List of usage examples for javax.smartcardio ResponseAPDU getData
public byte[] getData()
From source file:src.eidreader.EstEIDUtil.java
private byte[] readBinary() throws CardException, IOException { int offset = 0; ByteArrayOutputStream baos = new ByteArrayOutputStream(); byte[] data;//from w w w .j a v a2 s . com do { CommandAPDU readBinaryApdu = new CommandAPDU(0x00, 0xB0, offset >> 8, offset & 0xFF, BLOCK_SIZE); ResponseAPDU responseApdu = transmit(readBinaryApdu); int sw = responseApdu.getSW(); if (0x6B00 == sw) { /* * Wrong parameters (offset outside the EF) End of file reached. * Can happen in case the file size is a multiple of 0xff bytes. */ break; } if (0x9000 != sw) { throw new IOException("APDU response error: " + responseApdu.getSW()); } /* * Introduce some delay for old Belpic V1 eID cards. */ // try { // Thread.sleep(50); // } catch (InterruptedException e) { // throw new RuntimeException("sleep error: " + e.getMessage(), e); // } data = responseApdu.getData(); baos.write(data); offset += data.length; } while (BLOCK_SIZE == data.length); return baos.toByteArray(); }
From source file:test.be.fedict.eid.applet.PcscTest.java
@Test public void createPSSSignature() throws Exception { this.messages = new Messages(Locale.GERMAN); PcscEid pcscEid = new PcscEid(new TestView(), this.messages); if (false == pcscEid.isEidPresent()) { LOG.debug("insert eID card"); pcscEid.waitForEidPresent();//from www. ja v a2s.com } CardChannel cardChannel = pcscEid.getCardChannel(); byte[] message = "hello world".getBytes(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte[] digest = messageDigest.digest(message); try { CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x10, // PKCS1-PSS-SHA1 (byte) 0x84, // tag for private key ref PcscEid.AUTHN_KEY_ID }); ResponseAPDU responseAPDU = cardChannel.transmit(setApdu); assertEquals(0x9000, responseAPDU.getSW()); pcscEid.verifyPin(); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digest); responseAPDU = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseAPDU.getSW()); byte[] signatureValue = responseAPDU.getData(); LOG.debug("signature value length: " + signatureValue.length); List<X509Certificate> authnCertificateChain = pcscEid.getAuthnCertificateChain(); Signature signature = Signature.getInstance("SHA1withRSA/PSS", "BC"); signature.initVerify(authnCertificateChain.get(0).getPublicKey()); signature.update(message); boolean result = signature.verify(signatureValue); assertTrue(result); } finally { pcscEid.close(); } }
From source file:test.be.fedict.eid.applet.PcscTest.java
@Test public void signWhatever() throws Exception { PcscEid pcscEid = new PcscEid(new TestView(), this.messages); if (false == pcscEid.isEidPresent()) { LOG.debug("insert eID card"); pcscEid.waitForEidPresent();/*from w w w . j a va 2 s .c o m*/ } CardChannel cardChannel = pcscEid.getCardChannel(); CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x01, // rsa pkcs#1 (byte) 0x84, // tag for private key ref (byte) 0x82 }); // auth key ResponseAPDU responseApdu = cardChannel.transmit(setApdu); assertEquals(0x9000, responseApdu.getSW()); pcscEid.verifyPin(); // CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, // 0x9E, 0x9A, new byte[] { // 0x30, // DER // 0x1f, // length // 0x30, // DER // 0x07, // length // // OID = SHA1 // 0x06, // OID tag // 0x05, 0x2b, 0x0e, 0x03, // 0x02, // 0x1a, // 0x04, // tag OCTET STRING // 0x14, // length // 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, // 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, // 0x13, 0x14 }); // CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, // 0x9E, 0x9A, new byte[] { // 0x30, // DER DigestInfo // 0x18, // length // 0x30, // DER AlgorithmIdentifier // 0x00, // length: no OID // 0x04, // tag OCTET STRING // 0x14, // length // 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, // 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, // 0x13, 0x14 }); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, "Hello world encrypted".getBytes()); responseApdu = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseApdu.getSW()); byte[] signatureValue = responseApdu.getData(); LOG.debug("signature value size: " + signatureValue.length); List<X509Certificate> authnCertChain = pcscEid.getAuthnCertificateChain(); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, authnCertChain.get(0).getPublicKey()); byte[] decryptedSignatureValue = cipher.doFinal(signatureValue); LOG.debug("decrypted signature value: " + new String(decryptedSignatureValue)); pcscEid.close(); }
From source file:test.be.fedict.eid.applet.PcscTest.java
