javacard.security.RandomData Java Examples

The following examples show how to use javacard.security.RandomData. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FIDOStandalone.java    From ledger-u2f-javacard with Apache License 2.0 6 votes vote down vote up
/**
 * Init cipher engines and allocate memory.
 */
public FIDOStandalone() {
    scratch = JCSystem.makeTransientByteArray((short) 64, JCSystem.CLEAR_ON_DESELECT);
    keyPair = new KeyPair(
    (ECPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, KeyBuilder.LENGTH_EC_FP_256, false),
    (ECPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, KeyBuilder.LENGTH_EC_FP_256, false));
    Secp256r1.setCommonCurveParameters((ECKey) keyPair.getPrivate());
    Secp256r1.setCommonCurveParameters((ECKey) keyPair.getPublic());
    random = RandomData.getInstance(RandomData.ALG_KEYGENERATION);
    // Initialize the unique wrapping key
    chipKey = (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_256, false);
    random.nextBytes(scratch, (short) 0, (short) 32);
    chipKey.setKey(scratch, (short) 0);
    cipherEncrypt = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
    cipherEncrypt.init(chipKey, Cipher.MODE_ENCRYPT, IV_ZERO_AES, (short) 0, (short) IV_ZERO_AES.length);
    cipherDecrypt = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
    cipherDecrypt.init(chipKey, Cipher.MODE_DECRYPT, IV_ZERO_AES, (short) 0, (short) IV_ZERO_AES.length);
}
 
Example #2
Source File: FIDOCCImplementation.java    From CCU2F with Apache License 2.0 5 votes vote down vote up
public FIDOCCImplementation() {
	
	random = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
	
    scratch = JCSystem.makeTransientByteArray((short)128, JCSystem.CLEAR_ON_DESELECT);
    //seed = new byte[64];
    
    keyPair = new KeyPair(
        (ECPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PUBLIC, KeyBuilder.LENGTH_EC_FP_256, false),
        (ECPrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_EC_FP_PRIVATE, KeyBuilder.LENGTH_EC_FP_256, false));
    Secp256r1.setCommonCurveParameters((ECKey)keyPair.getPrivate());
    Secp256r1.setCommonCurveParameters((ECKey)keyPair.getPublic());
            
    // Initialize the unique seed for DRNG function 
    //random.generateData(seed, (short)0, (short)64);
    
    // Initialize the unique seed for DRNG function       
    drngSeed1 = (AESKey)KeyBuilderX.buildKey(KeyBuilderX.TYPE_AES_STATIC, KeyBuilder.LENGTH_AES_256, false);
    drngSeed2 = (AESKey)KeyBuilderX.buildKey(KeyBuilderX.TYPE_AES_STATIC, KeyBuilder.LENGTH_AES_256, false);
    random.generateData(scratch, (short)0, (short)32);
    drngSeed1.setKey(scratch, (short)0);
    random.generateData(scratch, (short)0, (short)32);
    drngSeed2.setKey(scratch, (short)0);
 
    sha256 = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
            
    // Initialize the unique keys for MAC function
    macKey1 = (AESKey)KeyBuilderX.buildKey(KeyBuilderX.TYPE_AES_STATIC, KeyBuilder.LENGTH_AES_128, false);
    macKey2 = (AESKey)KeyBuilderX.buildKey(KeyBuilderX.TYPE_AES_STATIC, KeyBuilder.LENGTH_AES_128, false);
    random.generateData(scratch, (short)0, (short)16);
    macKey1.setKey(scratch, (short)0);
    random.generateData(scratch, (short)0, (short)16);
    macKey2.setKey(scratch, (short)0);
    
    // Initialize ecMultiplier 
    ecMultiplyHelper = KeyAgreementX.getInstance(KeyAgreementX.ALG_EC_SVDP_DH_PLAIN_XY, false);
}
 
