Example usage for javax.smartcardio ResponseAPDU getSW

List of usage examples for javax.smartcardio ResponseAPDU getSW

  1. HOME
  2. Java
  3. javax
  4. javax.smartcardio.*
  5. ResponseAPDU
  6. getSW

Introduction

In this page you can find the example usage for javax.smartcardio ResponseAPDU getSW.

Prototype

public int getSW()

Source Link

Document

Returns the value of the status bytes SW1 and SW2 as a single status word SW.

Usage

From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java

/**
 * Create a plain text authentication signature, directly after creating a
 * regular SHA1 authentication signature. This is the sequence that will be
 * implemented in the eID Applet.//  w  w  w  .ja v  a  2s  .c o  m
 * <p/>
 * V006Z: Remark: without the SET APDU the secure smart card reader won't
 * display the plain text message. Fixed in V010Z.
 * <p/>
 * V012Z: language support is still shaky.
 * <p/>
 * V015Z also performs a logoff in case of plain text. Good.
 * 
 * @throws Exception
 */
@Test
@QualityAssurance(firmware = Firmware.V015Z, approved = true)
public void testAuthnSignPlainText() throws Exception {
    CardChannel cardChannel = this.pcscEid.getCardChannel();

    List<X509Certificate> authnCertChain = this.pcscEid.getAuthnCertificateChain();
    /*
     * Make sure that the PIN authorization is already OK.
     */
    this.pcscEid.signAuthn("hello world".getBytes());

    CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data
            (byte) 0x80, // algo ref
            0x01, // rsa pkcs#1
            (byte) 0x84, // tag for private key ref
            (byte) 0x82 }); // auth key
    // ResponseAPDU responseApdu = cardChannel.transmit(setApdu);
    // assertEquals(0x9000, responseApdu.getSW());

    String textMessage = "My Testcase";
    AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1");
    DigestInfo digestInfo = new DigestInfo(algoId, textMessage.getBytes());
    LOG.debug("DigestInfo DER encoded: " + new String(Hex.encodeHex(digestInfo.getDEREncoded())));
    CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A,
            digestInfo.getDEREncoded());

    ResponseAPDU responseApdu2 = cardChannel.transmit(computeDigitalSignatureApdu);
    assertEquals(0x9000, responseApdu2.getSW());
    byte[] signatureValue = responseApdu2.getData();
    LOG.debug("signature value size: " + signatureValue.length);

    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.DECRYPT_MODE, authnCertChain.get(0));
    byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue);
    ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue);
    DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject());
    LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertArrayEquals(textMessage.getBytes(), signatureDigestInfo.getDigest());
}

From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java

/**
 * Creates a non-repudiation signature with plain text.
 * <p/>//from  w  ww  .j ava2s. c o  m
 * Remark: "Enter NonRep PIN" should maybe be replaced with
 * "Enter Sign PIN". Fixed in V010Z.
 * 
 * @throws Exception
 */
@Test
@QualityAssurance(firmware = Firmware.V015Z, approved = true)
public void testNonRepSignPlainText() throws Exception {
    CardChannel cardChannel = this.pcscEid.getCardChannel();

    List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain();

    CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data
            (byte) 0x80, // algo ref
            0x01, // rsa pkcs#1
            (byte) 0x84, // tag for private key ref
            (byte) 0x83 }); // non-rep key
    ResponseAPDU responseApdu = cardChannel.transmit(setApdu);
    assertEquals(0x9000, responseApdu.getSW());

    this.pcscEid.verifyPin();

    String textMessage = "My Testcase";
    AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1");
    DigestInfo digestInfo = new DigestInfo(algoId, textMessage.getBytes());
    CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A,
            digestInfo.getDEREncoded());

    responseApdu = cardChannel.transmit(computeDigitalSignatureApdu);
    assertEquals(0x9000, responseApdu.getSW());
    byte[] signatureValue = responseApdu.getData();
    LOG.debug("signature value size: " + signatureValue.length);

