コード例 #1
0
        public ResponseAPDU unwrap(ResponseAPDU response)
        {
            if ((mSecurityLevel & net.SecurityLevel.R_MAC) != 0)
            {
                if (response.Data.Length < 8)
                {
                    throw new Exception("Response data length must be at least 8 bytes.");
                }

                if (mRMACStream == null)
                {
                    throw new Exception("No corresponding wrapped command found while R-MAC security level set. Secure channel can only work correctly if " +
                                        "for each wrapped command the corresponding response be unwrapped immediately.");
                }
                int realResponseLength = response.Data.Length - 8;
                mRMACStream.WriteByte((byte)realResponseLength);
                mRMACStream.Write(response.Data, 0, realResponseLength);
                mRMACStream.WriteByte((byte)response.SW1);
                mRMACStream.WriteByte((byte)response.SW2);

                mRICV = CryptoUtil.SingleDESFullTripleDESMAC(mSessionKeys.RmacKey, mRICV, CryptoUtil.DESPad(mRMACStream.ToArray()));

                byte[] realMac = new byte[8];
                System.Array.Copy(response.Data, realResponseLength, realMac, 0, 8);
                if (Enumerable.SequenceEqual(realMac, mRICV))
                {
                    throw new Exception("Invalid R-MAC.");
                }
                mRMACStream = null;
                response    = new ResponseAPDU(response.SW1, response.SW2, CryptoUtil.SubArray(response.Data, 0, realResponseLength));
            }
            return(response);
        }
コード例 #2
0
        public CommandAPDU wrap(CommandAPDU command)
        {
            // Apply R-MAC
            if ((mSecurityLevel & net.SecurityLevel.R_MAC) != 0)
            {
                if (mRMACStream != null)
                {
                    throw new Exception("There exists an unwrapped response while R-MAC security level set. Secure channel can only work correctly if " +
                                        "for each wrapped command the corresponding response be unwrapped immediately.");
                }
                mRMACStream = new MemoryStream();

                //Clear 3 LSB of CLA
                mRMACStream.WriteByte((byte)(command.CLA & ~0x07));
                mRMACStream.WriteByte((byte)command.INS);
                mRMACStream.WriteByte((byte)command.P1);
                mRMACStream.WriteByte((byte)command.P2);
                if (command.LC > 0)
                {
                    mRMACStream.WriteByte((byte)command.LC);
                    mRMACStream.Write(command.Data, 0, command.Data.Length);
                }
            }

            if ((mSecurityLevel & (net.SecurityLevel.C_MAC | net.SecurityLevel.C_DECRYPTION)) == 0)
            {
                return(command);
            }

            int secureCLA = command.CLA;

            byte[] wrappedData     = null;
            int    wrappedDataSize = command.LC;

            MemoryStream commandStream = new MemoryStream();

            int maxCommandSize = 255;

            if ((mSecurityLevel & net.SecurityLevel.C_MAC) != 0)
            {
                maxCommandSize -= 8;
            }
            if ((mSecurityLevel & net.SecurityLevel.C_DECRYPTION) != 0)
            {
                maxCommandSize -= 8;
            }
            if (command.LC > maxCommandSize)
            {
                throw new Exception("APDU command too large. Max command length = 255 - 8(for C-MAC if present) - 8(for C-DECRYTPION padding if present).");
            }

            if ((mSecurityLevel & net.SecurityLevel.C_MAC) != 0)
            {
                if (mFirstCommandInChain)
                {
                    mFirstCommandInChain = false;
                }
                else if (mICVEncryption)
                {
                    if (mSCPIdentifier == GlobalPlatform.SCP_01)
                    {
                        mICV = CryptoUtil.TripleDESECB(new Key(mSessionKeys.MacKey.BuildTripleDesKey()), mICV,
                                                       CryptoUtil.MODE_ENCRYPT);
                    }
                    else
                    {
                        mICV = CryptoUtil.DESECB(new Key(mSessionKeys.MacKey.BuildDesKey()), mICV,
                                                 CryptoUtil.MODE_ENCRYPT);
                    }
                } // If ICV Encryption

                if (mApplyToModifiedAPDU)
                {
                    secureCLA        = command.CLA | 0x04;
                    wrappedDataSize += 8;
                }

                commandStream.WriteByte((byte)secureCLA);
                commandStream.WriteByte((byte)command.INS);
                commandStream.WriteByte((byte)command.P1);
                commandStream.WriteByte((byte)command.P2);
                commandStream.WriteByte((byte)wrappedDataSize);
                commandStream.Write(command.Data, 0, command.Data.Length);
                if (mSCPIdentifier == GlobalPlatform.SCP_01)
                {
                    mICV = CryptoUtil.FullTripleDESMAC(mSessionKeys.MacKey, mICV, CryptoUtil.DESPad(commandStream.ToArray()));
                }
                else
                {
                    mICV = CryptoUtil.SingleDESFullTripleDESMAC(mSessionKeys.MacKey, mICV, CryptoUtil.DESPad(commandStream.ToArray()));
                }

                if (!mApplyToModifiedAPDU)
                {
                    secureCLA        = command.CLA | 0x04;
                    wrappedDataSize += 8;
                }
                wrappedData   = command.Data;
                commandStream = new MemoryStream();
            } // If C-MAC

            if (((mSecurityLevel & net.SecurityLevel.C_DECRYPTION) != 0) && command.LC > 0)
            {
                if (mSCPIdentifier == GlobalPlatform.SCP_01)
                {
                    if ((command.LC + 1) % 8 != 0)
                    {
                        commandStream.WriteByte((byte)command.LC);
                        commandStream.Write(command.Data, 0, command.Data.Length);
                        byte[] paddedData = CryptoUtil.DESPad(commandStream.ToArray());
                        commandStream = new MemoryStream();
                        commandStream.Write(paddedData, 0, paddedData.Length);
                    }
                    else
                    {
                        commandStream.WriteByte((byte)command.LC);
                        commandStream.Write(command.Data, 0, command.Data.Length);
                    }
                } // If SCP '01'
                else
                {
                    byte[] paddedData = CryptoUtil.DESPad(command.Data);
                    commandStream.Write(paddedData, 0, paddedData.Length);
                }
                wrappedDataSize += (int)(commandStream.Length - command.Data.Length);
                wrappedData      = CryptoUtil.TripleDESCBC(new Key(mSessionKeys.EncKey.BuildTripleDesKey()),
                                                           CryptoUtil.BINARY_ZEROS_8_BYTE_BLOCK, commandStream.ToArray(), CryptoUtil.MODE_ENCRYPT);
                commandStream = new MemoryStream();
            }  // If C-DECRYPTION
            commandStream.WriteByte((byte)secureCLA);
            commandStream.WriteByte((byte)command.INS);
            commandStream.WriteByte((byte)command.P1);
            commandStream.WriteByte((byte)command.P2);
            if (wrappedDataSize > 0)
            {
                commandStream.WriteByte((byte)wrappedDataSize);
                commandStream.Write(wrappedData, 0, wrappedData.Length);
            }

            if ((mSecurityLevel & net.SecurityLevel.C_MAC) != 0)
            {
                commandStream.Write(mICV, 0, mICV.Length);
            }
            if (command.LE > 0)
            {
                commandStream.WriteByte((byte)command.LE);
            }

            return(new CommandAPDU(commandStream.ToArray()));
        }