test03.c

开发源代码的CPU卡的COS源程序。

{
	char	szApdu[512];

	if (sfi==SFI_CURRENT) {
		ofs = ofs & 0x7FFF;

		/* readbinary on the current file */
		LOG2("COMMAND","READBINARY currentfile ofs=%.4X len=%d",ofs,len);

		sprintf(szApdu,"00B0%.4X%.2X",ofs,len);
		APDU_RES(szApdu,len,0x9000);

	} else {

		ofs = ofs&0x00FF;

		/* readbinary on the specified file */
		LOG3("COMMAND","READBINARY file sfi=%d ofs=%.4X len=%d",sfi,ofs,len);

		sprintf(szApdu,"00B0%.2X%.2X%.2X",sfi|0x80,ofs,len);
		APDU_RES(szApdu,len,0x9000);
	}
}

/* ============================================================================
	ERASE BINARY

	__x XXX will be moved to protomac.c at later time
   ========================================================================= */

void ERASEBINARY(jbyte sfi,jword ofs)
{
	char	szApdu[512];

	if (sfi==SFI_CURRENT) {
		ofs = ofs & 0x7FFF;

		/* erasebinary on the current file */
		LOG1("COMMAND","ERASEBINARY currentfile ofs=%.4X",ofs);

		sprintf(szApdu,"000E%.4X00",ofs);
		APDU_RES(szApdu,0,0x9000);

	} else {

		ofs = ofs&0x00FF;

		/* erasebinary on the specified file */
		LOG2("COMMAND","ERASEBINARY file sfi=%d ofs=%.4X",sfi,ofs);

		sprintf(szApdu,"000E%.2X%.2X00",sfi|0x80,ofs);
		APDU_RES(szApdu,0,0x9000);
	}
}

/* ============================================================================

		One record
			Tag 70
			Data Length
			( Tag 61 , Length Dir entry, Dir entry ) x n

			where dir entry could be :

				DDF:	Tag 9D Len 5-16    DDF Name, ex: 1PAY.SYS.DDF01
				or
				ADF:	Tag 4F Len 5-16	   AID
						Tag 50 Len 1-16	   Application Label

   ========================================================================= */

void FILL_BUFFER_WITH_SD(char* szStr,char* name,char* aid,char* applabel)
{
	jbyte	buffer[512];
	jword	ofs;
	jword	ofs2;

	buffer[0] = 0x70;
	buffer[1] = 0x04;
	buffer[2] = 0x61;
	buffer[3] = 0x02;
	buffer[4] = 0x9D;
	buffer[5] = strlen(name); buffer[1] += strlen(name); buffer[3] += strlen(name);
	ofs = 6+strlen(name);
	memcpy(&buffer[6],name,strlen(name));

	/* __x XXX FINISH-ME */

	bytes2hexa(szStr,buffer,ofs,'\0');
	LOG2("COMMAND","SD = %s len=%d",szStr,strlen(szStr)/2);
}

/* ============================================================================
	VERIFY PIN

	__x XXX will be moved to protomac.c at later time
   ========================================================================= */

void VERIFY_PIN(jbyte* Pin)
{
	char	szApdu[512];

	/* verify pin */
	LOG8("COMMAND","VERIFY PIN Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);

    sprintf(szApdu,"0020000008%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X",Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);
	APDU_RES(szApdu,0,0x9000);
}

void VERIFY_PINBAD(jbyte* Pin)
{
	char	szApdu[512];

	/* verify pin */
	LOG8("COMMAND","VERIFY with BAD PIN Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",Pin[0],9-Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);

    sprintf(szApdu,"0020000008%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X",Pin[0],9-Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);
	APDU_RES(szApdu,0,ISO_AUTH_FAILURE);
}

void VERIFY_PINLOCKED(jbyte* Pin)
{
	char	szApdu[512];

