summaryrefslogtreecommitdiffstats
path: root/base/common/src/org/dogtagpki/tps
diff options
context:
space:
mode:
Diffstat (limited to 'base/common/src/org/dogtagpki/tps')
-rw-r--r--base/common/src/org/dogtagpki/tps/TPSConnection.java25
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/APDU.java58
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/APDUResponse.java16
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/CreateObjectAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/CreateObject.java)6
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/CreatePinAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/CreatePin.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/DeleteFileAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/DeleteFile.java)13
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticate.java51
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticateAPDU.java110
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/FormatMuscleAppletAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/FormatMuscleApplet.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GenerateKeyAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GenerateKey.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECCAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECC.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GetDataAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GetData.java)6
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfoAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfo.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GetStatusAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GetStatus.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/GetVersionAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/GetVersion.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ImportKeyAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ImportKey.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ImportKeyEncAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ImportKeyEnc.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/InitializeUpdateAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/InitializeUpdate.java)21
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/InstallAppletAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/InstallApplet.java)6
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/InstallLoadAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/InstallLoad.java)6
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/LifecycleAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/Lifecycle.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ListObjectsAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ListObjects.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ListPinsAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ListPins.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/LoadFileAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/LoadFile.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/PutKeyAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/PutKey.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ReadBufferAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ReadBuffer.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/ReadObjectAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/ReadObject.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/SelectAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/Select.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfoAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfo.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/SetPinAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/SetPin.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/UnblockPinAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/UnblockPin.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/apdu/WriteObjectAPDU.java (renamed from base/common/src/org/dogtagpki/tps/apdu/WriteObject.java)4
-rw-r--r--base/common/src/org/dogtagpki/tps/main/TPSBuffer.java17
-rw-r--r--base/common/src/org/dogtagpki/tps/main/Util.java160
-rw-r--r--base/common/src/org/dogtagpki/tps/msg/TokenPDURequest.java6
35 files changed, 441 insertions, 144 deletions
diff --git a/base/common/src/org/dogtagpki/tps/TPSConnection.java b/base/common/src/org/dogtagpki/tps/TPSConnection.java
index 442d28dad..64f8cb906 100644
--- a/base/common/src/org/dogtagpki/tps/TPSConnection.java
+++ b/base/common/src/org/dogtagpki/tps/TPSConnection.java
@@ -53,12 +53,14 @@ public class TPSConnection {
// read the first parameter
while ((b = in.read()) >= 0) {
- char c = (char)b;
- if (c == '&') break;
+ char c = (char) b;
+ if (c == '&')
+ break;
sb.append(c);
}
- if (b < 0) throw new IOException("Unexpected end of stream");
+ if (b < 0)
+ throw new IOException("Unexpected end of stream");
// parse message size
String nvp = sb.toString();
@@ -68,19 +70,20 @@ public class TPSConnection {
sb.append('&');
// read the rest of message
- for (int i=0; i<size; i++) {
+ for (int i = 0; i < size; i++) {
b = in.read();
- if (b < 0) throw new IOException("Unexpected end of stream");
+ if (b < 0)
+ throw new IOException("Unexpected end of stream");
- char c = (char)b;
+ char c = (char) b;
sb.append(c);
}
CMS.debug("TPSMessage.read: Reading: " + sb.toString());
// parse the entire message
- return TPSMessage.createMessage(sb.toString());
+ return TPSMessage.createMessage(sb.toString());
}
public void write(TPSMessage message) throws IOException {
@@ -88,7 +91,6 @@ public class TPSConnection {
CMS.debug("TPSMessage.write: Writing: " + s);
-
if (chunked) {
// send message length + EOL
out.print(Integer.toHexString(s.length()));
@@ -98,11 +100,18 @@ public class TPSConnection {
// send message
out.print(s);
+ /*
+ *
+ * Right now, tpsclient is counting the final crlf as part of the message and ruining the MAC calculations
+ * For now do this and figure out later how to handle this for both tpsclient and esc.
