private cardTest() {
// Instantiate all object the applet will ever need
// pin= new OwnerPIN(MAX_LENGTH, MAX_ATTEMPTS);
// if(bArray==null){//check
// If no pin is passed as parameter at installation time use default 0000
// pin.update(new byte[] {0x00,0x00,0x00,0x00}, (short) 0, (byte) 0x04);
// }
// else {
// pin.update(bArray, bOffset, bLength);
// }
try {
// Set signature algorithm
sig = Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1, false);
// Generate the card keys
keys.genKeyPair();
// Get the public key
k = (RSAPublicKey) keys.getPublic();
// Get the private key
k2 = (RSAPrivateKey) keys.getPrivate();
// Initialize the signature object with card private key
sig.init(k2, Signature.MODE_SIGN);
} catch (CryptoException ex) {
ISOException.throwIt((short) (ex.getReason()));
} catch (SecurityException ex) {
ISOException.throwIt((short) (0x6F10));
} catch (Exception ex) {
ISOException.throwIt((short) (0x6F20));
}
}
/**
* Get <code>ECPublicKeyParameters</code>
*
* @return parameters for use with BouncyCastle API
* @see ECPublicKeyParameters
*/
public CipherParameters getParameters() {
if (!isInitialized()) {
CryptoException.throwIt(CryptoException.UNINITIALIZED_KEY);
}
ECDomainParameters dp = getDomainParameters();
return new ECPublicKeyParameters(
dp.getCurve().decodePoint(w.getBytes(JCSystem.CLEAR_ON_RESET)), dp);
}
/**
* Pads the input according to the RSASSA-PSS algorithm, the result is placed in output. The input
* should be 20-byte SHA1 hash of the message to be signed. This method *does not* do signing
* (encrypting) itself. Due to the randomness of this algorithm the subsequent signing may fail
* (when the result of this method is larger than the key modulus) in which case the padding
* should be attempted again.
*/
private void pssPad(
byte[] input,
short inOffset,
short hashLen,
byte[] output,
short outputOffset,
short emLen,
byte firstKeyByte)
throws CryptoException {
do {
short hLen = hashLen;
short outOffset = outputOffset;
if (hLen != SHA1_LEN
|| (short) (inOffset + hLen) > input.length
|| (short) (outOffset + emLen) > output.length) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
}
short sLen = SHA1_LEN;
short psLen = (short) (emLen - sLen - hLen - 2);
Util.arrayFillNonAtomic(output, outOffset, emLen, (byte) 0x00);
md.update(output, outOffset, (short) 8);
md.update(input, inOffset, hLen);
rd.generateData(output, (short) (outOffset + psLen + 1), sLen);
md.doFinal(output, (short) (outOffset + psLen + 1), sLen, tmp, TMP_HASH_OFFSET);
output[(short) (outOffset + psLen)] = (byte) 0x01;
Util.arrayFillNonAtomic(output, outOffset, psLen, (byte) 0x00);
short hOffset = (short) (outOffset + emLen - hLen - 1);
Util.arrayCopyNonAtomic(tmp, TMP_HASH_OFFSET, output, hOffset, hLen);
output[(short) (outOffset + emLen - 1)] = (byte) 0xbc;
tmp[(short) (TMP_C_OFFSET + C_LEN - 1)] = 0;
while (outOffset < hOffset) {
md.update(output, hOffset, hLen);
md.doFinal(tmp, TMP_C_OFFSET, C_LEN, tmp, TMP_HASH_OFFSET);
if ((short) (outOffset + hLen) > hOffset) {
hLen = (short) (hOffset - outOffset);
}
for (short i = 0; i < hLen; i++) {
output[outOffset++] ^= tmp[(short) (TMP_HASH_OFFSET + i)];
}
tmp[(short) (TMP_C_OFFSET + C_LEN - 1)]++;
}
} while (firstKeyByte <= tmp[TMP_OFFSET]);
}