summaryrefslogtreecommitdiff
path: root/smcc
diff options
context:
space:
mode:
authormcentner <mcentner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2010-01-26 16:27:27 +0000
committermcentner <mcentner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2010-01-26 16:27:27 +0000
commit84cd553cc40d9850fcd865887219d907693af0e6 (patch)
tree2d1d9054f42845ce951c9b2c2239178c803443d3 /smcc
parent667af128d0adfeee2aa4748ab58411c91bc4905f (diff)
parent7a5310b43849124095d97af3103c4fdaeeacbbbb (diff)
downloadmocca-84cd553cc40d9850fcd865887219d907693af0e6.tar.gz
mocca-84cd553cc40d9850fcd865887219d907693af0e6.tar.bz2
mocca-84cd553cc40d9850fcd865887219d907693af0e6.zip
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2@602 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'smcc')
-rw-r--r--smcc/keystore.ksbin0 -> 5635 bytes
-rw-r--r--smcc/pom.xml46
-rw-r--r--smcc/src/main/java/META-INF/MANIFEST.MF3
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java805
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java121
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java284
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java39
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java62
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java95
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java110
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java28
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java38
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/ITCard.java298
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/LockedException.java38
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java129
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java60
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java44
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java26
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java26
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java44
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java45
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java239
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java38
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java888
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SWCard.java396
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java38
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java125
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java65
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java401
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java39
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java65
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java200
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java45
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java36
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java48
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java42
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java51
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java92
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java106
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java703
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java125
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java368
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java150
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java204
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java194
-rw-r--r--smcc/src/main/resources/at/gv/egiz/smcc/ACOSCard.properties24
-rw-r--r--smcc/src/main/resources/at/gv/egiz/smcc/BELPICCard.properties3
-rw-r--r--smcc/src/main/resources/at/gv/egiz/smcc/ITCard.properties3
-rw-r--r--smcc/src/main/resources/at/gv/egiz/smcc/STARCOSCard.properties22
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/AbstractAppl.java57
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardAppl.java43
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardChannelEmul.java52
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardEmul.java106
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardTerminalEmul.java64
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardTest.java222
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/CardTestSuite.java29
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/File.java38
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/PIN.java45
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/TransparentFileInputStreamTest.java208
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplDEC.java151
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplSIG.java77
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardChannelEmul.java98
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardEmul.java31
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardTest.java92
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplDEC.java296
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplSIG.java87
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardChannelEmul.java75
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardEmul.java32
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardTest.java143
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSAppl.java79
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplDEC.java334
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplSIG.java302
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardChannelEmul.java261
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardEmul.java38
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTest.java230
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTestSuite.java27
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelChangePINProvider.java39
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelPINProvider.java29
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/ChangePINProvider.java49
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyChangePINGUI.java68
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyPINGUI.java48
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InterruptPINProvider.java34
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidChangePINProvider.java56
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidPINProvider.java48
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/pin/gui/SMCCTestPINProvider.java43
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSAppl.java72
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplGewoehnlicheSignatur.java349
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplInfobox.java165
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplSichereSignatur.java375
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardChannelEmul.java434
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardEmul.java54
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardTest.java346
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardChannelEmul.java46
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardEmul.java57
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardTest.java119
-rw-r--r--smcc/src/test/java/at/gv/egiz/smcc/util/ISO7816UtilsTest.java175
-rw-r--r--smcc/src/test/resources/IdentityLink.binbin0 -> 395 bytes
-rw-r--r--smcc/src/test/resources/log4j.properties19
98 files changed, 12893 insertions, 0 deletions
diff --git a/smcc/keystore.ks b/smcc/keystore.ks
new file mode 100644
index 00000000..824c3a40
--- /dev/null
+++ b/smcc/keystore.ks
Binary files differ
diff --git a/smcc/pom.xml b/smcc/pom.xml
new file mode 100644
index 00000000..1a2a8566
--- /dev/null
+++ b/smcc/pom.xml
@@ -0,0 +1,46 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <artifactId>bku</artifactId>
+ <groupId>at.gv.egiz</groupId>
+ <version>1.2.11</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>at.gv.egiz</groupId>
+ <artifactId>smcc</artifactId>
+ <name>smcc</name>
+ <packaging>jar</packaging>
+ <version>1.2.11</version>
+ <url>http://bku.egiz.gv.at</url>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <groupId>org.apache.maven.plugins</groupId>
+ <configuration>
+ <debug>false</debug>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <dependencies>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>iaik</groupId>
+ <artifactId>iaik_jce_full_signed</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <!-- FIXME just for testing
+ <dependency>
+ <groupId>iaik</groupId>
+ <artifactId>iaik_jce_full_signed</artifactId>
+ </dependency> -->
+ </dependencies>
+</project> \ No newline at end of file
diff --git a/smcc/src/main/java/META-INF/MANIFEST.MF b/smcc/src/main/java/META-INF/MANIFEST.MF
new file mode 100644
index 00000000..5e949512
--- /dev/null
+++ b/smcc/src/main/java/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path:
+
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java
new file mode 100644
index 00000000..9b3b88ed
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java
@@ -0,0 +1,805 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESedeKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import at.gv.egiz.smcc.util.SMCCHelper;
+import at.gv.egiz.smcc.util.TransparentFileInputStream;
+
+public class ACOSCard extends AbstractSignatureCard implements PINMgmtSignatureCard {
+
+ private static Log log = LogFactory.getLog(ACOSCard.class);
+
+ public static final byte[] AID_DEC = new byte[] { (byte) 0xA0, (byte) 0x00,
+ (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x4E };
+
+ public static final byte[] DF_DEC = new byte[] { (byte) 0xdf, (byte) 0x71 };
+
+ public static final byte[] AID_SIG = new byte[] { (byte) 0xA0, (byte) 0x00,
+ (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x43 };
+
+ public static final byte[] DF_SIG = new byte[] { (byte) 0xdf, (byte) 0x70 };
+
+ public static final byte[] EF_C_CH_EKEY = new byte[] { (byte) 0xc0,
+ (byte) 0x01 };
+
+ public static final int EF_C_CH_EKEY_MAX_SIZE = 2000;
+
+ public static final byte[] EF_C_CH_DS = new byte[] { (byte) 0xc0, (byte) 0x02 };
+
+ public static final int EF_C_CH_DS_MAX_SIZE = 2000;
+
+ public static final byte[] EF_PK_CH_EKEY = new byte[] { (byte) 0xb0,
+ (byte) 0x01 };
+
+ public static final byte[] EF_INFOBOX = new byte[] { (byte) 0xc0, (byte) 0x02 };
+
+ public static final byte[] EF_INFO = new byte[] { (byte) 0xd0, (byte) 0x02 };
+
+ public static final int EF_INFOBOX_MAX_SIZE = 1500;
+
+ public static final byte KID_PIN_SIG = (byte) 0x81;
+
+ public static final byte KID_PUK_SIG = (byte) 0x83;
+
+ public static final byte KID_PIN_DEC = (byte) 0x81;
+
+ public static final byte KID_PUK_DEC = (byte) 0x82;
+
+ public static final byte KID_PIN_INF = (byte) 0x83;
+
+ public static final byte KID_PUK_INF = (byte) 0x84;
+
+ public static final byte[] DST_SIG = new byte[] { (byte) 0x84, (byte) 0x01, // tag
+ // ,
+ // length
+ // (
+ // key
+ // ID
+ // )
+ (byte) 0x88, // SK.CH.SIGN
+ (byte) 0x80, (byte) 0x01, // tag, length (algorithm ID)
+ (byte) 0x14 // ECDSA
+ };
+
+ public static final byte[] AT_DEC = new byte[] { (byte) 0x84, (byte) 0x01, // tag
+ // ,
+ // length
+ // (
+ // key
+ // ID
+ // )
+ (byte) 0x88, // SK.CH.EKEY
+ (byte) 0x80, (byte) 0x01, // tag, length (algorithm ID)
+ (byte) 0x01 // RSA // TODO: Not verified yet
+ };
+
+ private static final PINSpec DEC_PIN_SPEC = new PINSpec(0, 8, "[0-9]",
+ "at/gv/egiz/smcc/ACOSCard", "dec.pin", KID_PIN_DEC, AID_DEC);
+
+ private static final PINSpec SIG_PIN_SPEC = new PINSpec(0, 8, "[0-9]",
+ "at/gv/egiz/smcc/ACOSCard", "sig.pin", KID_PIN_SIG, AID_SIG);
+
+ private static final PINSpec INF_PIN_SPEC = new PINSpec(0, 8, "[0-9]",
+ "at/gv/egiz/smcc/ACOSCard", "inf.pin", KID_PIN_INF, AID_DEC);
+
+ static {
+ if (SignatureCardFactory.ENFORCE_RECOMMENDED_PIN_LENGTH) {
+ DEC_PIN_SPEC.setRecLength(4);
+ SIG_PIN_SPEC.setRecLength(6);
+ INF_PIN_SPEC.setRecLength(4);
+ }
+ }
+
+ /**
+ * The version of the card's digital signature application.
+ */
+ protected int appVersion = -1;
+
+ public ACOSCard() {
+ super("at/gv/egiz/smcc/ACOSCard");
+ }
+
+ @Override
+ public void init(Card card, CardTerminal cardTerminal) {
+ super.init(card, cardTerminal);
+
+ // determine application version
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_SIG);
+ // SELECT file
+ execSELECT_FID(channel, EF_INFO);
+ // READ BINARY
+ TransparentFileInputStream is = ISO7816Utils.openTransparentFileInputStream(channel, 8);
+ appVersion = is.read();
+ log.info("a-sign premium application version = " + appVersion);
+ } catch (FileNotFoundException e) {
+ appVersion = 1;
+ log.info("a-sign premium application version = " + appVersion);
+ } catch (SignatureCardException e) {
+ log.warn(e);
+ appVersion = 0;
+ } catch (IOException e) {
+ log.warn(e);
+ appVersion = 0;
+ } catch (CardException e) {
+ log.warn(e);
+ appVersion = 0;
+ }
+
+ pinSpecs.add(DEC_PIN_SPEC);
+ pinSpecs.add(SIG_PIN_SPEC);
+ if (appVersion < 2) {
+ pinSpecs.add(INF_PIN_SPEC);
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException, InterruptedException {
+
+ byte[] aid;
+ byte[] fid;
+ if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ aid = AID_SIG;
+ fid = EF_C_CH_DS;
+ } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ aid = AID_DEC;
+ fid = EF_C_CH_EKEY;
+ } else {
+ throw new IllegalArgumentException("Keybox " + keyboxName
+ + " not supported.");
+ }
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, aid);
+ // SELECT file
+ byte[] fcx = execSELECT_FID(channel, fid);
+ int maxSize = -1;
+ if (getAppVersion() < 2) {
+ maxSize = ISO7816Utils.getLengthFromFCx(fcx);
+ log.debug("Size of selected file = " + maxSize);
+ }
+ // READ BINARY
+ byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, maxSize, (byte) 0x30);
+ if (certificate == null) {
+ throw new NotActivatedException();
+ }
+ return certificate;
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Failed to get certificate.", e);
+ throw new SignatureCardException(e);
+ }
+
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getInfobox(String infobox, PINGUI provider, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ if ("IdentityLink".equals(infobox)) {
+ if (getAppVersion() < 2) {
+ return getIdentityLinkV1(provider, domainId);
+ } else {
+ return getIdentityLinkV2(provider, domainId);
+ }
+ } else {
+ throw new IllegalArgumentException("Infobox '" + infobox
+ + "' not supported.");
+ }
+
+ }
+
+ protected byte[] getIdentityLinkV1(PINGUI provider, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_DEC);
+ // SELECT file
+ byte[] fcx = execSELECT_FID(channel, EF_INFOBOX);
+ int maxSize = ISO7816Utils.getLengthFromFCx(fcx);
+ log.debug("Size of selected file = " + maxSize);
+ // READ BINARY
+ while(true) {
+ try {
+ return ISO7816Utils.readTransparentFileTLV(channel, maxSize, (byte) 0x30);
+ } catch (SecurityStatusNotSatisfiedException e) {
+ verifyPINLoop(channel, INF_PIN_SPEC, provider);
+ }
+ }
+
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Faild to get infobox.", e);
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ protected byte[] getIdentityLinkV2(PINGUI provider, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_DEC);
+ // SELECT file
+ execSELECT_FID(channel, EF_INFOBOX);
+
+ // READ BINARY
+ TransparentFileInputStream is = ISO7816Utils.openTransparentFileInputStream(channel, -1);
+
+ int b = is.read();
+ if (b == 0x00) {
+ return null;
+ }
+ if (b != 0x41 || is.read() != 0x49 || is.read() != 0x4b) {
+ String msg = "Infobox structure invalid.";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ b = is.read();
+ if (b != 0x01) {
+ String msg = "Infobox structure v" + b + " not supported.";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ while ((b = is.read()) != 0x01 && b != 00) {
+ is.read(); // modifiers
+ is.skip(is.read() + (is.read() << 8)); // length
+ }
+
+ if (b != 0x01) {
+ return null;
+ }
+
+ int modifiers = is.read();
+ int length = is.read() + (is.read() << 8);
+
+ byte[] bytes;
+ byte[] key = null;
+
+ switch (modifiers) {
+ case 0x00:
+ bytes = new byte[length];
+ break;
+ case 0x01:
+ key = new byte[is.read() + (is.read() << 8)];
+ is.read(key);
+ bytes = new byte[length - key.length - 2];
+ break;
+ default:
+ String msg = "Compressed infobox structure not yet supported.";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ is.read(bytes);
+
+ if (key == null) {
+ return bytes;
+ }
+
+ execMSE(channel, 0x41, 0xb8, new byte[] {
+ (byte) 0x84, (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01,
+ (byte) 0x02 });
+
+
+ byte[] plainKey = null;
+
+ while (true) {
+ try {
+ plainKey = execPSO_DECIPHER(channel, key);
+ break;
+ } catch(SecurityStatusNotSatisfiedException e) {
+ verifyPINLoop(channel, DEC_PIN_SPEC, provider);
+ }
+ }
+
+ try {
+ Cipher cipher = Cipher
+ .getInstance("DESede/CBC/PKCS5Padding");
+ byte[] iv = new byte[8];
+ Arrays.fill(iv, (byte) 0x00);
+ IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+ AlgorithmParameters parameters = AlgorithmParameters
+ .getInstance("DESede");
+ parameters.init(ivParameterSpec);
+
+ DESedeKeySpec keySpec = new DESedeKeySpec(plainKey);
+ SecretKeyFactory keyFactory = SecretKeyFactory
+ .getInstance("DESede");
+ SecretKey secretKey = keyFactory.generateSecret(keySpec);
+
+ cipher.init(Cipher.DECRYPT_MODE, secretKey, parameters);
+
+ return cipher.doFinal(bytes);
+
+ } catch (GeneralSecurityException e) {
+ String msg = "Failed to decrypt infobox.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Faild to get infobox.", e);
+ throw new SignatureCardException(e);
+ } catch (IOException e) {
+ if (e.getCause() instanceof SignatureCardException) {
+ throw (SignatureCardException) e.getCause();
+ } else {
+ throw new SignatureCardException(e);
+ }
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName,
+ PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException {
+
+ ByteArrayOutputStream dst = new ByteArrayOutputStream();
+ // key ID
+ dst.write(new byte[]{(byte) 0x84, (byte) 0x01, (byte) 0x88});
+ // algorithm ID
+ dst.write(new byte[]{(byte) 0x80, (byte) 0x01});
+
+ MessageDigest md;
+ try {
+ if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)
+ && (alg == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(alg))) {
+ dst.write((byte) 0x14); // SHA-1/ECC
+ md = MessageDigest.getInstance("SHA-1");
+ } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)
+ && (alg == null || "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg))) {
+ dst.write((byte) 0x12); // SHA-1 with padding according to PKCS#1 block type 01
+ md = MessageDigest.getInstance("SHA-1");
+ } else if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)
+ && appVersion >= 2
+ && "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(alg)) {
+ dst.write((byte) 0x44); // SHA-256/ECC
+ md = MessageDigest.getInstance("SHA256");
+ } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)
+ && appVersion >= 2
+ && "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(alg)) {
+ dst.write((byte) 0x41); // SHA-256 with padding according to PKCS#1
+ md = MessageDigest.getInstance("SHA256");
+ } else {
+ throw new SignatureCardException("Card does not support signature algorithm " + alg + ".");
+ }
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Failed to get MessageDigest.", e);
+ throw new SignatureCardException(e);
+ }
+
+ byte[] digest = new byte[md.getDigestLength()];
+ for (int l; (l = input.read(digest)) != -1;) {
+ md.update(digest, 0, l);
+ }
+ digest = md.digest();
+
+ try {
+
+ CardChannel channel = getCardChannel();
+
+ if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) {
+
+ PINSpec spec = SIG_PIN_SPEC;
+
+ // SELECT application
+ execSELECT_AID(channel, AID_SIG);
+ // MANAGE SECURITY ENVIRONMENT : SET DST
+ execMSE(channel, 0x41, 0xb6, dst.toByteArray());
+ // VERIFY
+ verifyPINLoop(channel, spec, provider);
+ // PERFORM SECURITY OPERATION : HASH
+ execPSO_HASH(channel, digest);
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATRE
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel);
+
+ } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) {
+
+ PINSpec spec = DEC_PIN_SPEC;
+
+ // SELECT application
+ execSELECT_AID(channel, AID_DEC);
+ // MANAGE SECURITY ENVIRONMENT : SET AT
+ execMSE(channel, 0x41, 0xa4, AT_DEC);
+
+ while (true) {
+ try {
+ // INTERNAL AUTHENTICATE
+ return execINTERNAL_AUTHENTICATE(channel, digest);
+ } catch (SecurityStatusNotSatisfiedException e) {
+ verifyPINLoop(channel, spec, provider);
+ }
+ }
+
+ } else {
+ throw new IllegalArgumentException("KeyboxName '" + keyboxName
+ + "' not supported.");
+ }
+
+ } catch (CardException e) {
+ log.warn(e);
+ throw new SignatureCardException("Failed to access card.", e);
+ }
+
+ }
+
+ public int getAppVersion() {
+ return appVersion;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#verifyPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider)
+ */
+ @Override
+ public void verifyPIN(PINSpec pinSpec, PINGUI pinProvider)
+ throws LockedException, NotActivatedException, CancelledException,
+ TimeoutException, SignatureCardException, InterruptedException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ // SELECT application
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ // VERIFY
+ verifyPINLoop(channel, pinSpec, pinProvider);
+ } catch (CardException e) {
+ log.info("Failed to verify PIN.", e);
+ throw new SignatureCardException("Failed to verify PIN.", e);
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#changePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.ChangePINProvider)
+ */
+ @Override
+ public void changePIN(PINSpec pinSpec, ModifyPINGUI pinProvider)
+ throws LockedException, NotActivatedException, CancelledException,
+ TimeoutException, SignatureCardException, InterruptedException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ // SELECT application
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ // CHANGE REFERENCE DATA
+ changePINLoop(channel, pinSpec, pinProvider);
+ } catch (CardException e) {
+ log.info("Failed to change PIN.", e);
+ throw new SignatureCardException("Failed to change PIN.", e);
+ }
+
+ }
+
+ @Override
+ public void activatePIN(PINSpec pinSpec, ModifyPINGUI pinGUI)
+ throws CancelledException, SignatureCardException, CancelledException,
+ TimeoutException, InterruptedException {
+ log.error("ACTIVATE PIN not supported by ACOS");
+ throw new SignatureCardException("PIN activation not supported by this card.");
+ }
+
+ @Override
+ public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pinGUI)
+ throws CancelledException, SignatureCardException, InterruptedException {
+ throw new SignatureCardException("Unblock PIN not supported.");
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINSpecs()
+ */
+ @Override
+ public List<PINSpec> getPINSpecs() {
+ if (getAppVersion() < 2) {
+ return Arrays.asList(new PINSpec[] {DEC_PIN_SPEC, SIG_PIN_SPEC, INF_PIN_SPEC});
+ } else {
+ return Arrays.asList(new PINSpec[] {DEC_PIN_SPEC, SIG_PIN_SPEC});
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINStatus(at.gv.egiz.smcc.PINSpec)
+ */
+ @Override
+ public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException {
+ return PIN_STATE.UNKNOWN;
+ }
+
+ @Override
+ public String toString() {
+ return "a-sign premium (version " + getAppVersion() + ")";
+ }
+
+ ////////////////////////////////////////////////////////////////////////
+ // PROTECTED METHODS (assume exclusive card access)
+ ////////////////////////////////////////////////////////////////////////
+
+ protected void verifyPINLoop(CardChannel channel, PINSpec spec, PINGUI provider)
+ throws InterruptedException, CardException, SignatureCardException {
+
+ int retries = -1;
+ do {
+ retries = verifyPIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected void changePINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider)
+ throws InterruptedException, CardException, SignatureCardException {
+
+ int retries = -1;
+ do {
+ retries = changePIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected int verifyPIN(CardChannel channel, PINSpec pinSpec,
+ PINGUI provider, int retries) throws InterruptedException, CardException, SignatureCardException {
+
+ VerifyAPDUSpec apduSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 },
+ 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8);
+
+ ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ }
+ if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ }
+
+ switch (resp.getSW()) {
+ case 0x6983:
+ // authentication method blocked
+ throw new LockedException();
+
+ default:
+ String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW());
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ }
+
+ protected int changePIN(CardChannel channel, PINSpec pinSpec,
+ ModifyPINGUI pinProvider, int retries) throws CancelledException, InterruptedException, CardException, SignatureCardException {
+
+ ChangeReferenceDataAPDUSpec apduSpec = new ChangeReferenceDataAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8);
+
+
+
+ ResponseAPDU resp = reader.modify(channel, apduSpec, pinProvider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ }
+ if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ }
+
+ switch (resp.getSW()) {
+ case 0x6983:
+ // authentication method blocked
+ throw new LockedException();
+
+ default:
+ String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ }
+
+ protected byte[] execSELECT_AID(CardChannel channel, byte[] aid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x04, 0x00, aid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found AID="
+ + SMCCHelper.toString(aid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application AID="
+ + SMCCHelper.toString(aid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+ }
+
+ protected byte[] execSELECT_FID(CardChannel channel, byte[] fid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x00, 0x00, fid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+
+ }
+
+ protected void execMSE(CardChannel channel, int p1,
+ int p2, byte[] data) throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x22, p1, p2, data));
+
+ if (resp.getSW() != 0x9000) {
+ String msg = "MSE failed: SW="
+ + Integer.toHexString(resp.getSW());
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ }
+
+ protected byte[] execPSO_DECIPHER(CardChannel channel, byte [] cipher) throws CardException, SignatureCardException {
+
+ byte[] data = new byte[cipher.length + 1];
+ data[0] = 0x00;
+ System.arraycopy(cipher, 0, data, 1, cipher.length);
+ ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0x2A, 0x80, 0x86, data, 256));
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ } else if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException(
+ "PSO - DECIPHER failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+
+ return resp.getData();
+
+ }
+
+ protected void execPSO_HASH(CardChannel channel, byte[] hash) throws CardException, SignatureCardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x90, 0x81, hash));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("PSO - HASH failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+
+ }
+
+ protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel) throws CardException,
+ SignatureCardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, 256));
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ }
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException(
+ "PSO - COMPUTE DIGITAL SIGNATRE failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ } else {
+ return resp.getData();
+ }
+
+ }
+
+ protected byte[] execINTERNAL_AUTHENTICATE(CardChannel channel, byte[] hash) throws CardException,
+ SignatureCardException {
+
+ byte[] digestInfo = new byte[] { (byte) 0x30, (byte) 0x21, (byte) 0x30,
+ (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2B, (byte) 0x0E,
+ (byte) 0x03, (byte) 0x02, (byte) 0x1A, (byte) 0x05, (byte) 0x00,
+ (byte) 0x04 };
+
+ byte[] data = new byte[digestInfo.length + hash.length + 1];
+
+ System.arraycopy(digestInfo, 0, data, 0, digestInfo.length);
+ data[digestInfo.length] = (byte) hash.length;
+ System.arraycopy(hash, 0, data, digestInfo.length + 1, hash.length);
+
+ ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0x88, 0x10, 0x00, data, 256));
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ } else if (resp.getSW() == 0x6983) {
+ throw new LockedException();
+ } else if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("INTERNAL AUTHENTICATE failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ } else {
+ return resp.getData();
+ }
+ }
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java
new file mode 100644
index 00000000..fcb94fc6
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java
@@ -0,0 +1,121 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.reader.CardReader;
+import at.gv.egiz.smcc.reader.ReaderFactory;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+public abstract class AbstractSignatureCard implements SignatureCard {
+
+ private static Log log = LogFactory.getLog(AbstractSignatureCard.class);
+
+ protected List<PINSpec> pinSpecs = new ArrayList<PINSpec>();
+
+ private ResourceBundle i18n;
+ private String resourceBundleName;
+
+ private Locale locale = Locale.getDefault();
+
+ private Card card_;
+
+ protected CardReader reader;
+
+ protected AbstractSignatureCard(String resourceBundleName) {
+ this.resourceBundleName = resourceBundleName;
+ }
+
+ protected String toString(byte[] b) {
+ StringBuffer sb = new StringBuffer();
+ if (b != null && b.length > 0) {
+ sb.append(Integer.toHexString((b[0] & 240) >> 4));
+ sb.append(Integer.toHexString(b[0] & 15));
+ }
+ for (int i = 1; i < b.length; i++) {
+ sb.append(':');
+ sb.append(Integer.toHexString((b[i] & 240) >> 4));
+ sb.append(Integer.toHexString(b[i] & 15));
+ }
+ return sb.toString();
+ }
+
+ @Override
+ public void init(Card card, CardTerminal cardTerminal) {
+ this.card_ = card;
+ this.reader = ReaderFactory.getReader(card, cardTerminal);
+ }
+
+ @Override
+ public Card getCard() {
+ return card_;
+ }
+
+ protected CardChannel getCardChannel() {
+ return new LogCardChannel(card_.getBasicChannel());
+ }
+
+ @Override
+ public void setLocale(Locale locale) {
+ if (locale == null) {
+ throw new NullPointerException("Locale must not be set to null");
+ }
+ this.locale = locale;
+ }
+
+ protected ResourceBundle getResourceBundle() {
+ if (i18n == null) {
+ i18n = ResourceBundle.getBundle(resourceBundleName, locale);
+ }
+ return i18n;
+ }
+
+ @Override
+ public void disconnect(boolean reset) {
+ log.debug("Disconnect called");
+ if (card_ != null) {
+ try {
+ card_.disconnect(reset);
+ } catch (Exception e) {
+ log.info("Error while resetting card", e);
+ }
+ }
+ }
+
+ @Override
+ public void reset() throws SignatureCardException {
+ try {
+ log.debug("Disconnect and reset smart card.");
+ card_.disconnect(true);
+ log.debug("Reconnect smart card.");
+ card_ = reader.connect();
+ } catch (CardException e) {
+ throw new SignatureCardException("Failed to reset card.", e);
+ }
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java b/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java
new file mode 100644
index 00000000..41358bb5
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java
@@ -0,0 +1,284 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import at.gv.egiz.smcc.util.SMCCHelper;
+
+public class BELPICCard extends AbstractSignatureCard implements SignatureCard {
+
+ /**
+ * Logging facility.
+ */
+ private static Log log = LogFactory.getLog(BELPICCard.class);
+
+ public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 };
+
+ public static final byte[] DF_BELPIC = new byte[] { (byte) 0xDF,
+ (byte) 0x00 };
+
+ public static final byte[] DF_ID = new byte[] { (byte) 0xDF, (byte) 0x01 };
+
+ public static final byte[] SIGN_CERT = new byte[] { (byte) 0x50,
+ (byte) 0x39 };
+
+// public static final byte MSE_SET_ALGO_REF = (byte) 0x02;
+
+// public static final byte MSE_SET_PRIV_KEY_REF = (byte) 0x83;
+
+ public static final int SIGNATURE_LENGTH = (int) 0x80;
+
+ public static final byte KID = (byte) 0x01;
+
+ public static final int READ_BUFFER_LENGTH = 256;
+
+ public static final int PINSPEC_SS = 0;
+
+ private static final PINSpec SS_PIN_SPEC =
+ new PINSpec(4, 12, "[0-9]",
+ "at/gv/egiz/smcc/BELPICCard", "sig.pin", KID, DF_BELPIC);
+
+ /**
+ * Creates a new instance.
+ */
+ public BELPICCard() {
+ super("at/gv/egiz/smcc/BelpicCard");
+ pinSpecs.add(SS_PIN_SPEC);
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException {
+
+ if (keyboxName != KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ throw new IllegalArgumentException("Keybox " + keyboxName
+ + " not supported");
+ }
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT MF
+ execSELECT_FID(channel, MF);
+ // SELECT application
+ execSELECT_FID(channel, DF_BELPIC);
+ // SELECT file
+ execSELECT_FID(channel, SIGN_CERT);
+ // READ BINARY
+ byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30);
+ if (certificate == null) {
+ throw new NotActivatedException();
+ }
+ return certificate;
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Failed to get certificate.", e);
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getInfobox(String infobox, PINGUI provider, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ throw new IllegalArgumentException("Infobox '" + infobox
+ + "' not supported.");
+ }
+
+ @Override
+ @Exclusive
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName,
+ PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException {
+
+ if (KeyboxName.SECURE_SIGNATURE_KEYPAIR != keyboxName) {
+ throw new SignatureCardException("Card does not support key " + keyboxName + ".");
+ }
+ if (!"http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) {
+ throw new SignatureCardException("Card does not support algorithm " + alg + ".");
+ }
+
+ byte[] dst = new byte[] { (byte) 0x04, // number of following
+ // bytes
+ (byte) 0x80, // tag for algorithm reference
+ (byte) 0x02, // algorithm reference
+ (byte) 0x84, // tag for private key reference
+ (byte) 0x83 // private key reference
+ };
+
+ MessageDigest md;
+ try {
+ md = MessageDigest.getInstance("SHA-1");
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Failed to get MessageDigest.", e);
+ throw new SignatureCardException(e);
+ }
+ // calculate message digest
+ byte[] digest = new byte[md.getDigestLength()];
+ for (int l; (l = input.read(digest)) != -1;) {
+ md.update(digest, 0, l);
+ }
+ digest = md.digest();
+
+ try {
+
+ CardChannel channel = getCardChannel();
+
+ // SELECT MF
+ execSELECT_FID(channel, MF);
+ // VERIFY
+ execMSE(channel, 0x41, 0xb6, dst);
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE
+ verifyPINLoop(channel, SS_PIN_SPEC, provider);
+ // MANAGE SECURITY ENVIRONMENT : SET DST
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest);
+
+ } catch (CardException e) {
+ log.warn(e);
+ throw new SignatureCardException("Failed to access card.", e);
+ }
+
+ }
+
+ public String toString() {
+ return "Belpic Card";
+ }
+
+ protected void verifyPINLoop(CardChannel channel, PINSpec spec,
+ PINGUI provider) throws LockedException, NotActivatedException,
+ SignatureCardException, InterruptedException, CardException {
+
+ int retries = -1; //verifyPIN(channel, spec, null, -1);
+ do {
+ retries = verifyPIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected int verifyPIN(CardChannel channel, PINSpec pinSpec,
+ PINGUI provider, int retries) throws SignatureCardException,
+ LockedException, NotActivatedException, InterruptedException,
+ CardException {
+
+ VerifyAPDUSpec apduSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4);
+
+ ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ }
+ if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ }
+
+ switch (resp.getSW()) {
+ case 0x6983:
+ // authentication method blocked
+ throw new LockedException();
+ case 0x6984:
+ // reference data not usable
+ throw new NotActivatedException();
+ case 0x6985:
+ // conditions of use not satisfied
+ throw new NotActivatedException();
+
+ default:
+ String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW());
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ }
+
+ protected byte[] execSELECT_FID(CardChannel channel, byte[] fid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x02, 0x0C, fid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+ }
+
+ protected void execMSE(CardChannel channel, int p1, int p2, byte[] data)
+ throws CardException, SignatureCardException {
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x22, p1, p2, data, 256));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("MSE:SET failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+ }
+
+ protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel, byte[] hash)
+ throws CardException, SignatureCardException {
+ ResponseAPDU resp;
+ resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, hash, 256));
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ } else if (resp.getSW() == 0x6983) {
+ throw new LockedException();
+ } else if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException(
+ "PSO: COMPUTE DIGITAL SIGNATRE failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ } else {
+ return resp.getData();
+ }
+ }
+
+
+
+
+} \ No newline at end of file
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java b/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java
new file mode 100644
index 00000000..347d74c9
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java
@@ -0,0 +1,39 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class CancelledException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public CancelledException() {
+ super();
+ }
+
+ public CancelledException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public CancelledException(String message) {
+ super(message);
+ }
+
+ public CancelledException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java b/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java
new file mode 100644
index 00000000..1cde093d
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java
@@ -0,0 +1,62 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class CardNotSupportedException extends Exception {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * Creates a new instance of this <code>CardNotSupportedException</code>.
+ *
+ */
+ public CardNotSupportedException() {
+ super();
+ }
+
+ /**
+ * Creates a new instance of this <code>CardNotSupportedException</code>.
+ *
+ * @param message
+ * @param cause
+ */
+ public CardNotSupportedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ /**
+ * Creates a new instance of this <code>CardNotSupportedException</code>.
+ *
+ * @param message
+ */
+ public CardNotSupportedException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new instance of this <code>CardNotSupportedException</code>.
+ *
+ * @param cause
+ */
+ public CardNotSupportedException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java b/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java
new file mode 100644
index 00000000..0b10d88f
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java
@@ -0,0 +1,95 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class ChangeReferenceDataAPDUSpec extends VerifyAPDUSpec {
+
+ /**
+ * The offset for the insertion of the old PIN. (Default: 0)
+ */
+ protected int pinInsertionOffsetOld = 0;
+
+ /**
+ * The offset for the insertion of the new PIN. (Default:
+ * {@link VerifyAPDUSpec#pinLength} + 1})
+ */
+ protected int pinInsertionOffsetNew = pinLength;
+
+ public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) {
+ super(apdu, pinPosition, pinFormat, pinLength);
+ }
+
+ /**
+ * @param apdu
+ * @param pinPosition
+ * @param pinFormat
+ * @param pinLength
+ * @param pinLengthSize
+ * @param pinLengthPos
+ */
+ public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition,
+ int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos) {
+ super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos);
+ }
+
+ /**
+ * @param apdu
+ * @param pinPosition
+ * @param pinFormat
+ * @param pinLength
+ * @param pinLengthSize
+ * @param pinLengthPos
+ * @param pinInsertionOffsetNew
+ */
+ public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition,
+ int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos,
+ int pinInsertionOffsetNew) {
+ super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos);
+ this.pinInsertionOffsetNew = pinInsertionOffsetNew;
+ }
+
+ /**
+ * @return the pinInsertionOffsetOld
+ */
+ public int getPinInsertionOffsetOld() {
+ return pinInsertionOffsetOld;
+ }
+
+ /**
+ * @param pinInsertionOffsetOld the pinInsertionOffsetOld to set
+ */
+ public void setPinInsertionOffsetOld(int pinInsertionOffsetOld) {
+ this.pinInsertionOffsetOld = pinInsertionOffsetOld;
+ }
+
+ /**
+ * @return the pinInsertionOffsetNew
+ */
+ public int getPinInsertionOffsetNew() {
+ return pinInsertionOffsetNew;
+ }
+
+ /**
+ * @param pinInsertionOffsetNew the pinInsertionOffsetNew to set
+ */
+ public void setPinInsertionOffsetNew(int pinInsertionOffsetNew) {
+ this.pinInsertionOffsetNew = pinInsertionOffsetNew;
+ }
+
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java b/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java
new file mode 100644
index 00000000..bfbd0063
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java
@@ -0,0 +1,110 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
+import java.util.ArrayList;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+public class ExclSignatureCardProxy implements InvocationHandler {
+
+ private static Log log = LogFactory.getLog(ExclSignatureCardProxy.class);
+
+ private static final Method init;
+
+ static {
+ try {
+ init = SignatureCard.class.getMethod("init", new Class<?>[] { Card.class,
+ CardTerminal.class });
+ } catch (SecurityException e) {
+ throw new RuntimeException(e);
+ } catch (NoSuchMethodException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private SignatureCard signatureCard;
+
+ public ExclSignatureCardProxy(SignatureCard signatureCard) {
+ this.signatureCard = signatureCard;
+ }
+
+ public static SignatureCard newInstance(SignatureCard signatureCard) {
+ ArrayList<Class<?>> proxyInterfaces = new ArrayList<Class<?>>();
+ proxyInterfaces.add(SignatureCard.class);
+ if (PINMgmtSignatureCard.class.isAssignableFrom(signatureCard.getClass())) {
+ proxyInterfaces.add(PINMgmtSignatureCard.class);
+ }
+ ClassLoader loader = signatureCard.getClass().getClassLoader();
+ return (SignatureCard) Proxy.newProxyInstance(loader, proxyInterfaces
+ .toArray(new Class[proxyInterfaces.size()]),
+ new ExclSignatureCardProxy(signatureCard));
+ }
+
+ public static PINMgmtSignatureCard newInstance(PINMgmtSignatureCard signatureCard) {
+ return null;
+ }
+
+ @Override
+ public Object invoke(Object proxy, Method method, Object[] args)
+ throws Throwable {
+
+ Card card = null;
+
+ Method target = signatureCard.getClass().getMethod(method.getName(),
+ method.getParameterTypes());
+
+ if (target.isAnnotationPresent(Exclusive.class)) {
+ card = (Card) ((method.equals(init))
+ ? args[0]
+ : signatureCard.getCard());
+ }
+
+ if (card != null) {
+ try {
+ log.trace("Invoking method " + method.getName() + "() with exclusive access.");
+ card.beginExclusive();
+ } catch (CardException e) {
+ log.info("Failed to get exclusive access to signature card "
+ + signatureCard.toString() + ".");
+ throw new SignatureCardException(e);
+ }
+ }
+
+ try {
+ return method.invoke(signatureCard, args);
+ } catch (InvocationTargetException e) {
+ throw e.getTargetException();
+ } finally {
+ if (card != null) {
+ card.endExclusive();
+ }
+ }
+
+
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java b/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java
new file mode 100644
index 00000000..b796b045
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java
@@ -0,0 +1,28 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface Exclusive {
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java b/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java
new file mode 100644
index 00000000..f96611c2
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class FileNotFoundException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public FileNotFoundException() {
+ }
+
+ public FileNotFoundException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public FileNotFoundException(String message) {
+ super(message);
+ }
+
+ public FileNotFoundException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java
new file mode 100644
index 00000000..64389190
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java
@@ -0,0 +1,298 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import at.gv.egiz.smcc.util.SMCCHelper;
+
+public class ITCard extends AbstractSignatureCard {
+
+ /**
+ * Logging facility.
+ */
+ private static Log log = LogFactory.getLog(STARCOSCard.class);
+
+ public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 };
+
+ public static final byte[] DF1 = new byte[] { (byte) 0x11, (byte) 0x00 };
+
+ public static final byte[] EF_C_Carta = new byte[] { (byte) 0x11, (byte) 0x01 };
+
+ private static final PINSpec SS_PIN_SPEC =
+ new PINSpec(5, 8, "[0-9]",
+ "at/gv/egiz/smcc/ITCard", "sig.pin", (byte) 0x10,
+ new byte[] { (byte) 0x11, (byte) 0x00 });
+
+ /**
+ * Creates a new instance.
+ */
+ public ITCard() {
+ super("at/gv/egiz/smcc/ITCard");
+ pinSpecs.add(SS_PIN_SPEC);
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException, InterruptedException {
+
+ if (keyboxName != KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ throw new IllegalArgumentException("Keybox " + keyboxName
+ + " not supported");
+ }
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT MF
+ execSELECT_FID(channel, MF);
+ // SELECT application
+ execSELECT_FID(channel, DF1);
+ // SELECT EF_C_Carta
+ byte[] fcx = execSELECT_FID(channel, EF_C_Carta);
+ int maxsize = ISO7816Utils.getLengthFromFCx(fcx);
+ // READ BINARY
+ byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, maxsize, (byte) 0x30);
+ if (certificate == null) {
+ throw new NotActivatedException();
+ }
+ return certificate;
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Failed to get certificate.", e);
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getInfobox(String infobox, PINGUI provider, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ throw new IllegalArgumentException("Infobox '" + infobox
+ + "' not supported.");
+ }
+
+ @Override
+ @Exclusive
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName,
+ PINGUI provider, String alg) throws SignatureCardException,
+ InterruptedException, IOException {
+
+ if (KeyboxName.SECURE_SIGNATURE_KEYPAIR != keyboxName) {
+ throw new SignatureCardException("Card does not support key " + keyboxName + ".");
+ }
+ if (!"http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) {
+ throw new SignatureCardException("Card does not support algorithm " + alg + ".");
+ }
+
+ byte[] dst = new byte[] {
+ (byte) 0x83, // tag for algorithm reference
+ (byte) 0x01, // algorithm reference
+ (byte) 0x01 // private key reference
+ };
+
+ MessageDigest md;
+ try {
+ md = MessageDigest.getInstance("SHA-1");
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Failed to get MessageDigest.", e);
+ throw new SignatureCardException(e);
+ }
+ // calculate message digest
+ byte[] digest = new byte[md.getDigestLength()];
+ for (int l; (l = input.read(digest)) != -1;) {
+ md.update(digest, 0, l);
+ }
+ digest = md.digest();
+
+ try {
+
+ CardChannel channel = getCardChannel();
+
+ // SELECT MF
+ execSELECT_FID(channel, MF);
+ // VERIFY
+ verifyPINLoop(channel, SS_PIN_SPEC, provider);
+ // MANAGE SECURITY ENVIRONMENT : RESTORE SE
+ execMSE(channel, 0xF3, 0x03, null);
+ // MANAGE SECURITY ENVIRONMENT : SET DST
+ execMSE(channel, 0xF1, 0xB8, dst);
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest);
+
+ } catch (CardException e) {
+ log.warn(e);
+ throw new SignatureCardException("Failed to access card.", e);
+ }
+
+ }
+
+ protected void verifyPINLoop(CardChannel channel, PINSpec spec,
+ PINGUI provider) throws LockedException, NotActivatedException,
+ SignatureCardException, InterruptedException, CardException {
+
+ int retries = -1;
+ do {
+ retries = verifyPIN(channel, spec, provider, retries);
+ } while (retries >= -1);
+ }
+
+ protected int verifyPIN(CardChannel channel, PINSpec pinSpec,
+ PINGUI provider, int retries) throws SignatureCardException,
+ LockedException, NotActivatedException, InterruptedException,
+ CardException {
+
+ VerifyAPDUSpec apduSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8);
+
+ ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -2;
+ }
+ if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ }
+
+ switch (resp.getSW()) {
+ case 0x6300:
+ // incorrect PIN, number of retries not provided
+ return -1;
+ case 0x6983:
+ // authentication method blocked
+ throw new LockedException();
+ case 0x6984:
+ // reference data not usable
+ throw new NotActivatedException();
+ case 0x6985:
+ // conditions of use not satisfied
+ throw new NotActivatedException();
+
+ default:
+ String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW());
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ }
+
+ protected byte[] execSELECT_FID(CardChannel channel, byte[] fid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x00, 0x00, fid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+ }
+
+ protected void execMSE(CardChannel channel, int p1, int p2, byte[] data)
+ throws CardException, SignatureCardException {
+
+ ResponseAPDU resp;
+ if (data == null) {
+ resp = channel.transmit(new CommandAPDU(0x00, 0x22, p1, p2));
+ } else {
+ resp = channel.transmit(new CommandAPDU(0x00, 0x22, p1, p2, data));
+ }
+
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("MSE:SET failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+ }
+
+ protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel,
+ byte[] hash) throws CardException, SignatureCardException {
+
+ byte[] oid = new byte[] { (byte) 0x30, (byte) 0x21, (byte) 0x30,
+ (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2b,
+ (byte) 0x0e, (byte) 0x03, (byte) 0x02, (byte) 0x1a,
+ (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x14 };
+
+ ByteArrayOutputStream data = new ByteArrayOutputStream();
+
+ try {
+ // header
+ data.write(new byte[] { (byte) 0x00, (byte) 0x00, (byte) 0x01 });
+ // padding
+ for (int i = 0, len = 125 - hash.length - oid.length; i < len; i++) {
+ data.write((byte) 0xFF);
+ }
+ data.write((byte) 0x00);
+ // oid
+ data.write(oid);
+ // hash
+ data.write(hash);
+ } catch (IOException e) {
+ throw new SignatureCardException(e);
+ }
+
+ ResponseAPDU resp = channel
+ .transmit(new CommandAPDU(0x00, 0x2A, 0x80, 0x86, data.toByteArray(), 0x81));
+
+
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ } else if (resp.getSW() == 0x6983) {
+ throw new LockedException();
+ } else if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException(
+ "PSO: COMPUTE DIGITAL SIGNATRE failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ } else {
+ return resp.getData();
+ }
+}
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java b/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java
new file mode 100644
index 00000000..e00322a0
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class LockedException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public LockedException() {
+ }
+
+ public LockedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public LockedException(String message) {
+ super(message);
+ }
+
+ public LockedException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java b/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java
new file mode 100644
index 00000000..3fc80fa1
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java
@@ -0,0 +1,129 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.nio.ByteBuffer;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+public class LogCardChannel extends CardChannel {
+
+ protected static Log log = LogFactory.getLog(LogCardChannel.class);
+
+ private CardChannel channel;
+
+ public LogCardChannel(CardChannel channel) {
+ if (channel == null) {
+ throw new NullPointerException();
+ }
+ this.channel = channel;
+ }
+
+ @Override
+ public void close() throws CardException {
+ channel.close();
+ }
+
+ @Override
+ public Card getCard() {
+ return channel.getCard();
+ }
+
+ @Override
+ public int getChannelNumber() {
+ return channel.getChannelNumber();
+ }
+
+ @Override
+ public ResponseAPDU transmit(CommandAPDU command) throws CardException {
+ if (log.isTraceEnabled()) {
+ switch (command.getINS()) {
+ case 0x20: // VERIFY
+ case 0x21: // VERIFY
+ case 0x24: { // CHANGE REFERENCE DATA
+ // Don't log possibly sensitive command data
+ StringBuilder sb = new StringBuilder();
+ sb.append(command);
+ sb.append('\n');
+ byte[] c = new byte[4];
+ c[0] = (byte) command.getCLA();
+ c[1] = (byte) command.getINS();
+ c[2] = (byte) command.getP1();
+ c[3] = (byte) command.getP2();
+ sb.append(toString(c));
+ if (command.getNc() > 0) {
+ sb.append(':');
+ sb.append(toString(new byte[] {(byte) command.getNc()}));
+ for (int i = 0; i < command.getNc(); i++) {
+ sb.append(":XX");
+ }
+ }
+ if (command.getNe() > 0) {
+ sb.append(':');
+ sb.append(toString(new byte[] {(byte) command.getNe()}));
+ }
+ log.trace(sb.toString());
+ }; break;
+
+ default:
+ log.trace(command + "\n" + toString(command.getBytes()));
+ }
+ long t0 = System.currentTimeMillis();
+ ResponseAPDU response = channel.transmit(command);
+ long t1 = System.currentTimeMillis();
+ log.trace(response + " [" + (t1 - t0) + "ms]\n" + toString(response.getBytes()));
+ return response;
+ } else {
+ return channel.transmit(command);
+ }
+ }
+
+ @Override
+ public int transmit(ByteBuffer command, ByteBuffer response) throws CardException {
+ if (log.isTraceEnabled()) {
+ long t0 = System.currentTimeMillis();
+ int l = channel.transmit(command, response);
+ long t1 = System.currentTimeMillis();
+ log.trace("[" + (t1 - t0) + "ms]");
+ return l;
+ } else {
+ return channel.transmit(command, response);
+ }
+ }
+
+ private String toString(byte[] b) {
+ StringBuffer sb = new StringBuffer();
+ if (b != null && b.length > 0) {
+ sb.append(Integer.toHexString((b[0] & 240) >> 4));
+ sb.append(Integer.toHexString(b[0] & 15));
+ }
+ for (int i = 1; i < b.length; i++) {
+ sb.append(':');
+ sb.append(Integer.toHexString((b[i] & 240) >> 4));
+ sb.append(Integer.toHexString(b[i] & 15));
+ }
+ return sb.toString();
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java b/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java
new file mode 100644
index 00000000..2eadaf26
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java
@@ -0,0 +1,60 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class NewReferenceDataAPDUSpec extends VerifyAPDUSpec {
+
+ /**
+ * The offset for the insertion of the new PIN. (Default:
+ * {@link VerifyAPDUSpec#pinLength} + 1})
+ */
+ protected int pinInsertionOffsetNew = 0;
+
+ public NewReferenceDataAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) {
+ super(apdu, pinPosition, pinFormat, pinLength);
+ }
+
+ /**
+ * @param apdu
+ * @param pinPosition
+ * @param pinFormat
+ * @param pinLength
+ * @param pinLengthSize
+ * @param pinLengthPos
+ */
+ public NewReferenceDataAPDUSpec(byte[] apdu, int pinPosition,
+ int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos) {
+ super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos);
+ }
+
+ /**
+ * @return the pinInsertionOffsetNew
+ */
+ public int getPinInsertionOffsetNew() {
+ return pinInsertionOffsetNew;
+ }
+
+ /**
+ * @param pinInsertionOffsetNew the pinInsertionOffsetNew to set
+ */
+ public void setPinInsertionOffsetNew(int pinInsertionOffsetNew) {
+ this.pinInsertionOffsetNew = pinInsertionOffsetNew;
+ }
+
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java b/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java
new file mode 100644
index 00000000..9181fc5f
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java
@@ -0,0 +1,44 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+/**
+ * This exception is thrown upon a call to a function that
+ * has not been activated (e.g. not yet activated citizen card).
