CFCA.rar_ cfca_CA认证_ca java_ca和cfca_javacard

package cfcap; //import org.globalplatform.*; import javacard.framework.Applet; //import javacard.framework.ISO7816; //import javacard.framework.APDU; import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacard.framework.APDU; import javacard.security.*; //import javacard.framework.JCSystem; //import javacard.security.CryptoException; //import javacard.security.KeyBuilder; //import javacard.security.KeyPair; //import javacard.security.RSAPrivateKey; //import javacard.security.RSAPublicKey; //import javacard.security.Signature; import javacardx.crypto.*; import javacard.framework.Util; /** * @author Administrator * */ public class cfcaa extends Applet { // private SecureChannel secureChannel; RSAPrivateCrtKey priKey; /* 定义RSA私钥对象 */ RSAPublicKey pubKey; /* 定义RSA公钥对象 */ RSAPublicKey OpubKey; /* 定义对方RSA公钥对象 */ Cipher rsaCipher; /* 定义RSA算法对象 */ KeyPair keyPair; /* 定义RSA密钥对对象 */ /* 定义RSA公钥指数并初始化 */ byte pubexp[] = {(byte)0x01,(byte)0x00,(byte)0x01}; byte data[]; /* 定义一个byte型数组存放被加密数据 */ byte cdata[]; /* 定义一个byte型数组存放加密结果 */ byte mdata[]; /* 定义一个byte型数组存放解密结果 */ byte sigbuf[]; /* 定义一个byte型数组存放签名数据 */ Signature rsaSig; /* 签名对象 */ short modlen; /* 模的长度 */ byte CFCACA[]; byte CFCAPWD[]; // byte Omod[];/* 定义对方RSA密钥的模并初始化 */ protected cfcaa() { /* 初始化算法类型 得到一个RSA算法的实例 * ALG_RSA_PKCS1 是算法的类型,可以改成以下多种 * ALG_RSA_NOPAD * ALG_RSA_PKCS1_OAEP * */ rsaCipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false); // Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false); // Cipher oCipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false); /* 创建私钥 */ priKey = (RSAPrivateCrtKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_CRT_PRIVATE, KeyBuilder.LENGTH_RSA_1024, false); /* 设置私钥指数*/ // priKey.setExponent(priexp, (short)0,(short)128); /* 设置私钥的模*/ // priKey.setModulus(mod,(short)0,(short)128); /* 创建公钥*/ pubKey = (RSAPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_1024, false); OpubKey = (RSAPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_1024, false); // /* 设置公钥的模*/ // OpubKey.setModulus(mod, (short)0,(short)128); // /* 设置公钥的指数*/ // OpubKey.setExponent(pubexp,(short)0,(short)3); data = new byte[256]; cdata = new byte[256]; mdata = new byte[256]; sigbuf = new byte[256]; CFCACA = new byte[1024]; CFCAPWD= new byte[20]; // Omod = new byte[128]; rsaSig = Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1, false);//Signature.getInstance(Signature.ALG_RSA_SHA_ISO9796, false); } public static void install(byte[] bArray, short bOffset, byte bLength) { // GP-compliant JavaCard applet registration // new cfcaa().register(bArray, (short) (bOffset + 1), bArray[bOffset]); new cfcaa().register(); } public void process(APDU apdu) { // // Good practice: Return 9000 on SELECT // if (selectingApplet()) { // return; // } // // byte[] buf = apdu.getBuffer(); // switch (buf[ISO7816.OFFSET_INS]) { // case (byte) 0x00: // break; // default: // // good practice: If you don't know the INStruction, say so: // ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); // } short len; if (selectingApplet()) { /* select applet apdu comand: 00A40400+appletaidlength+appletaid */ return; } byte[] apdubuf = apdu.getBuffer(); // short Len = apdu.setIncomingAndReceive(); switch (apdubuf[ISO7816.OFFSET_INS]) { case (byte) 0xE0: /* send apdu 8000000000*/ //generate key pair keyPair = new KeyPair(pubKey, priKey); keyPair.genKeyPair(); // keyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_1024);//(short)1024); // keyPair.genKeyPair(); /* 