c0de/SmartPGP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix transaction during installation

Browse Source
This commit is contained in:
Arnaud Fontaine 2017-08-18 16:33:56 +02:00
parent 309dbbad8a
commit 04a66b376d
5 changed files with 54 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/fr/anssi/smartpgp/Common.java
View File

@ -27,6 +27,18 @@ import javacardx.crypto.*;
public final class Common { public final class Common {
protected static final void beginTransaction(final boolean isRegistering) {
if(!isRegistering) {
JCSystem.beginTransaction();
}
}
protected static final void commitTransaction(final boolean isRegistering) {
if(!isRegistering) {
JCSystem.commitTransaction();
}
}
protected static final void checkPinFormat2(final byte[] buf, protected static final void checkPinFormat2(final byte[] buf,
short off, short off,
short lc, short lc,

4
src/fr/anssi/smartpgp/Fingerprint.java
View File

@ -32,8 +32,10 @@ public final class Fingerprint {
data = new byte[Constants.FINGERPRINT_SIZE]; data = new byte[Constants.FINGERPRINT_SIZE];
} }
protected final void reset() { protected final void reset(final boolean isRegistering) {
Common.beginTransaction(isRegistering);
Util.arrayFillNonAtomic(data, (short)0, Constants.FINGERPRINT_SIZE, (byte)0); Util.arrayFillNonAtomic(data, (short)0, Constants.FINGERPRINT_SIZE, (byte)0);
Common.commitTransaction(isRegistering);
} }
protected final void set(final byte[] buf, final short off, final short len) { protected final void set(final byte[] buf, final short off, final short len) {

20
src/fr/anssi/smartpgp/PGPKey.java
View File

@ -51,10 +51,10 @@ public final class PGPKey {
attributes = new byte[Constants.ALGORITHM_ATTRIBUTES_MAX_LENGTH]; attributes = new byte[Constants.ALGORITHM_ATTRIBUTES_MAX_LENGTH];
attributes_length = 0; attributes_length = 0;
reset(); reset(true);
} }
private final void resetKeys() { private final void resetKeys(final boolean isRegistering) {
if(keys != null) { if(keys != null) {
keys.getPrivate().clearKey(); keys.getPrivate().clearKey();
keys.getPublic().clearKey(); keys.getPublic().clearKey();
@ -66,15 +66,15 @@ public final class PGPKey {
Util.arrayFillNonAtomic(certificate, (short)0, certificate_length, (byte)0); Util.arrayFillNonAtomic(certificate, (short)0, certificate_length, (byte)0);
} }
fingerprint.reset(); fingerprint.reset(isRegistering);
Util.arrayFillNonAtomic(generation_date, (short)0, Constants.GENERATION_DATE_SIZE, (byte)0); Util.arrayFillNonAtomic(generation_date, (short)0, Constants.GENERATION_DATE_SIZE, (byte)0);
} }
protected final void reset() { protected final void reset(final boolean isRegistering) {
resetKeys(); resetKeys(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(attributes_length > 0) { if(attributes_length > 0) {
Util.arrayFillNonAtomic(attributes, (short)0, attributes_length, (byte)0); Util.arrayFillNonAtomic(attributes, (short)0, attributes_length, (byte)0);
attributes_length = (byte)0; attributes_length = (byte)0;
@ -84,7 +84,7 @@ public final class PGPKey {
attributes, (short)0, attributes, (short)0,
(short)Constants.ALGORITHM_ATTRIBUTES_DEFAULT.length); (short)Constants.ALGORITHM_ATTRIBUTES_DEFAULT.length);
attributes_length = (byte)Constants.ALGORITHM_ATTRIBUTES_DEFAULT.length; attributes_length = (byte)Constants.ALGORITHM_ATTRIBUTES_DEFAULT.length;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
} }
protected final boolean isInitialized() { protected final boolean isInitialized() {
@ -141,7 +141,7 @@ public final class PGPKey {
return; return;
} }
resetKeys(); resetKeys(false);
JCSystem.beginTransaction(); JCSystem.beginTransaction();
if(attributes_length > 0) { if(attributes_length > 0) {
@ -199,7 +199,7 @@ public final class PGPKey {
return; return;
} }
resetKeys(); resetKeys(false);
keys = nkeys; keys = nkeys;
} }
@ -380,7 +380,7 @@ public final class PGPKey {
return; return;
} }
resetKeys(); resetKeys(false);
keys = nkeys; keys = nkeys;
} }

56
src/fr/anssi/smartpgp/Persistent.java
View File

@ -139,40 +139,40 @@ public final class Persistent {
user_puk = new OwnerPIN(Constants.USER_PUK_RETRY_COUNT, Constants.USER_PUK_MAX_SIZE); user_puk = new OwnerPIN(Constants.USER_PUK_RETRY_COUNT, Constants.USER_PUK_MAX_SIZE);
admin_pin = new OwnerPIN(Constants.ADMIN_PIN_RETRY_COUNT, Constants.ADMIN_PIN_MAX_SIZE); admin_pin = new OwnerPIN(Constants.ADMIN_PIN_RETRY_COUNT, Constants.ADMIN_PIN_MAX_SIZE);
reset(); reset(true);
} }
protected void reset() { protected void reset(final boolean isRegistering) {
for(byte i = 0; i < pgp_keys.length; ++i) { for(byte i = 0; i < pgp_keys.length; ++i) {
pgp_keys[i].reset(); pgp_keys[i].reset(isRegistering);
} }
if(login_length > 0) { if(login_length > 0) {
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
Util.arrayFillNonAtomic(login, (short)0, login_length, (byte)0); Util.arrayFillNonAtomic(login, (short)0, login_length, (byte)0);
login_length = (short)0; login_length = (short)0;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
} }
if(url_length > 0) { if(url_length > 0) {
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
Util.arrayFillNonAtomic(url, (short)0, url_length, (byte)0); Util.arrayFillNonAtomic(url, (short)0, url_length, (byte)0);
url_length = (short)0; url_length = (short)0;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
} }
for(byte i = 0; i < fingerprints.length; ++i) { for(byte i = 0; i < fingerprints.length; ++i) {
fingerprints[i].reset(); fingerprints[i].reset(isRegistering);
} }
if(name_length > 0) { if(name_length > 0) {
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
Util.arrayFillNonAtomic(name, (short)0, name_length, (byte)0); Util.arrayFillNonAtomic(name, (short)0, name_length, (byte)0);
name_length = (byte)0; name_length = (byte)0;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
} }
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(lang_length > 0) { if(lang_length > 0) {
Util.arrayFillNonAtomic(lang, (short)0, lang_length, (byte)0); Util.arrayFillNonAtomic(lang, (short)0, lang_length, (byte)0);
} }
@ -180,55 +180,55 @@ public final class Persistent {
lang, (short)0, lang, (short)0,
(short)Constants.LANG_DEFAULT.length); (short)Constants.LANG_DEFAULT.length);
lang_length = (byte)Constants.LANG_DEFAULT.length; lang_length = (byte)Constants.LANG_DEFAULT.length;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
sex = Constants.SEX_NOT_ANNOUNCED; sex = Constants.SEX_NOT_ANNOUNCED;
Util.arrayFillNonAtomic(digital_signature_counter, (short)0, Util.arrayFillNonAtomic(digital_signature_counter, (short)0,
(short)digital_signature_counter.length, (byte)0); (short)digital_signature_counter.length, (byte)0);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(do_0101_length > 0) { if(do_0101_length > 0) {
Util.arrayFillNonAtomic(do_0101, (short)0, Util.arrayFillNonAtomic(do_0101, (short)0,
(short)do_0101.length, (byte)0); (short)do_0101.length, (byte)0);
do_0101_length = 0; do_0101_length = 0;
} }
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(do_0102_length > 0) { if(do_0102_length > 0) {
Util.arrayFillNonAtomic(do_0102, (short)0, Util.arrayFillNonAtomic(do_0102, (short)0,
(short)do_0102.length, (byte)0); (short)do_0102.length, (byte)0);
do_0102_length = 0; do_0102_length = 0;
} }
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(do_0103_length > 0) { if(do_0103_length > 0) {
Util.arrayFillNonAtomic(do_0103, (short)0, Util.arrayFillNonAtomic(do_0103, (short)0,
(short)do_0103.length, (byte)0); (short)do_0103.length, (byte)0);
do_0103_length = 0; do_0103_length = 0;
} }
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(do_0104_length > 0) { if(do_0104_length > 0) {
Util.arrayFillNonAtomic(do_0104, (short)0, Util.arrayFillNonAtomic(do_0104, (short)0,
(short)do_0104.length, (byte)0); (short)do_0104.length, (byte)0);
do_0104_length = 0; do_0104_length = 0;
} }
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(aes_key != null) { if(aes_key != null) {
aes_key.clearKey(); aes_key.clearKey();
aes_key = null; aes_key = null;
} }
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
user_pin_force_verify_signature = Constants.USER_PIN_DEFAULT_FORCE_VERIFY_SIGNATURE; user_pin_force_verify_signature = Constants.USER_PIN_DEFAULT_FORCE_VERIFY_SIGNATURE;
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
if(key_derivation_function_length > 0) { if(key_derivation_function_length > 0) {
Util.arrayFillNonAtomic(key_derivation_function, (short)0, key_derivation_function_length, (byte)0); Util.arrayFillNonAtomic(key_derivation_function, (short)0, key_derivation_function_length, (byte)0);
} }
@ -236,24 +236,24 @@ public final class Persistent {
key_derivation_function, (short)0, key_derivation_function, (short)0,
(short)Constants.KEY_DERIVATION_FUNCTION_DEFAULT.length); (short)Constants.KEY_DERIVATION_FUNCTION_DEFAULT.length);
key_derivation_function_length = (short)Constants.KEY_DERIVATION_FUNCTION_DEFAULT.length; key_derivation_function_length = (short)Constants.KEY_DERIVATION_FUNCTION_DEFAULT.length;
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
user_pin_length = (byte)Constants.USER_PIN_DEFAULT.length; user_pin_length = (byte)Constants.USER_PIN_DEFAULT.length;
user_pin_is_format_2 = Constants.USER_PIN_DEFAULT_IS_FORMAT_2; user_pin_is_format_2 = Constants.USER_PIN_DEFAULT_IS_FORMAT_2;
user_pin.update(Constants.USER_PIN_DEFAULT, (short)0, user_pin_length); user_pin.update(Constants.USER_PIN_DEFAULT, (short)0, user_pin_length);
user_pin.resetAndUnblock(); user_pin.resetAndUnblock();
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
user_puk_length = 0; user_puk_length = 0;
user_puk_is_format_2 = Constants.USER_PIN_DEFAULT_IS_FORMAT_2; user_puk_is_format_2 = Constants.USER_PIN_DEFAULT_IS_FORMAT_2;
JCSystem.beginTransaction(); Common.beginTransaction(isRegistering);
admin_pin_length = (byte)Constants.ADMIN_PIN_DEFAULT.length; admin_pin_length = (byte)Constants.ADMIN_PIN_DEFAULT.length;
admin_pin_is_format_2 = Constants.ADMIN_PIN_DEFAULT_IS_FORMAT_2; admin_pin_is_format_2 = Constants.ADMIN_PIN_DEFAULT_IS_FORMAT_2;
admin_pin.update(Constants.ADMIN_PIN_DEFAULT, (short)0, admin_pin_length); admin_pin.update(Constants.ADMIN_PIN_DEFAULT, (short)0, admin_pin_length);
admin_pin.resetAndUnblock(); admin_pin.resetAndUnblock();
JCSystem.commitTransaction(); Common.commitTransaction(isRegistering);
isTerminated = false; isTerminated = false;
} }

2
src/fr/anssi/smartpgp/SmartPGPApplet.java
View File

@ -1352,7 +1352,7 @@ public final class SmartPGPApplet extends Applet {
switch(p2) { switch(p2) {
case (byte)0: case (byte)0:
transients.clear(); transients.clear();
data.reset(); data.reset(false);
break; break;
default: default: