] != null) && keys[key_nb].isInitialized() && !authorizeKeyOp(key_nb,ACL_WRITE))
ISOException.throwIt(SW_UNAUTHORIZED);
/*** Start reading key blob header***/
// blob header= [ key_type(1) | key_size(2) | key_ACL(6)]
// Check entire blob header
if (bytesLeft < 9)
ISOException.throwIt(SW_INVALID_PARAMETER);
short dataOffset= ISO7816.OFFSET_CDATA;
byte key_type = buffer[dataOffset];
dataOffset++; // Skip Key Type
bytesLeft--;
short key_size = Util.getShort(buffer, dataOffset);
dataOffset += (short) 2; // Skip Key Size
bytesLeft -= (short) 2;
Util.arrayCopy(buffer, dataOffset, keyACLs, (short) (key_nb * KEY_ACL_SIZE), KEY_ACL_SIZE);
dataOffset += (short) 6; // Skip ACL
bytesLeft -= (short) 6;
if (randomData == null)
randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
switch (key_type) {
case KeyBuilder.TYPE_AES:
AESKey aes_key = (AESKey) getKey(key_nb, key_type, key_size);
randomData.generateData(recvBuffer,(short)0,(short)(key_size/8));
aes_key.setKey(recvBuffer, (short)0);
break;
case KeyBuilder.TYPE_DES:
DESKey des_key = (DESKey) getKey(key_nb, key_type, key_size);
randomData.generateData(recvBuffer,(short)0,(short)(key_size/8));
des_key.setKey(recvBuffer, (short)0);
break;
default:
ISOException.throwIt(SW_INCORRECT_ALG);
}
// clear recvBuffer
Util.arrayFillNonAtomic(recvBuffer, (short)0, (short)(key_size/8), (byte)0);
}
示例14: ChangePIN
/**
* This function changes a PIN code. The DATA portion contains both the old and
* the new PIN codes.
*
* ins: 0x44
* p1: PIN number (0x00-0x07)
* p2: 0x00
* data: [PIN_size(1b) | old_PIN | PIN_size(1b) | new_PIN ]
* return: none (throws an exception in case of wrong PIN)
*/
private void ChangePIN(APDU apdu, byte[] buffer) {
/*
* Here I suppose the PIN code is small enough that 2 of them enter in
* the buffer TODO: Verify the assumption and eventually adjust code to
* support reading PINs in multiple read()s
*/
byte pin_nb = buffer[ISO7816.OFFSET_P1];
if ((pin_nb < 0) || (pin_nb >= MAX_NUM_PINS))
ISOException.throwIt(SW_INCORRECT_P1);
OwnerPIN pin = pins[pin_nb];
if (pin == null)
ISOException.throwIt(SW_INCORRECT_P1);
if (buffer[ISO7816.OFFSET_P2] != (byte) 0x00)
ISOException.throwIt(SW_INCORRECT_P2);
short avail = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (apdu.setIncomingAndReceive() != avail)
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// At least 1 charachter for each PIN code
if (avail < 4)
ISOException.throwIt(SW_INVALID_PARAMETER);
byte pin_size = buffer[ISO7816.OFFSET_CDATA];
if (avail < (short) (1 + pin_size + 1))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (!CheckPINPolicy(buffer, (short) (ISO7816.OFFSET_CDATA + 1), pin_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
byte new_pin_size = buffer[(short) (ISO7816.OFFSET_CDATA + 1 + pin_size)];
if (avail < (short) (1 + pin_size + 1 + new_pin_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (!CheckPINPolicy(buffer, (short) (ISO7816.OFFSET_CDATA + 1 + pin_size + 1), new_pin_size))
ISOException.throwIt(SW_INVALID_PARAMETER);
if (pin.getTriesRemaining() == (byte) 0x00)
ISOException.throwIt(SW_IDENTITY_BLOCKED);
if (!pin.check(buffer, (short) (ISO7816.OFFSET_CDATA + 1), pin_size)) {
LogoutIdentity(pin_nb);
ISOException.throwIt(SW_AUTH_FAILED);
}
pin.update(buffer, (short) (ISO7816.OFFSET_CDATA + 1 + pin_size + 1), new_pin_size);
// JC specifies this resets the validated flag. So we do.
logged_ids &= (short) ((short) 0xFFFF ^ (0x01 << pin_nb));
}
示例15: signShortMessage
/**
* This function signs short Bitcoin message using std or Bip32 extended key in 1 APDU
*
* ins: 0x72
* p1: key number or 0xFF for the last derived Bip32 extended key
* p2: 0x00
* data: [msg_size(2b) | msg_data]
*
* return: [sig]
*
*/
private void signShortMessage(APDU apdu, byte[] buffer){
byte key_nb = buffer[ISO7816.OFFSET_P1];
if ( (key_nb!=(byte)0xFF) && ((key_nb < 0)||(key_nb >= MAX_NUM_KEYS)) ) // debug!!
ISOException.throwIt(SW_INCORRECT_P1);
if (buffer[ISO7816.OFFSET_P2] != (byte) 0x00)
ISOException.throwIt(SW_INCORRECT_P2);
short bytesLeft = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
if (bytesLeft != apdu.setIncomingAndReceive())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// chek ACL
if (key_nb==(byte)0xFF && !authorizeKeyOp(bip32_extendedACL, ACL_USE))
ISOException.throwIt(SW_UNAUTHORIZED);
if (key_nb!=(byte)0xFF && !authorizeKeyOp(key_nb, ACL_USE))
ISOException.throwIt(SW_UNAUTHORIZED);
// check whether the seed is initialized
if (key_nb==(byte)0xFF && !bip32_seeded)
ISOException.throwIt(SW_BIP32_UNINITIALIZED_SEED);
// copy message header to tmp buffer
Util.arrayCopyNonAtomic(BITCOIN_SIGNED_MESSAGE_HEADER, (short)0, recvBuffer, (short)0, (short)BITCOIN_SIGNED_MESSAGE_HEADER.length);
short recvOffset= (short)BITCOIN_SIGNED_MESSAGE_HEADER.length;
// buffer data = [2-byte size | n-byte message to sign]
short offset= (short)ISO7816.OFFSET_CDATA;
short msgSize= Util.getShort(buffer, offset);
recvOffset+= Biginteger.encodeShortToVarInt(msgSize, recvBuffer, recvOffset);
offset+=2;
Util.arrayCopyNonAtomic(buffer, offset, recvBuffer, recvOffset, msgSize);
offset+= msgSize;
recvOffset+= msgSize;
// hash SHA-256
sha256.reset();
sha256.doFinal(recvBuffer, (short) 0, recvOffset, recvBuffer, (short) 0);
// set key & sign
if (key_nb==(byte)0xFF)
sigECDSA.init(bip32_extendedkey, Signature.MODE_SIGN);
else{
Key key= keys[key_nb];
if (key.getType()!=KeyBuilder.TYPE_EC_FP_PRIVATE)
ISOException.throwIt(SW_INCORRECT_ALG);
sigECDSA.init(key, Signature.MODE_SIGN);
}
short sign_size= sigECDSA.sign(recvBuffer, (short)0, (short)32, buffer, (short)0);
apdu.setOutgoingAndSend((short) 0, sign_size);
}