我想在卡和终端之间生成安全通道。这是我的代码:
final static byte INIT_UPDATE = (byte) 0x50;
final static byte EXT_AUTHENTICATE = (byte) 0x82;
SecureChannel sc;
public void process(APDU apdu) throws ISOException {
if (selectingApplet()) {
return;
}
byte[] buffer = apdu.getBuffer();
short inlength = 0;
try
{
switch (buffer[ISO7816.OFFSET_INS]) {
case INIT_UPDATE:
case EXT_AUTHENTICATE:
makeSecureChannel(apdu);
break;
}
catch (CryptoException e)
{
short r = e.getReason();
ISOException.throwIt(r);
}
}
private void makeSecureChannel(APDU apdu)
{
byte[] buf = apdu.getBuffer();
byte cla = buf[ISO7816.OFFSET_CLA];
byte ins = buf[ISO7816.OFFSET_INS];
try
{
apdu.setIncomingAndReceive();
if(ins == INIT_UPDATE)
{
sc = GPSystem.getSecureChannel();
}
short len = sc.processSecurity(apdu);
apdu.setOutgoing();
apdu.setOutgoingLength(len);
apdu.sendBytes(ISO7816.OFFSET_CDATA, (short) len);
}
catch(APDUException ex1)
{
ISOException.throwIt(ex1.getReason());
}
}
当我发送命令80 50 20 00 08 01 15 6A 2A F5 64 87 CF时,我收到错误6a88,当我发送命令00 50 20 00 08 01 15 6A 2A F5 64 87 CF时,我收到错误6e00。
每个人都可以帮助我吗?
答案 0 :(得分:2)
状态字var rx = /^(?:religion = (.*)|\d+(?:\.\d+){2} = {([^}]*)})/gm;
var str = "# 1 - Vestisland\n\n# County Title\ntitle = c_vestisland\n\n# Settlements\nmax_settlements = 2\nb_reykjavik = tribal\n\n#b_alftanes = city\n#b_skalholt = temple\n#b_pingvellir = castle\n#b_kjalarnes = castle\n#b_hvamm = castle\n#b_hlidarendi = castle\n#b_borg = castle\n\n# Misc\nculture = norse\nreligion = zoroastrian\nterrain = arctic\n\n# History\n867.1.1 = {\n b_reykjavik = tb_shipyard_1\n}\n900.1.1 = {\n b_reykjavik = castle\n\n b_reykjavik = ca_shipyard_1 b_alftanes = city\n}\n1000.1.1 = {\n culture = norwegian\n religion = zoroastrian = sunni = catholic\n}";
console.log(str.match(rx));不是很有趣。这意味着您发送了错误的CLA(类)字节。这是因为INITIALIZE UPDATE没有在ISO 7816中定义,因此它是一个专有命令。专有命令必须设置其专有位。所以类字节6E00是唯一正确的。
请注意,让我们关注INIT UPDATE:80的响应。 6A88表示"未找到参考数据"。这可能意味着P1和P2引用的键不匹配。将P1和P2都放到6A88以确保自动选择密钥(如果要在P1中明确选择密钥版本,请检查响应数据中的"密钥信息")。