Symbian Online Banking Process memo

I haven't written anything for a long time. The widget has been put for a while. Recently, I transplanted the PKCS #11 library to Symbian and made a CS-mode online banking demo in Symbian. Make notes.

Basic Design Concept and processing process color: windowtext "> overall design

Symbian "Times New Roman" '> the offline online banking client uses pkcs11 "Times New Roman"'> library and TF; MSO-ascii-font-family: "Times New Roman "; MSO-Hansi-font-family: "Times New Roman" '> the card interface library communicates with the tfmso-Hansi-font-family: "Times New Roman"'> card in the terminal, obtain the in-Card certificate and private key object, and then use the certificate and private key to shake hands with the server for security link. If the verification process is completed, A symmetric key is generated to serve as a session key for secure communication with the server. Each transaction made by the client must be signed with its own private key.

Color: windowtext "> Security Process of Logon

 

MSO-bidi-font-size: 10.0pt; line-Height: 150% "lang =" En-us ">

MSO-Hansi-font-family: "Times New Roman" '> due to the limited computing capability of the terminal, we do not perform two-way authentication. Assume that the terminal has a certificate issued by the server and trusts it. In addition, the above is not the standard SSL "Times New Roman" '> process. It is only the process of negotiating the session key value. It does not negotiate the symmetric and asymmetric cryptographic algorithms. Therefore, we agree in advance:

MSO-Hansi-font-family: "Times New Roman" '> symmetric encryption algorithms, such as 3DES "Times New Roman"'>;

MSO-Hansi-font-family: "Times New Roman" '> asymmetric algorithm, using 1024 "Times New Roman"'> bit RSA; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '>.

MSO-Hansi-font-family: "Times New Roman" '> negotiation process:

MSO-Hansi-font-family: "Times New Roman" '> assume that the terminal a "Times New Roman"'> is connected to server B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '>.

1)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> send camso-Hansi-font-family: "Times New Roman"'> to B "Times New Roman" '>, CA; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> Yes amso-Hansi-font-family: "Times New Roman" '> Certificate

2)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> use the root certificate of camso-Hansi-font-family: "Times New Roman"'> to verify the validity of the certificate ca "Times New Roman" '>.

3)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> verify the information of the certificate subject (MSO-Hansi-font-family: "Times New Roman"'> whether the information is required by the application, for example, if the application definition terminal cnmso-Hansi-font-family: "Times New Roman" '> meets the requirements, ou "Times New Roman"'> meets the requirements) "Times New Roman" '>.

4)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> generates a random number R (MSO-Hansi-font-family: "Times New Roman" '> the number of bytes of the random number generated is the number of bytes corresponding to the symmetric encryption algorithm key)

5)
B "Times New Roman" '> construct a message, M = "Times New Roman"'> (TB, R, IA "Times New Roman" '>), where TB; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> Yes bmso-Hansi-font-family: "Times New Roman" '> time mark, IA "Times New Roman"'> is a; MSO-ascii-font-family: "Times New Roman "; MSO-Hansi-font-family: "Times New Roman" '>.

6)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> convert EA (m) MSO-Hansi-font-family: "Times New Roman" '> send a "Times New Roman"'>, EA; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> is the public key of amso-Hansi-font-family: "Times New Roman"'>.

7)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> Use damso-Hansi-font-family: "Times New Roman"'> to decrypt EA (m)

8)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check IA in mmmso-Hansi-font-family: "Times New Roman"'>

9)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check mmmso-Hansi-font-family: "Times New Roman"'> TB "Times New Roman" '> to confirm that the message was just sent

10)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check the random number to ensure that the message is not resending

11)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> constructs a message, mm = (TA, R, IB) "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '>, where tamso-Hansi-font-family: "Times New Roman" '> is the time mark of a "Times New Roman"'>. IB "Times New Roman" '> is B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> identity information.

12)
A; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> convert EB (mm) MSO-Hansi-font-family: "Times New Roman" '> sent to B "Times New Roman"'>, EB; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> is the public key of bmso-Hansi-font-family: "Times New Roman"'>

13)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> Use dbmso-Hansi-font-family: "Times New Roman"'> decrypt EB (mm ), DB "Times New Roman" '> is B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> Private Key

14)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check IB in mmmso-Hansi-font-family: "Times New Roman"'>

15)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check mmmso-Hansi-font-family: "Times New Roman"'> Ta "Times New Roman" '> confirm that the message was just sent

16)
B; MSO-ascii-font-family: "Times New Roman"; MSO-Hansi-font-family: "Times New Roman" '> check whether the R "Times New Roman"'> In mmmso-Hansi-font-family: "Times New Roman" '> is consistent; use this R "Times New Roman" '> as the session key later.