如何RSA登录java卡? [英] How to RSA Sign in java card?
问题描述
我大概花了一周时间为我的 java 卡写了一个 2048 RSA 签名算法.
I have roughly spent about a week to write a 2048 RSA Sign algorithm for my java card.
发送和接收大量字节等问题太多了...
There are too many problems like sending and receiving large amounts of bytes and so forth...
有人可以帮忙吗:
1) 向卡发送和接收大于 256 字节的数量
1) send and receive amounts of larger than 256 bytes to card
2) 如何使用java卡正确Sign
和Verify
?
2) how to correctly Sign
and Verify
using java card?
提前致谢,
推荐答案
对于签名,您可以简单地使用 Signature
类 的update
方法.只要您使用包含散列算法的签名算法,例如 ALG_RSA_SHA_256_PKCS1_PSS
.对于较旧的卡实现,请使用 ALG_RSA_SHA_256_PKCS1代码>
.要发送数据,您可以只使用多个命令而不是一个命令,或者您可以使用 IS 7816-4 中指定的命令链.
For signatures you can simply use the update
method of the Signature
class. You should be able to send as much data as you want as long as you use a signature algorithm that contains a hash algorithm, such as ALG_RSA_SHA_256_PKCS1_PSS
. For older card implementations use ALG_RSA_SHA_256_PKCS1
. To send the data you can just use multiple commands instead of one or you could use command chaining as specified in IS 7816-4.
或者,您应该能够离线计算(部分)哈希值并使用 这个方法,如果它存在并实现了(它相对较新,从 3.0.4 开始).
Alternatively you should be able to calculate (part of) a hash value offline and use this method, if it is present and implemented (it's relatively new, from 3.0.4 onwards).
对于 99% 的实现,256 字节的输出大小应该正好适合一个响应 APDU,因此发送响应应该没有任何问题.
The output size of 256 bytes should fit precisely in one response APDU for 99% of the implementations, so you should not have any issue with sending the response.
这篇关于如何RSA登录java卡?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!