Example #3
Source File: PinTests.java    From GidsApplet with GNU General Public License v3.0 5 votes vote down vote up
@Test
public void authenticateMutualReplayAttack() {
    byte[] key = DatatypeConverter.parseHexBinary("010203040506070801020304050607080102030405060708");
    byte[] myChallenge= new byte [16], globalchallenge = new byte[40], challengeresponse = new byte[40];
    byte[] challenge;
    Cipher cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
    DESKey deskey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);
    deskey.setKey(key, (short) 0);
    RandomData randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
    randomData.generateData(myChallenge, (short) 0, (short) myChallenge.length);
    // select admin key
    execute("00 22 81 A4 03 83 01 80");
    // get a challenge
    ResponseAPDU response = execute("00 87 00 00 14 7C 12 81 10" + DatatypeConverter.printHexBinary(myChallenge) + "00");
    if (!Arrays.equals(Arrays.copyOfRange(response.getBytes(), 0, 4), new byte[] {0x7C,0x12,(byte) 0x81,0x10})) {
        fail("not a challenge:" + DatatypeConverter.printHexBinary(response.getBytes()));
    }
    // compute the response
    challenge = Arrays.copyOfRange(response.getBytes(), 4, 20);
    //solve challenge
    //R2
    System.arraycopy(challenge, 0, globalchallenge, 0, 16);
    //R1
    System.arraycopy(myChallenge, 0, globalchallenge, 16, 16);
    // keep Z1 random
    globalchallenge[(short)39] = (byte) 0x80;
    cipherDES.init(deskey, Cipher.MODE_ENCRYPT);
    cipherDES.doFinal(globalchallenge, (short) 0, (short)40, challengeresponse, (short) 0);
    // send the response
    execute("00 87 00 00 2C 7C 2A 82 28" + DatatypeConverter.printHexBinary(challengeresponse), 0x9000);
    execute("00 87 00 00 2C 7C 2A 82 28" + DatatypeConverter.printHexBinary(challengeresponse), 0x6985);
}
 
Example #4
Source File: CardEdge.java    From SatochipApplet with GNU Affero General Public License v3.0 5 votes vote down vote up
/**
 * This function allows to set the 2FA key and enable 2FA.
 * Once activated, 2FA can only be deactivated when the seed is reset.
 *  
 *  ins: 0x79
 *  p1: 0x00
 *  p2: 0x00
 *  data: [hmacsha1_key(20b) | amount_limit(8b)]
 *  return: (none)
 */
private short set2FAKey(APDU apdu, byte[] buffer){
	// check that PIN[0] has been entered previously
	if (!pins[0].isValidated())
		ISOException.throwIt(SW_UNAUTHORIZED);
	// cannot modify an existing 2FA!
	if (needs_2FA)
		ISOException.throwIt(SW_2FA_INITIALIZED_KEY);
	
	//check input length
	short bytesLeft = Util.makeShort((byte) 0x00, buffer[ISO7816.OFFSET_LC]);
	if (bytesLeft < (short)(20+8))
		ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
	
	if (!done_once_2FA){
		data2FA= new byte[OFFSET_2FA_SIZE];
		randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
        aes128_cbc= Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
        key_2FA= (AESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128, false);
        done_once_2FA= true;
	}
	
	short offset= ISO7816.OFFSET_CDATA;
	Util.arrayCopyNonAtomic(buffer, offset, data2FA, OFFSET_2FA_HMACKEY, (short)20); 
	offset+=(short)20;
	Util.arrayCopyNonAtomic(buffer, offset, data2FA, OFFSET_2FA_LIMIT, (short)8); 
	offset+=(short)8;
	// hmac derivation for id_2FA & key_2FA
	HmacSha160.computeHmacSha160(data2FA, OFFSET_2FA_HMACKEY, (short)20, CST_2FA, (short)0, (short)6, data2FA, OFFSET_2FA_ID);
       HmacSha160.computeHmacSha160(data2FA, OFFSET_2FA_HMACKEY, (short)20, CST_2FA, (short)6, (short)7, recvBuffer, (short)0);
       key_2FA.setKey(recvBuffer,(short)0); // AES-128: 16-bytes key!!
       needs_2FA= true;	
       
       return (short)0;
}
 
Example #5
Source File: SomeLibrary.java    From ant-javacard with MIT License 4 votes vote down vote up
public static RandomData getRandom() {
	return RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
}
 