+ *
if (chunked) {
// send EOL
out.print("\r\n");
}
+ */
+
out.flush();
}
}
diff --git a/base/common/src/org/dogtagpki/tps/apdu/APDU.java b/base/common/src/org/dogtagpki/tps/apdu/APDU.java
index c4f2c1769..c1aa51716 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/APDU.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/APDU.java
@@ -19,6 +19,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
import org.dogtagpki.tps.main.Util;
+import org.mozilla.jss.pkcs11.PK11SymKey;
+
+import com.netscape.certsrv.base.EBaseException;
public abstract class APDU {
@@ -140,8 +143,59 @@ public abstract class APDU {
return encoding;
}
- public void getDataToMAC(TPSBuffer data) {
- //ToDO
+ public TPSBuffer getDataToMAC() {
+ TPSBuffer mac = new TPSBuffer();
+
+ mac.add(cla);
+ mac.add(ins);
+ mac.add(p1);
+ mac.add(p2);
+ mac.add((byte) (data.size() + 8));
+ mac.add(data);
+
+ return mac;
+ }
+
+ public void secureMessage(PK11SymKey encKey) throws EBaseException {
+
+ if (encKey == null) {
+ throw new EBaseException("APDU.secureData: No input encrytion session key!");
+ }
+
+ int padNeeded = 0;
+
+ TPSBuffer dataToEnc = null;
+ TPSBuffer padding = null;
+ TPSBuffer dataEncrypted = null;
+
+ dataToEnc = new TPSBuffer();
+ dataToEnc.add((byte) data.size());
+ dataToEnc.add(data);
+
+ int dataSize = dataToEnc.size();
+ int rem = dataSize % 8;
+
+ if (rem == 0) {
+ padNeeded = 0;
+ } else if (dataSize < 8) {
+ padNeeded = 8 - dataSize;
+ } else {
+ padNeeded = 8 - rem;
+ }
+
+ if (padNeeded > 0) {
+ dataToEnc.add((byte) 0x80);
+ padNeeded--;
+
+ if (padNeeded > 0) {
+ padding = new TPSBuffer(padNeeded);
+ dataToEnc.add(padding);
+ }
+ }
+
+ dataEncrypted = Util.encryptData(dataToEnc, encKey);
+
+ data.set(dataEncrypted);
}
public Type getType() {
diff --git a/base/common/src/org/dogtagpki/tps/apdu/APDUResponse.java b/base/common/src/org/dogtagpki/tps/apdu/APDUResponse.java
index ef25cd204..9376a1f97 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/APDUResponse.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/APDUResponse.java
@@ -88,7 +88,7 @@ public class APDUResponse extends APDU {
}
//Get the two byte apdu return code
- byte[] getResultBytes() {
+ public byte[] getResultCodeBytes() {
byte[] result = new byte[2];
result[0] = getSW1();
@@ -96,6 +96,20 @@ public class APDUResponse extends APDU {
return result;
}
+ public TPSBuffer getResultDataNoCode() {
+
+ //Result code will be 2 bytes at the end.
+ TPSBuffer theData = getData();
+
+ TPSBuffer result = null;
+ int len = theData.size();
+ if (len > 2) {
+ result = theData.substr(0, len - 2);
+ }
+
+ return result;
+ }
+
public static void main(String args[]) {
APDUResponse resp = new APDUResponse();
diff --git a/base/common/src/org/dogtagpki/tps/apdu/CreateObject.java b/base/common/src/org/dogtagpki/tps/apdu/CreateObjectAPDU.java
index 04208aa3b..03ad05ff4 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/CreateObject.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/CreateObjectAPDU.java
@@ -23,7 +23,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class CreateObject extends APDU {
+public class CreateObjectAPDU extends APDU {
/**
* Constructs a Create Object APDU. This APDU is usually sent right
* before Write_Buffer_APDU is sent. This APDU only creates an Object
@@ -63,7 +63,7 @@ public class CreateObject extends APDU {
* @see APDU
*/
- public CreateObject(byte[] object_id, byte[] permissions, int len) {
+ public CreateObjectAPDU(byte[] object_id, byte[] permissions, int len) {
if (object_id.length != 4)
return;
@@ -108,7 +108,7 @@ public class CreateObject extends APDU {
byte[] object_id = { 0x01, 0x02, 0x3, 0x4 };
byte[] permisisons = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x6 };
- CreateObject apdu = new CreateObject(object_id, permisisons, 56);
+ CreateObjectAPDU apdu = new CreateObjectAPDU(object_id, permisisons, 56);
if (apdu != null) {
diff --git a/base/common/src/org/dogtagpki/tps/apdu/CreatePin.java b/base/common/src/org/dogtagpki/tps/apdu/CreatePinAPDU.java
index 3d7b9274c..c37d0d465 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/CreatePin.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/CreatePinAPDU.java
@@ -22,9 +22,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class CreatePin extends APDU {
+public class CreatePinAPDU extends APDU {
- public CreatePin(byte theP1, byte theP2, TPSBuffer theData) {
+ public CreatePinAPDU(byte theP1, byte theP2, TPSBuffer theData) {
setP1(theP1);
setP2(theP2);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/DeleteFile.java b/base/common/src/org/dogtagpki/tps/apdu/DeleteFileAPDU.java
index 475207dd6..9114b8af6 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/DeleteFile.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/DeleteFileAPDU.java
@@ -19,14 +19,13 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class DeleteFile extends APDU {
+public class DeleteFileAPDU extends APDU {
- public DeleteFile( TPSBuffer aid) {
+ public DeleteFileAPDU(TPSBuffer aid) {
setCLA((byte) 0x84);
- setINS((byte)0xE4);
- setP1((byte)0x00);
- setP2((byte)0x00);
-
+ setINS((byte) 0xE4);
+ setP1((byte) 0x00);
+ setP2((byte) 0x00);
TPSBuffer AIDTLV = new TPSBuffer();
@@ -43,7 +42,7 @@ public class DeleteFile extends APDU {
public APDU.Type getType() {
return APDU.Type.APDU_DELETE_FILE;
- }
+ }
public static void main(String[] args) {
// TODO Auto-generated method stub
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticate.java b/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticate.java
deleted file mode 100644
index d1337b886..000000000
--- a/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticate.java
+++ /dev/null
@@ -1,51 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2013 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.dogtagpki.tps.apdu;
-
-import org.dogtagpki.tps.main.TPSBuffer;
-
-public class ExternalAuthenticate extends APDU {
-
- public ExternalAuthenticate(TPSBuffer theData, byte securityLevel) {
-
- setCLA((byte) 0x84);
- setINS((byte) 0x82);
-
- setP1(securityLevel);
-
- setP2((byte) 0x00);
- setData(theData);
- }
-
- public TPSBuffer getHostCryptogram()
- {
- return getData();
- }
-
- @Override
- public APDU.Type getType()
- {
- return APDU.Type.APDU_EXTERNAL_AUTHENTICATE;
- }
-
- public static void main(String[] args) {
- // TODO Auto-generated method stub
-
- }
-
-}
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticateAPDU.java b/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticateAPDU.java
new file mode 100644
index 000000000..d824e8ce7
--- /dev/null
+++ b/base/common/src/org/dogtagpki/tps/apdu/ExternalAuthenticateAPDU.java
@@ -0,0 +1,110 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2013 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package org.dogtagpki.tps.apdu;
+
+import org.dogtagpki.tps.main.TPSBuffer;
+
+public class ExternalAuthenticateAPDU extends APDU {
+
+ public enum SecurityLevel {
+ SECURE_MSG_ANY,
+ SECURE_MSG_MAC,
+ SECURE_MSG_NONE, // not yet supported
+ SECURE_MSG_MAC_ENC,
+
+ }
+
+ public ExternalAuthenticateAPDU(TPSBuffer theData, SecurityLevel securityLevel) {
+ setCLA((byte) 0x84);
+ setINS((byte) 0x82);
+
+ setP1(securityLevelToByte(securityLevel));
+ setP2((byte) 0x0);
+
+ setData(theData);
+ }
+
+ public TPSBuffer getHostCryptogram()
+ {
+ return getData();
+ }
+
+ @Override
+ public APDU.Type getType()
+ {
+ return APDU.Type.APDU_EXTERNAL_AUTHENTICATE;
+ }
+
+ public static byte securityLevelToByte(SecurityLevel level) {
+ byte result = 0;
+
+ switch (level) {
+ case SECURE_MSG_ANY:
+ result = 0;
+ break;
+ case SECURE_MSG_MAC:
+ result = 1;
+ break;
+ case SECURE_MSG_NONE:
+ result = 2;
+ break;
+ case SECURE_MSG_MAC_ENC:
+ result = 3;
+ break;
+
+ default:
+ result = 0;
+ break;
+
+ }
+
+ return result;
+ }
+
+ public static SecurityLevel byteToSecurityLevel(byte level) {
+
+ SecurityLevel result = SecurityLevel.SECURE_MSG_ANY;
+
+ switch (level) {
+
+ case 0:
+ result = SecurityLevel.SECURE_MSG_ANY;
+ break;
+ case 1:
+ result = SecurityLevel.SECURE_MSG_MAC;
+ break;
+ case 2:
+ result = SecurityLevel.SECURE_MSG_NONE;
+ break;
+ case 3:
+ result = SecurityLevel.SECURE_MSG_MAC_ENC;
+ break;
+ default:
+ result = SecurityLevel.SECURE_MSG_ANY;
+ break;
+ }
+
+ return result;
+ }
+
+ public static void main(String[] args) {
+ // TODO Auto-generated method stub
+
+ }
+
+}
diff --git a/base/common/src/org/dogtagpki/tps/apdu/FormatMuscleApplet.java b/base/common/src/org/dogtagpki/tps/apdu/FormatMuscleAppletAPDU.java
index af4cec11a..3babdc1c5 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/FormatMuscleApplet.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/FormatMuscleAppletAPDU.java
@@ -25,8 +25,8 @@ import org.dogtagpki.tps.main.TPSBuffer;
/* Not sure this is used , provide stub right now. */
-public class FormatMuscleApplet extends APDU {
- public FormatMuscleApplet(short memSize,
+public class FormatMuscleAppletAPDU extends APDU {
+ public FormatMuscleAppletAPDU(short memSize,
TPSBuffer PIN0, byte pin0Tries,
TPSBuffer unblockPIN0, byte unblock0Tries,
TPSBuffer PIN1, byte pin1Tries,
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GenerateKey.java b/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyAPDU.java
index 47f45bb50..f11f132be 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GenerateKey.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyAPDU.java
@@ -23,9 +23,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GenerateKey extends APDU {
+public class GenerateKeyAPDU extends APDU {
- public GenerateKey(byte theP1, byte theP2, byte alg,
+ public GenerateKeyAPDU(byte theP1, byte theP2, byte alg,
int keysize, byte option,
byte type, TPSBuffer wrapped_challenge, TPSBuffer key_check) {
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECC.java b/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECCAPDU.java
