Package javax.smartcardio

Examples of javax.smartcardio.ResponseAPDU


    sr.nextBytes(nonceT);
    sr.nextBytes(nonceT2);
    //Card handshake INS=0x20 ; response length=2bytes cardID+16bytes nonceR+8bytes signature
    CommandAPDU challenge1 = new CommandAPDU((byte) 0x00, (byte) 0x20,(byte) 0x00, (byte) 0x00,nonceT,18+8);
    if(ch==null) throw new CardException("Card not present!");
    ResponseAPDU res= ch.transmit(challenge1);
    byte[] buff= res.getData();
    if (res.getSW() !=  0x9000){
      Utilities.writeToLogs(home,"[E] Error reading the card. Aborting operation. Error while handshake - step 1 !=0x9000 "+cID);
      System.out.println("[!] Error reading the card. Aborting operation. "); throw new CardException("Error while handshake - step 1");
    }
    else{
      //Step 2: recover data from response APDU = cardID, nonceR
      //----------------------------------------------------------

      // CardID goes in plaintext
      byte[] cardID=Arrays.copyOfRange(buff, 16, 18);
      cID=Integer.toString((int)Utilities.getShort(cardID, 0)); //We put the read CardID in the cID variable for logging purposes

      //We check if the card is blacklisted; if it is, block it && break handshake
      if(isBlacklisted(cardID)){
        Utilities.writeToLogs(home,"[E] Error: Blacklisted card handshake attempt "+cID);
        System.out.println("[!] Error: your card is blocked. Go to the closest CheapKnip Customer Service Point");
        CARD_LEGIT=false;
        CommandAPDU blockCard = new CommandAPDU((byte) 0x00, INS_BLOCK_CARD,(byte) 0x00, (byte) 0x00);
        res= ch.transmit(blockCard);
        System.exit(-1);
      }

      // Compute & init card keys
      if (AES_KEY_CARD==null)
        AES_KEY_CARD=getKeyFromCardID();
      if (sk==null)
        initSignatureKey(cardID);
      if(!verifySignature(buff, 18)){
        Utilities.writeToLogs(home,"[E] Error: check that your card is a CheapKnip card(SIGNATURE CHECK FAILED) "+cID);
        System.out.println("[!] Error: check that your card is a CheapKnip card");
        CARD_LEGIT=false;
        return;
      }

      // Decrypt nonceR --> AES(nonceR)K
      byte[] cryptoBuff = decryptAES128(buff,0,16);
      byte[] nonceR    = Arrays.copyOf(cryptoBuff,8);

      byte[] nonceC_T2=new byte[16];
      //Recover nonceC from Card: nonceR XOR nonceT
      //We put nonceC in the first 8 bytes of the array
      for(int i=0;i<8;i++){
        nonceC_T2[i]=(byte)((nonceR[i])^(nonceT[i]));
      }
      for(int i=8;i<16;i++){
        nonceC_T2[i]=nonceT2[i-8];
      }
      //encrypt properly nonceC_T2

      //Step3: we send AES(nonceC,nonceT2)K back to the card and wait for response AES(nonceR2)K
      //----------------------------------------------------------
      byte[] enc_nonceC_T2=encryptAES128(nonceC_T2, 0, 16);
      //Note in step3: state is a parameter; P1 is 0x10!!
      CommandAPDU challenge2 = new CommandAPDU((byte) 0x00, INS_HANDSHAKE,(byte) 0x10, (byte) 0x00,enc_nonceC_T2,16+8);
      res= ch.transmit(challenge2);
      buff= res.getData();
      if(!verifySignature(buff, 16)){
        Utilities.writeToLogs(home,"[E] Card error. Remove your card & try again(SIGNATURE FAILED) "+cID);
        System.out.println("[!] Card error. Remove your card & try again");
        CARD_LEGIT=false;
        return;
      }
      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error reading the card. Aborting operation. Error while handshake - step 3 "+cID);
        throw new CardException("Error while handshake - step 3");
      }
      else{
        //Step 4: check if card is legit: nonceT2 should be the same than the one in memory
View Full Code Here


        Utilities.writeToLogs(home, "[E] Card was teared! Card ID:"+cID);
        System.out.println("Card was teared. Terminal will now reboot.");
        System.exit(-1);
      }
      CommandAPDU dataApdu = new CommandAPDU((byte) 0x00, INS_GET_OWNER_INFO,(byte) 0x00, (byte) 0x00,100);
      ResponseAPDU res        = ch.transmit(dataApdu);

      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error while reading Card Balance.  Aborting operation. != 0x9000 "+cID);
        throw new CardException("Error while reading Card Balance.  Aborting operation.");
      }
      else{
        String userdata= Utilities.byteArrayToHexString(res.getData());
        String name    = userdata.substring(0, 40);
        String address = userdata.substring(40, 94);
        String date    = userdata.substring(94,100);

