Skip to content

F
Fido2Applet
Commit 1612c7e3 authored by Josh Ji's avatar Josh Ji
Browse files
Options

code review 

rename variables
parent f2fb5073
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 1707 additions and 1486 deletions
.idea/inspectionProfiles/Project_Default.xml 0 → 100644
View file @ 1612c7e3
<component name="InspectionProjectProfileManager">
<profile version="1.0">
<option name="myName" value="Project Default" />
<inspection_tool class="DuplicatedCode" enabled="true" level="WEAK WARNING" enabled_by_default="true">
<Languages>
<language minSize="56" name="Java" />
</Languages>
</inspection_tool>
<inspection_tool class="GroovyAssignabilityCheck" enabled="false" level="WARNING" enabled_by_default="false" />
</profile>
</component>
\ No newline at end of file
.idea/uiDesigner.xml 0 → 100644
View file @ 1612c7e3
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="Palette2">
<group name="Swing">
<item class="com.intellij.uiDesigner.HSpacer" tooltip-text="Horizontal Spacer" icon="/com/intellij/uiDesigner/icons/hspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="1" hsize-policy="6" anchor="0" fill="1" />
</item>
<item class="com.intellij.uiDesigner.VSpacer" tooltip-text="Vertical Spacer" icon="/com/intellij/uiDesigner/icons/vspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="1" anchor="0" fill="2" />
</item>
<item class="javax.swing.JPanel" icon="/com/intellij/uiDesigner/icons/panel.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3" />
</item>
<item class="javax.swing.JScrollPane" icon="/com/intellij/uiDesigner/icons/scrollPane.png" removable="false" auto-create-binding="false" can-attach-label="true">
<default-constraints vsize-policy="7" hsize-policy="7" anchor="0" fill="3" />
</item>
<item class="javax.swing.JButton" icon="/com/intellij/uiDesigner/icons/button.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="3" anchor="0" fill="1" />
<initial-values>
<property name="text" value="Button" />
</initial-values>
</item>
<item class="javax.swing.JRadioButton" icon="/com/intellij/uiDesigner/icons/radioButton.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
<initial-values>
<property name="text" value="RadioButton" />
</initial-values>
</item>
<item class="javax.swing.JCheckBox" icon="/com/intellij/uiDesigner/icons/checkBox.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
<initial-values>
<property name="text" value="CheckBox" />
</initial-values>
</item>
<item class="javax.swing.JLabel" icon="/com/intellij/uiDesigner/icons/label.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="0" anchor="8" fill="0" />
<initial-values>
<property name="text" value="Label" />
</initial-values>
</item>
<item class="javax.swing.JTextField" icon="/com/intellij/uiDesigner/icons/textField.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
<preferred-size width="150" height="-1" />
</default-constraints>
</item>
<item class="javax.swing.JPasswordField" icon="/com/intellij/uiDesigner/icons/passwordField.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
<preferred-size width="150" height="-1" />
</default-constraints>
</item>
<item class="javax.swing.JFormattedTextField" icon="/com/intellij/uiDesigner/icons/formattedTextField.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
<preferred-size width="150" height="-1" />
</default-constraints>
</item>
<item class="javax.swing.JTextArea" icon="/com/intellij/uiDesigner/icons/textArea.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JTextPane" icon="/com/intellij/uiDesigner/icons/textPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JEditorPane" icon="/com/intellij/uiDesigner/icons/editorPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JComboBox" icon="/com/intellij/uiDesigner/icons/comboBox.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="0" hsize-policy="2" anchor="8" fill="1" />
</item>
<item class="javax.swing.JTable" icon="/com/intellij/uiDesigner/icons/table.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JList" icon="/com/intellij/uiDesigner/icons/list.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="2" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JTree" icon="/com/intellij/uiDesigner/icons/tree.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
<preferred-size width="150" height="50" />
</default-constraints>
</item>
<item class="javax.swing.JTabbedPane" icon="/com/intellij/uiDesigner/icons/tabbedPane.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
<preferred-size width="200" height="200" />
</default-constraints>
</item>
<item class="javax.swing.JSplitPane" icon="/com/intellij/uiDesigner/icons/splitPane.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
