Skip to content

unsignedCompare & errorCode cleanup #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
BKSSMVenkateswarlu merged 12 commits into from
Feb 11, 2021
Merged

unsignedCompare & errorCode cleanup #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
b557e48
Merge pull request #2 from BKSSMVenkateswarlu/master
mdwivedi Feb 9, 2021
e896206
Update KMInteger.java
mdwivedi Feb 9, 2021
a6054cf
move_unsigned_compare to common code
Feb 9, 2021
48ec0ee
move_unsigned_compare to common code
Feb 9, 2021
5575105
code cleanup
Feb 10, 2021
83cff35
Merge pull request #3 from BKSSMVenkateswarlu/remove_public_operations
mdwivedi Feb 10, 2021
7f510db
Merge branch 'master' into move_unsigned_compare
mdwivedi Feb 10, 2021
fd69d5a
Merge pull request #4 from mdwivedi/move_unsigned_compare
mdwivedi Feb 10, 2021
5e0dba3
Revert "Move unsigned compare"
mdwivedi Feb 10, 2021
dcd0ecd
Merge pull request #5 from mdwivedi/revert-4-move_unsigned_compare
mdwivedi Feb 10, 2021
a900964
Moving unsigned compare to KMInteger
Feb 10, 2021
5c1e3bd
Removing error code
Feb 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 15 additions & 34 deletions Applet/AndroidSEProvider/src/com/android/javacard/keymaster/KMUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,17 +70,17 @@ public static short convertToDate(short time, byte[] scratchPad,
(short) (8 - KMInteger.cast(time).length()), KMInteger.cast(time)
.length());
// If the time is less then 1 Jan 2020 then it is an error
if (unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2020, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2020, (short) 0,
(short) 8) < 0) {
KMException.throwIt(KMError.INVALID_ARGUMENT);
}
if (utcFlag
&& unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
&& KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 0, (short) 8) >= 0) {
KMException.throwIt(KMError.INVALID_ARGUMENT);
}

if (unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051, (short) 0,
(short) 8) < 0) {
Util.arrayCopyNonAtomic(firstJan2020, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -96,7 +96,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 8);
}
// divide the given time with four yrs msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, fourYrsMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, fourYrsMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(fourYrsMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -116,9 +116,9 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
// if leap year index is 0, then the number of days for the 1st year will be 366 days.
// if leap year index is not 0, then the number of days for the 1st year will be 365 days.
if (((leapYrIdx == 0) &&
(unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec, (short) 0,(short) 8) >= 0)) ||
(KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec, (short) 0,(short) 8) >= 0)) ||
((leapYrIdx != 0) &&
(unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec, (short) 0,(short) 8) >= 0))) {
(KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec, (short) 0,(short) 8) >= 0))) {
for (short i = 0; i < 4; i++) {
yrsCount++;
if (i == leapYrIdx) {
Expand All @@ -132,12 +132,12 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
Util.arrayCopyNonAtomic(scratchPad, (short) 16, scratchPad, (short) 0,
(short) 8);
if (((short) (i + 1) == leapYrIdx)) {
if (unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec,
(short) 0, (short) 8) < 0) {
break;
}
} else {
if (unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec,
(short) 0, (short) 8) < 0) {
break;
}
Expand All @@ -152,7 +152,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
yrsCount = (short) (year2051 + yrsCount);

// divide the given time with one month msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneMonthMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneMonthMsec, (short) 0,
(short) 8) >= 0) {
for (short i = 0; i < 12; i++) {
if (i == 1) {
Expand All @@ -175,7 +175,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 8, (short) 8);
}

