Mifare DESfire EV1 4k AES Authentication - authentication

Has anyone been able to authenticate with this card using this encryption method? I have no clue what to do after selecting the app and starting the authentication. Below is my code. Only copied the relevant parts and used example KEY and SELECT_APP
//AUTHENTICATION COMMANDS
private static final byte[] NATIVE_AUTHENTICATION_KEY = new byte[] {
(byte) 0x01, (byte) 0x02, (byte) 0x01, (byte) 0x04, (byte) 0x05,
(byte) 0x06, (byte) 0x07, (byte) 0x08, (byte) 0x09, (byte) 0x0A,
(byte) 0x0B, (byte) 0x0C, (byte) 0x0D, (byte) 0x0E, (byte) 0x0F,
(byte) 0x00 };
private static final byte[] START_AUTHENTICATION_COMMAND = new byte[] {
(byte) 0xAA, (byte) 0x01 };
private static byte[] SELECT_APPLICATION = { (byte) 0x5A, (byte) 0x01,
(byte) 0x02, (byte) 0x03 };
//AUTHENTICATION FUNCTION
private void StartAuthentication(Tag tag) {
try {
IsoDep.get(tag).connect();
byte[] response = IsoDep.get(tag)
.transceive(SELECT_APPLICATION);
Log.e("SELECT_APP", ByteArrayToHexString(response));
byte[] response2 = IsoDep.get(tag).transceive(START_AUTHENTICATION_COMMAND);
Log.e("START_AUTH", ByteArrayToHexString(response2));
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
SELECT_APP returns 0x00 (OK) and START_AUTH returns 0xAF+(16bit). What to do after getting that?

If your answer returns 0xAF means extra info is pending.
Send 0xAF till you get 0x00 in retun, 0xAF means more data in return is pending.