index 3f9106723..6743822ad 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECC.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GenerateKeyECCAPDU.java
@@ -23,9 +23,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GenerateKeyECC extends APDU {
+public class GenerateKeyECCAPDU extends APDU {
- public GenerateKeyECC(byte theP1, byte theP2, byte alg,
+ public GenerateKeyECCAPDU(byte theP1, byte theP2, byte alg,
int keysize, byte option,
byte type, TPSBuffer wrapped_challenge, TPSBuffer key_check) {
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GetData.java b/base/common/src/org/dogtagpki/tps/apdu/GetDataAPDU.java
index b7b8be02c..7cd52fcd1 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GetData.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GetDataAPDU.java
@@ -22,9 +22,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GetData extends APDU {
+public class GetDataAPDU extends APDU {
- public GetData()
+ public GetDataAPDU()
{
setCLA((byte) 0x80);
setINS((byte) 0xCA);
@@ -53,7 +53,7 @@ public class GetData extends APDU {
} /* Encode */
public static void main(String[] args) {
- GetData get_data = new GetData();
+ GetDataAPDU get_data = new GetDataAPDU();
get_data.dump();
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfo.java b/base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfoAPDU.java
index 21fe1a77e..ede006a18 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfo.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GetIssuerInfoAPDU.java
@@ -22,7 +22,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GetIssuerInfo extends APDU {
+public class GetIssuerInfoAPDU extends APDU {
/**
* Constructs GetIssuer APDU.
*
@@ -45,7 +45,7 @@ public class GetIssuerInfo extends APDU {
* @param data issuer info
* @see APDU
*/
- public GetIssuerInfo()
+ public GetIssuerInfoAPDU()
{
setCLA((byte) 0x84);
setINS((byte) 0xF6);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GetStatus.java b/base/common/src/org/dogtagpki/tps/apdu/GetStatusAPDU.java
index 3b8c68fca..2479cc674 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GetStatus.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GetStatusAPDU.java
@@ -22,8 +22,8 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GetStatus extends APDU {
- public GetStatus()
+public class GetStatusAPDU extends APDU {
+ public GetStatusAPDU()
{
setCLA((byte) 0xB0);
setINS((byte) 0x3C);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/GetVersion.java b/base/common/src/org/dogtagpki/tps/apdu/GetVersionAPDU.java
index 9bdc27fa1..6e10df985 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/GetVersion.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/GetVersionAPDU.java
@@ -22,8 +22,8 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class GetVersion extends APDU {
- public GetVersion()
+public class GetVersionAPDU extends APDU {
+ public GetVersionAPDU()
{
setCLA((byte) 0xB0);
setINS((byte) 0x70);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ImportKey.java b/base/common/src/org/dogtagpki/tps/apdu/ImportKeyAPDU.java
index c17bfb825..a37e52831 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ImportKey.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ImportKeyAPDU.java
@@ -23,7 +23,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ImportKey extends APDU {
+public class ImportKeyAPDU extends APDU {
/**
* Constructs Import Key APDU.
*
@@ -46,7 +46,7 @@ public class ImportKey extends APDU {
* Byte[] Additional parameters; // Optional
* If KeyBlob's Encoding is BLOB_ENC_PLAIN(0x00), there are no additional parameters.
*/
- public ImportKey(byte p1)
+ public ImportKeyAPDU(byte p1)
{
setCLA((byte) 0x84);
setINS((byte) 0x32);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ImportKeyEnc.java b/base/common/src/org/dogtagpki/tps/apdu/ImportKeyEncAPDU.java
index c87a76ac8..ff01c6600 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ImportKeyEnc.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ImportKeyEncAPDU.java
@@ -23,7 +23,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ImportKeyEnc extends APDU {
+public class ImportKeyEncAPDU extends APDU {
/**
* Constructs Import Key Encrypted APDU.
@@ -47,7 +47,7 @@ public class ImportKeyEnc extends APDU {
* Import Parameters:
* ...to be provided
*/
- public ImportKeyEnc(byte p1, byte p2, TPSBuffer theData)
+ public ImportKeyEncAPDU(byte p1, byte p2, TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0x0A);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/InitializeUpdate.java b/base/common/src/org/dogtagpki/tps/apdu/InitializeUpdateAPDU.java
index 4016b96f4..4bc640108 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/InitializeUpdate.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/InitializeUpdateAPDU.java
@@ -23,12 +23,13 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class InitializeUpdate extends APDU {
+public class InitializeUpdateAPDU extends APDU {
/**
* Constructs Initialize Update APDU.
*/
- public InitializeUpdate(byte key_version, byte key_index, TPSBuffer theData) {
+ public InitializeUpdateAPDU(byte key_version, byte key_index, TPSBuffer theData) {
+ setCLA((byte) 0x80);
setINS((byte) 0x50);
setP1(key_version);
setP2(key_index);
@@ -47,16 +48,16 @@ public class InitializeUpdate extends APDU {
public TPSBuffer getEncoding()
{
- TPSBuffer data = new TPSBuffer();
+ TPSBuffer theData = new TPSBuffer();
- data.add(cla);
- data.add(ins);
- data.add(p1);
- data.add(p2);
- data.add((byte) data.size());
- data.add(data);
+ theData.add(cla);
+ theData.add(ins);
+ theData.add(p1);
+ theData.add(p2);
+ theData.add((byte) data.size());
+ theData.add(data);
- return data;
+ return theData;
} /* Encode */
}
diff --git a/base/common/src/org/dogtagpki/tps/apdu/InstallApplet.java b/base/common/src/org/dogtagpki/tps/apdu/InstallAppletAPDU.java
index 9e6206ac7..8f164e9d4 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/InstallApplet.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/InstallAppletAPDU.java
@@ -23,9 +23,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class InstallApplet extends APDU {
+public class InstallAppletAPDU extends APDU {
- public InstallApplet(TPSBuffer packageAID, TPSBuffer appletAID,
+ public InstallAppletAPDU(TPSBuffer packageAID, TPSBuffer appletAID,
byte appPrivileges, int instanceSize, int appletMemorySize)
{
setCLA((byte) 0x84);
@@ -79,7 +79,7 @@ public class InstallApplet extends APDU {
/**
* Constructs Install Applet APDU.
*/
- public InstallApplet(TPSBuffer theData)
+ public InstallAppletAPDU(TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0xE6);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/InstallLoad.java b/base/common/src/org/dogtagpki/tps/apdu/InstallLoadAPDU.java
index dc6d2b049..cb84b9382 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/InstallLoad.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/InstallLoadAPDU.java
@@ -23,9 +23,9 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class InstallLoad extends APDU {
+public class InstallLoadAPDU extends APDU {
- public InstallLoad(TPSBuffer packageAID, TPSBuffer sdAID,
+ public InstallLoadAPDU(TPSBuffer packageAID, TPSBuffer sdAID,
int fileLen)
{
@@ -55,7 +55,7 @@ public class InstallLoad extends APDU {
/**
* Constructs Install Load APDU. Used when data was pre-constructed
*/
- public InstallLoad(TPSBuffer theData)
+ public InstallLoadAPDU(TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0xE6);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/Lifecycle.java b/base/common/src/org/dogtagpki/tps/apdu/LifecycleAPDU.java
index e26a39ed9..051f663df 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/Lifecycle.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/LifecycleAPDU.java
@@ -21,11 +21,11 @@
package org.dogtagpki.tps.apdu;
-public class Lifecycle extends APDU {
+public class LifecycleAPDU extends APDU {
/**
* Constructs Lifecycle APDU.
*/
- public Lifecycle(byte lifecycle)
+ public LifecycleAPDU(byte lifecycle)
{
setCLA((byte) 0x84);
setINS((byte) 0xf0);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ListObjects.java b/base/common/src/org/dogtagpki/tps/apdu/ListObjectsAPDU.java
index b21cd111b..4d29506e6 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ListObjects.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ListObjectsAPDU.java
@@ -23,8 +23,8 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ListObjects extends APDU {
- public ListObjects(byte seq)
+public class ListObjectsAPDU extends APDU {
+ public ListObjectsAPDU(byte seq)
{
setCLA((byte) 0xB0);
setINS((byte) 0x58);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ListPins.java b/base/common/src/org/dogtagpki/tps/apdu/ListPinsAPDU.java
index 7ced5a21a..e9a5f49bf 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ListPins.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ListPinsAPDU.java
@@ -23,11 +23,11 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ListPins extends APDU {
+public class ListPinsAPDU extends APDU {
private byte ret_size = 0;
- public ListPins(byte theRet_size)
+ public ListPinsAPDU(byte theRet_size)
{
setCLA((byte) 0xB0);
setINS((byte) 0x48);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/LoadFile.java b/base/common/src/org/dogtagpki/tps/apdu/LoadFileAPDU.java
index 2b3f7e3f9..23e948c77 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/LoadFile.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/LoadFileAPDU.java
@@ -22,11 +22,11 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class LoadFile extends APDU {
+public class LoadFileAPDU extends APDU {
/**
* Constructs Load File APDU.