生成密钥对 */ priKey = (RSAPrivateCrtKey)keyPair.getPrivate(); /* 取得到RSA私钥 */ pubKey = (RSAPublicKey) keyPair.getPublic(); /* 取得到RSA公钥 */ //OpubKey = (RSAPublicKey) keyPair.getPublic(); /* 取得到RSA公钥 */ len = pubKey.getModulus(apdubuf, (short) 0); /* 取得到RSA的模 */ apdu.setOutgoingAndSend((short)0, (short)len); /* 返回RSA的模 */ break; case (byte) 0xE1: /* send apdu 8001000000 返回公钥指数 */ len = pubKey.getExponent(apdubuf, (short)0); apdu.setOutgoingAndSend((short)0, (short)len); break; case (byte) 0xE2: /* send apdu 8002000000 返回公钥的模 */ len = pubKey.getModulus(apdubuf, (short)0); apdu.setOutgoingAndSend((short)0, (short)128); break; case (byte) 0xE3: /* send apdu 8003000000 返回私钥指数 */ len = priKey.getDP1(apdubuf, (short)0); apdu.setOutgoingAndSend((short)0, (short)128); break; case (byte)0xE4: /* send apdu 8004000000 用public钥对(0-255) 256个字节的数据进行加密*/ // for ( short i = 0; i < 256; i++) // data[i] =(byte)i; Util.arrayCopyNonAtomic(apdubuf,(short)5,data,(short)0,(short)(apdubuf[4]&0xFF)); // rsaCipher.init(priKey, Cipher.MODE_ENCRYPT); // len = rsaCipher.doFinal(data, (short)0,(short)128, apdubuf,(short)0); // //len = rsaCipher.doFinal(data, (short)0,(short)128, apdubuf,(short)0); // apdu.setOutgoingAndSend((short)0, (short)128); //rsaCipher.init(priKey, Cipher.MODE_ENCRYPT); rsaCipher.init(pubKey, Cipher.MODE_ENCRYPT); //len = rsaCipher.doFinal(data, (short)0,(short)(apdubuf[4]&0xFF), apdubuf,(short)0); len = rsaCipher.doFinal(data, (short)0,(short)(apdubuf[4]&0xFF), sigbuf,(short)0); Util.arrayCopyNonAtomic(sigbuf,(short)0,apdubuf,(short)0,(short)128); apdu.setOutgoingAndSend((short)0, (short)128); break; case (byte)0xE5: /* send apdu 8005000000 用private对(0-255) 256个字节的数据进行加密*/ // for ( short i = 0; i < 256; i++) // data[i] =(byte)i; Util.arrayCopyNonAtomic(apdubuf,(short)5,data,(short)0,(short)(apdubuf[4]&0xFF)); // rsaCipher.init(pubKey, Cipher.MODE_ENCRYPT); //rsaCipher.init(pubKey, Cipher.MODE_DECRYPT); rsaCipher.init(priKey, Cipher.MODE_DECRYPT); //len = rsaCipher.doFinal(data, (short)0,(short)128, apdubuf,(short)0); len = rsaCipher.doFinal(data, (short)0,(short)(apdubuf[4]&0xFF), apdubuf,(short)0); apdu.setOutgoingAndSend((short)0, (short)len); break; case (byte)0xE6: /* private key encrypt then public key decrypt */ // for ( short i = 0; i < 256; i++) // data[i] =(byte)i; Util.arrayCopyNonAtomic(apdubuf,(short)5,data,(short)0,(short)(apdubuf[4]&0xFF)); rsaCipher.init(priKey, Cipher.MODE_ENCRYPT); len = rsaCipher.doFinal(data, (short)0,(short)(apdubuf[4]&0xFF), cdata,(short)0); // //LSB added --------------------------------------------------------- // Util.arrayCopyNonAtomic(cdata, (short)0, apdubuf, (short)0, (short)len); // apdubuf[0]=(byte)len; // apdu.setOutgoingAndSend((short)0, (short)128); // //----------------------------------------------- //apdu.waitExtension(); rsaCipher.init(pubKey,Cipher.MODE_DECRYPT); len = rsaCipher.doFinal(cdata, (short)0,(short)len, mdata,(short)0); // //LSB added --------------------------------------------------------- // Util.arrayCopyNonAtomic(mdata, (short)0, apdubuf, (short)0, (short)len); // apdu.setOutgoingAndSend((short)0, (short)len); // //----------------------------------------------- //apdu.waitExtension(); if(Util.arrayCompare(data,(short)0,mdata,(short)0,(short)128)==0){ Util.arrayCopyNonAtomic(data, (short)0, apdubuf, (short)0, (short)128); apdu.setOutgoingAndSend((short)0, (short)128); } else{ Util.arrayCopyNonAtomic(data, (short)0, apdubuf, (short)0, (short)1