A small -info command (need to still print more information)

martinpaljak · Jan 24, 2014 · b0adab8 · b0adab8
1 parent cc5be51
commit b0adab8
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 23 deletions.
diff --git a/src/openkms/gpj/GPJTool.java b/src/openkms/gpj/GPJTool.java
@@ -9,7 +9,6 @@
 import java.util.Vector;
 
 import javax.smartcardio.Card;
-import javax.smartcardio.CardChannel;
 import javax.smartcardio.CardException;
 import javax.smartcardio.CardTerminal;
 import javax.smartcardio.CardTerminals;
@@ -55,6 +54,7 @@ final class InstallEntry {
 
 		boolean format = false;
 		boolean listReaders = false;
+		boolean showInfo = false;
 
 		int apduMode = GlobalPlatform.APDU_MAC;
 
@@ -79,6 +79,8 @@ final class InstallEntry {
 					listReaders = true;
 				} else if (args[i].equals("-list")) {
 					listApplets = true;
+				} else if (args[i].equals("-info")) {
+					showInfo = true;
 				} else if (args[i].equals("-keyver")) {
 					i++;
 					keyVersion = Integer.parseInt(args[i]);
@@ -289,14 +291,24 @@ final class InstallEntry {
 						}
 					}
 
-					if (verbose) {
+					if (verbose || showInfo) {
 						System.out.println("Found card in reader: " + terminal.getName());
 						System.out.println("ATR: " + GPUtils.byteArrayToString(c.getATR().getBytes()));
 					}
-					CardChannel channel = c.getBasicChannel();
-					GlobalPlatform service = new GlobalPlatform(channel);
+
+					GlobalPlatform service = new GlobalPlatform(c.getBasicChannel());
+
+					if (showInfo) {
+						// Print CPLC
+						System.out.println("CPLC: ");
+						GlobalPlatformData.print_cplc_data(service.getCPLC());
+
+					}
+
 					service.setVerbose(verbose);
 					service.setStrict(!relax);
+
+					// Select sdAID
 					service.select(sdAID);
 
 					// TODO: make the APDU mode a parameter, properly adjust
@@ -418,6 +430,7 @@ public static void usage() {
 		System.out.println(" -verbose          print more information about card and ");
 		System.out.println(" -readers          print all found card raders");
 		System.out.println(" -relax            relax checks (lockup warning!)");
+		System.out.println(" -info             show interesting information about cards");
 		System.out.println(" -sdaid <aid>      security Domain AID (default: auto-detect)");
 		System.out.println(" -keyver <num>     use key version <num> (default: 0)");
 		System.out.println(" -keyid <num>      use key ID <num> (default: 0)");

diff --git a/src/openkms/gpj/GlobalPlatform.java b/src/openkms/gpj/GlobalPlatform.java
@@ -31,10 +31,8 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.Arrays;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.TreeMap;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
@@ -47,7 +45,6 @@
 import javax.smartcardio.CommandAPDU;
 import javax.smartcardio.ResponseAPDU;
 
-import openkms.gpj.KeySet.KeyDiversification;
 import openkms.gpj.KeySet.KeyType;
 
 
@@ -78,22 +75,20 @@ public class GlobalPlatform {
 	public static final byte INS_INSTALL = (byte) 0xE6;
 	public static final byte INS_LOAD = (byte) 0xE8;
 	public static final byte INS_DELETE = (byte) 0xE4;
-	public static final byte INS_GP_GET_STATUS_F2 = (byte) 0xF2;
+	public static final byte INS_GET_STATUS = (byte) 0xF2;
 
 	// AID of the card successfully selected or null
 	public AID sdAID = null;
 
 	public static final byte[] defaultKey = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F };
 
-	static final IvParameterSpec iv_null = new IvParameterSpec(new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 });
-	public static Map<String, byte[]> SPECIAL_MOTHER_KEYS = new TreeMap<String, byte[]>();
+	private static final byte[] iv_null_bytes = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+	private static final IvParameterSpec iv_null = new IvParameterSpec(iv_null_bytes);
 
-
-	public static final int defaultLoadSize = 255;
+	public static final int defaultLoadSize = 255; // TODO: Check CardData
 	protected SecureChannelWrapper wrapper = null;
 	private CardChannel channel = null;
 	protected int scpVersion = SCP_ANY;
-	private final HashMap<Integer, KeySet> keys = new HashMap<Integer, KeySet>();
 
 	private byte[] cplc = null;
 	protected boolean verbose = false;
@@ -376,7 +371,7 @@ public void openSecureChannel(KeySet staticKeys, int scpVersion, int securityLev
 			throw new RuntimeException(ioe);
 		}
 
-		byte[] myCryptogram = GPUtils.mac_3des(sessionKeys.getKey(KeyType.ENC), GPUtils.pad80(bo.toByteArray()), new byte[8]);
+		byte[] myCryptogram = GPUtils.mac_3des(sessionKeys.getKey(KeyType.ENC), GPUtils.pad80(bo.toByteArray()), iv_null_bytes);
 
 		byte[] cardCryptogram = new byte[8];
 		System.arraycopy(update_response, 20, cardCryptogram, 0, 8);
@@ -392,7 +387,7 @@ public void openSecureChannel(KeySet staticKeys, int scpVersion, int securityLev
 			throw new RuntimeException(ioe);
 		}
 
