From 1c8a606376a1b3c80f1be9ab36a10b1237de49fc Mon Sep 17 00:00:00 2001
From: Lemmo Lavonen <lemmo.lavonen@gmail.com>
Date: Tue, 12 Oct 2021 00:36:08 +0300
Subject: [PATCH] Add a method for getting the authentication certificate
 (WIP).

---
 .../mobileauthapp/NFC/Comms.java              | 41 +++++++++++++++++--
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
index a6782d4..da09127 100644
--- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
+++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
@@ -373,10 +373,45 @@ public class Comms {
         }
     }
 
-    public byte[] getAuthenticationCertificate(String PIN1) throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, IOException {
+    /**
+     * Retrieves the authentication certificate from the chip
+     *
+     * @return authentication certificate
+     */
+    public byte[] getAuthenticationCertificate() throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, IOException {
 
-        return new byte[0];
+        selectIASECCApplication();
+
+        byte[] APDU = createSecureAPDU(new byte[]{-83, -15}, selectFile);
+        byte[] response = idCard.transceive(APDU);
+        Log.i("Select AWP Application", Hex.toHexString(response));
+
+        APDU = createSecureAPDU(new byte[]{52, 1}, selectFile);
+        response = idCard.transceive(APDU);
+        Log.i("Select certificate", Hex.toHexString(response));
+
+        byte[] responses = new byte[0];
+        byte[] readCert = Arrays.copyOf(read, read.length);
+        for (int i = 0; i < 5; i++) {
+
+            readCert[2] = (byte) i;
+            APDU = createSecureAPDU(new byte[0], readCert);
+            response = idCard.transceive(APDU);
+            Log.i("Read certificate", Hex.toHexString(response));
+
+            if (!Hex.toHexString(response).substring(response.length * 2 - 4).equals("6b00")) {
+                byte[] decrypted = encryptDecryptData(Arrays.copyOfRange(response, 4, 244), Cipher.DECRYPT_MODE);
+                responses = Arrays.copyOf(responses, responses.length + decrypted.length);
+                System.arraycopy(decrypted, 0, responses, responses.length - decrypted.length, decrypted.length);
+            } else {
+                break;
+            }
+
+        }
+
+        Log.i("Certificate", new String(responses, StandardCharsets.UTF_8));
+
+        return responses;
 
     }
-
 }