+ */
+public class NotActivatedException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public NotActivatedException() {
+ super();
+ }
+
+ public NotActivatedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public NotActivatedException(String message) {
+ super(message);
+ }
+
+ public NotActivatedException(Throwable cause) {
+ super(cause);
+ }
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java b/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java
new file mode 100644
index 00000000..24dfa53c
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java
@@ -0,0 +1,26 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+/**
+ * TODO check whether card readers distinguish specific reason (pin too short?)
+ * and add getters/setters
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class PINConfirmationException extends SignatureCardException {
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java b/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java
new file mode 100644
index 00000000..721c63e2
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java
@@ -0,0 +1,26 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+/**
+ * TODO check whether card readers distinguish specific reason (pin too short?)
+ * and add getters/setters
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class PINFormatException extends SignatureCardException {
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java
new file mode 100644
index 00000000..5091c10f
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java
@@ -0,0 +1,44 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.util.List;
+
+public interface PINMgmtSignatureCard extends SignatureCard {
+
+ public enum PIN_STATE {UNKNOWN, ACTIV, NOT_ACTIV, BLOCKED};
+
+ public List<PINSpec> getPINSpecs();
+
+ public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException;
+
+ public void verifyPIN(PINSpec pinSpec, PINGUI pinGUI)
+ throws LockedException, NotActivatedException, CancelledException, SignatureCardException, InterruptedException;
+
+ public void changePIN(PINSpec pinSpec, ModifyPINGUI changePINGUI)
+ throws LockedException, NotActivatedException, CancelledException, PINFormatException, SignatureCardException, InterruptedException;
+
+ public void activatePIN(PINSpec pinSpec, ModifyPINGUI activatePINGUI)
+ throws CancelledException, SignatureCardException, InterruptedException;
+
+ public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pukGUI)
+ throws CancelledException, SignatureCardException, InterruptedException;
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java b/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java
new file mode 100644
index 00000000..51e4904e
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java
@@ -0,0 +1,45 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+/**
+ * TODO check whether card readers distinguish specific reason (pin too short?)
+ * and add getters/setters
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class PINOperationAbortedException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public PINOperationAbortedException() {
+ super();
+ }
+
+ public PINOperationAbortedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public PINOperationAbortedException(String message) {
+ super(message);
+ }
+
+ public PINOperationAbortedException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java b/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java
new file mode 100644
index 00000000..f68edbed
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java
@@ -0,0 +1,239 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.util.Locale;
+import java.util.MissingResourceException;
+import java.util.ResourceBundle;
+
+/**
+ *
+ * @author mcentner
+ */
+public class PINSpec {
+
+ /**
+ * The minimum PIN length.
+ */
+ protected int minLength = 0;
+
+ /**
+ * The maximum PIN length or -1 if not specified.
+ */
+ protected int maxLength = -1;
+
+ /**
+ * The recommended PIN length or -1 if not specified.
+ */
+ protected int recLength = -1;
+
+ /**
+ * The regular expression pattern of a single PIN digit or character.
+ */
+ protected String rexepPattern;
+
+ /**
+ * The name of the corresponding resource bundle.
+ */
+ protected String resourceBundleName;
+
+ /**
+ * The key of the PIN name in the resource bundle.
+ */
+ protected String nameKey;
+
+ /**
+ * The name of the PIN.
+ */
+ protected String name;
+
+ /**
+ * The key id to be used in VERIFY or CHANGE REFERENCE DATA APDUs.
+ */
+ protected byte kid;
+
+ /**
+ * The context AID of the key id.
+ */
+ protected byte[] context_aid;
+
+ /**
+ * Creates a new instance of this PINSpec with the given lengths, regular
+ * expression pattern, the ResourceBundle name and key to lookup the PIN name
+ * and the KID and AID.
+ *
+ * @param minLenght the minimum length of the PIN
+ * @param maxLength the maximum length of the PIN, or -1 if there is no maximum length
+ * @param rexepPattern the regular expression pattern of a single PIN digit or character
+ * @param resourceBundleName the name of a ResourceBundle for this PIN
+ * @param resourceKey the key to look up the (localized) name of this PIN
+ * @param kid the key id of the PIN
+ * @param contextAID the AID the KID is valid in
+ */
+ public PINSpec(int minLenght, int maxLength, String rexepPattern,
+ String resourceBundleName, String resourceKey, byte kid, byte[] contextAID) {
+
+ this.minLength = minLenght;
+ this.maxLength = maxLength;
+ this.rexepPattern = rexepPattern;
+ this.resourceBundleName = resourceBundleName;
+ this.nameKey = resourceKey + ".name";
+ this.kid = kid;
+ this.context_aid = contextAID;
+ }
+
+ /**
+ * Creates a new instance of this PINSpec with the given lengths, regular
+ * expression pattern, the name of the PIN and the KID and AID.
+ *
+ * @param minLenght the minimum length of the PIN
+ * @param maxLength the maximum length of the PIN, or -1 if there is no maximum length
+ * @param rexepPattern the regular expression pattern of a single PIN digit or character
+ * @param name the name of the PIN
+ * @param kid the key id of the PIN
+ * @param contextAID the AID the KID is valid in
+ */
+ public PINSpec(int minLenght, int maxLength, String rexepPattern,
+ String name, byte kid, byte[] contextAID) {
+
+ this.minLength = minLenght;
+ this.maxLength = maxLength;
+ this.rexepPattern = rexepPattern;
+ this.name = name;
+ this.kid = kid;
+ this.context_aid = contextAID;
+ }
+
+ /**
+ * This method sets the recommended PIN length.
+ *
+ * @param recLength the recommended PIN length
+ */
+ public void setRecLength(int recLength) {
+ this.recLength = recLength;
+ }
+
+ /**
+ * @return the localized (using the default locale) name of the PIN, or the
+ * name set by
+ * {@link #PINSpec(int, int, String, String, byte, byte[])}.
+ */
+ public String getLocalizedName() {
+ if (name != null) {
+ return name;
+ } else if (resourceBundleName != null){
+ try {
+ return ResourceBundle.getBundle(resourceBundleName).getString(nameKey);
+ } catch (MissingResourceException e) {
+ }
+ }
+ return nameKey;
+ }
+
+ /**
+ * @param locale the locale for which the name should be returned
+ * @return the localized name of the PIN, or the name set by
+ * {@link #PINSpec(int, int, String, String, byte, byte[])}
+ */
+ public String getLocalizedName(Locale locale) {
+ if (name != null) {
+ return name;
+ } else if (resourceBundleName != null) {
+ try {
+ return ResourceBundle.getBundle(resourceBundleName, locale).getString(nameKey);
+ } catch (MissingResourceException e) {
+ }
+ }
+ return nameKey;
+ }
+
+ /**
+ * @return the recommended PIN length if specified and
+ * <code>recommended</code> is <code>true</code>, or
+ * <code>minLength</code>-<code>maxLength</code>
+ */
+ public String getLocalizedLength() {
+
+ if (recLength > 0) {
+ return "" + recLength;
+ } else if (maxLength == minLength) {
+ return "" + minLength;
+ } else if (maxLength > minLength) {
+ return minLength + "-" + maxLength;
+ } else {
+ return minLength + "+";
+ }
+
+ }
+
+ /**
+ * @return the minimum length of the PIN
+ */
+ public int getMinLength() {
+ return minLength;
+ }
+
+ /**
+ * @return the maximum length of the PIN, or -1 if not specified.
+ */
+ public int getMaxLength() {
+ return maxLength;
+ }
+
+ /**
+ * @return the minimum length of the PIN
+ */
+ public int getRecMinLength() {
+ return (recLength >= minLength) ? recLength : minLength;
+ }
+
+ /**
+ * @return the maximum length of the PIN
+ */
+ public int getRecMaxLength() {
+ return (recLength >= minLength) ? recLength : maxLength;
+ }
+
+ /**
+ * @return the recommended length of the PIN, or -1 if not specified
+ */
+ public int getRecLength() {
+ return recLength;
+ }
+
+ /**
+ * @return the regular expression pattern of one single digit or character
+ */
+ public String getRexepPattern() {
+ return rexepPattern;
+ }
+
+ /**
+ * @return the key id of the PIN
+ */
+ public byte getKID() {
+ return kid;
+ }
+
+ /**
+ * @return the AID the KID is valid in, or <code>null</code> if KID is global
+ */
+ public byte[] getContextAID() {
+ return context_aid;
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java b/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java
new file mode 100644
index 00000000..7e71eb7e
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class ResetRetryCounterAPDUSpec extends ChangeReferenceDataAPDUSpec {
+
+ /**
+ * @param apdu
+ * @param pukPosition
+ * @param pukFormat
+ * @param pukLength
+ * @param pukLengthSize
+ * @param pukLengthPos
+ * @param pinInsertionOffsetNew
+ */
+ public ResetRetryCounterAPDUSpec(byte[] apdu, int pukPosition,
+ int pukFormat, int pukLength, int pukLengthSize, int pukLengthPos,
+ int pinInsertionOffsetNew) {
+ super(apdu, pukPosition, pukFormat, pukLength, pukLengthSize, pukLengthPos);
+ this.pinInsertionOffsetNew = pinInsertionOffsetNew;
+ }
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
new file mode 100644
index 00000000..b876847f
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
@@ -0,0 +1,888 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import at.gv.egiz.smcc.util.SMCCHelper;
+
+public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatureCard {
+
+ /**
+ * Logging facility.
+ */
+ private static Log log = LogFactory.getLog(STARCOSCard.class);
+
+ public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 };
+
+ public static final byte[] EF_VERSION = new byte[] { (byte) 0x00, (byte) 0x32 };
+
+ /**
+ * Application ID <em>SV-Personendaten</em>.
+ */
+ public static final byte[] AID_SV_PERSONENDATEN = new byte[] {
+ (byte) 0xD0, (byte) 0x40, (byte) 0x00, (byte) 0x00,
+ (byte) 0x17, (byte) 0x01, (byte) 0x01, (byte) 0x01
+ };
+
+ /**
+ * File ID <em>Grunddaten</em> ({@link #AID_SV_PERSONENDATEN}).
+ */
+ public static final byte[] FID_GRUNDDATEN = new byte[] {
+ (byte) 0xEF, (byte) 0x01
+ };
+
+ /**
+ * File ID <em>EHIC</em> ({@link #AID_SV_PERSONENDATEN}).
+ */
+ public static final byte[] FID_EHIC = new byte[] {
+ (byte) 0xEF, (byte) 0x02
+ };
+
+ /**
+ * File ID <em>Status</em> ({@link #AID_SV_PERSONENDATEN}).
+ */
+ public static final byte[] FID_SV_PERSONENBINDUNG = new byte[] {
+ (byte) 0xEF, (byte) 0x03
+ };
+
+ /**
+ * File ID <em>Status</em> ({@link #AID_SV_PERSONENDATEN}).
+ */
+ public static final byte[] FID_STATUS = new byte[] {
+ (byte) 0xEF, (byte) 0x04
+ };
+
+ public static final byte[] AID_INFOBOX = new byte[] { (byte) 0xd0,
+ (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00,
+ (byte) 0x18, (byte) 0x01 };
+
+ public static final byte[] EF_INFOBOX = new byte[] { (byte) 0xef, (byte) 0x01 };
+
+ public static final byte[] AID_SVSIG_CERT = new byte[] { (byte) 0xd0,
+ (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00,
+ (byte) 0x10, (byte) 0x01 };
+
+ public static final byte[] EF_SVSIG_CERT_CA = new byte[] { (byte) 0x2f,
+ (byte) 0x01 };
+
+ public static final byte[] EF_SVSIG_CERT = new byte[] { (byte) 0x2f,
+ (byte) 0x02 };
+
+ // Sichere Signatur (SS)
+
+ public static final byte[] AID_DF_SS = new byte[] { (byte) 0xd0, (byte) 0x40,
+ (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x12,
+ (byte) 0x01 };
+
+ public static final byte[] EF_C_X509_CH_DS = new byte[] { (byte) 0xc0,
+ (byte) 0x00 };
+
+ public static final byte[] EF_C_X509_CA_CS_DS = new byte[] { (byte) 0xc6,
+ (byte) 0x08 };
+
+ public static final byte KID_PIN_SS = (byte) 0x81;
+
+ // Gewöhnliche Signatur (GS)
+
+ public static final byte[] AID_DF_GS = new byte[] { (byte) 0xd0, (byte) 0x40,
+ (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x13,
+ (byte) 0x01 };
+
+ public static final byte[] EF_C_X509_CH_AUT = new byte[] { (byte) 0x2f,
+ (byte) 0x01 };
+
+ public static final byte[] EF_C_X509_CA_CS = new byte[] { (byte) 0x2f,
+ (byte) 0x02 };
+
+ public static final byte KID_PIN_CARD = (byte) 0x01;
+
+ private static final PINSpec CARD_PIN_SPEC =
+ new PINSpec(4, 12, "[0-9]",
+ "at/gv/egiz/smcc/STARCOSCard", "card.pin", KID_PIN_CARD, null);
+
+ private static final PINSpec SS_PIN_SPEC =
+ new PINSpec(6, 12, "[0-9]",
+ "at/gv/egiz/smcc/STARCOSCard", "sig.pin", KID_PIN_SS, AID_DF_SS);
+
+ static {
+ if (SignatureCardFactory.ENFORCE_RECOMMENDED_PIN_LENGTH) {
+ CARD_PIN_SPEC.setRecLength(4);
+ SS_PIN_SPEC.setRecLength(6);
+ }
+ }
+
+ protected double version = 1.1;
+
+ /**
+ * Creates a new instance.
+ */
+ public STARCOSCard() {
+ super("at/gv/egiz/smcc/STARCOSCard");
+ pinSpecs.add(CARD_PIN_SPEC);
+ pinSpecs.add(SS_PIN_SPEC);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#init(javax.smartcardio.Card, javax.smartcardio.CardTerminal)
+ */
+ @Override
+ public void init(Card card, CardTerminal cardTerminal) {
+ super.init(card, cardTerminal);
+
+ // determine application version
+ CardChannel channel = getCardChannel();
+ try {
+ // SELECT MF
+ execSELECT_MF(channel);
+ // SELECT EF_VERSION
+ execSELECT_FID(channel, EF_VERSION);
+ // READ BINARY
+ byte[] ver = ISO7816Utils.readRecord(channel, 1);
+ if (ver[0] == (byte) 0xa5 && ver[2] == (byte) 0x53) {
+ version = (0x0F & ver[4]) + (0xF0 & ver[5])/160.0 + (0x0F & ver[5])/100.0;
+ String generation = (version < 1.2) ? "<= G2" : "G3";
+ log.info("e-card version=" + version + " (" + generation + ")");
+ }
+ } catch (CardException e) {
+ log.warn(e);
+ } catch (SignatureCardException e) {
+ log.warn(e);
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException, InterruptedException {
+
+ byte[] aid;
+ byte[] fid;
+ if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ aid = AID_DF_SS;
+ fid = EF_C_X509_CH_DS;
+ } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ aid = AID_DF_GS;
+ fid = EF_C_X509_CH_AUT;
+ } else {
+ throw new IllegalArgumentException("Keybox " + keyboxName
+ + " not supported.");
+ }
+
+ try {
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, aid);
+ // SELECT file
+ execSELECT_FID(channel, fid);
+ // READ BINARY
+ byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30);
+ if (certificate == null) {
+ throw new NotActivatedException();
+ }
+ return certificate;
+ } catch (FileNotFoundException e) {
+ throw new NotActivatedException();
+ } catch (CardException e) {
+ log.info("Failed to get certificate.", e);
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ @Override
+ @Exclusive
+ public byte[] getInfobox(String infobox, PINGUI pinGUI, String domainId)
+ throws SignatureCardException, InterruptedException {
+
+ try {
+ if ("IdentityLink".equals(infobox)) {
+
+ PINSpec spec = CARD_PIN_SPEC;
+
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_INFOBOX);
+ // SELECT file
+ execSELECT_FID(channel, EF_INFOBOX);
+
+ while (true) {
+ try {
+ return ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30);
+ } catch (SecurityStatusNotSatisfiedException e) {
+ verifyPINLoop(channel, spec, pinGUI);
+ }
+ }
+
+ } else if ("Status".equals(infobox)) {
+
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_SV_PERSONENDATEN);
+ // SELECT file
+ execSELECT_FID(channel, FID_STATUS);
+ // READ RECORDS
+ ByteArrayOutputStream bytes = new ByteArrayOutputStream();
+ try {
+ for (int record = 1; record <= 5; record++) {
+ byte[] rb = ISO7816Utils.readRecord(channel, record);
+ bytes.write(rb);
+ }
+ } catch (IOException e) {
+ throw new SignatureCardException("Failed to read infobox '" + infobox
+ + "'.", e);
+ }
+ return bytes.toByteArray();
+
+ } else {
+
+ byte[] fid;
+
+ if ("EHIC".equals(infobox)) {
+ fid = FID_EHIC;
+ } else if ("Grunddaten".equals(infobox)) {
+ fid = FID_GRUNDDATEN;
+ } else if ("SV-Personenbindung".equals(infobox)) {
+ fid = FID_SV_PERSONENBINDUNG;
+ } else {
+ throw new IllegalArgumentException("Infobox '" + infobox
+ + "' not supported.");
+ }
+
+ CardChannel channel = getCardChannel();
+ // SELECT application
+ execSELECT_AID(channel, AID_SV_PERSONENDATEN);
+ // SELECT file
+ execSELECT_FID(channel, fid);
+ // READ BINARY
+ return ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30);
+
+ }
+
+ } catch (CardException e) {
+ log.warn(e);
+ throw new SignatureCardException("Failed to access card.", e);
+ }
+ }
+
+ @Override
+ @Exclusive
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName,
+ PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException {
+
+ ByteArrayOutputStream dst = new ByteArrayOutputStream();
+ byte[] ht = null;
+
+ MessageDigest md = null;
+ try {
+ if (alg == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(alg)) {
+ // local key ID '02' version '00'
+ dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00});
+ if (version < 1.2) {
+ // algorithm ID ECDSA with SHA-1
+ dst.write(new byte[] {(byte) 0x89, (byte) 0x03, (byte) 0x13, (byte) 0x35, (byte) 0x10});
+ } else {
+ // portable algorithm reference
+ dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x04});
+ // hash template
+ ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x10};
+ }
+ md = MessageDigest.getInstance("SHA-1");
+ } else if (version >= 1.2 && "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) {
+ // local key ID '03' version '00'
+ dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x03, (byte) 0x00});
+ // portable algorithm reference
+ dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x02});
+ // hash template
+ ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x10};
+ md = MessageDigest.getInstance("SHA-1");
+ } else if (version >= 1.2 && "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(alg)) {
+ // local key ID '02' version '00'
+ dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00});
+ // portable algorithm reference
+ dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x04});
+ // hash template
+ ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x40};
+ md = MessageDigest.getInstance("SHA256");
+ } else if (version >= 1.2 && "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(alg)) {
+ // local key ID '03' version '00'
+ dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x03, (byte) 0x00});
+ // portable algorithm reference
+ dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x02});
+ // hash template
+ ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x40};
+ md = MessageDigest.getInstance("SHA256");
+ } else {
+ throw new SignatureCardException("e-card version " + version + " does not support signature algorithm " + alg + ".");
+ }
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Failed to get MessageDigest.", e);
+ throw new SignatureCardException(e);
+ }
+
+ // calculate message digest
+ byte[] digest = new byte[md.getDigestLength()];
+ for (int l; (l = input.read(digest)) != -1;) {
+ md.update(digest, 0, l);
+ }
+ digest = md.digest();
+
+ try {
+
+ CardChannel channel = getCardChannel();
+
+ if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) {
+
+ PINSpec spec = SS_PIN_SPEC;
+
+ // SELECT MF
+ execSELECT_MF(channel);
+ // SELECT application
+ execSELECT_AID(channel, AID_DF_SS);
+ // VERIFY
+ verifyPINLoop(channel, spec, provider);
+ // MANAGE SECURITY ENVIRONMENT : SET DST
+ execMSE(channel, 0x41, 0xb6, dst.toByteArray());
+ if (version < 1.2) {
+ // PERFORM SECURITY OPERATION : HASH
+ execPSO_HASH(channel, digest);
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, null);
+ } else {
+ if (ht != null) {
+ // PERFORM SECURITY OPERATION : SET HT
+ execMSE(channel, 0x41, 0xaa, ht);
+ }
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest);
+ }
+
+
+ } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) {
+
+ PINSpec spec = CARD_PIN_SPEC;
+
+ // SELECT application
+ execSELECT_AID(channel, AID_DF_GS);
+ // MANAGE SECURITY ENVIRONMENT : SET DST
+ execMSE(channel, 0x41, 0xb6, dst.toByteArray());
+ if (version >= 1.2 && ht != null) {
+ // PERFORM SECURITY OPERATION : SET HT
+ execMSE(channel, 0x41, 0xaa, ht);
+ }
+ // PERFORM SECURITY OPERATION : HASH
+ execPSO_HASH(channel, digest);
+ while (true) {
+ try {
+ // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE
+ return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, null);
+ } catch (SecurityStatusNotSatisfiedException e) {
+ verifyPINLoop(channel, spec, provider);
+ }
+ }
+
+ } else {
+ throw new IllegalArgumentException("KeyboxName '" + keyboxName
+ + "' not supported.");
+ }
+
+ } catch (CardException e) {
+ log.warn(e);
+ throw new SignatureCardException("Failed to access card.", e);
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#verifyPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider)
+ */
+ @Override
+ @Exclusive
+ public void verifyPIN(PINSpec pinSpec, PINGUI pinProvider)
+ throws LockedException, NotActivatedException, CancelledException,
+ TimeoutException, SignatureCardException, InterruptedException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ if (pinSpec.getContextAID() != null) {
+ // SELECT application
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ }
+ verifyPINLoop(channel, pinSpec, pinProvider);
+ } catch (CardException e) {
+ log.info("Failed to verify PIN.", e);
+ throw new SignatureCardException("Failed to verify PIN.", e);
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#changePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.ChangePINProvider)
+ */
+ @Override
+ @Exclusive
+ public void changePIN(PINSpec pinSpec, ModifyPINGUI pinGUI)
+ throws LockedException, NotActivatedException, CancelledException,
+ TimeoutException, SignatureCardException, InterruptedException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ if (pinSpec.getContextAID() != null) {
+ // SELECT application
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ }
+ changePINLoop(channel, pinSpec, pinGUI);
+ } catch (CardException e) {
+ log.info("Failed to change PIN.", e);
+ throw new SignatureCardException("Failed to change PIN.", e);
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.AbstractSignatureCard#activatePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider)
+ */
+ @Override
+ @Exclusive
+ public void activatePIN(PINSpec pinSpec, ModifyPINGUI activatePINGUI)
+ throws CancelledException, SignatureCardException, CancelledException,
+ TimeoutException, InterruptedException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ if (pinSpec.getContextAID() != null) {
+ // SELECT application
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ }
+ activatePIN(channel, pinSpec, activatePINGUI);
+ } catch (CardException e) {
+ log.info("Failed to activate PIN.", e);
+ throw new SignatureCardException("Failed to activate PIN.", e);
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.PINMgmtSignatureCard#unblockPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider)
+ */
+ @Override
+ public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pukProvider)
+ throws CancelledException, SignatureCardException, InterruptedException {
+ CardChannel channel = getCardChannel();
+
+ try {
+ unblockPINLoop(channel, pinSpec, pukProvider);
+ } catch (CardException e) {
+ log.info("Failed to activate PIN.", e);
+ throw new SignatureCardException("Failed to activate PIN.", e);
+ }
+ }
+
+ @Override
+ public void reset() throws SignatureCardException {
+ try {
+ super.reset();
+ log.debug("select MF (e-card workaround)");
+ CardChannel channel = getCardChannel();
+ ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0xA4, 0x00, 0x0C));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("Failed to select MF after RESET: SW=" + Integer.toHexString(resp.getSW()) + ".");
+ }
+ } catch (CardException ex) {
+ log.error("Failed to select MF after RESET: " + ex.getMessage(), ex);
+ throw new SignatureCardException("Failed to select MF after RESET");
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINSpecs()
+ */
+ @Override
+ public List<PINSpec> getPINSpecs() {
+ return Arrays.asList(new PINSpec[] {CARD_PIN_SPEC, SS_PIN_SPEC});
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINStatus(at.gv.egiz.smcc.PINSpec)
+ */
+ @Override
+ public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException {
+
+ CardChannel channel = getCardChannel();
+
+ try {
+ if (pinSpec.getContextAID() != null) {
+ // SELECT AID
+ execSELECT_AID(channel, pinSpec.getContextAID());
+ }
+ verifyPIN(channel, pinSpec, null, 0);
+ return PIN_STATE.ACTIV;
+ } catch (InterruptedException e) {
+ return PIN_STATE.UNKNOWN;
+ } catch (LockedException e) {
+ return PIN_STATE.BLOCKED;
+ } catch (NotActivatedException e) {
+ return PIN_STATE.NOT_ACTIV;
+ } catch (CardException e) {
+ log.error("Failed to get PIN status.", e);
+ throw new SignatureCardException("Failed to get PIN status.", e);
+ }
+
+ }
+
+ public String toString() {
+ return "e-card";
+ }
+
+ ////////////////////////////////////////////////////////////////////////
+ // PROTECTED METHODS (assume exclusive card access)
+ ////////////////////////////////////////////////////////////////////////
+
+ protected void verifyPINLoop(CardChannel channel, PINSpec spec, PINGUI provider)
+ throws LockedException, NotActivatedException, SignatureCardException,
+ InterruptedException, CardException {
+
+ int retries = verifyPIN(channel, spec, null, -1);
+ do {
+ retries = verifyPIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected void changePINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider)
+ throws LockedException, NotActivatedException, SignatureCardException,
+ InterruptedException, CardException {
+
+ int retries = verifyPIN(channel, spec, null, -1);
+ do {
+ retries = changePIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected void unblockPINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider)
+ throws LockedException, NotActivatedException, SignatureCardException,
+ InterruptedException, CardException {
+
+ //TODO get PUK retry counter from EF FID 0036 in MF
+ int retries = -1;
+ do {
+ retries = unblockPIN(channel, spec, provider, retries);
+ } while (retries > 0);
+ }
+
+ protected int verifyPIN(CardChannel channel, PINSpec pinSpec,
+ PINGUI provider, int retries) throws SignatureCardException,
+ LockedException, NotActivatedException, InterruptedException,
+ CardException {
+
+ VerifyAPDUSpec apduSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4);
+
+ ResponseAPDU resp;
+ if (provider != null) {
+ resp = reader.verify(channel, apduSpec, provider, pinSpec, retries);
+ } else {
+ resp = channel.transmit(new CommandAPDU(0x00, 0x20, 0x00, pinSpec.getKID()));
+ }
+
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ } else if (resp.getSW() == 0x6983 || resp.getSW() == 0x63c0) {
+ // authentication method blocked (0x63c0 returned by 'short' VERIFY)
+ throw new LockedException();
+ } else if (resp.getSW() == 0x6984 || resp.getSW() == 0x6985) {
+ // reference data not usable; conditions of use not satisfied
+ throw new NotActivatedException();
+ } else if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ } else if (version >= 1.2 && resp.getSW() == 0x6400) {
+ String msg = "VERIFY failed, card not activated. SW=0x6400";
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW());
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ }
+ }
+
+ protected int changePIN(CardChannel channel, PINSpec pinSpec,
+ ModifyPINGUI pinProvider, int retries) throws CancelledException,
+ InterruptedException, CardException, SignatureCardException {
+
+ ChangeReferenceDataAPDUSpec apduSpec = new ChangeReferenceDataAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4, 8);
+
+ ResponseAPDU resp = reader.modify(channel, apduSpec, pinProvider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ } else if (resp.getSW() == 0x6983) {
+ // authentication method blocked
+ throw new LockedException();
+ } else if (resp.getSW() == 0x6984) {
+ throw new NotActivatedException();
+ } else if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ } else {
+ String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ }
+ }
+
+ protected int activatePIN(CardChannel channel, PINSpec pinSpec,
+ ModifyPINGUI provider) throws SignatureCardException,
+ InterruptedException, CardException {
+
+ ResponseAPDU resp;
+ if (version < 1.2) {
+ NewReferenceDataAPDUSpec apduSpec = new NewReferenceDataAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x24, (byte) 0x01, pinSpec.getKID(), (byte) 0x08,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4);
+
+ resp = reader.modify(channel, apduSpec, provider, pinSpec);
+ } else {
+ NewReferenceDataAPDUSpec apduSpec = new NewReferenceDataAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10,
+ (byte) 0x26, (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4);
+ apduSpec.setPinInsertionOffsetNew(8);
+ resp = reader.modify(channel, apduSpec, provider, pinSpec);
+ }
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ } else {
+ String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ }
+ }
+
+ protected int unblockPIN(CardChannel channel, PINSpec pinSpec,
+ ModifyPINGUI provider, int retries) throws SignatureCardException,
+ InterruptedException, CardException {
+
+ if (version < 1.2) {
+ // would return 0x6982 (Security status not satisfied)
+ throw new SignatureCardException("RESET RETRY COUNTER is not supported by this card.");
+ }
+
+ ResetRetryCounterAPDUSpec apduSpec = new ResetRetryCounterAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x2c, (byte) 0x00, pinSpec.getKID(), (byte) 0x10,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4, 8);
+
+ ResponseAPDU resp = reader.modify(channel, apduSpec, provider, pinSpec, retries);
+
+ if (resp.getSW() == 0x9000) {
+ return -1;
+ } else if (resp.getSW() == 0x6983) {
+ // PUK blocked
+ throw new LockedException();
+ } else if (resp.getSW() == 0x6984) {
+ throw new NotActivatedException();
+ } else if (resp.getSW() >> 4 == 0x63c) {
+ return 0x0f & resp.getSW();
+ } else {
+ String msg = "RESET RETRY COUNTER failed. SW=" + Integer.toHexString(resp.getSW());
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ }
+ }
+
+ protected void execSELECT_MF(CardChannel channel) throws CardException, SignatureCardException {
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x00, 0x0C));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("Failed to select MF: SW="
+ + Integer.toHexString(resp.getSW()) + ".");
+ }
+ }
+
+ protected byte[] execSELECT_AID(CardChannel channel, byte[] aid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x04, 0x00, aid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found AID="
+ + SMCCHelper.toString(aid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application AID="
+ + SMCCHelper.toString(aid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+ }
+
+ protected byte[] execSELECT_FID(CardChannel channel, byte[] fid)
+ throws SignatureCardException, CardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xA4, 0x02, 0x04, fid, 256));
+
+ if (resp.getSW() == 0x6A82) {
+ String msg = "File or application not found FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.info(msg);
+ throw new FileNotFoundException(msg);
+ } else if (resp.getSW() != 0x9000) {
+ String msg = "Failed to select application FID="
+ + SMCCHelper.toString(fid) + " SW="
+ + Integer.toHexString(resp.getSW()) + ".";
+ log.error(msg);
+ throw new SignatureCardException(msg);
+ } else {
+ return resp.getBytes();
+ }
+
+ }
+
+ protected void execMSE(CardChannel channel, int p1, int p2, byte[] data)
+ throws CardException, SignatureCardException {
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x22, p1, p2, data));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("MSE:SET failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+ }
+
+ protected void execPSO_HASH(CardChannel channel, byte[] hash) throws CardException, SignatureCardException {
+ byte[] data = new byte[hash.length + 2];
+ data[0] = (byte) 0x90; // tag
+ data[1] = (byte) (hash.length); // length
+ System.arraycopy(hash, 0, data, 2, hash.length);
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x90, 0xA0, data));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("PSO:HASH failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+ }
+
+ protected void execPSO_HASH(CardChannel channel, InputStream input)
+ throws SignatureCardException, CardException {
+ ResponseAPDU resp;
+ int blockSize = 64;
+ byte[] b = new byte[blockSize];
+ try {
+ ByteArrayOutputStream data = new ByteArrayOutputStream();
+ // initialize
+ data.write((byte) 0x90);
+ data.write((byte) 0x00);
+ resp = channel.transmit(
+ new CommandAPDU(0x10, 0x2A, 0x90, 0xA0, data.toByteArray()));
+ data.reset();
+ for (int l; (l = input.read(b)) != -1;) {
+ data.write((byte) 0x80);
+ data.write(l);
+ data.write(b, 0, l);
+ resp = channel.transmit(
+ new CommandAPDU((l == blockSize) ? 0x10 : 0x00, 0x2A, 0x90, 0xA0, data.toByteArray()));
+ if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException("PSO:HASH failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+ data.reset();
+ }
+ } catch (IOException e) {
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel, byte[] hash)
+ throws CardException, SignatureCardException {
+ ResponseAPDU resp;
+ if (hash != null) {
+ resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, hash, 256));
+ } else {
+ resp = channel.transmit(
+ new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, 256));
+ }
+ if (resp.getSW() == 0x6982) {
+ throw new SecurityStatusNotSatisfiedException();
+ } else if (resp.getSW() == 0x6983) {
+ throw new LockedException();
+ } else if (resp.getSW() != 0x9000) {
+ throw new SignatureCardException(
+ "PSO: COMPUTE DIGITAL SIGNATRE failed: SW="
+ + Integer.toHexString(resp.getSW()));
+ } else {
+ return resp.getData();
+ }
+ }
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
new file mode 100644
index 00000000..73c7faa8
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
@@ -0,0 +1,396 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.io.ByteArrayOutputStream;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.nio.charset.Charset;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.util.Enumeration;
+import java.util.Locale;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardTerminal;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+
+/**
+ *
+ * @author mcentner
+ */
+public class SWCard implements SignatureCard {
+
+ private static final String BKU_USER_DIR = ".mocca";
+
+ private static final String SWCARD_DIR = "smcc";
+
+ private static final String KEYSTORE_CERTIFIED_KEYPAIR = "certified.p12";
+
+ private static final String KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR = "certified.pwd";
+
+ private static final String CERTIFICATE_CERTIFIED_KEYPAIR = "certified.cer";
+
+ private static final String KEYSTORE_SECURE_KEYPAIR = "secure.p12";
+
+ private static final String KEYSTORE_PASSWORD_SECURE_KEYPAIR = "secure.pwd";
+
+ private static final String CERTIFICATE_SECURE_KEYPAIR = "secure.cer";
+
+ private static String swCardDir;
+
+ private static Log log = LogFactory.getLog(SWCard.class);
+
+ private KeyStore certifiedKeyStore;
+
+ private char[] certifiedKeyStorePassword;
+
+ private KeyStore secureKeyStore;
+
+ private char[] secureKeyStorePassword;
+
+ private Certificate certifiedCertificate;
+
+ private Certificate secureCertificate;
+
+ static {
+ String userHome = System.getProperty("user.home");
+ String fs = System.getProperty("file.separator");
+ swCardDir = userHome + fs + BKU_USER_DIR + fs + SWCARD_DIR;
+ }
+
+ /**
+ * @return the swCardDir
+ */
+ public static String getSwCardDir() {
+ return swCardDir;
+ }
+
+ /**
+ * @param swCardDir the swCardDir to set
+ */
+ public static void setSwCardDir(String swCardDir) {
+ SWCard.swCardDir = swCardDir;
+ }
+
+ public void init(Card card, CardTerminal cardTerminal) {
+ }
+
+ @Override
+ public Card getCard() {
+ return null;
+ }
+
+ private String getFileName(String fileName) {
+ String fs = System.getProperty("file.separator");
+ return swCardDir + fs + fileName;
+ }
+
+ private Certificate loadCertificate(String certificateFileName) throws SignatureCardException {
+
+ final String certificateType = "x509";
+ CertificateFactory factory;
+ try {
+ factory = CertificateFactory.getInstance(certificateType);
+ } catch (CertificateException e) {
+ String msg = "Failed to get CertificateFactory instance for type '" + certificateType + "'.";
+ log.error(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ // try to load Certificate file
+ String fileName = getFileName(certificateFileName);
+ log.info("Trying to load Certificate from file '" + fileName + "'.");
+
+ FileInputStream certificateFile;
+ try {
+ certificateFile = new FileInputStream(fileName);
+ } catch (FileNotFoundException e) {
+ String msg = "Certificate file '" + fileName + "' not found.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ Certificate certificate;
+ try {
+ certificate = factory.generateCertificate(certificateFile);
+ } catch (CertificateException e) {
+ String msg = "Failed to load Certificate from file '" + fileName + "'.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ return certificate;
+
+ }
+
+ private KeyStore loadKeyStore(String keyStoreFileName, char[] password) throws SignatureCardException {
+
+ final String keyStoreType = "pkcs12";
+ KeyStore keyStore;
+ try {
+ keyStore = KeyStore.getInstance(keyStoreType);
+ } catch (KeyStoreException e) {
+ String msg = "Failed to get KeyStore instance for KeyStore type '" + keyStoreType + "'.";
+ log.error(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ // try to load KeyStore file
+ String fileName = getFileName(keyStoreFileName);
+ log.info("Trying to load KeyStore from file '" + fileName + "'.");
+
+ FileInputStream keyStoreFile;
+ try {
+ keyStoreFile = new FileInputStream(fileName);
+ } catch (FileNotFoundException e) {
+ String msg = "KeyStore file '"+ fileName + "' not found.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ try {
+ keyStore.load(keyStoreFile, password);
+ } catch (Exception e) {
+ String msg = "Failed to load KeyStore from file '" + fileName + "'.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ return keyStore;
+
+ }
+
+ private char[] loadKeyStorePassword(String passwordFileName) throws SignatureCardException {
+
+ String fileName = getFileName(passwordFileName);
+ FileInputStream keyStorePasswordFile;
+ try {
+ keyStorePasswordFile = new FileInputStream(fileName);
+ } catch (FileNotFoundException e) {
+ return null;
+ }
+
+ try {
+ InputStreamReader reader = new InputStreamReader(keyStorePasswordFile, Charset.forName("UTF-8"));
+ StringBuilder sb = new StringBuilder();
+ char b[] = new char[16];
+ for (int l; (l = reader.read(b)) != -1;) {
+ sb.append(b, 0, l);
+ }
+ return sb.toString().toCharArray();
+ } catch (IOException e) {
+ throw new SignatureCardException("Failed to read file '" + passwordFileName + "'.");
+ }
+
+ }
+
+ private KeyStore getKeyStore(KeyboxName keyboxName, char[] password) throws SignatureCardException {
+
+ if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ if (certifiedKeyStore == null) {
+ certifiedKeyStore = loadKeyStore(KEYSTORE_CERTIFIED_KEYPAIR, password);
+ }
+ return certifiedKeyStore;
+ } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ if (secureKeyStore == null) {
+ secureKeyStore = loadKeyStore(KEYSTORE_SECURE_KEYPAIR, password);
+ }
+ return secureKeyStore;
+ } else {
+ throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
+ }
+
+ }
+
+ private char[] getPassword(KeyboxName keyboxName) throws SignatureCardException {
+
+ if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ if (certifiedKeyStorePassword == null) {
+ certifiedKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR);
+ }
+ return certifiedKeyStorePassword;
+ } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ if (secureKeyStorePassword == null) {
+ secureKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_SECURE_KEYPAIR);
+ }
+ return secureKeyStorePassword;
+ } else {
+ throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
+ }
+
+ }
+
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException {
+
+ try {
+ if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ if (certifiedCertificate == null) {
+ certifiedCertificate = loadCertificate(CERTIFICATE_CERTIFIED_KEYPAIR);
+ }
+ return certifiedCertificate.getEncoded();
+ } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ if (secureCertificate == null) {
+ secureCertificate = loadCertificate(CERTIFICATE_SECURE_KEYPAIR);
+ }
+ return secureCertificate.getEncoded();
+ } else {
+ throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
+ }
+ } catch (CertificateEncodingException e) {
+ throw new SignatureCardException("Failed to get encoded Certificate.", e);
+ }
+
+
+ }
+
+ public byte[] getInfobox(String infobox, PINGUI provider, String domainId) throws SignatureCardException {
+
+ String fileName = getFileName(infobox + ".ibx");
+ FileInputStream file;
+ try {
+ file = new FileInputStream(fileName);
+ } catch (FileNotFoundException e) {
+ String msg = "Infobox '" + infobox + "' not found.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+ ByteArrayOutputStream bytes = new ByteArrayOutputStream();
+ try {
+ byte[] b = new byte[512];
+ for(int l; (l = file.read(b)) != -1;) {
+ bytes.write(b, 0, l);
+ }
+ file.close();
+ } catch (IOException e) {
+ String msg = "Failed to read infobox '" + infobox + "'.";
+ log.error(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ return bytes.toByteArray();
+
+ }
+
+ @Override
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName, PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException {
+
+ // KeyStore password
+ char[] password = getPassword(keyboxName);
+
+ if (password == null) {
+
+ PINSpec pinSpec = new PINSpec(0, -1, ".", "KeyStore-Password", (byte) 0x01, null);
+
+ password = provider.providePIN(pinSpec, -1);
+
+ if (password == null) {
+ return null;
+ }
+
+ }
+
+ KeyStore keyStore = getKeyStore(keyboxName, password);
+
+ PrivateKey privateKey = null;
+
+ try {
+ for (Enumeration<String> aliases = keyStore.aliases(); aliases
+ .hasMoreElements() && privateKey == null;) {
+ String alias = aliases.nextElement();
+ log.debug("Found alias '" + alias + "' in keystore");
+ if (keyStore.isKeyEntry(alias)) {
+ Key key = null;
+ while (key == null) {
+ try {
+ key = keyStore.getKey(alias, password);
+ } catch (UnrecoverableKeyException e) {
+ log.info("Failed to get Key from KeyStore. Wrong password?", e);
+ }
+ }
+ privateKey = (PrivateKey) key;
+ }
+ }
+ } catch (Exception e) {
+ String msg = "Failed to get certificate from KeyStore.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ if (privateKey == null) {
+ String msg = "No private key found in KeyStore.";
+ log.info(msg);
+ throw new SignatureCardException(msg);
+ }
+
+ String algorithm = privateKey.getAlgorithm();
+ algorithm = "SHA1with" + algorithm;
+ try {
+ Signature signature = Signature.getInstance(algorithm);
+ signature.initSign(privateKey);
+ int l;
+ for (byte[] b = new byte[20]; (l = input.read(b)) != -1;) {
+ signature.update(b, 0, l);
+ }
+ return signature.sign();
+ } catch (NoSuchAlgorithmException e) {
+ String msg = "Algorithm + '" + algorithm + "' not supported for signing.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ } catch (SignatureException e) {
+ String msg = "Signing faild.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ } catch (InvalidKeyException e) {
+ String msg = "Key not valid for algorithm + '" + algorithm + "'.";
+ log.info(msg, e);
+ throw new SignatureCardException(msg, e);
+ }
+
+ }
+
+ @Override
+ public void setLocale(Locale locale) {
+ }
+
+ @Override
+ public void disconnect(boolean reset) {
+ }
+
+ @Override
+ public void reset() throws SignatureCardException {
+ }
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java b/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java
new file mode 100644
index 00000000..bf0af76c
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class SecurityStatusNotSatisfiedException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public SecurityStatusNotSatisfiedException() {
+ }
+
+ public SecurityStatusNotSatisfiedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public SecurityStatusNotSatisfiedException(String message) {
+ super(message);
+ }
+
+ public SecurityStatusNotSatisfiedException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java
new file mode 100644
index 00000000..fa589b84
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java
@@ -0,0 +1,125 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Locale;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardTerminal;
+
+public interface SignatureCard {
+
+ public static class KeyboxName {
+
+ public static KeyboxName SECURE_SIGNATURE_KEYPAIR = new KeyboxName(
+ "SecureSignatureKeypair");
+ public static KeyboxName CERITIFIED_KEYPAIR = new KeyboxName(
+ "CertifiedKeypair");
+
+ private String keyboxName_;
+
+ private KeyboxName(String keyboxName_) {
+ this.keyboxName_ = keyboxName_;
+ }
+
+ public static KeyboxName getKeyboxName(String keyBox) {
+ if (SECURE_SIGNATURE_KEYPAIR.equals(keyBox)) {
+ return SECURE_SIGNATURE_KEYPAIR;
+ } else if (CERITIFIED_KEYPAIR.equals(keyBox)) {
+ return CERITIFIED_KEYPAIR;
+ } else {
+ return new KeyboxName(keyBox);
+ }
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (obj instanceof String) {
+ return obj.equals(keyboxName_);
+ }
+ if (obj instanceof KeyboxName) {
+ return ((KeyboxName) obj).keyboxName_.equals(keyboxName_);
+ } else {
+ return super.equals(obj);
+ }
+ }
+
+ public String getKeyboxName() {
+ return keyboxName_;
+ }
+
+ @Override
+ public String toString() {
+ return keyboxName_;
+ }
+
+ }
+
+ public void init(Card card, CardTerminal cardTerminal);
+
+ public Card getCard();
+
+ public byte[] getCertificate(KeyboxName keyboxName)
+ throws SignatureCardException, InterruptedException;
+
+ public void disconnect(boolean reset);
+
+ /**
+ * Performs a reset of the card.
+ *
+ * @throws SignatureCardException if reset fails.
+ */
+ public void reset() throws SignatureCardException;
+
+ /**
+ *
+ * @param infobox
+ * @param provider
+ * @param domainId may be null.
+ * @return
+ * @throws SignatureCardException
+ * @throws InterruptedException if applet is destroyed while in pin dialog
+ */
+ public byte[] getInfobox(String infobox, PINGUI pinGUI, String domainId)
+ throws SignatureCardException, InterruptedException;
+
+ /**
+ *
+ * @param input
+ * @param keyboxName
+ * @param provider
+ * @param alg TODO
+ * @return
+ * @throws at.gv.egiz.smcc.SignatureCardException
+ * @throws java.lang.InterruptedException if applet is destroyed while in pin dialog
+ * @throws IOException
+ */
+ public byte[] createSignature(InputStream input, KeyboxName keyboxName,
+ PINGUI pinGUI, String alg) throws SignatureCardException, InterruptedException, IOException;
+
+ /**
+ * Sets the local for evtl. required callbacks (e.g. PINSpec)
+ * @param locale must not be null;
+ */
+ public void setLocale(Locale locale);
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java
new file mode 100644
index 00000000..48b4646a
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java
@@ -0,0 +1,65 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+public class SignatureCardException extends Exception {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * Creates a new instance of this <code>SignatureCardException</code>.
+ *
+ */
+ public SignatureCardException() {
+ super();
+ }
+
+ /**
+ * Creates a new instance of this <code>SignatureCardException</code>.
+ *
+ * @param message
+ * @param cause
+ */
+ public SignatureCardException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ /**
+ * Creates a new instance of this <code>SignatureCardException</code>.
+ *
+ * @param message
+ */
+ public SignatureCardException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new instance of this <code>SignatureCardException</code>.
+ *
+ * @param cause
+ */
+ public SignatureCardException(Throwable cause) {
+ super(cause);
+ }
+
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java
new file mode 100644
index 00000000..9165a7d8
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java
@@ -0,0 +1,401 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.smartcardio.ATR;
+import javax.smartcardio.Card;
+import javax.smartcardio.CardTerminal;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * A factory for creating {@link SignatureCard}s from {@link Card}s.
+ */
+public class SignatureCardFactory {
+
+ public static boolean ENFORCE_RECOMMENDED_PIN_LENGTH = false;
+
+ /**
+ * This class represents a supported smart card.
+ */
+ private class SupportedCard {
+
+ /**
+ * The ATR pattern.
+ */
+ private byte[] atrPattern;
+
+ /**
+ * The ATR mask.
+ */
+ private byte[] atrMask;
+
+ /**
+ * The implementation class.
+ */
+ private String impl;
+
+ /**
+ * Creates a new SupportedCard instance with the given ATR pattern and mask
+ * und the corresponding implementation class.
