modify init command

build.gradle

@@ -9,7 +9,7 @@ buildscript {
 
   dependencies {
     classpath 'com.fidesmo:gradle-javacard:0.2.7'
-    classpath 'com.github.status-im.status-keycard-java:desktop:7d968cf'
+    classpath 'com.github.status-im.status-keycard-java:desktop:64aece4'
   }
 }
 
@@ -59,7 +59,7 @@ dependencies {
   testCompile(files("../jcardsim/jcardsim-3.0.5-SNAPSHOT.jar"))
   testCompile('org.web3j:core:2.3.1')
   testCompile('org.bitcoinj:bitcoinj-core:0.14.5')
-  testCompile('com.github.status-im.status-keycard-java:desktop:7d968cf')
+  testCompile('com.github.status-im.status-keycard-java:desktop:64aece4')
   testCompile('org.bouncycastle:bcprov-jdk15on:1.65')
   testCompile("org.junit.jupiter:junit-jupiter-api:5.1.1")
   testRuntime("org.junit.jupiter:junit-jupiter-engine:5.1.1")

buildSrc/build.gradle

@@ -4,5 +4,5 @@ repositories {
 }
 
 dependencies {
-  compile 'com.github.status-im.status-keycard-java:desktop:7d968cf'
+  compile 'com.github.status-im.status-keycard-java:desktop:64aece4'
 }

src/main/java/im/status/keycard/KeycardApplet.java

@@ -325,21 +325,27 @@ private void processInit(APDU apdu) {
 
       byte defaultLimitsLen = (byte)(PIN_LENGTH + PUK_LENGTH + SecureChannel.SC_SECRET_LENGTH);
       byte withLimitsLen = (byte) (defaultLimitsLen + 2);
+      byte withAltPIN = (byte) (withLimitsLen + 6);
 
-      if (((apduBuffer[ISO7816.OFFSET_LC] != defaultLimitsLen) && (apduBuffer[ISO7816.OFFSET_LC] != withLimitsLen)) || !allDigits(apduBuffer, ISO7816.OFFSET_CDATA, (short)(PIN_LENGTH + PUK_LENGTH))) {
+      if (((apduBuffer[ISO7816.OFFSET_LC] != defaultLimitsLen) && (apduBuffer[ISO7816.OFFSET_LC] != withLimitsLen) && (apduBuffer[ISO7816.OFFSET_LC] != withAltPIN)) || !allDigits(apduBuffer, ISO7816.OFFSET_CDATA, (short)(PIN_LENGTH + PUK_LENGTH))) {
         ISOException.throwIt(ISO7816.SW_WRONG_DATA);
       }
 
       byte pinLimit;
       byte pukLimit;
+      short altPinOff = (short)(ISO7816.OFFSET_CDATA + PIN_LENGTH);
 
-      if (apduBuffer[ISO7816.OFFSET_LC] == withLimitsLen) {
+      if (apduBuffer[ISO7816.OFFSET_LC] >= withLimitsLen) {
         pinLimit = apduBuffer[(short) (ISO7816.OFFSET_CDATA + defaultLimitsLen)];
         pukLimit = apduBuffer[(short) (ISO7816.OFFSET_CDATA + defaultLimitsLen + 1)];
 
         if (pinLimit < PIN_MIN_RETRIES || pinLimit > PIN_MAX_RETRIES || pukLimit < PUK_MIN_RETRIES || pukLimit > PUK_MAX_RETRIES) {
           ISOException.throwIt(ISO7816.SW_WRONG_DATA);
         }
+
+        if (apduBuffer[ISO7816.OFFSET_LC] == withAltPIN) {
+          altPinOff = (short)(ISO7816.OFFSET_CDATA + withLimitsLen);
+        }
       } else {
         pinLimit = DEFAULT_PIN_MAX_RETRIES;
         pukLimit = DEFAULT_PUK_MAX_RETRIES;
@@ -351,7 +357,7 @@ private void processInit(APDU apdu) {
       mainPIN.update(apduBuffer, ISO7816.OFFSET_CDATA, PIN_LENGTH);
 