@Test public void testReadPhoto() throws Exception { TerminalFactory terminalFactory = TerminalFactory.getDefault(); CardTerminals cardTerminals = terminalFactory.terminals(); CardTerminal cardTerminal = cardTerminals.list().get(0); Card card = cardTerminal.connect("T=0"); CardChannel cardChannel = card.getBasicChannel(); // select file cardChannel.transmit(// ww w . j a v a2s . c o m new CommandAPDU(0x00, 0xA4, 0x08, 0x0C, new byte[] { 0x3F, 0x00, (byte) 0xDF, 0x01, 0x40, 0x35 })); ByteArrayOutputStream baos = new ByteArrayOutputStream(); int offset = 0; ResponseAPDU responseApdu; do { // read binary responseApdu = cardChannel.transmit(new CommandAPDU(0x00, 0xB0, offset >> 8, offset & 0xFF, 0xff)); baos.write(responseApdu.getData()); offset += responseApdu.getData().length; } while (responseApdu.getData().length == 0xff); BufferedImage photo = ImageIO.read(new ByteArrayInputStream(baos.toByteArray())); JOptionPane.showMessageDialog(null, new ImageIcon(photo)); }
From source file:test.be.fedict.eid.applet.PcscTest.java
@Test public void testCardDataFile() throws Exception { PcscEid pcscEid = new PcscEid(new TestView(), this.messages); if (false == pcscEid.isEidPresent()) { LOG.debug("insert eID card"); pcscEid.waitForEidPresent();/*w w w . ja va 2 s. co m*/ } try { CardChannel cardChannel = pcscEid.getCardChannel(); while (true) { CommandAPDU getCardApdu = new CommandAPDU(0x80, 0xe4, 0x00, 0x00, 0x1c); // Le = 0x1c ResponseAPDU responseApdu = cardChannel.transmit(getCardApdu); if (0x9000 != responseApdu.getSW()) { fail("SW error: " + Integer.toHexString(responseApdu.getSW())); } LOG.debug(Hex.encodeHexString(responseApdu.getData())); } } finally { pcscEid.close(); } }
From source file:test.be.fedict.eid.applet.PcscTest.java
@Test public void testGetChallenge() throws Exception { PcscEid pcscEid = new PcscEid(new TestView(), this.messages); if (false == pcscEid.isEidPresent()) { LOG.debug("insert eID card"); pcscEid.waitForEidPresent();/*from w w w. ja v a2s . c o m*/ } CardChannel cardChannel = pcscEid.getCardChannel(); int size = 256; CommandAPDU getChallengeApdu = new CommandAPDU(0x00, 0x84, 0x00, 0x00, new byte[] {}, 0, 0, size); ResponseAPDU responseApdu; responseApdu = cardChannel.transmit(getChallengeApdu); if (0x9000 != responseApdu.getSW()) { fail("get challenge failure: " + Integer.toHexString(responseApdu.getSW())); } LOG.debug("challenge: " + Hex.encodeHexString(responseApdu.getData())); assertEquals(size, responseApdu.getData().length); pcscEid.close(); }
From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java
/** * Create a plain text authentication signature, directly after creating a * regular SHA1 authentication signature. This is the sequence that will be * implemented in the eID Applet./*ww w . j av a 2 s . com*/ * <p/> * V006Z: Remark: without the SET APDU the secure smart card reader won't * display the plain text message. Fixed in V010Z. * <p/> * V012Z: language support is still shaky. * <p/> * V015Z also performs a logoff in case of plain text. Good. * * @throws Exception */ @Test @QualityAssurance(firmware = Firmware.V015Z, approved = true) public void testAuthnSignPlainText() throws Exception { CardChannel cardChannel = this.pcscEid.getCardChannel(); List<X509Certificate> authnCertChain = this.pcscEid.getAuthnCertificateChain(); /* * Make sure that the PIN authorization is already OK. */ this.pcscEid.signAuthn("hello world".getBytes()); CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x01, // rsa pkcs#1 (byte) 0x84, // tag for private key ref (byte) 0x82 }); // auth key // ResponseAPDU responseApdu = cardChannel.transmit(setApdu); // assertEquals(0x9000, responseApdu.getSW()); String textMessage = "My Testcase"; AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1"); DigestInfo digestInfo = new DigestInfo(algoId, textMessage.getBytes()); LOG.debug("DigestInfo DER encoded: " + new String(Hex.encodeHex(digestInfo.getDEREncoded()))); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digestInfo.getDEREncoded()); ResponseAPDU responseApdu2 = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseApdu2.getSW()); byte[] signatureValue = responseApdu2.getData(); LOG.debug("signature value size: " + signatureValue.length); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, authnCertChain.get(0)); byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue); ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue); DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject()); LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertArrayEquals(textMessage.getBytes(), signatureDigestInfo.getDigest()); }
From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java