+ *
+ * @param atrPattern
+ * the ATR pattern
+ * @param atrMask
+ * the ATR mask
+ * @param implementationClass
+ * the name of the implementation class
+ *
+ * @throws NullPointerException
+ * if <code>atrPattern</code> or <code>atrMask</code> is
+ * <code>null</code>.
+ * @throws IllegalArgumentException
+ * if the lengths of <code>atrPattern</code> and
+ * <code>atrMask</code> of not equal.
+ */
+ public SupportedCard(byte[] atrPattern, byte[] atrMask, String implementationClass) {
+ if (atrPattern.length != atrMask.length) {
+ throw new IllegalArgumentException("Length of 'atr' and 'mask' must be equal.");
+ }
+ this.atrPattern = atrPattern;
+ this.atrMask = atrMask;
+ this.impl = implementationClass;
+ }
+
+ /**
+ * Returns true if the given ATR matches the ATR pattern and mask this
+ * SupportedCard object.
+ *
+ * @param atr
+ * the ATR
+ *
+ * @return <code>true</code> if the given ATR matches the ATR pattern and
+ * mask of this SupportedCard object, or <code>false</code>
+ * otherwise.
+ */
+ public boolean matches(ATR atr) {
+
+ byte[] bytes = atr.getBytes();
+ if (bytes == null) {
+ return false;
+ }
+ if (bytes.length < atrMask.length) {
+ // we cannot test for equal length here, as we get ATRs with
+ // additional bytes on systems using PCSClite (e.g. linux and OS X) sometimes
+ return false;
+ }
+
+ int l = Math.min(atrMask.length, bytes.length);
+ for (int i = 0; i < l; i++) {
+ if ((bytes[i] & atrMask[i]) != atrPattern[i]) {
+ return false;
+ }
+ }
+ return true;
+
+ }
+
+ /**
+ * @return the corresponding implementation class.
+ */
+ public String getImplementationClassName() {
+ return impl;
+ }
+
+ }
+
+ /**
+ * Logging facility.
+ */
+ private static Log log = LogFactory.getLog(SignatureCardFactory.class);
+
+ /**
+ * The instance to be returned by {@link #getInstance()}.
+ */
+ private static SignatureCardFactory instance;
+
+ /**
+ * The list of supported smart cards.
+ */
+ private List<SupportedCard> supportedCards;
+
+ /**
+ * @return an instance of this SignatureCardFactory.
+ */
+ public static synchronized SignatureCardFactory getInstance() {
+ if (instance == null) {
+ instance = new SignatureCardFactory();
+ }
+ return instance;
+ }
+
+ /**
+ * Private constructor.
+ */
+ private SignatureCardFactory() {
+
+ supportedCards = new ArrayList<SupportedCard>();
+
+ // e-card
+ supportedCards.add(new SupportedCard(
+ // ATR (3b:bd:18:00:81:31:fe:45:80:51:02:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0x3b, (byte) 0xbd, (byte) 0x18, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x80, (byte) 0x51, (byte) 0x02, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ "at.gv.egiz.smcc.STARCOSCard"));
+
+ // e-card G3
+ supportedCards.add(new SupportedCard(
+ // ATR (3b:dd:96:ff:81:b1:fe:45:1f:03:80:31:b0:52:02:03:64:04:1b:b4:22:81:05:18)
+ new byte[] {
+ (byte) 0x3b, (byte) 0xdd, (byte) 0x96, (byte) 0xff, (byte) 0x81, (byte) 0xb1, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x1f, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ // mask (
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ "at.gv.egiz.smcc.STARCOSCard"));
+
+ // a-sign premium (EPA)
+ supportedCards.add(new SupportedCard(
+ // ATR (3b:bf:11:00:81:31:fe:45:45:50:41:00:00:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0x3b, (byte) 0xbf, (byte) 0x11, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x45, (byte) 0x50, (byte) 0x41, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ "at.gv.egiz.smcc.ACOSCard"));
+
+ // a-sign premium (MCA)
+ supportedCards.add(new SupportedCard(
+ // ATR (3b:bf:11:00:81:31:fe:45:45:50:41:00:00:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0x3b, (byte) 0xbf, (byte) 0x11, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x4D, (byte) 0x43, (byte) 0x41, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00:00:00)
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ "at.gv.egiz.smcc.ACOSCard"));
+
+ // BELPIC
+ supportedCards.add(new SupportedCard(
+ // ATR (3b:98:13:40:0A:A5:03:01:01:01:AD:13:11)
+ new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x13,
+ (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x03,
+ (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad,
+ (byte) 0x13, (byte) 0x11 },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff },
+ "at.gv.egiz.smcc.BELPICCard"));
+ supportedCards.add(new SupportedCard(
+ // ATR [3b:98:_94_:40:_ff_:a5:03:01:01:01:ad:13:_10_]
+ new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x94,
+ (byte) 0x40, (byte) 0xff, (byte) 0xa5, (byte) 0x03,
+ (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad,
+ (byte) 0x13, (byte) 0x10 },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff },
+ "at.gv.egiz.smcc.BELPICCard"));
+ supportedCards.add(new SupportedCard(
+ // ATR [3b:98:_94_:40:0a:a5:03:01:01:01:ad:13:_10_]
+ new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x94,
+ (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x03,
+ (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad,
+ (byte) 0x13, (byte) 0x10 },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff },
+ "at.gv.egiz.smcc.BELPICCard"));
+ supportedCards.add(new SupportedCard(
+ // ATR [3b:98:_95_:40:0a:a5:_07_:01:01:01:ad:13:_20_]
+ new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x95,
+ (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x07,
+ (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad,
+ (byte) 0x13, (byte) 0x20 },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff },
+ "at.gv.egiz.smcc.BELPICCard"));
+
+ // ITCards
+ supportedCards.add(new SupportedCard(
+ // ATR =
+ // [3b:ff:18:00:ff:81:31:fe:55:00:6b:02:09:02:00:01:11:01:43:4e:53:11:31:80:8e]
+ new byte[] { (byte) 0x3b, (byte) 0xff, (byte) 0x18,
+ (byte) 0x00, (byte) 0xff, (byte) 0x81, (byte) 0x31,
+ (byte) 0xfe, (byte) 0x55, (byte) 0x00, (byte) 0x6b,
+ (byte) 0x02, (byte) 0x09 /*
+ * , (byte) 0x02, (byte) 0x00,
+ * (byte) 0x01, (byte) 0x11,
+ * (byte) 0x01, (byte) 0x43,
+ * (byte) 0x4e, (byte) 0x53,
+ * (byte) 0x11, (byte) 0x31,
+ * (byte) 0x80, (byte) 0x8e
+ */
+ },
+ // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff /*
+ * , (byte) 0xff, (byte) 0xff,
+ * (byte) 0xff, (byte) 0xff,
+ * (byte) 0xff, (byte) 0xff,
+ * (byte) 0xff, (byte) 0xff,
+ * (byte) 0xff, (byte) 0xff,
+ * (byte) 0xff, (byte) 0xff
+ */
+ }, "at.gv.egiz.smcc.ITCard"));
+ supportedCards.add(new SupportedCard(
+ // ATR
+ // (3B:FF:18:00:FF:C1:0A:31:FE:55:00:6B:05:08:C8:05:01:01:01:43:4E:53:10:31:80:1C)
+ new byte[] { (byte) 0x3b, (byte) 0xff, (byte) 0x18,
+ (byte) 0x00, (byte) 0xFF, (byte) 0xC1, (byte) 0x0a,
+ (byte) 0x31, (byte) 0xfe, (byte) 0x55, (byte) 0x00,
+ (byte) 0x6B, (byte) 0x05, (byte) 0x08, (byte) 0xC8,
+ (byte) 0x05, (byte) 0x01, (byte) 0x01, (byte) 0x01,
+ (byte) 0x43, (byte) 0x4E, (byte) 0x53, (byte) 0x10,
+ (byte) 0x31, (byte) 0x80, (byte) 0x1C },
+ // mask
+ // (ff:ff:ff:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00)
+ new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ "at.gv.egiz.smcc.ITCard"));
+
+
+
+ }
+
+ /**
+ * Creates a SignatureCard instance with the given smart card.
+ *
+ * @param card
+ * the smart card, or <code>null</code> if a software card should be
+ * created
+ * @param cardTerminal TODO
+ *
+ * @return a SignatureCard instance
+ *
+ * @throws CardNotSupportedException
+ * if no implementation of the given <code>card</code> could be
+ * found
+ */
+ public SignatureCard createSignatureCard(Card card, CardTerminal cardTerminal)
+ throws CardNotSupportedException {
+
+ if(card == null) {
+ SignatureCard sCard = new SWCard();
+ sCard.init(card, cardTerminal);
+ return sCard;
+ }
+
+ ATR atr = card.getATR();
+ Iterator<SupportedCard> cards = supportedCards.iterator();
+ while (cards.hasNext()) {
+ SupportedCard supportedCard = cards.next();
+ if(supportedCard.matches(atr)) {
+
+ ClassLoader cl = SignatureCardFactory.class.getClassLoader();
+ SignatureCard sc;
+ try {
+ Class<?> scClass = cl.loadClass(supportedCard.getImplementationClassName());
+ sc = (SignatureCard) scClass.newInstance();
+
+ sc = ExclSignatureCardProxy.newInstance(sc);
+
+ sc.init(card, cardTerminal);
+
+ return sc;
+
+ } catch (ClassNotFoundException e) {
+ log.warn("Cannot find signature card implementation class.", e);
+ throw new CardNotSupportedException("Cannot find signature card implementation class.", e);
+ } catch (InstantiationException e) {
+ log.warn("Failed to instantiate signature card implementation.", e);
+ throw new CardNotSupportedException("Failed to instantiate signature card implementation.", e);
+ } catch (IllegalAccessException e) {
+ log.warn("Failed to instantiate signature card implementation.", e);
+ throw new CardNotSupportedException("Failed to instantiate signature card implementation.", e);
+ }
+
+ }
+ }
+
+ throw new CardNotSupportedException("Card not supported: ATR=" + toString(atr.getBytes()));
+
+ }
+
+ public static String toString(byte[] b) {
+ StringBuffer sb = new StringBuffer();
+ if (b != null && b.length > 0) {
+ sb.append(Integer.toHexString((b[0] & 240) >> 4));
+ sb.append(Integer.toHexString(b[0] & 15));
+ }
+ for(int i = 1; i < b.length; i++) {
+ sb.append(':');
+ sb.append(Integer.toHexString((b[i] & 240) >> 4));
+ sb.append(Integer.toHexString(b[i] & 15));
+ }
+ return sb.toString();
+ }
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java b/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java
new file mode 100644
index 00000000..d14a4c15
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java
@@ -0,0 +1,39 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class TimeoutException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public TimeoutException() {
+ super();
+ }
+
+ public TimeoutException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public TimeoutException(String message) {
+ super(message);
+ }
+
+ public TimeoutException(Throwable cause) {
+ super(cause);
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java b/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java
new file mode 100644
index 00000000..fa066ff9
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java
@@ -0,0 +1,65 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class VerificationFailedException extends SignatureCardException {
+
+ private static final long serialVersionUID = 1L;
+
+ public static final int UNKNOWN = -1;
+
+ private int retries = UNKNOWN;
+
+ public VerificationFailedException() {
+ }
+
+ public VerificationFailedException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public VerificationFailedException(String message) {
+ super(message);
+ }
+
+ public VerificationFailedException(Throwable cause) {
+ super(cause);
+ }
+
+ public VerificationFailedException(int retries) {
+ this.retries = retries;
+ }
+
+ public VerificationFailedException(int retries, String message, Throwable cause) {
+ super(message, cause);
+ this.retries = retries;
+ }
+
+ public VerificationFailedException(int retries, String message) {
+ super(message);
+ this.retries = retries;
+ }
+
+ public VerificationFailedException(int retries, Throwable cause) {
+ super(cause);
+ this.retries = retries;
+ }
+
+ public int getRetries() {
+ return retries;
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java b/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java
new file mode 100644
index 00000000..23c1f0fd
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java
@@ -0,0 +1,200 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class VerifyAPDUSpec {
+
+ public static final int PIN_JUSTIFICATION_LEFT = 0;
+
+ public static final int PIN_JUSTIFICATION_RIGHT = 1;
+
+ public static final int PIN_FORMAT_BINARY = 0;
+
+ public static final int PIN_FORMAT_BCD = 1;
+
+ public static final int PIN_FORMAT_ASCII = 2;
+
+ /**
+ * The APDU template.
+ */
+ protected byte[] apdu;
+
+ /**
+ * The PIN position in bytes.
+ */
+ protected int pinPosition;
+
+ /**
+ * The PIN justification (either {@link #PIN_JUSTIFICATION_LEFT} or
+ * {@link #PIN_JUSTIFICATION_RIGHT}).
+ */
+ protected int pinJustification = PIN_JUSTIFICATION_LEFT;
+
+ /**
+ * The PIN encoding format (one of {@value #PIN_FORMAT_BCD},
+ * {@link #PIN_FORMAT_ASCII}).
+ */
+ protected int pinFormat;
+
+ /**
+ * The size of the PIN length in bits or 0 for no PIN length. (Default: 0)
+ */
+ protected int pinLengthSize = 0;
+
+ /**
+ * The PIN length in the template in bytes.
+ */
+ protected int pinLength;
+
+ /**
+ * The PIN length position in the template in bits or 0 for no PIN length.
+ * (Default: 0)
+ */
+ protected int pinLengthPos = 0;
+
+ /**
+ * @param apdu
+ * @param pinPosition
+ * @param pinFormat
+ * @param pinLength TODO
+ */
+ public VerifyAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) {
+ super();
+ this.apdu = apdu;
+ this.pinPosition = pinPosition;
+ this.pinFormat = pinFormat;
+ this.pinLength = pinLength;
+ }
+
+ /**
+ * @param apdu
+ * @param pinPosition
+ * @param pinFormat
+ * @param pinLength
+ * @param pinLengthSize
+ * @param pinLengthPos
+ */
+ public VerifyAPDUSpec(byte[] apdu, int pinPosition, int pinFormat,
+ int pinLength, int pinLengthSize, int pinLengthPos) {
+ super();
+ this.apdu = apdu;
+ this.pinPosition = pinPosition;
+ this.pinFormat = pinFormat;
+ this.pinLength = pinLength;
+ this.pinLengthSize = pinLengthSize;
+ this.pinLengthPos = pinLengthPos;
+ }
+
+ /**
+ * @return the apdu
+ */
+ public byte[] getApdu() {
+ return apdu;
+ }
+
+ /**
+ * @param apdu the apdu to set
+ */
+ public void setApdu(byte[] apdu) {
+ this.apdu = apdu;
+ }
+
+ /**
+ * @return the pinPosition
+ */
+ public int getPinPosition() {
+ return pinPosition;
+ }
+
+ /**
+ * @param pinPosition the pinPosition to set
+ */
+ public void setPinPosition(int pinPosition) {
+ this.pinPosition = pinPosition;
+ }
+
+ /**
+ * @return the pinJustification
+ */
+ public int getPinJustification() {
+ return pinJustification;
+ }
+
+ /**
+ * @param pinJustification the pinJustification to set
+ */
+ public void setPinJustification(int pinJustification) {
+ this.pinJustification = pinJustification;
+ }
+
+ /**
+ * @return the pinFormat
+ */
+ public int getPinFormat() {
+ return pinFormat;
+ }
+
+ /**
+ * @param pinFormat the pinFormat to set
+ */
+ public void setPinFormat(int pinFormat) {
+ this.pinFormat = pinFormat;
+ }
+
+ /**
+ * @return the pinLengthSize
+ */
+ public int getPinLengthSize() {
+ return pinLengthSize;
+ }
+
+ /**
+ * @param pinLengthSize the pinLengthSize to set
+ */
+ public void setPinLengthSize(int pinLengthSize) {
+ this.pinLengthSize = pinLengthSize;
+ }
+
+ /**
+ * @return the pinLength
+ */
+ public int getPinLength() {
+ return pinLength;
+ }
+
+ /**
+ * @param pinLength the pinLength to set
+ */
+ public void setPinLength(int pinLength) {
+ this.pinLength = pinLength;
+ }
+
+ /**
+ * @return the pinLengthPos
+ */
+ public int getPinLengthPos() {
+ return pinLengthPos;
+ }
+
+ /**
+ * @param pinLengthPos the pinLengthPos to set
+ */
+ public void setPinLengthPos(int pinLengthPos) {
+ this.pinLengthPos = pinLengthPos;
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java b/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java
new file mode 100644
index 00000000..136ca283
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package at.gv.egiz.smcc.conf;
+
+/**
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class SMCCConfiguration {
+
+ private static final long serialVersionUID = 1L;
+
+ boolean disablePinpad;
+
+ /**
+ * @return the disablePinpad
+ */
+ public boolean isDisablePinpad() {
+ return disablePinpad;
+ }
+
+ /**
+ * @param disablePinpad the disablePinpad to set
+ */
+ public void setDisablePinpad(boolean disablePinpad) {
+ this.disablePinpad = disablePinpad;
+ }
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java
new file mode 100644
index 00000000..00dc2d0e
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java
@@ -0,0 +1,36 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+
+public interface ModifyPINGUI extends ModifyPINProvider {
+
+ void modifyPINDirect(PINSpec spec, int retries) throws CancelledException, InterruptedException;
+ void finishDirect();
+
+ void enterCurrentPIN(PINSpec spec, int retries);
+ void enterNewPIN(PINSpec spec);
+ void confirmNewPIN(PINSpec spec);
+ void validKeyPressed();
+ void correctionButtonPressed();
+ void allKeysCleared();
+ /** called prior to MODIFY_PIN_FINISH control command transmission (clear display or display wait message) */
+ void finish();
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java
new file mode 100644
index 00000000..36f0097d
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java
@@ -0,0 +1,48 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+
+/**
+ * user interface for "software pin-entry" of
+ * <ul>
+ * <li> current pin and new pin (change pin)
+ * <li> new pin (pin activation, no current pin)
+ * <li> puk and new pin (probably verify only?)
+ * </ul>
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public interface ModifyPINProvider {
+
+ /**
+ *
+ * @param spec
+ * @param retries
+ * @return null if no old value for this pin
+ * @throws at.gv.egiz.smcc.CancelledException if cancelled by user
+ * @throws java.lang.InterruptedException
+ */
+ public char[] provideCurrentPIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException;
+
+ public char[] provideNewPIN(PINSpec spec)
+ throws CancelledException, InterruptedException;
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java
new file mode 100644
index 00000000..5199977b
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java
@@ -0,0 +1,42 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+
+/**
+ * Display messages for pinpad pin-entry.
+ * Provides an interface for two types of pinpad pin-entry: pinpad-direct and pinpad-start/finish
+ * @author clemens.orthacker@iaik.tugraz.at
+ */
+public interface PINGUI extends PINProvider {
+
+ void enterPINDirect(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException;
+
+ /**
+ * @throws CancelledException, InterruptedException if signature-data dialog is interrupted or cancelled
+ */
+ void enterPIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException;
+ void validKeyPressed();
+ void correctionButtonPressed();
+ void allKeysCleared();
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java
new file mode 100644
index 00000000..7443ee30
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java
@@ -0,0 +1,51 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+
+/**
+ * The number of retries is not fixed and there is no way (?) to obtain this value.
+ * A PINProvider should therefore maintain an internal retry counter or flag
+ * to decide whether or not to warn the user (num retries passed in providePIN).
+ *
+ * Therefore PINProvider objects should not be reused.
+ *
+ * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated)
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public interface PINProvider {
+
+ /**
+ * TODO change interface to void providePIN(char[] pin, pinspec, retries)
+ * to allow caller to clear pin afterwards.
+ *
+ * @param spec
+ * @param retries num of remaining retries or -1 if unknown
+ * (a positive value does <em>not</em> necessarily signify that there was
+ * already an unsuccessful PIN verification)
+ * @return pin != null
+ * @throws at.gv.egiz.smcc.CancelledException
+ * @throws java.lang.InterruptedException
+ */
+ char[] providePIN(PINSpec pinSpec, int retries)
+ throws CancelledException, InterruptedException;
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java b/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java
new file mode 100644
index 00000000..a1246dd6
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.reader;
+
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.NewReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.VerifyAPDUSpec;
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import javax.smartcardio.Card;
+
+/**
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public interface CardReader {
+
+
+ String[] FEATURES = new String[]{"NO_FEATURE",
+ "FEATURE_VERIFY_PIN_START",
+ "FEATURE_VERIFY_PIN_FINISH",
+ "FEATURE_MODIFY_PIN_START",
+ "FEATURE_MODIFY_PIN_FINISH",
+ "FEATURE_GET_KEY_PRESSED",
+ "FEATURE_VERIFY_PIN_DIRECT",
+ "FEATURE_MODIFY_PIN_DIRECT",
+ "FEATURE_MCT_READER_DIRECT",
+ "FEATURE_MCT_UNIVERSAL",
+ "FEATURE_IFD_PIN_PROPERTIES",
+ "FEATURE_ABORT",
+ "FEATURE_SET_SPE_MESSAGE",
+ "FEATURE_VERIFY_PIN_DIRECT_APP_ID",
+ "FEATURE_MODIFY_PIN_DIRECT_APP_ID",
+ "FEATURE_WRITE_DISPLAY",
+ "FEATURE_GET_KEY",
+ "FEATURE_IFD_DISPLAY_PROPERTIES"};
+
+ Byte FEATURE_VERIFY_PIN_START = new Byte((byte) 0x01);
+ Byte FEATURE_VERIFY_PIN_FINISH = new Byte((byte) 0x02);
+ Byte FEATURE_MODIFY_PIN_START = new Byte((byte) 0x03);
+ Byte FEATURE_MODIFY_PIN_FINISH = new Byte((byte) 0x04);
+ Byte FEATURE_GET_KEY_PRESSED = new Byte((byte) 0x05);
+ Byte FEATURE_VERIFY_PIN_DIRECT = new Byte((byte) 0x06);
+ Byte FEATURE_MODIFY_PIN_DIRECT = new Byte((byte) 0x07);
+ Byte FEATURE_MCT_READER_DIRECT = new Byte((byte) 0x08);
+ Byte FEATURE_MCT_UNIVERSAL = new Byte((byte) 0x09);
+ Byte FEATURE_IFD_PIN_PROPERTIES = new Byte((byte) 0x0a);
+ //TODO continue list
+
+
+ Card connect() throws CardException;
+
+ boolean hasFeature(Byte feature);
+
+ ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec,
+ PINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws CancelledException, InterruptedException, CardException, SignatureCardException;
+
+ ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws CancelledException, InterruptedException, CardException, SignatureCardException;
+
+ ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec)
+ throws CancelledException, InterruptedException, CardException, SignatureCardException;
+
+ ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws CancelledException, InterruptedException, CardException, SignatureCardException;
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java b/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java
new file mode 100644
index 00000000..03a794fe
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.reader;
+
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.NewReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.VerifyAPDUSpec;
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import at.gv.egiz.smcc.util.ISO7816Utils;
+
+/**
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class DefaultCardReader implements CardReader {
+
+ protected final static Log log = LogFactory.getLog(DefaultCardReader.class);
+
+ protected CardTerminal ct;
+ protected String name;
+
+ public DefaultCardReader(CardTerminal ct) {
+ if (ct == null) {
+ throw new NullPointerException("no card or card terminal provided");
+ }
+ this.ct = ct;
+ this.name = ct.getName();
+ }
+
+ @Override
+ public ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec,
+ PINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws SignatureCardException, CardException, InterruptedException {
+
+ log.debug("VERIFY");
+ return channel.transmit(ISO7816Utils.createVerifyAPDU(apduSpec, pinGUI.providePIN(pinSpec, retries)));
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws SignatureCardException, CardException, InterruptedException {
+ log.debug("MODIFY (CHANGE_REFERENCE_DATA)");
+ char[] oldPIN = pinGUI.provideCurrentPIN(pinSpec, retries);
+ char[] newPIN = pinGUI.provideNewPIN(pinSpec);
+ return channel.transmit(ISO7816Utils.createChangeReferenceDataAPDU(apduSpec, oldPIN, newPIN));
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec)
+ throws SignatureCardException, CardException, InterruptedException {
+ log.debug("MODIFY (NEW_REFERENCE_DATA)");
+ char[] newPIN = pinGUI.provideNewPIN(pinSpec);
+ return channel.transmit(ISO7816Utils.createNewReferenceDataAPDU(apduSpec, newPIN));
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws InterruptedException, CardException, SignatureCardException {
+ log.debug("MODIFY (RESET_RETRY_COUNTER)");
+ //TODO
+ return modify(channel, (ChangeReferenceDataAPDUSpec) apduSpec, pinGUI, pinSpec, retries);
+ }
+
+ @Override
+ public Card connect() throws CardException {
+ log.debug("connect icc");
+ return ct.connect("*");
+ }
+
+ @Override
+ public boolean hasFeature(Byte feature) {
+ return false;
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java b/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java
new file mode 100644
index 00000000..c2537af8
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java
@@ -0,0 +1,703 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.reader;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.Map;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.ResponseAPDU;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.NewReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.PINConfirmationException;
+import at.gv.egiz.smcc.PINFormatException;
+import at.gv.egiz.smcc.PINOperationAbortedException;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.TimeoutException;
+import at.gv.egiz.smcc.VerifyAPDUSpec;
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import at.gv.egiz.smcc.util.SMCCHelper;
+
+/**
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class PinpadCardReader extends DefaultCardReader {
+
+ public static final int PIN_ENTRY_POLLING_INTERVAL = 10;
+
+ protected final static Log log = LogFactory.getLog(PinpadCardReader.class);
+
+ protected byte bEntryValidationCondition = 0x02; // validation key pressed
+ protected byte bTimeOut = 0x3c; // 60sec (= max on ReinerSCT)
+ protected byte bTimeOut2 = 0x00; // default (attention with SCM)
+ protected byte wPINMaxExtraDigitH = 0x00; // min pin length zero digits
+ protected byte wPINMaxExtraDigitL = 0x0c; // max pin length 12 digits
+
+ /**
+ * supported features and respective control codes
+ */
+ protected Map<Byte, Integer> features;
+ protected boolean VERIFY, MODIFY, VERIFY_DIRECT, MODIFY_DIRECT;
+
+ public PinpadCardReader(CardTerminal ct, Map<Byte, Integer> features) {
+ super(ct);
+ if (features == null) {
+ throw new NullPointerException("Pinpad card reader does not support any features");
+ }
+ this.features = features;
+
+ if (features.containsKey(FEATURE_VERIFY_PIN_START) &&
+ features.containsKey(FEATURE_GET_KEY_PRESSED) &&
+ features.containsKey(FEATURE_VERIFY_PIN_FINISH)) {
+ VERIFY = true;
+ }
+ if (features.containsKey(FEATURE_MODIFY_PIN_START) &&
+ features.containsKey(FEATURE_GET_KEY_PRESSED) &&
+ features.containsKey(FEATURE_MODIFY_PIN_FINISH)) {
+ MODIFY = true;
+ }
+ if (features.containsKey(FEATURE_VERIFY_PIN_DIRECT)) {
+ VERIFY_DIRECT = true;
+ }
+ if (features.containsKey(FEATURE_MODIFY_PIN_DIRECT)) {
+ MODIFY_DIRECT = true;
+ }
+
+ if (name != null) {
+ name = name.toLowerCase();
+ //ReinerSCT: http://support.reiner-sct.de/downloads/LINUX
+ // http://www.linux-club.de/viewtopic.php?f=61&t=101287&start=0
+ //old: REINER SCT CyberJack 00 00
+ //new (CCID): 0C4B/0300 Reiner-SCT cyberJack pinpad(a) 00 00
+ //Snow Leopard: Reiner-SCT cyberJack pinpad(a) 00 00
+ //display: REINER SCT CyberJack 00 00
+ if(name.startsWith("gemplus gempc pinpad") || name.startsWith("gemalto gempc pinpad")) {
+ log.debug("setting custom wPINMaxExtraDigitH (0x04) for " + name);
+ wPINMaxExtraDigitH = 0x04;
+ log.debug("setting custom wPINMaxExtraDigitL (0x08) for " + name);
+ wPINMaxExtraDigitL = 0x08;
+ } else if (name.startsWith("omnikey cardman 3621")) {
+ log.debug("setting custom wPINMaxExtraDigitH (0x01) for " + name);
+ wPINMaxExtraDigitH = 0x01;
+ } else if (name.startsWith("scm spr 532") || name.startsWith("scm microsystems inc. sprx32 usb smart card reader")) {
+ log.debug("setting custom bTimeOut (0x3c) for " + name);
+ bTimeOut = 0x3c;
+ log.debug("setting custom bTimeOut2 (0x0f) for " + name);
+ bTimeOut2 = 0x0f;
+ } else if (name.startsWith("cherry smartboard xx44")) {
+ log.debug("setting custom wPINMaxExtraDigitH (0x01) for " + name);
+ wPINMaxExtraDigitH = 0x01;
+ }
+ }
+
+ }
+
+ @Override
+ public boolean hasFeature(Byte feature) {
+ return features.containsKey(feature);
+ }
+
+ private void VERIFY_PIN_START(Card icc, byte[] PIN_VERIFY) throws CardException {
+ int ioctl = features.get(FEATURE_VERIFY_PIN_START);
+ if (log.isTraceEnabled()) {
+ log.trace("VERIFY_PIN_START (" + Integer.toHexString(ioctl) +
+ ") " + SMCCHelper.toString(PIN_VERIFY));
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, PIN_VERIFY);
+ if (resp != null && resp.length > 0) {
+ if (resp[0] == (byte) 0x57) {
+ log.error("Invalid parameter in PIN_VERIFY structure");
+ throw new CardException("ERROR_INVALID_PARAMETER");
+ } else {
+ log.error("unexpected response to VERIFY_PIN_START: " +
+ SMCCHelper.toString(resp));
+ throw new CardException("unexpected response to VERIFY_PIN_START: " +
+ SMCCHelper.toString(resp));
+ }
+ }
+ }
+
+ private byte GET_KEY_PRESSED(Card icc) throws CardException {
+ int ioctl = features.get(FEATURE_GET_KEY_PRESSED);
+ byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]);
+ if (resp != null && resp.length == 1) {
+// if (log.isTraceEnabled()) {
+// log.trace("response " + SMCCHelper.toString(resp));
+// }
+ return resp[0];
+ }
+ log.error("unexpected response to GET_KEY_PRESSED: " +
+ SMCCHelper.toString(resp));
+ throw new CardException("unexpected response to GET_KEY_PRESSED: " +
+ SMCCHelper.toString(resp));
+ }
+
+ private byte[] VERIFY_PIN_FINISH(Card icc) throws CardException {
+ int ioctl = features.get(FEATURE_VERIFY_PIN_FINISH);
+ if (log.isTraceEnabled()) {
+ log.trace("VERIFY_PIN_FINISH (" + Integer.toHexString(ioctl) + ")");
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]);
+ if (resp != null && resp.length == 2) {
+ if (log.isTraceEnabled()) {
+ log.trace("response " + SMCCHelper.toString(resp));
+ }
+ return resp;
+ }
+ log.error("unexpected response to VERIFY_PIN_FINISH: " +
+ SMCCHelper.toString(resp));
+ throw new CardException("unexpected response to VERIFY_PIN_FINISH: " +
+ SMCCHelper.toString(resp));
+ }
+
+ private void MODIFY_PIN_START(Card icc, byte[] PIN_MODIFY) throws CardException {
+ int ioctl = features.get(FEATURE_MODIFY_PIN_START);
+ if (log.isTraceEnabled()) {
+ log.trace("MODFIY_PIN_START (" + Integer.toHexString(ioctl) +
+ ") " + SMCCHelper.toString(PIN_MODIFY));
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, PIN_MODIFY);
+ if (resp != null && resp.length > 0) {
+ if (resp[0] == (byte) 0x57) {
+ log.error("Invalid parameter in PIN_MODIFY structure");
+ throw new CardException("ERROR_INVALID_PARAMETER");
+ } else {
+ log.error("unexpected response to MODIFY_PIN_START: " +
+ SMCCHelper.toString(resp));
+ throw new CardException("unexpected response to MODIFY_PIN_START: " +
+ SMCCHelper.toString(resp));
+ }
+ }
+ }
+
+ private byte[] MODIFY_PIN_FINISH(Card icc) throws CardException {
+ int ioctl = features.get(FEATURE_MODIFY_PIN_FINISH);
+ if (log.isTraceEnabled()) {
+ log.trace("MODIFY_PIN_FINISH (" + Integer.toHexString(ioctl) + ")");
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]);
+ if (resp != null && resp.length == 2) {
+ if (log.isTraceEnabled()) {
+ log.trace("response " + SMCCHelper.toString(resp));
+ }
+ return resp;
+ }
+ log.error("unexpected response to MODIFY_PIN_FINISH: " +
+ SMCCHelper.toString(resp));
+ throw new CardException("unexpected response to MODIFY_PIN_FINISH: " +
+ SMCCHelper.toString(resp));
+ }
+
+ private byte[] VERIFY_PIN_DIRECT(Card icc, byte[] PIN_VERIFY) throws CardException {
+ int ioctl = features.get(FEATURE_VERIFY_PIN_DIRECT);
+ if (log.isTraceEnabled()) {
+ log.trace("VERIFY_PIN_DIRECT (" + Integer.toHexString(ioctl) +
+ ") " + SMCCHelper.toString(PIN_VERIFY));
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, PIN_VERIFY);
+ if (log.isTraceEnabled()) {
+ log.trace("response " + SMCCHelper.toString(resp));
+ }
+ return resp;
+ }
+
+ private byte[] verifyPin(Card icc, byte[] PIN_VERIFY, PINGUI pinGUI)
+ throws SignatureCardException, CardException, InterruptedException {
+
+// pinGUI.enterPIN(pinSpec, retries);
+
+ log.debug("VERIFY_PIN_START [" + FEATURES[FEATURE_VERIFY_PIN_START] + "]");
+ VERIFY_PIN_START(icc, PIN_VERIFY);
+
+ byte resp;
+ do {
+ resp = GET_KEY_PRESSED(icc);
+ if (resp == (byte) 0x00) {
+ synchronized(this) {
+ try {
+ wait(PIN_ENTRY_POLLING_INTERVAL);
+ } catch (InterruptedException ex) {
+ log.error("interrupted in VERIFY_PIN");
+ }
+ }
+ } else if (resp == (byte) 0x0d) {
+ log.debug("GET_KEY_PRESSED: 0x0d (user confirmed)");
+ break;
+ } else if (resp == (byte) 0x2b) {
+ log.trace("GET_KEY_PRESSED: 0x2b (user entered valid key 0-9)");
+ pinGUI.validKeyPressed();
+ } else if (resp == (byte) 0x1b) {
+ log.debug("GET_KEY_PRESSED: 0x1b (user cancelled VERIFY_PIN via cancel button)");
+ break; // returns 0x6401
+ } else if (resp == (byte) 0x08) {
+ log.debug("GET_KEY_PRESSED: 0x08 (user pressed correction/backspace button)");
+ pinGUI.correctionButtonPressed();
+ } else if (resp == (byte) 0x0e) {
+ log.debug("GET_KEY_PRESSED: 0x0e (timeout occured)");
+ break; // return 0x6400
+ } else if (resp == (byte) 0x40) {
+ log.debug("GET_KEY_PRESSED: 0x40 (PIN_Operation_Aborted)");
+ throw new PINOperationAbortedException("PIN_Operation_Aborted (0x40)");
+ } else if (resp == (byte) 0x0a) {
+ log.debug("GET_KEY_PRESSED: 0x0a (all keys cleared");
+ pinGUI.allKeysCleared();
+ } else {
+ log.error("unexpected response to GET_KEY_PRESSED: " +
+ Integer.toHexString(resp));
+ throw new CardException("unexpected response to GET_KEY_PRESSED: " +
+ Integer.toHexString(resp));
+ }
+ } while (true);
+
+ return VERIFY_PIN_FINISH(icc);
+ }
+
+ /**
+ * does not display the first pin dialog (enterCurrentPIN or enterNewPIN, depends on bConfirmPIN),
+ * since this is easier to do in calling modify()
+ */
+ private byte[] modifyPin(Card icc, byte[] PIN_MODIFY, ModifyPINGUI pinGUI, PINSpec pINSpec)
+ throws PINOperationAbortedException, CardException {
+
+ byte pinConfirmations = (byte) 0x00; //b0: new pin not entered (0) / entered (1)
+ //b1: current pin not entered (0) / entered (1)
+ byte bConfirmPIN = PIN_MODIFY[9];
+
+// if ((bConfirmPIN & (byte) 0x02) == 0) {
+// log.debug("no current PIN entry requested");
+// pinGUI.enterNewPIN(pINSpec);
+// } else {
+// log.debug("current PIN entry requested");
+// pinGUI.enterCurrentPIN(pINSpec, retries);
+// }
+
+ log.debug("MODIFY_PIN_START [" + FEATURES[FEATURE_MODIFY_PIN_START] + "]");
+ MODIFY_PIN_START(icc, PIN_MODIFY);
+
+ byte resp;
+ while (true) {
+ resp = GET_KEY_PRESSED(icc);
+ if (resp == (byte) 0x00) {
+ synchronized(this) {
+ try {
+ wait(PIN_ENTRY_POLLING_INTERVAL);
+ } catch (InterruptedException ex) {
+ log.error("interrupted in MODIFY_PIN");
+ }
+ }
+ } else if (resp == (byte) 0x0d) {
+ if (log.isTraceEnabled()) {
+ log.trace("requested pin confirmations: 0b" + Integer.toBinaryString(bConfirmPIN & 0xff));
+ log.trace("performed pin confirmations: 0b" + Integer.toBinaryString(pinConfirmations & 0xff));
+ }
+ log.debug("GET_KEY_PRESSED: 0x0d (user confirmed)");
+ if (pinConfirmations == bConfirmPIN) {
+ break;
+ } else if ((bConfirmPIN & (byte) 0x02) == 0 ||
+ (pinConfirmations & (byte) 0x02) == (byte) 0x02) {
+ // no current pin entry or current pin entry already performed
+ if ((pinConfirmations & (byte) 0x01) == 0) {
+ // new pin
+ pinConfirmations |= (byte) 0x01;
+ pinGUI.confirmNewPIN(pINSpec);
+ } // else: new pin confirmed
+ } else {
+ // current pin entry
+ pinConfirmations |= (byte) 0x02;
+ pinGUI.enterNewPIN(pINSpec);
+ }
+ } else if (resp == (byte) 0x2b) {
+ log.trace("GET_KEY_PRESSED: 0x2b (user entered valid key 0-9)");
+ pinGUI.validKeyPressed();
+ } else if (resp == (byte) 0x1b) {
+ log.debug("GET_KEY_PRESSED: 0x1b (user cancelled VERIFY_PIN via cancel button)");
+ break; // returns 0x6401
+ } else if (resp == (byte) 0x08) {
+ log.debug("GET_KEY_PRESSED: 0x08 (user pressed correction/backspace button)");
+ pinGUI.correctionButtonPressed();
+ } else if (resp == (byte) 0x0e) {
+ log.debug("GET_KEY_PRESSED: 0x0e (timeout occured)");
+ break; // return 0x6400
+ } else if (resp == (byte) 0x40) {
+ log.debug("GET_KEY_PRESSED: 0x40 (PIN_Operation_Aborted)");
+ throw new PINOperationAbortedException("PIN_Operation_Aborted (0x40)");
+ } else if (resp == (byte) 0x0a) {
+ log.debug("GET_KEY_PRESSED: 0x0a (all keys cleared");
+ pinGUI.allKeysCleared();
+ } else {
+ log.error("unexpected response to GET_KEY_PRESSED: " +
+ Integer.toHexString(resp));
+ throw new CardException("unexpected response to GET_KEY_PRESSED: " +
+ Integer.toHexString(resp));
+ }
+
+ }
+
+ pinGUI.finish();
+ return MODIFY_PIN_FINISH(icc);
+ }
+
+ private byte[] MODIFY_PIN_DIRECT(Card icc, byte[] PIN_MODIFY) throws CardException {
+ int ioctl = features.get(FEATURE_MODIFY_PIN_DIRECT);
+ if (log.isTraceEnabled()) {
+ log.trace("MODIFY_PIN_DIRECT (" + Integer.toHexString(ioctl) +
+ ") " + SMCCHelper.toString(PIN_MODIFY));
+ }
+ byte[] resp = icc.transmitControlCommand(ioctl, PIN_MODIFY);
+ if (log.isTraceEnabled()) {
+ log.trace("response " + SMCCHelper.toString(resp));
+ }
+ return resp;
+ }
+
+ protected byte[] createPINModifyStructure(NewReferenceDataAPDUSpec apduSpec, PINSpec pinSpec) {
+
+ ByteArrayOutputStream s = new ByteArrayOutputStream();
+ // bTimeOut
+ s.write(bTimeOut);
+ // bTimeOut2
+ s.write(bTimeOut2);
+ // bmFormatString
+ s.write(1 << 7 // system unit = byte
+ | (0xF & apduSpec.getPinPosition()) << 3
+ | (0x1 & apduSpec.getPinJustification() << 2)
+ | (0x3 & apduSpec.getPinFormat()));
+ // bmPINBlockString
+ s.write((0xF & apduSpec.getPinLengthSize()) << 4
+ | (0xF & apduSpec.getPinLength()));
+ // bmPINLengthFormat
+ s.write(// system unit = bit
+ (0xF & apduSpec.getPinLengthPos()));
+ // bInsertionOffsetOld
+ s.write(0x00);
+ // bInsertionOffsetNew
+ s.write(apduSpec.getPinInsertionOffsetNew());
+ // wPINMaxExtraDigit
+ s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL));
+ s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH));
+ // bConfirmPIN
+ s.write(0x01);
+ // bEntryValidationCondition
+ s.write(bEntryValidationCondition);
+ // bNumberMessage
+ s.write(0x02);
+ // wLangId English (United States), see http://www.usb.org/developers/docs/USB_LANGIDs.pdf
+ s.write(0x09);
+ s.write(0x04);
+ // bMsgIndex1
+ s.write(0x01);
+ // bMsgIndex2
+ s.write(0x02);
+ // bMsgIndex3
+ s.write(0x00);
+
+ // bTeoPrologue
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // ulDataLength
+ s.write(apduSpec.getApdu().length);
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // abData
+ try {
+ s.write(apduSpec.getApdu());
+ } catch (IOException e) {
+ // As we are dealing with ByteArrayOutputStreams no exception is to be
+ // expected.
+ throw new RuntimeException(e);
+ }
+
+ return s.toByteArray();
+
+ }
+
+ protected byte[] createPINModifyStructure(ChangeReferenceDataAPDUSpec apduSpec, PINSpec pinSpec) {
+ //TODO bInsertionOffsetOld (0x00), bConfirmPIN (0x01), bNumberMessage (0x02), bMsgIndex1/2/3
+
+ ByteArrayOutputStream s = new ByteArrayOutputStream();
+ // bTimeOut
+ s.write(bTimeOut);
+ // bTimeOut2
+ s.write(bTimeOut2);
+ // bmFormatString
+ s.write(1 << 7 // system unit = byte
+ | (0xF & apduSpec.getPinPosition()) << 3
+ | (0x1 & apduSpec.getPinJustification() << 2)
+ | (0x3 & apduSpec.getPinFormat()));
+ // bmPINBlockString
+ s.write((0xF & apduSpec.getPinLengthSize()) << 4
+ | (0xF & apduSpec.getPinLength()));
+ // bmPINLengthFormat
+ s.write(// system unit = bit
+ (0xF & apduSpec.getPinLengthPos()));
+ // bInsertionOffsetOld (0x00 for no old pin?)
+ s.write(apduSpec.getPinInsertionOffsetOld());
+ // bInsertionOffsetNew
+ s.write(apduSpec.getPinInsertionOffsetNew());
+ // wPINMaxExtraDigit
+ s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL));
+ s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH));
+ // bConfirmPIN
+ s.write(0x03);
+ // bEntryValidationCondition
+ s.write(bEntryValidationCondition);
+ // bNumberMessage
+ s.write(0x03);
+ // wLangId English (United States), see http://www.usb.org/developers/docs/USB_LANGIDs.pdf
+ s.write(0x09);
+ s.write(0x04);
+ // bMsgIndex1
+ s.write(0x00);
+ // bMsgIndex2
+ s.write(0x01);
+ // bMsgIndex3
+ s.write(0x02);
+
+ // bTeoPrologue
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // ulDataLength
+ s.write(apduSpec.getApdu().length);
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // abData
+ try {
+ s.write(apduSpec.getApdu());
+ } catch (IOException e) {
+ // As we are dealing with ByteArrayOutputStreams no exception is to be
+ // expected.
+ throw new RuntimeException(e);
+ }
+
+ return s.toByteArray();
+
+ }
+
+ protected byte[] createPINVerifyStructure(VerifyAPDUSpec apduSpec, PINSpec pinSpec) {
+
+ ByteArrayOutputStream s = new ByteArrayOutputStream();
+ // bTimeOut
+ s.write(bTimeOut);
+ // bTimeOut2
+ s.write(bTimeOut2);
+ // bmFormatString
+ s.write(1 << 7 // system unit = byte
+ | (0xF & apduSpec.getPinPosition()) << 3
+ | (0x1 & apduSpec.getPinJustification() << 2)
+ | (0x3 & apduSpec.getPinFormat()));
+ // bmPINBlockString
+ s.write((0xF & apduSpec.getPinLengthSize()) << 4
+ | (0xF & apduSpec.getPinLength()));
+ // bmPINLengthFormat
+ s.write(// system unit = bit
+ (0xF & apduSpec.getPinLengthPos()));
+ // wPINMaxExtraDigit
+ s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL)); // max PIN length
+ s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH)); // min PIN length
+ // bEntryValidationCondition
+ s.write(bEntryValidationCondition);
+ // bNumberMessage
+ s.write(0x01);
+ // wLangId
+ s.write(0x09);
+ s.write(0x04);
+ // bMsgIndex
+ s.write(0x00);
+ // bTeoPrologue
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // ulDataLength
+ s.write(apduSpec.getApdu().length);
+ s.write(0x00);
+ s.write(0x00);
+ s.write(0x00);
+ // abData
+ try {
+ s.write(apduSpec.getApdu());
+ } catch (IOException e) {
+ // As we are dealing with ByteArrayOutputStreams no exception is to be
+ // expected.