	/* verify pin */
	LOG8("COMMAND","VERIFY PIN LOCKED Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);

    sprintf(szApdu,"0020000008");
	APDU_RES(szApdu,0,ISO_KEY_LOCKED);
}

/* ============================================================================
	CHANGE PIN

	__x XXX will be moved to protomac.c at later time
   ========================================================================= */

void CHANGE_PIN(jbyte* Pin,jbyte* New)
{
	char	szApdu[512];

	/* verify pin */
	LOG8("COMMAND","CHANGE OLD Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);
	LOG8("COMMAND","by     NEW Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",New[0],New[1],New[2],New[3],New[4],New[5],New[6],New[7]);

    sprintf(szApdu,"0024000010%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X",
		Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7],New[0],New[1],New[2],New[3],New[4],New[5],New[6],New[7]);
	APDU_RES(szApdu,0,0x9000);
}

/* ============================================================================
	UNLOCK PIN

	__x XXX will be moved to protomac.c at later time
   ========================================================================= */

void UNLOCK_PIN(jbyte* Pin,jbyte* New)
{
	char	szApdu[512];

	/* verify pin */
	LOG8("COMMAND","UNLOCK PUK    =%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7]);
	LOG8("COMMAND"," and   NEW Pin=%.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X",New[0],New[1],New[2],New[3],New[4],New[5],New[6],New[7]);

    sprintf(szApdu,"002C000010%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X",
		Pin[0],Pin[1],Pin[2],Pin[3],Pin[4],Pin[5],Pin[6],Pin[7],New[0],New[1],New[2],New[3],New[4],New[5],New[6],New[7]);
	APDU_RES(szApdu,0,0x9000);
}

/* ============================================================================
	main()
   ========================================================================= */

int main(int argc, char ** argv)
{
	char	sd[512];

	if (argc > 1 && atoi( argv[1] ) ) {

		bExit = atoi( argv[1] );

	}

	printf("Start of cos::test03\n");

	LOG_DISABLE("SIMUMSG");
	//LOG_DISABLE("TCK");

	tcl_type = TCL_TYPEA;

	INIT();

	POWERON(TCK_INTERFACE_CONTACT);
	ATR(jtrue);

	printf("CHECK INIT mode ---------------------------------\n");

    /* manufacturing data */
    APDU_RES("00CA000000",0,0x6C40);
    APDU_RES("00CA000040",0x40,0x9000);

	/* try to select a file without filesystem nor authenticate ! */
	APDU_RES("00A40000023000",0,ISO_ACCESS_DENIED);			/* SELECT FILE 0x3000 */

	/* regression test : try to select MF without having bootstraping nor authenticate */
	printf("Invalid Select MF : missing FS bootstrap\n");
	APDU_RES("00A40000023F00",0,ISO_FAULT);					/* SELECT FILE BY FID = MASTER FILE */

	/* try to create a file without filesystem / without or with authentication ! */
    APDU_RES("80E0200004",0,ISO_INS_NOT_SUPPORTED);         /* CREATE DF fid=2000 sfi=01 */
	GETCHALLENGE();											/* GET CHALLENGE */
    EXTERNALAUTHENTICATE(NULL,jfalse,0x00);                 /* EXTERNAL AUTHENTICATE (use MSK) */
    APDU_RES("80E02000080001FFFFFF000000",0,ISO_ACCESS_DENIED);    /* CREATE DF fid=2000 sfi=01 ac=FFFFFF */

	/* regression test : try to select MF without having bootstraping but authenticate */
	printf("Invalid Select MF : missing FS bootstrap\n");
	APDU_RES("00A40000023F00",0,ISO_FAULT);					/* SELECT FILE BY FID = MASTER FILE */

	printf("Get ATR\n");
	APDU("80EC000000",12);									/* GET ATR */

	/* invalid lock number */
	printf("Invalid lock : invalid lock number\n");
	APDU_RES("8016030000",0,ISO_INS_NOT_SUPPORTED);			/* CARD LOCK INIT */

	/* try to select a file without filesystem ! */
	printf("Select file without filesystem\n");
	APDU_RES("00A40000023000",0,ISO_ACCESS_DENIED);		/* SELECT FILE 0x3000 */

	/* missing external authenticate */
	printf("Invalid lock : missing external authenticate\n");
	GETCHALLENGE();											/* GET CHALLENGE */
	APDU("8016020000",0);									/* CARD LOCK INIT / refused because external authenticate not done ! */

	#if 0
	/* external authenticate + write eeprom */
	printf("Write some eeprom content\n");
	GETCHALLENGE();											/* GET CHALLENGE */
    EXTERNALAUTHENTICATE(NULL,jfalse,0x00);                 /* EXTERNAL AUTHENTICATE (use MSK) */
	APDU_RES("00B21000080102030405060708",0,0x9000);
	#endif

	/* INIT with FS bootstrap and creation of files */
	printf("INIT (+bootstrap FS) ----------------------------\n");

	printf("#? - authenticate with the MSK\n");
	GETCHALLENGE();											/* GET CHALLENGE */
    EXTERNALAUTHENTICATE(NULL,jfalse,0x00);                 /* EXTERNAL AUTHENTICATE (use MSK) */

	printf("#? - create MF\n");
	APDU_RES("80E03F000103",0,0x9000);						/* CREATE FILE MF - reserve 3x256 bytes for opcodes */

	printf("#? - create files\n");
    CREATE_DF(0x2000,0x01,0xFFFFFF,0x000000);           /* CREATE DF fid=2000 sfi=01 ac=FFFFFF */
    CREATE_BINARY_FILE(FID_SD,0x00,0xFFFFFF,0x000000,32);          /* CREATE BINARY EF fid=SD sfi=00 ac=FFFFFF filesize = 32 */
    CREATE_BINARY_FILE(FID_KEYS,0x00,0xFFFFFF,0x000000,192);       /* CREATE BINARY EF fid=KEYS sfi=02 ac=FFFFFF filesize = 192 */
    CREATE_BINARY_FILE(0x2003,0x10,0xFFFFFF,0x000000,512);         /* CREATE BINARY EF fid=2003 sfi=0x10 ac=FFFFFF filesize = 512 */
	CREATE_BINARY_FILE(0x6003,0x03|FDESC2_COUNTERS,0xFFFFFF,0x000000,8);		   /* counter file */

	SELECT_FILE_BY_FID(FID_SD,SELECT_EF);						/* SELECT FILE BY FID = SD */
	FILL_BUFFER_WITH_SD(sd,"1PAY.SYS.DDF01","F1F2F3F4","01jayCOS.Payment01");
	UPDATEBINARY(SFI_CURRENT,0,sd);

	printf("#? - select the binary file using FID\n");
	SELECT_FILE_BY_FID(FID_MF,SELECT_DF);						/* SELECT FILE BY FID = MASTER FILE */
	SELECT_FILE_BY_FID(0x2000,SELECT_DF);						/* SELECT FILE BY FID = DF 0x2000 */
	SELECT_FILE_BY_FID(FID_KEYS,SELECT_INTERNAL);				/* SELECT FILE BY FID = BINARY FID_KEYS */

	printf("#? - select with a malformed apdu !\n");
	APDU_RES("00A40000023F002003",0,0x6118);

	printf("#? - try to re-create the same files\n");
	GETCHALLENGE();											/* GET CHALLENGE */
    EXTERNALAUTHENTICATE(NULL,jfalse,0x00);                 /* EXTERNAL AUTHENTICATE (use MSK) */
	APDU_RES("80E03F000103",0,0x9000);						/* CREATE FILE MF - this command never failed by design */
    APDU_RES("80E02000080001FFFFFF000000",0,ISO_FILE_ALREADY_EXIST);/* CREATE DF fid=2000 sfi=01 acs=FFFF */

	printf("#? - select the binary file using absolute path\n");
	SELECT_FILE_BY_ABSOLUTE_PATH("20002003",SELECT_EF);

	printf("#? - select the binary file using relative path\n");
	SELECT_FILE_BY_FID(0x3F00,SELECT_DF);						/* SELECT FILE BY FID = MASTER FILE */
	SELECT_FILE_BY_RELATIVE_PATH("20002003",SELECT_EF);
    SELECT_FILE_BY_FID(0x3F00,SELECT_DF);                      /* SELECT FILE BY FID = MASTER FILE */
    SELECT_FILE_BY_RELATIVE_PATH("3FFF20002003",SELECT_EF);

	printf("#? - change the MSK to PSK\n");
	GETCHALLENGE();											/* GET CHALLENGE */
    CHANGE_KEY(NULL,CIPHER_ALGO_ECB_3DES2,0x00,0x00,PSK);

	printf("#? - Add key1 then key2 in EF_KEY\n");
	GETCHALLENGE();						/* GET CHALLENGE */
    CHANGE_KEY(PSK,CIPHER_ALGO_ECB_3DES2,KEY_ATTRIBUTE_EAUTH,KEY_NUMBER_INITIAL,key1);
	GETCHALLENGE();						/* GET CHALLENGE */
    CHANGE_KEY(PSK,CIPHER_ALGO_ECB_3DES2,KEY_ATTRIBUTE_EAUTH|KEY_ATTRIBUTE_KILL9,KEY_NUMBER_INITIAL+1,key1);
	GETCHALLENGE();						/* GET CHALLENGE */
    CHANGE_KEY(PSK,CIPHER_ALGO_ECB_3DES2,KEY_ATTRIBUTE_EAUTH|KEY_ATTRIBUTE_IAUTH|KEY_ATTRIBUTE_MASTER,KEY_NUMBER_INITIAL,key2);
    GETCHALLENGE();                     /* GET CHALLENGE */
    CHANGE_KEY(PSK,CIPHER_ALGO_ECB_3DES2,KEY_ATTRIBUTE_CIPHER,KEY_NUMBER_INITIAL+2,keyc);

    printf("#? - Add PUK then Pin0 in EF_KEY\n");
	GETCHALLENGE();						/* GET CHALLENGE */
    CHANGE_KEY(PSK,REFDATA_ALGO_PASSWORD,KEY_ATTRIBUTE_PUK,KEY_NUMBER_INITIAL,PUK);
	GETCHALLENGE();						/* GET CHALLENGE */
    CHANGE_KEY(PSK,REFDATA_ALGO_PASSWORD,KEY_ATTRIBUTE_CHV,KEY_NUMBER_INITIAL,Pin0);

	printf("#? - authenticate with the PSK\n");
    GETCHALLENGE();                         /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(PSK,jfalse,0x00);  /* EXTERNAL AUTHENTICATE (use PSK) */

	printf("#? - update a binary file\n");
	SELECT_APPLICATION_BY_NAME("1PAY.SYS.DDF01");
	SELECT_FILE_BY_RELATIVE_PATH("2003",SELECT_EF);
	UPDATEBINARY(SFI_CURRENT,0,"010203");
	READBINARY(SFI_CURRENT,0,3);
	ERASEBINARY(SFI_CURRENT,0);
	READBINARY(SFI_CURRENT,0,3);

	printf("#? - authenticate with the PSK\n");
    GETCHALLENGE();                         /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(PSK,jfalse,0x00);  /* EXTERNAL AUTHENTICATE (use PSK) */


    printf("#? - change the configuration : activate the PIN prior to INTERNAL AUTH func.\n");

