[Pcsclite-cvs-commit] r286 - in /trunk/MCardApplet: Custom.properties CustomCapabilities.properties common.xml src/com/musclecard/CardEdge/CardEdge.src
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Fri Mar 20 16:01:05 UTC 2009
Author: rousseau
Date: Fri Mar 20 16:01:04 2009
New Revision: 286
URL: http://svn.debian.org/wsvn/muscleplugins/?sc=1&rev=286
Log:
add support for extended APDUs in the ComputeCrypt() method
Thanks to João Poupino for the patch
http://www.mail-archive.com/opensc-devel@lists.opensc-project.org/msg03808.html
Modified:
trunk/MCardApplet/Custom.properties
trunk/MCardApplet/CustomCapabilities.properties
trunk/MCardApplet/common.xml
trunk/MCardApplet/src/com/musclecard/CardEdge/CardEdge.src
Modified: trunk/MCardApplet/Custom.properties
URL: http://svn.debian.org/wsvn/muscleplugins/trunk/MCardApplet/Custom.properties?rev=286&op=diff
==============================================================================
--- trunk/MCardApplet/Custom.properties (original)
+++ trunk/MCardApplet/Custom.properties Fri Mar 20 16:01:04 2009
@@ -1,5 +1,5 @@
-JAVA_BUILD_HOME=${basedir}/depends/jdk1.3.0_05
-JC_HOME=${basedir}/depends/jc22
+JAVA_BUILD_HOME=${basedir}/depends/jdk1.5.0_17
+JC_HOME=${basedir}/depends/jc222
CARD_NAME=Custom
API_JAR=${JC_HOME}/lib/api.jar
API_EXPORT_FILES=${JC_HOME}/api_export_files
Modified: trunk/MCardApplet/CustomCapabilities.properties
URL: http://svn.debian.org/wsvn/muscleplugins/trunk/MCardApplet/CustomCapabilities.properties?rev=286&op=diff
==============================================================================
--- trunk/MCardApplet/CustomCapabilities.properties (original)
+++ trunk/MCardApplet/CustomCapabilities.properties Fri Mar 20 16:01:04 2009
@@ -8,7 +8,7 @@
# -DWITH_SERIAL -DWRITE_LABEL_ONCE \
# -DWITH_SET_STATE -DWITH_DELETE_ID -DWITH_MOVE_KEY -DWITH_MOVE_OBJECT \
# -DWITH_CHANGE_ACL -DWITH_DELETE_KEY -DWITH_GET_CHALLENGE
-FEATURES = -DWITH_DSA -DWITH_RSA -DWITH_DES -DWITH_3DES -DWITH_SIGN -DWITH_ENCRYPT -DWITH_PIN_POLICY -DWITH_KEY_POLICY -DWITH_AES -DWITH_JC22 -DWITH_EXT_AUTH -DWITH_SET_STATE -DWITH_DELETE_ID -DWITH_MOVE_KEY -DWITH_MOVE_OBJECT -DWITH_CHANGE_ACL -DWITH_DELETE_KEY -DWITH_GET_CHALLENGE -DWITH_SERIAL
+FEATURES = -DWITH_RSA -DWITH_DES -DWITH_ENCRYPT -DWITH_SIGN -DWITH_KEY_POLICY -DWITH_AES -DWITH_JC22 -DWITH_GARBAGE_COLLECTION -DWITH_SET_STATE -DWITH_DELETE_ID -DWITH_MOVE_KEY -DWITH_MOVE_OBJECT -DWITH_CHANGE_ACL -DWITH_DELETE_KEY -DWITH_GET_CHALLENGE -DWITH_EXT_APDU
# We must enable selectively enable supported key lengths, cipher and signatures algorithms
@@ -20,7 +20,7 @@
# DSA
# -DWITH_DSA_512 -DWITH_DSA_768 -DWITH_DSA_1024
-DSAKEYLENGTHS = -DWITH_DSA_1024
+DSAKEYLENGTHS =
# AES
# -DWITH_AES_128 -DWITH_AES_192 -DWITH_AES_256
@@ -70,4 +70,4 @@
# -DWITH_AES_MAC_128_NOPAD
AESSIGNATUREALGORITHMS = -DWITH_AES_MAC_128_NOPAD
-CPPFLAGS = ${FEATURES} ${RSAKEYLENGTHS} ${AESKEYLENGTHS} ${DSAKEYLENGTHS} ${RSACIPHERALGORITHMS} ${DESCIPHERALGORITHMS} ${AESCIPHERALGORITHMS} ${DSASIGNATUREALGORITHMS} ${RSASIGNATUREALGORITHMS} ${DESSIGNATUREALGORITHMS} ${AESSIGNATUREALGORITHMS}
+CPPFLAGS = ${FEATURES} ${RSAKEYLENGTHS} ${AESKEYLENGTHS} ${DSAKEYLENGTHS} ${RSACIPHERALGORITHMS} ${DESCIPHERALGORITHMS} ${AESCIPHERALGORITHMS} ${DSASIGNATUREALGORITHMS} ${RSASIGNATUREALGORITHMS} ${DESSIGNATUREALGORITHMS} ${AESSIGNATUREALGORITHMS}
Modified: trunk/MCardApplet/common.xml
URL: http://svn.debian.org/wsvn/muscleplugins/trunk/MCardApplet/common.xml?rev=286&op=diff