+ throw new RuntimeException(e);
+ }
+
+ return s.toByteArray();
+
+ }
+
+ @Override
+ public ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec,
+ PINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws SignatureCardException, CardException, InterruptedException {
+
+ ResponseAPDU resp = null;
+
+ byte[] s = createPINVerifyStructure(apduSpec, pinSpec);
+ Card icc = channel.getCard();
+
+ if (VERIFY) {
+ pinGUI.enterPIN(pinSpec, retries);
+ resp = new ResponseAPDU(verifyPin(icc, s, pinGUI));
+ } else if (VERIFY_DIRECT) {
+ pinGUI.enterPINDirect(pinSpec, retries);
+ log.debug("VERIFY_PIN_DIRECT [" + FEATURES[FEATURE_VERIFY_PIN_DIRECT] + "]");
+ resp = new ResponseAPDU(VERIFY_PIN_DIRECT(icc, s));
+ } else {
+ log.warn("falling back to default pin-entry");
+ return super.verify(channel, apduSpec, pinGUI, pinSpec, retries);
+ }
+
+ switch (resp.getSW()) {
+ case 0x6400:
+ log.debug("SPE operation timed out.");
+ throw new TimeoutException();
+ case 0x6401:
+ log.debug("SPE operation was cancelled by the 'Cancel' button.");
+ throw new CancelledException();
+ case 0x6403:
+ log.debug("User entered too short or too long PIN "
+ + "regarding MIN/MAX PIN length.");
+ throw new PINFormatException();
+ case 0x6480:
+ log.debug("SPE operation was aborted by the 'Cancel' operation "
+ + "at the host system.");
+ case 0x6b80:
+ log.info("Invalid parameter in passed structure.");
+ default:
+ return resp;
+ }
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws SignatureCardException, CardException, InterruptedException {
+
+ ResponseAPDU resp = null;
+
+ byte[] s = createPINModifyStructure(apduSpec, pinSpec);
+ Card icc = channel.getCard();
+
+ if (MODIFY) {
+ pinGUI.enterCurrentPIN(pinSpec, retries);
+ resp = new ResponseAPDU(modifyPin(icc, s, pinGUI, pinSpec));
+ } else if (MODIFY_DIRECT) {
+ pinGUI.modifyPINDirect(pinSpec, retries);
+ log.debug("MODIFY_PIN_DIRECT [" + FEATURES[FEATURE_MODIFY_PIN_DIRECT] + "]");
+ resp = new ResponseAPDU(MODIFY_PIN_DIRECT(icc, s));
+ } else {
+ log.warn("falling back to default pin-entry");
+ return super.modify(channel, apduSpec, pinGUI, pinSpec, retries);
+ }
+
+ switch (resp.getSW()) {
+ case 0x6400:
+ log.debug("SPE operation timed out.");
+ throw new TimeoutException();
+ case 0x6401:
+ log.debug("SPE operation was cancelled by the 'Cancel' button.");
+ throw new CancelledException();
+ case 0x6402:
+ log.debug("Modify PIN operation failed because two 'new PIN' " +
+ "entries do not match");
+ throw new PINConfirmationException();
+ case 0x6403:
+ log.debug("User entered too short or too long PIN "
+ + "regarding MIN/MAX PIN length.");
+ throw new PINFormatException();
+ case 0x6480:
+ log.debug("SPE operation was aborted by the 'Cancel' operation "
+ + "at the host system.");
+ case 0x6b80:
+ log.info("Invalid parameter in passed structure.");
+ default:
+ return resp;
+ }
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec)
+ throws SignatureCardException, CardException, InterruptedException {
+
+ ResponseAPDU resp = null;
+
+ byte[] s = createPINModifyStructure(apduSpec, pinSpec);
+ Card icc = channel.getCard();
+
+ if (MODIFY) {
+ pinGUI.enterNewPIN(pinSpec);
+ resp = new ResponseAPDU(modifyPin(icc, s, pinGUI, pinSpec));
+ } else if (MODIFY_DIRECT) {
+ pinGUI.modifyPINDirect(pinSpec, -1);
+ log.debug("MODIFY_PIN_DIRECT [" + FEATURES[FEATURE_MODIFY_PIN_DIRECT] + "]");
+ resp = new ResponseAPDU(MODIFY_PIN_DIRECT(icc, s));
+ } else {
+ log.warn("falling back to default pin-entry");
+ return super.modify(channel, apduSpec, pinGUI, pinSpec);
+ }
+
+ switch (resp.getSW()) {
+ case 0x6400:
+ log.debug("SPE operation timed out.");
+ throw new TimeoutException();
+ case 0x6401:
+ log.debug("SPE operation was cancelled by the 'Cancel' button.");
+ throw new CancelledException();
+ case 0x6402:
+ log.debug("Modify PIN operation failed because two 'new PIN' " +
+ "entries do not match");
+ throw new PINConfirmationException();
+ case 0x6403:
+ log.debug("User entered too short or too long PIN "
+ + "regarding MIN/MAX PIN length.");
+ throw new PINFormatException();
+ case 0x6480:
+ log.debug("SPE operation was aborted by the 'Cancel' operation "
+ + "at the host system.");
+ case 0x6b80:
+ log.info("Invalid parameter in passed structure.");
+ default:
+ return resp;
+ }
+ }
+
+ @Override
+ public ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec,
+ ModifyPINGUI pinGUI, PINSpec pinSpec, int retries)
+ throws InterruptedException, CardException, SignatureCardException {
+ //TODO
+ return modify(channel, (ChangeReferenceDataAPDUSpec) apduSpec, pinGUI, pinSpec, retries);
+ }
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java b/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java
new file mode 100644
index 00000000..bf1730e9
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java
@@ -0,0 +1,125 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package at.gv.egiz.smcc.reader;
+
+import at.gv.egiz.smcc.conf.SMCCConfiguration;
+import at.gv.egiz.smcc.util.SMCCHelper;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ *
+ * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at>
+ */
+public class ReaderFactory {
+
+ protected final static Log log = LogFactory.getLog(ReaderFactory.class);
+
+ protected static SMCCConfiguration configuration;
+
+ public void setConfiguration(SMCCConfiguration configuration) {
+ if (configuration != null) {
+ log.debug("reader configuration: disablePinpad=" + configuration.isDisablePinpad());
+ }
+ //spring injects configuration into singleton ReaderFactory instance,
+ //but we access the ReaderFactory statically (getReader)
+ //(we rather should query the application context to obtain a reader factory)
+ ReaderFactory.configuration = configuration;
+ }
+
+ public static CardReader getReader(Card icc, CardTerminal ct) {
+
+ String name = ct.getName();
+ log.info("creating reader " + name);
+
+ Map<Byte, Integer> features;
+ if (configuration != null && configuration.isDisablePinpad()) {
+ features = Collections.emptyMap();
+ } else {
+ features = queryFeatures(icc);
+ }
+
+ CardReader reader;
+ if (features.isEmpty()) {
+ reader = new DefaultCardReader(ct);
+ } else {
+ reader = new PinpadCardReader(ct, features);
+ }
+
+ return reader;
+ }
+
+ private static int CTL_CODE(int code) {
+ String os_name = System.getProperty("os.name").toLowerCase();
+ if (os_name.indexOf("windows") > -1) {
+ // cf. WinIOCTL.h
+ return (0x31 << 16 | (code) << 2);
+ }
+ // cf. reader.h
+ return 0x42000000 + (code);
+ }
+
+ static int IOCTL_GET_FEATURE_REQUEST = CTL_CODE(3400);
+
+ private static Map<Byte, Integer> queryFeatures(Card icc) {
+ Map<Byte, Integer> features = new HashMap<Byte, Integer>();
+
+ if (icc == null) {
+ log.warn("invalid card handle, cannot query ifd features");
+ } else {
+ try {
+ if (log.isTraceEnabled()) {
+ log.trace("GET_FEATURE_REQUEST " + Integer.toHexString(IOCTL_GET_FEATURE_REQUEST));
+ }
+ byte[] resp = icc.transmitControlCommand(IOCTL_GET_FEATURE_REQUEST,
+ new byte[0]);
+
+ if (log.isTraceEnabled()) {
+ log.trace("Response TLV " + SMCCHelper.toString(resp));
+ }
+ // tag
+ // length in bytes (always 4)
+ // control code value for supported feature (in big endian)
+ for (int i = 0; i < resp.length; i += 6) {
+ Byte feature = new Byte(resp[i]);
+ Integer ioctl = new Integer((0xff & resp[i + 2]) << 24) |
+ ((0xff & resp[i + 3]) << 16) |
+ ((0xff & resp[i + 4]) << 8) |
+ (0xff & resp[i + 5]);
+ if (log.isInfoEnabled()) {
+ log.info("IFD supports " + CardReader.FEATURES[feature.intValue()] +
+ ": " + Integer.toHexString(ioctl.intValue()));
+ }
+ features.put(feature, ioctl);
+ }
+ } catch (CardException ex) {
+ log.debug("Failed to query IFD features: " + ex.getMessage());
+ log.trace(ex);
+ log.info("IFD does not support secure pin entry");
+ }
+ }
+ return features;
+ }
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java b/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java
new file mode 100644
index 00000000..fcd0b876
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java
@@ -0,0 +1,368 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.util;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.nio.CharBuffer;
+import java.nio.charset.Charset;
+
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.NewReferenceDataAPDUSpec;
+import at.gv.egiz.smcc.SecurityStatusNotSatisfiedException;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.VerifyAPDUSpec;
+
+public class ISO7816Utils {
+
+ public static TransparentFileInputStream openTransparentFileInputStream(
+ final CardChannel channel, int maxSize) {
+
+ TransparentFileInputStream file = new TransparentFileInputStream(maxSize) {
+
+ @Override
+ protected byte[] readBinary(int offset, int len) throws IOException {
+
+ ResponseAPDU resp;
+ try {
+ resp = channel.transmit(new CommandAPDU(0x00, 0xB0,
+ 0x7F & (offset >> 8), offset & 0xFF, len));
+ } catch (CardException e) {
+ throw new IOException(e);
+ }
+
+ Throwable cause;
+ if (resp.getSW() == 0x9000) {
+ return resp.getData();
+ } else if (resp.getSW() == 0x6982) {
+ cause = new SecurityStatusNotSatisfiedException();
+ } else {
+ cause = new SignatureCardException("Failed to read bytes (offset=" + offset + ",len="
+ + len + ") SW=" + Integer.toHexString(resp.getSW()) + ".");
+ }
+ throw new IOException(cause);
+
+ }
+
+ };
+
+ return file;
+
+ }
+
+ public static byte[] readTransparentFile(CardChannel channel, int maxSize)
+ throws CardException, SignatureCardException {
+
+ TransparentFileInputStream is = openTransparentFileInputStream(channel, maxSize);
+
+ try {
+
+ ByteArrayOutputStream os = new ByteArrayOutputStream();
+
+ int len;
+ for (byte[] b = new byte[256]; (len = is.read(b)) != -1;) {
+ os.write(b, 0, len);
+ }
+
+ return os.toByteArray();
+
+ } catch (IOException e) {
+ Throwable cause = e.getCause();
+ if (cause instanceof CardException) {
+ throw (CardException) cause;
+ }
+ if (cause instanceof SignatureCardException) {
+ throw (SignatureCardException) cause;
+ }
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ public static byte[] readTransparentFileTLV(CardChannel channel, int maxSize,
+ byte expectedType) throws CardException, SignatureCardException {
+
+ TransparentFileInputStream is = openTransparentFileInputStream(channel,
+ maxSize);
+
+ return readTransparentFileTLV(is, maxSize, expectedType);
+
+ }
+
+ public static byte[] readTransparentFileTLV(TransparentFileInputStream is, int maxSize,
+ byte expectedType) throws CardException, SignatureCardException {
+
+
+ try {
+
+ is.mark(256);
+
+ // check expected type
+ int b = is.read();
+ if (b == 0x00) {
+ return null;
+ }
+ if (b == -1 || expectedType != (0xFF & b)) {
+ throw new SignatureCardException("Unexpected TLV type. Expected "
+ + Integer.toHexString(expectedType) + " but was "
+ + Integer.toHexString(b) + ".");
+ }
+
+ // get actual length
+ int actualSize = 2;
+ b = is.read();
+ if (b == -1) {
+ return null;
+ } else if ((0x80 & b) > 0) {
+ int octets = (0x0F & b);
+ actualSize += octets;
+ for (int i = 1; i <= octets; i++) {
+ b = is.read();
+ if (b == -1) {
+ return null;
+ }
+ actualSize += (0xFF & b) << ((octets - i) * 8);
+ }
+ } else {
+ actualSize += 0xFF & b;
+ }
+
+ // set limit to actual size and read into buffer
+ is.reset();
+ is.setLimit(actualSize);
+ byte[] buf = new byte[actualSize];
+ if (is.read(buf) == actualSize) {
+ return buf;
+ } else {
+ return null;
+ }
+
+ } catch (IOException e) {
+ Throwable cause = e.getCause();
+ if (cause instanceof CardException) {
+ throw (CardException) cause;
+ }
+ if (cause instanceof SignatureCardException) {
+ throw (SignatureCardException) cause;
+ }
+ throw new SignatureCardException(e);
+ }
+
+ }
+
+ public static int getLengthFromFCx(byte[] fcx) {
+
+ int len = -1;
+
+ if (fcx.length != 0 && (fcx[0] == (byte) 0x62 || fcx[0] == (byte) 0x6F)) {
+ int pos = 2;
+ while (pos < (fcx[1] - 2)) {
+ switch (fcx[pos]) {
+
+ case (byte) 0x80:
+ case (byte) 0x81: {
+ len = 0xFF & fcx[pos + 2];
+ for (int i = 1; i < fcx[pos + 1]; i++) {
+ len<<=8;
+ len+=0xFF & fcx[pos + i + 2];
+ }
+ }
+
+ default:
+ pos += 0xFF & fcx[pos + 1] + 2;
+ }
+ }
+ }
+
+ return len;
+
+ }
+
+ public static byte[] readRecord(CardChannel channel, int record) throws CardException, SignatureCardException {
+
+ ResponseAPDU resp = channel.transmit(
+ new CommandAPDU(0x00, 0xB2, record, 0x04, 256));
+ if (resp.getSW() == 0x9000) {
+ return resp.getData();
+ } else {
+ throw new SignatureCardException("Failed to read records. SW="
+ + Integer.toHexString(resp.getSW()));
+ }
+
+ }
+
+ public static void formatPIN(int pinFormat, int pinJustification, byte[] fpin, byte[] mask, char[] pin) {
+
+ boolean left = (pinJustification == VerifyAPDUSpec.PIN_JUSTIFICATION_LEFT);
+
+ int j = (left) ? 0 : fpin.length - 1;
+ int step = (left) ? 1 : - 1;
+ switch (pinFormat) {
+ case VerifyAPDUSpec.PIN_FORMAT_BINARY:
+ if (fpin.length < pin.length) {
+ throw new IllegalArgumentException();
+ }
+ for (int i = 0; i < pin.length; i++) {
+ fpin[j] = (byte) Character.digit(pin[i], 10);
+ mask[j] = (byte) 0xFF;
+ j += step;
+ }
+ break;
+
+ case VerifyAPDUSpec.PIN_FORMAT_BCD:
+ if (fpin.length * 2 < pin.length) {
+ throw new IllegalArgumentException();
+ }
+ for (int i = 0; i < pin.length; i++) {
+ int digit = Character.digit(pin[i], 10);
+ boolean h = (i % 2 == 0) ^ left;
+ fpin[j] |= h ? digit : digit << 4 ;
+ mask[j] |= h ? (byte) 0x0F : (byte) 0xF0;
+ j += (i % 2) * step;
+ }
+ break;
+
+ case VerifyAPDUSpec.PIN_FORMAT_ASCII:
+ if (fpin.length < pin.length) {
+ throw new IllegalArgumentException();
+ }
+ byte[] asciiPin = Charset.forName("ASCII").encode(CharBuffer.wrap(pin)).array();
+ for (int i = 0; i < pin.length; i++) {
+ fpin[j] = asciiPin[i];
+ mask[j] = (byte) 0xFF;
+ j += step;
+ }
+ break;
+ }
+
+ }
+
+ public static void insertPIN(byte[] apdu, int pos, byte[] fpin, byte[] mask) {
+ for (int i = 0; i < fpin.length; i++) {
+ apdu[pos + i] &= ~mask[i];
+ apdu[pos + i] |= fpin[i];
+ }
+ }
+
+ public static void insertPINLength(byte[] apdu, int length, int lengthSize, int pos, int offset) {
+
+ // use short (2 byte) to be able to shift the pin length
+ // by the number of bits given by the pin length position
+ short size = (short) (0x00FF & length);
+ short sMask = (short) ((1 << lengthSize) - 1);
+ // shift to the proper position
+ int shift = 16 - lengthSize - (pos % 8);
+ offset += (pos / 8) + 5;
+ size <<= shift;
+ sMask <<= shift;
+ // insert upper byte
+ apdu[offset] &= (0xFF & (~sMask >> 8));
+ apdu[offset] |= (0xFF & (size >> 8));
+ // insert lower byte
+ apdu[offset + 1] &= (0xFF & ~sMask);
+ apdu[offset + 1] |= (0xFF & size);
+
+ }
+
+ public static CommandAPDU createVerifyAPDU(VerifyAPDUSpec apduSpec, char[] pin) {
+
+ // format pin
+ byte[] fpin = new byte[apduSpec.getPinLength()];
+ byte[] mask = new byte[apduSpec.getPinLength()];
+ formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, pin);
+
+ byte[] apdu = apduSpec.getApdu();
+
+ // insert formated pin
+ insertPIN(apdu, apduSpec.getPinPosition() + 5, fpin, mask);
+
+ // insert pin length
+ if (apduSpec.getPinLengthSize() != 0) {
+ insertPINLength(apdu, pin.length, apduSpec.getPinLengthSize(), apduSpec.getPinLengthPos(), 0);
+ }
+
+ return new CommandAPDU(apdu);
+
+ }
+
+ public static CommandAPDU createChangeReferenceDataAPDU(
+ ChangeReferenceDataAPDUSpec apduSpec, char[] oldPin, char[] newPin) {
+
+ // format old pin
+ byte[] fpin = new byte[apduSpec.getPinLength()];
+ byte[] mask = new byte[apduSpec.getPinLength()];
+ formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, oldPin);
+
+ byte[] apdu = apduSpec.getApdu();
+
+ // insert formated old pin
+ insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetOld() + 5, fpin, mask);
+
+ // insert pin length
+ if (apduSpec.getPinLengthSize() != 0) {
+ insertPINLength(apdu, oldPin.length, apduSpec.getPinLengthSize(),
+ apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetOld());
+ }
+
+ // format new pin
+ fpin = new byte[apduSpec.getPinLength()];
+ mask = new byte[apduSpec.getPinLength()];
+ formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, newPin);
+
+ // insert formated new pin
+ insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetNew() + 5, fpin, mask);
+
+ // insert pin length
+ if (apduSpec.getPinLengthSize() != 0) {
+ insertPINLength(apdu, newPin.length, apduSpec.getPinLengthSize(),
+ apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetNew());
+ }
+
+ return new CommandAPDU(apdu);
+
+ }
+
+ public static CommandAPDU createNewReferenceDataAPDU(
+ NewReferenceDataAPDUSpec apduSpec, char[] newPin) {
+
+ // format old pin
+ byte[] fpin = new byte[apduSpec.getPinLength()];
+ byte[] mask = new byte[apduSpec.getPinLength()];
+ formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, newPin);
+
+ byte[] apdu = apduSpec.getApdu();
+
+ // insert formated new pin
+ insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetNew() + 5, fpin, mask);
+
+ // insert pin length
+ if (apduSpec.getPinLengthSize() != 0) {
+ insertPINLength(apdu, newPin.length, apduSpec.getPinLengthSize(),
+ apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetNew());
+ }
+
+ return new CommandAPDU(apdu);
+
+ }
+
+
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java b/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java
new file mode 100644
index 00000000..f7d3bab7
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java
@@ -0,0 +1,150 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.util;
+
+import java.util.Locale;
+import java.util.Map;
+
+import javax.smartcardio.ATR;
+import javax.smartcardio.Card;
+import javax.smartcardio.CardTerminal;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardFactory;
+
+public class SMCCHelper {
+
+ public final static int NO_CARD = 0;
+ public final static int PC_SC_NOT_SUPPORTED = 1;
+ public final static int TERMINAL_NOT_PRESENT = 2;
+ public final static int CARD_NOT_SUPPORTED = 3;
+ public final static int CARD_FOUND = 4;
+
+ private final static Log log = LogFactory.getLog(SMCCHelper.class);
+
+ protected SmartCardIO smartCardIO = new SmartCardIO();
+ protected int resultCode = NO_CARD;
+ protected SignatureCard signatureCard = null;
+ protected static boolean useSWCard = false;
+
+ public SMCCHelper() {
+ update();
+ }
+
+ public synchronized void update() {
+ update(-1);
+ }
+
+ public synchronized void update(int sleep) {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ if (useSWCard) {
+ try {
+ signatureCard = factory.createSignatureCard(null, null);
+ resultCode = CARD_FOUND;
+ } catch (CardNotSupportedException e) {
+ resultCode = CARD_NOT_SUPPORTED;
+ signatureCard = null;
+ }
+ return;
+ }
+ signatureCard = null;
+ resultCode = NO_CARD;
+ // find pcsc support
+ if (smartCardIO.isPCSCSupported()) {
+ // find supported card
+ if (smartCardIO.isTerminalPresent()) {
+ Map<CardTerminal, Card> newCards = null;
+ if (sleep > 0) {
+ smartCardIO.waitForInserted(sleep);
+
+ }
+ newCards = smartCardIO.getCards();
+ for (CardTerminal cardTerminal : newCards.keySet()) {
+ try {
+ Card c = newCards.get(cardTerminal);
+ if (c == null) {
+ throw new CardNotSupportedException();
+ }
+ signatureCard = factory.createSignatureCard(c, cardTerminal);
+ ATR atr = newCards.get(cardTerminal).getATR();
+ log.trace("Found supported card (" + signatureCard.toString() + ") "
+ + "in terminal '" + cardTerminal.getName() + "', ATR = "
+ + toString(atr.getBytes()) + ".");
+ resultCode = CARD_FOUND;
+ break;
+
+ } catch (CardNotSupportedException e) {
+ Card c = newCards.get(cardTerminal);
+ if (c != null) {
+ ATR atr = c.getATR();
+ log.info("Found unsupported card" + " in terminal '"
+ + cardTerminal.getName() + "', ATR = "
+ + toString(atr.getBytes()) + ".");
+ } else {
+ log.info("Found unsupported card in terminal '"
+ + cardTerminal.getName() + "' without ATR");
+ }
+ resultCode = CARD_NOT_SUPPORTED;
+ }
+ }
+ } else {
+ resultCode = TERMINAL_NOT_PRESENT;
+ }
+ } else {
+ resultCode = PC_SC_NOT_SUPPORTED;
+ }
+ }
+
+ public synchronized SignatureCard getSignatureCard(Locale locale) {
+ if (signatureCard != null) {
+ signatureCard.setLocale(locale);
+ }
+ return signatureCard;
+ }
+
+ public int getResultCode() {
+ return resultCode;
+ }
+
+ public static String toString(byte[] b) {
+ StringBuffer sb = new StringBuffer();
+ sb.append('[');
+ if (b != null && b.length > 0) {
+ sb.append(Integer.toHexString((b[0] & 240) >> 4));
+ sb.append(Integer.toHexString(b[0] & 15));
+ for (int i = 1; i < b.length; i++) {
+ sb.append((i % 32 == 0) ? '\n' : ':');
+ sb.append(Integer.toHexString((b[i] & 240) >> 4));
+ sb.append(Integer.toHexString(b[i] & 15));
+ }
+ }
+ sb.append(']');
+ return sb.toString();
+ }
+
+ public static boolean isUseSWCard() {
+ return useSWCard;
+ }
+
+ public static void setUseSWCard(boolean useSWCard) {
+ SMCCHelper.useSWCard = useSWCard;
+ }
+}
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java b/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java
new file mode 100644
index 00000000..b1866894
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java
@@ -0,0 +1,204 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.util;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.CardTerminals;
+import javax.smartcardio.TerminalFactory;
+import javax.smartcardio.CardTerminals.State;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ *
+ * @author mcentner
+ */
+public class SmartCardIO {
+
+ private static final int STATE_INITIALIZED = 1;
+
+ private static final int STATE_TERMINAL_FACTORY = 2;
+
+ private static final int STATE_TERMINALS = 3;
+
+ private static Log log = LogFactory.getLog(SmartCardIO.class);
+
+ final Map<CardTerminal, Card> terminalCard_ = new HashMap<CardTerminal, Card>();
+
+ int state_ = STATE_INITIALIZED;
+
+ TerminalFactory terminalFactory_ = null;
+
+ CardTerminals cardTerminals_;
+
+ private void updateTerminalFactory() {
+ TerminalFactory terminalFactory;
+ try {
+ terminalFactory = TerminalFactory.getInstance("PC/SC", null);
+ } catch (NoSuchAlgorithmException e) {
+ log.info("Failed to get TerminalFactory of type 'PC/SC'.", e);
+ terminalFactory = TerminalFactory.getDefault();
+ }
+ log.debug("TerminalFactory : " + terminalFactory);
+ if ("PC/SC".equals(terminalFactory.getType())) {
+ terminalFactory_ = terminalFactory;
+ }
+ if(state_ < STATE_TERMINAL_FACTORY) {
+ state_ = STATE_TERMINAL_FACTORY;
+ }
+ }
+
+ public boolean isPCSCSupported() {
+ if(state_ < STATE_TERMINAL_FACTORY) {
+ updateTerminalFactory();
+ }
+ return terminalFactory_ != null;
+ }
+
+ private void updateCardTerminals() {
+ if(terminalFactory_ != null) {
+ cardTerminals_ = terminalFactory_.terminals();
+ }
+ log.debug("CardTerminals : " + cardTerminals_);
+ if (state_ < STATE_TERMINALS) {
+ state_ = STATE_TERMINALS;
+ }
+ }
+
+ public CardTerminals getCardTerminals() {
+ if(state_ < STATE_TERMINAL_FACTORY) {
+ updateTerminalFactory();
+ }
+ if(state_ < STATE_TERMINALS) {
+ updateCardTerminals();
+ }
+ return cardTerminals_;
+ }
+
+ public boolean isTerminalPresent() {
+ CardTerminals cardTerminals = getCardTerminals();
+ if (cardTerminals != null) {
+ List<CardTerminal> terminals = null;
+ try {
+ terminals = cardTerminals.list(State.ALL);
+
+ // logging
+ if(log.isInfoEnabled()) {
+ if (terminals == null || terminals.isEmpty()) {
+ log.info("No card terminal found.");
+ } else {
+ StringBuffer msg = new StringBuffer();
+ msg.append("Found " + terminals.size() + " card terminal(s):");
+ for (CardTerminal terminal : terminals) {
+ msg.append("\n " + terminal.getName());
+ }
+ log.info(msg.toString());
+ }
+ }
+
+ return terminals != null && !terminals.isEmpty();
+ } catch (CardException e) {
+ log.info("Failed to list card terminals.", e);
+ return false;
+ }
+ } else {
+ return false;
+ }
+ }
+
+ private Map<CardTerminal, Card> updateCards() {
+
+ // clear card references if removed
+ try {
+ log.trace("terminals.list(State.CARD_REMOVAL)");
+ for (CardTerminal terminal : cardTerminals_.list(CardTerminals.State.CARD_REMOVAL)) {
+ Card card = terminalCard_.remove(terminal);
+ log.trace("card removed : " + card);
+ }
+ } catch (CardException e) {
+ log.debug(e);
+ }
+
+ // check inserted cards
+ Map<CardTerminal, Card> newCards = new HashMap<CardTerminal, Card>();
+ try {
+ log.trace("terminals.list(State.CARD_INSERTION)");
+ for (CardTerminal terminal : cardTerminals_.list(CardTerminals.State.CARD_INSERTION)) {
+
+ Card card = null;
+ try {
+ log.trace("Trying to connect to card.");
+ // try to connect to card
+ card = terminal.connect("*");
+ } catch (CardException e) {
+ log.trace("Failed to connect to card.", e);
+ }
+
+ // have we seen this card before?
+ if (terminalCard_.put(terminal, card) == null) {
+ terminalCard_.put(terminal, card);
+ newCards.put(terminal, card);
+ log.trace("terminal '" + terminal + "' card inserted : " + card);
+ }
+ }
+ } catch (CardException e) {
+ log.debug(e);
+ }
+ return newCards;
+
+ }
+
+ public Map<CardTerminal, Card> getCards() {
+ if(state_ < STATE_TERMINAL_FACTORY) {
+ updateTerminalFactory();
+ }
+ if(state_ < STATE_TERMINALS) {
+ updateCardTerminals();
+ }
+ updateCards();
+ Map<CardTerminal, Card> terminalCard = new HashMap<CardTerminal, Card>();
+ terminalCard.putAll(terminalCard_);
+ return Collections.unmodifiableMap(terminalCard);
+ }
+
+ public Map<CardTerminal, Card> waitForInserted(int timeout) {
+ if(state_ < STATE_TERMINAL_FACTORY) {
+ updateTerminalFactory();
+ }
+ if(state_ < STATE_TERMINALS) {
+ updateCardTerminals();
+ }
+ try {
+ // just waiting for a short period of time to allow for abort
+ cardTerminals_.waitForChange(timeout);
+ } catch (CardException e) {
+ log.debug("CardTerminals.waitForChange(" + timeout + ") failed.", e);
+ }
+ Map<CardTerminal, Card> newCards = new HashMap<CardTerminal, Card>();
+ newCards.putAll(updateCards());
+ return Collections.unmodifiableMap(newCards);
+ }
+} \ No newline at end of file
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java b/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java
new file mode 100644
index 00000000..781f9137
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java
@@ -0,0 +1,194 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public abstract class TransparentFileInputStream extends InputStream {
+
+ private final int chunkSize = 256;
+
+ private byte[] buf = new byte[chunkSize];
+ private int start = 0;
+ private int end = 0;
+
+ private int offset = 0;
+
+ private int length = -1;
+
+ private int limit = -1;
+
+ private int mark = -1;
+
+ private int readlimit = -1;
+
+ public TransparentFileInputStream() {
+ }
+
+ public TransparentFileInputStream(int length) {
+ this.length = length;
+ }
+
+ public void setLimit(int limit) {
+ this.limit = limit;
+ }
+
+ private int fill() throws IOException {
+ if (start == end && (limit < 0 || offset < limit)) {
+ int l;
+ if (limit > 0 && limit - offset < chunkSize) {
+ l = limit - offset;
+ } else if (length > 0) {
+ if (length - offset < chunkSize) {
+ l = length - offset;
+ } else {
+ l = chunkSize - 1;
+ }
+ } else {
+ l = chunkSize;
+ }
+ byte[] b = readBinary(offset, l);
+ offset += b.length;
+ if (mark < 0) {
+ start = 0;
+ end = b.length;
+ System.arraycopy(b, 0, buf, start, b.length);
+ } else {
+ if (end - mark + b.length > buf.length) {
+ // double buffer size
+ byte[] nbuf = new byte[buf.length * 2];
+ System.arraycopy(buf, mark, nbuf, 0, end - mark);
+ buf = nbuf;
+ } else {
+ System.arraycopy(buf, mark, buf, 0, end - mark);
+ }
+ start = start - mark;
+ end = end - mark + b.length;
+ mark = 0;
+ System.arraycopy(b, 0, buf, start, b.length);
+ }
+ if (l > b.length) {
+ // end of file reached
+ setLimit(offset);
+ }
+ }
+ return end - start;
+ }
+
+ protected abstract byte[] readBinary(int offset, int len) throws IOException;
+
+ @Override
+ public int read() throws IOException {
+ int b = (fill() > 0) ? 0xFF & buf[start++] : -1;
+ if (readlimit > 0 && start > readlimit) {
+ mark = -1;
+ readlimit = -1;
+ }
+ return b;
+ }
+
+ @Override
+ public int read(byte[] b, int off, int len) throws IOException {
+ if (b == null) {
+ throw new NullPointerException();
+ } else if (off < 0 || len < 0 || len > b.length - off) {
+ throw new IndexOutOfBoundsException();
+ } else if (len == 0) {
+ return 0;
+ }
+
+ int count = 0;
+ int l;
+ while (count < len) {
+ if (fill() > 0) {
+ l = Math.min(end - start, len - count);
+ System.arraycopy(buf, start, b, off, l);
+ start += l;
+ off += l;
+ count += l;
+ if (readlimit > 0 && start > readlimit) {
+ mark = -1;
+ readlimit = -1;
+ }
+ } else {
+ return (count > 0) ? count : -1;
+ }
+ }
+
+ return count;
+
+ }
+
+ @Override
+ public synchronized void mark(int readlimit) {
+ this.readlimit = readlimit;
+ mark = start;
+ }
+
+ @Override
+ public boolean markSupported() {
+ return true;
+ }
+
+ @Override
+ public synchronized void reset() throws IOException {
+ if (mark < 0) {
+ throw new IOException();
+ } else {
+ start = mark;
+ }
+ }
+
+ @Override
+ public long skip(long n) throws IOException {
+
+ if (n <= 0) {
+ return 0;
+ }
+
+ if (n <= end - start) {
+ start += n;
+ return n;
+ } else {
+
+ mark = -1;
+
+ long remaining = n - (end - start);
+ start = end;
+
+ if (limit >= 0 && limit < offset + remaining) {
+ remaining -= limit - offset;
+ offset = limit;
+ return n - remaining;
+ }
+
+ if (length >= 0 && length < offset + remaining) {
+ remaining -= length - offset;
+ offset = length;
+ return n - remaining;
+ }
+
+ offset += remaining;
+
+ return n;
+
+ }
+
+ }
+
+}
diff --git a/smcc/src/main/resources/at/gv/egiz/smcc/ACOSCard.properties b/smcc/src/main/resources/at/gv/egiz/smcc/ACOSCard.properties
new file mode 100644
index 00000000..15f5c990
--- /dev/null
+++ b/smcc/src/main/resources/at/gv/egiz/smcc/ACOSCard.properties
@@ -0,0 +1,24 @@
+# Copyright 2008 Federal Chancellery Austria and
+# Graz University of Technology
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# To change this template, choose Tools | Templates
+# and open the template in the editor.
+
+dec.pin.name=Geheimhaltungs-PIN
+dec.pin.length=0-8
+sig.pin.name=Signatur-PIN
+sig.pin.length=0-8
+inf.pin.name=Infobox-PIN
+inf.pin.length=0-8
diff --git a/smcc/src/main/resources/at/gv/egiz/smcc/BELPICCard.properties b/smcc/src/main/resources/at/gv/egiz/smcc/BELPICCard.properties
new file mode 100644
index 00000000..71267394
--- /dev/null
+++ b/smcc/src/main/resources/at/gv/egiz/smcc/BELPICCard.properties
@@ -0,0 +1,3 @@
+#pin.name=PIN
+sig.pin.name=PIN
+sig.pin.length=4-12 \ No newline at end of file
diff --git a/smcc/src/main/resources/at/gv/egiz/smcc/ITCard.properties b/smcc/src/main/resources/at/gv/egiz/smcc/ITCard.properties
new file mode 100644
index 00000000..e0222a70
--- /dev/null
+++ b/smcc/src/main/resources/at/gv/egiz/smcc/ITCard.properties
@@ -0,0 +1,3 @@
+#pin.name=PIN
+sig.pin.name=PIN
+sig.pin.length=5-8 \ No newline at end of file
diff --git a/smcc/src/main/resources/at/gv/egiz/smcc/STARCOSCard.properties b/smcc/src/main/resources/at/gv/egiz/smcc/STARCOSCard.properties
new file mode 100644
index 00000000..122d2aa7
--- /dev/null
+++ b/smcc/src/main/resources/at/gv/egiz/smcc/STARCOSCard.properties
@@ -0,0 +1,22 @@
+# Copyright 2008 Federal Chancellery Austria and
+# Graz University of Technology
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# To change this template, choose Tools | Templates
+# and open the template in the editor.
+
+sig.pin.name=Signatur-PIN
+sig.pin.length=6-12
+card.pin.name=Karten-PIN
+card.pin.length=4-12
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/AbstractAppl.java b/smcc/src/test/java/at/gv/egiz/smcc/AbstractAppl.java
new file mode 100644
index 00000000..affb06ff
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/AbstractAppl.java
@@ -0,0 +1,57 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+
+public abstract class AbstractAppl implements CardAppl {
+
+ public final HashMap<Integer, PIN> pins = new HashMap<Integer, PIN>();
+
+ protected List<File> files = new ArrayList<File>();
+
+ public void checkINS(CommandAPDU command, int ins) {
+ if (command.getINS() != ins) {
+ throw new IllegalArgumentException("INS has to be 0x" + Integer.toHexString(ins) + ".");
+ }
+ }
+
+ @Override
+ public abstract byte[] getAID();
+
+ @Override
+ public abstract byte[] getFCI();
+
+ public void putFile(File file) {
+ files.add(file);
+ }
+
+ public List<File> getFiles() {
+ return files;
+ }
+
+ @Override
+ public abstract void setPin(int kid, char[] value);
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardAppl.java b/smcc/src/test/java/at/gv/egiz/smcc/CardAppl.java
new file mode 100644
index 00000000..76a3e567
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardAppl.java
@@ -0,0 +1,43 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+
+@SuppressWarnings("restriction")
+public interface CardAppl {
+
+ public byte[] getAID();
+
+ public byte[] getFID();
+
+ public byte[] getFCI();
+
+ public void leaveApplContext();
+
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) throws CardException;
+
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) throws CardException;
+
+ public ResponseAPDU cmdINTERNAL_AUTHENTICATE(CommandAPDU command, CardChannelEmul channel) throws CardException;
+
+ public void setPin(int kid, char[] value);
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/CardChannelEmul.java
new file mode 100644
index 00000000..bfe4e31c
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardChannelEmul.java
@@ -0,0 +1,52 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.nio.ByteBuffer;
+
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+
+@SuppressWarnings("restriction")
+public abstract class CardChannelEmul extends CardChannel {
+
+ protected AbstractAppl currentAppl = null;
+ protected File currentFile = null;
+
+ public CardChannelEmul() {
+ super();
+ }
+
+ @Override
+ public int getChannelNumber() {
+ return 0;
+ }
+
+ @Override
+ public void close() throws CardException {
+ throw new IllegalStateException("Basic logical channel cannot be closed.");
+ }
+
+ @Override
+ public int transmit(ByteBuffer command, ByteBuffer response) throws CardException {
+ byte[] responseBytes = transmit(new CommandAPDU(command)).getBytes();
+ response.put(responseBytes);
+ return responseBytes.length;
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/CardEmul.java
new file mode 100644
index 00000000..3dfc8510
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardEmul.java
@@ -0,0 +1,106 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+
+
+@SuppressWarnings("restriction")
+public abstract class CardEmul extends Card {
+
+ protected Thread exclThread; // = null;
+ protected CardChannel channel; // = newCardChannel(this);
+ protected List<AbstractAppl> applications = new ArrayList<AbstractAppl>();
+
+ public CardEmul() {
+ super();
+ }
+
+// protected abstract CardChannelEmul newCardChannel(CardEmul cardEmul);
+
+ @Override
+ public void beginExclusive() throws CardException {
+
+ if (exclThread == Thread.currentThread()) {
+ throw new CardException("Exclusive access already assigned to current thread.");
+ } else if (exclThread != null) {
+ throw new CardException("Exclusive access already assigned to another thread.");
+ }
+
+ exclThread = Thread.currentThread();
+
+ }
+
+ @Override
+ public void endExclusive() throws CardException {
+
+ if (exclThread == Thread.currentThread()) {
+ exclThread = null;
+ } else if (exclThread == null) {
+ throw new CardException("Exclusive access has not been assigned.");
+ } else {
+ throw new CardException("Exclusive access has not been assigned to current thread.");
+ }
+
+ }
+
+ @Override
+ public CardChannel getBasicChannel() {
+ return channel;
+ }
+
+ @Override
+ public void disconnect(boolean reset) throws CardException {
+// if (reset) {
+// channel = newCardChannel(this);
+// }
+ }
+
+ @Override
+ public CardChannel openLogicalChannel() throws CardException {
+ throw new CardException("Logical channels not supported.");
+ }
+
+ @Override
+ public String getProtocol() {
+ return "T1";
+ }
+
+ @Override
+ public byte[] transmitControlCommand(int arg0, byte[] arg1)
+ throws CardException {
+ throw new CardException("transmitControlCommand() not supported.");
+ }
+
+ public AbstractAppl getApplication(byte[] fid) {
+
+ for(AbstractAppl appl : applications) {
+ if (Arrays.equals(appl.getAID(), fid) || Arrays.equals(appl.getFID(), fid)) {
+ return appl;
+ }
+ }
+ return null;
+
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardTerminalEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/CardTerminalEmul.java
new file mode 100644
index 00000000..b13de62f
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardTerminalEmul.java
@@ -0,0 +1,64 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+
+public class CardTerminalEmul extends CardTerminal {
+
+ private Card card;
+
+ public CardTerminalEmul(Card card) {
+ this.card = card;
+ }
+
+ @Override
+ public Card connect(String protocol) throws CardException {
+ if ("*".equals(protocol) || "T=1".equals(protocol)) {
+ return card;
+ } else {
+ throw new CardException("Protocol '" + protocol + "' not supported.");
+ }
+ }
+
+ @Override
+ public String getName() {
+ return "CardTerminal Emulation";
+ }
+
+ @Override
+ public boolean isCardPresent() throws CardException {
+ return true;
+ }
+
+ @Override
+ public boolean waitForCardAbsent(long timeout) throws CardException {
+ try {
+ Thread.sleep(timeout);
+ } catch (InterruptedException e) {
+ }
+ return false;
+ }
+
+ @Override
+ public boolean waitForCardPresent(long timeout) throws CardException {
+ return true;
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/CardTest.java
new file mode 100644
index 00000000..44e48836
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardTest.java
@@ -0,0 +1,222 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.pin.gui.CancelPINProvider;
+import at.gv.egiz.smcc.pin.gui.InterruptPINProvider;
+import at.gv.egiz.smcc.pin.gui.CancelChangePINProvider;
+import static org.junit.Assert.*;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.smartcardio.Card;
+
+import org.junit.Test;
+
+import at.gv.egiz.smcc.SignatureCard.KeyboxName;
+import at.gv.egiz.smcc.acos.A04ApplDEC;
+import at.gv.egiz.smcc.pin.gui.DummyPINGUI;
+import at.gv.egiz.smcc.pin.gui.ModifyPINGUI;
+import at.gv.egiz.smcc.pin.gui.PINGUI;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+import org.junit.Ignore;
+
+@SuppressWarnings("restriction")
+public abstract class CardTest {
+
+ public CardTest() {
+ super();
+ }
+
+ protected abstract SignatureCard createSignatureCard()
+ throws CardNotSupportedException;
+
+ @Test
+ public void testGetCard() throws CardNotSupportedException {
+ SignatureCard signatureCard = createSignatureCard();
+ Card card = signatureCard.getCard();
+ assertNotNull(card);
+ }
+
+ @Test
+ public void testGetInfoboxIdentityLink() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ final char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider(pin);
+
+ byte[] idlink = signatureCard.getInfobox("IdentityLink",
+ pinProvider, null);
+ assertNotNull(idlink);
+ assertTrue(Arrays.equals(idlink, A04ApplDEC.IDLINK));
+ assertEquals(1, pinProvider.provided);
+
+ }
+
+ @Test(expected = CancelledException.class)
+ public void testSignSIGCancel() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new CancelPINProvider();
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR, pinProvider,
+ null);
+
+ }
+
+ @Test(expected = CancelledException.class)
+ public void testSignDECCancel() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new CancelPINProvider();
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = InterruptedException.class)
+ public void testSignSIGInterrrupted() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new InterruptPINProvider();
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = InterruptedException.class)
+ public void testSignDECInterrrupted() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new InterruptPINProvider();
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = CancelledException.class)
+ public void testSignSIGConcurrent() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ final SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new DummyPINGUI() {
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+
+ try {
+ signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+ assertTrue(false);
+ return null;
+ } catch (SignatureCardException e) {
+ // expected
+ throw new CancelledException();
+ }
+
+ }
+ };
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = CancelledException.class)
+ public void testSignDECConcurrent() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ final SignatureCard signatureCard = createSignatureCard();
+
+ PINGUI pinProvider = new DummyPINGUI() {
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+
+ try {
+ signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR);
+ assertTrue(false);
+ return null;
+ } catch (SignatureCardException e) {
+ // expected
+ throw new CancelledException();
+ }
+ }
+ };
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test
+ public void testGetPinSpecs() throws CardNotSupportedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+
+ List<PINSpec> specs = signatureCard.getPINSpecs();
+ assertNotNull(specs);
+ assertTrue(specs.size() > 0);
+
+ }
+
+ @Test(expected = SignatureCardException.class)
+ public void testActivatePin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, UnsupportedEncodingException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+
+ ModifyPINGUI pinProvider = new CancelChangePINProvider();
+
+ List<PINSpec> specs = signatureCard.getPINSpecs();
+
+ signatureCard.activatePIN(specs.get(0), pinProvider);
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/CardTestSuite.java b/smcc/src/test/java/at/gv/egiz/smcc/CardTestSuite.java
new file mode 100644
index 00000000..3c275a8d
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/CardTestSuite.java
@@ -0,0 +1,29 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+import org.junit.runners.Suite.SuiteClasses;
+
+import at.gv.egiz.smcc.acos.ACOSCardTestSuite;
+
+@RunWith(Suite.class)
+@SuiteClasses( { ACOSCardTestSuite.class, at.gv.egiz.smcc.starcos.STARCOSCardTest.class })
+public class CardTestSuite {
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/File.java b/smcc/src/test/java/at/gv/egiz/smcc/File.java
new file mode 100644
index 00000000..e47c5f7d
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/File.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class File {
+ public byte[] fid;
+ public byte[] file;
+ public byte[] fcx;
+ public int kid = -1;
+
+ public File(byte[] fid, byte[] file, byte[] fcx) {
+ this.fid = fid;
+ this.file = file;
+ this.fcx = fcx;
+ }
+
