(Javacard)如何知道错误的原因?

时间:2014-06-12 06:57:19

标签: exception rsa javacard

我不明白SW(6300)出现的原因。 (objRSAKeyPair.genKeyPair())

我正在实现具有2048位密钥大小的RSA Sinature。 在1024位的情况下,没有问题。 但是,在2048位的情况下,卡输出SW 6300。

因为我想知道确切的原因, 我在下面实现了Exception代码,输出了详细原因。

    private RSAPrivateCrtKey    objRSAPriKey=null;
    private RSAPublicKey    objRSAPubKey=null;
    private KeyPair     objRSAKeyPair=null;
    private Signature       objRSASign=null;

    ...

public static void install(byte[] bArray, short bOffset, byte bLength){
    new AAA(bArray, bOffset, bLength);
}

private AAA(byte bArray[], short bOffset, byte bLength){    

    // Create RSA Keys and Pair
    objRSAPriKey = (RSAPrivateCrtKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_CRT_PRIVATE, KeyBuilder.LENGTH_RSA_2048, false);
    objRSAPubKey = (RSAPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC,  KeyBuilder.LENGTH_RSA_2048, false);
    objRSAKeyPair= new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);        

    try {
        objRSAKeyPair.genKeyPair(); // [[[ Error Position ]]]
    }
    catch(CryptoException c)
    {    
        short reason = c.getReason();   
        ISOException.throwIt(reason);       
    }

    // Create Signature Object
    objRSASign = Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1, false);

    register();     
}

但是卡仍然输出6300,而不是原因代码。 也许JCRE输出错误6300。

我无法理解为什么JCRE输出SW 6300,这意味着基于GPSpec的“主机密码验证失败”。 错误代码部分正在生成RSA的密钥对,而不是身份验证。

<我的问题>

  1. 如何了解详细原因。 (我不确定Exception代码 部分)
  2. 如果该卡不支持RSA 2048位,我期待的是 由于捕获代码部分,卡将输出“0003”。但我不能 了解SW 6300。

    3. 有没有人成为我的英雄? 提前谢谢。

    我改变了我的代码。 (请参阅下面的完整代码) 我按照你的意见,所以我将代码部分移动到进程()。 但它仍然输出SW 6300。 请分享您宝贵的知识和经验。

    package Test;

import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;

public class Test extends Applet{

private RSAPrivateCrtKey    objRSAPriKey=null;      // Object for RSA Private Key
private RSAPublicKey            objRSAPubKey=null;      // Object for RSA Public Key
private KeyPair                     objRSAKeyPair=null;     // Object for RSA Key Pair
private Signature               objRSASign=null;            // Object for RSA Signature

public static void install(byte[] bArray, short bOffset, byte bLength){
    new Test(bArray, bOffset, bLength);
}

private Test(byte bArray[], short bOffset, byte bLength){   

    // Create RSA Keys and Pair
    objRSAPriKey = (RSAPrivateCrtKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_CRT_PRIVATE, KeyBuilder.LENGTH_RSA_2048, false);
    objRSAPubKey = (RSAPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC,  KeyBuilder.LENGTH_RSA_2048, false);
    objRSAKeyPair= new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);        

    objRSASign = Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1, false);

    register();
}

public void process(APDU apdu){
    byte buf[] = apdu.getBuffer();

    try {
        objRSAKeyPair.genKeyPair();     // [[[ Error Position ]]]
        ISOException.throwIt((short)0x9999);        // for check
    }
    catch(CryptoException c)
    {    
        //this line will give you the reason of problem 
        short reason = c.getReason();   
        ISOException.throwIt(reason);       // for check
    }
    finally 
    {
        ISOException.throwIt((short)0x8888);        // for check
    }

    return; 
}

}

    这是APDU命令/响应

    1。 (2048位)Applet安装阶段 

    [ Connecting a Card in Terminal(ACS ACR122U PICC Interface 0) ]
- ATR(S) = 3B8E8001107880B0020031C0641F270100FF06
*** A Card is connected successfully

[ Mutual Authentication ]
[  Card  ] <==  00A4040008A000000003000000
[  Card  ] ==>  6F3D8408A000000003000000A5319F6E2A4790516882310258006B31444347311B6BC11142335811433358114433582A35000000000000000000009F6501FF9000
[  Card  ] <==  80500000082AF02FECBAED72B9
[  Card  ] ==>  000031444347311B6BC1FF020075CAA6408FCB3D6B964E5D3DD3F1E59000
[  Card  ] <==  8482000010A3C6E4CD3AD0D1636C8CC48696E0634C
[  Card  ] ==>  9000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  07D410650990009007009000
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D410650990003000010008D41065099000900001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
- D410650990009000
[ Applet AID List ]
- D4106509900090
*** Successful Mutual Authentication 

[ Delete Package ] - D410650990009000
[  Card  ] <==  80E400800A4F08D410650990009000
[  Card  ] ==>  009000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  6A88
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D41065099000300001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
[ Applet AID List ]
*** Package is deleted Successfully 

[ File Open ] 
- D:\Data\javacard\MobileOTP.cap
*** File is Opened and Parsed Successfully 

[ Load Cap ] - D:\Data\javacard\MobileOTP.cap
- Package AID : D410650990009000
- Applet AID : D4106509900090
- Instance AID : D4106509900090
[  Card  ] <==  80500000085EB7B1E16359F9C4
[  Card  ] ==>  000031444347311B6BC1FF020076711B2F5F02B4B725430BA4ECD63C9000
[  Card  ] <==  8482000010BECAD21E1061B522A3EFF4B4220814CC
[  Card  ] ==>  9000
[  Card  ] <==  80E602000D08D41065099000900000000000
[  Card  ] ==>  009000
[  Card  ] <==  80E8000019C48201B2010012DECAFFED010204000108D410650990009000
[  Card  ] ==>  009000
[  Card  ] <==  80E800012202001F0012001F000B0015004E000C00C0000A00220000009E000000000000020100
[  Card  ] ==>  009000
[  Card  ] <==  80E800021804001502020107A0000000620101020107A0000000620102
[  Card  ] ==>  009000
[  Card  ] <==  80E800030E03000B0107D41065099000900021
[  Card  ] ==>  009000
[  Card  ] <==  80E800040F06000C008003040004070100000080
[  Card  ] ==>  009000
[  Card  ] <==  80E80005C30700C0040087000B009A000E0087800B00AE0000009A800C00AE000000AE800200AE000005308F00043D181D1E8C00063B7A0540188C000518018700180187011801870218018703181006110800038D00079400000887001807110800038D0007940000098701188F000A3D051108008C000B870218100A038D000C8703188B000D7A0124198B000F2DAD028B00101199998D00111188888D001170212E1B8B0012290416048D00111188888D0011700D28051188888D00111505931177778D00117A
[  Card  ] ==>  009000
[  Card  ] <==  80E800060D08000A00000000000000000000
[  Card  ] ==>  009000
[  Card  ] <==  80E800075105004E00130200000002000001020000020200000301000000068003000600002F06810D000181070001810900018110000681100006810F000380030101810C0003800A01038110010680070103810C01
[  Card  ] ==>  009000
[  Card  ] <==  80E8800825090022000938040404100F0E090E0015071D07081A040B0406080906070606060707060A09
[  Card  ] ==>  009000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  6A88
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D410650990003000010008D41065099000900001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
- D410650990009000
[ Applet AID List ]
*** Cap File is Loaded Successfully 

[ Load Cap ] - D:\Data\javacard\MobileOTP.cap
[  Card  ] <==  80E60C001F08D41065099000900007D410650990009007D4106509900090010002C90000
[  Card  ] ==>  009000

    2。 (2048位)选择文件命令/响应 

    [ Connecting a Card in Terminal(ACS ACR122U PICC Interface 0) ]
- ATR(S) = 3B8E8001107880B0020031C0641F270100FF06
*** A Card is connected successfully

[  Card  ] <==  00A4040007D4106509900090
[  Card  ] ==>  6300

    3。 (1024位)Applet安装阶段 

    [ Connecting a Card in Terminal(ACS ACR122U PICC Interface 0) ]
- ATR(S) = 3B8E8001107880B0020031C0641F270100FF06
*** A Card is connected successfully

[ Mutual Authentication ]
[  Card  ] <==  00A4040008A000000003000000
[  Card  ] ==>  6F3D8408A000000003000000A5319F6E2A4790516882310258006B31444347311B6BC11142335811433358114433582A35000000000000000000009F6501FF9000
[  Card  ] <==  8050000008751EA7EA3CEA231D
[  Card  ] ==>  000031444347311B6BC1FF020073A2DF15969C21B0FE25E1397D60969000
[  Card  ] <==  8482000010C42CD2687C233DF4758159521D136FBE
[  Card  ] ==>  9000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  07D410650990009007009000
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D410650990003000010008D41065099000900001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
- D410650990009000
[ Applet AID List ]
- D4106509900090
*** Successful Mutual Authentication 

[ Delete Package ] - D410650990009000
[  Card  ] <==  80E400800A4F08D410650990009000
[  Card  ] ==>  009000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  6A88
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D41065099000300001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
[ Applet AID List ]
*** Package is deleted Successfully 

[ File Open ] 
- D:\Data\javacard\MobileOTP.cap
*** File is Opened and Parsed Successfully 

[ Load Cap ] - D:\Data\javacard\MobileOTP.cap
- Package AID : D410650990009000
- Applet AID : D4106509900090
- Instance AID : D4106509900090
[  Card  ] <==  805000000804800FCB0DD217FD
[  Card  ] ==>  000031444347311B6BC1FF020074009D775BA6E7CDC4AC1062CB20DC9000
[  Card  ] <==  8482000010EF96094F97DD5D4C163DF64AF2E04C7A
[  Card  ] ==>  9000
[  Card  ] <==  80E602000D08D41065099000900000000000
[  Card  ] ==>  009000
[  Card  ] <==  80E8000019C48201B2010012DECAFFED010204000108D410650990009000
[  Card  ] ==>  009000
[  Card  ] <==  80E800012202001F0012001F000B0015004E000C00C0000A00220000009E000000000000020100
[  Card  ] ==>  009000
[  Card  ] <==  80E800021804001502020107A0000000620101020107A0000000620102
[  Card  ] ==>  009000
[  Card  ] <==  80E800030E03000B0107D41065099000900021
[  Card  ] ==>  009000
[  Card  ] <==  80E800040F06000C008003040004070100000080
[  Card  ] ==>  009000
[  Card  ] <==  80E80005C30700C0040087000B009A000E0087800B00AE0000009A800C00AE000000AE800200AE000005308F00043D181D1E8C00063B7A0540188C000518018700180187011801870218018703181006110400038D00079400000887001807110400038D0007940000098701188F000A3D051104008C000B870218100A038D000C8703188B000D7A0124198B000F2DAD028B00101199998D00111188888D001170212E1B8B0012290416048D00111188888D0011700D28051188888D00111505931177778D00117A
[  Card  ] ==>  009000
[  Card  ] <==  80E800060D08000A00000000000000000000
[  Card  ] ==>  009000
[  Card  ] <==  80E800075105004E00130200000002000001020000020200000301000000068003000600002F06810D000181070001810900018110000681100006810F000380030101810C0003800A01038110010680070103810C01
[  Card  ] ==>  009000
[  Card  ] <==  80E8800825090022000938040404100F0E090E0015071D07081A040B0406080906070606060707060A09
[  Card  ] ==>  009000
[  Card  ] <==  80F28000024F00
[  Card  ] ==>  08A000000003000000019E9000
[  Card  ] <==  80F24000024F00
[  Card  ] ==>  6A88
[  Card  ] <==  80F22000024F00
[  Card  ] ==>  07A0000000035350010008D410000004900300010008D410650990001000010008D410650990003000010008D41065099000900001009000
[ Package AID List ]
- A0000000035350
- D410000004900300
- D410650990001000
- D410650990003000
- D410650990009000
[ Applet AID List ]
*** Cap File is Loaded Successfully 

[ Load Cap ] - D:\Data\javacard\MobileOTP.cap
[  Card  ] <==  80E60C001F08D41065099000900007D410650990009007D4106509900090010002C90000
[  Card  ] ==>  009000

    4。 (1024位)选择文件命令/响应 

    [ Connecting a Card in Terminal(ACS ACR122U PICC Interface 0) ]
- ATR(S) = 3B8E8001107880B0020031C0641F270100FF06
*** A Card is connected successfully

[  Card  ] <==  00A4040007D4106509900090
[  Card  ] ==>  8888                        // finally() { ... }

    1。案例1

    SW:8888 

    public void process(APDU apdu){
    byte buf[] = apdu.getBuffer();

  try {

      // Case 1
      ISOException.throwIt((short)0x6300);      // for check
      ISOException.throwIt((short)0x5555);      // for check
      objRSAKeyPair.genKeyPair();

      ISOException.throwIt((short)0x9999);      // for check
  }
  catch(CryptoException c)
  {    
      //this line will give you the reason of problem 
      short reason = c.getReason();   
      ISOException.throwIt(reason);     // for check
  }
  catch(ISOException c)
  {    
      ISOException.throwIt((short)0x6666);      // for check
  }
  finally 
  {
      ISOException.throwIt((short)0x8888);      // for check
  }
  ISOException.throwIt((short)0x7777);      // for check

  return;   
}

    2。案例2

    SW:8888 

    public void process(APDU apdu){
    byte buf[] = apdu.getBuffer();

  try {

      // Case 2
      //ISOException.throwIt((short)0x6300);        // for check
      ISOException.throwIt((short)0x5555);      // for check
      objRSAKeyPair.genKeyPair();


      ISOException.throwIt((short)0x9999);      // for check
  }
  catch(CryptoException c)
  {    
      //this line will give you the reason of problem 
      short reason = c.getReason();   
      ISOException.throwIt(reason);     // for check
  }
  catch(ISOException c)
  {    
      ISOException.throwIt((short)0x6666);      // for check
  }
  finally 
  {
      ISOException.throwIt((short)0x8888);      // for check
  }
  ISOException.throwIt((short)0x7777);      // for check

  return;   
}

    3。案例3

    SW:6300 

    public void process(APDU apdu){
    byte buf[] = apdu.getBuffer();

  try {

      // Case 3
      //ISOException.throwIt((short)0x6300);        // for check
      //ISOException.throwIt((short)0x5555);        // for check
      objRSAKeyPair.genKeyPair();

      ISOException.throwIt((short)0x9999);      // for check
  }
  catch(CryptoException c)
  {    
      //this line will give you the reason of problem 
      short reason = c.getReason();   
      ISOException.throwIt(reason);     // for check
  }
  catch(ISOException c)
  {    
      ISOException.throwIt((short)0x6666);      // for check
  }
  finally 
  {
      ISOException.throwIt((short)0x8888);      // for check
  }
  ISOException.throwIt((short)0x7777);      // for check

  return;   
}

0 个答案:

没有答案
相关问题
最新问题