📄 jcesecuritymodule.java
字号:
String pinBlockHexString = ISOUtil.hexString(block1ByteArray); pin = pinBlockHexString.substring(2, pinLength + 2); String pad = pinBlockHexString.substring(pinLength + 2); pad = pad.toUpperCase(); int i = pad.length(); while (--i >= 0) if (pad.charAt(i) != 'F') throw new SMException("PIN Block Error"); } break; case FORMAT03: { String block1 = ISOUtil.hexString(pinBlock); int len = block1.indexOf('F'); if(len == -1) len = 12; int i = block1.length(); pin = block1.substring(0, len); while(--i >= len) if(block1.charAt(i) != 'F') throw new SMException("PIN Block Error"); while(--i >= 0) if(pin.charAt(i) >= 'A') throw new SMException("PIN Block Error"); if(pin.length() < 4 || pin.length() > 12) throw new SMException("Unsupported PIN Length: " + pin.length()); } break; default: throw new SMException("Unsupported PIN Block format: " + pinBlockFormat); } return pin; } /** * Initializes the JCE Security Module * @param jceProviderClassName * @param lmkFile Local Master Keys File used by JCE Security Module to store the LMKs * @param lmkRebuild if set to true, the lmkFile gets overwritten with newly generated keys (WARNING: this would render all your previously stored SecureKeys unusable) * @throws SMException */ private void init (String jceProviderClassName, String lmkFile, boolean lmkRebuild) throws SMException { File lmk = new File(lmkFile); try { keyTypeToLMKIndex = new Hashtable(); keyTypeToLMKIndex.put(SMAdapter.TYPE_ZMK, new Integer(0)); keyTypeToLMKIndex.put(SMAdapter.TYPE_ZPK, new Integer(1)); keyTypeToLMKIndex.put(SMAdapter.TYPE_PVK, new Integer(2)); keyTypeToLMKIndex.put(SMAdapter.TYPE_TPK, new Integer(2)); keyTypeToLMKIndex.put(SMAdapter.TYPE_TMK, new Integer(2)); keyTypeToLMKIndex.put(SMAdapter.TYPE_TAK, new Integer(3)); keyTypeToLMKIndex.put(PINLMKIndex, new Integer(4)); keyTypeToLMKIndex.put(SMAdapter.TYPE_CVK, new Integer(5)); keyTypeToLMKIndex.put(SMAdapter.TYPE_ZAK, new Integer(8)); keyTypeToLMKIndex.put(SMAdapter.TYPE_BDK, new Integer(9)); Provider provider = null; LogEvent evt = new LogEvent(this, "jce-provider"); try { if ((jceProviderClassName == null) || (jceProviderClassName.compareTo("") == 0)) { evt.addMessage("No JCE Provider specified. Attempting to load default provider (SunJCE)."); jceProviderClassName = "com.sun.crypto.provider.SunJCE"; } provider = (Provider)Class.forName(jceProviderClassName).newInstance(); Security.addProvider(provider); evt.addMessage("name", provider.getName()); } catch (Exception e) { evt.addMessage(e); throw new SMException("Unable to load jce provider whose class name is: " + jceProviderClassName); } finally { Logger.log(evt); } jceHandler = new JCEHandler(provider); // Load Local Master Keys Properties lmkProps = new Properties(); if (lmkRebuild) { // Creat new LMK file evt = new LogEvent(this, "local-master-keys"); evt.addMessage("Rebuilding new Local Master Keys in file: \"" + lmk.getCanonicalPath() + "\"."); Logger.log(evt); // Generate New random Local Master Keys generateLMK(); // Write the new Local Master Keys to file writeLMK(lmk); evt = new LogEvent(this, "local-master-keys"); evt.addMessage("Local Master Keys built successfully in file: \"" + lmk.getCanonicalPath() + "\"."); Logger.log(evt); } if (!lmk.exists()) { // LMK File does not exist throw new SMException("Error loading Local Master Keys, file: \"" + lmk.getCanonicalPath() + "\" does not exist." + " Please specify a valid LMK file, or rebuild a new one."); } else { // Read LMK from file readLMK(lmk); evt = new LogEvent(this, "local-master-keys"); evt.addMessage("Loaded successfully from file: \"" + lmk.getCanonicalPath() + "\""); Logger.log(evt); } } catch (Exception e) { if (e instanceof SMException) { throw (SMException)e; } else { throw new SMException(e); } } } /** * Generates new LMK keys * @exception SMException */ private void generateLMK () throws SMException { LMK = new SecretKey[0x0f]; try { LMK[0x00] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x01] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x02] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x03] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x04] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x05] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x06] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x07] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x08] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x09] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x0a] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x0b] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x0c] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x0d] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); LMK[0x0e] = (SecretKey)jceHandler.generateDESKey(LMK_KEY_LENGTH); } catch (JCEHandlerException e) { throw new SMException("Can't generate Local Master Keys", e); } } /** * reads (loads) LMK's from lmkFile * @param lmkFile * @exception SMException */ private void readLMK (File lmkFile) throws SMException { LMK = new SecretKey[0x0f]; try { Properties lmkProps = new Properties(); FileInputStream in = new FileInputStream(lmkFile); lmkProps.load(in); in.close(); byte[] lmkData; for (int i = 0x00; i < 0x0f; i++) { lmkData = ISOUtil.hex2byte(lmkProps.getProperty("LMK0x0" + Integer.toHexString(i))); // provider-independent method LMK[i] = new SecretKeySpec(lmkData, JCEHandler.ALG_TRIPLE_DES); } } catch (Exception e) { throw new SMException("Can't read Local Master Keys from file: " + lmkFile, e); } } /** * Writes a newly generated LMK's to lmkFile * @param lmkFile * @exception SMException */ private void writeLMK (File lmkFile) throws SMException { Properties lmkProps = new Properties(); try { for (int i = 0x00; i < 0x0f; i++) { lmkProps.setProperty("LMK0x0" + Integer.toHexString(i), ISOUtil.hexString(LMK[i].getEncoded())); } FileOutputStream out = new FileOutputStream(lmkFile); lmkProps.store(out, "Local Master Keys"); out.close(); } catch (Exception e) { throw new SMException("Can't write Local Master Keys to file: " + lmkFile, e); } } /** * gets the suitable LMK for the key type * @param keyType * @return the LMK secret key for the givin key type * @throws SMException */ private SecretKey getLMK (String keyType) throws SMException { //int lmkIndex = keyType; if (!keyTypeToLMKIndex.containsKey(keyType)) { throw new SMException("Unsupported key type: " + keyType); } int lmkIndex = ((Integer)keyTypeToLMKIndex.get(keyType)).intValue(); SecretKey lmk = null; try { lmk = LMK[lmkIndex]; } catch (Exception e) { throw new SMException("Invalid key code: " + "LMK0x0" + Integer.toHexString(lmkIndex)); } return lmk; } /** * maps a key type to an LMK Index */ private Hashtable keyTypeToLMKIndex; /** * The clear Local Master Keys */ private SecretKey[] LMK; /** * A name for the LMK used to encrypt the PINs */ private static final String PINLMKIndex = "PIN"; /** * The key length (in bits) of the Local Master Keys. * JCESecurityModule uses Triple DES Local Master Keys */ private static final short LMK_KEY_LENGTH = LENGTH_DES3_2KEY; /** * The maximum length of the PIN */ private static final short MAX_PIN_LENGTH = 12; /** * a dummy 64-bit block of zeros used when calculating the check value */ private static final byte[] zeroBlock = { (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00 }; private JCEHandler jceHandler;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -