| Code with Finding: |
class BACPanel.ChallengePanel {
public ChallengePanel() {
super(new FlowLayout());
setBorder(BorderFactory.createTitledBorder(PANEL_BORDER, "Get Challenge"));
challengeField = new HexField(8);
challengeField.setEditable(false);
JButton challengeButton = new JButton("Get Challenge");
challengeButton.addActionListener(this);
add(new JLabel("RND.ICC: "));
add(challengeField);
add(challengeButton);
}
}
class BACPanel.ChallengePanel {
public void actionPerformed(ActionEvent ae) {
rndICC = apduService.sendGetChallenge();
challengeField.setValue(rndICC);
}
}
class BACPanel.MRZPanel {
public MRZPanel() {
super(new BorderLayout());
setBorder(BorderFactory.createTitledBorder(PANEL_BORDER, "MRZ"));
JPanel top = new JPanel(new FlowLayout());
docNrTF = new JTextField(9);
dateOfBirthTF = new JTextField(6);
dateOfExpiryTF = new JTextField(6);
docNrTF.setText(PassportGUI.DEFAULT_DOC_NR);
dateOfBirthTF.setText(PassportGUI.DEFAULT_DATE_OF_BIRTH);
dateOfExpiryTF.setText(PassportGUI.DEFAULT_DATE_OF_EXPIRY);
kEncTF = new HexField(24);
kEncTF.setEditable(false);
kMacTF = new HexField(24);
kMacTF.setEditable(false);
top.add(new JLabel("Document number: "));
top.add(docNrTF);
top.add(new JLabel("Date of birth: "));
top.add(dateOfBirthTF);
top.add(new JLabel("Date of expiry: "));
top.add(dateOfExpiryTF);
JButton updateButton = new JButton("Derive Keys");
top.add(updateButton);
updateButton.addActionListener(this);
JPanel center = new JPanel(new FlowLayout());
JPanel bottom = new JPanel(new GridLayout(2, 2));
bottom.add(new JLabel("K.ENC: ", JLabel.RIGHT));
bottom.add(kEncTF);
bottom.add(new JLabel("K.MAC: ", JLabel.RIGHT));
bottom.add(kMacTF);
add(top, BorderLayout.NORTH);
add(center, BorderLayout.CENTER);
add(bottom, BorderLayout.SOUTH);
}
}
class BACPanel.MRZPanel {
public void actionPerformed(ActionEvent ae) {
try {
byte[] keySeed = Util.computeKeySeed(docNrTF.getText(), dateOfBirthTF
.getText(), dateOfExpiryTF.getText());
kEnc = Util.deriveKey(keySeed, Util.ENC_MODE);
kMac = Util.deriveKey(keySeed, Util.MAC_MODE);
kEncTF.setValue(kEnc.getEncoded());
kMacTF.setValue(kMac.getEncoded());
} catch (Exception e) {
kEnc = null;
kMac = null;
kEncTF.clearText();
kMacTF.clearText();
}
}
}
class BACPanel.MutualAuthPanel {
/**
* FIXME:
* preallocate kIFD, kICC, rndIFD, rndICC and copy here from TFs
* to prevent allocate & gc.
*/
public void actionPerformed(ActionEvent ae) {
try {
rndIFD = challengeField.getValue();
kIFD = keyField.getValue();
byte[] plaintext = apduService.sendMutualAuth(rndIFD, rndICC, kIFD, kEnc,
kMac);
plaintextField.setValue(plaintext);
if (kICC == null || kICC.length < 16) {
kICC = new byte[16];
}
System.arraycopy(plaintext, 16, kICC, 0, 16);
byte[] keySeed = new byte[16];
for (int i = 0; i < 16; i++) {
keySeed[i] = (byte) ((kIFD[i] & 0x000000FF) ^ (kICC[i] & 0x000000FF));
}
ksEnc = Util.deriveKey(keySeed, Util.ENC_MODE);
ksMac = Util.deriveKey(keySeed, Util.MAC_MODE);
ksEncTF.setValue(ksEnc.getEncoded());
ksMacTF.setValue(ksMac.getEncoded());
ssc = Util.computeSendSequenceCounter(rndICC, rndIFD);
sscTF.setValue(ssc);
SecureMessagingWrapper wrapper = new SecureMessagingWrapper(ksEnc, ksMac, ssc);
authService.setWrapper(wrapper);
} catch (Exception e) {
e.printStackTrace();
}
}
}
|
