Page 1 of 1

The incoming Data Parsing in importKey() function

Posted: Sat Nov 28, 2015 5:35 am
by Ellisun
In OpenPGP project, the incoming Data in importKey() function is very long and very difficult.
First, according to the understanding of the function, the incoming data is the TLV format, but but the TLV format is custom in here.

The format is:

Code: Select all

4D + Length of 4D + Key Types + 00 + tag 7F48 + length of tag 7F48 + (Tag 91 + length of tag91)~ (Tag 97 + length of tag97) + Tag 5F48 + The data of Tag 91~ The data of Tag97


And:
1. the Tag91 ~ Tag97 respectively are parameters of RSA , such as Exponent, P, Q, PQ, DP, DQ, and Modulus.
2. The lengths of these parameters, except Modulus is 512 bytes and Exponent is 4 bytes , the other is 256 bytes.

The import auth_key data of incoming can be:

Code: Select all

4D8203A2A4007F48159104928180938180948180958180968180978201005F480000010001DB99BAA1C9820DC73596CFABEC88558A5C876C78A151724F2C75D5B933B49B459DD3FDB4DA5350C8A51647B6FEDF3E69C2FDBC4B43441E1FA62A7615133CFAC43574D9CF0D49CC1B08A955A902E54389101A48661E2CC9D0FE32B2008912D0FD327926A6BEFC282981BB863106F6256778AEEE5DC3C90CA1E517C16BFAB53DDB3B75B0E81EBB1F76BFE44B7919B350EA3FFFC1747B58E5343D2C3A55BF4E4092C2D1CEF3D562AD2D650CE3254010B159C3C28DF51E2BB4E3FA5B219479EF4A49934F048C720C1586C5B5272E9402FC84BEB536CC11C4D8F0CEB6CA18FA8EDC807A5F46A143944226F66345A629DD59C62C931E128CA9C1754BC5E3B9B88BAF...


Note:
1, The Key Types contains sig_key, dec_key and auth_key
2, In this applet, it does not support Extend APDU command, so the data to be sent separately.
3, The bytes of 'Length' is based on the length itself and has a special identifier, you can see the getLength() and getLengthBytes() functions.
4. The imported keys can also be replace with "047800001a4" command(GENERATE ASYMMETRIC KEY PAIR command).

The import auth_key APDU command can be :

Code: Select all

//import auth_key
10DB3FFFA44D8203A2A4007F48159104928180938180948180958180968180978201005F480000010001DB99BAA1C9820DC73596CFABEC88558A5C876C78A151724F2C75D5B933B49B459DD3FDB4DA5350C8A51647B6FEDF3E69C2FDBC4B43441E1FA62A7615133CFAC43574D9CF0D49CC1B08A955A902E54389101A48661E2CC9D0FE32B2008912D0FD327926A6BEFC282981BB863106F6256778AEEE5DC3C90CA1E517C16BFAB53D;

10DB3FFF80DB3B75B0E81EBB1F76BFE44B7919B350EA3FFFC1747B58E5343D2C3A55BF4E4092C2D1CEF3D562AD2D650CE3254010B159C3C28DF51E2BB4E3FA5B219479EF4A49934F048C720C1586C5B5272E9402FC84BEB536CC11C4D8F0CEB6CA18FA8EDC807A5F46A143944226F66345A629DD59C62C931E128CA9C1754BC5E3B9B88BAF;

10DB3FFF80988E90E1AE83B84A35F23DE7A76C0F2F4F3D33EA4A659473C70BD91FBA17330AAD5AC4BEE94E302F7D613E648629D38FAC937F97DC63E7D129DEEEB29BCFFE396DFD0BC000F181700337002AC8D14301C2A85C8FC37FAE391D87E3345BE9DDD1A95E5F8CD41E5B632A7DF7F83CC291835F4A1A34DF48E92EF869CB3AEE2136F3;