/** * Creates a non-repudiation signature with plain text. * <p/>/*from w w w . j a va 2s .c o m*/ * Remark: "Enter NonRep PIN" should maybe be replaced with * "Enter Sign PIN". Fixed in V010Z. * * @throws Exception */ @Test @QualityAssurance(firmware = Firmware.V015Z, approved = true) public void testNonRepSignPlainText() throws Exception { CardChannel cardChannel = this.pcscEid.getCardChannel(); List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain(); CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x01, // rsa pkcs#1 (byte) 0x84, // tag for private key ref (byte) 0x83 }); // non-rep key ResponseAPDU responseApdu = cardChannel.transmit(setApdu); assertEquals(0x9000, responseApdu.getSW()); this.pcscEid.verifyPin(); String textMessage = "My Testcase"; AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1"); DigestInfo digestInfo = new DigestInfo(algoId, textMessage.getBytes()); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digestInfo.getDEREncoded()); responseApdu = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseApdu.getSW()); byte[] signatureValue = responseApdu.getData(); LOG.debug("signature value size: " + signatureValue.length); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, signCertChain.get(0)); byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue); ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue); DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject()); LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertArrayEquals(textMessage.getBytes(), signatureDigestInfo.getDigest()); }
From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java
/** * Only applicable for 2048 bit keys.// w w w . j av a 2s .c om * * @throws Exception */ @Test @QualityAssurance(firmware = Firmware.V015Z, approved = true) public void testLargePlainTextMessage() throws Exception { CardChannel cardChannel = this.pcscEid.getCardChannel(); List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain(); CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x01, // rsa pkcs#1 (byte) 0x84, // tag for private key ref (byte) 0x83 }); // non-rep key ResponseAPDU responseApdu = cardChannel.transmit(setApdu); assertEquals(0x9000, responseApdu.getSW()); this.pcscEid.verifyPin(); byte[] data = new byte[115]; /* * If the length of the plain text message is >= 115, the message is not * visualized by the secure pinpad reader. */ SecureRandom secureRandom = new SecureRandom(); secureRandom.nextBytes(data); AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1"); DigestInfo digestInfo = new DigestInfo(algoId, data); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digestInfo.getDEREncoded()); responseApdu = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseApdu.getSW()); byte[] signatureValue = responseApdu.getData(); LOG.debug("signature value size: " + signatureValue.length); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, signCertChain.get(0)); byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue); ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue); DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject()); LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId()); assertArrayEquals(data, signatureDigestInfo.getDigest()); }
From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java
/** * When creating a non-repudiation signature using PKCS#1-SHA1 (non-naked) * the digest value should also be confirmed via the secure pinpad reader. * //from w ww . j a v a2 s .c o m * @throws Exception */ @Test @QualityAssurance(firmware = Firmware.V015Z, approved = true) public void testNonRepSignPKCS1_SHA1() throws Exception { CardChannel cardChannel = this.pcscEid.getCardChannel(); List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain(); CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data (byte) 0x80, // algo ref 0x02, // RSA PKCS#1 SHA1 (byte) 0x84, // tag for private key ref (byte) 0x83 }); // non-rep key ResponseAPDU responseApdu = cardChannel.transmit(setApdu); assertEquals(0x9000, responseApdu.getSW()); this.pcscEid.verifyPin(); byte[] data = "My Testcase".getBytes(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); byte[] digestValue = messageDigest.digest(data); CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digestValue); responseApdu = cardChannel.transmit(computeDigitalSignatureApdu); assertEquals(0x9000, responseApdu.getSW()); byte[] signatureValue = responseApdu.getData(); LOG.debug("signature value size: " + signatureValue.length); Signature signature = Signature.getInstance("SHA1withRSA"); signature.initVerify(signCertChain.get(0).getPublicKey()); signature.update(data); boolean result = signature.verify(signatureValue); assertTrue(result); }