Reputation: 620
encryptData GlobalPlatform
I'm sending an APDU without CMAC (CLA byte = 0x80) to an applet. I'm using SCP02 i55. I need encrypt data with the SecureChannel.encryptData() function. I don't want to encrypt it manually, I need that Global Platform encrypts data and after I will decrypt it with the correct session key (I'm sure that they are well calculated).
I'm using the following code to encrypt the APDU buffer.
byte buffer = apdu.getBuffer();
buffer[0] = 20;
short lc = chan.encryptData(buffer, (short) 0, (short) 1);
apdu.setOutgoingAndSend((short) 0, lc);
This throws a security status not satisfied exception (0x6982) where I expected a response APDU with encrypted 20.
What do I do wrong?
Upvotes: 2
Views: 1383
Answers (1)
Reputation: 94038
You forgot to wrap the status bytes. From the standard:
The applet is responsible for appending the expected status bytes at the end of the response data in order for them to be protected by secure messaging;
Upvotes: 0
Related Questions
- Manual Encryption
- Encrypt and Decrypt in Java
- Integrate custom block cipher in Java Card framework
- Storing sensitive infomation
- How to use Java Card crypto sample?
- java card ECC encryption cipher support
- Java File Encryption
- Encryption code in Java
- Encryption in Dropbox-like Java application
- java encryption API + GUI