==============================================================================
--- trunk/MCardApplet/common.xml (original)
+++ trunk/MCardApplet/common.xml Fri Mar 20 16:01:04 2009
@@ -22,7 +22,8 @@
<!-- The package name -->
<property name="PACKAGE_NAME" value="${JAVA_PACKAGE}"/>
<!--The AID of the package -->
- <property name="PACKAGE_AID" value="0xA0:00:00:03:0x23:01"/>
+ <!-- <property name="PACKAGE_AID" value="0xA0:00:00:03:0x23:01"/> -->
+ <property name="PACKAGE_AID" value="0xA0:00:00:00:01"/>
<!-- The major and minor version of the package -->
<property name="VERSION" value="${APPLET_VERSION_MAJOR}.${APPLET_VERSION_MINOR}"/>
<!-- The applet AID of the applet -->
@@ -206,4 +207,4 @@
</delete>
</target>
-</project>
+</project>
Modified: trunk/MCardApplet/src/com/musclecard/CardEdge/CardEdge.src
URL: http://svn.debian.org/wsvn/muscleplugins/trunk/MCardApplet/src/com/musclecard/CardEdge/CardEdge.src?rev=286&op=diff
==============================================================================
--- trunk/MCardApplet/src/com/musclecard/CardEdge/CardEdge.src (original)
+++ trunk/MCardApplet/src/com/musclecard/CardEdge/CardEdge.src Fri Mar 20 16:01:04 2009
@@ -17,6 +17,9 @@
import javacard.framework.*;
import javacard.security.*;
import javacardx.crypto.*;
+#ifdef WITH_EXT_APDU
+import javacardx.apdu.ExtendedLength;
+#endif
/**
* Implements MUSCLE's Card Edge Specification.<p>
@@ -40,6 +43,8 @@
* WITH_EXT_AUTH
* <li> Enable/Disable PIN Policy enforcement:
* WITH_PIN_POLICY
+ * <li> Enable/Disable Extended APDU support:
+ * WITH_EXT_APDU
* </ul>
* <li> C preprocessor defines<ul>
* <li> JAVA_PACKAGE: The name of Java package for this Applet
@@ -48,7 +53,11 @@
* </ul>
*/
+#ifdef WITH_EXT_APDU
+public class JAVA_APPLET extends javacard.framework.Applet implements ExtendedLength {
+#else
public class JAVA_APPLET extends javacard.framework.Applet {
+#endif
/* constants declaration */
@@ -61,6 +70,10 @@
private final static byte MAX_NUM_AUTH_KEYS = (byte) 6;
+#ifdef WITH_EXT_APDU
+ // Maximum size for the extended APDU buffer
+ private final static short EXT_APDU_BUFFER_SIZE = (short) 512;
+#endif
/* Pin policies constants (OR-ed in var pinPolicies) */
/** Enable pin size check */
private final static byte PIN_POLICY_SIZE = (byte) 0x01;
@@ -314,6 +327,9 @@
// OwnerPIN objects, allocated on demand
private OwnerPIN[] pins, ublk_pins;
+ // Buffer for storing extended APDUs
+ private byte[] recvBuffer;
+
/* Logged identities: this is used for faster access *
* control, so we don't have to ping each PIN object */
private short logged_ids;
@@ -589,22 +605,47 @@
STD_PUBLIC_ACL = new byte[KEY_ACL_SIZE];
for (byte i = (byte) 0; i < (byte) KEY_ACL_SIZE; i += (short) 2)
Util.setShort(STD_PUBLIC_ACL, i, (short)0x0000);
+#ifdef WITH_EXT_APDU
+ // Initialize the extended APDU buffer
+ recvBuffer = new byte[EXT_APDU_BUFFER_SIZE];
+#endif
setupDone = true;
}
/********** UTILITY FUNCTIONS **********/
- /* SendData() wraps the setGoing(), setLength(), .. stuff
- * that could be necessary to be fully JavaCard compliant
- * (the setOutgoingAndSend() could not work with all cards ?!?) */
+ /* SendData() wraps the setGoing(), setLength(), .. stuff *
+ * that could be necessary to be fully JavaCard compliant. */
private void sendData(APDU apdu, byte[] data, short offset, short size) {
+#ifdef WITH_EXT_APDU
+ if (size > EXT_APDU_BUFFER_SIZE)
+#else
if (size > 255)
+#endif
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