+ public File(byte[] fid, byte[] file, byte[] fcx, int kid) {
+ this.fid = fid;
+ this.file = file;
+ this.fcx = fcx;
+ this.kid = kid;
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/PIN.java b/smcc/src/test/java/at/gv/egiz/smcc/PIN.java
new file mode 100644
index 00000000..2cda0c2f
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/PIN.java
@@ -0,0 +1,45 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+public class PIN {
+
+ public static final int STATE_RESET = 0;
+
+ public static final int STATE_PIN_VERIFIED = 1;
+
+ public static final int STATE_PIN_BLOCKED = -1;
+
+ public static final int STATE_PIN_NOTACTIVE = 2;
+
+ public byte[] pin;
+
+ public int kid;
+
+ public int state; // = STATE_RESET;
+
+ public int kfpc; // = 10;
+
+ //TODO also provde default constructor without state param
+ public PIN(byte[] pin, int kid, int kfpc, int state) {
+ this.pin = pin;
+ this.kid = kid;
+ this.kfpc = kfpc;
+ this.state = state;
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/TransparentFileInputStreamTest.java b/smcc/src/test/java/at/gv/egiz/smcc/TransparentFileInputStreamTest.java
new file mode 100644
index 00000000..4ae48335
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/TransparentFileInputStreamTest.java
@@ -0,0 +1,208 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc;
+
+import java.io.IOException;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import at.gv.egiz.smcc.util.TransparentFileInputStream;
+import static org.junit.Assert.*;
+
+public class TransparentFileInputStreamTest {
+
+ public class TestTransparentFileInputStream extends TransparentFileInputStream {
+
+ private byte[] data;
+
+ public TestTransparentFileInputStream(byte[] data) {
+ this.data = data;
+ }
+
+ @Override
+ protected byte[] readBinary(int offset, int len) throws IOException {
+ int l = Math.min(len, data.length - offset);
+ byte[] b = new byte[l];
+ System.arraycopy(data, offset, b, 0, l);
+ return b;
+ }
+
+ }
+
+ protected static byte[] file;
+
+ protected static byte[] file_bs;
+
+ @BeforeClass
+ public static void setUpClass() {
+
+ byte b = 0x00;
+ file = new byte[1000];
+ for (int i = 0; i < file.length; i++) {
+ file[i] = b++;
+ }
+
+ file_bs = new byte[256];
+ b = 0x00;
+ for (int i = 0; i < file_bs.length; i++) {
+ file_bs[i] = b++;
+ }
+
+ }
+
+ @Test
+ public void testReadSeq() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 0;
+ int b;
+ while ((b = is.read()) != -1) {
+ assertEquals(0xFF & i++, b);
+ }
+ assertEquals(file.length, i);
+
+ }
+
+ @Test
+ public void testReadBlock() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 0;
+ byte[] b = new byte[28];
+ int l;
+ while ((l = is.read(b)) != -1) {
+ for(int j = 0; j < l; j++) {
+ assertEquals(0xFF & i++, 0xFF & b[j]);
+ }
+ }
+ assertEquals(file.length, i);
+
+ }
+
+ @Test
+ public void testReadBlockBS() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file_bs);
+ int i = 0;
+ byte[] b = new byte[28];
+ int l;
+ while ((l = is.read(b)) != -1) {
+ for(int j = 0; j < l; j++) {
+ assertEquals(0xFF & i++, 0xFF & b[j]);
+ }
+ }
+ assertEquals(file_bs.length, i);
+
+ }
+
+ @Test(expected = IOException.class)
+ public void testReset() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ is.read(new byte[128]);
+ is.reset();
+
+ }
+
+ @Test
+ public void testMark() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 0;
+ is.mark(12);
+ byte[] b = new byte[37];
+ int l;
+ while ((l = is.read(b)) != -1) {
+ for(int j = 0; j < l; j++) {
+ assertEquals(0xFF & i++, 0xFF & b[j]);
+ }
+ }
+ assertEquals(file.length, i);
+
+ }
+
+ @Test
+ public void testMarkReset() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 128;
+ is.read(new byte[i]);
+ is.mark(512);
+ byte[] b = new byte[256];
+ is.read(b);
+ for(int j = 0; j < b.length; j++) {
+ assertEquals(0xFF & i + j, 0xFF & b[j]);
+ }
+ is.reset();
+ int l;
+ while ((l = is.read(b)) != -1) {
+ for(int j = 0; j < l; j++) {
+ assertEquals(0xFF & i++, 0xFF & b[j]);
+ }
+ }
+ assertEquals(file.length, i);
+
+ }
+
+
+ @Test(expected = IOException.class)
+ public void testMarkResetLimit() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 128;
+ is.read(new byte[i]);
+ is.mark(128);
+ byte[] b = new byte[256];
+ is.read(b);
+ for(int j = 0; j < b.length; j++) {
+ assertEquals(0xFF & i + j, 0xFF & b[j]);
+ }
+ is.reset();
+
+ }
+
+ @Test
+ public void testSkipSmall() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 0;
+ i+= is.read(new byte[128]);
+ i+= is.skip(3);
+ byte[] b = new byte[256];
+ int l = is.read(b);
+ for (int j = 0; j < l; j++) {
+ assertEquals(0xFF & i + j, 0xFF & b[j]);
+ }
+
+ }
+ @Test
+ public void testSkipBig() throws IOException {
+
+ TransparentFileInputStream is = new TestTransparentFileInputStream(file);
+ int i = 0;
+ i+= is.read(new byte[128]);
+ i+= is.skip(300);
+ byte[] b = new byte[256];
+ int l = is.read(b);
+ for (int j = 0; j < l; j++) {
+ assertEquals(0xFF & i + j, 0xFF & b[j]);
+ }
+
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplDEC.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplDEC.java
new file mode 100644
index 00000000..f4ac5c35
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplDEC.java
@@ -0,0 +1,151 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+import java.util.Random;
+
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+
+@SuppressWarnings("restriction")
+public class A03ApplDEC extends ACOSApplDEC {
+
+ public static final int KID_PIN_INF = 0x83;
+
+ public A03ApplDEC() {
+ super();
+
+ System.arraycopy(IDLINK, 0, EF_INFOBOX, 0, IDLINK.length);
+ putFile(new File(FID_EF_INFOBOX, EF_INFOBOX, FCI_EF_INFOBOX, KID_PIN_INF));
+
+ try {
+ pins.put(KID_PIN_INF, new PIN("0000\0\0\0\0".getBytes("ASCII"), KID_PIN_INF, 10, PIN.STATE_RESET));
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41: {
+ // INTERNAL AUTHENTICATE
+ byte[] dst = new byte[] { (byte) 0x84, (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, (byte) 0x01 };
+ if (Arrays.equals(dst, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x2A);
+
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+
+ }
+
+ @Override
+ public ResponseAPDU cmdINTERNAL_AUTHENTICATE(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x88);
+
+ if (command.getP1() == 0x10 && command.getP2() == 0x00) {
+
+ byte[] data = command.getData();
+
+ if (securityEnv == null) {
+ // Security Environment not set or wrong
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+
+ byte[] digestInfo = new byte[] {
+ (byte) 0x30, (byte) 0x21, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2B, (byte) 0x0E,
+ (byte) 0x03, (byte) 0x02, (byte) 0x1A, (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x14
+ };
+
+ if (data.length != 35 || !Arrays.equals(digestInfo, Arrays.copyOf(data, 15))) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+
+ if (pins.get(KID_PIN_DEC).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] signature = new byte[48];
+
+ // TODO replace by signature creation
+ Random random = new Random();
+ random.nextBytes(signature);
+
+ byte[] response = new byte[signature.length + 2];
+ System.arraycopy(signature, 0, response, 0, signature.length);
+ response[signature.length] = (byte) 0x90;
+ response[signature.length + 1] = (byte) 0x00;
+
+ hash = null;
+ pins.get(KID_PIN_DEC).state = PIN.STATE_RESET;
+
+ return new ResponseAPDU(response);
+
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplSIG.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplSIG.java
new file mode 100644
index 00000000..d059ad57
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03ApplSIG.java
@@ -0,0 +1,77 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.util.Arrays;
+
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+
+
+@SuppressWarnings("restriction")
+public class A03ApplSIG extends ACOSApplSIG {
+
+ public A03ApplSIG() {
+ super();
+ System.arraycopy(C_CH_DS, 0, EF_C_CH_DS, 0, C_CH_DS.length);
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41:
+ // INTERNAL AUTHENTICATE
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41: {
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ byte[] dst = new byte[] { (byte) 0x84, (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, (byte) 0x14 };
+ if (Arrays.equals(dst, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardChannelEmul.java
new file mode 100644
index 00000000..c8d5382c
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardChannelEmul.java
@@ -0,0 +1,98 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.PIN;
+
+
+@SuppressWarnings("restriction")
+public class A03CardChannelEmul extends ACOSCardChannelEmul {
+
+ public A03CardChannelEmul(CardEmul cardEmul) {
+ super(cardEmul);
+ }
+
+ @Override
+ public ResponseAPDU cmdREAD_BINARY(CommandAPDU command) throws CardException {
+
+ if (command.getINS() != 0xB0) {
+ throw new IllegalArgumentException("INS has to be 0xB0.");
+ }
+
+ if (currentFile == null) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x86});
+ }
+
+ if ((command.getP1() & 0x80) > 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ int offset = command.getP2() + (command.getP1() << 8);
+ if (offset > currentFile.file.length) {
+ // Wrong length
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (command.getNe() == 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ if (currentFile.kid != -1) {
+ if ((currentFile.kid & 0x80) > 0) {
+ PIN pin;
+ if (currentAppl == null
+ || (pin = currentAppl.pins.get(currentFile.kid)) == null
+ || pin.state != PIN.STATE_PIN_VERIFIED) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+ } else {
+ // Global PINs not implemented
+ throw new CardException("Not implemented.");
+ }
+ }
+
+ int len;
+ if (command.getNe() == 256) {
+ if (currentFile.file.length > 256) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ } else {
+ len = Math.min(command.getNe(), currentFile.file.length - offset);
+ }
+ } else {
+ if (command.getNe() >= currentFile.file.length - offset) {
+ return new ResponseAPDU(new byte[] {(byte) 0x62, (byte) 0x82});
+ } else {
+ len = command.getNe();
+ }
+ }
+
+ byte[] response = new byte[len + 2];
+ System.arraycopy(currentFile.file, offset, response, 0, len);
+ response[len] = (byte) 0x90;
+ response[len + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardEmul.java
new file mode 100644
index 00000000..7394bae7
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardEmul.java
@@ -0,0 +1,31 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.CardEmul;
+
+
+
+public class A03CardEmul extends ACOSCardEmul {
+
+ public A03CardEmul(A03ApplSIG applSIG, A03ApplDEC applDEC) {
+ channel = new A03CardChannelEmul(this);
+ applications.add(applSIG);
+ applications.add(applDEC);
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardTest.java
new file mode 100644
index 00000000..3a8ac41c
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A03CardTest.java
@@ -0,0 +1,92 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+
+import org.junit.Test;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.CardTerminalEmul;
+import at.gv.egiz.smcc.pin.gui.ChangePINProvider;
+import at.gv.egiz.smcc.LockedException;
+import at.gv.egiz.smcc.NotActivatedException;
+import at.gv.egiz.smcc.PINFormatException;
+import at.gv.egiz.smcc.PINMgmtSignatureCard;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.SignatureCardFactory;
+
+public class A03CardTest extends ACOSCardTest {
+
+ @Override
+ protected SignatureCard createSignatureCard()
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ CardEmul card = new A03CardEmul(new A03ApplSIG(), new A03ApplDEC());
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ @Override
+ protected int getVersion() {
+ return 1;
+ }
+
+ @Test
+ public void testChangePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ char[] defaultPin = "123456".toCharArray();
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplSIG applSIG = (ACOSApplSIG) card.getApplication(ACOSAppl.AID_SIG);
+ applSIG.setPin(ACOSApplSIG.KID_PIN_SIG, defaultPin);
+ ACOSApplDEC applDEC = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ applDEC.setPin(ACOSApplDEC.KID_PIN_DEC, defaultPin);
+ applDEC.setPin(A03ApplDEC.KID_PIN_INF, defaultPin);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = defaultPin;
+
+ for (int i = pinSpec.getMinLength(); i <= pinSpec.getMaxLength(); i++) {
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ char[] newPin = new char[i];
+ Arrays.fill(newPin, '0');
+ signatureCard
+ .changePIN(pinSpec, new ChangePINProvider(pin, newPin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(newPin));
+ pin = newPin;
+ }
+
+ }
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplDEC.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplDEC.java
new file mode 100644
index 00000000..e38a8e80
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplDEC.java
@@ -0,0 +1,296 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.util.Arrays;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+
+@SuppressWarnings("restriction")
+public class A04ApplDEC extends ACOSApplDEC {
+
+ private static final byte[] SEC_ENV_INTERNAL_AUTHENTICATE = new byte[] { (byte) 0x84,
+ (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, (byte) 0x01 };
+
+ private static final byte[] SEC_ENV_DECIPHER = new byte[] { (byte) 0x84,
+ (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, (byte) 0x02 };
+
+ private static final RSAPrivateKey SK_CH_EKEY;
+
+ private static final RSAPublicKey PK_CH_EKEY;
+
+ static {
+ try {
+ KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
+ gen.initialize(1536);
+ KeyPair keyPair = gen.generateKeyPair();
+ SK_CH_EKEY = (RSAPrivateKey) keyPair.getPrivate();
+ PK_CH_EKEY = (RSAPublicKey) keyPair.getPublic();
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public A04ApplDEC() {
+ this(false);
+ }
+
+ public A04ApplDEC(boolean encrypt) {
+
+ int offset = 0;
+
+ // HEADER 'AIK' + version
+ byte[] header;
+ try {
+ header = "AIK".getBytes("ASCII");
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ System.arraycopy(header, 0, EF_INFOBOX, offset, header.length);
+ offset += header.length;
+ EF_INFOBOX[offset++] = 1;
+
+ // HEADER identity link
+ EF_INFOBOX[offset++] = (byte) 0x01; // Personenbindung
+ if (encrypt) {
+ EF_INFOBOX[offset++] = (byte) 0x01; // Modifier
+
+ byte[] cipherText;
+ byte[] encKey;
+ try {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
+ SecretKey secretKey = keyGenerator.generateKey();
+
+ byte[] keyBytes = secretKey.getEncoded();
+
+ Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
+ byte[] iv = new byte[8];
+ Arrays.fill(iv, (byte) 0x00);
+ IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+ cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParameterSpec);
+ cipherText = cipher.doFinal(IDLINK);
+
+ cipher = Cipher.getInstance("RSA");
+ cipher.init(Cipher.ENCRYPT_MODE, PK_CH_EKEY);
+ encKey = cipher.doFinal(keyBytes);
+
+ } catch (GeneralSecurityException e) {
+ throw new RuntimeException(e);
+ }
+
+ int len = encKey.length + cipherText.length + 2;
+
+ EF_INFOBOX[offset++] = (byte) (0xFF & len);
+ EF_INFOBOX[offset++] = (byte) (0xFF & len >> 8);
+
+ EF_INFOBOX[offset++] = (byte) (0xFF & encKey.length);
+ EF_INFOBOX[offset++] = (byte) (0xFF & encKey.length >> 8);
+
+ System.arraycopy(encKey, 0, EF_INFOBOX, offset, encKey.length);
+ offset += encKey.length;
+
+ System.arraycopy(cipherText, 0, EF_INFOBOX, offset, cipherText.length);
+
+ } else {
+ EF_INFOBOX[offset++] = (byte) 0x00; // Modifier
+ EF_INFOBOX[offset++] = (byte) (0xFF & IDLINK.length);
+ EF_INFOBOX[offset++] = (byte) (0xFF & IDLINK.length >> 8);
+ System.arraycopy(IDLINK, 0, EF_INFOBOX, offset, IDLINK.length);
+ offset += IDLINK.length;
+ }
+
+ putFile(new File(FID_EF_INFOBOX, EF_INFOBOX, FCI_EF_INFOBOX));
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41: {
+ // INTERNAL AUTHENTICATE
+ if (Arrays.equals(SEC_ENV_INTERNAL_AUTHENTICATE, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x85});
+ }
+ }
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ if (Arrays.equals(SEC_ENV_DECIPHER, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x85});
+ }
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x2A);
+
+ if (command.getP1() == 0x80 && command.getP2() == 0x86) {
+
+ byte[] data = command.getData();
+
+ if (!Arrays.equals(securityEnv, SEC_ENV_DECIPHER)) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+
+ if (data.length != 193) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (pins.get(KID_PIN_DEC).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] cipherText = Arrays.copyOfRange(data, 1, data.length);
+
+ byte[] plainText;
+ try {
+ Cipher cipher = Cipher.getInstance("RSA");
+ cipher.init(Cipher.DECRYPT_MODE, SK_CH_EKEY);
+ plainText = cipher.doFinal(cipherText);
+ } catch (GeneralSecurityException e) {
+ throw new CardException(e);
+ }
+
+ byte[] response = new byte[plainText.length + 2];
+ System.arraycopy(plainText, 0, response, 0, plainText.length);
+ response[plainText.length] = (byte) 0x90;
+ response[plainText.length + 1] = (byte) 0x00;
+
+ return new ResponseAPDU(response);
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ @Override
+ public ResponseAPDU cmdINTERNAL_AUTHENTICATE(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x88);
+
+ if (command.getP1() == 0x10 && command.getP2() == 0x00) {
+
+ byte[] data = command.getData();
+
+ if (!Arrays.equals(securityEnv, SEC_ENV_INTERNAL_AUTHENTICATE)) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+
+ byte[] digestInfo = new byte[] {
+ (byte) 0x30, (byte) 0x21, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2B, (byte) 0x0E,
+ (byte) 0x03, (byte) 0x02, (byte) 0x1A, (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x14
+ };
+
+ if (data.length != 35 || !Arrays.equals(digestInfo, Arrays.copyOf(data, 15))) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+
+ if (pins.get(KID_PIN_DEC).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] digest = Arrays.copyOfRange(data, 15, 35);
+
+ byte[] sig;
+ try {
+ Signature signature = Signature.getInstance("RSA");
+ signature.initSign(SK_CH_EKEY);
+ signature.update(digest);
+ sig = signature.sign();
+ } catch (GeneralSecurityException e) {
+ throw new CardException(e);
+ }
+
+ byte[] response = new byte[sig.length + 2];
+ System.arraycopy(sig, 0, response, 0, sig.length);
+ response[sig.length] = (byte) 0x90;
+ response[sig.length + 1] = (byte) 0x00;
+
+ hash = null;
+ pins.get(KID_PIN_DEC).state = PIN.STATE_RESET;
+
+ return new ResponseAPDU(response);
+
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplSIG.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplSIG.java
new file mode 100644
index 00000000..aee6a7f7
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04ApplSIG.java
@@ -0,0 +1,87 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.util.Arrays;
+
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+
+
+@SuppressWarnings("restriction")
+public class A04ApplSIG extends ACOSApplSIG {
+
+ private static byte[] FID_EF_INFO = new byte[] { (byte) 0xd0, (byte) 0x02 };
+
+ private static byte[] FCI_EF_INFO = new byte[] { (byte) 0x6f, (byte) 0x07,
+ (byte) 0x80, (byte) 0x02, (byte) 0x00, (byte) 0x08, (byte) 0x82,
+ (byte) 0x01, (byte) 0x01 };
+
+ private static byte[] EF_INFO = new byte[] { (byte) 0x02, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x90, (byte) 0x00 };
+
+ public A04ApplSIG() {
+ putFile(new File(FID_EF_INFO, EF_INFO, FCI_EF_INFO));
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41:
+ // INTERNAL AUTHENTICATE
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41: {
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ byte[] dst = new byte[] { (byte) 0x84, (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, (byte) 0x14 };
+ if (Arrays.equals(dst, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardChannelEmul.java
new file mode 100644
index 00000000..3eaece91
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardChannelEmul.java
@@ -0,0 +1,75 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardEmul;
+
+
+@SuppressWarnings("restriction")
+public class A04CardChannelEmul extends ACOSCardChannelEmul {
+
+ public A04CardChannelEmul(CardEmul cardEmul) {
+ super(cardEmul);
+ }
+
+ @Override
+ public ResponseAPDU cmdREAD_BINARY(CommandAPDU command) throws CardException {
+
+ if (command.getINS() != 0xB0) {
+ throw new IllegalArgumentException("INS has to be 0xB0.");
+ }
+
+ if (currentFile == null) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x86});
+ }
+
+ if ((command.getP1() & 0x80) > 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ int offset = command.getP2() + (command.getP1() << 8);
+ if (offset > currentFile.file.length) {
+ // Wrong length
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (command.getNe() == 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ if (command.getNe() == 256 || command.getNe() <= currentFile.file.length - offset) {
+ int len = Math.min(command.getNe(), currentFile.file.length - offset);
+ byte[] response = new byte[len + 2];
+ System.arraycopy(currentFile.file, offset, response, 0, len);
+ response[len] = (byte) 0x90;
+ response[len + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ } else if (command.getNe() >= currentFile.file.length - offset) {
+ return new ResponseAPDU(new byte[] {(byte) 0x62, (byte) 0x82});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardEmul.java
new file mode 100644
index 00000000..dd44d05b
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardEmul.java
@@ -0,0 +1,32 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.CardEmul;
+
+
+
+public class A04CardEmul extends ACOSCardEmul {
+
+ public A04CardEmul(A04ApplSIG applSIG, A04ApplDEC applDEC) {
+ channel = new A04CardChannelEmul(this);
+ applications.add(applSIG);
+ applications.add(applDEC);
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardTest.java
new file mode 100644
index 00000000..1cbea1b3
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/A04CardTest.java
@@ -0,0 +1,143 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import iaik.security.provider.IAIK;
+
+import java.security.Security;
+import java.util.Arrays;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.CardTerminalEmul;
+import at.gv.egiz.smcc.LockedException;
+import at.gv.egiz.smcc.NotActivatedException;
+import at.gv.egiz.smcc.PINFormatException;
+import at.gv.egiz.smcc.PINMgmtSignatureCard;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.SignatureCardFactory;
+import at.gv.egiz.smcc.pin.gui.ChangePINProvider;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+
+public class A04CardTest extends ACOSCardTest {
+
+ @Override
+ protected SignatureCard createSignatureCard()
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ CardEmul card = new A04CardEmul(new A04ApplSIG(), new A04ApplDEC());
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ @Override
+ protected int getVersion() {
+ return 2;
+ }
+
+ @BeforeClass
+ public static void setupClass() {
+ IAIK.addAsProvider();
+ }
+
+ @Test
+ public void testChangePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ char[] defaultPin = "123456".toCharArray();
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplSIG applSIG = (ACOSApplSIG) card.getApplication(ACOSAppl.AID_SIG);
+ applSIG.setPin(ACOSApplSIG.KID_PIN_SIG, defaultPin);
+ ACOSApplDEC applDEC = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ applDEC.setPin(ACOSApplDEC.KID_PIN_DEC, defaultPin);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = defaultPin;
+
+ for (int i = pinSpec.getMinLength(); i <= pinSpec.getMaxLength(); i++) {
+ char[] newPin = new char[i];
+ Arrays.fill(newPin, '0');
+ signatureCard
+ .changePIN(pinSpec, new ChangePINProvider(pin, newPin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(newPin));
+ pin = newPin;
+ }
+
+ }
+
+ }
+
+ @Test
+ public void testGetInfoboxIdentityLinkEncrypted()
+ throws CardNotSupportedException, SignatureCardException,
+ InterruptedException {
+
+ char[] pin = "0000".toCharArray();
+
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ A04ApplDEC applDEC = new A04ApplDEC(true);
+ applDEC.setPin(A04ApplDEC.KID_PIN_DEC, pin);
+ CardEmul card = new A04CardEmul(new A04ApplSIG(), applDEC);
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider(pin);
+
+ byte[] idlink = signatureCard.getInfobox("IdentityLink",
+ pinProvider, null);
+ assertNotNull(idlink);
+ assertTrue(Arrays.equals(idlink, A04ApplDEC.IDLINK));
+ assertEquals(1, pinProvider.getProvided());
+
+ }
+
+ @Test
+ public void testGetInfoboxIdentityLink() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ final char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider(pin);
+
+ byte[] idlink = signatureCard.getInfobox("IdentityLink",
+ pinProvider, null);
+ assertNotNull(idlink);
+ assertTrue(Arrays.equals(idlink, A04ApplDEC.IDLINK));
+ assertEquals(0, pinProvider.getProvided());
+
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSAppl.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSAppl.java
new file mode 100644
index 00000000..4c340d61
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSAppl.java
@@ -0,0 +1,79 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+import java.util.Iterator;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.AbstractAppl;
+import at.gv.egiz.smcc.CardAppl;
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public abstract class ACOSAppl extends AbstractAppl implements CardAppl {
+
+ public static byte[] AID_SIG = new byte[] { (byte) 0xA0, (byte) 0x00,
+ (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x43 };
+
+ public static byte[] FID_SIG = new byte[] { (byte) 0xDF, (byte) 0x70 };
+
+ public static byte[] AID_DEC = new byte[] { (byte) 0xA0, (byte) 0x00,
+ (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x4E };
+
+ public static byte[] FID_DEC = new byte[] { (byte) 0xDF, (byte) 0x71 };
+
+ protected byte[] securityEnv;
+
+ protected byte[] hash;
+
+ @Override
+ public ResponseAPDU cmdINTERNAL_AUTHENTICATE(CommandAPDU command, CardChannelEmul channel) throws CardException {
+ return new ResponseAPDU(new byte[] {(byte) 0x6D, (byte) 0x00});
+ }
+
+ @Override
+ public void leaveApplContext() {
+ Iterator<PIN> pin = pins.values().iterator();
+ while (pin.hasNext()) {
+ pin.next().state = PIN.STATE_RESET;
+ }
+ }
+
+ public void setPin(int kid, char[] value) {
+ try {
+ PIN pin = pins.get(kid);
+ if (pin != null) {
+ if (value == null) {
+ Arrays.fill(pin.pin, (byte) 0x00);
+ pin.state = PIN.STATE_PIN_BLOCKED;
+ } else {
+ int l = pin.pin.length;
+ pin.pin = Arrays.copyOf(new String(value).getBytes("ASCII"), l);
+ }
+ }
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplDEC.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplDEC.java
new file mode 100644
index 00000000..09a754f3
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplDEC.java
@@ -0,0 +1,334 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+public abstract class ACOSApplDEC extends ACOSAppl {
+
+ public static final byte[] IDLINK = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x11, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x0c,
+ (byte) 0x26, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x7a,
+ (byte) 0x6d, (byte) 0x72, (byte) 0x2f, (byte) 0x70, (byte) 0x65, (byte) 0x72, (byte) 0x73, (byte) 0x62,
+ (byte) 0x32, (byte) 0x30, (byte) 0x34, (byte) 0x2e, (byte) 0x78, (byte) 0x73, (byte) 0x6c, (byte) 0x0c,
+ (byte) 0x29, (byte) 0x73, (byte) 0x7a, (byte) 0x72, (byte) 0x2e, (byte) 0x62, (byte) 0x6d, (byte) 0x69,
+ (byte) 0x2e, (byte) 0x67, (byte) 0x76, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2d, (byte) 0x41,
+ (byte) 0x73, (byte) 0x73, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e,
+ (byte) 0x49, (byte) 0x44, (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x36, (byte) 0x33, (byte) 0x35,
+ (byte) 0x36, (byte) 0x33, (byte) 0x36, (byte) 0x36, (byte) 0x37, (byte) 0x39, (byte) 0x39, (byte) 0x39,
+ (byte) 0x31, (byte) 0x39, (byte) 0x0c, (byte) 0x19, (byte) 0x32, (byte) 0x30, (byte) 0x30, (byte) 0x39,
+ (byte) 0x2d, (byte) 0x30, (byte) 0x33, (byte) 0x2d, (byte) 0x30, (byte) 0x36, (byte) 0x54, (byte) 0x31,
+ (byte) 0x36, (byte) 0x3a, (byte) 0x31, (byte) 0x39, (byte) 0x3a, (byte) 0x32, (byte) 0x36, (byte) 0x2b,
+ (byte) 0x30, (byte) 0x31, (byte) 0x3a, (byte) 0x30, (byte) 0x30, (byte) 0xa0, (byte) 0x42, (byte) 0x30,
+ (byte) 0x40, (byte) 0x0c, (byte) 0x18, (byte) 0x45, (byte) 0x68, (byte) 0x42, (byte) 0x53, (byte) 0x36,
+ (byte) 0x54, (byte) 0x6f, (byte) 0x31, (byte) 0x49, (byte) 0x6c, (byte) 0x54, (byte) 0x4b, (byte) 0x4f,
+ (byte) 0x4a, (byte) 0x45, (byte) 0x39, (byte) 0x75, (byte) 0x62, (byte) 0x74, (byte) 0x48, (byte) 0x69,
+ (byte) 0x51, (byte) 0x3d, (byte) 0x3d, (byte) 0x0c, (byte) 0x0a, (byte) 0x58, (byte) 0x58, (byte) 0x58,
+ (byte) 0xc5, (byte) 0x90, (byte) 0x7a, (byte) 0x67, (byte) 0xc3, (byte) 0xbc, (byte) 0x72, (byte) 0x0c,
+ (byte) 0x0c, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x54, (byte) 0xc3, (byte) 0xbc, (byte) 0x7a,
+ (byte) 0x65, (byte) 0x6b, (byte) 0xc3, (byte) 0xa7, (byte) 0x69, (byte) 0x0c, (byte) 0x0a, (byte) 0x31,
+ (byte) 0x39, (byte) 0x37, (byte) 0x33, (byte) 0x2d, (byte) 0x30, (byte) 0x36, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x34, (byte) 0x30, (byte) 0x0a, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x00,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x03, (byte) 0x82, (byte) 0x01,
+ (byte) 0x01, (byte) 0x00, (byte) 0x9f, (byte) 0xa5, (byte) 0x68, (byte) 0xa9, (byte) 0x14, (byte) 0x4c,
+ (byte) 0xa4, (byte) 0x5d, (byte) 0x9d, (byte) 0x09, (byte) 0x99, (byte) 0x2e, (byte) 0xe7, (byte) 0x45,
+ (byte) 0x2e, (byte) 0x42, (byte) 0x49, (byte) 0x02, (byte) 0x16, (byte) 0xd9, (byte) 0xcb, (byte) 0x90,
+ (byte) 0x43, (byte) 0x27, (byte) 0x03, (byte) 0x43, (byte) 0x6d, (byte) 0xb4, (byte) 0x8c, (byte) 0xdc,
+ (byte) 0x1c, (byte) 0x77, (byte) 0xd4, (byte) 0x2e, (byte) 0xa1, (byte) 0x40, (byte) 0xe7, (byte) 0xe0,
+ (byte) 0x03, (byte) 0x60, (byte) 0x15, (byte) 0xf7, (byte) 0xdb, (byte) 0x03, (byte) 0x5e, (byte) 0xca,
+ (byte) 0xe4, (byte) 0x35, (byte) 0xba, (byte) 0x2b, (byte) 0xfd, (byte) 0xe6, (byte) 0xb8, (byte) 0xd8,
+ (byte) 0xb7, (byte) 0x2a, (byte) 0x80, (byte) 0xdd, (byte) 0x38, (byte) 0xe0, (byte) 0x8a, (byte) 0x69,
+ (byte) 0xad, (byte) 0x67, (byte) 0x60, (byte) 0x65, (byte) 0x42, (byte) 0xc9, (byte) 0x41, (byte) 0x60,
+ (byte) 0x94, (byte) 0xde, (byte) 0x84, (byte) 0x54, (byte) 0xad, (byte) 0xb3, (byte) 0xf4, (byte) 0xf7,
+ (byte) 0x44, (byte) 0xd5, (byte) 0xf3, (byte) 0xd3, (byte) 0xb6, (byte) 0x87, (byte) 0x8a, (byte) 0x22,
+ (byte) 0x38, (byte) 0x00, (byte) 0xcb, (byte) 0xa4, (byte) 0x4f, (byte) 0x96, (byte) 0xc2, (byte) 0x28,
+ (byte) 0xc2, (byte) 0x8d, (byte) 0x91, (byte) 0x95, (byte) 0xb4, (byte) 0xea, (byte) 0x00, (byte) 0x59,
+ (byte) 0x2e, (byte) 0xec, (byte) 0x78, (byte) 0xd8, (byte) 0x0f, (byte) 0x26, (byte) 0x04, (byte) 0xee,
+ (byte) 0xed, (byte) 0x13, (byte) 0xbf, (byte) 0x81, (byte) 0x68, (byte) 0x81, (byte) 0x43, (byte) 0xbe,
+ (byte) 0x15, (byte) 0x0e, (byte) 0xba, (byte) 0xf9, (byte) 0x6a, (byte) 0x18, (byte) 0xeb, (byte) 0x95,
+ (byte) 0xad, (byte) 0xb4, (byte) 0x0f, (byte) 0x3c, (byte) 0x94, (byte) 0x63, (byte) 0x32, (byte) 0x81,
+ (byte) 0x90, (byte) 0xcf, (byte) 0x3f, (byte) 0x95, (byte) 0xff, (byte) 0x8d, (byte) 0x86, (byte) 0xed,
+ (byte) 0xe4, (byte) 0x75, (byte) 0xd5, (byte) 0x09, (byte) 0x32, (byte) 0x17, (byte) 0x38, (byte) 0xb2,
+ (byte) 0x68, (byte) 0x35, (byte) 0x49, (byte) 0x8c, (byte) 0xa6, (byte) 0xd0, (byte) 0x3e, (byte) 0xde,
+ (byte) 0x6e, (byte) 0x47, (byte) 0x68, (byte) 0xbf, (byte) 0x98, (byte) 0x33, (byte) 0xae, (byte) 0x59,
+ (byte) 0x9f, (byte) 0xe0, (byte) 0x19, (byte) 0x9b, (byte) 0x5b, (byte) 0x1b, (byte) 0x8f, (byte) 0x74,
+ (byte) 0xd2, (byte) 0x9c, (byte) 0x01, (byte) 0x1a, (byte) 0xdf, (byte) 0xaf, (byte) 0xf8, (byte) 0x96,
+ (byte) 0x91, (byte) 0xcb, (byte) 0xf8, (byte) 0xbf, (byte) 0x06, (byte) 0xc7, (byte) 0xd5, (byte) 0x17,
+ (byte) 0x95, (byte) 0xef, (byte) 0xc5, (byte) 0x97, (byte) 0x37, (byte) 0x1b, (byte) 0xb0, (byte) 0xa1,
+ (byte) 0x4f, (byte) 0x9f, (byte) 0x01, (byte) 0x82, (byte) 0x90, (byte) 0x4a, (byte) 0x6a, (byte) 0x04,
+ (byte) 0xdb, (byte) 0x31, (byte) 0x1a, (byte) 0x58, (byte) 0xeb, (byte) 0xcd, (byte) 0x68, (byte) 0xe3,
+ (byte) 0x68, (byte) 0x0b, (byte) 0xa0, (byte) 0x11, (byte) 0x44, (byte) 0x08, (byte) 0xa0, (byte) 0x5c,
+ (byte) 0xfc, (byte) 0x61, (byte) 0x15, (byte) 0x1f, (byte) 0xbb, (byte) 0x22, (byte) 0x87, (byte) 0x18,
+ (byte) 0xa3, (byte) 0x07, (byte) 0x9b, (byte) 0x0d, (byte) 0x13, (byte) 0x7c, (byte) 0xff, (byte) 0x30,
+ (byte) 0xcf, (byte) 0xf3, (byte) 0xaf, (byte) 0xe4, (byte) 0x45, (byte) 0x05, (byte) 0xa0, (byte) 0x8e,
+ (byte) 0x6b, (byte) 0xef, (byte) 0x70, (byte) 0xf5, (byte) 0x4b, (byte) 0x68, (byte) 0x8f, (byte) 0x61,
+ (byte) 0xd6, (byte) 0xf5, (byte) 0xa0, (byte) 0x17, (byte) 0x03, (byte) 0x15, (byte) 0x00, (byte) 0x8e,
+ (byte) 0xa8, (byte) 0xdf, (byte) 0xa9, (byte) 0x77, (byte) 0xfd, (byte) 0x9b, (byte) 0x4b, (byte) 0x91,
+ (byte) 0x89, (byte) 0x34, (byte) 0x84, (byte) 0xf3, (byte) 0x24, (byte) 0xb2, (byte) 0x5a, (byte) 0x39,
+ (byte) 0xa9, (byte) 0xf2, (byte) 0x17, (byte) 0xa1, (byte) 0x17, (byte) 0x03, (byte) 0x15, (byte) 0x00,
+ (byte) 0xdb, (byte) 0xa2, (byte) 0xfd, (byte) 0xa4, (byte) 0xe7, (byte) 0x65, (byte) 0x2e, (byte) 0x7e,
+ (byte) 0xb0, (byte) 0xc8, (byte) 0xfa, (byte) 0x4d, (byte) 0x13, (byte) 0x28, (byte) 0xdf, (byte) 0xb1,
+ (byte) 0x58, (byte) 0x3b, (byte) 0x9e, (byte) 0x29, (byte) 0xa2, (byte) 0x17, (byte) 0x03, (byte) 0x15,
+ (byte) 0x00, (byte) 0x68, (byte) 0xa0, (byte) 0x17, (byte) 0x18, (byte) 0xb7, (byte) 0xb3, (byte) 0xc3,
+ (byte) 0x60, (byte) 0x77, (byte) 0x82, (byte) 0x8d, (byte) 0xf1, (byte) 0x5e, (byte) 0x10, (byte) 0xc3,
+ (byte) 0x2d, (byte) 0x78, (byte) 0x2c, (byte) 0x11, (byte) 0x0b
+ };
+ private static byte[] FCI = new byte[] { (byte) 0x6f, (byte) 0x1a, (byte) 0x84,
+ (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, (byte) 0x01,
+ (byte) 0x18, (byte) 0x4e, (byte) 0x43, (byte) 0x85, (byte) 0x0f,
+ (byte) 0x50, (byte) 0x0d, (byte) 0x44, (byte) 0x49, (byte) 0x47,
+ (byte) 0x53, (byte) 0x49, (byte) 0x47, (byte) 0x20, (byte) 0x43,
+ (byte) 0x43, (byte) 0x20, (byte) 0x45, (byte) 0x4e, (byte) 0x43 };
+ protected static byte[] FID_EF_C_CH_EKEY = new byte[] { (byte) 0xc0, (byte) 0x01 };
+ protected static byte[] FCI_EF_C_CH_EKEY = new byte[] { (byte) 0x6f, (byte) 0x07,
+ (byte) 0x80, (byte) 0x02, (byte) 0x07, (byte) 0xd0, (byte) 0x82,
+ (byte) 0x01, (byte) 0x01};
+ protected static byte[] C_CH_EKEY = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x05, (byte) 0x7f, (byte) 0x30, (byte) 0x82, (byte) 0x04, (byte) 0x67,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x02, (byte) 0x02, (byte) 0x03, (byte) 0x02,
+ (byte) 0x05, (byte) 0x51, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0xa1, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41,
+ (byte) 0x54, (byte) 0x31, (byte) 0x48, (byte) 0x30, (byte) 0x46, (byte) 0x06, (byte) 0x03, (byte) 0x55,
+ (byte) 0x04, (byte) 0x0a, (byte) 0x0c, (byte) 0x3f, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x73, (byte) 0x2e,
+ (byte) 0x20, (byte) 0x66, (byte) 0x2e, (byte) 0x20, (byte) 0x53, (byte) 0x69, (byte) 0x63, (byte) 0x68,
+ (byte) 0x65, (byte) 0x72, (byte) 0x68, (byte) 0x65, (byte) 0x69, (byte) 0x74, (byte) 0x73, (byte) 0x73,
+ (byte) 0x79, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x6d, (byte) 0x65, (byte) 0x20, (byte) 0x69,
+ (byte) 0x6d, (byte) 0x20, (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6b, (byte) 0x74, (byte) 0x72,
+ (byte) 0x2e, (byte) 0x20, (byte) 0x44, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x6e, (byte) 0x76,
+ (byte) 0x65, (byte) 0x72, (byte) 0x6b, (byte) 0x65, (byte) 0x68, (byte) 0x72, (byte) 0x20, (byte) 0x47,
+ (byte) 0x6d, (byte) 0x62, (byte) 0x48, (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0b, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65,
+ (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2d, (byte) 0x45, (byte) 0x6e, (byte) 0x63, (byte) 0x2d, (byte) 0x30, (byte) 0x32,
+ (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x03, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75,
+ (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x45,
+ (byte) 0x6e, (byte) 0x63, (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x30, (byte) 0x1e, (byte) 0x17,
+ (byte) 0x0d, (byte) 0x30, (byte) 0x39, (byte) 0x30, (byte) 0x31, (byte) 0x31, (byte) 0x33, (byte) 0x30,
+ (byte) 0x39, (byte) 0x34, (byte) 0x35, (byte) 0x31, (byte) 0x32, (byte) 0x5a, (byte) 0x17, (byte) 0x0d,
+ (byte) 0x31, (byte) 0x32, (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x31, (byte) 0x30, (byte) 0x39,
+ (byte) 0x34, (byte) 0x35, (byte) 0x31, (byte) 0x32, (byte) 0x5a, (byte) 0x30, (byte) 0x70, (byte) 0x31,
+ (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06,
+ (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x54, (byte) 0x31, (byte) 0x1f, (byte) 0x30, (byte) 0x1d,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x03, (byte) 0x0c, (byte) 0x16, (byte) 0x58,
+ (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x6f, (byte) 0x20, (byte) 0x58,
+ (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x61, (byte) 0x6b, (byte) 0x72,
+ (byte) 0x69, (byte) 0x6e, (byte) 0x67, (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x17, (byte) 0x30,
+ (byte) 0x15, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x04, (byte) 0x0c, (byte) 0x0e,
+ (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x61, (byte) 0x6b,
+ (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x67, (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x10,
+ (byte) 0x30, (byte) 0x0e, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x2a, (byte) 0x0c,
+ (byte) 0x07, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x6f,
+ (byte) 0x31, (byte) 0x15, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x05, (byte) 0x13, (byte) 0x0c, (byte) 0x39, (byte) 0x37, (byte) 0x30, (byte) 0x30, (byte) 0x31,
+ (byte) 0x36, (byte) 0x38, (byte) 0x36, (byte) 0x36, (byte) 0x31, (byte) 0x37, (byte) 0x34, (byte) 0x30,
+ (byte) 0x81, (byte) 0xdf, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05,
+ (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0xcd, (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0xc9,
+ (byte) 0x02, (byte) 0x81, (byte) 0xc1, (byte) 0x00, (byte) 0xae, (byte) 0xe6, (byte) 0x07, (byte) 0x1d,
+ (byte) 0xb9, (byte) 0x56, (byte) 0x0a, (byte) 0x98, (byte) 0x1a, (byte) 0xde, (byte) 0x52, (byte) 0xf2,
+ (byte) 0x77, (byte) 0xdc, (byte) 0x5e, (byte) 0x76, (byte) 0x7f, (byte) 0xe5, (byte) 0xc1, (byte) 0x79,
+ (byte) 0xb9, (byte) 0x51, (byte) 0x97, (byte) 0x08, (byte) 0x20, (byte) 0x4e, (byte) 0xa6, (byte) 0xa3,
+ (byte) 0xab, (byte) 0xdf, (byte) 0x49, (byte) 0x21, (byte) 0x2b, (byte) 0x65, (byte) 0x4f, (byte) 0x7c,
+ (byte) 0x26, (byte) 0xe8, (byte) 0xb9, (byte) 0x47, (byte) 0xdf, (byte) 0x03, (byte) 0x0f, (byte) 0xf7,
+ (byte) 0x4e, (byte) 0xf4, (byte) 0x47, (byte) 0x3d, (byte) 0x32, (byte) 0x61, (byte) 0x05, (byte) 0x33,
+ (byte) 0x0f, (byte) 0xdc, (byte) 0x97, (byte) 0x3e, (byte) 0xbf, (byte) 0x9b, (byte) 0xf2, (byte) 0xf8,
+ (byte) 0xb3, (byte) 0xe2, (byte) 0xc4, (byte) 0x4d, (byte) 0xe0, (byte) 0x48, (byte) 0x6a, (byte) 0x1b,
+ (byte) 0xd2, (byte) 0xfe, (byte) 0xfa, (byte) 0xee, (byte) 0x24, (byte) 0x08, (byte) 0xdc, (byte) 0x60,
+ (byte) 0x2a, (byte) 0x78, (byte) 0x6c, (byte) 0x1d, (byte) 0xd3, (byte) 0x74, (byte) 0x43, (byte) 0x1f,
+ (byte) 0x1f, (byte) 0x4e, (byte) 0xd2, (byte) 0x0f, (byte) 0x89, (byte) 0x3c, (byte) 0xe3, (byte) 0x1e,
+ (byte) 0xfa, (byte) 0x31, (byte) 0x5a, (byte) 0xc2, (byte) 0x04, (byte) 0x24, (byte) 0xd1, (byte) 0xe5,
+ (byte) 0x51, (byte) 0xc4, (byte) 0x94, (byte) 0x26, (byte) 0xd1, (byte) 0x32, (byte) 0x1e, (byte) 0xdf,
+ (byte) 0x64, (byte) 0xaa, (byte) 0xaf, (byte) 0x2c, (byte) 0x85, (byte) 0x25, (byte) 0x88, (byte) 0x8f,
+ (byte) 0x80, (byte) 0xe4, (byte) 0x05, (byte) 0x74, (byte) 0xd5, (byte) 0xda, (byte) 0x69, (byte) 0x88,
+ (byte) 0x4a, (byte) 0x0c, (byte) 0x6a, (byte) 0x85, (byte) 0x5f, (byte) 0x67, (byte) 0x51, (byte) 0x6c,
+ (byte) 0x5c, (byte) 0x1c, (byte) 0x41, (byte) 0x88, (byte) 0x4c, (byte) 0xad, (byte) 0x83, (byte) 0xc9,
+ (byte) 0x10, (byte) 0x97, (byte) 0x45, (byte) 0x00, (byte) 0x3f, (byte) 0xbd, (byte) 0x1d, (byte) 0x2f,
+ (byte) 0x28, (byte) 0x2e, (byte) 0x78, (byte) 0x97, (byte) 0x05, (byte) 0xa5, (byte) 0x41, (byte) 0x42,
+ (byte) 0x37, (byte) 0x08, (byte) 0x60, (byte) 0x0b, (byte) 0x66, (byte) 0xb1, (byte) 0xb8, (byte) 0xdd,
+ (byte) 0x98, (byte) 0x03, (byte) 0x03, (byte) 0x33, (byte) 0xc9, (byte) 0x15, (byte) 0xf7, (byte) 0x5b,
+ (byte) 0x35, (byte) 0xa5, (byte) 0xaa, (byte) 0x7a, (byte) 0x5e, (byte) 0xe9, (byte) 0xa7, (byte) 0x60,
+ (byte) 0xba, (byte) 0xd8, (byte) 0x0d, (byte) 0x6d, (byte) 0xb3, (byte) 0x85, (byte) 0x70, (byte) 0x0e,
+ (byte) 0x38, (byte) 0x6f, (byte) 0xf0, (byte) 0xfd, (byte) 0x02, (byte) 0x03, (byte) 0x01, (byte) 0x00,
+ (byte) 0x01, (byte) 0xa3, (byte) 0x82, (byte) 0x02, (byte) 0x32, (byte) 0x30, (byte) 0x82, (byte) 0x02,
+ (byte) 0x2e, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x23,
+ (byte) 0x04, (byte) 0x0c, (byte) 0x30, (byte) 0x0a, (byte) 0x80, (byte) 0x08, (byte) 0x4b, (byte) 0x5d,
+ (byte) 0x02, (byte) 0x5c, (byte) 0x6d, (byte) 0x58, (byte) 0x24, (byte) 0x67, (byte) 0x30, (byte) 0x81,
+ (byte) 0x84, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x07, (byte) 0x01, (byte) 0x01, (byte) 0x04, (byte) 0x78, (byte) 0x30, (byte) 0x76, (byte) 0x30,
+ (byte) 0x2c, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x07, (byte) 0x30, (byte) 0x01, (byte) 0x86, (byte) 0x20, (byte) 0x68, (byte) 0x74, (byte) 0x74,
+ (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x70,
+ (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74,
+ (byte) 0x2f, (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x70, (byte) 0x30, (byte) 0x46, (byte) 0x06,
+ (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30,
+ (byte) 0x02, (byte) 0x86, (byte) 0x3a, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a,
+ (byte) 0x2f, (byte) 0x2f, (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74,
+ (byte) 0x2f, (byte) 0x63, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x73, (byte) 0x2f, (byte) 0x61,
+ (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72,
+ (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65,
+ (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x45, (byte) 0x6e, (byte) 0x63, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x32, (byte) 0x2e, (byte) 0x63, (byte) 0x72, (byte) 0x74, (byte) 0x30, (byte) 0x81, (byte) 0x93,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x20, (byte) 0x04, (byte) 0x81, (byte) 0x8b,
+ (byte) 0x30, (byte) 0x81, (byte) 0x88, (byte) 0x30, (byte) 0x81, (byte) 0x85, (byte) 0x06, (byte) 0x06,