if (unsignedByteArrayCompare(scratchPad, (short) 0, scratchPad, (short) 8,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, scratchPad, (short) 8,
(short) 8) >= 0) {
subtract(scratchPad, (short) 0, (short) 8, (short) 16);
Util.arrayCopyNonAtomic(scratchPad, (short) 16, scratchPad, (short) 0,
Expand All @@ -188,7 +188,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one day msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneDayMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneDayMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneDayMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -199,7 +199,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one hour msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneHourMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneHourMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneHourMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -209,7 +209,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one minute msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneMinMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneMinMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneMinMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -219,7 +219,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one second msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneSecMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneSecMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneSecMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -244,25 +244,6 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
return KMByteBlob.instance(scratchPad, (short) 0, len); // YYYY
}

public static byte unsignedByteArrayCompare(byte[] a1, short offset1, byte[] a2, short offset2, short length) {
byte count = (byte) 0;
short val1 = (short)0;
short val2 = (short)0;

for (; count < length; count++) {
val1 = (short) (a1[(short) (count + offset1)] & 0x00FF);
val2 = (short) (a2[(short) (count + offset2)] & 0x00FF);

if (val1 < val2) {
return -1;
}
if (val1 > val2) {
return 1;
}
}
return 0;
}

public static short numberToString(short number, byte[] scratchPad,
short offset) {
byte zero = 0x30;
Expand Down Expand Up @@ -311,7 +292,7 @@ public static void copy(byte[] buf, short from, short to) {
}

public static byte compare(byte[] buf, short lhs, short rhs) {
return unsignedByteArrayCompare(buf, lhs, buf, rhs, (short) 8);
return KMInteger.unsignedByteArrayCompare(buf, lhs, buf, rhs, (short) 8);
}

public static void shiftLeft(byte[] buf, short start) {
Expand Down
2 changes: 1 addition & 1 deletion Applet/JCardSimProvider/src/com/android/javacard/keymaster/KMRsa2048NoDigestSignature.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ private boolean isValidData(byte[] buf, short start, short len) {
if (padding == KMType.PADDING_NONE) {
if (len > 256) return false;
else if (len == 256) {
short v = KMUtils.unsignedByteArrayCompare(buf, start, rsaModulus, (short) 0, len);
short v = KMInteger.unsignedByteArrayCompare(buf, start, rsaModulus, (short) 0, len);
if (v > 0) return false;
}
} else {//pkcs1 no digest
Expand Down
49 changes: 15 additions & 34 deletions Applet/JCardSimProvider/src/com/android/javacard/keymaster/KMUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,17 +70,17 @@ public static short convertToDate(short time, byte[] scratchPad,
(short) (8 - KMInteger.cast(time).length()), KMInteger.cast(time)
.length());
// If the time is less then 1 Jan 2020 then it is an error
if (unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2020, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2020, (short) 0,
(short) 8) < 0) {
KMException.throwIt(KMError.INVALID_ARGUMENT);
}
if (utcFlag
&& unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
&& KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 0, (short) 8) >= 0) {
KMException.throwIt(KMError.INVALID_ARGUMENT);
}

if (unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051, (short) 0,
(short) 8) < 0) {
Util.arrayCopyNonAtomic(firstJan2020, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -96,7 +96,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 8);
}
// divide the given time with four yrs msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, fourYrsMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, fourYrsMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(fourYrsMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -116,9 +116,9 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
// if leap year index is 0, then the number of days for the 1st year will be 366 days.
// if leap year index is not 0, then the number of days for the 1st year will be 365 days.
if (((leapYrIdx == 0) &&
(unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec, (short) 0,(short) 8) >= 0)) ||
(KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec, (short) 0,(short) 8) >= 0)) ||
((leapYrIdx != 0) &&
(unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec, (short) 0,(short) 8) >= 0))) {
(KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec, (short) 0,(short) 8) >= 0))) {
for (short i = 0; i < 4; i++) {
yrsCount++;
if (i == leapYrIdx) {
Expand All @@ -132,12 +132,12 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
Util.arrayCopyNonAtomic(scratchPad, (short) 16, scratchPad, (short) 0,
(short) 8);
if (((short) (i + 1) == leapYrIdx)) {
if (unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, leapYearMsec,
(short) 0, (short) 8) < 0) {
break;
}
} else {
if (unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, yearMsec,
(short) 0, (short) 8) < 0) {
break;
}
Expand All @@ -152,7 +152,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
yrsCount = (short) (year2051 + yrsCount);

// divide the given time with one month msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneMonthMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneMonthMsec, (short) 0,
(short) 8) >= 0) {
for (short i = 0; i < 12; i++) {
if (i == 1) {
Expand All @@ -175,7 +175,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
(short) 8, (short) 8);
}

if (unsignedByteArrayCompare(scratchPad, (short) 0, scratchPad, (short) 8,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, scratchPad, (short) 8,
(short) 8) >= 0) {
subtract(scratchPad, (short) 0, (short) 8, (short) 16);
Util.arrayCopyNonAtomic(scratchPad, (short) 16, scratchPad, (short) 0,
Expand All @@ -188,7 +188,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one day msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneDayMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneDayMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneDayMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -199,7 +199,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one hour msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneHourMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneHourMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneHourMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -209,7 +209,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one minute msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneMinMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneMinMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneMinMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -219,7 +219,7 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
}

// divide the given time with one second msec count
if (unsignedByteArrayCompare(scratchPad, (short) 0, oneSecMsec, (short) 0,
if (KMInteger.unsignedByteArrayCompare(scratchPad, (short) 0, oneSecMsec, (short) 0,
(short) 8) >= 0) {
Util.arrayCopyNonAtomic(oneSecMsec, (short) 0, scratchPad, (short) 8,
(short) 8);
Expand All @@ -244,25 +244,6 @@ && unsignedByteArrayCompare(scratchPad, (short) 0, firstJan2051,
return KMByteBlob.instance(scratchPad, (short) 0, len); // YYYY
}

public static byte unsignedByteArrayCompare(byte[] a1, short offset1, byte[] a2, short offset2, short length) {
byte count = (byte) 0;
short val1 = (short)0;
short val2 = (short)0;

for (; count < length; count++) {
val1 = (short) (a1[(short) (count + offset1)] & 0x00FF);
val2 = (short) (a2[(short) (count + offset2)] & 0x00FF);

if (val1 < val2) {
return -1;
}
if (val1 > val2) {
return 1;
}
}
return 0;
}

public static short numberToString(short number, byte[] scratchPad,
short offset) {
byte zero = 0x30;
Expand Down Expand Up @@ -311,7 +292,7 @@ public static void copy(byte[] buf, short from, short to) {
}

public static byte compare(byte[] buf, short lhs, short rhs) {
return unsignedByteArrayCompare(buf, lhs, buf, rhs, (short) 8);
return KMInteger.unsignedByteArrayCompare(buf, lhs, buf, rhs, (short) 8);
}

public static void shiftLeft(byte[] buf, short start) {
Expand Down
1 change: 0 additions & 1 deletion Applet/src/com/android/javacard/keymaster/KMEncoder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ public class KMEncoder {
private static final byte UINT64_LENGTH = (byte) 0x1B;
private static final short TINY_PAYLOAD = 0x17;
private static final short SHORT_PAYLOAD = 0x100;
//TODO make this static.
private byte[] buffer;
private short startOff;
private short length;
Expand Down
43 changes: 7 additions & 36 deletions Applet/src/com/android/javacard/keymaster/KMError.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@
*/
public class KMError {
public static final short OK = 0;
public static final short ROOT_OF_TRUST_ALREADY_SET = 1;
public static final short UNSUPPORTED_PURPOSE = 2;
public static final short INCOMPATIBLE_PURPOSE = 3;
public static final short UNSUPPORTED_ALGORITHM = 4;
Expand All @@ -34,69 +33,41 @@ public class KMError {
public static final short INCOMPATIBLE_PADDING_MODE = 11;
public static final short UNSUPPORTED_DIGEST = 12;
public static final short INCOMPATIBLE_DIGEST = 13;
public static final short INVALID_EXPIRATION_TIME = 14;
public static final short INVALID_USER_ID = 15;
public static final short INVALID_AUTHORIZATION_TIMEOUT = 16;
public static final short UNSUPPORTED_KEY_FORMAT = 17;
public static final short INCOMPATIBLE_KEY_FORMAT = 18;

public static final short UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = 19;
/** For PKCS8 & PKCS12 */
public static final short UNSUPPORTED_KEY_VERIFICATION_ALGORITHM = 20;