<preferred-size width="200" height="200" />
</default-constraints>
</item>
<item class="javax.swing.JSpinner" icon="/com/intellij/uiDesigner/icons/spinner.png" removable="false" auto-create-binding="true" can-attach-label="true">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
</item>
<item class="javax.swing.JSlider" icon="/com/intellij/uiDesigner/icons/slider.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
</item>
<item class="javax.swing.JSeparator" icon="/com/intellij/uiDesigner/icons/separator.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3" />
</item>
<item class="javax.swing.JProgressBar" icon="/com/intellij/uiDesigner/icons/progressbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1" />
</item>
<item class="javax.swing.JToolBar" icon="/com/intellij/uiDesigner/icons/toolbar.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1">
<preferred-size width="-1" height="20" />
</default-constraints>
</item>
<item class="javax.swing.JToolBar$Separator" icon="/com/intellij/uiDesigner/icons/toolbarSeparator.png" removable="false" auto-create-binding="false" can-attach-label="false">
<default-constraints vsize-policy="0" hsize-policy="0" anchor="0" fill="1" />
</item>
<item class="javax.swing.JScrollBar" icon="/com/intellij/uiDesigner/icons/scrollbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
<default-constraints vsize-policy="6" hsize-policy="0" anchor="0" fill="2" />
</item>
</group>
</component>
</project>
\ No newline at end of file
build.gradle
View file @ 1612c7e3
......@@ -69,6 +69,5 @@ javacard{
name "getCertificate"
scripts "select applet", "getCertificate"
}
}
}
build/javacard/applet.jca
View file @ 1612c7e3
This diff is collapsed.
src/main/java/com/josh/vku2f/AuthenticatorGetAssertion.java
View file @ 1612c7e3
......@@ -19,6 +19,7 @@ package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import javacard.framework.Util;
import static com.josh.vku2f.CTAP2ErrorCode.*;
public class AuthenticatorGetAssertion {
public byte[] rpId;
......@@ -73,7 +74,7 @@ public class AuthenticatorGetAssertion {
// Read the map. It has 2 things in it.
vars[3] = decoder.readMajorType(CBORBase.TYPE_MAP);
if(vars[3] != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
break;
}
for(vars[5] = 0; vars[5] < (short) 2; vars[5]++) {
......@@ -88,7 +89,7 @@ public class AuthenticatorGetAssertion {
// It doesn't matter what it is, just check it's string and exists.
} else {
// If it's not these two, throw an error
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
break;
}
}
......@@ -131,7 +132,7 @@ public class AuthenticatorGetAssertion {
}
// We should check we have our "mandatory" options
if(rpId == null || clientDataHash == null) {
UserException.throwIt(CTAP2.CTAP2_ERR_MISSING_PARAMETER);
UserException.throwIt(CTAP2_ERR_MISSING_PARAMETER);
}
// Good to go I guess
......
src/main/java/com/josh/vku2f/AuthenticatorMakeCredential.java
View file @ 1612c7e3
......@@ -19,6 +19,7 @@ package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import javacard.framework.Util;
import static com.josh.vku2f.CTAP2ErrorCode.*;
public class AuthenticatorMakeCredential {
public byte[] dataHash;
......@@ -33,7 +34,7 @@ public class AuthenticatorMakeCredential {
* Parses a CBOR structure to create an AuthenticatorMakeCredential object
*
* @param decoder the initialised decoder on the CBOR structure
* @param vars a short array to store variables in
* @ param vars a short array to store variables in
*/
public AuthenticatorMakeCredential(CBORDecoder decoder) throws UserException {
short[] vars;
......@@ -81,7 +82,7 @@ public class AuthenticatorMakeCredential {
len2 = decoder.readMajorType(CBORBase.TYPE_MAP);
// If less than 2, error
if (len2 < (short) 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
}
// Read the map iteratively
for (short j = 0; j < len2; j++) {
......@@ -163,7 +164,7 @@ public class AuthenticatorMakeCredential {
// Read the map length - should be 2
short len3 = decoder.readMajorType(CBORBase.TYPE_MAP);
if(len3 != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
}
// Iterate over the map
for (short k = 0; k < (short) 2; k++) {
......@@ -197,10 +198,10 @@ public class AuthenticatorMakeCredential {
// Check it
decoder.readTextString(scratch1, (short) 0);
if(Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_PUBLIC_KEY, (short) 0, (short) 10) != (byte) 0) {
UserException.throwIt(CTAP2.CTAP2_ERR_UNSUPPORTED_ALGORITHM);
UserException.throwIt(CTAP2_ERR_UNSUPPORTED_ALGORITHM);
}
} else {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
}
}
// Done
......@@ -216,7 +217,7 @@ public class AuthenticatorMakeCredential {
// Read the map. It has 2 things in it.
