Skip to content

Commit 07c0038

Browse files
ToporinToporin
committed
Satochip applet v0.10-0.4: Cleanup: optimised code only, removed legacy sha512 implementation and slow pubkey recovery
* Supports only native sha512 (removed java implementation for older cards) * Supports pubkey recovery using keyAgreement with ALG_EC_SVDP_DH_PLAIN_XY (removed ALG_EC_SVDP_DH_PLAIN for older cards) This results in faster, simpler and cleaner code... This version should be protocol-compatible with previous v0.10 releases.
1 parent 8f14ecc commit 07c0038

File tree

7 files changed

+41
-2203
lines changed

7 files changed

+41
-2203
lines changed

src/org/satochip/applet/CardEdge.java

Lines changed: 35 additions & 204 deletions
Large diffs are not rendered by default.

src/org/satochip/applet/EccComputation.java

Lines changed: 0 additions & 241 deletions
This file was deleted.

src/org/satochip/applet/HmacSha512.java

Lines changed: 6 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -33,21 +33,17 @@ public class HmacSha512 {
3333
public static final short HASHSIZE=64;
3434
private static final short SW_UNSUPPORTED_KEYSIZE = (short) 0x9c0E;
3535
private static final short SW_UNSUPPORTED_MSGSIZE = (short) 0x9c0F;
36+
private static final short SW_UNSUPPORTED_FEATURE = (short) 0x9c05;
3637
private static byte[] data;
3738

3839
private static MessageDigest sha512;
39-
private static boolean nativeSha512= false;
4040

4141
public static void init(byte[] tmp){
4242
data= tmp;
43-
4443
try {
4544
sha512 = MessageDigest.getInstance(MessageDigest.ALG_SHA_512, false);
46-
nativeSha512= true;
4745
} catch (CryptoException e) {
48-
ISOException.throwIt((short)0x9C05);// debug: ensure that we use native sha512
49-
nativeSha512= false;
50-
Sha512.init();
46+
ISOException.throwIt(SW_UNSUPPORTED_FEATURE);// unsupported feature => use a more recent card!
5147
}
5248
}
5349

@@ -68,25 +64,17 @@ public static short computeHmacSha512(byte[] key, short key_offset, short key_le
6864
}
6965
Util.arrayFillNonAtomic(data, key_length, (short)(BLOCKSIZE-key_length), (byte)0x36);
7066
Util.arrayCopyNonAtomic(message, message_offset, data, BLOCKSIZE, message_length);
71-
if (nativeSha512){
72-
sha512.reset();
73-
sha512.doFinal(data, (short)0, (short)(BLOCKSIZE+message_length), data, BLOCKSIZE); // copy hash result to data buffer!
74-
} else{
75-
Sha512.resetUpdateDoFinal(data, (short)0, (short)(BLOCKSIZE+message_length), data, BLOCKSIZE); // copy hash result to data buffer!
76-
}
67+
sha512.reset();
68+
sha512.doFinal(data, (short)0, (short)(BLOCKSIZE+message_length), data, BLOCKSIZE); // copy hash result to data buffer!
7769

7870
// compute outer hash
7971
for (short i=0; i<key_length; i++){
8072
data[i]= (byte) (key[(short)(key_offset+i)] ^ (0x5c));
8173
}
8274
Util.arrayFillNonAtomic(data, key_length, (short)(BLOCKSIZE-key_length), (byte)0x5c);
8375
// previous hash already copied to correct offset in data
84-
if (nativeSha512){
85-
sha512.reset();
86-
sha512.doFinal(data, (short)0, (short)(BLOCKSIZE+HASHSIZE), mac, mac_offset);
87-
} else{
88-
Sha512.resetUpdateDoFinal(data, (short)0, (short)(BLOCKSIZE+HASHSIZE), mac, mac_offset);
89-
}
76+
sha512.reset();
77+
sha512.doFinal(data, (short)0, (short)(BLOCKSIZE+HASHSIZE), mac, mac_offset);
9078

9179
return HASHSIZE;
9280
}

0 commit comments

Comments
 (0)