Skip to content

Commit

Permalink
martinpaljak#153: Sign APDU data for token with crypto.Cipher (RSA/EC…
Browse files Browse the repository at this point in the history 
…B/PKCS1Padding) instead of security.Signature
  • Loading branch information
@gregorjohannson
gregorjohannson committed Feb 19, 2019
1 parent d480e4e commit 3338d5c
Showing 1 changed file with 10 additions and 11 deletions.
21 changes: 10 additions & 11 deletions src/main/java/pro/javacard/gp/DelegatedManagementHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,14 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.crypto.Cipher;
import javax.smartcardio.CommandAPDU;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.Signature;

public class DelegatedManagementHandler {
private static final Logger logger = LoggerFactory.getLogger(DelegatedManagementHandler.class);
private static final String acceptedSignatureAlgorithm = "SHA1withRSA";
private static final String acceptedSignatureAlgorithm = "RSA/ECB/PKCS1Padding";
private PrivateKey key;

public DelegatedManagementHandler(PrivateKey key) {
Expand All @@ -33,13 +32,13 @@ public CommandAPDU applyToken(CommandAPDU apdu) {
newData.write(token);
}
return new CommandAPDU(apdu.getCLA(), apdu.getINS(), apdu.getP1(), apdu.getP2(), newData.toByteArray());
} catch (IOException e) {
} catch (Exception e) {
throw new RuntimeException("Could not add DM token to constructed APDU", e);
}
}

private static byte[] calculateToken(CommandAPDU apdu, PrivateKey key) {
return signSignatureData(key, getTokenData(apdu), acceptedSignatureAlgorithm);
return signData(key, getTokenData(apdu));
}

private static byte[] getTokenData(CommandAPDU apdu) {
Expand All @@ -55,14 +54,14 @@ private static byte[] getTokenData(CommandAPDU apdu) {
}
}

private static byte[] signSignatureData(PrivateKey privateKey, byte[] signatureData, String signatureAlgorithm) {
private static byte[] signData(PrivateKey privateKey, byte[] apduData) {
try {
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initSign(privateKey);
signature.update(signatureData);
return signature.sign();
Cipher cipher = Cipher.getInstance(acceptedSignatureAlgorithm);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);

return cipher.doFinal(apduData);
} catch (Exception e) {
throw new RuntimeException("Could not create signature with instance " + signatureAlgorithm, e);
throw new RuntimeException("Could not create signature with instance " + acceptedSignatureAlgorithm, e);
}
}

Expand Down

0 comments on commit 3338d5c

Please sign in to comment.