*/
- public LoadFile(byte refControl, byte blockNum, TPSBuffer theData)
+ public LoadFileAPDU(byte refControl, byte blockNum, TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0xE8);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/PutKey.java b/base/common/src/org/dogtagpki/tps/apdu/PutKeyAPDU.java
index 3d6f2a022..6a939e7ba 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/PutKey.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/PutKeyAPDU.java
@@ -22,11 +22,11 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class PutKey extends APDU {
+public class PutKeyAPDU extends APDU {
/**
* Constructs Put Key APDU.
*/
- public PutKey(byte p1, byte p2, TPSBuffer theData)
+ public PutKeyAPDU(byte p1, byte p2, TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0xd8);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ReadBuffer.java b/base/common/src/org/dogtagpki/tps/apdu/ReadBufferAPDU.java
index 7e1ab00c5..7c8159bf4 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ReadBuffer.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ReadBufferAPDU.java
@@ -22,11 +22,11 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ReadBuffer extends APDU {
+public class ReadBufferAPDU extends APDU {
/**
* Constructs Read Buffer APDU.
*/
- public ReadBuffer(int len, int offset)
+ public ReadBufferAPDU(int len, int offset)
{
setCLA((byte) 0x84);
setINS((byte) 0x08);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/ReadObject.java b/base/common/src/org/dogtagpki/tps/apdu/ReadObjectAPDU.java
index b78098305..f013a82aa 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/ReadObject.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/ReadObjectAPDU.java
@@ -22,7 +22,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class ReadObject extends APDU {
+public class ReadObjectAPDU extends APDU {
/**
* Constructs Read Object APDU.
*
@@ -52,7 +52,7 @@ public class ReadObject extends APDU {
* @see APDU
*/
- public ReadObject(byte[] object_id, int offset, int len)
+ public ReadObjectAPDU(byte[] object_id, int offset, int len)
{
setCLA((byte) 0x84);
setINS((byte) 0x56);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/Select.java b/base/common/src/org/dogtagpki/tps/apdu/SelectAPDU.java
index f01c00147..d0b492590 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/Select.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/SelectAPDU.java
@@ -22,8 +22,8 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class Select extends APDU {
- public Select(byte p1, byte p2, TPSBuffer theData)
+public class SelectAPDU extends APDU {
+ public SelectAPDU(byte p1, byte p2, TPSBuffer theData)
{
setCLA((byte) 0x00);
setINS((byte) 0xa4);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfo.java b/base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfoAPDU.java
index 316a0fd52..40ea1b1ac 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfo.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/SetIssuerInfoAPDU.java
@@ -22,7 +22,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class SetIssuerInfo extends APDU {
+public class SetIssuerInfoAPDU extends APDU {
/**
* Constructs SetIssuer APDU.
*
@@ -45,7 +45,7 @@ public class SetIssuerInfo extends APDU {
* @param data issuer info
* @see APDU
*/
- public SetIssuerInfo(byte p1, byte p2, TPSBuffer theData)
+ public SetIssuerInfoAPDU(byte p1, byte p2, TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0xF4);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/SetPin.java b/base/common/src/org/dogtagpki/tps/apdu/SetPinAPDU.java
index 8911c40dd..ddf46cd27 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/SetPin.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/SetPinAPDU.java
@@ -22,7 +22,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class SetPin extends APDU {
+public class SetPinAPDU extends APDU {
/**
* Constructs SetPin APDU.
*
@@ -45,7 +45,7 @@ public class SetPin extends APDU {
* @param data pin
* @see APDU
*/
- public SetPin(byte p1, byte p2, TPSBuffer theData)
+ public SetPinAPDU(byte p1, byte p2, TPSBuffer theData)
{
setCLA((byte) 0x84);
setINS((byte) 0x04);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/UnblockPin.java b/base/common/src/org/dogtagpki/tps/apdu/UnblockPinAPDU.java
index 620698c00..ae2486fa5 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/UnblockPin.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/UnblockPinAPDU.java
@@ -20,11 +20,11 @@
*/
package org.dogtagpki.tps.apdu;
-public class UnblockPin extends APDU {
+public class UnblockPinAPDU extends APDU {
/**
* Constructs Unblock Pin APDU.