-		byte[] authData = GPUtils.mac_3des(sessionKeys.getKey(KeyType.ENC), GPUtils.pad80(bo.toByteArray()), new byte[8]);
+		byte[] authData = GPUtils.mac_3des(sessionKeys.getKey(KeyType.ENC), GPUtils.pad80(bo.toByteArray()), iv_null_bytes);
 
 		wrapper = new SecureChannelWrapper(sessionKeys, scpVersion, APDU_MAC, null, null);
 		CommandAPDU externalAuthenticate = new CommandAPDU(CLA_MAC, ISO7816.INS_EXTERNAL_AUTHENTICATE_82, securityLevel, 0, authData);
@@ -454,7 +449,7 @@ public KeySet deriveSessionKeysSCP02(KeySet staticKeys, byte seq1, byte seq2, bo
 			System.arraycopy(constantMAC, 0, derivationData, 0, 2);
 
 			Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
-			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.MAC), "DESede"), new IvParameterSpec(new byte[8]));
+			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.MAC), "DESede"), iv_null);
 			sessionKeys.setKey(KeyType.MAC, cipher.doFinal(derivationData));
 
 			// TODO: is this correct?
@@ -473,19 +468,19 @@ public KeySet deriveSessionKeysSCP02(KeySet staticKeys, byte seq1, byte seq2, bo
 			System.arraycopy(constantRMAC, 0, derivationData, 0, 2);
 
 
-			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.MAC), "DESede"), new IvParameterSpec(new byte[8]));
+			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.MAC), "DESede"), iv_null);
 			sessionKeys.setKey(KeyType.RMAC, cipher.doFinal(derivationData));;
 
 			byte[] constantENC = new byte[] { (byte) 0x01, (byte) 0x82 };
 			System.arraycopy(constantENC, 0, derivationData, 0, 2);
 
-			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.ENC), "DESede"), new IvParameterSpec(new byte[8]));
+			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.ENC), "DESede"), iv_null);
 			sessionKeys.setKey(KeyType.ENC, cipher.doFinal(derivationData));
 
 			byte[] constantDEK = new byte[] { (byte) 0x01, (byte) 0x81 };
 			System.arraycopy(constantDEK, 0, derivationData, 0, 2);
 
-			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.KEK), "DESede"), new IvParameterSpec(new byte[8]));
+			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(staticKeys.get3DES(KeyType.KEK), "DESede"), iv_null);
 			sessionKeys.setKey(KeyType.KEK, cipher.doFinal(derivationData));
 
 		}  catch (BadPaddingException e) {
@@ -722,7 +717,7 @@ public AIDRegistry getStatus() throws CardException, IOException {
 		int[] p1s = { 0x80, 0x40 };
 		for (int p1 : p1s) {
 			ByteArrayOutputStream bo = new ByteArrayOutputStream();
-			CommandAPDU getStatus = new CommandAPDU(CLA_GP, INS_GP_GET_STATUS_F2, p1, 0x00, new byte[] { 0x4F, 0x00 });
+			CommandAPDU getStatus = new CommandAPDU(CLA_GP, INS_GET_STATUS, p1, 0x00, new byte[] { 0x4F, 0x00 });
 			ResponseAPDU response = transmit(getStatus);
 			short sw = (short) response.getSW();
 
@@ -734,7 +729,7 @@ public AIDRegistry getStatus() throws CardException, IOException {
 			bo.write(response.getData());
 
 			while (response.getSW() == 0x6310) {
-				getStatus = new CommandAPDU(CLA_GP, INS_GP_GET_STATUS_F2, p1, 0x01, new byte[] { 0x4F, 0x00 });
+				getStatus = new CommandAPDU(CLA_GP, INS_GET_STATUS, p1, 0x01, new byte[] { 0x4F, 0x00 });
 				response = transmit(getStatus);
 
 				bo.write(response.getData());
@@ -774,7 +769,7 @@ public AIDRegistry getStatus() throws CardException, IOException {
 				continue;
 			}
 			ByteArrayOutputStream bo = new ByteArrayOutputStream();
-			CommandAPDU getStatus = new CommandAPDU(CLA_GP, INS_GP_GET_STATUS_F2, p1, 0x00, new byte[] { 0x4F, 0x00 });
+			CommandAPDU getStatus = new CommandAPDU(CLA_GP, INS_GET_STATUS, p1, 0x00, new byte[] { 0x4F, 0x00 });
 			ResponseAPDU response = transmit(getStatus);
 			short sw = (short) response.getSW();
 			if ((sw != ISO7816.SW_NO_ERROR) && (sw != (short) 0x6310)) {
@@ -789,7 +784,7 @@ public AIDRegistry getStatus() throws CardException, IOException {
 			bo.write(response.getData());
 
 			while (response.getSW() == 0x6310) {
-				getStatus = new CommandAPDU(CLA_GP, INS_GP_GET_STATUS_F2, p1, 0x01, new byte[] { 0x4F, 0x00 });
+				getStatus = new CommandAPDU(CLA_GP, INS_GET_STATUS, p1, 0x01, new byte[] { 0x4F, 0x00 });
 				response = transmit(getStatus);
 				bo.write(response.getData());