+ (byte) 0x2a, (byte) 0x28, (byte) 0x00, (byte) 0x11, (byte) 0x01, (byte) 0x03, (byte) 0x30, (byte) 0x7b,
+ (byte) 0x30, (byte) 0x3d, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05,
+ (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x01, (byte) 0x16, (byte) 0x31, (byte) 0x68, (byte) 0x74,
+ (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x77, (byte) 0x77, (byte) 0x77,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x64, (byte) 0x6f, (byte) 0x63, (byte) 0x73,
+ (byte) 0x2f, (byte) 0x63, (byte) 0x70, (byte) 0x2f, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69,
+ (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x70, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69,
+ (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x30,
+ (byte) 0x3a, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x07, (byte) 0x02, (byte) 0x02, (byte) 0x30, (byte) 0x2e, (byte) 0x1a, (byte) 0x2c, (byte) 0x44,
+ (byte) 0x69, (byte) 0x65, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x20, (byte) 0x5a, (byte) 0x65,
+ (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x6b, (byte) 0x61, (byte) 0x74,
+ (byte) 0x20, (byte) 0x64, (byte) 0x69, (byte) 0x65, (byte) 0x6e, (byte) 0x74, (byte) 0x20, (byte) 0x6e,
+ (byte) 0x75, (byte) 0x72, (byte) 0x20, (byte) 0x7a, (byte) 0x75, (byte) 0x20, (byte) 0x54, (byte) 0x65,
+ (byte) 0x73, (byte) 0x74, (byte) 0x7a, (byte) 0x77, (byte) 0x65, (byte) 0x63, (byte) 0x6b, (byte) 0x65,
+ (byte) 0x6e, (byte) 0x20, (byte) 0x21, (byte) 0x30, (byte) 0x81, (byte) 0xa4, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x1d, (byte) 0x1f, (byte) 0x04, (byte) 0x81, (byte) 0x9c, (byte) 0x30, (byte) 0x81,
+ (byte) 0x99, (byte) 0x30, (byte) 0x81, (byte) 0x96, (byte) 0xa0, (byte) 0x81, (byte) 0x93, (byte) 0xa0,
+ (byte) 0x81, (byte) 0x90, (byte) 0x86, (byte) 0x81, (byte) 0x8d, (byte) 0x6c, (byte) 0x64, (byte) 0x61,
+ (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x6c, (byte) 0x64, (byte) 0x61, (byte) 0x70,
+ (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74,
+ (byte) 0x2f, (byte) 0x6f, (byte) 0x75, (byte) 0x3d, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69,
+ (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69,
+ (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d,
+ (byte) 0x45, (byte) 0x6e, (byte) 0x63, (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x2c, (byte) 0x6f,
+ (byte) 0x3d, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2c, (byte) 0x63, (byte) 0x3d, (byte) 0x41, (byte) 0x54, (byte) 0x3f, (byte) 0x63, (byte) 0x65,
+ (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61, (byte) 0x74,
+ (byte) 0x65, (byte) 0x72, (byte) 0x65, (byte) 0x76, (byte) 0x6f, (byte) 0x63, (byte) 0x61, (byte) 0x74,
+ (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x6c, (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x3f,
+ (byte) 0x62, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x3f, (byte) 0x6f, (byte) 0x62, (byte) 0x6a,
+ (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x63, (byte) 0x6c, (byte) 0x61, (byte) 0x73, (byte) 0x73,
+ (byte) 0x3d, (byte) 0x65, (byte) 0x69, (byte) 0x64, (byte) 0x43, (byte) 0x65, (byte) 0x72, (byte) 0x74,
+ (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x69, (byte) 0x6f,
+ (byte) 0x6e, (byte) 0x41, (byte) 0x75, (byte) 0x74, (byte) 0x68, (byte) 0x6f, (byte) 0x72, (byte) 0x69,
+ (byte) 0x74, (byte) 0x79, (byte) 0x30, (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d,
+ (byte) 0x0e, (byte) 0x04, (byte) 0x0a, (byte) 0x04, (byte) 0x08, (byte) 0x4a, (byte) 0x24, (byte) 0x43,
+ (byte) 0xc0, (byte) 0x85, (byte) 0x2a, (byte) 0xb4, (byte) 0x51, (byte) 0x30, (byte) 0x0e, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0f, (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x04,
+ (byte) 0x04, (byte) 0x03, (byte) 0x02, (byte) 0x04, (byte) 0xb0, (byte) 0x30, (byte) 0x25, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x11, (byte) 0x04, (byte) 0x1e, (byte) 0x30, (byte) 0x1c,
+ (byte) 0x81, (byte) 0x1a, (byte) 0x74, (byte) 0x68, (byte) 0x6f, (byte) 0x6d, (byte) 0x61, (byte) 0x73,
+ (byte) 0x2e, (byte) 0x72, (byte) 0x6f, (byte) 0x65, (byte) 0x73, (byte) 0x73, (byte) 0x6c, (byte) 0x65,
+ (byte) 0x72, (byte) 0x40, (byte) 0x65, (byte) 0x67, (byte) 0x69, (byte) 0x7a, (byte) 0x2e, (byte) 0x67,
+ (byte) 0x76, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x02, (byte) 0x30, (byte) 0x00, (byte) 0x30,
+ (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7,
+ (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x82,
+ (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x4a, (byte) 0x36, (byte) 0x02, (byte) 0xb3, (byte) 0xab,
+ (byte) 0x02, (byte) 0xe9, (byte) 0xe1, (byte) 0xaf, (byte) 0x3f, (byte) 0xd5, (byte) 0xcd, (byte) 0x3d,
+ (byte) 0x51, (byte) 0x08, (byte) 0xb8, (byte) 0x73, (byte) 0x23, (byte) 0x68, (byte) 0x0c, (byte) 0x22,
+ (byte) 0x32, (byte) 0xcd, (byte) 0xbe, (byte) 0xc8, (byte) 0x77, (byte) 0xbc, (byte) 0x47, (byte) 0x37,
+ (byte) 0xdd, (byte) 0x89, (byte) 0x7c, (byte) 0x22, (byte) 0x24, (byte) 0x2f, (byte) 0x23, (byte) 0xea,
+ (byte) 0x3e, (byte) 0xc2, (byte) 0xf4, (byte) 0x59, (byte) 0x78, (byte) 0xa6, (byte) 0xbe, (byte) 0xcd,
+ (byte) 0x71, (byte) 0xaa, (byte) 0xb5, (byte) 0xbc, (byte) 0xe3, (byte) 0xbc, (byte) 0x3f, (byte) 0xf1,
+ (byte) 0xfa, (byte) 0x1a, (byte) 0x43, (byte) 0x2b, (byte) 0x91, (byte) 0x35, (byte) 0x67, (byte) 0xa5,
+ (byte) 0x62, (byte) 0x9d, (byte) 0x55, (byte) 0x85, (byte) 0xe0, (byte) 0x3f, (byte) 0xed, (byte) 0x00,
+ (byte) 0x67, (byte) 0x80, (byte) 0x6a, (byte) 0xfb, (byte) 0x46, (byte) 0x8a, (byte) 0xed, (byte) 0x48,
+ (byte) 0x03, (byte) 0xe7, (byte) 0x9d, (byte) 0x5c, (byte) 0xac, (byte) 0xdf, (byte) 0xec, (byte) 0x2d,
+ (byte) 0x53, (byte) 0x8b, (byte) 0x01, (byte) 0xdb, (byte) 0x14, (byte) 0x91, (byte) 0x21, (byte) 0xaf,
+ (byte) 0xa7, (byte) 0x91, (byte) 0x69, (byte) 0x7e, (byte) 0x97, (byte) 0x68, (byte) 0xcc, (byte) 0x2a,
+ (byte) 0x06, (byte) 0x1a, (byte) 0xbc, (byte) 0x53, (byte) 0x35, (byte) 0xde, (byte) 0xd7, (byte) 0x62,
+ (byte) 0x12, (byte) 0xbd, (byte) 0x54, (byte) 0xb5, (byte) 0x4c, (byte) 0x3c, (byte) 0xaf, (byte) 0x55,
+ (byte) 0xa4, (byte) 0x5b, (byte) 0x28, (byte) 0x61, (byte) 0x68, (byte) 0x03, (byte) 0xc6, (byte) 0x72,
+ (byte) 0xc0, (byte) 0xa2, (byte) 0x3f, (byte) 0x84, (byte) 0x02, (byte) 0xf8, (byte) 0x3d, (byte) 0x70,
+ (byte) 0x3f, (byte) 0xde, (byte) 0x9d, (byte) 0x6a, (byte) 0x71, (byte) 0x16, (byte) 0x87, (byte) 0x9d,
+ (byte) 0x93, (byte) 0x3d, (byte) 0x46, (byte) 0x41, (byte) 0xa9, (byte) 0x6a, (byte) 0xca, (byte) 0x87,
+ (byte) 0xd4, (byte) 0xd1, (byte) 0x3f, (byte) 0x1d, (byte) 0x6e, (byte) 0x6a, (byte) 0xbf, (byte) 0x02,
+ (byte) 0x9b, (byte) 0xfb, (byte) 0x4a, (byte) 0x47, (byte) 0xe0, (byte) 0x20, (byte) 0x4a, (byte) 0x2d,
+ (byte) 0x5a, (byte) 0x0c, (byte) 0x6b, (byte) 0x25, (byte) 0xd6, (byte) 0x2d, (byte) 0xd4, (byte) 0x53,
+ (byte) 0x08, (byte) 0x41, (byte) 0xa9, (byte) 0x16, (byte) 0xa2, (byte) 0xa0, (byte) 0xef, (byte) 0x13,
+ (byte) 0xa8, (byte) 0xec, (byte) 0x7e, (byte) 0x99, (byte) 0x15, (byte) 0xf9, (byte) 0x1a, (byte) 0x18,
+ (byte) 0x5e, (byte) 0x75, (byte) 0xc7, (byte) 0x5d, (byte) 0x40, (byte) 0xd4, (byte) 0x84, (byte) 0x4a,
+ (byte) 0xd2, (byte) 0xf7, (byte) 0x7c, (byte) 0x65, (byte) 0x12, (byte) 0xc7, (byte) 0xae, (byte) 0xbc,
+ (byte) 0x9d, (byte) 0x3e, (byte) 0xce, (byte) 0x42, (byte) 0xfe, (byte) 0xe4, (byte) 0x98, (byte) 0x10,
+ (byte) 0x63, (byte) 0x0d, (byte) 0xaa, (byte) 0x2d, (byte) 0x73, (byte) 0x7d, (byte) 0x46, (byte) 0x19,
+ (byte) 0xca, (byte) 0x78, (byte) 0x94, (byte) 0xe5, (byte) 0x11, (byte) 0x83, (byte) 0x87, (byte) 0xb2,
+ (byte) 0xf7, (byte) 0x59, (byte) 0x90, (byte) 0x47, (byte) 0x86, (byte) 0x57, (byte) 0xcf, (byte) 0xc7,
+ (byte) 0x7b, (byte) 0x8f, (byte) 0xac, (byte) 0x20, (byte) 0xbd, (byte) 0x46, (byte) 0xea, (byte) 0xa2,
+ (byte) 0x10, (byte) 0xe1, (byte) 0x72, (byte) 0x3e, (byte) 0xe3, (byte) 0x72, (byte) 0x20, (byte) 0x24,
+ (byte) 0xa5, (byte) 0x2f, (byte) 0xc5
+ };
+ protected static final int KID_PIN_DEC = 0x81;
+
+ protected static byte[] FID_EF_INFOBOX = new byte[] { (byte) 0xc0, (byte) 0x02 };
+ protected static byte[] FCI_EF_INFOBOX = new byte[] { (byte) 0x6f, (byte) 0x07,
+ (byte) 0x80, (byte) 0x02, (byte) 0x05, (byte) 0xdc, (byte) 0x82,
+ (byte) 0x01, (byte) 0x01};
+
+ protected byte[] EF_INFOBOX = new byte[1500];
+
+ protected byte[] EF_C_CH_EKEY = new byte[2000];
+
+ public ACOSApplDEC() {
+ System.arraycopy(C_CH_EKEY, 0, EF_C_CH_EKEY, 0, C_CH_EKEY.length);
+ putFile(new File(FID_EF_C_CH_EKEY, EF_C_CH_EKEY, FCI_EF_C_CH_EKEY));
+ try {
+ pins.put(KID_PIN_DEC, new PIN("1234\0\0\0\0".getBytes("ASCII"), KID_PIN_DEC, 10, PIN.STATE_RESET));
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ public byte[] getAID() {
+ return AID_DEC;
+ }
+
+ @Override
+ public byte[] getFID() {
+ return FID_DEC;
+ }
+
+ @Override
+ public byte[] getFCI() {
+ return FCI;
+ }
+
+ public void clearInfobox() {
+ Arrays.fill(EF_INFOBOX, (byte) 0x00);
+ }
+
+ public void setInfoboxHeader(byte b) {
+ EF_INFOBOX[0] = b;
+ }
+
+ public void clearCert() {
+ Arrays.fill(EF_C_CH_EKEY, (byte) 0x00);
+ }
+
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplSIG.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplSIG.java
new file mode 100644
index 00000000..6ab5903a
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSApplSIG.java
@@ -0,0 +1,302 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+import java.util.Random;
+
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public abstract class ACOSApplSIG extends ACOSAppl {
+
+ private static byte[] FCI = new byte[] { (byte) 0x6f, (byte) 0x1a,
+ (byte) 0x84, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00,
+ (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x43, (byte) 0x85,
+ (byte) 0x0f, (byte) 0x50, (byte) 0x0d, (byte) 0x44, (byte) 0x49,
+ (byte) 0x47, (byte) 0x53, (byte) 0x49, (byte) 0x47, (byte) 0x20,
+ (byte) 0x43, (byte) 0x43, (byte) 0x20, (byte) 0x45, (byte) 0x43,
+ (byte) 0x43 };
+ protected static byte[] FID_EF_C_CH_DS = new byte[] { (byte) 0xc0, (byte) 0x02 };
+ protected static byte[] FCI_EF_C_CH_DS = new byte[] { (byte) 0x6f, (byte) 0x07,
+ (byte) 0x80, (byte) 0x02, (byte) 0x07, (byte) 0xd0, (byte) 0x82,
+ (byte) 0x01, (byte) 0x01 };
+ protected static byte[] C_CH_DS = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x05, (byte) 0x2b, (byte) 0x30, (byte) 0x82, (byte) 0x04, (byte) 0x13,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x02, (byte) 0x02, (byte) 0x03, (byte) 0x02,
+ (byte) 0x05, (byte) 0x52, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0xa1, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41,
+ (byte) 0x54, (byte) 0x31, (byte) 0x48, (byte) 0x30, (byte) 0x46, (byte) 0x06, (byte) 0x03, (byte) 0x55,
+ (byte) 0x04, (byte) 0x0a, (byte) 0x0c, (byte) 0x3f, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x73, (byte) 0x2e,
+ (byte) 0x20, (byte) 0x66, (byte) 0x2e, (byte) 0x20, (byte) 0x53, (byte) 0x69, (byte) 0x63, (byte) 0x68,
+ (byte) 0x65, (byte) 0x72, (byte) 0x68, (byte) 0x65, (byte) 0x69, (byte) 0x74, (byte) 0x73, (byte) 0x73,
+ (byte) 0x79, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x6d, (byte) 0x65, (byte) 0x20, (byte) 0x69,
+ (byte) 0x6d, (byte) 0x20, (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6b, (byte) 0x74, (byte) 0x72,
+ (byte) 0x2e, (byte) 0x20, (byte) 0x44, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x6e, (byte) 0x76,
+ (byte) 0x65, (byte) 0x72, (byte) 0x6b, (byte) 0x65, (byte) 0x68, (byte) 0x72, (byte) 0x20, (byte) 0x47,
+ (byte) 0x6d, (byte) 0x62, (byte) 0x48, (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0b, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65,
+ (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2d, (byte) 0x53, (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30, (byte) 0x32,
+ (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x03, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75,
+ (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53,
+ (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x30, (byte) 0x1e, (byte) 0x17,
+ (byte) 0x0d, (byte) 0x30, (byte) 0x39, (byte) 0x30, (byte) 0x31, (byte) 0x31, (byte) 0x33, (byte) 0x30,
+ (byte) 0x39, (byte) 0x34, (byte) 0x35, (byte) 0x31, (byte) 0x32, (byte) 0x5a, (byte) 0x17, (byte) 0x0d,
+ (byte) 0x31, (byte) 0x32, (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x31, (byte) 0x30, (byte) 0x39,
+ (byte) 0x34, (byte) 0x35, (byte) 0x31, (byte) 0x32, (byte) 0x5a, (byte) 0x30, (byte) 0x70, (byte) 0x31,
+ (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06,
+ (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x54, (byte) 0x31, (byte) 0x1f, (byte) 0x30, (byte) 0x1d,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x03, (byte) 0x0c, (byte) 0x16, (byte) 0x58,
+ (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x6f, (byte) 0x20, (byte) 0x58,
+ (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x61, (byte) 0x6b, (byte) 0x72,
+ (byte) 0x69, (byte) 0x6e, (byte) 0x67, (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x17, (byte) 0x30,
+ (byte) 0x15, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x04, (byte) 0x0c, (byte) 0x0e,
+ (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x61, (byte) 0x6b,
+ (byte) 0x72, (byte) 0x69, (byte) 0x6e, (byte) 0x67, (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x10,
+ (byte) 0x30, (byte) 0x0e, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x2a, (byte) 0x0c,
+ (byte) 0x07, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x4f, (byte) 0x74, (byte) 0x74, (byte) 0x6f,
+ (byte) 0x31, (byte) 0x15, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x05, (byte) 0x13, (byte) 0x0c, (byte) 0x39, (byte) 0x37, (byte) 0x30, (byte) 0x30, (byte) 0x31,
+ (byte) 0x36, (byte) 0x38, (byte) 0x36, (byte) 0x36, (byte) 0x31, (byte) 0x37, (byte) 0x34, (byte) 0x30,
+ (byte) 0x59, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x07, (byte) 0x2a, (byte) 0x86, (byte) 0x48,
+ (byte) 0xce, (byte) 0x3d, (byte) 0x02, (byte) 0x01, (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0xce, (byte) 0x3d, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0x03, (byte) 0x42,
+ (byte) 0x00, (byte) 0x04, (byte) 0x6b, (byte) 0xde, (byte) 0x5f, (byte) 0x5e, (byte) 0xd5, (byte) 0x2b,
+ (byte) 0xbe, (byte) 0x1e, (byte) 0xb9, (byte) 0x82, (byte) 0x19, (byte) 0x75, (byte) 0xf4, (byte) 0x3b,
+ (byte) 0xc1, (byte) 0x34, (byte) 0xe9, (byte) 0xdb, (byte) 0x0b, (byte) 0x25, (byte) 0x31, (byte) 0x33,
+ (byte) 0xfa, (byte) 0x8b, (byte) 0x72, (byte) 0xd4, (byte) 0x9f, (byte) 0x21, (byte) 0xf5, (byte) 0x62,
+ (byte) 0xb9, (byte) 0xf6, (byte) 0x50, (byte) 0xdb, (byte) 0xcc, (byte) 0xbf, (byte) 0x43, (byte) 0xb9,
+ (byte) 0x5e, (byte) 0x75, (byte) 0x2a, (byte) 0x37, (byte) 0xbe, (byte) 0x32, (byte) 0xa6, (byte) 0x83,
+ (byte) 0xb1, (byte) 0x5c, (byte) 0xc3, (byte) 0x9d, (byte) 0xf0, (byte) 0xab, (byte) 0xe6, (byte) 0x8f,
+ (byte) 0xe4, (byte) 0x97, (byte) 0x83, (byte) 0x57, (byte) 0x89, (byte) 0xe0, (byte) 0x13, (byte) 0xe3,
+ (byte) 0x13, (byte) 0xa8, (byte) 0xa3, (byte) 0x82, (byte) 0x02, (byte) 0x65, (byte) 0x30, (byte) 0x82,
+ (byte) 0x02, (byte) 0x61, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d,
+ (byte) 0x23, (byte) 0x04, (byte) 0x0c, (byte) 0x30, (byte) 0x0a, (byte) 0x80, (byte) 0x08, (byte) 0x46,
+ (byte) 0x06, (byte) 0x9f, (byte) 0x8e, (byte) 0x41, (byte) 0x8e, (byte) 0x15, (byte) 0xbd, (byte) 0x30,
+ (byte) 0x27, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x07, (byte) 0x01, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x04, (byte) 0x18,
+ (byte) 0x30, (byte) 0x16, (byte) 0x30, (byte) 0x08, (byte) 0x06, (byte) 0x06, (byte) 0x04, (byte) 0x00,
+ (byte) 0x8e, (byte) 0x46, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x0a, (byte) 0x06, (byte) 0x08,
+ (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x0b, (byte) 0x01,
+ (byte) 0x30, (byte) 0x81, (byte) 0x84, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01,
+ (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x01, (byte) 0x01, (byte) 0x04, (byte) 0x78, (byte) 0x30,
+ (byte) 0x76, (byte) 0x30, (byte) 0x2c, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01,
+ (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30, (byte) 0x01, (byte) 0x86, (byte) 0x20, (byte) 0x68,
+ (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x6f, (byte) 0x63,
+ (byte) 0x73, (byte) 0x70, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2e,
+ (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e,
+ (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x70, (byte) 0x30,
+ (byte) 0x46, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x07, (byte) 0x30, (byte) 0x02, (byte) 0x86, (byte) 0x3a, (byte) 0x68, (byte) 0x74, (byte) 0x74,
+ (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e,
+ (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e,
+ (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x63, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x73,
+ (byte) 0x2f, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d,
+ (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d,
+ (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53, (byte) 0x69, (byte) 0x67,
+ (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x2e, (byte) 0x63, (byte) 0x72, (byte) 0x74, (byte) 0x30,
+ (byte) 0x81, (byte) 0x9d, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x20, (byte) 0x04,
+ (byte) 0x81, (byte) 0x95, (byte) 0x30, (byte) 0x81, (byte) 0x92, (byte) 0x30, (byte) 0x81, (byte) 0x85,
+ (byte) 0x06, (byte) 0x06, (byte) 0x2a, (byte) 0x28, (byte) 0x00, (byte) 0x11, (byte) 0x01, (byte) 0x03,
+ (byte) 0x30, (byte) 0x7b, (byte) 0x30, (byte) 0x3d, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06,
+ (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x01, (byte) 0x16, (byte) 0x31,
+ (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x77,
+ (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75,
+ (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x64, (byte) 0x6f,
+ (byte) 0x63, (byte) 0x73, (byte) 0x2f, (byte) 0x63, (byte) 0x70, (byte) 0x2f, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x70, (byte) 0x72, (byte) 0x65,
+ (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x30, (byte) 0x3a, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01,
+ (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x02, (byte) 0x30, (byte) 0x2e, (byte) 0x1a,
+ (byte) 0x2c, (byte) 0x44, (byte) 0x69, (byte) 0x65, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x20,
+ (byte) 0x5a, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x6b,
+ (byte) 0x61, (byte) 0x74, (byte) 0x20, (byte) 0x64, (byte) 0x69, (byte) 0x65, (byte) 0x6e, (byte) 0x74,
+ (byte) 0x20, (byte) 0x6e, (byte) 0x75, (byte) 0x72, (byte) 0x20, (byte) 0x7a, (byte) 0x75, (byte) 0x20,
+ (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x7a, (byte) 0x77, (byte) 0x65, (byte) 0x63,
+ (byte) 0x6b, (byte) 0x65, (byte) 0x6e, (byte) 0x20, (byte) 0x21, (byte) 0x30, (byte) 0x08, (byte) 0x06,
+ (byte) 0x06, (byte) 0x04, (byte) 0x00, (byte) 0x8b, (byte) 0x30, (byte) 0x01, (byte) 0x01, (byte) 0x30,
+ (byte) 0x81, (byte) 0xa4, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x1f, (byte) 0x04,
+ (byte) 0x81, (byte) 0x9c, (byte) 0x30, (byte) 0x81, (byte) 0x99, (byte) 0x30, (byte) 0x81, (byte) 0x96,
+ (byte) 0xa0, (byte) 0x81, (byte) 0x93, (byte) 0xa0, (byte) 0x81, (byte) 0x90, (byte) 0x86, (byte) 0x81,
+ (byte) 0x8d, (byte) 0x6c, (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x6c, (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f, (byte) 0x75, (byte) 0x3d,
+ (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50,
+ (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54,
+ (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53, (byte) 0x69, (byte) 0x67, (byte) 0x2d,
+ (byte) 0x30, (byte) 0x32, (byte) 0x2c, (byte) 0x6f, (byte) 0x3d, (byte) 0x41, (byte) 0x2d, (byte) 0x54,
+ (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2c, (byte) 0x63, (byte) 0x3d, (byte) 0x41,
+ (byte) 0x54, (byte) 0x3f, (byte) 0x63, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66,
+ (byte) 0x69, (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x65, (byte) 0x76,
+ (byte) 0x6f, (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x6c,
+ (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x3f, (byte) 0x62, (byte) 0x61, (byte) 0x73, (byte) 0x65,
+ (byte) 0x3f, (byte) 0x6f, (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x63,
+ (byte) 0x6c, (byte) 0x61, (byte) 0x73, (byte) 0x73, (byte) 0x3d, (byte) 0x65, (byte) 0x69, (byte) 0x64,
+ (byte) 0x43, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63,
+ (byte) 0x61, (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x41, (byte) 0x75, (byte) 0x74,
+ (byte) 0x68, (byte) 0x6f, (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, (byte) 0x30, (byte) 0x11,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, (byte) 0x04, (byte) 0x0a, (byte) 0x04,
+ (byte) 0x08, (byte) 0x46, (byte) 0x08, (byte) 0xda, (byte) 0x9e, (byte) 0x68, (byte) 0xf8, (byte) 0xe5,
+ (byte) 0x81, (byte) 0x30, (byte) 0x0e, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0f,
+ (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x04, (byte) 0x04, (byte) 0x03, (byte) 0x02, (byte) 0x06,
+ (byte) 0xc0, (byte) 0x30, (byte) 0x25, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x11,
+ (byte) 0x04, (byte) 0x1e, (byte) 0x30, (byte) 0x1c, (byte) 0x81, (byte) 0x1a, (byte) 0x74, (byte) 0x68,
+ (byte) 0x6f, (byte) 0x6d, (byte) 0x61, (byte) 0x73, (byte) 0x2e, (byte) 0x72, (byte) 0x6f, (byte) 0x65,
+ (byte) 0x73, (byte) 0x73, (byte) 0x6c, (byte) 0x65, (byte) 0x72, (byte) 0x40, (byte) 0x65, (byte) 0x67,
+ (byte) 0x69, (byte) 0x7a, (byte) 0x2e, (byte) 0x67, (byte) 0x76, (byte) 0x2e, (byte) 0x61, (byte) 0x74,
+ (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04,
+ (byte) 0x02, (byte) 0x30, (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a,
+ (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05,
+ (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0xd8,
+ (byte) 0xec, (byte) 0xe5, (byte) 0x5c, (byte) 0x17, (byte) 0x42, (byte) 0xe8, (byte) 0x2f, (byte) 0x04,
+ (byte) 0x1f, (byte) 0xe2, (byte) 0x04, (byte) 0x57, (byte) 0x07, (byte) 0x30, (byte) 0xdc, (byte) 0x4f,
+ (byte) 0x61, (byte) 0x7d, (byte) 0xd8, (byte) 0x89, (byte) 0x36, (byte) 0x31, (byte) 0x26, (byte) 0x45,
+ (byte) 0x55, (byte) 0x64, (byte) 0xd3, (byte) 0x55, (byte) 0x1b, (byte) 0x83, (byte) 0x51, (byte) 0xa0,
+ (byte) 0x39, (byte) 0x1b, (byte) 0x6a, (byte) 0x7e, (byte) 0xfa, (byte) 0x7e, (byte) 0x2c, (byte) 0xd0,
+ (byte) 0xd3, (byte) 0x86, (byte) 0x7b, (byte) 0x8d, (byte) 0x29, (byte) 0x8f, (byte) 0xa3, (byte) 0x83,
+ (byte) 0xd2, (byte) 0x72, (byte) 0xce, (byte) 0x43, (byte) 0xcf, (byte) 0xc1, (byte) 0x27, (byte) 0xf1,
+ (byte) 0x4d, (byte) 0x11, (byte) 0xe2, (byte) 0x67, (byte) 0xbe, (byte) 0x6e, (byte) 0x34, (byte) 0x7d,
+ (byte) 0x04, (byte) 0x1f, (byte) 0xba, (byte) 0x55, (byte) 0x34, (byte) 0xea, (byte) 0xc2, (byte) 0xcf,
+ (byte) 0x0f, (byte) 0x64, (byte) 0x7b, (byte) 0x84, (byte) 0xe0, (byte) 0x55, (byte) 0x05, (byte) 0x82,
+ (byte) 0xdd, (byte) 0x9d, (byte) 0xd7, (byte) 0xeb, (byte) 0x91, (byte) 0x78, (byte) 0x69, (byte) 0x49,
+ (byte) 0x58, (byte) 0x70, (byte) 0xff, (byte) 0x83, (byte) 0x70, (byte) 0xa0, (byte) 0xb3, (byte) 0xb7,
+ (byte) 0x3d, (byte) 0x0f, (byte) 0x8e, (byte) 0xe9, (byte) 0x1b, (byte) 0x21, (byte) 0xef, (byte) 0x31,
+ (byte) 0x0b, (byte) 0xe3, (byte) 0xac, (byte) 0xc6, (byte) 0x0f, (byte) 0x57, (byte) 0x4f, (byte) 0xd8,
+ (byte) 0xd6, (byte) 0xb2, (byte) 0xd0, (byte) 0xca, (byte) 0xd9, (byte) 0x6f, (byte) 0x3f, (byte) 0x6e,
+ (byte) 0x83, (byte) 0x8c, (byte) 0xff, (byte) 0x47, (byte) 0xca, (byte) 0xbc, (byte) 0x81, (byte) 0x60,
+ (byte) 0x5f, (byte) 0xe2, (byte) 0xdd, (byte) 0xbd, (byte) 0x89, (byte) 0xb2, (byte) 0x52, (byte) 0xac,
+ (byte) 0xc3, (byte) 0x8b, (byte) 0x44, (byte) 0x99, (byte) 0x70, (byte) 0xe7, (byte) 0x2c, (byte) 0x52,
+ (byte) 0x21, (byte) 0xaa, (byte) 0xa2, (byte) 0x0f, (byte) 0x38, (byte) 0xc6, (byte) 0x98, (byte) 0x4d,
+ (byte) 0x48, (byte) 0xda, (byte) 0x65, (byte) 0x41, (byte) 0xa4, (byte) 0xad, (byte) 0x41, (byte) 0x7c,
+ (byte) 0x99, (byte) 0x14, (byte) 0xe5, (byte) 0xcb, (byte) 0x51, (byte) 0xd7, (byte) 0xab, (byte) 0x76,
+ (byte) 0xb1, (byte) 0x20, (byte) 0xce, (byte) 0x32, (byte) 0x1b, (byte) 0x11, (byte) 0x5c, (byte) 0xef,
+ (byte) 0x8b, (byte) 0x4f, (byte) 0xf3, (byte) 0x46, (byte) 0x5b, (byte) 0x11, (byte) 0xd7, (byte) 0x91,
+ (byte) 0xb6, (byte) 0x41, (byte) 0xd3, (byte) 0x23, (byte) 0xb6, (byte) 0x03, (byte) 0xa8, (byte) 0x98,
+ (byte) 0x40, (byte) 0x76, (byte) 0x13, (byte) 0x5d, (byte) 0x4c, (byte) 0xb2, (byte) 0xe9, (byte) 0xfe,
+ (byte) 0x90, (byte) 0x27, (byte) 0x04, (byte) 0xfc, (byte) 0x10, (byte) 0x45, (byte) 0x8b, (byte) 0x10,
+ (byte) 0xc3, (byte) 0xb2, (byte) 0x4b, (byte) 0x3c, (byte) 0xd2, (byte) 0x5b, (byte) 0x0f, (byte) 0xe8,
+ (byte) 0xfb, (byte) 0xb9, (byte) 0x45, (byte) 0xaf, (byte) 0x05, (byte) 0xc4, (byte) 0xba, (byte) 0xc7,
+ (byte) 0xfc, (byte) 0xa5, (byte) 0x7d, (byte) 0xdb, (byte) 0x4f, (byte) 0xa9, (byte) 0x76, (byte) 0xe2,
+ (byte) 0xfa, (byte) 0xc7, (byte) 0xe0, (byte) 0xad, (byte) 0x70, (byte) 0xaa, (byte) 0x40, (byte) 0x15,
+ (byte) 0x64, (byte) 0x01, (byte) 0xba, (byte) 0xc6, (byte) 0xc3, (byte) 0x83, (byte) 0x65, (byte) 0x95,
+ (byte) 0x3c, (byte) 0x05, (byte) 0x53, (byte) 0x88, (byte) 0xe7, (byte) 0x19, (byte) 0x98
+ };
+
+ protected static final int KID_PIN_SIG = 0x81;
+
+ protected byte[] EF_C_CH_DS = new byte[2000];
+
+ public ACOSApplSIG() {
+ // Files
+ System.arraycopy(C_CH_DS, 0, EF_C_CH_DS, 0, C_CH_DS.length);
+ putFile(new File(FID_EF_C_CH_DS, EF_C_CH_DS, FCI_EF_C_CH_DS));
+
+ // PINs
+ try {
+ pins.put(KID_PIN_SIG, new PIN(Arrays.copyOf("123456".getBytes("ASCII"), 8), KID_PIN_SIG, 3, PIN.STATE_RESET));
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ public byte[] getAID() {
+ return AID_SIG;
+ }
+
+ @Override
+ public byte[] getFID() {
+ return FID_SIG;
+ }
+
+ @Override
+ public byte[] getFCI() {
+ return FCI;
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) {
+
+ checkINS(command, 0x2A);
+
+ if (command.getP1() == 0x90 && command.getP2() == 0x81) {
+
+ // PUT HASH
+ hash = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+
+ } else if (command.getP1() == 0x9E && command.getP2() == 0x9A) {
+
+ // COMPUTE DIGITAL SIGNATURE
+ if (securityEnv == null) {
+ // No security environment
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ if (hash == null) {
+ // Command sequence not correct
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x03});
+ }
+ if (hash.length != 20) {
+ // Invalid hash length
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ if (pins.get(KID_PIN_SIG).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] signature = new byte[48];
+
+ // TODO replace by signature creation
+ Random random = new Random();
+ random.nextBytes(signature);
+
+ byte[] response = new byte[signature.length + 2];
+ System.arraycopy(signature, 0, response, 0, signature.length);
+ response[signature.length] = (byte) 0x90;
+ response[signature.length + 1] = (byte) 0x00;
+
+ hash = null;
+ pins.get(KID_PIN_SIG).state = PIN.STATE_RESET;
+
+ return new ResponseAPDU(response);
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ public void clearCert() {
+ Arrays.fill(EF_C_CH_DS, (byte) 0x00);
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardChannelEmul.java
new file mode 100644
index 00000000..25923686
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardChannelEmul.java
@@ -0,0 +1,261 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import java.util.Arrays;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.AbstractAppl;
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public abstract class ACOSCardChannelEmul extends CardChannelEmul {
+
+ /**
+ *
+ */
+ protected CardEmul cardEmul;
+
+ public ACOSCardChannelEmul(CardEmul cardEmul) {
+ this.cardEmul = cardEmul;
+ }
+
+ @Override
+ public Card getCard() {
+ return cardEmul;
+ }
+
+ protected ResponseAPDU cmdSELECT(CommandAPDU command) throws CardException {
+
+ byte[] fid = command.getData();
+
+ AbstractAppl appl = cardEmul.getApplication(fid);
+ if (appl != null) {
+ if (currentAppl != null && currentAppl != appl) {
+ currentAppl.leaveApplContext();
+ currentFile = null;
+ }
+ currentAppl = appl;
+
+ byte[] fci = currentAppl.getFCI();
+ byte[] response = new byte[fci.length + 2];
+ System.arraycopy(fci, 0, response, 0, fci.length);
+ response[fci.length] = (byte) 0x90;
+ response[fci.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+
+ if (command.getP1() == 0x00) {
+ // SELECT with FID
+ if (currentAppl instanceof AbstractAppl) {
+
+ for (File file : ((AbstractAppl) currentAppl).getFiles()) {
+
+ if (Arrays.equals(fid, file.fid)) {
+ currentFile = file;
+ byte[] response = new byte[file.fcx.length + 2];
+ System.arraycopy(file.fcx, 0, response, 0, file.fcx.length);
+ response[file.fcx.length] = (byte) 0x90;
+ response[file.fcx.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+
+ }
+
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x82});
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x82});
+ }
+ }
+
+ // Not found
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x82});
+
+ }
+
+ public abstract ResponseAPDU cmdREAD_BINARY(CommandAPDU command) throws CardException;
+
+
+ @Override
+ public ResponseAPDU transmit(CommandAPDU command) throws CardException {
+
+ if (command.getCLA() == 0x00) {
+
+ switch (command.getINS()) {
+
+ // SELECT
+ case 0xA4:
+ return cmdSELECT(command);
+
+ // READ BINARY
+ case 0xB0:
+ return cmdREAD_BINARY(command);
+
+ // VERIFY
+ case 0x20:
+ if ((command.getP2() & 0x80) > 0) {
+ return cmdVERIFY(command);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ // MANAGE SECURITY ENVIRONMENT
+ case 0x22: {
+ if (currentAppl != null) {
+ return currentAppl.cmdMANAGE_SECURITY_ENVIRONMENT(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ // CHANGE REFERENCE DATA
+ case 0x24: {
+ return cmdCHANGE_REFERENCE_DATA(command);
+ }
+
+ // PERFORM SECURITY OPERATION
+ case 0x2A: {
+ if (currentAppl != null) {
+ return currentAppl.cmdPERFORM_SECURITY_OPERATION(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ // INTERNAL AUTHENTICATE
+ case 0x88: {
+ if (currentAppl != null) {
+ return currentAppl.cmdINTERNAL_AUTHENTICATE(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ default:
+ return new ResponseAPDU(new byte[] { (byte) 0x6D, (byte) 0x00});
+ }
+
+ } else {
+ return new ResponseAPDU(new byte[] { (byte) 0x6E, (byte) 0x00});
+ }
+
+ }
+
+ protected ResponseAPDU verifyPin(int kid, byte[] reference) {
+
+ PIN pin;
+ if (currentAppl != null) {
+ pin = currentAppl.pins.get(kid);
+ } else {
+ pin = null;
+ }
+
+ if (pin != null) {
+
+ if (reference.length != 8) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (Arrays.equals(reference, pin.pin)) {
+ switch (pin.state) {
+ case PIN.STATE_PIN_BLOCKED:
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+
+ case PIN.STATE_RESET:
+ pin.state = PIN.STATE_PIN_VERIFIED;
+
+ default:
+ pin.kfpc = 10;
+ return new ResponseAPDU(new byte[] { (byte) 0x90, (byte) 0x00 });
+ }
+ } else {
+ switch (pin.state) {
+ case PIN.STATE_PIN_BLOCKED:
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+
+ default:
+ if (--pin.kfpc > 0) {
+ return new ResponseAPDU(new byte[] { (byte) 0x63, (byte) (pin.kfpc | 0xC0)});
+ } else {
+ pin.state = PIN.STATE_PIN_BLOCKED;
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+ }
+ }
+
+ }
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ public ResponseAPDU cmdVERIFY(CommandAPDU command) throws CardException {
+
+ if (command.getINS() != 0x20) {
+ throw new IllegalArgumentException("INS has to be 0x20.");
+ }
+
+ if (command.getP1() != 00) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6B, (byte) 0x00});
+ }
+
+ return verifyPin(command.getP2(), command.getData());
+
+ }
+
+ public ResponseAPDU cmdCHANGE_REFERENCE_DATA(CommandAPDU command) {
+
+ if (command.getINS() != 0x24) {
+ throw new IllegalArgumentException("INS has to be 0x24.");
+ }
+
+ if (command.getP1() == 0x00) {
+
+ byte[] data = command.getData();
+ if (data.length != 16) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ ResponseAPDU response = verifyPin(command.getP2(), Arrays.copyOf(data, 8));
+ if (response.getSW() == 0x9000) {
+ PIN pin;
+ if (currentAppl != null) {
+ pin = currentAppl.pins.get(command.getP2());
+ } else {
+ pin = null;
+ }
+ pin.pin = Arrays.copyOfRange(data, 8, 16);
+ }
+
+ return response;
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardEmul.java
new file mode 100644
index 00000000..b9f70a5d
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardEmul.java
@@ -0,0 +1,38 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+
+import javax.smartcardio.ATR;
+
+import at.gv.egiz.smcc.CardEmul;
+
+@SuppressWarnings("restriction")
+public abstract class ACOSCardEmul extends CardEmul {
+
+ protected static ATR ATR = new ATR(new byte[] {
+ (byte) 0x3b, (byte) 0xbf, (byte) 0x11, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x45, (byte) 0x50, (byte) 0x41, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0xf1
+ });
+
+ @Override
+ public ATR getATR() {
+ return ATR;
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTest.java
new file mode 100644
index 00000000..4f012739
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTest.java
@@ -0,0 +1,230 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+
+import org.junit.Test;
+
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.CardTest;
+import at.gv.egiz.smcc.LockedException;
+import at.gv.egiz.smcc.NotActivatedException;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.SignatureCard.KeyboxName;
+
+public abstract class ACOSCardTest extends CardTest {
+
+ public ACOSCardTest() {
+ super();
+ }
+
+ protected abstract int getVersion();
+
+ @Test
+ public void testGetInfoboxIdentityLinkEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplDEC appl = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ appl.clearInfobox();
+
+ byte[] idlink = signatureCard.getInfobox("IdentityLink",
+ new SMCCTestPINProvider(pin), null);
+ assertNull(idlink);
+
+ }
+
+ @Test(expected = SignatureCardException.class)
+ public void testGetInfoboxIdentityInvalid() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplDEC appl = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ appl.setInfoboxHeader((byte) 0xFF);
+
+ signatureCard.getInfobox("IdentityLink", new SMCCTestPINProvider(pin), null);
+
+ }
+
+ @Test
+ public void testGetCerts() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ byte[] cert;
+
+ cert = signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+ assertNotNull(cert);
+ assertTrue(Arrays.equals(cert, A04ApplSIG.C_CH_DS));
+
+ cert = signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR);
+ assertNotNull(cert);
+ assertTrue(Arrays.equals(cert, A04ApplDEC.C_CH_EKEY));
+
+ }
+
+ @Test(expected = NotActivatedException.class)
+ public void testGetSIGCertEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplSIG appl = (ACOSApplSIG) card.getApplication(ACOSAppl.AID_SIG);
+ appl.clearCert();
+
+ signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+
+ }
+
+ @Test(expected = NotActivatedException.class)
+ public void testGetDECCertEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplDEC appl = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ appl.clearCert();
+
+ signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR);
+
+ }
+
+ @Test
+ public void testSignSIG() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ char[] pin = "123456".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplSIG appl = (ACOSApplSIG) card.getApplication(ACOSAppl.AID_SIG);
+ appl.setPin(ACOSApplSIG.KID_PIN_SIG, pin);
+
+ byte[] signature = signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")),
+ KeyboxName.SECURE_SIGNATURE_KEYPAIR, new SMCCTestPINProvider(pin), null);
+
+ assertNotNull(signature);
+
+ }
+
+ @Test
+ public void testSignDEC() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ char[] pin = "1234".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplDEC appl = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ appl.setPin(ACOSApplDEC.KID_PIN_DEC, pin);
+
+ byte[] signature = signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")),
+ KeyboxName.CERITIFIED_KEYPAIR, new SMCCTestPINProvider(pin), null);
+
+ assertNotNull(signature);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignSIGInvalidPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("000000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignDECInvalidPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("0000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignSIGBlockedPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplSIG appl = (ACOSApplSIG) card.getApplication(ACOSAppl.AID_SIG);
+ appl.setPin(ACOSApplSIG.KID_PIN_SIG, null);
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("000000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignDECBlockedPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ ACOSApplDEC appl = (ACOSApplDEC) card.getApplication(ACOSAppl.AID_DEC);
+ appl.setPin(ACOSApplDEC.KID_PIN_DEC, null);
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("0000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTestSuite.java b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTestSuite.java
new file mode 100644
index 00000000..101f7edc
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/acos/ACOSCardTestSuite.java
@@ -0,0 +1,27 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.acos;
+
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+import org.junit.runners.Suite.SuiteClasses;
+
+@RunWith(Suite.class)
+@SuiteClasses( { A03CardTest.class, A04CardTest.class })
+public class ACOSCardTestSuite {
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelChangePINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelChangePINProvider.java
new file mode 100644
index 00000000..dffe7e29
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelChangePINProvider.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class CancelChangePINProvider extends DummyChangePINGUI implements ModifyPINGUI {
+
+ public CancelChangePINProvider() {
+ }
+
+ @Override
+ public char[] provideCurrentPIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ throw new CancelledException("cancelled by cancelPINProvider");
+ }
+
+ @Override
+ public char[] provideNewPIN(PINSpec spec)
+ throws CancelledException, InterruptedException {
+ throw new CancelledException("cancelled by cancelPINProvider");
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelPINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelPINProvider.java
new file mode 100644
index 00000000..77f19345
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/CancelPINProvider.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class CancelPINProvider extends DummyPINGUI implements PINGUI {
+
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ throw new CancelledException("cancelled by cancelPINProvider");
+ }
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/ChangePINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/ChangePINProvider.java
new file mode 100644
index 00000000..5eb8b9a1
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/ChangePINProvider.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class ChangePINProvider extends DummyChangePINGUI implements ModifyPINGUI {
+
+ int provided = 0;
+ char[] pin;
+ char[] oldPin;
+
+ public ChangePINProvider(char[] oldPin, char[] pin) {
+ this.pin = pin;
+ this.oldPin = oldPin;
+ }
+
+ public int getProvided() {
+ return provided;
+ }
+
+ @Override
+ public char[] provideCurrentPIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ provided++;
+ return oldPin;
+ }
+
+ @Override
+ public char[] provideNewPIN(PINSpec spec) {
+ return pin;
+ }
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyChangePINGUI.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyChangePINGUI.java
new file mode 100644
index 00000000..fff89409
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyChangePINGUI.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public abstract class DummyChangePINGUI implements ModifyPINGUI {
+
+ @Override
+ public void validKeyPressed() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void correctionButtonPressed() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void allKeysCleared() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void finish() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void finishDirect() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void modifyPINDirect(PINSpec spec, int retries) throws CancelledException, InterruptedException {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void enterCurrentPIN(PINSpec spec, int retries) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void enterNewPIN(PINSpec spec) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void confirmNewPIN(PINSpec spec) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyPINGUI.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyPINGUI.java
new file mode 100644
index 00000000..4d99b5c1
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/DummyPINGUI.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public abstract class DummyPINGUI implements PINGUI {
+
+ @Override
+ public void enterPINDirect(PINSpec spec, int retries) throws CancelledException, InterruptedException {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void enterPIN(PINSpec spec, int retries) throws CancelledException, InterruptedException {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void validKeyPressed() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void correctionButtonPressed() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public void allKeysCleared() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InterruptPINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InterruptPINProvider.java
new file mode 100644
index 00000000..5706b888
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InterruptPINProvider.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+@SuppressWarnings("restriction")
+public class InterruptPINProvider extends DummyPINGUI implements PINGUI {
+
+ public InterruptPINProvider() {
+ }
+
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ throw new InterruptedException("interrupted by cancelPINProvider");
+ }
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidChangePINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidChangePINProvider.java
new file mode 100644
index 00000000..69c9f42a
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidChangePINProvider.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class InvalidChangePINProvider extends DummyChangePINGUI implements ModifyPINGUI {
+
+ int provided = 0;
+ int numWrongTries = 0;
+ char[] pin;
+ char[] oldPin;
+
+ /** emulate ChangePinProvider */
+ public InvalidChangePINProvider(char[] oldPin, char[] newPin, int numWrongTries) {
+ super();
+ this.pin = newPin;
+ this.oldPin = oldPin;
+ this.numWrongTries = numWrongTries;
+ }
+
+ @Override
+ public char[] provideCurrentPIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ if (provided >= numWrongTries) {
+ throw new CancelledException("Number of wrong tries reached: " + provided);
+ } else {
+ provided++;
+ return oldPin;
+ }
+ }
+
+ public int getProvided() {
+ return provided;
+ }
+
+ @Override
+ public char[] provideNewPIN(PINSpec spec) {
+ return pin;
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidPINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidPINProvider.java
new file mode 100644
index 00000000..db01fd0d
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/InvalidPINProvider.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class InvalidPINProvider extends DummyPINGUI implements PINGUI {
+
+ int provided = 0;
+ int numWrongTries = 0;
+ char[] pin;
+
+ public InvalidPINProvider(char[] pin, int numWrongTries) {
+ super();
+ this.pin = pin;
+ this.numWrongTries = numWrongTries;
+ }
+
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ if (provided >= numWrongTries) {
+ throw new CancelledException("Number of wrong tries reached: " + provided);
+ } else {
+ provided++;
+ return pin;
+ }
+ }
+
+ public int getProvided() {
+ return provided;
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/SMCCTestPINProvider.java b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/SMCCTestPINProvider.java
new file mode 100644
index 00000000..dffc90d7
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/pin/gui/SMCCTestPINProvider.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.pin.gui;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.PINSpec;
+
+public class SMCCTestPINProvider extends DummyPINGUI implements PINGUI {
+
+ public int provided = 0;
+ char[] pin;
+
+ public SMCCTestPINProvider(char[] pin) {
+ this.pin = pin;
+ }
+
+ @Override
+ public char[] providePIN(PINSpec spec, int retries)
+ throws CancelledException, InterruptedException {
+ provided++;
+ return pin;
+ }
+
+ public int getProvided() {
+ return provided;
+ }
+
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSAppl.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSAppl.java
new file mode 100644
index 00000000..62528e6e
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSAppl.java
@@ -0,0 +1,72 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
+import java.util.Arrays;
+import java.util.Iterator;
+
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.AbstractAppl;
+import at.gv.egiz.smcc.CardAppl;
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public abstract class STARCOSAppl extends AbstractAppl implements CardAppl {
+
+ public static byte[] AID_SichereSignatur = new byte[] { (byte) 0xD0, (byte) 0x40,
+ (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x12, (byte) 0x01 };
+
+ public static byte[] FID_SichereSignatur = new byte[] { (byte) 0x3F, (byte) 0x04 };
+
+ public static byte[] AID_Infobox = new byte[] { (byte) 0xD0, (byte) 0x40,
+ (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x18, (byte) 0x01 };
+
+ public static byte[] FID_Infobox = new byte[] { (byte) 0x3F, (byte) 0x06 };
+
+ public static byte[] AID_GewoehnlicheSignatur = new byte[] { (byte) 0xD0, (byte) 0x40,
+ (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x13, (byte) 0x01 };
+
+ public static byte[] FID_GewoehnlicheSignatur = new byte[] { (byte) 0x3F, (byte) 0x05 };
+
+ protected STARCOSCardChannelEmul channel;
+
+ protected byte[] securityEnv;
+
+ protected byte[] hash;
+
+ public STARCOSAppl(STARCOSCardChannelEmul channel) {
+ this.channel = channel;
+ }
+
+ @Override
+ public ResponseAPDU cmdINTERNAL_AUTHENTICATE(CommandAPDU command, CardChannelEmul channel) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6D, (byte) 0x00});
+ }
+
+ @Override
+ public void leaveApplContext() {
+ Iterator<PIN> pin = pins.values().iterator();
+ while (pin.hasNext()) {
+ pin.next().state = PIN.STATE_RESET;
+ }
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplGewoehnlicheSignatur.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplGewoehnlicheSignatur.java
new file mode 100644
index 00000000..8741dd2d
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplGewoehnlicheSignatur.java
@@ -0,0 +1,349 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import java.util.Arrays;
+import java.util.Random;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public class STARCOSApplGewoehnlicheSignatur extends STARCOSAppl {
+
+ private static byte[] FCI = new byte[] { (byte) 0x6f, (byte) 0x14,
+ (byte) 0x84, (byte) 0x08, (byte) 0xd0, (byte) 0x40, (byte) 0x00,
+ (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x13, (byte) 0x01,
+ (byte) 0xa5, (byte) 0x08, (byte) 0x53, (byte) 0x02, (byte) 0x01,
+ (byte) 0x10, (byte) 0x54, (byte) 0x02, (byte) 0x01, (byte) 0x00 };
+
+ protected static byte[] FID_EF_C_X509_CH_AUT = new byte[] { (byte) 0x2f,
+ (byte) 0x01 };
+
+ protected static byte[] FCI_EF_C_X509_CH_AUT = new byte[] { (byte) 0x62,
+ (byte) 0x16, (byte) 0x80, (byte) 0x02, (byte) 0x04, (byte) 0x9c,
+ (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x83, (byte) 0x02,
+ (byte) 0x2f, (byte) 0x01, (byte) 0x88, (byte) 0x01, (byte) 0x08,
+ (byte) 0x8a, (byte) 0x01, (byte) 0x05, (byte) 0xa1, (byte) 0x03,
+ (byte) 0x8b, (byte) 0x01, (byte) 0x08 };
+
+ protected static byte[] C_X509_CH_AUT = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x04, (byte) 0x98, (byte) 0x30, (byte) 0x82, (byte) 0x03, (byte) 0x80,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x02, (byte) 0x02, (byte) 0x03, (byte) 0x02,
+ (byte) 0x06, (byte) 0x5f, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0x95, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41,
+ (byte) 0x54, (byte) 0x31, (byte) 0x48, (byte) 0x30, (byte) 0x46, (byte) 0x06, (byte) 0x03, (byte) 0x55,
+ (byte) 0x04, (byte) 0x0a, (byte) 0x0c, (byte) 0x3f, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x73, (byte) 0x2e,
+ (byte) 0x20, (byte) 0x66, (byte) 0x2e, (byte) 0x20, (byte) 0x53, (byte) 0x69, (byte) 0x63, (byte) 0x68,
+ (byte) 0x65, (byte) 0x72, (byte) 0x68, (byte) 0x65, (byte) 0x69, (byte) 0x74, (byte) 0x73, (byte) 0x73,
+ (byte) 0x79, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x6d, (byte) 0x65, (byte) 0x20, (byte) 0x69,
+ (byte) 0x6d, (byte) 0x20, (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6b, (byte) 0x74, (byte) 0x72,
+ (byte) 0x2e, (byte) 0x20, (byte) 0x44, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x6e, (byte) 0x76,
+ (byte) 0x65, (byte) 0x72, (byte) 0x6b, (byte) 0x65, (byte) 0x68, (byte) 0x72, (byte) 0x20, (byte) 0x47,
+ (byte) 0x6d, (byte) 0x62, (byte) 0x48, (byte) 0x31, (byte) 0x1d, (byte) 0x30, (byte) 0x1b, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0b, (byte) 0x0c, (byte) 0x14, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x6f, (byte) 0x6b,
+ (byte) 0x65, (byte) 0x6e, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d,
+ (byte) 0x30, (byte) 0x33, (byte) 0x31, (byte) 0x1d, (byte) 0x30, (byte) 0x1b, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x04, (byte) 0x03, (byte) 0x0c, (byte) 0x14, (byte) 0x61, (byte) 0x2d, (byte) 0x73,
+ (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x6f, (byte) 0x6b, (byte) 0x65,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x33, (byte) 0x30, (byte) 0x1e, (byte) 0x17, (byte) 0x0d, (byte) 0x30, (byte) 0x39, (byte) 0x30,
+ (byte) 0x33, (byte) 0x30, (byte) 0x36, (byte) 0x31, (byte) 0x35, (byte) 0x32, (byte) 0x32, (byte) 0x33,
+ (byte) 0x38, (byte) 0x5a, (byte) 0x17, (byte) 0x0d, (byte) 0x31, (byte) 0x32, (byte) 0x30, (byte) 0x33,
+ (byte) 0x30, (byte) 0x36, (byte) 0x31, (byte) 0x35, (byte) 0x32, (byte) 0x32, (byte) 0x33, (byte) 0x38,
+ (byte) 0x5a, (byte) 0x30, (byte) 0x72, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x54,
+ (byte) 0x31, (byte) 0x20, (byte) 0x30, (byte) 0x1e, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x03, (byte) 0x0c, (byte) 0x17, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0xc5, (byte) 0x90,
+ (byte) 0x7a, (byte) 0x67, (byte) 0xc3, (byte) 0xbc, (byte) 0x72, (byte) 0x20, (byte) 0x58, (byte) 0x58,
+ (byte) 0x58, (byte) 0x54, (byte) 0xc3, (byte) 0xbc, (byte) 0x7a, (byte) 0x65, (byte) 0x6b, (byte) 0xc3,
+ (byte) 0xa7, (byte) 0x69, (byte) 0x31, (byte) 0x15, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x04, (byte) 0x04, (byte) 0x0c, (byte) 0x0c, (byte) 0x58, (byte) 0x58, (byte) 0x58,
+ (byte) 0x54, (byte) 0xc3, (byte) 0xbc, (byte) 0x7a, (byte) 0x65, (byte) 0x6b, (byte) 0xc3, (byte) 0xa7,
+ (byte) 0x69, (byte) 0x31, (byte) 0x13, (byte) 0x30, (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55,
+ (byte) 0x04, (byte) 0x2a, (byte) 0x0c, (byte) 0x0a, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0xc5,
+ (byte) 0x90, (byte) 0x7a, (byte) 0x67, (byte) 0xc3, (byte) 0xbc, (byte) 0x72, (byte) 0x31, (byte) 0x15,
+ (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x05, (byte) 0x13,
+ (byte) 0x0c, (byte) 0x37, (byte) 0x30, (byte) 0x34, (byte) 0x38, (byte) 0x37, (byte) 0x31, (byte) 0x30,
+ (byte) 0x35, (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x38, (byte) 0x30, (byte) 0x49, (byte) 0x30,
+ (byte) 0x13, (byte) 0x06, (byte) 0x07, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0xce, (byte) 0x3d,
+ (byte) 0x02, (byte) 0x01, (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0xce,
+ (byte) 0x3d, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0x03, (byte) 0x32, (byte) 0x00, (byte) 0x04,
+ (byte) 0x02, (byte) 0x55, (byte) 0x51, (byte) 0xf9, (byte) 0x2a, (byte) 0xea, (byte) 0x6f, (byte) 0xd3,
+ (byte) 0xf5, (byte) 0xda, (byte) 0xa9, (byte) 0x7a, (byte) 0x22, (byte) 0xfc, (byte) 0xb4, (byte) 0x38,
+ (byte) 0xe9, (byte) 0x5c, (byte) 0xdc, (byte) 0x6b, (byte) 0x86, (byte) 0xa6, (byte) 0x77, (byte) 0xa7,
+ (byte) 0x90, (byte) 0xf3, (byte) 0x36, (byte) 0xe0, (byte) 0xc4, (byte) 0xde, (byte) 0x72, (byte) 0xf2,
+ (byte) 0x1a, (byte) 0x07, (byte) 0xfa, (byte) 0xd0, (byte) 0xc8, (byte) 0x1c, (byte) 0xa0, (byte) 0xc8,
+ (byte) 0x8b, (byte) 0x5d, (byte) 0xde, (byte) 0x9e, (byte) 0xf8, (byte) 0x3b, (byte) 0x7c, (byte) 0x8c,
+ (byte) 0xa3, (byte) 0x82, (byte) 0x01, (byte) 0xec, (byte) 0x30, (byte) 0x82, (byte) 0x01, (byte) 0xe8,
+ (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x23, (byte) 0x04,
+ (byte) 0x0c, (byte) 0x30, (byte) 0x0a, (byte) 0x80, (byte) 0x08, (byte) 0x47, (byte) 0x7e, (byte) 0x5b,
+ (byte) 0xdb, (byte) 0x37, (byte) 0x33, (byte) 0xb1, (byte) 0xfa, (byte) 0x30, (byte) 0x7e, (byte) 0x06,
+ (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x01,
+ (byte) 0x01, (byte) 0x04, (byte) 0x72, (byte) 0x30, (byte) 0x70, (byte) 0x30, (byte) 0x2c, (byte) 0x06,
+ (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30,
+ (byte) 0x01, (byte) 0x86, (byte) 0x20, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a,
+ (byte) 0x2f, (byte) 0x2f, (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x70, (byte) 0x2d, (byte) 0x74,
+ (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f,
+ (byte) 0x63, (byte) 0x73, (byte) 0x70, (byte) 0x30, (byte) 0x40, (byte) 0x06, (byte) 0x08, (byte) 0x2b,
+ (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30, (byte) 0x02, (byte) 0x86,
+ (byte) 0x34, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x63,
+ (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x73, (byte) 0x2f, (byte) 0x61, (byte) 0x2d, (byte) 0x73,
+ (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x6f, (byte) 0x6b, (byte) 0x65,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x33, (byte) 0x2e, (byte) 0x63, (byte) 0x72, (byte) 0x74, (byte) 0x30, (byte) 0x81, (byte) 0x86,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x20, (byte) 0x04, (byte) 0x7f, (byte) 0x30,
+ (byte) 0x7d, (byte) 0x30, (byte) 0x7b, (byte) 0x06, (byte) 0x06, (byte) 0x2a, (byte) 0x28, (byte) 0x00,
+ (byte) 0x11, (byte) 0x01, (byte) 0x03, (byte) 0x30, (byte) 0x71, (byte) 0x30, (byte) 0x35, (byte) 0x06,
+ (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02,
+ (byte) 0x01, (byte) 0x16, (byte) 0x29, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a,
+ (byte) 0x2f, (byte) 0x2f, (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74,
+ (byte) 0x2f, (byte) 0x64, (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x2f, (byte) 0x63, (byte) 0x70,
+ (byte) 0x2f, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d,
+ (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x30, (byte) 0x38, (byte) 0x06, (byte) 0x08,
+ (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x02,
+ (byte) 0x30, (byte) 0x2c, (byte) 0x1a, (byte) 0x2a, (byte) 0x44, (byte) 0x69, (byte) 0x65, (byte) 0x73,
+ (byte) 0x65, (byte) 0x73, (byte) 0x20, (byte) 0x5a, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69,
+ (byte) 0x66, (byte) 0x69, (byte) 0x6b, (byte) 0x61, (byte) 0x74, (byte) 0x20, (byte) 0x64, (byte) 0x69,
+ (byte) 0x65, (byte) 0x6e, (byte) 0x74, (byte) 0x20, (byte) 0x6e, (byte) 0x75, (byte) 0x72, (byte) 0x20,
+ (byte) 0x7a, (byte) 0x75, (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x7a,
+ (byte) 0x77, (byte) 0x65, (byte) 0x63, (byte) 0x6b, (byte) 0x65, (byte) 0x6e, (byte) 0x30, (byte) 0x81,
+ (byte) 0x99, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x1f, (byte) 0x04, (byte) 0x81,
+ (byte) 0x91, (byte) 0x30, (byte) 0x81, (byte) 0x8e, (byte) 0x30, (byte) 0x81, (byte) 0x8b, (byte) 0xa0,
+ (byte) 0x81, (byte) 0x88, (byte) 0xa0, (byte) 0x81, (byte) 0x85, (byte) 0x86, (byte) 0x81, (byte) 0x82,
+ (byte) 0x6c, (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x6c,
+ (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f, (byte) 0x75, (byte) 0x3d, (byte) 0x61,
+ (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x6f,
+ (byte) 0x6b, (byte) 0x65, (byte) 0x6e, (byte) 0x2d, (byte) 0x30, (byte) 0x33, (byte) 0x2c, (byte) 0x6f,
+ (byte) 0x3d, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2c, (byte) 0x63, (byte) 0x3d, (byte) 0x41, (byte) 0x54, (byte) 0x3f, (byte) 0x63, (byte) 0x65,
+ (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61, (byte) 0x74,
+ (byte) 0x65, (byte) 0x72, (byte) 0x65, (byte) 0x76, (byte) 0x6f, (byte) 0x63, (byte) 0x61, (byte) 0x74,
+ (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x6c, (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x3f,
+ (byte) 0x62, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x3f, (byte) 0x6f, (byte) 0x62, (byte) 0x6a,
+ (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x63, (byte) 0x6c, (byte) 0x61, (byte) 0x73, (byte) 0x73,
+ (byte) 0x3d, (byte) 0x65, (byte) 0x69, (byte) 0x64, (byte) 0x43, (byte) 0x65, (byte) 0x72, (byte) 0x74,
+ (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x69, (byte) 0x6f,
+ (byte) 0x6e, (byte) 0x41, (byte) 0x75, (byte) 0x74, (byte) 0x68, (byte) 0x6f, (byte) 0x72, (byte) 0x69,
+ (byte) 0x74, (byte) 0x79, (byte) 0x30, (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d,
+ (byte) 0x0e, (byte) 0x04, (byte) 0x0a, (byte) 0x04, (byte) 0x08, (byte) 0x4a, (byte) 0x43, (byte) 0x51,
+ (byte) 0x30, (byte) 0x45, (byte) 0xfc, (byte) 0x2a, (byte) 0x00, (byte) 0x30, (byte) 0x0e, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0f, (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x04,
+ (byte) 0x04, (byte) 0x03, (byte) 0x02, (byte) 0x04, (byte) 0xb0, (byte) 0x30, (byte) 0x09, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x02, (byte) 0x30, (byte) 0x00,
+ (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
+ (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x03,
+ (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x31, (byte) 0xdc, (byte) 0xf3, (byte) 0x43,
+ (byte) 0x79, (byte) 0xdd, (byte) 0xa9, (byte) 0x2a, (byte) 0xdc, (byte) 0x21, (byte) 0xf9, (byte) 0xd9,
+ (byte) 0x8f, (byte) 0x9a, (byte) 0x4e, (byte) 0x01, (byte) 0x40, (byte) 0x9a, (byte) 0xf1, (byte) 0x14,
+ (byte) 0x8d, (byte) 0x3a, (byte) 0x5e, (byte) 0x88, (byte) 0x36, (byte) 0x45, (byte) 0x1f, (byte) 0x16,
+ (byte) 0x3e, (byte) 0xeb, (byte) 0xa2, (byte) 0xef, (byte) 0xbf, (byte) 0x55, (byte) 0xbd, (byte) 0x5e,
+ (byte) 0x0e, (byte) 0x19, (byte) 0xc7, (byte) 0x0c, (byte) 0xbd, (byte) 0xed, (byte) 0xdf, (byte) 0xb8,
+ (byte) 0x75, (byte) 0x4e, (byte) 0x6a, (byte) 0x3a, (byte) 0x9a, (byte) 0x10, (byte) 0xfa, (byte) 0x49,
+ (byte) 0xc1, (byte) 0xd2, (byte) 0x35, (byte) 0xc5, (byte) 0x9a, (byte) 0xd7, (byte) 0xf4, (byte) 0xf0,
+ (byte) 0xcd, (byte) 0x13, (byte) 0xd1, (byte) 0x24, (byte) 0x06, (byte) 0xf8, (byte) 0x1f, (byte) 0xea,
+ (byte) 0xd6, (byte) 0x7a, (byte) 0xcb, (byte) 0x4f, (byte) 0xb5, (byte) 0x3e, (byte) 0x6c, (byte) 0xb2,
+ (byte) 0xfc, (byte) 0xe3, (byte) 0xaa, (byte) 0x2b, (byte) 0x20, (byte) 0x91, (byte) 0xf5, (byte) 0x5b,
+ (byte) 0xf1, (byte) 0x94, (byte) 0x0e, (byte) 0x06, (byte) 0x0a, (byte) 0xfd, (byte) 0x25, (byte) 0x71,
+ (byte) 0x11, (byte) 0xfc, (byte) 0x84, (byte) 0x46, (byte) 0xef, (byte) 0x5b, (byte) 0x0b, (byte) 0xa4,
+ (byte) 0x4a, (byte) 0x5d, (byte) 0x42, (byte) 0x99, (byte) 0xc8, (byte) 0x4e, (byte) 0x51, (byte) 0xd8,
+ (byte) 0x63, (byte) 0xd1, (byte) 0xbd, (byte) 0x00, (byte) 0xa3, (byte) 0xdd, (byte) 0x8f, (byte) 0x12,
+ (byte) 0x42, (byte) 0xbe, (byte) 0xca, (byte) 0x15, (byte) 0x37, (byte) 0x4c, (byte) 0xd2, (byte) 0xc9,
+ (byte) 0xa7, (byte) 0x37, (byte) 0xb2, (byte) 0x76, (byte) 0xb7, (byte) 0x34, (byte) 0x92, (byte) 0x98,
+ (byte) 0x60, (byte) 0xe7, (byte) 0x3d, (byte) 0x55, (byte) 0xa2, (byte) 0x6c, (byte) 0xb6, (byte) 0x66,
+ (byte) 0x67, (byte) 0xe1, (byte) 0xe4, (byte) 0x8f, (byte) 0xe3, (byte) 0xa5, (byte) 0xb8, (byte) 0xb5,
+ (byte) 0xc8, (byte) 0x8f, (byte) 0x9e, (byte) 0xe3, (byte) 0xf1, (byte) 0xaa, (byte) 0x8e, (byte) 0xe6,
+ (byte) 0xe2, (byte) 0x47, (byte) 0x49, (byte) 0x3d, (byte) 0xbe, (byte) 0x8c, (byte) 0xdd, (byte) 0xce,
+ (byte) 0x8d, (byte) 0x52, (byte) 0xac, (byte) 0xb9, (byte) 0x83, (byte) 0xe9, (byte) 0x9d, (byte) 0x98,
+ (byte) 0x7b, (byte) 0xda, (byte) 0x2b, (byte) 0xbc, (byte) 0x83, (byte) 0xcb, (byte) 0x74, (byte) 0x64,
+ (byte) 0x17, (byte) 0x4c, (byte) 0x33, (byte) 0xbb, (byte) 0x88, (byte) 0xc2, (byte) 0xdd, (byte) 0x08,
+ (byte) 0x69, (byte) 0xd8, (byte) 0xa2, (byte) 0xac, (byte) 0x95, (byte) 0x71, (byte) 0xd3, (byte) 0xf8,
+ (byte) 0xc9, (byte) 0xd1, (byte) 0xd6, (byte) 0x0e, (byte) 0xc3, (byte) 0x67, (byte) 0xa1, (byte) 0xdb,
+ (byte) 0xca, (byte) 0x58, (byte) 0xaa, (byte) 0x4b, (byte) 0xec, (byte) 0x37, (byte) 0x46, (byte) 0x73,
+ (byte) 0xc3, (byte) 0xa3, (byte) 0x7b, (byte) 0x1e, (byte) 0xdd, (byte) 0xf9, (byte) 0xb3, (byte) 0xbb,
+ (byte) 0xe0, (byte) 0x16, (byte) 0x39, (byte) 0xaf, (byte) 0xa0, (byte) 0x19, (byte) 0x9e, (byte) 0x89,
+ (byte) 0x37, (byte) 0x1e, (byte) 0x6e, (byte) 0x41, (byte) 0x59, (byte) 0xe1, (byte) 0x86, (byte) 0xea,
+ (byte) 0x0b, (byte) 0x39, (byte) 0x03, (byte) 0x89, (byte) 0xd2, (byte) 0xba, (byte) 0xd5, (byte) 0x0c,
+ (byte) 0x84, (byte) 0x09, (byte) 0xdd, (byte) 0xc7, (byte) 0x00, (byte) 0x2c, (byte) 0x2e, (byte) 0x1a,
+ (byte) 0x69, (byte) 0xeb, (byte) 0xdf, (byte) 0xb1
+ };
+
+
+ protected byte[] EF_C_X509_CH_AUT = new byte[2000];
+
+ protected byte[] dst;
+
+ public static final byte[] DST = new byte[] { (byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00, (byte) 0x89, (byte) 0x03, (byte) 0x13, (byte) 0x35, (byte) 0x10};
+ public static final byte[] DST_G3 = new byte[] { (byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00, (byte) 0x80, (byte) 0x01, (byte) 0x04 };
+
+ public STARCOSApplGewoehnlicheSignatur(STARCOSCardChannelEmul channel, byte[] dst) {
+ super(channel);
+ // Files
+ System.arraycopy(C_X509_CH_AUT, 0, EF_C_X509_CH_AUT, 0, C_X509_CH_AUT.length);
+ putFile(new File(FID_EF_C_X509_CH_AUT, EF_C_X509_CH_AUT, FCI_EF_C_X509_CH_AUT));
+ this.dst = dst;
+ }
+
+ @Override
+ public byte[] getAID() {
+ return AID_GewoehnlicheSignatur;
+ }
+
+ @Override
+ public byte[] getFID() {
+ return FID_GewoehnlicheSignatur;
+ }
+
+ @Override
+ public byte[] getFCI() {
+ return FCI;
+ }
+
+ public void clearCert() {
+ Arrays.fill(EF_C_X509_CH_AUT, (byte) 0x00);
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41:
+ // INTERNAL AUTHENTICATE
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xAA:
+ switch (command.getP1()) {
+ case 0x41:
+ if (Arrays.equals(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x10}, command.getData())) {
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41: {
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ if (Arrays.equals(dst, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ }
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x2A);
+
+ if (command.getP1() == 0x90 && command.getP2() == 0xA0) {
+
+ // HASH
+ byte[] data = command.getData();
+ if (data[0] == (byte) 0x90 && data[1] == (byte) 0x14) {
+ hash = Arrays.copyOfRange(data, 2, data.length);
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ throw new CardException("HASH command only supports complete hash.");
+ }
+
+ } else if (command.getP1() == 0x9E && command.getP2() == 0x9A) {
+
+ // COMPUTE DIGITAL SIGNATURE
+ if (securityEnv == null) {
+ // No security environment
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ if (hash == null) {
+ // Command sequence not correct
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x03});
+ }
+ if (hash.length != 20) {
+ // Invalid hash length
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ STARCOSCardChannelEmul c = (STARCOSCardChannelEmul) channel;
+ if (c.globalPins.get(STARCOSCardChannelEmul.KID_PIN_Glob).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] signature = new byte[48];
+
+ // TODO replace by signature creation
+ Random random = new Random();
+ random.nextBytes(signature);
+
+ byte[] response = new byte[signature.length + 2];
+ System.arraycopy(signature, 0, response, 0, signature.length);
+ response[signature.length] = (byte) 0x90;
+ response[signature.length + 1] = (byte) 0x00;
+
+ hash = null;
+
+ return new ResponseAPDU(response);
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ @Override
+ public void setPin(int kid, char[] value) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplInfobox.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplInfobox.java
new file mode 100644
index 00000000..c470351a
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplInfobox.java
@@ -0,0 +1,165 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import java.util.Arrays;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+
+@SuppressWarnings("restriction")
+public class STARCOSApplInfobox extends STARCOSAppl {
+
+ public static final byte[] IDLINK = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x11, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x0c,
+ (byte) 0x26, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x7a,
+ (byte) 0x6d, (byte) 0x72, (byte) 0x2f, (byte) 0x70, (byte) 0x65, (byte) 0x72, (byte) 0x73, (byte) 0x62,
+ (byte) 0x32, (byte) 0x30, (byte) 0x34, (byte) 0x2e, (byte) 0x78, (byte) 0x73, (byte) 0x6c, (byte) 0x0c,
+ (byte) 0x29, (byte) 0x73, (byte) 0x7a, (byte) 0x72, (byte) 0x2e, (byte) 0x62, (byte) 0x6d, (byte) 0x69,
+ (byte) 0x2e, (byte) 0x67, (byte) 0x76, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2d, (byte) 0x41,
+ (byte) 0x73, (byte) 0x73, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e,
+ (byte) 0x49, (byte) 0x44, (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x36, (byte) 0x33, (byte) 0x35,
+ (byte) 0x36, (byte) 0x33, (byte) 0x36, (byte) 0x36, (byte) 0x37, (byte) 0x39, (byte) 0x39, (byte) 0x39,
+ (byte) 0x31, (byte) 0x39, (byte) 0x0c, (byte) 0x19, (byte) 0x32, (byte) 0x30, (byte) 0x30, (byte) 0x39,
+ (byte) 0x2d, (byte) 0x30, (byte) 0x33, (byte) 0x2d, (byte) 0x30, (byte) 0x36, (byte) 0x54, (byte) 0x31,
+ (byte) 0x36, (byte) 0x3a, (byte) 0x31, (byte) 0x39, (byte) 0x3a, (byte) 0x32, (byte) 0x36, (byte) 0x2b,
+ (byte) 0x30, (byte) 0x31, (byte) 0x3a, (byte) 0x30, (byte) 0x30, (byte) 0xa0, (byte) 0x42, (byte) 0x30,
+ (byte) 0x40, (byte) 0x0c, (byte) 0x18, (byte) 0x45, (byte) 0x68, (byte) 0x42, (byte) 0x53, (byte) 0x36,
+ (byte) 0x54, (byte) 0x6f, (byte) 0x31, (byte) 0x49, (byte) 0x6c, (byte) 0x54, (byte) 0x4b, (byte) 0x4f,
+ (byte) 0x4a, (byte) 0x45, (byte) 0x39, (byte) 0x75, (byte) 0x62, (byte) 0x74, (byte) 0x48, (byte) 0x69,
+ (byte) 0x51, (byte) 0x3d, (byte) 0x3d, (byte) 0x0c, (byte) 0x0a, (byte) 0x58, (byte) 0x58, (byte) 0x58,
+ (byte) 0xc5, (byte) 0x90, (byte) 0x7a, (byte) 0x67, (byte) 0xc3, (byte) 0xbc, (byte) 0x72, (byte) 0x0c,
+ (byte) 0x0c, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x54, (byte) 0xc3, (byte) 0xbc, (byte) 0x7a,
+ (byte) 0x65, (byte) 0x6b, (byte) 0xc3, (byte) 0xa7, (byte) 0x69, (byte) 0x0c, (byte) 0x0a, (byte) 0x31,
+ (byte) 0x39, (byte) 0x37, (byte) 0x33, (byte) 0x2d, (byte) 0x30, (byte) 0x36, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x34, (byte) 0x30, (byte) 0x0a, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x00,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x03, (byte) 0x82, (byte) 0x01,
+ (byte) 0x01, (byte) 0x00, (byte) 0x9f, (byte) 0xa5, (byte) 0x68, (byte) 0xa9, (byte) 0x14, (byte) 0x4c,
+ (byte) 0xa4, (byte) 0x5d, (byte) 0x9d, (byte) 0x09, (byte) 0x99, (byte) 0x2e, (byte) 0xe7, (byte) 0x45,
+ (byte) 0x2e, (byte) 0x42, (byte) 0x49, (byte) 0x02, (byte) 0x16, (byte) 0xd9, (byte) 0xcb, (byte) 0x90,
+ (byte) 0x43, (byte) 0x27, (byte) 0x03, (byte) 0x43, (byte) 0x6d, (byte) 0xb4, (byte) 0x8c, (byte) 0xdc,
+ (byte) 0x1c, (byte) 0x77, (byte) 0xd4, (byte) 0x2e, (byte) 0xa1, (byte) 0x40, (byte) 0xe7, (byte) 0xe0,
+ (byte) 0x03, (byte) 0x60, (byte) 0x15, (byte) 0xf7, (byte) 0xdb, (byte) 0x03, (byte) 0x5e, (byte) 0xca,
+ (byte) 0xe4, (byte) 0x35, (byte) 0xba, (byte) 0x2b, (byte) 0xfd, (byte) 0xe6, (byte) 0xb8, (byte) 0xd8,
+ (byte) 0xb7, (byte) 0x2a, (byte) 0x80, (byte) 0xdd, (byte) 0x38, (byte) 0xe0, (byte) 0x8a, (byte) 0x69,
+ (byte) 0xad, (byte) 0x67, (byte) 0x60, (byte) 0x65, (byte) 0x42, (byte) 0xc9, (byte) 0x41, (byte) 0x60,
+ (byte) 0x94, (byte) 0xde, (byte) 0x84, (byte) 0x54, (byte) 0xad, (byte) 0xb3, (byte) 0xf4, (byte) 0xf7,
+ (byte) 0x44, (byte) 0xd5, (byte) 0xf3, (byte) 0xd3, (byte) 0xb6, (byte) 0x87, (byte) 0x8a, (byte) 0x22,
+ (byte) 0x38, (byte) 0x00, (byte) 0xcb, (byte) 0xa4, (byte) 0x4f, (byte) 0x96, (byte) 0xc2, (byte) 0x28,
+ (byte) 0xc2, (byte) 0x8d, (byte) 0x91, (byte) 0x95, (byte) 0xb4, (byte) 0xea, (byte) 0x00, (byte) 0x59,
+ (byte) 0x2e, (byte) 0xec, (byte) 0x78, (byte) 0xd8, (byte) 0x0f, (byte) 0x26, (byte) 0x04, (byte) 0xee,
+ (byte) 0xed, (byte) 0x13, (byte) 0xbf, (byte) 0x81, (byte) 0x68, (byte) 0x81, (byte) 0x43, (byte) 0xbe,
+ (byte) 0x15, (byte) 0x0e, (byte) 0xba, (byte) 0xf9, (byte) 0x6a, (byte) 0x18, (byte) 0xeb, (byte) 0x95,
+ (byte) 0xad, (byte) 0xb4, (byte) 0x0f, (byte) 0x3c, (byte) 0x94, (byte) 0x63, (byte) 0x32, (byte) 0x81,
+ (byte) 0x90, (byte) 0xcf, (byte) 0x3f, (byte) 0x95, (byte) 0xff, (byte) 0x8d, (byte) 0x86, (byte) 0xed,
+ (byte) 0xe4, (byte) 0x75, (byte) 0xd5, (byte) 0x09, (byte) 0x32, (byte) 0x17, (byte) 0x38, (byte) 0xb2,
+ (byte) 0x68, (byte) 0x35, (byte) 0x49, (byte) 0x8c, (byte) 0xa6, (byte) 0xd0, (byte) 0x3e, (byte) 0xde,
+ (byte) 0x6e, (byte) 0x47, (byte) 0x68, (byte) 0xbf, (byte) 0x98, (byte) 0x33, (byte) 0xae, (byte) 0x59,
+ (byte) 0x9f, (byte) 0xe0, (byte) 0x19, (byte) 0x9b, (byte) 0x5b, (byte) 0x1b, (byte) 0x8f, (byte) 0x74,
+ (byte) 0xd2, (byte) 0x9c, (byte) 0x01, (byte) 0x1a, (byte) 0xdf, (byte) 0xaf, (byte) 0xf8, (byte) 0x96,
+ (byte) 0x91, (byte) 0xcb, (byte) 0xf8, (byte) 0xbf, (byte) 0x06, (byte) 0xc7, (byte) 0xd5, (byte) 0x17,
+ (byte) 0x95, (byte) 0xef, (byte) 0xc5, (byte) 0x97, (byte) 0x37, (byte) 0x1b, (byte) 0xb0, (byte) 0xa1,
+ (byte) 0x4f, (byte) 0x9f, (byte) 0x01, (byte) 0x82, (byte) 0x90, (byte) 0x4a, (byte) 0x6a, (byte) 0x04,
+ (byte) 0xdb, (byte) 0x31, (byte) 0x1a, (byte) 0x58, (byte) 0xeb, (byte) 0xcd, (byte) 0x68, (byte) 0xe3,
+ (byte) 0x68, (byte) 0x0b, (byte) 0xa0, (byte) 0x11, (byte) 0x44, (byte) 0x08, (byte) 0xa0, (byte) 0x5c,
+ (byte) 0xfc, (byte) 0x61, (byte) 0x15, (byte) 0x1f, (byte) 0xbb, (byte) 0x22, (byte) 0x87, (byte) 0x18,
+ (byte) 0xa3, (byte) 0x07, (byte) 0x9b, (byte) 0x0d, (byte) 0x13, (byte) 0x7c, (byte) 0xff, (byte) 0x30,
+ (byte) 0xcf, (byte) 0xf3, (byte) 0xaf, (byte) 0xe4, (byte) 0x45, (byte) 0x05, (byte) 0xa0, (byte) 0x8e,
+ (byte) 0x6b, (byte) 0xef, (byte) 0x70, (byte) 0xf5, (byte) 0x4b, (byte) 0x68, (byte) 0x8f, (byte) 0x61,
+ (byte) 0xd6, (byte) 0xf5, (byte) 0xa0, (byte) 0x17, (byte) 0x03, (byte) 0x15, (byte) 0x00, (byte) 0x8e,
+ (byte) 0xa8, (byte) 0xdf, (byte) 0xa9, (byte) 0x77, (byte) 0xfd, (byte) 0x9b, (byte) 0x4b, (byte) 0x91,
+ (byte) 0x89, (byte) 0x34, (byte) 0x84, (byte) 0xf3, (byte) 0x24, (byte) 0xb2, (byte) 0x5a, (byte) 0x39,
+ (byte) 0xa9, (byte) 0xf2, (byte) 0x17, (byte) 0xa1, (byte) 0x17, (byte) 0x03, (byte) 0x15, (byte) 0x00,
+ (byte) 0xdb, (byte) 0xa2, (byte) 0xfd, (byte) 0xa4, (byte) 0xe7, (byte) 0x65, (byte) 0x2e, (byte) 0x7e,
+ (byte) 0xb0, (byte) 0xc8, (byte) 0xfa, (byte) 0x4d, (byte) 0x13, (byte) 0x28, (byte) 0xdf, (byte) 0xb1,
+ (byte) 0x58, (byte) 0x3b, (byte) 0x9e, (byte) 0x29, (byte) 0xa2, (byte) 0x17, (byte) 0x03, (byte) 0x15,
+ (byte) 0x00, (byte) 0x68, (byte) 0xa0, (byte) 0x17, (byte) 0x18, (byte) 0xb7, (byte) 0xb3, (byte) 0xc3,
+ (byte) 0x60, (byte) 0x77, (byte) 0x82, (byte) 0x8d, (byte) 0xf1, (byte) 0x5e, (byte) 0x10, (byte) 0xc3,
+ (byte) 0x2d, (byte) 0x78, (byte) 0x2c, (byte) 0x11, (byte) 0x0b
+ };
+
+ private static byte[] FCP = new byte[] { (byte) 0x6f, (byte) 0x14,
+ (byte) 0x84, (byte) 0x08, (byte) 0xd0, (byte) 0x40, (byte) 0x00,
+ (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x18, (byte) 0x01,
+ (byte) 0xa5, (byte) 0x08, (byte) 0x53, (byte) 0x02, (byte) 0x01,
+ (byte) 0x11, (byte) 0x54, (byte) 0x02, (byte) 0x01, (byte) 0x00 };
+
+ protected static byte[] FID_EF_IdentityLink = new byte[] { (byte) 0xef, (byte) 0x01 };
+
+ protected static byte[] FCP_EF_IdentityLink = new byte[] { (byte) 0x62,
+ (byte) 0x16, (byte) 0x80, (byte) 0x02, (byte) 0x04, (byte) 0x00,
+ (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x83, (byte) 0x02,
+ (byte) 0xef, (byte) 0x01, (byte) 0x88, (byte) 0x01, (byte) 0x08,
+ (byte) 0x8a, (byte) 0x01, (byte) 0x05, (byte) 0xa1, (byte) 0x03,
+ (byte) 0x8b, (byte) 0x01, (byte) 0x02 };
+
+ protected static byte[] EF_IdentityLink = new byte[1500];
+
+ public STARCOSApplInfobox(STARCOSCardChannelEmul channel) {
+ super(channel);
+ System.arraycopy(IDLINK, 0, EF_IdentityLink, 0, IDLINK.length);
+ putFile(new File(FID_EF_IdentityLink, EF_IdentityLink, FCP_EF_IdentityLink, 0x01));
+ }
+
+ @Override
+ public byte[] getAID() {
+ return AID_Infobox;
+ }
+
+ @Override
+ public byte[] getFID() {
+ return FID_Infobox;
+ }
+
+ @Override
+ public byte[] getFCI() {
+ return FCP;
+ }
+
+ public void clearInfobox() {
+ Arrays.fill(EF_IdentityLink, (byte) 0x00);
+ }
+
+ public void setInfoboxHeader(byte b) {
+ EF_IdentityLink[0] = b;
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel)
+ throws CardException {
+ throw new CardException("Not supported.");
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel)
+ throws CardException {
+ throw new CardException("Not supported.");
+ }
+
+ @Override
+ public void setPin(int kid, char[] value) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplSichereSignatur.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplSichereSignatur.java
new file mode 100644
index 00000000..4036ca41
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSApplSichereSignatur.java
@@ -0,0 +1,375 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+import java.util.Random;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public class STARCOSApplSichereSignatur extends STARCOSAppl {
+
+ private static byte[] FCI = new byte[] { (byte) 0x6f, (byte) 0x16,
+ (byte) 0x84, (byte) 0x08, (byte) 0xd0, (byte) 0x40, (byte) 0x00,
+ (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x12, (byte) 0x01,
+ (byte) 0xa5, (byte) 0x0a, (byte) 0x53, (byte) 0x02, (byte) 0x01,
+ (byte) 0x10, (byte) 0x54, (byte) 0x04, (byte) 0x01, (byte) 0x00,
+ (byte) 0x03, (byte) 0x00 };
+
+ protected static byte[] FID_EF_C_X509_CH_DS = new byte[] { (byte) 0xc0,
+ (byte) 0x00 };
+
+ protected static byte[] FCI_EF_C_X509_CH_DS = new byte[] { (byte) 0x62,
+ (byte) 0x16, (byte) 0x80, (byte) 0x02, (byte) 0x04, (byte) 0xef,
+ (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x83, (byte) 0x02,
+ (byte) 0xc0, (byte) 0x00, (byte) 0x88, (byte) 0x01, (byte) 0x08,
+ (byte) 0x8a, (byte) 0x01, (byte) 0x05, (byte) 0xa1, (byte) 0x03,
+ (byte) 0x8b, (byte) 0x01, (byte) 0x0e };
+
+ protected static byte[] C_X509_CH_DS = new byte[] {
+ (byte) 0x30, (byte) 0x82, (byte) 0x04, (byte) 0xeb, (byte) 0x30, (byte) 0x82, (byte) 0x03, (byte) 0xd3,
+ (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, (byte) 0x02, (byte) 0x02, (byte) 0x03, (byte) 0x02,
+ (byte) 0x06, (byte) 0x5e, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
+ (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05,
+ (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0xa1, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41,
+ (byte) 0x54, (byte) 0x31, (byte) 0x48, (byte) 0x30, (byte) 0x46, (byte) 0x06, (byte) 0x03, (byte) 0x55,
+ (byte) 0x04, (byte) 0x0a, (byte) 0x0c, (byte) 0x3f, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x73, (byte) 0x2e,
+ (byte) 0x20, (byte) 0x66, (byte) 0x2e, (byte) 0x20, (byte) 0x53, (byte) 0x69, (byte) 0x63, (byte) 0x68,
+ (byte) 0x65, (byte) 0x72, (byte) 0x68, (byte) 0x65, (byte) 0x69, (byte) 0x74, (byte) 0x73, (byte) 0x73,
+ (byte) 0x79, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x6d, (byte) 0x65, (byte) 0x20, (byte) 0x69,
+ (byte) 0x6d, (byte) 0x20, (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6b, (byte) 0x74, (byte) 0x72,
+ (byte) 0x2e, (byte) 0x20, (byte) 0x44, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x6e, (byte) 0x76,
+ (byte) 0x65, (byte) 0x72, (byte) 0x6b, (byte) 0x65, (byte) 0x68, (byte) 0x72, (byte) 0x20, (byte) 0x47,
+ (byte) 0x6d, (byte) 0x62, (byte) 0x48, (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0b, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d,
+ (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65,
+ (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2d, (byte) 0x53, (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30, (byte) 0x32,
+ (byte) 0x31, (byte) 0x23, (byte) 0x30, (byte) 0x21, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
+ (byte) 0x03, (byte) 0x0c, (byte) 0x1a, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75,
+ (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53,
+ (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x30, (byte) 0x1e, (byte) 0x17,
+ (byte) 0x0d, (byte) 0x30, (byte) 0x39, (byte) 0x30, (byte) 0x33, (byte) 0x30, (byte) 0x36, (byte) 0x31,
+ (byte) 0x35, (byte) 0x32, (byte) 0x32, (byte) 0x33, (byte) 0x37, (byte) 0x5a, (byte) 0x17, (byte) 0x0d,
+ (byte) 0x31, (byte) 0x32, (byte) 0x30, (byte) 0x33, (byte) 0x30, (byte) 0x36, (byte) 0x31, (byte) 0x35,
+ (byte) 0x32, (byte) 0x32, (byte) 0x33, (byte) 0x37, (byte) 0x5a, (byte) 0x30, (byte) 0x72, (byte) 0x31,
+ (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06,
+ (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x54, (byte) 0x31, (byte) 0x20, (byte) 0x30, (byte) 0x1e,
+ (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x03, (byte) 0x0c, (byte) 0x17, (byte) 0x58,
+ (byte) 0x58, (byte) 0x58, (byte) 0xc5, (byte) 0x90, (byte) 0x7a, (byte) 0x67, (byte) 0xc3, (byte) 0xbc,
+ (byte) 0x72, (byte) 0x20, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x54, (byte) 0xc3, (byte) 0xbc,
+ (byte) 0x7a, (byte) 0x65, (byte) 0x6b, (byte) 0xc3, (byte) 0xa7, (byte) 0x69, (byte) 0x31, (byte) 0x15,
+ (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x04, (byte) 0x0c,
+ (byte) 0x0c, (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0x54, (byte) 0xc3, (byte) 0xbc, (byte) 0x7a,
+ (byte) 0x65, (byte) 0x6b, (byte) 0xc3, (byte) 0xa7, (byte) 0x69, (byte) 0x31, (byte) 0x13, (byte) 0x30,
+ (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x2a, (byte) 0x0c, (byte) 0x0a,
+ (byte) 0x58, (byte) 0x58, (byte) 0x58, (byte) 0xc5, (byte) 0x90, (byte) 0x7a, (byte) 0x67, (byte) 0xc3,
+ (byte) 0xbc, (byte) 0x72, (byte) 0x31, (byte) 0x15, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x04, (byte) 0x05, (byte) 0x13, (byte) 0x0c, (byte) 0x37, (byte) 0x30, (byte) 0x34,
+ (byte) 0x38, (byte) 0x37, (byte) 0x31, (byte) 0x30, (byte) 0x35, (byte) 0x30, (byte) 0x30, (byte) 0x30,
+ (byte) 0x38, (byte) 0x30, (byte) 0x49, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x07, (byte) 0x2a,
+ (byte) 0x86, (byte) 0x48, (byte) 0xce, (byte) 0x3d, (byte) 0x02, (byte) 0x01, (byte) 0x06, (byte) 0x08,
+ (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0xce, (byte) 0x3d, (byte) 0x03, (byte) 0x01, (byte) 0x01,
+ (byte) 0x03, (byte) 0x32, (byte) 0x00, (byte) 0x04, (byte) 0xde, (byte) 0x75, (byte) 0x22, (byte) 0x4c,
+ (byte) 0xc4, (byte) 0xd4, (byte) 0x14, (byte) 0x16, (byte) 0x48, (byte) 0x4a, (byte) 0x65, (byte) 0x9d,
+ (byte) 0x5a, (byte) 0x39, (byte) 0x71, (byte) 0x11, (byte) 0x1c, (byte) 0x33, (byte) 0x7e, (byte) 0x7f,
+ (byte) 0xb4, (byte) 0x06, (byte) 0x33, (byte) 0x74, (byte) 0xe6, (byte) 0xf3, (byte) 0xc2, (byte) 0x56,
+ (byte) 0x46, (byte) 0x18, (byte) 0x39, (byte) 0xb9, (byte) 0xc4, (byte) 0x47, (byte) 0x84, (byte) 0xf5,
+ (byte) 0x46, (byte) 0x41, (byte) 0x60, (byte) 0x78, (byte) 0x81, (byte) 0x45, (byte) 0x4a, (byte) 0x0f,
+ (byte) 0x67, (byte) 0x77, (byte) 0x77, (byte) 0xb2, (byte) 0xa3, (byte) 0x82, (byte) 0x02, (byte) 0x33,
+ (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x2f, (byte) 0x30, (byte) 0x13, (byte) 0x06, (byte) 0x03,
+ (byte) 0x55, (byte) 0x1d, (byte) 0x23, (byte) 0x04, (byte) 0x0c, (byte) 0x30, (byte) 0x0a, (byte) 0x80,
+ (byte) 0x08, (byte) 0x46, (byte) 0x06, (byte) 0x9f, (byte) 0x8e, (byte) 0x41, (byte) 0x8e, (byte) 0x15,
+ (byte) 0xbd, (byte) 0x30, (byte) 0x27, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01,
+ (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x01, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0xff,
+ (byte) 0x04, (byte) 0x18, (byte) 0x30, (byte) 0x16, (byte) 0x30, (byte) 0x08, (byte) 0x06, (byte) 0x06,
+ (byte) 0x04, (byte) 0x00, (byte) 0x8e, (byte) 0x46, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x0a,
+ (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07,
+ (byte) 0x0b, (byte) 0x01, (byte) 0x30, (byte) 0x81, (byte) 0x84, (byte) 0x06, (byte) 0x08, (byte) 0x2b,
+ (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x01, (byte) 0x01, (byte) 0x04,
+ (byte) 0x78, (byte) 0x30, (byte) 0x76, (byte) 0x30, (byte) 0x2c, (byte) 0x06, (byte) 0x08, (byte) 0x2b,
+ (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30, (byte) 0x01, (byte) 0x86,
+ (byte) 0x20, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x70, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f, (byte) 0x63, (byte) 0x73,
+ (byte) 0x70, (byte) 0x30, (byte) 0x46, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06, (byte) 0x01,
+ (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x30, (byte) 0x02, (byte) 0x86, (byte) 0x3a, (byte) 0x68,
+ (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x77, (byte) 0x77,
+ (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73,
+ (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x63, (byte) 0x65, (byte) 0x72,
+ (byte) 0x74, (byte) 0x73, (byte) 0x2f, (byte) 0x61, (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67,
+ (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72, (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75,
+ (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53,
+ (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30, (byte) 0x32, (byte) 0x2e, (byte) 0x63, (byte) 0x72,
+ (byte) 0x74, (byte) 0x30, (byte) 0x81, (byte) 0x92, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d,
+ (byte) 0x20, (byte) 0x04, (byte) 0x81, (byte) 0x8a, (byte) 0x30, (byte) 0x81, (byte) 0x87, (byte) 0x30,
+ (byte) 0x7b, (byte) 0x06, (byte) 0x06, (byte) 0x2a, (byte) 0x28, (byte) 0x00, (byte) 0x11, (byte) 0x01,
+ (byte) 0x03, (byte) 0x30, (byte) 0x71, (byte) 0x30, (byte) 0x35, (byte) 0x06, (byte) 0x08, (byte) 0x2b,
+ (byte) 0x06, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x01, (byte) 0x16,
+ (byte) 0x29, (byte) 0x68, (byte) 0x74, (byte) 0x74, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f,
+ (byte) 0x77, (byte) 0x77, (byte) 0x77, (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x64,
+ (byte) 0x6f, (byte) 0x63, (byte) 0x73, (byte) 0x2f, (byte) 0x63, (byte) 0x70, (byte) 0x2f, (byte) 0x61,
+ (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x74, (byte) 0x65,
+ (byte) 0x73, (byte) 0x74, (byte) 0x30, (byte) 0x38, (byte) 0x06, (byte) 0x08, (byte) 0x2b, (byte) 0x06,
+ (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x07, (byte) 0x02, (byte) 0x02, (byte) 0x30, (byte) 0x2c,
+ (byte) 0x1a, (byte) 0x2a, (byte) 0x44, (byte) 0x69, (byte) 0x65, (byte) 0x73, (byte) 0x65, (byte) 0x73,
+ (byte) 0x20, (byte) 0x5a, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69,
+ (byte) 0x6b, (byte) 0x61, (byte) 0x74, (byte) 0x20, (byte) 0x64, (byte) 0x69, (byte) 0x65, (byte) 0x6e,
+ (byte) 0x74, (byte) 0x20, (byte) 0x6e, (byte) 0x75, (byte) 0x72, (byte) 0x20, (byte) 0x7a, (byte) 0x75,
+ (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x7a, (byte) 0x77, (byte) 0x65,
+ (byte) 0x63, (byte) 0x6b, (byte) 0x65, (byte) 0x6e, (byte) 0x30, (byte) 0x08, (byte) 0x06, (byte) 0x06,
+ (byte) 0x04, (byte) 0x00, (byte) 0x8b, (byte) 0x30, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x81,
+ (byte) 0xa4, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x1f, (byte) 0x04, (byte) 0x81,
+ (byte) 0x9c, (byte) 0x30, (byte) 0x81, (byte) 0x99, (byte) 0x30, (byte) 0x81, (byte) 0x96, (byte) 0xa0,
+ (byte) 0x81, (byte) 0x93, (byte) 0xa0, (byte) 0x81, (byte) 0x90, (byte) 0x86, (byte) 0x81, (byte) 0x8d,
+ (byte) 0x6c, (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x3a, (byte) 0x2f, (byte) 0x2f, (byte) 0x6c,
+ (byte) 0x64, (byte) 0x61, (byte) 0x70, (byte) 0x2d, (byte) 0x74, (byte) 0x65, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x2d, (byte) 0x74, (byte) 0x72, (byte) 0x75, (byte) 0x73, (byte) 0x74,
+ (byte) 0x2e, (byte) 0x61, (byte) 0x74, (byte) 0x2f, (byte) 0x6f, (byte) 0x75, (byte) 0x3d, (byte) 0x61,
+ (byte) 0x2d, (byte) 0x73, (byte) 0x69, (byte) 0x67, (byte) 0x6e, (byte) 0x2d, (byte) 0x50, (byte) 0x72,
+ (byte) 0x65, (byte) 0x6d, (byte) 0x69, (byte) 0x75, (byte) 0x6d, (byte) 0x2d, (byte) 0x54, (byte) 0x65,
+ (byte) 0x73, (byte) 0x74, (byte) 0x2d, (byte) 0x53, (byte) 0x69, (byte) 0x67, (byte) 0x2d, (byte) 0x30,
