OpenPGP card v3.3 : support AES ENC, improved AES DEC

This commit is contained in:
Arnaud Fontaine 2017-05-22 16:33:01 +02:00
parent d37a471067
commit 706bfb182b
2 changed files with 44 additions and 3 deletions

View File

@ -163,7 +163,7 @@ public final class Constants {
0x10 | /* support pw status changes */ 0x10 | /* support pw status changes */
0x08 | /* support private DOs (0101-0104) */ 0x08 | /* support private DOs (0101-0104) */
0x04 | /* support algorithm attributes changes */ 0x04 | /* support algorithm attributes changes */
0x02 | /* support PSO:DEC AES */ 0x02 | /* support PSO:DEC/ENC AES */
0x01), /* support KDF-DO */ 0x01), /* support KDF-DO */
(byte)0x01, /* SM 0x01 = 128 bits, 0x02 = 256 bits */ (byte)0x01, /* SM 0x01 = 128 bits, 0x02 = 256 bits */
(byte)0x00, (byte)0x20, /* max length get challenge */ (byte)0x00, (byte)0x20, /* max length get challenge */

View File

@ -1124,6 +1124,7 @@ public final class SmartPGPApplet extends Applet {
sensitiveData(); sensitiveData();
/* PSO : COMPUTE DIGITAL SIGNATURE */
if((p1 == (byte)0x9e) && (p2 == (byte)0x9a)) { if((p1 == (byte)0x9e) && (p2 == (byte)0x9a)) {
assertUserMode81(); assertUserMode81();
@ -1151,12 +1152,22 @@ public final class SmartPGPApplet extends Applet {
return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_SIG].sign(transients.buffer, lc, false); return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_SIG].sign(transients.buffer, lc, false);
} }
/* PSO : DECIPHER */
if((p1 == (byte)0x80) && (p2 == (byte)0x86)) { if((p1 == (byte)0x80) && (p2 == (byte)0x86)) {
assertUserMode82(); assertUserMode82();
if((lc == (short)(1 + Constants.aesKeyLength())) && if(lc <= 0) {
(transients.buffer[0] == (byte)2)) { ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
return 0;
}
if(transients.buffer[0] == (byte)0x02) {
if(((short)(lc - 1) % Constants.aesKeyLength()) != 0) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
return 0;
}
if(!data.aes_key.isInitialized()) { if(!data.aes_key.isInitialized()) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED); ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
@ -1180,6 +1191,36 @@ public final class SmartPGPApplet extends Applet {
return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_DEC].decipher(ec, transients.buffer, lc); return data.pgp_keys[Persistent.PGP_KEYS_OFFSET_DEC].decipher(ec, transients.buffer, lc);
} }
/* PSO : ENCIPHER */
if((p1 == (byte)0x86) && (p2 == (byte)0x80)) {
assertUserMode82();
if((lc <= 0) || ((lc % Constants.aesKeyLength()) != 0)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
return 0;
}
if(!data.aes_key.isInitialized()) {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
return 0;
}
final Cipher cipher = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
cipher.init(data.aes_key, Cipher.MODE_ENCRYPT);
final short res = cipher.doFinal(transients.buffer, (short)0, lc,
transients.buffer, (short)(lc + 1));
transients.buffer[lc] = (byte)0x02;
Util.arrayCopyNonAtomic(transients.buffer, lc,
transients.buffer, (short)0, (short)(res + 1));
Util.arrayFillNonAtomic(transients.buffer, (short)(lc + 1), res, (byte)0);
return res;
}
ISOException.throwIt(ISO7816.SW_WRONG_P1P2); ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
return 0; return 0;
} }