Example #6
Source File: Gpg.java    From OpenPGP-Card with GNU General Public License v3.0 4 votes vote down vote up
/**
 * Only this class's install method should create the applet object.
 */
protected Gpg(byte[] parameters, short offset, byte length) {
  pinLength = new byte[3];
  pins = new OwnerPIN[3];
  pins[PIN_INDEX_PW1] = new OwnerPIN(MAX_TRIES_PIN1, MAX_PIN_LENGTH);
  pins[PIN_INDEX_PW1].update(defaultPIN, (short) 0, MIN_PIN1_LENGTH);
  pinLength[PIN_INDEX_PW1] = MIN_PIN1_LENGTH;
  pins[PIN_INDEX_PW3] = new OwnerPIN(MAX_TRIES_PIN3, MAX_PIN_LENGTH);
  pins[PIN_INDEX_PW3].update(defaultPIN, (short) 0, MIN_PIN3_LENGTH);
  pinLength[PIN_INDEX_PW3] = MIN_PIN3_LENGTH;
  // The resetting code is disabled by default.
  pins[PIN_INDEX_RC] = new OwnerPIN(MAX_TRIES_RC, MAX_PIN_LENGTH);
  pinLength[PIN_INDEX_RC] = 0;
  pinSubmitted = JCSystem.makeTransientBooleanArray((short) 2, JCSystem.CLEAR_ON_DESELECT);

  commandChainingBuffer =
      JCSystem.makeTransientByteArray((short) (TEMP_PUT_KEY_ACCUMULATOR + RSA_KEY_LENGTH_BYTES),
                                      JCSystem.CLEAR_ON_DESELECT);

  privateDO1 = new byte[255];
  privateDO2 = new byte[255];
  privateDO3 = new byte[255];
  privateDO4 = new byte[255];

  loginData = new byte[(short) 255];
  url = new byte[(short) 255];
  name = new byte[(short) 40];
  language = new byte[(short) 9];
  sex = new byte[(short) 1];
  fingerprints = new byte[(short) 60];
  caFingerprints = new byte[(short) 60];
  generationDates = new byte[(short) 12];
  signatureCounter = new byte[(short) 3];
  pinValidForMultipleSignatures = (byte) 0;

  signatureKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
  confidentialityKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
  authenticationKey = new KeyPair(KeyPair.ALG_RSA_CRT, (short) 2048);
  cipherRSA = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
  randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);

  register();
}
 
Example #7
Source File: STPayP.java    From CardExamples with The Unlicense 4 votes vote down vote up
/**
 * Creates Java Card applet object.
 * 
 * @param array
 *            the byte array containing the AID bytes
 * @param offset
 *            the start of AID bytes in array
 * @param length
 *            the length of the AID bytes in array
 */
private STPayP(byte[] array, short offset, byte length) {
    /*** Start allocate memory when applet is instantiated. ***/
    this.records = new Records(Constants.MAX_SFI_RECORDS);

    this.persistentByteBuffer = new byte[Constants.SIZE_PBB];
    this.personalizedPersistentByteBuffer = new byte[Constants.SIZE_PPBB];

    this.transientByteBuffer = JCSystem.makeTransientByteArray(Constants.SIZE_TBB, JCSystem.CLEAR_ON_DESELECT);

    // NOTE: 'keyEncryption' parameter not used.
    this.mkAC = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_2KEY, false);
    this.mkIDN = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_2KEY, false);
    /*** End allocate memory when applet is instantiated. ***/

    /*** Allocate memory when personalized. ***/
    this.selectResponse = null;
    this.cardLayoutDescriptionPart1 = null;
    this.cardLayoutDescriptionPart2 = null;
    this.cardLayoutDescriptionPart3 = null;

    this.gpState = GPSystem.APPLICATION_SELECTABLE;

    /*** Start initialize variables specific to MPP Remote-SE Lite. ***/
    this.cardProfile = new CardProfile();

    // Build Card Profile.
    // NOTE: This is a kludge to retrieve AID. This would not work with real Java Card.
    byte aidLength = JCSystem.getAID().getBytes(this.transientByteBuffer, (short) 0);
    this.cardProfile.setAid(this.transientByteBuffer, (short) 0, aidLength);

    this.cardProfileHash = new byte[32];

    // Initialize and seed random.
    this.random = RandomData.getInstance(RandomData.ALG_PSEUDO_RANDOM);
    byte[] seed = DataUtil.stringToCompressedByteArray(String.valueOf(Calendar.getInstance().getTimeInMillis()));
    this.random.setSeed(seed, (short) 0, (short) seed.length);

    // Initialize Mobile Key.
    this.dataEncryption = new DataEncryption();
    if (!this.dataEncryption.initMobileKey()) {
        System.out.println("Error: M_Key not initialized.");
    }

    this.sha256 = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
    /*** End initialize variables specific to MPP Remote-SE Lite. ***/

    // Register instance AID.
    register(array, (short) (offset + (byte) 1), array[offset]);
}