At 08:02 AM 4/30/2012, =?iso-8859-2?B?TW9sbuFyIFZpbmNl?= wrote: >Dear all, > >I am trying to use the muscle applet to encrypt a piece of data using a RSA >key pair. >So far I have no luck, almost every version of the applet that I tried fails >at the cipher final step, sometimes with SW_INVALID_PARAMETER when checking >data size (though I think I figured that one out, it expects a data chunk in >the input object as well, it is now working if the data is in the apdu). >If I pass that point, it gives me 6F00, meaning no precise diagnosis. I >tweaked with the code and figured this means an uncaught exception, >specifically around the encryption function. I'm not sure if it is connected >to padding, I know it can generate an exception when the data is not aligned. >I am a little bit confused by now, but it may be a nullpointerexception as >well, since if I remember correctly, the was a case when I could only catch a >Throwable object. >If I try to use the padding option with cipher init, it gives me >SW_OPERATION_NOT_ALLOWED. >All of this led me to the conclusion that either the documentation is faulty, >the applet has some bugs, they simply not pass together, or (and mainly) I am >incompetent.
>My main task is to provide some way to authenticate az Android phone to a >server, and I have to use a G&D card. Since the service I can use on Android >to communicate with the card does not allow CLA bytes other than 90, I needed >to modify the source of every applet I could find and have tested. It is sort >of a pain, but I am really devastated that it still does not work. I think you want to use Signature rather than Cipher. It sounds like you're getting a challenge from the server and using your private key to sign the challenge to prove knowledge of that key. The server can validate you know the private key by verifying the signature using the associated public key. In general, you only want to use RSA encryption if and only if you're wrapping key material generated by you for the other side to use. You encrypt using their public key. That doesn't provide any "authentication" though. >I am using the source code, the Smart Card Shell script collection and the >1.2.1 documentation as references. Would you please give me a hint on how to >accomplish my task? A fresh applet with the definition of its corresponding >apdus (maybe a sequence to encrypt with RSA) would come handy, I really only >need to encrypt 16 bytes of data and that's all (I store and read objects as >well, but that works). > >Thank you advance, > >Vincent >_______________________________________________ >Muscle mailing list >[email protected] >http://lists.drizzle.com/mailman/listinfo/muscle _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
