Skip to content

Commit

Permalink
Add small perso handler.
Browse files Browse the repository at this point in the history
  • Loading branch information
martinpaljak committed Mar 23, 2016
1 parent 771bbb3 commit 54640fd
Show file tree
Hide file tree
Showing 6 changed files with 320 additions and 23 deletions.
4 changes: 2 additions & 2 deletions Manifest.mf
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
Manifest-Version: 1.0
Main-Class: esteidhacker.CLI
Class-Path: lib/bcpkix-jdk15on-151.jar lib/bcprov-jdk15on-151.jar lib/gp.jar lib/jopt-simple-4.8.jar lib/vjcre.jar lib/applet-playground.jar
Main-Class: org.esteid.hacker.CLI
Class-Path: lib/bcpkix-jdk15on-154.jar lib/bcprov-jdk15on-154.jar lib/jopt-simple-4.9.jar lib/apdu4j.jar lib/gp.jar lib/vjcre.jar
6 changes: 3 additions & 3 deletions build.xml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
<get src="http://downloads.bouncycastle.org/java/bcprov-jdk15on-154.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="http://downloads.bouncycastle.org/java/bcpkix-jdk15on-154.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="https://github.com/martinpaljak/apdu4j/releases/download/v0.0.27/apdu4j.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="https://github.com/martinpaljak/GlobalPlatformPro/releases/download/v0.3.5/gp.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="https://github.com/martinpaljak/GlobalPlatformPro/releases/download/v0.3.7/gp.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="https://github.com/martinpaljak/vJCRE/releases/download/r1/vjcre.jar" dest="lib" verbose="true" skipexisting="true"/>
<get src="https://github.com/martinpaljak/esteid-applets/releases/download/v0.0.2/FakeEstEID.jar" dest="lib" verbose="true" skipexisting="true"/>

Expand All @@ -20,7 +20,7 @@
<checksum algorithm="SHA-256" file="lib/bcprov-jdk15on-154.jar" property="d0ae14598f9c528d2ab7bb8ed00e785a5440f692712cd362d69328aba25efb57" verifyProperty="bouncy1OK"/>
<checksum algorithm="SHA-256" file="lib/bcpkix-jdk15on-154.jar" property="d618dcfbf0337b91015b21d4b398175ae96382a82c7e1d6e8c657fcd236463c7" verifyProperty="bouncy2OK"/>
<checksum algorithm="SHA-256" file="lib/apdu4j.jar" property="be34feccb5bb654683e833e8079cb8d3d17925569caed28eeab25bdaa73dbaeb" verifyProperty="apduOK"/>
<checksum algorithm="SHA-256" file="lib/gp.jar" property="cbe9ba8a198b434aa63c5266f3f30302ab0b174d46fc94a35e46a08ed7a9ef9f" verifyProperty="gpOK"/>
<checksum algorithm="SHA-256" file="lib/gp.jar" property="ec41e4294fe4277183254887da3303e1aba817a20d20c78713ef453b66f4595b" verifyProperty="gpOK"/>
<checksum algorithm="SHA-256" file="lib/vjcre.jar" property="20260d4c63d54eba540eb6eee931b9bff9df0ad97823841848126ea36c04e6b4" verifyProperty="vjcreOK"/>
<checksum algorithm="SHA-256" file="lib/FakeEstEID.jar" property="c6387f4750c286e3faf566bfac6acd53f46c327ee60f22e796700939c14bf2f5" verifyProperty="appletOK"/>
<fail message="Checksum failure">
Expand Down Expand Up @@ -60,7 +60,7 @@
<!-- Package it into a nice little JAR -->
<target name="dist" depends="compile" description="generate the distribution">
<exec command="git describe --always --tags" output="build/org/esteid/version.txt"/>
<jar destfile="esteid.jar" level="9" basedir="build">
<jar manifest="Manifest.mf" destfile="esteid.jar" level="9" basedir="build">
<fileset dir="src">
<include name="resources/*.pem"/>
</fileset>
Expand Down
4 changes: 2 additions & 2 deletions src/org/esteid/EstEID.java
Original file line number Diff line number Diff line change
Expand Up @@ -359,7 +359,7 @@ public byte[] read_file(final int bytes) throws CardException {
byte[] bb = new byte[bytes];
for (int i = 0; i<= (bytes / chunksize); i++) {
final int offset = i*chunksize;
ResponseAPDU r = transmit(new CommandAPDU(0x00, INS_READ_BINARY, offset>>8, offset & 0xFF, 256));
ResponseAPDU r = transmit(new CommandAPDU(0x00, INS_READ_BINARY, offset>>8, offset & 0xFF, chunksize));
try {
check(r);
} catch (EstEIDException e) {
Expand All @@ -386,7 +386,7 @@ public byte[] read_certificate_bytes(int fid) throws CardException {
select(FID_3F00);
select(FID_EEEE);
select(fid);
return read_file(0x600);
return read_file(0x800);
}
private X509Certificate readCertificate(int fid) throws CardException {
try {
Expand Down
51 changes: 35 additions & 16 deletions src/org/esteid/hacker/CLI.java
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
package org.esteid.hacker;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.OutputStreamWriter;
Expand Down Expand Up @@ -55,7 +56,6 @@
import org.esteid.EstEID.PIN;
import org.esteid.EstEID.PersonalData;

import pro.javacard.gp.GlobalPlatform;
import pro.javacard.vre.VJCREProvider;
import pro.javacard.vre.VRE;