Related

USB Audio class 2.0 enumeration issue

I am trying to develop a USB audio device compliant to USB Audio Class version 2.0 specification. I have written the descriptors by referring to the specification as such. But, I find that the device is not enumerating correctly. The status in device manager just shows "This device cannot start (Code 10)."
Please find the configuration descriptors that I am using below:
/* Configuration descriptor */
0x09, /* Descriptor size */
0x02, /* Configuration descriptor type */
0x8A,0x00, /* Length of this descriptor and all sub descriptors */
0x02, /* Number of interfaces */
0x01, /* Configuration number */
0x00, /* Configuration string index */
0x80, /* Config characteristics - Bus powered */
0x32, /* Max power consumption of device (in 8mA unit) : 400mA */
//IAD
0x08, /* bLength */
0x0B, /* bDescriptorType */
0x00, /* bFirstInterface */
0x02, /* bInterfaceCount */
0x01, /* bFunctionClass */
0x00, /* bFunctionSubClass */
0x20, /* bFunctionProtocol */
0x00, /* iFunction */
/* Standard AC Interface Descriptor */
0x09, /* bLength */
0x04, /* bDescriptorType */
0x00, /* bInterfaceNumber */
0x00, /* bAlternateSetting */
0x00, /* bNumEndoints */
0x01, /* bInterfaceClass */
0x01, /* bInterfaceSubClass */
0x20, /* bInterfaceProtocol */
0x00, /* iInterface */
/* Class-Specific AC Interface Header Descriptor */
0x09, /* bLength */
0x24, /* bDescriptorType */
0x01, /* bDescriptorSubtype */
0x00, 0x02, /* bcdADC */
0x03, /* bCatagory MICROPHONE*/
0x2E, 0x00, /* wTotalLength (46 Bytes) */
0x00, /* bmControls */
/* Class-Specific AC Clock Source Descriptor (INTERNAL) */
0x08, /* bLength */
0x24, /* bDescriptorType */
0x0A, /* bDescriptorSubtype */
0x10, /* bClockID */
0x01, /* bmAttributes:
D[1:0]:
00: External Clock
01: Internal Fixed Clock
10: Internal Variable Clock
11: Internal Progamable Clock
D[2]:
Clock Synced to SOF
D[7:3]:
Reserved (0) */
0x00, /* bmControls:
D[1:0]:
Clock Freq Control
D[3:2]:
Clock Validity Control
D[7:4]:
Reserved (0) */
0x00, /* bAssocTerminal */
0x00, /* iClockSource */
/* Class-Specific AC Input Terminal Descriptor */
0x11, /* bLength */
0x24, /* bDescriptorType */
0x02, /* bDescriptorSubtype */
0x01, /* bTerminalID */
0x01, 0x02, /* wTerminalType */
0x00, /* bAssocTerminal */
0x10, /* bCSourceID */
0x02, /* bNrChannels,indicate has number of channel in cluster*/
0x03, 0x00, 0x00, 0x00, /* bmChannelConfig,spatial positions*/
0x00, /* iChannelNames,index remaining channel spatial positions descripte*/
0x00, 0x00, /* bmControls */
0x00, /* iTerminal */
/* Class-Specific AC Output Terminal Descriptor*/
0x0C, /* bLength */
0x24, /* bDescriptorType */
0x03, /* bDescriptorSubtype */
0x02, /* bTerminalID */
0x01, 0x01, /* wTerminalType */
0x00, /* bAssocTerminal */
0x01, /* bSourceID */
0x10, /* bCSourceID */
0x00, 0x00, /* bmControls */
0x00, /* iTerminal */
/* Audio In Standard AS Interface Descriptor (Alt 0 - Zero Bandwidth) */
0x09, /* bLength */
0x04, /* bDescriptorType */
0x01, /* bInterfaceNumber */
0x00, /* bAlternateSetting */
0x00, /* bNumEndpoints */
0x01, /* bInterfaceClass */
0x02, /* bInterfaceSubClass */
0x20, /* bInterfaceProtocol */
0x00, /* iInterface */
/* Audio In Standard AS Interface Descriptor (Alt 1) */
0x09, /* bLength */
0x04, /* bDescriptorType */
0x01, /* bInterfaceNumber */
0x01, /* bAlternateSetting */
0x01, /* bNumEndpoints */
0x01, /* bInterfaceClass */
0x02, /* bInterfaceSubClass */
0x20, /* bInterfaceProtocol */
0x00, /* iInterface */
/* Audio In Class-Specific AS Interface descriptor */
0x10, /* bLength */
0x24, /* bDescriptorType */
0x01, /* bDescriptorSubtype */
0x02, /* bTerminalLink,Terminal ID of Output Terminal */
0x00, /* bmControls */
0x01, /* bFormatType */
0x01, 0x00, 0x00, 0x00, /* bmFormats PCM*/
0x02, /* bNrChannels 2 channel*/
0x03, 0x00, 0x00, 0x00, /* bmChannelConfig */
0x00, /* iChannelNames */
/* Audio In Class-Specific AS Type I Format Descriptor */
0x0B, /* Descriptor size */
0x24, /* Class-specific Interface Descriptor Type */
0x02, /* Format Type Descriptor subtype */
0x01, /* PCM FORMAT_TYPE_I */
0x02, /* Number of channels - 2 */
0x02, /* Subframe size - 2 bytes per audio subframe */
0x10, /* Bit resolution - 16 bits */
0x01, /* Number of samping frequencies - 1 */
0x80, 0xBB, 0x00, /* Sampling frequency - 48000 Hz */
/* Audio In Standard AS Isochronous Data EP Descriptor */
0x07, /* bLength */
0x05, /* bDescriptorType */
0x81, /* bEndpointAddress */
0x05, /* bmAttributes */
0xC8, 0x00, /* wMaxPacketSize 200byte*/
0x01, /* bInterval */
/* Superspeed Endpoint Companion Descriptor */
0x06, /* bLength */
0x30, /* bDescriptorType */
0x00, /* bMaxBurst */
0x00, /* bmAttributes */
0x60, 0x00, /* wBytesPerInterval */
/* Audio In Class-Specific AS Isochronous Data EP Descriptor */
0x08, /* bLength */
0x25, /* bDescriptorType */
0x01, /* bDescriptorSubtype */
0x00, /* bmAttributes */
0x00, /* bmControls */
0x02, /* bLockDelayUnits */
0x08, 0x00, /* wLockDelay */