+ (byte) 0x32, (byte) 0x2c, (byte) 0x6f, (byte) 0x3d, (byte) 0x41, (byte) 0x2d, (byte) 0x54, (byte) 0x72,
+ (byte) 0x75, (byte) 0x73, (byte) 0x74, (byte) 0x2c, (byte) 0x63, (byte) 0x3d, (byte) 0x41, (byte) 0x54,
+ (byte) 0x3f, (byte) 0x63, (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69,
+ (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x65, (byte) 0x76, (byte) 0x6f,
+ (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x6c, (byte) 0x69,
+ (byte) 0x73, (byte) 0x74, (byte) 0x3f, (byte) 0x62, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x3f,
+ (byte) 0x6f, (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x63, (byte) 0x6c,
+ (byte) 0x61, (byte) 0x73, (byte) 0x73, (byte) 0x3d, (byte) 0x65, (byte) 0x69, (byte) 0x64, (byte) 0x43,
+ (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61,
+ (byte) 0x74, (byte) 0x69, (byte) 0x6f, (byte) 0x6e, (byte) 0x41, (byte) 0x75, (byte) 0x74, (byte) 0x68,
+ (byte) 0x6f, (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, (byte) 0x30, (byte) 0x11, (byte) 0x06,
+ (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, (byte) 0x04, (byte) 0x0a, (byte) 0x04, (byte) 0x08,
+ (byte) 0x47, (byte) 0x64, (byte) 0x6e, (byte) 0xbb, (byte) 0x92, (byte) 0xa0, (byte) 0xf6, (byte) 0xf4,
+ (byte) 0x30, (byte) 0x0e, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0f, (byte) 0x01,
+ (byte) 0x01, (byte) 0xff, (byte) 0x04, (byte) 0x04, (byte) 0x03, (byte) 0x02, (byte) 0x06, (byte) 0xc0,
+ (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04,
+ (byte) 0x02, (byte) 0x30, (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a,
+ (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05,
+ (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x82, (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x06,
+ (byte) 0x63, (byte) 0x76, (byte) 0x0a, (byte) 0xd5, (byte) 0x54, (byte) 0xfa, (byte) 0x51, (byte) 0x2a,
+ (byte) 0xb0, (byte) 0x41, (byte) 0xdc, (byte) 0xa4, (byte) 0x9b, (byte) 0x52, (byte) 0x1c, (byte) 0x0e,
+ (byte) 0x1d, (byte) 0x65, (byte) 0x46, (byte) 0x2b, (byte) 0xa3, (byte) 0xcd, (byte) 0xd4, (byte) 0x46,
+ (byte) 0x36, (byte) 0x40, (byte) 0xc3, (byte) 0x49, (byte) 0xe8, (byte) 0xa4, (byte) 0xdc, (byte) 0x01,
+ (byte) 0xde, (byte) 0x70, (byte) 0x97, (byte) 0x31, (byte) 0xb0, (byte) 0xcd, (byte) 0xdf, (byte) 0x69,
+ (byte) 0xf8, (byte) 0xc3, (byte) 0x83, (byte) 0xee, (byte) 0xc6, (byte) 0xed, (byte) 0xe3, (byte) 0x18,
+ (byte) 0x1a, (byte) 0x80, (byte) 0xc1, (byte) 0x30, (byte) 0xa9, (byte) 0xd6, (byte) 0xb1, (byte) 0xb8,
+ (byte) 0xa8, (byte) 0xe0, (byte) 0x3d, (byte) 0xb1, (byte) 0x8e, (byte) 0x2c, (byte) 0xc9, (byte) 0xa6,
+ (byte) 0x05, (byte) 0x6e, (byte) 0x4a, (byte) 0xd2, (byte) 0xb2, (byte) 0x03, (byte) 0xa4, (byte) 0x2b,
+ (byte) 0xa2, (byte) 0xad, (byte) 0xad, (byte) 0xe5, (byte) 0xba, (byte) 0x0d, (byte) 0x54, (byte) 0x8d,
+ (byte) 0x92, (byte) 0x51, (byte) 0xda, (byte) 0x58, (byte) 0xed, (byte) 0xd3, (byte) 0x8d, (byte) 0x61,
+ (byte) 0xa1, (byte) 0xfc, (byte) 0x49, (byte) 0xf6, (byte) 0x80, (byte) 0xdb, (byte) 0x65, (byte) 0x92,
+ (byte) 0xe0, (byte) 0xd5, (byte) 0x23, (byte) 0x69, (byte) 0x0f, (byte) 0x38, (byte) 0x11, (byte) 0x61,
+ (byte) 0x1e, (byte) 0xcd, (byte) 0xa2, (byte) 0x8e, (byte) 0x68, (byte) 0xec, (byte) 0x70, (byte) 0xfb,
+ (byte) 0x55, (byte) 0x95, (byte) 0xcb, (byte) 0xb4, (byte) 0x18, (byte) 0x6b, (byte) 0x3a, (byte) 0x25,
+ (byte) 0x4a, (byte) 0x3e, (byte) 0x07, (byte) 0xb0, (byte) 0x18, (byte) 0x26, (byte) 0x51, (byte) 0x39,
+ (byte) 0x46, (byte) 0xfa, (byte) 0xe2, (byte) 0xae, (byte) 0xe6, (byte) 0x1c, (byte) 0xd2, (byte) 0xcb,
+ (byte) 0x28, (byte) 0xa1, (byte) 0x8b, (byte) 0x56, (byte) 0xbb, (byte) 0xe9, (byte) 0x6c, (byte) 0xf7,
+ (byte) 0x0b, (byte) 0x84, (byte) 0xdd, (byte) 0x7f, (byte) 0x64, (byte) 0x8b, (byte) 0x43, (byte) 0x93,
+ (byte) 0x62, (byte) 0x39, (byte) 0xfb, (byte) 0x91, (byte) 0xfa, (byte) 0x3a, (byte) 0x57, (byte) 0x56,
+ (byte) 0x4a, (byte) 0xaa, (byte) 0x99, (byte) 0x1e, (byte) 0x9b, (byte) 0xcc, (byte) 0xa4, (byte) 0xc0,
+ (byte) 0x18, (byte) 0x46, (byte) 0xae, (byte) 0x15, (byte) 0x24, (byte) 0xf5, (byte) 0xf3, (byte) 0xe6,
+ (byte) 0x36, (byte) 0x55, (byte) 0x29, (byte) 0xa8, (byte) 0xa9, (byte) 0xaf, (byte) 0x7b, (byte) 0x44,
+ (byte) 0x19, (byte) 0xda, (byte) 0x66, (byte) 0x4d, (byte) 0x11, (byte) 0x89, (byte) 0x28, (byte) 0x34,
+ (byte) 0x01, (byte) 0x15, (byte) 0x24, (byte) 0x93, (byte) 0x43, (byte) 0x6a, (byte) 0x8f, (byte) 0xe4,
+ (byte) 0x54, (byte) 0x3a, (byte) 0x3d, (byte) 0x9b, (byte) 0x2f, (byte) 0xc3, (byte) 0xdb, (byte) 0x7e,
+ (byte) 0x5e, (byte) 0x12, (byte) 0x00, (byte) 0xaa, (byte) 0xe7, (byte) 0xc1, (byte) 0x82, (byte) 0x1c,
+ (byte) 0x1d, (byte) 0x1d, (byte) 0x23, (byte) 0x1d, (byte) 0xa3, (byte) 0xcc, (byte) 0x59, (byte) 0xe4,
+ (byte) 0x7a, (byte) 0xf0, (byte) 0x14, (byte) 0x17, (byte) 0xfb, (byte) 0x96, (byte) 0x90, (byte) 0xc1,
+ (byte) 0xc0, (byte) 0xde, (byte) 0xdb, (byte) 0x91, (byte) 0xfb, (byte) 0x49, (byte) 0x39, (byte) 0x70,
+ (byte) 0x76, (byte) 0x2f, (byte) 0x7b, (byte) 0x22, (byte) 0xcd, (byte) 0x35, (byte) 0xcb, (byte) 0xed,
+ (byte) 0x8f, (byte) 0xb3, (byte) 0x66, (byte) 0xae, (byte) 0x95, (byte) 0x49, (byte) 0x75
+ };
+
+ protected static final int KID_PIN_SS = 0x81;
+
+ protected byte[] EF_C_X509_CH_DS = new byte[2000];
+
+ public STARCOSApplSichereSignatur(STARCOSCardChannelEmul channel, byte[] SS_pin, int pinState) {
+ super(channel);
+ // Files
+ System.arraycopy(C_X509_CH_DS, 0, EF_C_X509_CH_DS, 0, C_X509_CH_DS.length);
+ putFile(new File(FID_EF_C_X509_CH_DS, EF_C_X509_CH_DS, FCI_EF_C_X509_CH_DS));
+
+ // PINs
+ pins.put(KID_PIN_SS, new PIN(SS_pin, KID_PIN_SS, 3, pinState));
+ }
+
+ @Override
+ public byte[] getAID() {
+ return AID_SichereSignatur;
+ }
+
+ @Override
+ public byte[] getFID() {
+ return FID_SichereSignatur;
+ }
+
+ @Override
+ public byte[] getFCI() {
+ return FCI;
+ }
+
+ @Override
+ public ResponseAPDU cmdPERFORM_SECURITY_OPERATION(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x2A);
+
+ if (command.getP1() == 0x90 && command.getP2() == 0xA0) {
+
+ // HASH
+ byte[] data = command.getData();
+ if (data[0] == (byte) 0x90 && data[1] == (byte) 0x14) {
+ hash = Arrays.copyOfRange(data, 2, data.length);
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ throw new CardException("HASH command only supports complete hash.");
+ }
+
+ } else if (command.getP1() == 0x9E && command.getP2() == 0x9A) {
+
+ // COMPUTE DIGITAL SIGNATURE
+ if (securityEnv == null) {
+ // No security environment
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ if (hash == null) {
+ // Command sequence not correct
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x03});
+ }
+ if (hash.length != 20) {
+ // Invalid hash length
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ if (pins.get(KID_PIN_SS).state != PIN.STATE_PIN_VERIFIED) {
+ // Security Status not satisfied
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+
+ byte[] signature = new byte[48];
+
+ // TODO replace by signature creation
+ Random random = new Random();
+ random.nextBytes(signature);
+
+ byte[] response = new byte[signature.length + 2];
+ System.arraycopy(signature, 0, response, 0, signature.length);
+ response[signature.length] = (byte) 0x90;
+ response[signature.length + 1] = (byte) 0x00;
+
+ hash = null;
+ pins.get(KID_PIN_SS).state = PIN.STATE_RESET;
+
+ return new ResponseAPDU(response);
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ public void clearCert() {
+ Arrays.fill(EF_C_X509_CH_DS, (byte) 0x00);
+ }
+
+ @Override
+ public ResponseAPDU cmdMANAGE_SECURITY_ENVIRONMENT(CommandAPDU command, CardChannelEmul channel) throws CardException {
+
+ checkINS(command, 0x22);
+
+ switch (command.getP2()) {
+ case 0xA4:
+ switch (command.getP1()) {
+ case 0x41:
+ // INTERNAL AUTHENTICATE
+ case 0x81:
+ // EXTERNAL AUTHENTICATE
+ }
+ case 0xB6:
+ switch (command.getP1()) {
+ case 0x41: {
+ // PSO - COMPUTE DIGITAL SIGNATURE
+ byte[] dst = new byte[] { (byte) 0x84, (byte) 0x03, (byte) 0x80,
+ (byte) 0x02, (byte) 0x00, (byte) 0x89, (byte) 0x03, (byte) 0x13, (byte) 0x35, (byte) 0x10};
+ if (Arrays.equals(dst, command.getData())) {
+ securityEnv = command.getData();
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ }
+ }
+ case 0x81:
+ // PSO - VERIFY DGITAL SIGNATURE
+ }
+ case 0xB8:
+ switch (command.getP1()) {
+ case 0x41:
+ // PSO � DECIPHER
+ case 0x81:
+ // PSO � ENCIPHER
+ }
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x81});
+ }
+
+ }
+
+ /**
+ * set and activate pin
+ * @param value if null, pin will be set to NOTACTIVE
+ */
+ @Override
+ public void setPin(int kid, char[] value) {
+ PIN pin = pins.get(kid);
+ if (pin != null) {
+ if (value == null) {
+// pin.pin = null;
+ //TransportPIN
+// pin.pin = new byte[] { (byte) 0x26, (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+ pin.state = PIN.STATE_PIN_NOTACTIVE;
+ } else {
+ byte[] b = new byte[8];
+ b[0] = (byte) (0x20 | value.length);
+ for(int i = 1, j = 0; i < b.length; i++) {
+ int h = ((j < value.length)
+ ? Character.digit(value[j++], 10)
+ : 0x0F);
+ int l = ((j < value.length)
+ ? Character.digit(value[j++], 10)
+ : 0x0F);
+ b[i] = (byte) ((h << 4) | l);
+ }
+ pin.pin = b;
+ pin.state = PIN.STATE_RESET;
+ }
+ }
+ }
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardChannelEmul.java
new file mode 100644
index 00000000..2e0c54eb
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardChannelEmul.java
@@ -0,0 +1,434 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import java.util.Arrays;
+import java.util.HashMap;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+
+import at.gv.egiz.smcc.AbstractAppl;
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+import java.util.ArrayList;
+import java.util.List;
+
+@SuppressWarnings("restriction")
+public class STARCOSCardChannelEmul extends CardChannelEmul {
+
+ public static final int KID_PIN_Glob = 0x01;
+
+ /**
+ *
+ */
+ protected CardEmul cardEmul;
+
+ public final List<File> globalFiles = new ArrayList<File>();
+ public final HashMap<Integer, PIN> globalPins = new HashMap<Integer, PIN>();
+
+ public STARCOSCardChannelEmul(CardEmul cardEmul, byte[] Glob_PIN, int PIN_STATE) {
+ this.cardEmul = cardEmul;
+ globalPins.put(KID_PIN_Glob, new PIN(Glob_PIN, KID_PIN_Glob, 10, PIN_STATE));
+ }
+
+ @Override
+ public Card getCard() {
+ return cardEmul;
+ }
+
+ protected ResponseAPDU cmdSELECT(CommandAPDU command) throws CardException {
+
+ byte[] fid = command.getData();
+
+ switch (command.getP1()) {
+ case 0x00: // MF
+ if (fid.length !=0) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x80});
+ } else {
+ currentFile = null;
+ currentAppl = null;
+ return new ResponseAPDU(new byte[] {(byte) 0x90, (byte) 0x00});
+ }
+
+ case 0x01: // Lower-level DF
+ throw new CardException("Not supported.");
+
+ case 0x02: // EF in current DF
+ if (currentAppl != null) {
+ if (command.getP2() != 0x04) {
+ throw new CardException("Not supported.");
+ }
+ for (File file : currentAppl.getFiles()) {
+ if (Arrays.equals(fid, file.fid)) {
+ currentFile = file;
+ byte[] response = new byte[file.fcx.length + 2];
+ System.arraycopy(file.fcx, 0, response, 0, file.fcx.length);
+ response[file.fcx.length] = (byte) 0x90;
+ response[file.fcx.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+ }
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x82});
+ } else if (globalFiles != null) {
+ if (command.getP2() != 0x04) {
+ throw new CardException("Not supported.");
+ }
+ for (File file : globalFiles) {
+ if (Arrays.equals(fid, file.fid)) {
+ currentFile = file;
+ byte[] response = new byte[file.fcx.length + 2];
+ System.arraycopy(file.fcx, 0, response, 0, file.fcx.length);
+ response[file.fcx.length] = (byte) 0x90;
+ response[file.fcx.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+ }
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x82});
+ } else {
+ throw new CardException("Not supported.");
+ }
+
+ case 0x03: // Higher-level DF
+ throw new CardException("Not supported.");
+
+ case 0x04: // Selection by DF name
+ AbstractAppl appl = cardEmul.getApplication(fid);
+ if (appl != null) {
+ if (command.getP2() != 0x00) {
+ throw new CardException("Not supported.");
+ }
+ if (currentAppl != null && currentAppl != appl) {
+ currentAppl.leaveApplContext();
+ currentFile = null;
+ }
+ currentAppl = appl;
+
+ byte[] fci = currentAppl.getFCI();
+ byte[] response = new byte[fci.length + 2];
+ System.arraycopy(fci, 0, response, 0, fci.length);
+ response[fci.length] = (byte) 0x90;
+ response[fci.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+
+ default:
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x86});
+ }
+
+ }
+
+ protected ResponseAPDU cmdREAD_RECORD(CommandAPDU command) throws CardException {
+ if (command.getINS() != 0xB2) {
+ throw new IllegalArgumentException("INS has to be 0xB2");
+ }
+ if (currentFile == null) {
+ return new ResponseAPDU(new byte[]{ (byte) 0x69, (byte) 0x86 });
+ }
+ if (command.getP1() != 0x01 || command.getP2() != 0x04) {
+ throw new CardException("Not implemented.");
+ }
+ byte[] response = new byte[currentFile.file.length + 2];
+ System.arraycopy(currentFile.file, 0, response, 0, currentFile.file.length);
+ response[currentFile.file.length] = (byte) 0x90;
+ response[currentFile.file.length + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ }
+
+ protected ResponseAPDU cmdREAD_BINARY(CommandAPDU command) throws CardException {
+
+ if (command.getINS() != 0xB0) {
+ throw new IllegalArgumentException("INS has to be 0xB0.");
+ }
+
+ if (currentFile == null) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x86});
+ }
+
+ if ((command.getP1() & 0x80) > 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ int offset = command.getP2() + (command.getP1() << 8);
+ if (offset > currentFile.file.length) {
+ // Wrong length
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (command.getNe() == 0) {
+ throw new CardException("Not implemented.");
+ }
+
+ if (currentFile.kid != -1) {
+ PIN pin;
+ if ((currentFile.kid & 0x80) > 0) {
+ if (currentAppl == null
+ || (pin = currentAppl.pins.get(currentFile.kid)) == null
+ || pin.state != PIN.STATE_PIN_VERIFIED) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+ } else {
+ if ((pin = globalPins.get(currentFile.kid)) == null
+ || pin.state != PIN.STATE_PIN_VERIFIED) {
+ return new ResponseAPDU(new byte[] {(byte) 0x69, (byte) 0x82});
+ }
+ }
+ }
+
+ if (command.getNe() == 256 || command.getNe() <= currentFile.file.length - offset) {
+ int len = Math.min(command.getNe(), currentFile.file.length - offset);
+ byte[] response = new byte[len + 2];
+ System.arraycopy(currentFile.file, offset, response, 0, len);
+ response[len] = (byte) 0x90;
+ response[len + 1] = (byte) 0x00;
+ return new ResponseAPDU(response);
+ } else if (command.getNe() >= currentFile.file.length - offset) {
+ return new ResponseAPDU(new byte[] {(byte) 0x62, (byte) 0x82});
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ }
+
+
+ @Override
+ public ResponseAPDU transmit(CommandAPDU command) throws CardException {
+
+ if (command.getCLA() == 0x00) {
+
+ switch (command.getINS()) {
+
+ // SELECT
+ case 0xA4:
+ return cmdSELECT(command);
+
+ // READ BINARY
+ case 0xB0:
+ return cmdREAD_BINARY(command);
+
+ // READ RECORD
+ case 0xB2:
+ return cmdREAD_RECORD(command);
+
+ // VERIFY
+ case 0x20:
+ return cmdVERIFY(command);
+
+ // MANAGE SECURITY ENVIRONMENT
+ case 0x22: {
+ if (currentAppl != null) {
+ return currentAppl.cmdMANAGE_SECURITY_ENVIRONMENT(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ // CHANGE REFERENCE DATA
+ case 0x24: {
+ return cmdCHANGE_REFERENCE_DATA(command);
+ }
+
+ // PERFORM SECURITY OPERATION
+ case 0x2A: {
+ if (currentAppl != null) {
+ return currentAppl.cmdPERFORM_SECURITY_OPERATION(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ // INTERNAL AUTHENTICATE
+ case 0x88: {
+ if (currentAppl != null) {
+ return currentAppl.cmdINTERNAL_AUTHENTICATE(command, this);
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6F, (byte) 0x05});
+ }
+ }
+
+ default:
+ return new ResponseAPDU(new byte[] { (byte) 0x6D, (byte) 0x00});
+ }
+
+ } else {
+ return new ResponseAPDU(new byte[] { (byte) 0x6E, (byte) 0x00});
+ }
+
+ }
+
+ protected ResponseAPDU verifyPin(int kid, byte[] reference) {
+
+ PIN pin;
+ if ((kid & 0x80) > 0 && currentAppl != null) {
+ pin = currentAppl.pins.get(kid);
+ } else {
+ pin = globalPins.get(kid);
+ }
+
+ if (pin != null) {
+
+ if (reference == null || reference.length == 0) {
+ if (pin.state == PIN.STATE_PIN_NOTACTIVE) {
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x84 });
+ } else if (pin.state == PIN.STATE_PIN_BLOCKED) {
+ return new ResponseAPDU(new byte[] { (byte) 0x63, (byte) 0xc0 });
+ } else {
+ return new ResponseAPDU(new byte[] { (byte) 0x63, (byte) (pin.kfpc | 0xC0)});
+ }
+ }
+
+ if (reference.length != 8) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ if (Arrays.equals(reference, pin.pin)) {
+ switch (pin.state) {
+ case PIN.STATE_PIN_BLOCKED:
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+
+ case PIN.STATE_RESET:
+ pin.state = PIN.STATE_PIN_VERIFIED;
+
+ default:
+ pin.kfpc = 10;
+ return new ResponseAPDU(new byte[] { (byte) 0x90, (byte) 0x00 });
+ }
+ } else {
+ switch (pin.state) {
+ case PIN.STATE_PIN_BLOCKED:
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+
+ default:
+ if (--pin.kfpc > 0) {
+ return new ResponseAPDU(new byte[] { (byte) 0x63, (byte) (pin.kfpc | 0xC0)});
+ } else {
+ pin.state = PIN.STATE_PIN_BLOCKED;
+ return new ResponseAPDU(new byte[] { (byte) 0x69, (byte) 0x83 });
+ }
+ }
+
+ }
+
+ } else {
+ return new ResponseAPDU(new byte[] {(byte) 0x6A, (byte) 0x00});
+ }
+
+ }
+
+ protected ResponseAPDU cmdVERIFY(CommandAPDU command) throws CardException {
+
+ if (command.getINS() != 0x20) {
+ throw new IllegalArgumentException("INS has to be 0x20.");
+ }
+
+ if (command.getP1() != 00) {
+ return new ResponseAPDU(new byte[] {(byte) 0x6B, (byte) 0x00});
+ }
+
+ return verifyPin(command.getP2(), command.getData());
+
+ }
+
+ protected ResponseAPDU cmdCHANGE_REFERENCE_DATA(CommandAPDU command) {
+
+ if (command.getINS() != 0x24) {
+ throw new IllegalArgumentException("INS has to be 0x24.");
+ }
+
+ byte[] data = command.getData();
+
+ ResponseAPDU response;
+
+ if (command.getP1() == 0x01) {
+
+ if (data.length != 8) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ PIN pin;
+ if (currentAppl != null) {
+ pin = currentAppl.pins.get(command.getP2());
+ } else {
+ pin = globalPins.get(command.getP2());
+ }
+ if (pin.state == PIN.STATE_PIN_NOTACTIVE) {
+ pin.pin = data;
+ pin.state = PIN.STATE_RESET;
+ response = new ResponseAPDU(new byte[] { (byte) 0x90, (byte) 0x00 });
+ } else {
+ // P1 == 0x01 not allowed on active pin (?)
+ response = new ResponseAPDU(new byte[] { (byte) 0x6A, (byte) 0x86});
+ }
+
+ } else if (command.getP1() == 0x00) {
+
+ if (data.length != 16) {
+ return new ResponseAPDU(new byte[] {(byte) 0x67, (byte) 0x00});
+ }
+
+ response = verifyPin(0xFF & command.getP2(), Arrays.copyOf(data, 8));
+
+ if (response.getSW() == 0x9000) {
+ PIN pin;
+ if (currentAppl != null) {
+ pin = currentAppl.pins.get(command.getP2());
+ } else {
+ pin = globalPins.get(command.getP2());
+ }
+ pin.pin = Arrays.copyOfRange(data, 8, 16);
+ pin.state = PIN.STATE_PIN_VERIFIED;
+ }
+
+ } else {
+ return new ResponseAPDU(new byte[] { (byte) 0x6A, (byte) 0x81 });
+ }
+
+ return response;
+
+ }
+
+ public void setPin(int kid, char[] value) {
+ PIN pin = globalPins.get(kid);
+ if (pin != null) {
+ if (value == null) {
+// pin.pin = null;
+ //TransportPIN
+// pin.pin = new byte[] { (byte) 0x24, (byte) 0x12, (byte) 0x34, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+ pin.state = PIN.STATE_PIN_NOTACTIVE;
+ } else {
+ byte[] b = new byte[8];
+ b[0] = (byte) (0x20 | value.length);
+ for(int i = 1, j = 0; i < b.length; i++) {
+ int h = ((j < value.length)
+ ? Character.digit(value[j++], 10)
+ : 0x0F);
+ int l = ((j < value.length)
+ ? Character.digit(value[j++], 10)
+ : 0x0F);
+ b[i] = (byte) ((h << 4) | l);
+ }
+ pin.pin = b;
+ }
+ }
+ }
+
+
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardEmul.java
new file mode 100644
index 00000000..5963fb63
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardEmul.java
@@ -0,0 +1,54 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+
+import javax.smartcardio.ATR;
+
+import at.gv.egiz.smcc.CardChannelEmul;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public class STARCOSCardEmul extends CardEmul {
+
+ public static byte[] DEFAULT_SS_PIN = new byte[] { (byte) 0x26, (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+ public static byte[] DEFAULT_Glob_PIN = new byte[] { (byte) 0x24, (byte) 0x00, (byte) 0x00, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+
+ protected static ATR ATR = new ATR(new byte[] {
+ (byte) 0x3b, (byte) 0xbd, (byte) 0x18, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x80, (byte) 0x51, (byte) 0x02, (byte) 0x67, (byte) 0x05, (byte) 0x18, (byte) 0xb1, (byte) 0x02,
+ (byte) 0x02, (byte) 0x02, (byte) 0x01, (byte) 0x81, (byte) 0x05, (byte) 0x31
+ });
+
+ public STARCOSCardEmul() {
+ this(DEFAULT_SS_PIN, DEFAULT_Glob_PIN, PIN.STATE_RESET);
+ }
+
+ public STARCOSCardEmul(byte[] SS_PIN, byte[] Glob_PIN, int PIN_STATE) {
+ channel = new STARCOSCardChannelEmul(this, Glob_PIN, PIN_STATE);
+ applications.add(new STARCOSApplSichereSignatur((STARCOSCardChannelEmul) channel, SS_PIN, PIN_STATE));
+ applications.add(new STARCOSApplInfobox((STARCOSCardChannelEmul) channel));
+ applications.add(new STARCOSApplGewoehnlicheSignatur((STARCOSCardChannelEmul) channel,
+ STARCOSApplGewoehnlicheSignatur.DST));
+ }
+
+ @Override
+ public ATR getATR() {
+ return ATR;
+ }
+} \ No newline at end of file
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardTest.java
new file mode 100644
index 00000000..154884d4
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSCardTest.java
@@ -0,0 +1,346 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+
+
+import org.junit.Test;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.CardTerminalEmul;
+import at.gv.egiz.smcc.CardTest;
+import at.gv.egiz.smcc.pin.gui.ChangePINProvider;
+import at.gv.egiz.smcc.pin.gui.InvalidChangePINProvider;
+import at.gv.egiz.smcc.pin.gui.InvalidPINProvider;
+import at.gv.egiz.smcc.LockedException;
+import at.gv.egiz.smcc.NotActivatedException;
+import at.gv.egiz.smcc.PIN;
+import at.gv.egiz.smcc.PINFormatException;
+import at.gv.egiz.smcc.PINMgmtSignatureCard;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.SignatureCardFactory;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+import at.gv.egiz.smcc.SignatureCard.KeyboxName;
+import org.junit.Ignore;
+
+public class STARCOSCardTest extends CardTest {
+
+ @Override
+ protected SignatureCard createSignatureCard()
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ STARCOSCardEmul card = new STARCOSCardEmul();
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ protected SignatureCard createSignatureCard(byte[] SS_PIN, byte[] Glob_PIN, int pinState)
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ STARCOSCardEmul card = new STARCOSCardEmul(SS_PIN, Glob_PIN, pinState);
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ @Test
+ public void testGetInfoboxIdentityLinkEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSApplInfobox appl = (STARCOSApplInfobox) card.getApplication(STARCOSAppl.AID_Infobox);
+ appl.clearInfobox();
+
+ byte[] idlink = signatureCard.getInfobox("IdentityLink",
+ new SMCCTestPINProvider(pin), null);
+ assertNull(idlink);
+
+ }
+
+ @Test(expected = SignatureCardException.class)
+ public void testGetInfoboxIdentityInvalid() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ char[] pin = "0000".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSApplInfobox appl = (STARCOSApplInfobox) card.getApplication(STARCOSAppl.AID_Infobox);
+ appl.setInfoboxHeader((byte) 0xFF);
+
+ signatureCard.getInfobox("IdentityLink", new SMCCTestPINProvider(pin), null);
+
+ }
+
+ @Test
+ public void testGetCerts() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ byte[] cert;
+
+ cert = signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+ assertNotNull(cert);
+ assertTrue(Arrays.equals(cert, STARCOSApplSichereSignatur.C_X509_CH_DS));
+
+ cert = signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR);
+ assertNotNull(cert);
+ assertTrue(Arrays.equals(cert, STARCOSApplGewoehnlicheSignatur.C_X509_CH_AUT));
+
+ }
+
+ @Test(expected = NotActivatedException.class)
+ public void testGetDSCertEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSApplSichereSignatur appl = (STARCOSApplSichereSignatur) card.getApplication(STARCOSApplSichereSignatur.AID_SichereSignatur);
+ appl.clearCert();
+
+ signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+
+ }
+
+ @Test(expected = NotActivatedException.class)
+ public void testGetAUTCertEmpty() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException {
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSApplGewoehnlicheSignatur appl = (STARCOSApplGewoehnlicheSignatur) card.getApplication(STARCOSApplGewoehnlicheSignatur.AID_GewoehnlicheSignatur);
+ appl.clearCert();
+
+ signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR);
+
+ }
+
+ @Test
+ public void testSignSichereSignatur() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ char[] pin = "123456".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSApplSichereSignatur appl = (STARCOSApplSichereSignatur) card.getApplication(STARCOSApplSichereSignatur.AID_SichereSignatur);
+ appl.setPin(STARCOSApplSichereSignatur.KID_PIN_SS, pin);
+
+ byte[] signature = signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")),
+ KeyboxName.SECURE_SIGNATURE_KEYPAIR, new SMCCTestPINProvider(pin), null);
+
+ assertNotNull(signature);
+
+ }
+
+ @Test
+ public void testSignGewoehnlicheSignatur() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ char[] pin = "1234".toCharArray();
+
+ SignatureCard signatureCard = createSignatureCard();
+ CardEmul card = (CardEmul) signatureCard.getCard();
+ STARCOSCardChannelEmul channel = (STARCOSCardChannelEmul) card.getBasicChannel();
+ channel.setPin(STARCOSCardChannelEmul.KID_PIN_Glob, pin);
+
+ byte[] signature = signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")),
+ KeyboxName.CERITIFIED_KEYPAIR, new SMCCTestPINProvider(pin), null);
+
+ assertNotNull(signature);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignSichereSignaturInvalidPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("000000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignGewoehnlicheSignaturInvalidPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard();
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("1234".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignSichereSignaturBlockedPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard(null, null, PIN.STATE_PIN_BLOCKED);
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("000000".toCharArray());
+ assertTrue(pinProvider.getProvided() <= 0);
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.SECURE_SIGNATURE_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test(expected = LockedException.class)
+ public void testSignGewoehnlicheSignaturBlockedPin() throws SignatureCardException,
+ InterruptedException, CardNotSupportedException,
+ NoSuchAlgorithmException, IOException {
+
+ SignatureCard signatureCard = createSignatureCard(null, null, PIN.STATE_PIN_BLOCKED);
+
+ SMCCTestPINProvider pinProvider = new SMCCTestPINProvider("0000".toCharArray());
+
+ signatureCard.createSignature(new ByteArrayInputStream("MOCCA"
+ .getBytes("ASCII")), KeyboxName.CERITIFIED_KEYPAIR,
+ pinProvider, null);
+
+ }
+
+ @Test
+ public void testChangePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ // set all initial pins to DEFAULT_SS_PIN (123456)
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard(
+ STARCOSCardEmul.DEFAULT_SS_PIN, STARCOSCardEmul.DEFAULT_SS_PIN, PIN.STATE_RESET);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = "123456".toCharArray();
+
+ for (int i = pinSpec.getMinLength(); i <= pinSpec.getMaxLength(); i++) {
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ char[] newPin = new char[i];
+ Arrays.fill(newPin, '0');
+ signatureCard
+ .changePIN(pinSpec, new ChangePINProvider(pin, newPin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(newPin));
+ pin = newPin;
+ }
+ }
+ }
+
+ @Test
+ @Override
+ public void testActivatePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard(
+ null, null, PIN.STATE_PIN_NOTACTIVE);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = "1234567890".substring(0, pinSpec.getMinLength()).toCharArray();
+
+ boolean notActive = false;
+ try {
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ } catch (NotActivatedException ex) {
+ notActive = true;
+ }
+ assertTrue(notActive);
+
+ signatureCard.activatePIN(pinSpec, new ChangePINProvider(null, pin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ }
+ }
+
+ @Test
+ public void testVerifyInvalidPin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] invalidPin = "999999".toCharArray();
+ int numInvalidTries = 2;
+ InvalidPINProvider invalidPinProvider = new InvalidPINProvider(invalidPin, numInvalidTries);
+ try {
+ signatureCard.verifyPIN(pinSpec, invalidPinProvider);
+ } catch (CancelledException ex) {
+ } finally {
+ assertTrue(invalidPinProvider.getProvided() == numInvalidTries);
+ }
+ }
+ }
+
+ @Test
+ public void testChangeInvalidPin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard();
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] invalidPin = "999999".toCharArray();
+ int numInvalidTries = 2;
+ InvalidChangePINProvider invalidPinProvider =
+ new InvalidChangePINProvider(invalidPin, invalidPin, numInvalidTries);
+
+ try {
+ signatureCard.changePIN(pinSpec, invalidPinProvider);
+ } catch (CancelledException ex) {
+ } finally {
+ assertTrue(invalidPinProvider.getProvided() == numInvalidTries);
+ }
+ }
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardChannelEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardChannelEmul.java
new file mode 100644
index 00000000..dc6836ae
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardChannelEmul.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.starcos;
+
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.File;
+import at.gv.egiz.smcc.PIN;
+
+/**
+ *
+ * @author clemens
+ */
+public class STARCOSG3CardChannelEmul extends STARCOSCardChannelEmul {
+
+ public STARCOSG3CardChannelEmul(CardEmul cardEmul, byte[] Glob_PIN, int PIN_STATE) {
+ super(cardEmul, Glob_PIN, PIN_STATE);
+
+ // G3 version file
+ byte[] versionFileFID = new byte[]{(byte) 0x00, (byte) 0x32};
+ byte[] versionFile = new byte[]{
+ (byte) 0xa5, (byte) 0x0e, (byte) 0x53, (byte) 0x02, (byte) 0x01, (byte) 0x20, (byte) 0x54, (byte) 0x08,
+ (byte) 0x01, (byte) 0x01, (byte) 0x03, (byte) 0x01, (byte) 0x04, (byte) 0x01, (byte) 0x70, (byte) 0x01};
+ byte[] versionFileFCX = new byte[]{
+ (byte) 0x62, (byte) 0x1a, (byte) 0x80, (byte) 0x02, (byte) 0x00, (byte) 0x14, (byte) 0x82, (byte) 0x05,
+ (byte) 0x44, (byte) 0x41, (byte) 0x00, (byte) 0x14, (byte) 0x01, (byte) 0x83, (byte) 0x02, (byte) 0x00,
+ (byte) 0x32, (byte) 0x88, (byte) 0x01, (byte) 0xd8, (byte) 0x8a, (byte) 0x01, (byte) 0x05, (byte) 0xa1,
+ (byte) 0x03, (byte) 0x8b, (byte) 0x01, (byte) 0x03};
+
+ globalFiles.add(new File(versionFileFID, versionFile, versionFileFCX));
+
+ }
+ }
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardEmul.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardEmul.java
new file mode 100644
index 00000000..7583b3ad
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardEmul.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.smcc.starcos;
+
+import at.gv.egiz.smcc.CardEmul;
+import javax.smartcardio.ATR;
+
+import at.gv.egiz.smcc.PIN;
+
+@SuppressWarnings("restriction")
+public class STARCOSG3CardEmul extends CardEmul {
+
+ public static byte[] TRANSPORT_SS_PIN = new byte[] { (byte) 0x26, (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+ public static byte[] TRANSPORT_Glob_PIN = new byte[] { (byte) 0x24, (byte) 0x12, (byte) 0x34, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+
+ public static byte[] DEFAULT_SS_PIN = TRANSPORT_SS_PIN;
+ public static byte[] DEFAULT_Glob_PIN = new byte[] { (byte) 0x24, (byte) 0x00, (byte) 0x00, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff};
+
+ protected static ATR ATR = new ATR(new byte[] {
+ (byte) 0x3b, (byte) 0xbd, (byte) 0x18, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45,
+ (byte) 0x80, (byte) 0x51, (byte) 0x02, (byte) 0x67, (byte) 0x05, (byte) 0x18, (byte) 0xb1, (byte) 0x02,
+ (byte) 0x02, (byte) 0x02, (byte) 0x01, (byte) 0x81, (byte) 0x05, (byte) 0x31
+ });
+
+ public STARCOSG3CardEmul(byte[] SS_PIN, byte[] Glob_PIN, int PIN_STATE){
+ channel = new STARCOSG3CardChannelEmul(this, Glob_PIN, PIN_STATE);
+ applications.add(new STARCOSApplSichereSignatur((STARCOSCardChannelEmul) channel,
+ SS_PIN, PIN_STATE));
+ applications.add(new STARCOSApplInfobox((STARCOSCardChannelEmul) channel));
+ applications.add(new STARCOSApplGewoehnlicheSignatur((STARCOSCardChannelEmul) channel,
+ STARCOSApplGewoehnlicheSignatur.DST_G3));
+ }
+
+
+ public STARCOSG3CardEmul() {
+ this(DEFAULT_SS_PIN, DEFAULT_Glob_PIN, PIN.STATE_RESET);
+ }
+
+ @Override
+ public ATR getATR() {
+ return ATR;
+ }
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardTest.java
new file mode 100644
index 00000000..06744c82
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/starcos/STARCOSG3CardTest.java
@@ -0,0 +1,119 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.starcos;
+
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+
+
+import org.junit.Test;
+
+import at.gv.egiz.smcc.CancelledException;
+import at.gv.egiz.smcc.CardEmul;
+import at.gv.egiz.smcc.CardNotSupportedException;
+import at.gv.egiz.smcc.CardTerminalEmul;
+import at.gv.egiz.smcc.CardTest;
+import at.gv.egiz.smcc.pin.gui.ChangePINProvider;
+import at.gv.egiz.smcc.LockedException;
+import at.gv.egiz.smcc.NotActivatedException;
+import at.gv.egiz.smcc.PIN;
+import at.gv.egiz.smcc.PINFormatException;
+import at.gv.egiz.smcc.PINMgmtSignatureCard;
+import at.gv.egiz.smcc.PINSpec;
+import at.gv.egiz.smcc.SignatureCard;
+import at.gv.egiz.smcc.SignatureCardException;
+import at.gv.egiz.smcc.SignatureCardFactory;
+import at.gv.egiz.smcc.pin.gui.SMCCTestPINProvider;
+import org.junit.Ignore;
+
+public class STARCOSG3CardTest extends CardTest {
+
+ @Override
+ protected SignatureCard createSignatureCard()
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ STARCOSG3CardEmul card = new STARCOSG3CardEmul();
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ protected SignatureCard createSignatureCard(byte[] SS_PIN, byte[] Glob_PIN, int pinState)
+ throws CardNotSupportedException {
+ SignatureCardFactory factory = SignatureCardFactory.getInstance();
+ STARCOSG3CardEmul card = new STARCOSG3CardEmul(SS_PIN, Glob_PIN, pinState);
+ SignatureCard signatureCard = factory.createSignatureCard(card,
+ new CardTerminalEmul(card));
+ assertTrue(signatureCard instanceof PINMgmtSignatureCard);
+ return signatureCard;
+ }
+
+ @Test
+ public void testChangePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard(
+ STARCOSG3CardEmul.DEFAULT_SS_PIN, STARCOSG3CardEmul.DEFAULT_SS_PIN, PIN.STATE_RESET);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = "123456".toCharArray();
+
+ for (int i = pinSpec.getMinLength(); i <= pinSpec.getMaxLength(); i++) {
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ char[] newPin = new char[i];
+ Arrays.fill(newPin, '0');
+ signatureCard
+ .changePIN(pinSpec, new ChangePINProvider(pin, newPin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(newPin));
+ pin = newPin;
+ }
+ }
+ }
+
+ @Test
+ @Override
+ public void testActivatePin() throws CardNotSupportedException,
+ LockedException, NotActivatedException, CancelledException,
+ PINFormatException, SignatureCardException, InterruptedException {
+
+ PINMgmtSignatureCard signatureCard = (PINMgmtSignatureCard) createSignatureCard(
+ STARCOSG3CardEmul.TRANSPORT_SS_PIN, STARCOSG3CardEmul.TRANSPORT_SS_PIN, PIN.STATE_PIN_NOTACTIVE);
+
+ for (PINSpec pinSpec : signatureCard.getPINSpecs()) {
+
+ char[] pin = "123456789".substring(0, pinSpec.getMinLength()).toCharArray();
+ char[] transportPIN = "123456".toCharArray();
+
+ boolean notActive = false;
+ try {
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ } catch (NotActivatedException ex) {
+ notActive = true;
+ }
+ assertTrue(notActive);
+
+ signatureCard.activatePIN(pinSpec, new ChangePINProvider(transportPIN, pin));
+ signatureCard.verifyPIN(pinSpec, new SMCCTestPINProvider(pin));
+ }
+ }
+
+
+}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/util/ISO7816UtilsTest.java b/smcc/src/test/java/at/gv/egiz/smcc/util/ISO7816UtilsTest.java
new file mode 100644
index 00000000..679f2c02
--- /dev/null
+++ b/smcc/src/test/java/at/gv/egiz/smcc/util/ISO7816UtilsTest.java
@@ -0,0 +1,175 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.smcc.util;
+
+import java.util.Arrays;
+
+import javax.smartcardio.CommandAPDU;
+
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+
+import at.gv.egiz.smcc.VerifyAPDUSpec;
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import static org.junit.Assert.*;
+
+public class ISO7816UtilsTest {
+
+ @Test
+ public void testFormatPIN() {
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_BINARY,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_LEFT, 7, "1234",
+ new byte[] {
+ (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ }
+ );
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_BINARY,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_RIGHT, 7, "12345",
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0x05, (byte) 0x04, (byte) 0x03, (byte) 0x02, (byte) 0x01
+ },
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff
+ }
+ );
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_BCD,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_LEFT, 7, "12345",
+ new byte[] {
+ (byte) 0x12, (byte) 0x34, (byte) 0x50, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xf0, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ }
+ );
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_BCD,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_RIGHT, 7, "1234567",
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x07, (byte) 0x65, (byte) 0x43, (byte) 0x21
+ },
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x0f, (byte) 0xff, (byte) 0xff, (byte) 0xff
+ }
+ );
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_ASCII,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_LEFT, 7, "1234",
+ new byte[] {
+ (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x34, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ },
+ new byte[] {
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00
+ }
+ );
+
+ formatPIN(VerifyAPDUSpec.PIN_FORMAT_ASCII,
+ VerifyAPDUSpec.PIN_JUSTIFICATION_RIGHT, 7, "12345",
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0x35, (byte) 0x34, (byte) 0x33, (byte) 0x32, (byte) 0x31
+ },
+ new byte[] {
+ (byte) 0x00, (byte) 0x00, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff
+ }
+ );
+
+
+ }
+
+ private void formatPIN(int pinFormat, int pinJusitification, int pinLength, String pin, byte[] rfpin, byte[] rmask) {
+
+ byte[] fpin = new byte[pinLength];
+ byte[] mask = new byte[pinLength];
+
+ ISO7816Utils.formatPIN(pinFormat, pinJusitification, fpin, mask, pin.toCharArray());
+
+// System.out.println(toString(fpin));
+// System.out.println(toString(mask));
+
+ assertTrue(Arrays.equals(fpin, rfpin));
+ assertTrue(Arrays.equals(mask, rmask));
+
+ }
+
+ @Test
+ public void testCreateVerifyAPDU() {
+
+ VerifyAPDUSpec verifyAPDUSpec;
+ CommandAPDU apdu;
+ byte[] ref;
+
+ verifyAPDUSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, (byte) 0x80, (byte) 0x08,
+ (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff },
+ 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4);
+
+ apdu = ISO7816Utils.createVerifyAPDU(verifyAPDUSpec, "1234".toCharArray());
+
+// System.out.println(toString(apdu.getBytes()));
+
+ ref = new byte[] { (byte) 0x00, (byte) 0x20, (byte) 0x00, (byte) 0x80,
+ (byte) 0x08, (byte) 0x24, (byte) 0x12, (byte) 0x34, (byte) 0xff,
+ (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff };
+
+ assertTrue(Arrays.equals(apdu.getBytes(), ref));
+
+ ref = new byte[] { (byte) 0x00, (byte) 0x20, (byte) 0x00, (byte) 0x80,
+ (byte) 0x08, (byte) 0x31, (byte) 0x32, (byte) 0x33, (byte) 0x34,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 };
+
+ verifyAPDUSpec = new VerifyAPDUSpec(
+ new byte[] {
+ (byte) 0x00, (byte) 0x20, (byte) 0x00, (byte) 0x80, (byte) 0x08,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 },
+ 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8);
+
+ apdu = ISO7816Utils.createVerifyAPDU(verifyAPDUSpec, "1234".toCharArray());
+
+// System.out.println(toString(apdu.getBytes()));
+
+ assertTrue(Arrays.equals(apdu.getBytes(), ref));
+
+ }
+
+ private String toString(byte[] b) {
+ StringBuffer sb = new StringBuffer();
+ if (b != null && b.length > 0) {
+ sb.append(Integer.toHexString((b[0] & 240) >> 4));
+ sb.append(Integer.toHexString(b[0] & 15));
+ }
+ for (int i = 1; i < b.length; i++) {
+ sb.append(':');
+ sb.append(Integer.toHexString((b[i] & 240) >> 4));
+ sb.append(Integer.toHexString(b[i] & 15));
+ }
+ return sb.toString();
+ }
+
+
+}
diff --git a/smcc/src/test/resources/IdentityLink.bin b/smcc/src/test/resources/IdentityLink.bin
new file mode 100644
index 00000000..16c7375b
--- /dev/null
+++ b/smcc/src/test/resources/IdentityLink.bin
Binary files differ
diff --git a/smcc/src/test/resources/log4j.properties b/smcc/src/test/resources/log4j.properties
new file mode 100644
index 00000000..053eac17
--- /dev/null
+++ b/smcc/src/test/resources/log4j.properties
@@ -0,0 +1,19 @@
+# loglever DEBUG, appender STDOUT
+log4j.rootLogger=TRACE, STDOUT
+#log4j.logger.at.gv.egiz.slbinding.RedirectEventFilter=DEBUG, STDOUT
+
+# STDOUT appender
+log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender
+log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout
+#log4j.appender.STDOUT.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n
+#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
+log4j.appender.STDOUT.layout.ConversionPattern=%-5p |%d | %t | %c %x- %m%n
+
+### FILE appender
+#log4j.appender.file=org.apache.log4j.RollingFileAppender
+#log4j.appender.file.maxFileSize=100KB
+#log4j.appender.file.maxBackupIndex=9
+#log4j.appender.file.File=egovbus_ca.log
+#log4j.appender.file.threshold=info
+#log4j.appender.file.layout=org.apache.log4j.PatternLayout
+#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n \ No newline at end of file