    CHANGE_CONFIGURATION(CHANGE_CONFIG_PIN_PRIOR_INTAUTH,1);

	printf("#? - Go to PERSO mode\n");
    APDU_RES("8016020000",0,0x9000);        /* CARD LOCK INIT */

	printf("PERSO -------------------------------------------\n");
    printf("#? - authenticate with PSK\n");
    GETCHALLENGE();                         /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(PSK,jfalse,0x00);  /* EXTERNAL AUTHENTICATE (use PSK)  */

	printf("#? - Go to APPLICATION mode\n");

	APDU("8016010000",0);				/* CARD LOCK PERSO */

	printf("APPLICATION -------------------------------------\n");

	printf("#? - authenticate with key1 then key2\n");

	GETCHALLENGE();						/* GET CHALLENGE */
    EXTERNALAUTHENTICATE(key1,jtrue,KEY_NUMBER_INITIAL+1);    /* EXTERNAL AUTHENTICATE (use key1) */

    GETCHALLENGE();                       /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(key2,jtrue,KEY_NUMBER_INITIAL); /* EXTERNAL AUTHENTICATE (use key2) */

	printf("#? - Increase then decrease the counter\n");
	INCREASE(0x03,0,4);
	DECREASE(0x03,0,3);

    printf("#? - Verify Pin0 prior to Internal Authenticate\n");
    APDU_RES("00880000080000000000000000",0,ISO_ACCESS_DENIED); /* INTERNAL AUTHENTICATE (use key2) */
    VERIFY_PIN(Pin0);
    INTERNALAUTHENTICATE(key2,jtrue,0x00);               /* INTERNAL AUTHENTICATE (use key2) */
    INTERNALAUTHENTICATE(key2,jtrue,0x00);               /* INTERNAL AUTHENTICATE (use key2) */

	printf("#? - Change Pin0 with Pin1 in EF_KEY\n");
	CHANGE_PIN(Pin0,Pin1);

	printf("#? - Verify Pin1\n");
	VERIFY_PIN(Pin1);

    printf("#? - Verify Pin1 and Key1\n");
    GETCHALLENGE();                     /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(key1,jtrue,KEY_NUMBER_INITIAL+1);    /* EXTERNAL AUTHENTICATE (use key1) */
    VERIFY_PIN(Pin1);

	printf("#? - Lock the Pin1\n");
	VERIFY_PINBAD(Pin1);
	VERIFY_PINBAD(Pin1);
	VERIFY_PINBAD(Pin1);
	VERIFY_PINLOCKED(Pin1);

	printf("#? - UnLock the Pin1\n");
	UNLOCK_PIN(PUK,Pin0);
	VERIFY_PIN(Pin0);

	printf("#? - Go to BLOCKED mode\n");

    GETCHALLENGE();                     /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(key2,jtrue,KEY_NUMBER_INITIAL);          /* EXTERNAL AUTHENTICATE (use key2) */
    APDU_RES("8016000000",0,ISO_CONDITION_FAILURE);               /* CARD LOCK not BLOCKED */
    GETCHALLENGE();                     /* GET CHALLENGE */
    EXTERNALAUTHENTICATE(key1,jtrue,KEY_NUMBER_INITIAL+1);    /* EXTERNAL AUTHENTICATE (use key1') */
    APDU_RES("8016000000",0,ISO_SUCCESS);                         /* CARD LOCK BLOCKED */

	printf("BLOCKED mode ------------------------------------\n");

    printf("Get ATR\n");
    APDU("80EC000000",12);                                        /* GET ATR */

    printf("Get Challenge\n");
    APDU_RES("0084000008",0,ISO_INS_NOT_SUPPORTED);               /* GET CHALLENGE => ERROR CARD BLOCKED */

	POWEROFF();

	/* */
	printf("Reset to init...\n");
	UNLOCK_BLOCKED();
	UNLOCK_PERSO();
	UNLOCK_INIT();
	SAVE_RAM(66);
	SAVE_EEPROM(66);

	DONE(bExit);

	printf("End of cos::test03\n");
	return 0;
}