Composite USB CDC/HID device on STMF32F303

I'm following the advice:
It is possible to achieve your own composite USB Device, by combining the desired classes' drivers into one class, under your own folder within: Middlewares\ST\STM32_USB Device Library\Class
from https://community.st.com/s/question/0D50X00009XkgYtSAJ/stm32f4-hal-composite-usb-device-example
I now have a unified configuration descriptor.
/* USB CDC device Configuration Descriptor */
__ALIGN_BEGIN uint8_t USBD_CDC_CfgFSDesc[USB_CDC_CONFIG_DESC_SIZ] __ALIGN_END =
{
/*Configuration Descriptor*/
0x09, /* bLength: Configuration Descriptor size */
USB_DESC_TYPE_CONFIGURATION, /* bDescriptorType: Configuration */
USB_CDC_CONFIG_DESC_SIZ, /* wTotalLength:no of returned bytes */
0x00,
0x03, /* bNumInterfaces: 2 interface */
0x01, /* bConfigurationValue: Configuration value */
0x00, /* iConfiguration: Index of string descriptor describing the configuration */
0xC0, /* bmAttributes: self powered */
0x32, /* MaxPower 0 mA */
/*---------------------------------------------------------------------------*/
//////////////////////////////////////////////////////////////////////////////////////
//Add 1 IAD class here // this one is for COM port
0x08, // bLength: Interface Descriptor size
0x0B, // bDescriptorType: IAD
0x00, // bFirstInterface //starting of interface
0x02, // bInterfaceCount //interfaces under this IAD class
0x02, // bFunctionClass: CDC
0x02, // bFunctionSubClass
0x01, // bFunctionProtocol
0x02, // iFunction
//////////////////////////////////////////////////////////////////////////////////////
/*Interface Descriptor */
0x09, /* bLength: Interface Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: Interface */
/* Interface descriptor type */
0x00, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x01, /* bNumEndpoints: One endpoints used */
0x02, /* bInterfaceClass: Communication Interface Class */
0x02, /* bInterfaceSubClass: Abstract Control Model */
0x01, /* bInterfaceProtocol: Common AT commands */
0x00, /* iInterface: */
/*Header Functional Descriptor*/
0x05, /* bLength: Endpoint Descriptor size */
0x24, /* bDescriptorType: CS_INTERFACE */
0x00, /* bDescriptorSubtype: Header Func Desc */
0x10, /* bcdCDC: spec release number */
0x01,
/*Call Management Functional Descriptor*/
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x01, /* bDescriptorSubtype: Call Management Func Desc */
0x00, /* bmCapabilities: D0+D1 */
0x01, /* bDataInterface: 1 */
/*ACM Functional Descriptor*/
0x04, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x02, /* bDescriptorSubtype: Abstract Control Management desc */
0x02, /* bmCapabilities */
/*Union Functional Descriptor*/
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x06, /* bDescriptorSubtype: Union func desc */
0x00, /* bMasterInterface: Communication class interface */
0x01, /* bSlaveInterface0: Data Class Interface */
/*Endpoint 2 Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_CMD_EP, /* bEndpointAddress */
0x03, /* bmAttributes: Interrupt */
LOBYTE(CDC_CMD_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_CMD_PACKET_SIZE),
CDC_FS_BINTERVAL, /* bInterval: */
/*---------------------------------------------------------------------------*/
/*Data class interface descriptor*/
0x09, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: */
0x01, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x02, /* bNumEndpoints: Two endpoints used */
0x0A, /* bInterfaceClass: CDC */
0x00, /* bInterfaceSubClass: */
0x00, /* bInterfaceProtocol: */
0x00, /* iInterface: */
/*Endpoint OUT Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_OUT_EP, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00, /* bInterval: ignore for Bulk transfer */
/*Endpoint IN Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_IN_EP, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00, /* bInterval: ignore for Bulk transfer */
///////////////////////////////////////////////////////////////////////////////////////////////
// IAD Mouse
0x08, // bLength: Interface Descriptor size
0x0B, // bDescriptorType: IAD