short len3 = decoder.readMajorType(CBORBase.TYPE_MAP);
if (len3 != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
}
// Parse it, properly
for(short k = 0; k < (short) 2; k++) {
......@@ -231,7 +232,7 @@ public class AuthenticatorMakeCredential {
// It doesn't matter what it is, just check it's string and exists.
} else {
// If it's not these two, throw an error
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
}
......@@ -243,7 +244,7 @@ public class AuthenticatorMakeCredential {
// Parse the two rk and uv objects
// Read the map
if(decoder.getMajorType() != CBORBase.TYPE_MAP) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
len2 = decoder.readMajorType(CBORBase.TYPE_MAP);
......@@ -261,7 +262,7 @@ public class AuthenticatorMakeCredential {
decoder.readBoolean();
} else if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_UP, (short) 0, (short) 2) == (short) 0) {
// Error out
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_OPTION);
UserException.throwIt(CTAP2_ERR_INVALID_OPTION);
break;
} else {
// Skip it
......@@ -275,7 +276,7 @@ public class AuthenticatorMakeCredential {
// We don't support any yet
// So check it's a map and skip
if(decoder.getMajorType() != CBORBase.TYPE_MAP) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
decoder.skipEntry();
......@@ -291,7 +292,7 @@ public class AuthenticatorMakeCredential {
}
// Check we've got stuff like the clientDataHash
if(dataHash == null || rp == null || user == null || params == null) {
UserException.throwIt(CTAP2.CTAP2_ERR_MISSING_PARAMETER);
UserException.throwIt(CTAP2_ERR_MISSING_PARAMETER);
}
// We're done, I guess
......
src/main/java/com/josh/vku2f/CBORDecoder.java
View file @ 1612c7e3
......@@ -22,7 +22,7 @@ import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.UserException;
import javacard.framework.Util;
import static com.josh.vku2f.CTAP2ErrorCode.*;
public class CBORDecoder extends CBORBase {
/**
......@@ -101,7 +101,7 @@ public class CBORDecoder extends CBORBase {
*/
public short readMajorType(byte majorType) throws UserException {
if (majorType != getMajorType()) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
return readLength();
......@@ -210,7 +210,7 @@ public class CBORDecoder extends CBORBase {
*/
public short readByteString(byte[] outBuffer, short outOffset) throws UserException {
if(getMajorType() != TYPE_BYTE_STRING) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
short length = readLength();
......@@ -228,7 +228,7 @@ public class CBORDecoder extends CBORBase {
*/
public short readTextString(byte[] outBuffer, short outOffset) throws UserException {
if(getMajorType() != TYPE_TEXT_STRING) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
UserException.throwIt(CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
short length = readLength();
......
src/main/java/com/josh/vku2f/CTAP2.java
View file @ 1612c7e3
This diff is collapsed.