/** For PKCS8 & PKCS12 */
public static final short INVALID_INPUT_LENGTH = 21;

public static final short KEY_EXPORT_OPTIONS_INVALID = 22;
public static final short DELEGATION_NOT_ALLOWED = 23;
public static final short KEY_NOT_YET_VALID = 24;
public static final short KEY_EXPIRED = 25;

public static final short KEY_USER_NOT_AUTHENTICATED = 26;
public static final short OUTPUT_PARAMETER_NULL = 27;
public static final short INVALID_OPERATION_HANDLE = 28;
public static final short INSUFFICIENT_BUFFER_SPACE = 29;
public static final short VERIFICATION_FAILED = 30;
public static final short TOO_MANY_OPERATIONS = 31;
public static final short UNEXPECTED_NULL_POINTER = 32;
public static final short INVALID_KEY_BLOB = 33;
public static final short IMPORTED_KEY_NOT_ENCRYPTED = 34;
public static final short IMPORTED_KEY_DECRYPTION_FAILED = 35;
public static final short IMPORTED_KEY_NOT_SIGNED = 36;
public static final short IMPORTED_KEY_VERIFICATION_FAILED = 37;

public static final short INVALID_ARGUMENT = 38;
public static final short UNSUPPORTED_TAG = 39;
public static final short INVALID_TAG = 40;
public static final short MEMORY_ALLOCATION_FAILED = 41;
public static final short IMPORT_PARAMETER_MISMATCH = 44;
public static final short SECURE_HW_ACCESS_DENIED = 45;
public static final short OPERATION_CANCELLED = 46;
public static final short CONCURRENT_ACCESS_CONFLICT = 47;
public static final short SECURE_HW_BUSY = 48;
public static final short SECURE_HW_COMMUNICATION_FAILED = 49;
public static final short UNSUPPORTED_EC_FIELD = 50;

public static final short MISSING_NONCE = 51;
public static final short INVALID_NONCE = 52;
public static final short MISSING_MAC_LENGTH = 53;
public static final short KEY_RATE_LIMIT_EXCEEDED = 54;
public static final short CALLER_NONCE_PROHIBITED = 55;
public static final short KEY_MAX_OPS_EXCEEDED = 56;
public static final short INVALID_MAC_LENGTH = 57;
public static final short MISSING_MIN_MAC_LENGTH = 58;
public static final short UNSUPPORTED_MIN_MAC_LENGTH = 59;
public static final short UNSUPPORTED_KDF = 60;
public static final short UNSUPPORTED_EC_CURVE = 61;
public static final short KEY_REQUIRES_UPGRADE = 62;
public static final short ATTESTATION_CHALLENGE_MISSING = 63;
public static final short KEYMASTER_NOT_CONFIGURED = 64;

public static final short ATTESTATION_APPLICATION_ID_MISSING = 65;
public static final short CANNOT_ATTEST_IDS = 66;
public static final short ROLLBACK_RESISTANCE_UNAVAILABLE = 67;
public static final short HARDWARE_TYPE_UNAVAILABLE = 68;
public static final short PROOF_OF_PRESENCE_REQUIRED = 69;
public static final short CONCURRENT_PROOF_OF_PRESENCE_REQUESTED = 70;
public static final short NO_USER_CONFIRMATION = 71;

public static final short DEVICE_LOCKED = 72;
public static final short EARLY_BOOT_ENDED = 73;
public static final short UNIMPLEMENTED = 100;
public static final short VERSION_MISMATCH = 101;
public static final short UNKNOWN_ERROR = 1000;

//Extended errors
Expand Down
Loading