Expand All @@ -79,7 +79,7 @@ public class CLI {
private static final String OPT_SIGNKEY = "signkey";

private static final String OPT_LIST = "list";
private static final String OPT_INSTALL = "install";
private static final String OPT_PERSO = "perso";
private static final String OPT_NEW = "new";
private static final String OPT_CHECK = "check";

Expand All @@ -90,11 +90,14 @@ public class CLI {
private static final String OPT_TEST = "test";
private static final String OPT_TEST_PINS = "test-pins";
private static final String OPT_TEST_CRYPTO = "test-crypto";

private static final String OPT_COUNTERS = "counters";

private static final String OPT_PIN1 = "pin1";
private static final String OPT_PIN2 = "pin2";
private static final String OPT_PUK = "puk";
private static final String OPT_CMK = "cmk";
private static final String OPT_KEY = "key";


private static final String OPT_T0 = "t0";
private static final String OPT_T1 = "t1";
Expand Down Expand Up @@ -126,7 +129,7 @@ private static OptionSet parseArguments(String argv[]) throws IOException {
parser.accepts(OPT_SIGNKEY, "Load sign key (PEM)").withRequiredArg().ofType(File.class);

// New card generation
parser.accepts(OPT_INSTALL, "Install FakeEstEIDManager applet").withOptionalArg();
parser.accepts(OPT_PERSO, "Personalize a card").withRequiredArg().ofType(File.class);
parser.accepts(OPT_NEW, "Populate a new \"Mari-Liis Männik\"");
parser.accepts(OPT_CHECK, "Check generated keys for consistency");

Expand All @@ -138,12 +141,16 @@ private static OptionSet parseArguments(String argv[]) throws IOException {
parser.accepts(OPT_TEST, "Run EstEID test-suite");
parser.accepts(OPT_TEST_CRYPTO, "Run only crypto tests");
parser.accepts(OPT_TEST_PINS, "Run only PIN tests");

parser.accepts(OPT_COUNTERS, "Read counters");

parser.accepts(OPT_PIN1, "PIN1 of the tested card").withRequiredArg();
parser.accepts(OPT_PIN2, "PIN2 of the tested card").withRequiredArg();
parser.accepts(OPT_PUK, "PUK of the tested card").withRequiredArg();

parser.accepts(OPT_CMK, "Use CMK X").withRequiredArg().ofType(Integer.class);
parser.accepts(OPT_KEY, "CMK X value").withRequiredArg();


parser.accepts(OPT_T0, "Use T=0");
parser.accepts(OPT_T1, "Use T=1");

Expand Down Expand Up @@ -184,6 +191,17 @@ public static void main(String argv[]) throws Exception {
System.out.println("EstEID hacker v0.1");
}

if (args.has(OPT_DEBUG)) {
// Set up slf4j simple in a way that pleases us
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "debug");
System.setProperty("org.slf4j.simpleLogger.showThreadName", "false");
System.setProperty("org.slf4j.simpleLogger.showShortLogName", "true");
System.setProperty("org.slf4j.simpleLogger.levelInBrackets", "true");
} else {
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "warn");
}


// Load or generate a CA
FakeEstEIDCA ca = new FakeEstEIDCA();
if (args.has(OPT_CA)) {
Expand Down Expand Up @@ -303,17 +321,6 @@ public static void main(String argv[]) throws Exception {
card.disconnect(true);
}


if (args.has(OPT_INSTALL)) {
// Install the applet
Card c = term.connect("*");
GlobalPlatform gp = new GlobalPlatform(c.getBasicChannel());
gp.imFeelingLucky();
gp.uninstallDefaultSelected(true);
System.err.println("Use GP utility directly for loading");
c.disconnect(true);
}

String protocol = "*";
if (args.has(OPT_T0))
protocol = "T=0";
Expand All @@ -323,6 +330,18 @@ else if (args.has(OPT_T1))
card = term.connect(protocol);
EstEID esteid = EstEID.getInstance(card.getBasicChannel());

if (args.has(OPT_PERSO)) {
EstEIDManager.doit(card.getBasicChannel(), ca, new FileInputStream((File)args.valueOf(OPT_PERSO)));
}

if (args.has(OPT_CMK) && args.has(OPT_KEY)) {
SecureChannel sc = SecureChannel.getInstance(card.getBasicChannel());
sc.mutualAuthenticate(HexUtils.hex2bin((String)args.valueOf(OPT_KEY)), (Integer)args.valueOf(OPT_CMK));
if (args.has(OPT_COUNTERS)) {
System.out.println(HexUtils.bin2hex(sc.transmit(new CommandAPDU(HexUtils.hex2bin("00CA040000"))).getBytes()));
}
}

if (args.has(OPT_VERBOSE) || args.has(OPT_INFO)) {
System.out.println("ATR: " + HexUtils.bin2hex(card.getATR().getBytes()));
System.out.println("Type: " + esteid.getType());
Expand Down
Loading

0 comments on commit 54640fd

Please sign in to comment.