        System.out.printf("[+] Mr/Ms. %s \n",Utilities.hex2ascii(name))
View Full Code Here

   * @author Eduardo Novella & Rafael Boix
   */
  private SecretKeySpec getKeyFromCardID() throws CardException{
    SecretKeySpec k = null;
    CommandAPDU cardIDrequest = new CommandAPDU((byte) 0x00, (byte) 0x69,(byte) 0x00, (byte) 0x00,2);
    ResponseAPDU res= ch.transmit(cardIDrequest);
    byte[] cardID= res.getData();
    if (res.getSW() !=  0x9000){
      Utilities.writeToLogs(home,"[E] Error reading card ID. Check card connection & reader. ");
      throw new CardException("Error while reading Card ID");
    }
    else{
      //We set K as the CardID encrypted with the master key
View Full Code Here

        Utilities.writeToLogs(home, "[E] Card was teared! Card ID:"+cID);
        System.out.println("Card was teared. Terminal will now reboot.");
        System.exit(-1);
      }
      CommandAPDU cardIDrequest = new CommandAPDU((byte) 0x00, INS_GET_TRNSCT_LOG,(byte) 0x00, (byte) 0x00,60);
      ResponseAPDU res= ch.transmit(cardIDrequest);
      byte[] trLog= res.getData();
      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error while reading transaction log. "+cID);
        throw new CardException("Error while reading transaction log.");
      }
      else{
        if(!verifySignature(trLog, 52))
View Full Code Here

        if (c.isCardPresent()){
          try{
            card = c.connect("*");
            try{
              ch =card.getBasicChannel();
              ResponseAPDU resp = ch.transmit(SELECT_APDU);
              terminal=c;

              if (resp.getSW() !=  0x9000){
                Utilities.writeToLogs(home,"[E] Problems: Card Device not selectable != 0x9000");
                throw new Exception("[!] Problems: Card Device not selectable");
              }

            }catch(Exception e){
View Full Code Here

    sr.nextBytes(nonceT);
    sr.nextBytes(nonceT2);
    //Card handshake INS=0x20 ; response length=2bytes cardID+16bytes nonceR+8bytes signature
    CommandAPDU challenge1 = new CommandAPDU((byte) 0x00, (byte) 0x20,(byte) 0x00, (byte) 0x00,nonceT,18+8);
    if(ch==null) throw new CardException("Card not present!");
    ResponseAPDU res= ch.transmit(challenge1);
    byte[] buff= res.getData();
    if (res.getSW() !=  0x9000){
      Utilities.writeToLogs(home,"[E] Error reading the card. Aborting operation. Error while handshake - step 1 !=0x9000 "+cID);
      System.out.println("[!] Error reading the card. Aborting operation. ");
      System.exit(-1);
    }
    else{
      //Step 2: recover data from response APDU = cardID, nonceR
      //----------------------------------------------------------

      // CardID goes in plaintext
      byte[] cardID=Arrays.copyOfRange(buff, 16, 18);
      cID=Integer.toString((int)Utilities.getShort(cardID, 0)); //We put the read CardID in the cID variable for logging purposes

      //We check if the card is blacklisted; if it is, block it && break handshake
      if(isBlacklisted(cardID)){
        Utilities.writeToLogs(home,"[E] Error: Blacklisted card handshake attempt "+cID);
        System.out.println("[!] Error: your card is blocked. Go to the closest CheapKnip Customer Service Point");
        CARD_LEGIT=false;
        CommandAPDU blockCard = new CommandAPDU((byte) 0x00, INS_BLOCK_CARD,(byte) 0x00, (byte) 0x00);
        res= ch.transmit(blockCard);
        System.exit(-1);
      }

      // Compute & init card keys
      if (AES_KEY_CARD==null)
        AES_KEY_CARD=getKeyFromCardID();
      if (sk==null)
        initSignatureKey(cardID);
      if(!verifySignature(buff, 18)){
        Utilities.writeToLogs(home,"[E] Error: check that your card is a CheapKnip card(SIGNATURE CHECK FAILED) "+cID);
        System.out.println("[!] Error: check that your card is a CheapKnip card");
        CARD_LEGIT=false;
        return;
      }

      // Decrypt nonceR --> AES(nonceR)K
      byte[] cryptoBuff = decryptAES128(buff,0,16);
      byte[] nonceR    = Arrays.copyOf(cryptoBuff,8);

      byte[] nonceC_T2=new byte[16];
      //Recover nonceC from Card: nonceR XOR nonceT
      //We put nonceC in the first 8 bytes of the array
      for(int i=0;i<8;i++){
        nonceC_T2[i]=(byte)((nonceR[i])^(nonceT[i]));
      }
      for(int i=8;i<16;i++){
        nonceC_T2[i]=nonceT2[i-8];
      }
      //encrypt properly nonceC_T2

      //Step3: we send AES(nonceC,nonceT2)K back to the card and wait for response AES(nonceR2)K
      //----------------------------------------------------------
      byte[] enc_nonceC_T2=encryptAES128(nonceC_T2, 0, 16);
      //Note in step3: state is a parameter; P1 is 0x10!!
      CommandAPDU challenge2 = new CommandAPDU((byte) 0x00, INS_HANDSHAKE,(byte) 0x10, (byte) 0x00,enc_nonceC_T2,16+8);
      res= ch.transmit(challenge2);
      buff= res.getData();
      if(!verifySignature(buff, 16)){
        Utilities.writeToLogs(home,"[E] Card error. Remove your card & try again(SIGNATURE FAILED) "+cID);
        System.out.println("[!] Card error. Remove your card & try again");
        CARD_LEGIT=false;
        return;
      }
      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error reading the card. Aborting operation. Error while handshake - step 3 "+cID);
        System.out.println("[!] Card error. Remove your card & try again");
        System.exit(-1);
      }
      else{
View Full Code Here

        Utilities.writeToLogs(home, "[E] Card was teared! Card ID:"+cID);
        System.out.println("Card was teared. Terminal will now reboot.");
        System.exit(-1);
      }
      CommandAPDU apduBalance = new CommandAPDU((byte) 0x00, INS_GET_BALANCE,(byte) 0x00, (byte) 0x00,16+8);
      ResponseAPDU res        = ch.transmit(apduBalance);
      double balance          = 0;

      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error during operation. Remove card from terminal !=  0x9000 "+cID);
        throw new CardException("Error while reading Card Balance. Aborting operation.");
      }
      else{
        if(verifySignature(res.getData(), 16)){
          byte[] plainData = decryptAES128(res.getData(),0,16);
          short b          = Utilities.getShort(plainData, 0);
          balance          = (double) (b / 100.0);
          return balance;
        }
        else{
View Full Code Here

        // Expansion of array from 16 bytes to 16+8 bytes(for MAC signature to fit)
        encdata=Arrays.copyOf(encdata, 24);
        signMessage(encdata, 16, encdata, 16);

        CommandAPDU apduModBalance = new CommandAPDU((byte) 0x00,INS_MODIFY_BALANCE,(byte) 0x00, (byte) 0x00,encdata,16+8);
        ResponseAPDU res           = ch.transmit(apduModBalance);

        if (res.getSW() !=  0x9000){
          Utilities.writeToLogs(home,"[E] Error while reading Card Balance "+cID);
          throw new CardException("Error while reading Card Balance");
        }
        else{
          notifyPaymentMockupFunction(payment);
View Full Code Here

        Utilities.writeToLogs(home, "[E] Card was teared! Card ID:"+cID);
        System.out.println("Card was teared. Terminal will now reboot.");
        System.exit(-1);
      }
      CommandAPDU dataApdu = new CommandAPDU((byte) 0x00, INS_GET_OWNER_INFO,(byte) 0x00, (byte) 0x00,100);
      ResponseAPDU res        = ch.transmit(dataApdu);

      if (res.getSW() !=  0x9000){
        Utilities.writeToLogs(home,"[E] Error while reading Card Balance.  Aborting operation. != 0x9000 "+cID);
        throw new CardException("Error while reading Card Balance.  Aborting operation.");
      }
      else{
        String userdata= Utilities.byteArrayToHexString(res.getData());
        String name    = userdata.substring(0, 40);
        String address = userdata.substring(40, 94);
        String date    = userdata.substring(94,100);

        System.out.printf("[+] Mr/Ms. %s \n",Utilities.hex2ascii(name))
View Full Code Here

   * @author Eduardo Novella & Rafael Boix
   */
  private SecretKeySpec getKeyFromCardID() throws CardException{
    SecretKeySpec k = null;
    CommandAPDU cardIDrequest = new CommandAPDU((byte) 0x00, (byte) 0x69,(byte) 0x00, (byte) 0x00,2);
    ResponseAPDU res= ch.transmit(cardIDrequest);
    byte[] cardID= res.getData();
    if (res.getSW() !=  0x9000){
      Utilities.writeToLogs(home,"[E] Error reading card ID. Check card connection & reader. ");
      throw new CardException("Error while reading Card ID");
    }
    else{
      //We set K as the CardID encrypted with the master key
View Full Code Here

TOP

Related Classes of javax.smartcardio.ResponseAPDU

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.