       altPIN = new OwnerPIN(pinLimit, PIN_LENGTH);
-      altPIN.update(apduBuffer, (short)(ISO7816.OFFSET_CDATA + PIN_LENGTH), PIN_LENGTH);
+      altPIN.update(apduBuffer, altPinOff, PIN_LENGTH);
 
       puk = new OwnerPIN(pukLimit, PUK_LENGTH);
       puk.update(apduBuffer, (short)(ISO7816.OFFSET_CDATA + PIN_LENGTH), PUK_LENGTH);

src/test/java/im/status/keycard/KeycardTest.java

@@ -225,7 +225,7 @@ private static void initIfNeeded() throws Exception {
     sharedSecret = cmdSet.pairingPasswordToSecret(System.getProperty("im.status.keycard.test.pairing", "KeycardDefaultPairing"));
 
     if (!cmdSet.getApplicationInfo().isInitializedCard()) {
-      assertEquals(0x9000, cmdSet.init("000000", "012345678901", sharedSecret).getSw());
+      assertEquals(0x9000, cmdSet.init("000000", "024680", "012345678901", sharedSecret, (byte) 3, (byte) 5).getSw());
       cmdSet.select().checkOK();
       initCapabilities(cmdSet.getApplicationInfo());
     }
@@ -568,7 +568,7 @@ void verifyPinTest() throws Exception {
     assertEquals(0x9000, response.getSw());
 
     // Alt PIN
-    response = cmdSet.verifyPIN("012345");
+    response = cmdSet.verifyPIN("024680");
     assertEquals(0x9000, response.getSw());    
 
     // Check max retry counter
@@ -584,11 +584,11 @@ void verifyPinTest() throws Exception {
     response = cmdSet.verifyPIN("000000");
     assertEquals(0x63C0, response.getSw());
 
-    response = cmdSet.verifyPIN("012345");
+    response = cmdSet.verifyPIN("024680");
     assertEquals(0x63C0, response.getSw());    
 
     // Unblock PIN to make further tests possible
-    response = cmdSet.unblockPIN("012345678901", "012345");
+    response = cmdSet.unblockPIN("012345678901", "024680");
     assertEquals(0x9000, response.getSw());
   }
 
@@ -696,7 +696,7 @@ void changePinTest() throws Exception {
     assertEquals(0x9000, response.getSw());
 
     // Alt PIN
-    response = cmdSet.verifyPIN("012345");
+    response = cmdSet.verifyPIN("024680");
     assertEquals(0x9000, response.getSw());
 
     response = cmdSet.changePIN(KeycardApplet.CHANGE_PIN_P1_USER_PIN, "123456");
@@ -707,7 +707,7 @@ void changePinTest() throws Exception {
     response = cmdSet.verifyPIN("123456");
     assertEquals(0x9000, response.getSw());
 
-    response = cmdSet.changePIN(KeycardApplet.CHANGE_PIN_P1_USER_PIN, "012345");
+    response = cmdSet.changePIN(KeycardApplet.CHANGE_PIN_P1_USER_PIN, "024680");
     assertEquals(0x9000, response.getSw());
 
     resetAndSelectAndOpenSC();
@@ -1129,7 +1129,7 @@ void signTest() throws Exception {
     assertEquals(0x6A88, response.getSw());
 
     // Alt PIN
-    response = cmdSet.verifyPIN("012345");
+    response = cmdSet.verifyPIN("024680");
     assertEquals(0x9000, response.getSw());
 
     response = cmdSet.signWithPath(hash, updatedPath, false);
@@ -1352,7 +1352,7 @@ void exportKey() throws Exception {
     assertEquals(0x9000, response.getSw());
 
     // Alt PIN
-    response = cmdSet.verifyPIN("012345");
+    response = cmdSet.verifyPIN("024680");
     assertEquals(0x9000, response.getSw());
 
     response = cmdSet.exportKey(new byte[] {(byte) 0x80, 0x00, 0x00, 0x2B, (byte) 0x80, 0x00, 0x00, 0x3C, (byte) 0x80, 0x00, 0x06, 0x2c, (byte) 0x00, 0x00, 0x00, 0x00}, KeycardApplet.DERIVE_P1_SOURCE_MASTER, false, KeycardCommandSet.EXPORT_KEY_P2_EXTENDED_PUBLIC);