src/main/java/com/josh/vku2f/CTAP2ErrorCode.java 0 → 100644
View file @ 1612c7e3
package com.josh.vku2f;
public class CTAP2ErrorCode {
public static final byte CTAP1_ERR_SUCCESS = (byte) 0x00;
public static final byte CTAP1_ERR_INVALID_COMMAND = (byte) 0x01;
public static final byte CTAP1_ERR_INVALID_PARAMETER = (byte) 0x02;
public static final byte CTAP1_ERR_INVALID_LENGTH = (byte) 0x03;
public static final byte CTAP1_ERR_INVALID_SEQ = (byte) 0x04;
public static final byte CTAP1_ERR_TIMEOUT = (byte) 0x05;
public static final byte CTAP1_ERR_CHANNEL_BUSY = (byte) 0x06;
public static final byte CTAP1_ERR_LOCK_REQUIRED = (byte) 0x0A;
public static final byte CTAP1_ERR_INVALID_CHANNEL = (byte) 0x0B;
public static final byte CTAP1_ERR_OTHER = (byte) 0x7F;
public static final byte CTAP2_ERR_CBOR_UNEXPECTED_TYPE = (byte) 0x11;
public static final byte CTAP2_ERR_INVALID_CBOR = (byte) 0x12;
public static final byte CTAP2_ERR_MISSING_PARAMETER = (byte) 0x14;
public static final byte CTAP2_ERR_LIMIT_EXCEEDED = (byte) 0x15;
public static final byte CTAP2_ERR_UNSUPPORTED_EXTENSION = (byte) 0x16;
public static final byte CTAP2_ERR_CREDENTIAL_EXCLUDED = (byte) 0x19;
public static final byte CTAP2_ERR_PROCESSING = (byte) 0x21;
public static final byte CTAP2_ERR_INVALID_CREDENTIAL = (byte) 0x22;
public static final byte CTAP2_ERR_USER_ACTION_PENDING = (byte) 0x23;
public static final byte CTAP2_ERR_OPERATION_PENDING = (byte) 0x24;
public static final byte CTAP2_ERR_NO_OPERATIONS = (byte) 0x25;
public static final byte CTAP2_ERR_UNSUPPORTED_ALGORITHM = (byte) 0x26;
public static final byte CTAP2_ERR_OPERATION_DENIED = (byte) 0x27;
public static final byte CTAP2_ERR_KEY_STORE_FULL = (byte) 0x28;
public static final byte CTAP2_ERR_NO_OPERATION_PENDING = (byte) 0x2A;
public static final byte CTAP2_ERR_UNSUPPORTED_OPTION = (byte) 0x2B;
public static final byte CTAP2_ERR_INVALID_OPTION = (byte) 0x2C;
public static final byte CTAP2_ERR_KEEPALIVE_CANCEL = (byte) 0x2D;
public static final byte CTAP2_ERR_NO_CREDENTIALS = (byte) 0x2E;
public static final byte CTAP2_ERR_USER_ACTION_TIMEOUT = (byte) 0x2F;
public static final byte CTAP2_ERR_NOT_ALLOWED = (byte) 0x30;
public static final byte CTAP2_ERR_PIN_INVALID = (byte) 0x31;
public static final byte CTAP2_ERR_PIN_BLOCKED = (byte) 0x32;
public static final byte CTAP2_ERR_PIN_AUTH_INVALID = (byte) 0x33;
public static final byte CTAP2_ERR_PIN_AUTH_BLOCKED = (byte) 0x34;
public static final byte CTAP2_ERR_PIN_NOT_SET = (byte) 0x35;
public static final byte CTAP2_ERR_PIN_REQUIRED = (byte) 0x36;
public static final byte CTAP2_ERR_PIN_POLICY_VIOLATION = (byte) 0x37;
public static final byte CTAP2_ERR_PIN_TOKEN_EXPIRED = (byte) 0x38;
public static final byte CTAP2_ERR_REQUEST_TOO_LARGE = (byte) 0x39;
public static final byte CTAP2_ERR_ACTION_TIMEOUT = (byte) 0x3A;
public static final byte CTAP2_ERR_UP_REQUIRED = (byte) 0x3B;
}
src/main/java/com/josh/vku2f/CredentialArray.java
View file @ 1612c7e3
......@@ -18,38 +18,40 @@ package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import static com.josh.vku2f.CTAP2ErrorCode.*;
/**
* Dynamically resizable credential storage array. Gracefully handles space errors.
*/
public class CredentialArray {
private StoredCredential[] creds;
private StoredCredential[] credentials;
private boolean[] slotStatus;
private short size;
private short counter;
private short i; // for loop counter
private short count = 0;//the number of creds in the array
/**
* Constructor for a CredentialArray.
* @param initialSize Initial sizing for the CredentialArray.
