change variable name, fix init problem

b33d9ae7 · Josh Ji · 3a6bee2d · b33d9ae7 · b33d9ae7 · b33d9ae7
Commit b33d9ae7 authored Dec 22, 2023 by Josh Ji
4 changed files
--- a/src/main/java/com/josh/vku2f/AuthenticatorMakeCredential.java
+++ b/src/main/java/com/josh/vku2f/AuthenticatorMakeCredential.java
@@ -19,7 +19,6 @@ package com.josh.vku2f;
 import javacard.framework.JCSystem;
 import javacard.framework.UserException;
 import javacard.framework.Util;
-import static com.josh.vku2f.CTAP2ErrorCode.*;
 public class AuthenticatorMakeCredential {
    public byte[] dataHash;
@@ -144,8 +143,11 @@ public class AuthenticatorMakeCredential {
                            // Read the string into scratch
                            short len3 = decoder.readTextString(scratch1, (short) 0);
                            // length of bytes of opcode is 8
-                            if(len3 >= 8 && (byte)0 == Util.arrayCompare(scratch1,(short)(len3-8),OpCode.Bytes_GET_IDENTITY_CREDENTIAL,(short)0,(short)8 )){
+                            if(len3 >= 8 && (byte)0 ==
-                                opCode=OpCode.GET_IDENTITY_CREDENTIAL;
+                                    Util.arrayCompare(scratch1,(short)(len3-8),
+                                            OpCode.BYTES_GET_ANONYMOUS_CREDENTIAL,(short)0,(short)8 )){
+                                opCode=OpCode.GET_ANONYMOUS_CREDENTIAL;
                                user.setDisplayName(scratch1, (short)(len3-8) );
                            }else{
                                // Set it

--- a/src/main/java/com/josh/vku2f/CTAP2.java
+++ b/src/main/java/com/josh/vku2f/CTAP2.java
@@ -643,7 +643,7 @@ public class CTAP2 extends Applet implements ExtendedLength {
 			cborEncoder.writeRawByte((byte) 0x03);
 				// Start to build into the cbor array manually, to avoid arrayCopy
 				// Create a map with 3 things
-				if(authenticatorMakeCredential.opCode==OpCode.GET_IDENTITY_CREDENTIAL)
+				if(authenticatorMakeCredential.opCode==OpCode.GET_ANONYMOUS_CREDENTIAL)
 	                cborEncoder.startMap((short) 4);
 				else
 					cborEncoder.startMap((short) 3);
@@ -668,7 +668,7 @@ public class CTAP2 extends Applet implements ExtendedLength {
 				// Supposedly we need an array here
 				cborEncoder.startArray((short) 1);
 				cborEncoder.encodeByteString(attestationKeyPair.x509cert, (short) 0, attestationKeyPair.x509len);
-				if(authenticatorMakeCredential.opCode == OpCode.GET_IDENTITY_CREDENTIAL){
+				if(authenticatorMakeCredential.opCode == OpCode.GET_ANONYMOUS_CREDENTIAL){
 					idSecret.PIVInfoNext();
 					// add extension label 這邊是暫時找個地方放
 					cborEncoder.encodeTextString(Utf8Strings.UTF8_EXTENSIONS, (short) 0, (short) Utf8Strings.UTF8_EXTENSIONS.length);

--- a/src/main/java/com/josh/vku2f/IDSecret.java
+++ b/src/main/java/com/josh/vku2f/IDSecret.java
@@ -35,11 +35,13 @@ public class IDSecret {
 	public IDSecret(){
 		id = new DomString(Utf8Strings.UTF8_NULL, (short)Utf8Strings.UTF8_NULL.length);
 		puK_idp[(byte)0] = (byte)0x04;
-		Random.getInstance().nextBytes(HKDF_CHAIN_IV, (short)0, (short)HKDF_CHAIN_IV.length);
+		//Random.getInstance().nextBytes(HKDF_CHAIN_IV, (short)0, (short)HKDF_CHAIN_IV.length);
 		sha256 = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
 	}
 	public void initHKDFChain(){
+		Util.arrayFill(counter,(short)0,(short)counter.length, (byte)0);
+		Random.getInstance().nextBytes(HKDF_CHAIN_IV, (short)0, (short)HKDF_CHAIN_IV.length);
 		hkdfChain = new HKDFChain(sharedSecret, HKDF_CHAIN_IV, id.str, OKM_LENGTH);
 	}

--- a/src/main/java/com/josh/vku2f/OpCode.java
+++ b/src/main/java/com/josh/vku2f/OpCode.java
 package com.josh.vku2f;
 public class OpCode {
-	public static final byte[] Bytes_GET_IDENTITY_CREDENTIAL //CRC-32("GETIDCREDENTIAL")=ac313cf5
+	public static final byte[] BYTES_GET_ANONYMOUS_CREDENTIAL //CRC-32("GETIDCREDENTIAL")=ac313cf5
 			= new byte[]{'a', 'c', '3', '1', '3', 'c', 'f', '5'};
-	public static byte GET_IDENTITY_CREDENTIAL = (short) 1;
+	public static byte GET_ANONYMOUS_CREDENTIAL = (short) 1;
 	public static byte NONE = (short) 0;
 }