*/
- public UnblockPin()
+ public UnblockPinAPDU()
{
setCLA((byte) 0x84);
setINS((byte) 0x02);
diff --git a/base/common/src/org/dogtagpki/tps/apdu/WriteObject.java b/base/common/src/org/dogtagpki/tps/apdu/WriteObjectAPDU.java
index bf64949ae..e8e4d63fa 100644
--- a/base/common/src/org/dogtagpki/tps/apdu/WriteObject.java
+++ b/base/common/src/org/dogtagpki/tps/apdu/WriteObjectAPDU.java
@@ -22,7 +22,7 @@ package org.dogtagpki.tps.apdu;
import org.dogtagpki.tps.main.TPSBuffer;
-public class WriteObject extends APDU {
+public class WriteObjectAPDU extends APDU {
/**
* Constructs Write Buffer APDU. This APDU is usually sent right after
* the Create_Object_APDU is sent. This APDU writes the actual object
@@ -60,7 +60,7 @@ public class WriteObject extends APDU {
* @param data
* @see APDU
*/
- public WriteObject(byte[] object_id, int offset, TPSBuffer data)
+ public WriteObjectAPDU(byte[] object_id, int offset, TPSBuffer data)
{
if (object_id.length != 4) {
return;
diff --git a/base/common/src/org/dogtagpki/tps/main/TPSBuffer.java b/base/common/src/org/dogtagpki/tps/main/TPSBuffer.java
index 1df8716fc..03ec46092 100644
--- a/base/common/src/org/dogtagpki/tps/main/TPSBuffer.java
+++ b/base/common/src/org/dogtagpki/tps/main/TPSBuffer.java
@@ -95,13 +95,20 @@ public class TPSBuffer {
}
public byte at(int i) {
- if (i < 0 || i > size()) {
+ if (i < 0 || i >= size()) {
return 0x0;
}
return buf[i];
}
+ public void setAt(int i, byte value) {
+ if (i < 0 || i >= size())
+ return;
+
+ buf[i] = value;
+ }
+
/**
* Returns true if the two buffers are the same length and contain
* the same byte at each offset.
@@ -126,6 +133,13 @@ public class TPSBuffer {
addBytes(addBytes);
}
+ public void set(TPSBuffer newContents) {
+ if (newContents == null)
+ return;
+
+ buf = newContents.toBytesArray();
+ }
+
/**
* Append operators.
*/
@@ -233,6 +247,7 @@ public class TPSBuffer {
result.append(HEX_DIGITS.charAt((c & 0xF0) >> 4));
result.append(HEX_DIGITS.charAt(c & 0x0F));
+ result.append("%");
}
diff --git a/base/common/src/org/dogtagpki/tps/main/Util.java b/base/common/src/org/dogtagpki/tps/main/Util.java
index aba6c6e1d..bef425215 100644
--- a/base/common/src/org/dogtagpki/tps/main/Util.java
+++ b/base/common/src/org/dogtagpki/tps/main/Util.java
@@ -23,23 +23,30 @@ package org.dogtagpki.tps.main;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
+import java.security.spec.AlgorithmParameterSpec;
-import com.netscape.cmsutil.util.Utils;
+import org.mozilla.jss.CryptoManager;
+import org.mozilla.jss.crypto.Cipher;
+import org.mozilla.jss.crypto.CryptoToken;
+import org.mozilla.jss.crypto.EncryptionAlgorithm;
+import org.mozilla.jss.crypto.IVParameterSpec;
+import org.mozilla.jss.pkcs11.PK11SymKey;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.cmsutil.util.Utils;
public class Util {
public Util() {
}
- public static byte[] str2ByteArray (String s) {
+ public static byte[] str2ByteArray(String s) {
int len = s.length() / 2;
+ byte[] ret = new byte[len];
- byte[] ret = new byte[len];
-
- for (int i = 0; i < len; i ++) {
- ret[i] = (byte) ((byte) Util.hexToBin(s.charAt(i*2)) * 16 + Util.hexToBin(s.charAt(i*2+1)));
+ for (int i = 0; i < len; i++) {
+ ret[i] = (byte) ((byte) Util.hexToBin(s.charAt(i * 2)) * 16 + Util.hexToBin(s.charAt(i * 2 + 1)));
}
return ret;
@@ -127,13 +134,152 @@ public class Util {
return result.toString();
}
+ public static String specialURLEncode(TPSBuffer data) {
+ return specialURLEncode(data.toBytesArray());
+ }
+
+ public static String specialURLEncode(byte data[]) {
+ StringBuffer sb = new StringBuffer();
+ for (int i = 0; i < data.length; i++) {
+ sb.append("#");
+ if ((data[i] & 0xff) < 16) {
+ sb.append("0");
+ }
+ sb.append(Integer.toHexString((data[i] & 0xff)));
+ }
+
+ return sb.toString().toUpperCase();
+ }
+
public static String specialEncode(TPSBuffer data) {
return Utils.SpecialEncode(data.toBytesArray());
}
+
+ public static TPSBuffer computeMAC(PK11SymKey symKey, TPSBuffer input, TPSBuffer icv) throws EBaseException {
+ TPSBuffer output = null;
+ TPSBuffer result = null;
+
+ int inputLen = input.size();
+
+ if (symKey == null || input == null || icv == null || icv.size() != 8) {
+ throw new EBaseException("Util.computeMAC: invalid input data!");
+ }
+
+ TPSBuffer macPad = new TPSBuffer(8);
+ macPad.setAt(0, (byte) 0x80);
+
+ CryptoToken token = null;
+
+ try {
+
+ token = CryptoManager.getInstance().getInternalKeyStorageToken();
+
+ Cipher cipher = token.getCipherContext(EncryptionAlgorithm.DES3_ECB);
+ result = new TPSBuffer(icv);
+
+ /* Process whole blocks */
+ int inputOffset = 0;
+ while (inputLen >= 8)
+ {
+ for (int i = 0; i < 8; i++)
+ {
+ //Xor implicitly converts bytes to ints, we convert answer back to byte.
+ byte a = (byte) (result.at(i) ^ input.at(inputOffset + i));
+ result.setAt(i, a);
+ }
+ cipher.initEncrypt(symKey);
+ byte[] ciphResult = cipher.doFinal(result.toBytesArray());
+
+ if (ciphResult.length != result.size()) {
+ throw new EBaseException("Invalid cipher in Util.computeMAC");
+ }
+
+ result = new TPSBuffer(ciphResult);
+
+ inputLen -= 8;
+ inputOffset += 8;
+ }
+
+ /*
+ * Fold in remaining data (if any)
+ * Set i to number of bytes processed
+ */
+ int i = 0;
+ for (i = 0; i < inputLen; i++)
+ {
+ byte a = (byte) (result.at(i) ^ input.at(i + inputOffset));
+ result.setAt(i, a);
+ }
+
+ /*
+ * Fill remainder of last block. There
+ * will be at least one byte handled here.
+ */
+
+ //Start at the beginning of macPad
+ // Keep going with i in result where we left off.
+ int padOffset = 0;
+ while (i < 8)
+ {
+ byte a = (byte) (result.at(i) ^ macPad.at(padOffset++));
+ result.setAt(i, a);
+ i++;
+ }
+
+ cipher.initEncrypt(symKey);
+ byte[] ciphResultFinal = cipher.doFinal(result.toBytesArray());
+
+ if (ciphResultFinal.length != result.size()) {
+ throw new EBaseException("Invalid cipher in Util.computeMAC");
+ }
+
+ output = new TPSBuffer(ciphResultFinal);
+
+ } catch (Exception e) {
+ throw new EBaseException("Util.computeMAC: Cryptographic problem encountered! " + e.toString());
+ }
+
+ return output;
+ }
+
public static TPSBuffer specialDecode(String str) {
- byte[] data = Utils.SpecialDecode(str);
+ byte[] data = uriDecodeFromHex(str);
TPSBuffer tbuf = new TPSBuffer(data);
return tbuf;
}
+
+ public static TPSBuffer encryptData(TPSBuffer dataToEnc, PK11SymKey encKey) throws EBaseException {
+
+ TPSBuffer encrypted = null;
+ if (encKey == null || dataToEnc == null) {
+ throw new EBaseException("Util.encryptData: called with no sym key or no data!");
+ }
+
+ CryptoToken token = null;
+ try {
+
+ token = CryptoManager.getInstance().getInternalKeyStorageToken();
+ Cipher cipher = token.getCipherContext(EncryptionAlgorithm.DES3_CBC);
+
+ AlgorithmParameterSpec algSpec = null;
+
+ int len = EncryptionAlgorithm.DES3_CBC.getIVLength();
+ byte[] iv = new byte[len]; // Assume iv set to 0's as in current TPS
+
+ algSpec = new IVParameterSpec(iv);
+ cipher.initEncrypt(encKey, algSpec);
+
+ byte[] encryptedBytes = cipher.doFinal(dataToEnc.toBytesArray());
+
+ encrypted = new TPSBuffer(encryptedBytes);
+
+ } catch (Exception e) {
+ throw new EBaseException("Util.encryptData: problem encrypting data: " + e.toString());
+ }
+
+ return encrypted;
+
+ }
+
}
diff --git a/base/common/src/org/dogtagpki/tps/msg/TokenPDURequest.java b/base/common/src/org/dogtagpki/tps/msg/TokenPDURequest.java
index 433338bc5..e27f98416 100644
--- a/base/common/src/org/dogtagpki/tps/msg/TokenPDURequest.java
+++ b/base/common/src/org/dogtagpki/tps/msg/TokenPDURequest.java
@@ -18,7 +18,7 @@
package org.dogtagpki.tps.msg;
import org.dogtagpki.tps.apdu.APDU;
-import org.dogtagpki.tps.apdu.Select;
+import org.dogtagpki.tps.apdu.SelectAPDU;
import org.dogtagpki.tps.main.TPSBuffer;
import org.dogtagpki.tps.main.Util;
@@ -44,13 +44,13 @@ public class TokenPDURequest extends TPSMessage {
public static void main(String[] args) {
- Select apdu = null;
+ SelectAPDU apdu = null;
byte[] select_aid = { (byte) 0xa0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0 };
TPSBuffer select = new TPSBuffer(select_aid);
- apdu = new Select((byte) 0x4, (byte) 0x0, select);
+ apdu = new SelectAPDU((byte) 0x4, (byte) 0x0, select);
TokenPDURequest request = new TokenPDURequest(apdu);
generated by cgit (git 2.34.1) at 2024-07-01 04:24:55 +0000