0x02, // bFirstInterface //starts from zero .. hence 0-1- and now 2
0x01, // bInterfaceCount //no of interfaces used in function. for above cdc it was 2
0x03, //*bInterfaceClass: HID*/
0x01, //*bInterfaceSubClass : 1=BOOT, 0=no boot*/
0x02, //*nInterfaceProtocol : 0=none, 1=keyboard, 2=mouse*/
0x02, //*iInterface: Index of string descriptor*/
////////////////////////////////////////////////////////////////////////////////////////////////
/************** Descriptor of Joystick Mouse interface ****************/
/* 09 */
0x09, /*bLength: Interface Descriptor size*/
USB_DESC_TYPE_INTERFACE,/*bDescriptorType: Interface descriptor type*/
0x02, /*bInterfaceNumber: Number of Interface*/
0x00, /*bAlternateSetting: Alternate setting*/
0x01, /*bNumEndpoints*/
0x03, /*bInterfaceClass: HID*/
0x01, /*bInterfaceSubClass : 1=BOOT, 0=no boot*/
0x02, /*nInterfaceProtocol : 0=none, 1=keyboard, 2=mouse*/
0x02, /*iInterface: Index of string descriptor*/
/******************** Descriptor of Joystick Mouse HID ********************/
/* 18 */
0x09, /*bLength: HID Descriptor size*/
HID_DESCRIPTOR_TYPE, /*bDescriptorType: HID*/
0x11, /*bcdHID: HID Class Spec release number*/
0x01,
0x00, /*bCountryCode: Hardware target country*/
0x01, /*bNumDescriptors: Number of HID class descriptors to follow*/
0x22, /*bDescriptorType*/
HID_MOUSE_REPORT_DESC_SIZE,/*wItemLength: Total length of Report descriptor*/
0x00,
/******************** Descriptor of Mouse endpoint ********************/
/* 27 */
0x07, /*bLength: Endpoint Descriptor size*/
USB_DESC_TYPE_ENDPOINT, /*bDescriptorType:*/
HID_EPIN_ADDR, /*bEndpointAddress: Endpoint Address (IN)*/
0x03, /*bmAttributes: Interrupt endpoint*/
HID_EPIN_SIZE, /*wMaxPacketSize: 4 Byte max */
0x00,
HID_FS_BINTERVAL, /*bInterval: Polling Interval */
/* 34 */
} ;
and a unified init:
static uint8_t USBD_CDC_Init(USBD_HandleTypeDef *pdev, uint8_t cfgidx)
{
uint8_t ret = 0U;
USBD_CDC_HandleTypeDef *hcdc;
if (pdev->dev_speed == USBD_SPEED_HIGH)
{
/* Open EP IN */
USBD_LL_OpenEP(pdev, CDC_IN_EP, USBD_EP_TYPE_BULK,
CDC_DATA_HS_IN_PACKET_SIZE);
pdev->ep_in[CDC_IN_EP & 0xFU].is_used = 1U;
/* Open EP OUT */
USBD_LL_OpenEP(pdev, CDC_OUT_EP, USBD_EP_TYPE_BULK,
CDC_DATA_HS_OUT_PACKET_SIZE);
pdev->ep_out[CDC_OUT_EP & 0xFU].is_used = 1U;
}
else
{
/* Open EP IN */
USBD_LL_OpenEP(pdev, CDC_IN_EP, USBD_EP_TYPE_BULK,
CDC_DATA_FS_IN_PACKET_SIZE);
pdev->ep_in[CDC_IN_EP & 0xFU].is_used = 1U;
/* Open EP OUT */
USBD_LL_OpenEP(pdev, CDC_OUT_EP, USBD_EP_TYPE_BULK,
CDC_DATA_FS_OUT_PACKET_SIZE);
pdev->ep_out[CDC_OUT_EP & 0xFU].is_used = 1U;
}
/* Open Command IN EP */
USBD_LL_OpenEP(pdev, CDC_CMD_EP, USBD_EP_TYPE_INTR, CDC_CMD_PACKET_SIZE);
pdev->ep_in[CDC_CMD_EP & 0xFU].is_used = 1U;
pdev->pClassData = USBD_malloc(sizeof(USBD_CDC_HandleTypeDef));
if (pdev->pClassData == NULL)
{
ret = 1U;
}
else
{
hcdc = (USBD_CDC_HandleTypeDef *) pdev->pClassData;
/* Init physical Interface components */
((USBD_CDC_ItfTypeDef *)pdev->pUserData)->Init();
/* Init Xfer states */
hcdc->TxState = 0U;
hcdc->RxState = 0U;
if (pdev->dev_speed == USBD_SPEED_HIGH)
{
/* Prepare Out endpoint to receive next packet */
USBD_LL_PrepareReceive(pdev, CDC_OUT_EP, hcdc->RxBuffer,
CDC_DATA_HS_OUT_PACKET_SIZE);
}
else
{
/* Prepare Out endpoint to receive next packet */
USBD_LL_PrepareReceive(pdev, CDC_OUT_EP, hcdc->RxBuffer,
CDC_DATA_FS_OUT_PACKET_SIZE);
}
}
// HID
/* Open EP IN */
USBD_LL_OpenEP(pdev, HID_EPIN_ADDR, USBD_EP_TYPE_INTR, HID_EPIN_SIZE);
pdev->ep_in[HID_EPIN_ADDR & 0xFU].is_used = 1U;
pdev->pClassData = USBD_malloc(sizeof(USBD_HID_HandleTypeDef));
if (pdev->pClassData == NULL)
{
return USBD_FAIL;
}
((USBD_HID_HandleTypeDef *)pdev->pClassData)->state = HID_IDLE;
return ret;
}
I am concerned that the value of CDC_IN_EP (0x81) clashes with HID_EPIN_ADDR (also 0x81).
Is this a valid concern?
Is there an example of making a composite CDC/HID using CubeMX?
I needed to use 0x83 as the HID endpoint. I confirmed that this worked in the simple HID example, too.
There are still many other obstacles in the way of getting a working CDC/HID composite device on STM32.