- Util.arrayCopyNonAtomic(data, offset, apdu.getBuffer(), (short) 0, size);
- apdu.setOutgoingAndSend((short) 0, size);
- }
-
+ apdu.setOutgoing();
+ apdu.setOutgoingLength(size);
+ apdu.sendBytesLong(data, offset, size);
+ }
+
+#ifdef WITH_EXT_APDU
+ /* Retrieves the full contents from the apdu object in case of */
+ /* an extended APDU. */
+ private void getData(APDU apdu, byte[] src, short bytesRead, byte[] dst) {
+ short recvLen = 0;
+ short apduOffset = bytesRead;
+
+ Util.arrayCopyNonAtomic(src, (short) 0, dst, (short) 0, apduOffset);
+ do {
+ recvLen = apdu.receiveBytes((short) 0);
+ Util.arrayCopyNonAtomic(src, (short) 0, dst, apduOffset, recvLen);
+ apduOffset += recvLen;
+ } while(recvLen > 0);
+
+ }
+
+#endif
/* Retrieves the Cipher object to be used w/ the specified key *
* and algorithm id (Cipher.ALG_XX). *
* If exists, check it has the proper algorithm and throws *
@@ -866,11 +907,29 @@
* APDU handlers *
****************************************/
- private void ComputeCrypt(APDU apdu, byte[] buffer) {
+ private void ComputeCrypt(APDU apdu, byte[] apduBuffer) {
+ /* Buffer pointer */
+ byte[] buffer = apduBuffer;
+ short dataOffset = apdu.getOffsetCdata();
+#ifdef WITH_EXT_APDU
+ short LC = apdu.getIncomingLength();
+ short bytesLeft = apdu.setIncomingAndReceive();
+
+ if((short) (LC + dataOffset) > EXT_APDU_BUFFER_SIZE)
+ ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
+
+ /* Is this an extended APDU? */
+ if(bytesLeft != LC) {
+ getData(apdu, apduBuffer, (short) (dataOffset + bytesLeft), recvBuffer);
+ buffer = recvBuffer;
+ bytesLeft = LC;
+ }
+#else
short bytesLeft = Util.makeShort((byte) 0x00,
buffer[ISO7816.OFFSET_LC]);
if (bytesLeft != apdu.setIncomingAndReceive())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
+#endif
byte key_nb = buffer[ISO7816.OFFSET_P1];
@@ -895,14 +954,14 @@
case OP_INIT:
if (bytesLeft < 3)
ISOException.throwIt(SW_INVALID_PARAMETER);
- byte ciph_mode = buffer[ISO7816.OFFSET_CDATA];
- ciph_dir = buffer[(short) (ISO7816.OFFSET_CDATA + 1)];
+ byte ciph_mode = buffer[dataOffset];
+ ciph_dir = buffer[(short) (dataOffset + 1)];
byte ciph_alg_id;
- data_location = buffer[(short) (ISO7816.OFFSET_CDATA + 2)];
+ data_location = buffer[(short) (dataOffset + 2)];
switch (data_location) {
case DL_APDU:
src_buff = buffer;
- src_base = (short) (ISO7816.OFFSET_CDATA + 3);
+ src_base = (short) (dataOffset + 3);
src_avail = (short) (bytesLeft - 3);
break;
case DL_OBJECT:
@@ -1025,13 +1084,13 @@
/* Don't know what is incorrect: just say incorrect parameters
* we guess it was specified a wrong key number */
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
- data_location = buffer[ISO7816.OFFSET_CDATA];
+ data_location = buffer[dataOffset];
switch (data_location) {
case DL_APDU:
src_buff = mem.getBuffer();
// Skip Data Location byte.
- src_base = (short) (ISO7816.OFFSET_CDATA + 1);
+ src_base = (short) (dataOffset + 1);
src_avail = (short) (bytesLeft - 1);
break;
case DL_OBJECT:
@@ -1100,11 +1159,11 @@
/* Don't know what is incorrect: just say incorrect parameters
* we guess it was specified a wrong key number */
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
- data_location = buffer[ISO7816.OFFSET_CDATA];
+ data_location = buffer[dataOffset];
switch (data_location) {
case DL_APDU:
src_buff = buffer;
- src_base = (short) (ISO7816.OFFSET_CDATA + 1);
+ src_base = (short) (dataOffset + 1);
src_avail = (short) (bytesLeft - 1);
break;
case DL_OBJECT:
More information about the Pcsclite-cvs-commit
mailing list