private static Privileges getInstPrivs(bool isDefault, bool doTerminate)
{
Privileges privs = new Privileges();
if (isDefault)
{
privs.add(Privilege.CardReset);
}
if (doTerminate)
{
privs.add(Privilege.CardLock);
privs.add(Privilege.CardTerminate);
}
return(privs);
}
private static Privileges addPrivs(Privileges privs, String v)
{
String[] parts = v.Split(',');
foreach (String s in parts)
{
bool found = false;
foreach (Privilege p in Privileges.getEnumList())
{
if (s.Trim() == Enum.GetName(typeof(Privilege), p))
{
found = true;
privs.add(p);
break;
}
}
if (!found)
{
throw new Exception("Unknown privilege: " + s.Trim());
}
}
return(privs);
}
// TODO: implement GP 2.2 table 6.2
// TODO: bitmasks as symbolics, KAT tests
// See GP 2.2.1 Tables 11-7, 11-8, 11-9
// See GP 2.1.1 Table 9-7 (matches 2.2 Table 11-7)
public static Privileges fromBytes(byte[] data)
{
if (data.Length != 1 && data.Length != 3)
{
throw new Exception("Privileges must be encoded on 1 or 3 bytes");
}
Privileges p = new Privileges();
// Process first byte
int b1 = data[0] & 0xFF;
if ((b1 & 0x80) == 0x80)
{
p.privs.Add(Privilege.SecurityDomain);
}
if ((b1 & 0xC1) == 0xC0)
{
p.privs.Add(Privilege.DAPVerification);
}
if ((b1 & 0xA0) == 0xA0)
{
p.privs.Add(Privilege.DelegatedManagement);
}
if ((b1 & 0x10) == 0x10)
{
p.privs.Add(Privilege.CardLock);
}
if ((b1 & 0x8) == 0x8)
{
p.privs.Add(Privilege.CardTerminate);
}
if ((b1 & 0x4) == 0x4)
{
p.privs.Add(Privilege.CardReset);
}
if ((b1 & 0x2) == 0x2)
{
p.privs.Add(Privilege.CVMManagement);
}
if ((b1 & 0xC1) == 0xC1)
{
p.privs.Add(Privilege.MandatedDAPVerification);
}
if (data.Length > 1)
{
int b2 = data[1] & 0xFF;
if ((b2 & 0x80) == 0x80)
{
p.privs.Add(Privilege.TrustedPath);
}
if ((b2 & 0x40) == 0x40)
{
p.privs.Add(Privilege.AuthorizedManagement);
}
if ((b2 & 0x20) == 0x20)
{
p.privs.Add(Privilege.TokenVerification); // XXX: mismatch in spec
}
if ((b2 & 0x10) == 0x10)
{
p.privs.Add(Privilege.GlobalDelete);
}
if ((b2 & 0x8) == 0x8)
{
p.privs.Add(Privilege.GlobalLock);
}
if ((b2 & 0x4) == 0x4)
{
p.privs.Add(Privilege.GlobalRegistry);
}
if ((b2 & 0x2) == 0x2)
{
p.privs.Add(Privilege.FinalApplication);
}
if ((b2 & 0x1) == 0x1)
{
p.privs.Add(Privilege.GlobalService);
}
int b3 = data[2] & 0xFF;
if ((b3 & 0x80) == 0x80)
{
p.privs.Add(Privilege.ReceiptGeneration);
}
if ((b3 & 0x40) == 0x40)
{
p.privs.Add(Privilege.CipheredLoadFileDataBlock);
}
if ((b3 & 0x20) == 0x20)
{
p.privs.Add(Privilege.ContactlessActivation);
}
if ((b3 & 0x10) == 0x10)
{
p.privs.Add(Privilege.ContactlessSelfActivation);
}
if ((b3 & 0xF) != 0x0)
{
// RFU
throw new Exception("RFU bits set in privileges!");
}
}
return(p);
}
private void installAndMakeSelectable(AID packageAID, AID appletAID, AID instanceAID, Privileges privileges, byte[] installParams, byte[] installToken)
{
if (instanceAID == null)
{
instanceAID = appletAID;
}
//if (getRegistry().allAppletAIDs().Contains(instanceAID))
//{
//giveStrictWarning("Instance AID " + instanceAID + " is already present on card");
//}
if (installParams == null)
{
installParams = new byte[] { (byte)0xC9, 0x00 };
}
if (installToken == null)
{
installToken = new byte[0];
}
byte[] privs = privileges.toBytes();
ByteArrayOutputStream bo = new ByteArrayOutputStream();
try
{
bo.Write((byte)packageAID.getLength());
bo.Write(packageAID.getBytes());
bo.Write((byte)appletAID.getLength());
bo.Write(appletAID.getBytes());
bo.Write((byte)instanceAID.getLength());
bo.Write(instanceAID.getBytes());
bo.Write((byte)privs.Length);
bo.Write(privs);
bo.Write((byte)installParams.Length);
bo.Write(installParams);
bo.Write((byte)installToken.Length);
bo.Write(installToken);
}
catch (IOException ioe)
{
throw new Exception(ioe.Message);
}
GPInstallRequest install = new GPInstallRequest(GPInstructionEnum.Install, bo.ToByteArray(), 0x0C, 0x00);
//System.Diagnostics.Debug.WriteLine(install.ToPrintString());
GPInstallResponse response = (GPInstallResponse)SendCommand(install);
if (response.SW != (ushort)ISO7816ReturnCodes.SW_NO_ERROR)
{
throw new Exception("Install for Install and make selectable failed");
}
}
public void installCapFile(MemoryStream capFile)
{
//final File capfile;
//capfile = (File)args.valueOf(OPT_INSTALL);
CapFile instcap = new CapFile(capFile);
// Only install if cap contains a single applet
if (instcap.getAppletAIDs().Count == 0)
{
throw new Exception("No applets in CAP");
}
if (instcap.getAppletAIDs().Count > 1)
{
throw new Exception("CAP contains more than one applet");
}
GPRegistry reg = getRegistry();
Privileges privs = getInstPrivs(isDefaultApplet, isAppletTerminate);
// Remove existing default app
if (doForceInstallApplet && (reg.getDefaultSelectedAID() != null && privs.has(Privilege.CardReset)))
{
deleteAID(reg.getDefaultSelectedAID(), false);
}
// Remove existing load file
if (doForceInstallApplet && reg.allPackageAIDs().Contains(instcap.getPackageAID()))
{
deleteAID(instcap.getPackageAID(), true);
}
try
{
loadCapFile("", instcap);
//System.err.println("CAP loaded");
}
catch (Exception e)
{
//if (e.sw == 0x6985 || e.sw == 0x6A80)
//{
// System.err.println("Applet loading failed. Are you sure the CAP file (JC version, packages) is compatible with your card?");
//}
throw e;
}
// Take the applet AID from CAP but allow to override
AID appaid = instcap.getAppletAIDs()[0];
//if (args.has(OPT_APPLET))
//{
// appaid = (AID)args.valueOf(OPT_APPLET);
//}
//if (args.has(OPT_CREATE))
//{
// appaid = (AID)args.valueOf(OPT_CREATE);
//}
if (getRegistry().allAIDs().Contains(appaid))
{
//System.err.println("WARNING: Applet " + appaid + " already present on card");
throw new Exception("Applet " + appaid + " already present on card");
}
installAndMakeSelectable(instcap.getPackageAID(), appaid, null, privs, getInstParams(null), null);
}