*/
public CredentialArray(short initialSize) {
creds = new StoredCredential[initialSize];
credentials = new StoredCredential[initialSize];
slotStatus = new boolean[initialSize];
size = initialSize;
}
/**
* Adds a new credential to the first free slot, or overwrites if a matching rp and user id matches.
* @param in the StoredCredential object to be stored.
* @param newCredential the StoredCredential object to be stored.
*/
public void addCredential(StoredCredential in) throws UserException{
public void addCredential(StoredCredential newCredential) throws UserException{
try {
short slot = alreadyExists(in);
creds[slot] = in;
short slot = checkExists(newCredential);
credentials[slot] = newCredential;
slotStatus[slot] = true;
count = (short)(slot + 1);
} catch (Exception e) {
UserException.throwIt(CTAP2.CTAP2_ERR_KEY_STORE_FULL);
UserException.throwIt(CTAP2_ERR_KEY_STORE_FULL);
}
}
/**
......@@ -60,10 +62,10 @@ public class CredentialArray {
* @ return
*/
public StoredCredential getCredential(byte[] rpId, short rpOff, short rpLen, byte[] userId, short userOff, short userLen) {
for(counter = 0; counter < size; counter++) {
for(i = 0; i < size; i++) {
// Check the slot status, if the RP matches, and then if the user matches. If so, return the credential.
if(slotStatus[counter] && creds[counter].rp.checkId(rpId, rpOff, rpLen) && creds[counter].user.checkId(userId, userOff, userLen)) {
return creds[counter];
if(slotStatus[i] && credentials[i].rpEntity.checkId(rpId, rpOff, rpLen) && credentials[i].userEntity.checkId(userId, userOff, userLen)) {
return credentials[i];
}
}
return null;
......@@ -75,42 +77,43 @@ public class CredentialArray {
* Confirms there is no already existing discoverable credential - if it finds one, it returns its location for overwriting.
* @return the location of a discoverable credential already matching the RP and User IDs, or the first free slot otherwise.
*/
public short alreadyExists(StoredCredential cred) {
for(counter = 0; counter < size; counter++) {
public short checkExists(StoredCredential newCredential) {
for(i = 0; i < size; i++) {
// Check the slot status, if the RP matches, and then if the user matches. If so, return the slot to use.
if(slotStatus[counter] && creds[counter].rp.checkId(cred.rp) && creds[counter].user.checkId(cred.user)) {
return counter;
if(slotStatus[i] &&
credentials[i].rpEntity.checkId(newCredential.rpEntity) &&
credentials[i].userEntity.checkId(newCredential.userEntity)) {
return i;
}
}
// Find the first free slot
for(counter = 0; counter < size; counter++) {
if(!slotStatus[counter]) {
return counter;
for(i = 0; i < size; i++) {
if(!slotStatus[i]) {
return i;
}
}
// No free slots
// Add more
StoredCredential[] tmp = new StoredCredential[size];
boolean[] tmpStatus = new boolean[size];
for(counter = 0; counter < size; counter++) {
for(i = 0; i < size; i++) {
// SonarLint throws an error here, but JavaCard can only copy byte arrays
tmp[counter] = creds[counter];
tmpStatus[counter] = slotStatus[counter];
tmp[i] = credentials[i];
tmpStatus[i] = slotStatus[i];
}
creds = new StoredCredential[(short) (size*2)];
credentials = new StoredCredential[(short) (size*2)];
slotStatus = new boolean[(short) (size*2)];
for(counter = 0; counter < size; counter++) {
creds[counter] = tmp[counter];
slotStatus[counter] = tmpStatus[counter];
for(i = 0; i < size; i++) {
credentials[i] = tmp[i];
slotStatus[i] = tmpStatus[i];
}
// Actually double the size....
size *= (short) 2;
// Delete objects we used to copy
JCSystem.requestObjectDeletion();
// Return the first free slot in the new array, which is going to be the counter plus 1
return (short) (counter + (short) 1);
return ++i;
}
/**
* Get the size of the array.
......@@ -128,8 +131,8 @@ public class CredentialArray {
* @param position the position to get.
* @return the credential, or null.
*/
public StoredCredential getCred(short position) {
return creds[position];
public StoredCredential get(short position) {
return credentials[position];
}
}
src/main/java/com/josh/vku2f/ServerKeyCrypto.java src/main/java/com/josh/vku2f/Random.java
View file @ 1612c7e3
......@@ -21,10 +21,10 @@ import javacard.security.RandomData;
/**
* Provide a way to handle static RNGs.
*/
public class ServerKeyCrypto {
public class Random {
private static RandomData rng;
public static RandomData getRng() {
public static RandomData getInstance() {
if(rng == null) {
rng = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
}
......
src/main/java/com/josh/vku2f/StoredCredential.java
View file @ 1612c7e3
......@@ -23,27 +23,26 @@ import javacard.security.RandomData;
// Abstract class to represent and perform actions with a stored credential
public abstract class StoredCredential {
private static RandomData rng;
byte[] id;
KeyPair kp;
PublicKeyCredentialUserEntity user;
PublicKeyCredentialRpEntity rp;
private byte[] sigCounter;
private static RandomData randomData;
byte[] credentialId;
KeyPair keyPair;
PublicKeyCredentialUserEntity userEntity;
PublicKeyCredentialRpEntity rpEntity;
private final byte[] signingCounter;
protected boolean initialised;
protected byte[] credRandom;
protected boolean hmacEnabled;
protected StoredCredential() {
if(rng == null) {
rng = ServerKeyCrypto.getRng();
if(randomData == null) {
randomData = Random.getInstance();
}
id = new byte[16];
rng.generateData(id, (short) 0, (short) 16);
sigCounter = new byte[4];
credentialId = new byte[16];
randomData.generateData(credentialId, (short) 0, (short) 16);
signingCounter = new byte[4];
initialised = false;
hmacEnabled = false;
}
// Does the HMAC secret stuff
public short doHmacSecret(byte[] inBuf, short inOff, short inLen) {
......@@ -55,7 +54,7 @@ public abstract class StoredCredential {
public boolean initialiseCredSecret() {
// Generate the actual credRandom - this is the same across all credentials
credRandom = new byte[32];
rng.generateData(credRandom, (short) 0, (short) 32);
randomData.generateData(credRandom, (short) 0, (short) 32);
hmacEnabled = true;
return true;
}
......@@ -66,11 +65,11 @@ public abstract class StoredCredential {
if(inLen != (short) 16) {
return false;
}
return Util.arrayCompare(id, (short) 0, inBuf, inOff, inLen) == 0;
return Util.arrayCompare(credentialId, (short) 0, inBuf, inOff, inLen) == 0;
}
public boolean[] getPresentUser() {
return user.dataPresent;
return userEntity.dataPresent;
}
/**
* Increment the counter.
......@@ -80,20 +79,20 @@ public abstract class StoredCredential {
JCSystem.beginTransaction();
for(short i = 3; i > 1; i--) {
if(sigCounter[i] == 0xFF) {
sigCounter[(short) (i-1)]++;
sigCounter[i] = 0x00;
if(signingCounter[i] == 0xFF) {
signingCounter[(short) (i-1)]++;
signingCounter[i] = 0x00;
JCSystem.commitTransaction();
return;
}
}
if(sigCounter[0] == 0xFF && sigCounter[1] == 0xFF && sigCounter[2] == 0xFF && sigCounter[3] == 0xFF) {
if(signingCounter[0] == 0xFF && signingCounter[1] == 0xFF && signingCounter[2] == 0xFF && signingCounter[3] == 0xFF) {
// Overflow, roll to 0
Util.arrayFillNonAtomic(sigCounter, (short) 0, (short) 4, (byte) 0x00);
Util.arrayFillNonAtomic(signingCounter, (short) 0, (short) 4, (byte) 0x00);
JCSystem.commitTransaction();
return;
}
sigCounter[3]++;
signingCounter[3]++;
JCSystem.commitTransaction();
}
/**
......@@ -103,7 +102,7 @@ public abstract class StoredCredential {
* @returns length
*/
public short readCounter(byte[] buf, short bufOff) {
Util.arrayCopy(sigCounter, (short) 0, buf, bufOff, (short) 4);
Util.arrayCopy(signingCounter, (short) 0, buf, bufOff, (short) 4);
return (short) 4;
}
......@@ -145,7 +144,7 @@ public abstract class StoredCredential {
buf[(short) (off+16)] = 0x00;
buf[(short) (off+17)] = 0x10;
// Copy the credential ID
Util.arrayCopy(id, (short) 0, buf, (short) (off+18), (short) 16);
Util.arrayCopy(credentialId, (short) 0, buf, (short) (off+18), (short) 16);
}
}
src/main/java/com/josh/vku2f/StoredES256Credential.java
View file @ 1612c7e3
......@@ -29,13 +29,13 @@ public class StoredES256Credential extends StoredCredential {
public StoredES256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new ES256 credential
kp = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
KeyParams.sec256r1params((ECKey) kp.getPublic());
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
keyPair = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
KeyParams.sec256r1params((ECKey) keyPair.getPublic());
keyPair.genKeyPair();
userEntity = inputData.getUser();
rpEntity = inputData.getRp();
sig = Signature.getInstance(Signature.ALG_ECDSA_SHA_256, false);
sig.init(kp.getPrivate(), Signature.MODE_SIGN);
sig.init(keyPair.getPrivate(), Signature.MODE_SIGN);
}
......@@ -65,7 +65,7 @@ public class StoredES256Credential extends StoredCredential {
w = new byte[65];
}
((ECPublicKey) kp.getPublic()).getW(w, (short) 0);
((ECPublicKey) keyPair.getPublic()).getW(w, (short) 0);
// Form the common params
doAttestationCommon(buf, off);
enc.init(buf, (short) (off + 34), (short) 1000);
......
src/main/java/com/josh/vku2f/StoredPS256Credential.java
View file @ 1612c7e3
......@@ -26,12 +26,12 @@ public class StoredPS256Credential extends StoredCredential {
public StoredPS256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new RS256 credential
kp = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
keyPair = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
keyPair.genKeyPair();
userEntity = inputData.getUser();
rpEntity = inputData.getRp();
kpSignature = Signature.getInstance(Signature.ALG_RSA_SHA_256_PKCS1_PSS, false);
kpSignature.init(kp.getPrivate(), Signature.MODE_SIGN);
kpSignature.init(keyPair.getPrivate(), Signature.MODE_SIGN);
}
......@@ -69,12 +69,12 @@ public class StoredPS256Credential extends StoredCredential {
enc.encodeNegativeUInt8((byte) 0x00);
// Write the modulus
short start = enc.startByteString((short) 256);
((RSAPublicKey) kp.getPublic()).getModulus(buf, start);
((RSAPublicKey) keyPair.getPublic()).getModulus(buf, start);
// Exponent tag
enc.encodeNegativeUInt8((byte) 0x01);
// Write the exponent
start = enc.startByteString((short) 3);
((RSAPublicKey) kp.getPublic()).getExponent(buf, start);
((RSAPublicKey) keyPair.getPublic()).getExponent(buf, start);
return 305;
}
......
src/main/java/com/josh/vku2f/StoredRS256Credential.java
View file @ 1612c7e3
......@@ -26,12 +26,12 @@ public class StoredRS256Credential extends StoredCredential {
public StoredRS256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new RS256 credential
kp = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
keyPair = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
keyPair.genKeyPair();
userEntity = inputData.getUser();
rpEntity = inputData.getRp();
kpSignature = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
kpSignature.init(kp.getPrivate(), Cipher.MODE_ENCRYPT);
kpSignature.init(keyPair.getPrivate(), Cipher.MODE_ENCRYPT);
}
......@@ -66,12 +66,12 @@ public class StoredRS256Credential extends StoredCredential {
enc.encodeNegativeUInt8((byte) 0x00);
// Write the modulus
short start = enc.startByteString((short) 256);
((RSAPublicKey) kp.getPublic()).getModulus(buf, start);
((RSAPublicKey) keyPair.getPublic()).getModulus(buf, start);
// Exponent tag
enc.encodeNegativeUInt8((byte) 0x01);
// Write the exponent
start = enc.startByteString((short) 3);
((RSAPublicKey) kp.getPublic()).getExponent(buf, start);
((RSAPublicKey) keyPair.getPublic()).getExponent(buf, start);
return 306;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment