diff --git a/src/fr/anssi/smartpgp/Common.java b/src/fr/anssi/smartpgp/Common.java index d174613..317a99a 100644 --- a/src/fr/anssi/smartpgp/Common.java +++ b/src/fr/anssi/smartpgp/Common.java @@ -21,8 +21,21 @@ package fr.anssi.smartpgp; import javacard.framework.*; +import javacard.security.*; +import javacardx.crypto.*; public final class Common { + protected final Cipher cipher_aes_cbc_nopad; + protected final Cipher cipher_rsa_pkcs1; + + protected final RandomData random; + + protected Common() { + cipher_aes_cbc_nopad = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false); + cipher_rsa_pkcs1 = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false); + + random = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); + } protected static final void beginTransaction(final boolean isRegistering) { if(!isRegistering) { diff --git a/src/fr/anssi/smartpgp/PGPKey.java b/src/fr/anssi/smartpgp/PGPKey.java index c4fc843..88e779c 100644 --- a/src/fr/anssi/smartpgp/PGPKey.java +++ b/src/fr/anssi/smartpgp/PGPKey.java @@ -40,12 +40,7 @@ public final class PGPKey { private KeyPair keys; - private final Cipher cipher_rsa_pkcs1; - protected PGPKey() { - - cipher_rsa_pkcs1 = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false); - fingerprint = new Fingerprint(); generation_date = new byte[Constants.GENERATION_DATE_SIZE]; @@ -447,7 +442,8 @@ public final class PGPKey { - protected final short sign(final byte[] buf, final short lc, + protected final short sign(final Common common, + final byte[] buf, final short lc, final boolean forAuth) { if(!isInitialized()) { @@ -486,10 +482,10 @@ public final class PGPKey { return 0; } - cipher_rsa_pkcs1.init(priv, Cipher.MODE_ENCRYPT); + common.cipher_rsa_pkcs1.init(priv, Cipher.MODE_ENCRYPT); - off = cipher_rsa_pkcs1.doFinal(buf, (short)0, lc, - buf, lc); + off = common.cipher_rsa_pkcs1.doFinal(buf, (short)0, lc, + buf, lc); return Util.arrayCopyNonAtomic(buf, lc, buf, (short)0, @@ -502,7 +498,8 @@ public final class PGPKey { } - protected final short decipher(final byte[] buf, final short lc) { + protected final short decipher(final Common common, + final byte[] buf, final short lc) { if(!isInitialized()) { ISOException.throwIt(Constants.SW_REFERENCE_DATA_NOT_FOUND); @@ -526,10 +523,10 @@ public final class PGPKey { return 0; } - cipher_rsa_pkcs1.init(priv, Cipher.MODE_DECRYPT); + common.cipher_rsa_pkcs1.init(priv, Cipher.MODE_DECRYPT); - final short len = cipher_rsa_pkcs1.doFinal(buf, (short)1, (short)(lc - 1), - buf, lc); + final short len = common.cipher_rsa_pkcs1.doFinal(buf, (short)1, (short)(lc - 1), + buf, lc); off = Util.arrayCopyNonAtomic(buf, lc, buf, (short)0, diff --git a/src/fr/anssi/smartpgp/SmartPGPApplet.java b/src/fr/anssi/smartpgp/SmartPGPApplet.java index d86317a..e1da35a 100644 --- a/src/fr/anssi/smartpgp/SmartPGPApplet.java +++ b/src/fr/anssi/smartpgp/SmartPGPApplet.java @@ -26,16 +26,13 @@ import javacardx.crypto.*; public final class SmartPGPApplet extends Applet { + private final Common common; private final Persistent data; private final Transients transients; - private final Cipher cipher_aes_cbc_nopad; - private final RandomData random_data; - public SmartPGPApplet() { - cipher_aes_cbc_nopad = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false); - random_data = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); + common = new Common(); data = new Persistent(); transients = new Transients(); } @@ -1287,7 +1284,7 @@ public final class SmartPGPApplet extends Applet { } JCSystem.commitTransaction(); - return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_SIG].sign(transients.buffer, lc, false); + return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_SIG].sign(common, transients.buffer, lc, false); } /* PSO : DECIPHER */ @@ -1312,10 +1309,10 @@ public final class SmartPGPApplet extends Applet { return 0; } - cipher_aes_cbc_nopad.init(data.aes_key, Cipher.MODE_DECRYPT); + common.cipher_aes_cbc_nopad.init(data.aes_key, Cipher.MODE_DECRYPT); - final short res = cipher_aes_cbc_nopad.doFinal(transients.buffer, (short)1, (short)(lc - 1), - transients.buffer, lc); + final short res = common.cipher_aes_cbc_nopad.doFinal(transients.buffer, (short)1, (short)(lc - 1), + transients.buffer, lc); Util.arrayCopyNonAtomic(transients.buffer, lc, transients.buffer, (short)0, res); @@ -1325,7 +1322,7 @@ public final class SmartPGPApplet extends Applet { return res; } - return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_DEC].decipher(transients.buffer, lc); + return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_DEC].decipher(common, transients.buffer, lc); } /* PSO : ENCIPHER */ @@ -1343,10 +1340,10 @@ public final class SmartPGPApplet extends Applet { return 0; } - cipher_aes_cbc_nopad.init(data.aes_key, Cipher.MODE_ENCRYPT); + common.cipher_aes_cbc_nopad.init(data.aes_key, Cipher.MODE_ENCRYPT); - final short res = cipher_aes_cbc_nopad.doFinal(transients.buffer, (short)0, lc, - transients.buffer, (short)(lc + 1)); + final short res = common.cipher_aes_cbc_nopad.doFinal(transients.buffer, (short)0, lc, + transients.buffer, (short)(lc + 1)); transients.buffer[lc] = (byte)0x02; Util.arrayCopyNonAtomic(transients.buffer, lc, @@ -1369,7 +1366,7 @@ public final class SmartPGPApplet extends Applet { case (byte)0x00: sensitiveData(); assertUserMode82(); - return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_AUT].sign(transients.buffer, lc, true); + return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_AUT].sign(common, transients.buffer, lc, true); default: break; @@ -1397,7 +1394,7 @@ public final class SmartPGPApplet extends Applet { } if(le != 0) { - random_data.generateData(transients.buffer, (short)0, le); + common.random.generateData(transients.buffer, (short)0, le); } return le;