编写以下程序进行AES加密以检查侧通道攻击:
public class DoAES extends Applet {
//Required Objects
static Cipher myCipher;
static AESKey myAESKey;
//Supported APDU commands INS byte
final static byte SET_KEY = (byte) 0x12;
final static byte WRITE_TEXT = (byte) 0x04;
final static byte READ_TEXT = (byte) 0xC0;
private DoAES() {
register();
try {
myCipher = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_ECB_NOPAD, false);
myAESKey = (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES,
KeyBuilder.LENGTH_AES_128, false);
} catch (CryptoException e) {
ISOException.throwIt(((CryptoException) e).getReason());
}
}
public static void install(byte bArray[], short bOffset, byte bLength)
throws ISOException {
}
public void process(APDU apdu) throws ISOException {
if (selectingApplet()) {
return;
}
byte[] cipheredData = JCSystem.makeTransientByteArray((short) 0x10, JCSystem.CLEAR_ON_RESET);
byte[] buffer = apdu.getBuffer();
if (buffer[ISO7816.OFFSET_CLA] != 0x80) {
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}
try {
switch (buffer[ISO7816.OFFSET_INS]) {
case SET_KEY:
myAESKey.setKey(buffer, (short) ISO7816.OFFSET_CDATA);
myCipher.init(myAESKey, Cipher.MODE_ENCRYPT);
break;
case WRITE_TEXT:
myCipher.doFinal(buffer, (short) ISO7816.OFFSET_CDATA, (short) 0x10, cipheredData, (short) 0);
break;
case READ_TEXT:
Util.arrayCopyNonAtomic(cipheredData, (short) 0, buffer, (short) 0, (short) 0x10);
apdu.setOutgoingAndSend((short) 0, (short) 0x10);
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
} catch (CryptoException e) {
ISOException.throwIt(((CryptoException) e).getReason());
}
}
}
问题是我无法安装它的CAP文件:
E:\SmartCard\Developing\InterfaceTools\GP>gp -install e:\capFiles\CryptoAES.cap
-v -d
# Detected readers from SunPCSC
[*] ACS CCID USB Reader 0
SCardConnect("ACS CCID USB Reader 0", T=*) -> T=1, 3BF91300008131FE454A434F50323
4325233A2
SCardBeginTransaction("ACS CCID USB Reader 0")
Reader: ACS CCID USB Reader 0
ATR: 3BF91300008131FE454A434F503234325233A2
More information about your card:
http://smartcard-atr.appspot.com/parse?ATR=3BF91300008131FE454A434F503234325
233A2
A>> T=1 (4+0000) 00A40400 00
A<< (0102+2) (56ms) 6F648408A000000151000000A5589F6501FF9F6E06479123474100734906
072A864886FC6B01600B06092A864886FC6B020202630906072A864886FC6B03640B06092A864886
FC6B040255650B06092B8510864864020103660C060A2B060104012A026E0102 9000
Auto-detected ISD AID: A000000151000000
A>> T=1 (4+0008) 80500000 08 89C42F8DA7E814F1
A<< (0028+2) (69ms) 00004198001714974248FF0204721AD0CC3CAB8C1FD8E2857ACE2172 900
0
Host challenge: 89C42F8DA7E814F1
Card challenge: 04721AD0CC3CAB8C
Card reports SCP02 with version 255 keys
Master keys:
Version 0
ENC: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
MAC: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
KEK: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
Sequnce counter: 0472
Derived session keys:
Version 0
ENC: Ver:0 ID:0 Type:DES3 Len:16 Value:6933DB121F1F0E78D6F80BB6B943517D
MAC: Ver:0 ID:0 Type:DES3 Len:16 Value:C2529DB4C06C6EA04A2D23F825AA4E6B
KEK: Ver:0 ID:0 Type:DES3 Len:16 Value:F9BA8FFC41F264475F338D9FA1AD5C24
Verified card cryptogram: 1FD8E2857ACE2172
Calculated host cryptogram: AAD022A9DD40BEE7
A>> T=1 (4+0016) 84820100 10 AAD022A9DD40BEE7678811CE3C8FE4EA
A<< (0000+2) (66ms) 9000
CAP file (v2.1) generated on Thu Aug 20 21:38:40 IRDT 2015
By Sun Microsystems Inc. converter [v3.0.2] with JDK 1.7.0_21 (Oracle Corporati
on)
Package: cryptoAESPack v1.0 with AID 01020304050102
Applet: DoAES with AID 010203040501
Import: A0000000620101 v1.4
Import: A0000000620201 v1.4
Import: A0000000620102 v1.4
Import: A0000000620001 v1.0
A>> T=1 (4+0010) 84F28000 0A 4F00AAD6B94DC54B70D4
A<< (0011+2) (46ms) 08A000000151000000019E 9000
A>> T=1 (4+0010) 84F24000 0A 4F00F4C9DB26967B84D3
A<< (0000+2) (42ms) 6A88
A>> T=1 (4+0010) 84F22000 0A 4F00301624FAAD324F3F
A<< (0010+2) (46ms) 07A00000015153500100 9000
A>> T=1 (4+0010) 84F21000 0A 4F00A9CF0F84516E5CFF
A<< (0020+2) (49ms) 07A000000151535001000108A000000151535041 9000
A>> T=1 (4+0028) 84E60200 1C 070102030405010208A000000151000000000000EAE3841084D
7A56A
A<< (0001+2) (64ms) 9000
A>> T=1 (4+0255) 84E80000 FF C48201BD010011DECAFFED01020400010701020304050102020
01F0011001F000A00290046000C00C4000A001F0000009600040000000004010004002904040107A
0000000620101040107A0000000620201040107A0000000620102000107A000000062000103000A0
106010203040501003F06000C00800300FF000701000000420700C402001B8019003600010065805
200B900010311188C0000188B0002100E038D00037F0004100F110080038D0005940000067F00077
00A2C198B00088D00097A00307A0623188B000A60037A1010048D000B2D198B000C2E1B032511008
06A08116E008D00091B04257500490003FFC000360001F1280856B9B411
A<< (0001+2) (243ms) 9000
A>> T=1 (4+0210) 84E88001 D2 040027001200117B00071B088E030006047B00047B0007058B0
00D702A7B00041B0810101A038B000E3B701B1A031B0310108D000F3B190310108B00107008116D0
08D0009700C280415048B00088D00097A08000A00040002000000000000050046001106800300018
20C0003800301068101000500000006820D00018214000500000203820C010680070103800303068
0080D03800A0103810103038101010680100203800A0809001F0000001B070806040603090403070
30A09050F170604030405090C080809031D0586517E40977E
A<< (0001+2) (622ms) 9000
CAP loaded
A>> T=1 (4+0036) 84E60C00 24 07010203040501020601020304050106010203040501010002C
90000B7006AE1FA0B81A2
A<< (0000+2) (93ms) 6A80
pro.javacard.gp.GPException: Install for Install and make selectable failed SW:
6A80
at pro.javacard.gp.GlobalPlatform.check(GlobalPlatform.java:1096)
at pro.javacard.gp.GlobalPlatform.installAndMakeSelectable(GlobalPlatfor
m.java:802)
at pro.javacard.gp.GPTool.main(GPTool.java:478)
E:\SmartCard\Developing\InterfaceTools\GP>
答案 0 :(得分:5)
我认为问题出在您的install
方法中。它什么都不做,虽然它应该创建你的applet的实例并注册它。这就是为什么您的卡片管理员无法选择它 - 没有可供选择的小程序。
试试这个:
public DoAES() {
try {
myCipher = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_ECB_NOPAD, false);
myAESKey = (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES,
KeyBuilder.LENGTH_AES_128, false);
} catch (CryptoException e) {
ISOException.throwIt(((CryptoException) e).getReason());
}
}
public static void install(byte bArray[], short bOffset, byte bLength)
throws ISOException {
(new DoAES()).register();
}