10DB3FFF80CD409F9F2E601F8EADB8FAFC1F85C226239BF437BFD807769700C0356D6D869F8808279F0D5D4829719C2485972D8401885E6ECB0DE13222B4C6053E678FDC76DDDC0CE4A8EFEC14EC80916EFA24DD7DD38E2D533D2AF1AB249CAFA12E7D66D6F181292E3B5E260FBD914FB8AD600DCFEB8DDD7FC84A37436E8448A62B5B90FD;

10DB3FFF8091F31DC0EE67371015505EBDD81B4203864FA106BB733A952C97E50FD8F2093877FBF70D9DCADB6C8B2210D84F7E3D1EB4B1DC9E01275AD58C48A9CECB37FA142CB34311B6265EE11DDE1561C662873271753CD3043C781E2D0291322E3AF04CDFC398163F59EC23B628A5A242A2F057C9D4F704383928F2401277E5C94890C5;

10DB3FFF80BC0F840B6DC5A0C057D99AEEBB0465565C8F3154D9C4BD7FCDB80DDF0EED82E2A0405DCF477462BD88FE81BFC587EA6E85F94D98CEE64C0F61E451953DAA01311BD1032527F4AE62FB0BC4C29810BC6DE8AB3E7CC2032A3E3892FC0EBAA8212A111828B16177097505F0F267B5183B6338E42972CA3E6F9318F660CC36A50AA5;

10DB3FFF82EBB90FE1E3236513B92AFB85897C8F3EF3F672A7A5EB927FD4CC5BADE565417DA038FD4A8DD4A35AA55E0A1006150276A491305707D13F8E692C6C715D78E45C1C44A599DA87F0B3369ED88D5CEBF16370201FFAF121B41DA475D489960AAC99284EC4101853D890791942A6A73E2987EBFFFDE83592C68628A5B63379AFE34B5F48;

80DB3FFF00;

Re: The incoming Data Parsing in importKey() function

Posted: Mon Nov 30, 2015 11:35 pm
by Tolice
A very detailed description. 8-) :lol: :lol: :lol:

Re: The incoming Data Parsing in importKey() function

Posted: Fri Dec 04, 2015 6:17 am
by Berlin
Is the CLA can be other value? such as 0x00, 0x20, 0x30...

Re: The incoming Data Parsing in importKey() function

Posted: Fri Dec 04, 2015 10:52 pm
by Ellisun
This applet not support extend APDU, while import Key to card, the length of key is larger than 255, it is necessary to send many times.
In this applet , the CLA of import key command must be 0x10. You can refer to the applet code.

Re: The incoming Data Parsing in importKey() function

Posted: Sat Dec 05, 2015 6:21 am
by Berlin
Ellisun wrote:This applet not support extend APDU, while import Key to card, the length of key is larger than 255, it is necessary to send many times.
In this applet , the CLA of import key command must be 0x10. You can refer to the applet code.


You determine the value of CLA is 0x10, is from the commandChaining() function
This applet is so strange, before processing each APDU command , it have to do many operations.

Re: The incoming Data Parsing in importKey() function

Posted: Sun Dec 06, 2015 11:13 pm
by Ellisun
Yeah, It's in the commandChaining() function,

Code: Select all

if ((byte) (buf[OFFSET_CLA] & (byte) 0x10) == (byte) 0x10) {
         // If chaining was already initiated, INS and P1P2 should match
         if (chain && (buf[OFFSET_INS] != chain_ins && p1p2 != chain_p1p2)) {
            resetChaining();
            ISOException.throwIt(SW_CONDITIONS_NOT_SATISFIED);
         }

         // Check whether data to be received is larger than size of the
         // buffer
         if ((short) (in_received + len) > BUFFER_MAX_LENGTH) {
            resetChaining();
            ISOException.throwIt(SW_WRONG_DATA);
         }

         // Store received data in buffer
         in_received = Util.arrayCopyNonAtomic(buf, OFFSET_CDATA,
               buffer, in_received, len);

         chain = true;
         chain_ins = buf[OFFSET_INS];
         chain_p1p2 = p1p2;

         ISOException.throwIt(SW_NO_ERROR);
      }


It shows the CLA == 0x10, and the value of INS, P1P2 must be the same as the previous. It can be sequentially store the data to buffer.