From f1cba2de17ba136292291f38021dd8c9f10de740 Mon Sep 17 00:00:00 2001
From: tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>
Date: Tue, 30 Aug 2011 10:30:26 +0000
Subject: smcc update for ECDSA/RIPEMD160

 * RIPEMD160 support for old cards which don't support SHA-256 yet
 * Rename CERITIFIED_KEYPAIR -> CERTIFIED_KEYPAIR


git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@960 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
---
 smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java')

diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java
index 70a1e06c..6af5aac8 100644
--- a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java
+++ b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java
@@ -224,7 +224,7 @@ PINMgmtSignatureCard {
 	      if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
 	        aid = AID_SIG;
 	        fid = EF_C_CH_DS;
-	      } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+	      } else if (keyboxName == KeyboxName.CERTIFIED_KEYPAIR) {
 	        aid = AID_DEC;
 	        fid = EF_C_CH_EKEY;
 	      } else {
@@ -286,7 +286,7 @@ PINMgmtSignatureCard {
 	          && (alg == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(alg))) {
 	        dst.write((byte) 0x14); // SHA-1/ECC
 	        md = MessageDigest.getInstance("SHA-1");
-	      } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)
+	      } else if (KeyboxName.CERTIFIED_KEYPAIR.equals(keyboxName)
 	          && (alg == null || "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg))) {
 	        dst.write((byte) 0x12); // SHA-1 with padding according to PKCS#1 block type 01
 	        md = MessageDigest.getInstance("SHA-1");
@@ -295,11 +295,15 @@ PINMgmtSignatureCard {
 	          && "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(alg)) {
 	        dst.write((byte) 0x44); // SHA-256/ECC
 	        md = MessageDigest.getInstance("SHA256");
-	      } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)
+	      } else if (KeyboxName.CERTIFIED_KEYPAIR.equals(keyboxName)
 	          && appVersion >= 2
 	          && "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(alg)) {
 	        dst.write((byte) 0x41); // SHA-256 with padding according to PKCS#1
 	        md = MessageDigest.getInstance("SHA256");
+	      } else if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)
+	          && "http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160".equals(alg)) {
+	        dst.write((byte) 0x14); // No RIPEMD support - use SHA-1/ECC
+	        md = MessageDigest.getInstance("RIPEMD160");
 	      } else {
 	        throw new SignatureCardException("Card does not support signature algorithm " + alg + ".");
 	      }
@@ -331,7 +335,7 @@ PINMgmtSignatureCard {
 	        // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATRE
 	        return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel);
 	    
-	      } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) {
+	      } else if (KeyboxName.CERTIFIED_KEYPAIR.equals(keyboxName)) {
 	        
 	        // SELECT application
 	        execSELECT_AID(channel, AID_DEC);
-- 
cgit v1.2.3