[b]声明[/b]: 本文所有code除摘自网络的已注明出处外,都是本人在个人时间进行练习的代码,系本人个人书写,没有copy自任何出处, 也与IBM, Eclipse, 以及任何其他组织无关,本人也不对其主张任何权利.
1. 如何判断一张卡是否被lock?
- 下面的字段不为空
RoamingInformationCard/InformationCardMetaData/PinDigest
2. 如何解锁?
2.1. 用户输入PIN code, 检测用户输入
[code]
String password = "12345678";
try {
byte[] byte_pw = password.getBytes("UTF-16LE");
MessageDigest md = MessageDigest.getInstance("SHA1");
md.update(byte_pw);
byte[] input_digest = md.digest();
byte[] stored_digest = ((PersonalCard)card).getPinDigest();
boolean equalsTo = true;
for(int i=0; i<input_digest.length; i++){
if(input_digest[i] != stored_digest[i]){
equalsTo = false;
}
}
System.out.println("User input a " + (equalsTo ? "correct": "invalid") + " PIN code");
[/code]
第二步:从正确的密码导出key
从PIN code倒出key, 倒出算法为PBKDF1 (RFC-2898).
输入参数:
Salt - MasterKey字段的第1-16字节 (0字节为version num)
Count - MasterKey字段的第17-20字节
Key length - 32 octets
Hash function - SHA-256
第三步: AES的Sample程序(来自[url]http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html[/url])
1. 如何判断一张卡是否被lock?
- 下面的字段不为空
RoamingInformationCard/InformationCardMetaData/PinDigest
2. 如何解锁?
2.1. 用户输入PIN code, 检测用户输入
[code]
String password = "12345678";
try {
byte[] byte_pw = password.getBytes("UTF-16LE");
MessageDigest md = MessageDigest.getInstance("SHA1");
md.update(byte_pw);
byte[] input_digest = md.digest();
byte[] stored_digest = ((PersonalCard)card).getPinDigest();
boolean equalsTo = true;
for(int i=0; i<input_digest.length; i++){
if(input_digest[i] != stored_digest[i]){
equalsTo = false;
}
}
System.out.println("User input a " + (equalsTo ? "correct": "invalid") + " PIN code");
[/code]
第二步:从正确的密码导出key
从PIN code倒出key, 倒出算法为PBKDF1 (RFC-2898).
输入参数:
Salt - MasterKey字段的第1-16字节 (0字节为version num)
Count - MasterKey字段的第17-20字节
Key length - 32 octets
Hash function - SHA-256
MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
sha256.update(byte_pw);
sha256.update(salt);
byte[] digestBytes = sha256.digest();
for (int i = 1; i < 1000; i++) {
sha256.update(digestBytes);
digestBytes = sha256.digest();
}
sha256.reset();
第三步: AES的Sample程序(来自[url]http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html[/url])
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may not be available
// Generate the secret key specs.
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted =
cipher.doFinal((args.length == 0 ?
"This is just an example" : args[0]).getBytes());
System.out.println("encrypted string: " + asHex(encrypted));
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] original =
cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println("Original string: " +
originalString + " " + asHex(original));