我有一个 java 卡小程序,它使用 RSA PKCS#1 和密钥 CRT(中国剩余定理)1024 实现加密和解密。下面是我的一些代码:
构造函数:
private CryptoApplet() {
generateKeyPair();
cipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
outputByte = new byte[256];
outputByte2 = new byte[117];
outBuff = new byte[128];
outBuff2 = new byte[117];
}
加密功能(java卡):
private void encrypt(APDU apdu) {
byte[] buffer = apdu.getBuffer();
short lc = apdu.getIncomingLength();
short dataOffset = apdu.getOffsetCdata();
short blocksize = 117;
short inOffset = (short) 0;
short outOffset = (short) 0;
if (!pubKey.isInitialized() || pubKey == null) {
ISOException.throwIt(STORAGE_KU_NOT_INITIALIZED);
}
cipher.init(pubKey, Cipher.MODE_ENCRYPT);
short dataLeft = lc;
while (dataLeft > 0) {
if (dataLeft < blocksize)
blocksize = dataLeft;
outOffset = cipher.doFinal(buffer, (short) dataOffset, (short) blocksize, outBuff, (short) 0);
Util.arrayCopy(outBuff,(short) 0,outputByte,inOffset,(short) outOffset);
inOffset += outOffset;
dataOffset += blocksize;
dataLeft -= blocksize;
}
apdu.setOutgoingAndSend((short) 0, (short) outputByte.length);
}
解密函数(java卡):
private void decrypt(APDU apdu) {
byte[] buffer = apdu.getBuffer();
short lc = apdu.getIncomingLength();
short dataOffset = apdu.getOffsetCdata();
short blocksize = 128;
short inOffset = (short) 0;
short outOffset = (short) 0;
cipher.init((RSAPrivateCrtKey) keys.getPrivate(), Cipher.MODE_DECRYPT);
short dataLeft = lc;
while (dataLeft > 0) {
if (dataLeft < blocksize)
blocksize = dataLeft;
outOffset = cipher.doFinal(buffer, (short) dataOffset, (short) blocksize, outBuff2, (short) 0);
Util.arrayCopy(outBuff2,(short) 0,outputByte2,inOffset,(short) outOffset);
inOffset += outOffset;
dataOffset += blocksize;
dataLeft -= blocksize;
}
apdu.setOutgoingAndSend((short) 0, (short) outputByte2.length);
}
从下面的 python 代码调用的解密和加密函数(使用包 pyscard),它适用于 encrypt。但是,每次我尝试调用解密函数时都会出错(响应 sw1 = 6F 和 sw2 = 00) 。
加密调用者(python/pyscard)(函数 0x41):
#! /usr/bin/env python
from smartcard.System import readers
from smartcard.util import *
import struct
# define the APDUs used in this script
f_input = open('4x6.JPG','rb')
list_input = list(bytearray(f_input.read()))
f_input.close()
SELECT = [0x00, 0xA4, 0x04, 0x00, 0x0A, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00]
# get all the available readers
r = readers()
print "Available readers:", r
reader = r[0]
print "Using:", reader
connection = reader.createConnection()
connection.connect()
data, sw1, sw2 = connection.transmit(SELECT)
print data
print "Select Applet: %02X %02X" % (sw1, sw2)
COMMAND = [0x80, 0x41, 0x00, 0x00, 0x00]
list_output = []
lengthCommandData = 234
amountSendAPDU = len(list_input)/lengthCommandData
left = len(list_input) % lengthCommandData
if (left > 0):
amountSendAPDU += 1
for b in range(amountSendAPDU):
DATA_COMMAND = list_input[b*lengthCommandData:(b+1)*lengthCommandData]
lengthData = len(DATA_COMMAND)
tmp = lengthData/117
left = lengthData%117
if (left > 0):
tmp += 1
lengthResp = tmp*128
LE = [ord(c) for c in struct.pack("!H",lengthResp)]
LE = [0x00] + LE
LC = [ord(c) for c in struct.pack("!H",lengthData)]
data, sw1, sw2 = connection.transmit(COMMAND + LC + DATA_COMMAND + LE)
list_output = list_output + data
f_encrypted = open('4x6.enc','wb')
f_encrypted.write(bytearray(list_output))
f_encrypted.close()
解密调用者(python/pyscard)(函数 0x42):
#! /usr/bin/env python
from smartcard.System import readers
from smartcard.util import *
import struct
# define the APDUs used in this script
f_input = open('4x6.enc','rb')
list_input = list(bytearray(f_input.read()))
f_input.close()
SELECT = [0x00, 0xA4, 0x04, 0x00, 0x0A, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00]
# get all the available readers
r = readers()
print "Available readers:", r
reader = r[0]
print "Using:", reader
connection = reader.createConnection()
connection.connect()
data, sw1, sw2 = connection.transmit(SELECT)
print data
print "Select Applet: %02X %02X" % (sw1, sw2)
COMMAND = [0x80, 0x42, 0x00, 0x00, 0x00]
list_output = []
lengthCommandData = 128
amountSendAPDU = len(list_input)/lengthCommandData
left = len(list_input) % lengthCommandData
if (left > 0):
amountSendAPDU += 1
for b in range(amountSendAPDU):
DATA_COMMAND = list_input[b*lengthCommandData:(b+1)*lengthCommandData]
lengthData = len(DATA_COMMAND)
tmp = lengthData/128
left = lengthData%128
if (left > 0):
tmp += 1
lengthResp = tmp*117
LE = [ord(c) for c in struct.pack("!H",lengthResp)]
LE = [0x00] + LE
LC = [ord(c) for c in struct.pack("!H",lengthData)]
data, sw1, sw2 = connection.transmit(COMMAND + LC + DATA_COMMAND + LE)
list_output = list_output + data
print "%02X %02X" % (sw1, sw2)
f_encrypted = open('output.JPG','wb')
f_encrypted.write(bytearray(list_output))
f_encrypted.close()
问题:
- 当我试图找到问题时,我发现问题出在解密函数(java 卡)中的 cipher.doFinal() 上。但我仍然不知道 cipher.doFinal() 中错误的原因。有人可以帮我解决这个解密问题吗?
- 我尝试使用扩展小程序,但无法在 python/pyscard 中传递超过 255 个字节的数据。有人可以帮助我并指导我如何从 python/pyscard 传递长度超过 255 个字节的数据吗?
- 通过 APDU 可以发送的最大数据大小是多少?据我所知,扩展的 APDU 可以接收 65535 字节的数据,但是当我尝试从 python/pyscard 发送 59904 字节的数据时,它给了我这样的错误:
错误3:
Traceback (most recent call last):
File "encrypt.py", line 58, in <module>
data, sw1, sw2 = connection.transmit(COMMAND + LC + DATA_COMMAND + LE)
File "C:\Users\X\Anaconda\lib\site-packages\smartcard\CardConnectionDecorat
or.py", line 82, in transmit
return self.component.transmit(bytes, protocol)
File "C:\Users\X\Anaconda\lib\site-packages\smartcard\CardConnection.py", l
ine 144, in transmit
data, sw1, sw2 = self.doTransmit(bytes, protocol)
File "C:\Users\X\Anaconda\lib\site-packages\smartcard\pcsc\PCSCCardConnecti
on.py", line 205, in doTransmit
SCardGetErrorMessage(hresult))
smartcard.Exceptions.CardConnectionException: Failed to transmit with protocol T
1. The data area passed to a system call is too small.
谢谢你,很抱歉这个问题很长,新手在这里。