    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.DECRYPT_MODE, signCertChain.get(0));
    byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue);
    ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue);
    DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject());
    LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertArrayEquals(textMessage.getBytes(), signatureDigestInfo.getDigest());
}

From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java

/**
 * Only applicable for 2048 bit keys./*from   w  w  w .j ava2  s .c o m*/
 * 
 * @throws Exception
 */
@Test
@QualityAssurance(firmware = Firmware.V015Z, approved = true)
public void testLargePlainTextMessage() throws Exception {
    CardChannel cardChannel = this.pcscEid.getCardChannel();

    List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain();

    CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data
            (byte) 0x80, // algo ref
            0x01, // rsa pkcs#1
            (byte) 0x84, // tag for private key ref
            (byte) 0x83 }); // non-rep key
    ResponseAPDU responseApdu = cardChannel.transmit(setApdu);
    assertEquals(0x9000, responseApdu.getSW());

    this.pcscEid.verifyPin();

    byte[] data = new byte[115];
    /*
     * If the length of the plain text message is >= 115, the message is not
     * visualized by the secure pinpad reader.
     */
    SecureRandom secureRandom = new SecureRandom();
    secureRandom.nextBytes(data);
    AlgorithmIdentifier algoId = new AlgorithmIdentifier("2.16.56.1.2.1.3.1");
    DigestInfo digestInfo = new DigestInfo(algoId, data);
    CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A,
            digestInfo.getDEREncoded());

    responseApdu = cardChannel.transmit(computeDigitalSignatureApdu);
    assertEquals(0x9000, responseApdu.getSW());
    byte[] signatureValue = responseApdu.getData();
    LOG.debug("signature value size: " + signatureValue.length);

    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.DECRYPT_MODE, signCertChain.get(0));
    byte[] signatureDigestInfoValue = cipher.doFinal(signatureValue);
    ASN1InputStream aIn = new ASN1InputStream(signatureDigestInfoValue);
    DigestInfo signatureDigestInfo = new DigestInfo((ASN1Sequence) aIn.readObject());
    LOG.debug("result algo Id: " + signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertEquals("2.16.56.1.2.1.3.1", signatureDigestInfo.getAlgorithmId().getObjectId().getId());
    assertArrayEquals(data, signatureDigestInfo.getDigest());
}

From source file:test.be.fedict.eid.applet.SecurePinPadReaderTest.java

/**
 * When creating a non-repudiation signature using PKCS#1-SHA1 (non-naked)
 * the digest value should also be confirmed via the secure pinpad reader.
 * /*w  ww.j ava  2  s  .  c om*/
 * @throws Exception
 */
@Test
@QualityAssurance(firmware = Firmware.V015Z, approved = true)
public void testNonRepSignPKCS1_SHA1() throws Exception {
    CardChannel cardChannel = this.pcscEid.getCardChannel();

    List<X509Certificate> signCertChain = this.pcscEid.getSignCertificateChain();

    CommandAPDU setApdu = new CommandAPDU(0x00, 0x22, 0x41, 0xB6, new byte[] { 0x04, // length of following data
            (byte) 0x80, // algo ref
            0x02, // RSA PKCS#1 SHA1
            (byte) 0x84, // tag for private key ref
            (byte) 0x83 }); // non-rep key
    ResponseAPDU responseApdu = cardChannel.transmit(setApdu);
    assertEquals(0x9000, responseApdu.getSW());

    this.pcscEid.verifyPin();

    byte[] data = "My Testcase".getBytes();
    MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
    byte[] digestValue = messageDigest.digest(data);

    CommandAPDU computeDigitalSignatureApdu = new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, digestValue);

    responseApdu = cardChannel.transmit(computeDigitalSignatureApdu);
    assertEquals(0x9000, responseApdu.getSW());
    byte[] signatureValue = responseApdu.getData();
    LOG.debug("signature value size: " + signatureValue.length);

    Signature signature = Signature.getInstance("SHA1withRSA");
    signature.initVerify(signCertChain.get(0).getPublicKey());
    signature.update(data);
    boolean result = signature.verify(signatureValue);
    assertTrue(result);
}