SGX calculating HMAC inside enclave

I'm trying to calculate an HMAC with SHA512 inside an Intel SGX enclave.
I got the code to work but receive the wrong results. I have an example that uses static pre-defined key and nonce from which the HMAC is calculated, but when verifying the received result it does not match the correct one.
Apparantely there are two different variants to calculate the HMAC (according to this enter link description here, I've tried both.
Here is the function from the enclave:
int calculateHMAC(uint8_t *key, uint8_t *nonce, uint8_t *res_hmac) {
IppsHMACState *ctx;
IppStatus status;
int psize = 0;
//VARIANT 1
status = ippsHMAC_GetSize(&psize);
if (status == ippStsNullPtrErr)
return 1;
ctx = (IppsHMACState*) malloc(psize);
status = ippsHMAC_Init(key, 16, ctx, ippHashAlg_SHA512);
if (status != ippStsNoErr)
return 1;
status = ippsHMAC_Update(nonce, 16, ctx);
if (status != ippStsNoErr)
return 1;
uint8_t hmac[64];
memset(hmac, '\0', 64);
status = ippsHMAC_Final(hmac, 64, ctx);
if (status != ippStsNoErr)
return 1;
memcpy(res_hmac, hmac, 64);
//VARIANT 2
// uint8_t test_hmac[HMAC_LENGTH];
// status = ippsHMAC_Message(nonce, 16, key, 16, test_hmac, 64, ippHashAlg_SHA512);
// if (status != ippStsNoErr)
// return 1;
// memcpy(res_hmac, test_hmac, 64);
return 0;
}
Here is the UPDATED call:
uint8_t ba_nonce[16] = {
0x7d, 0x93, 0x09, 0x9f, 0x7f, 0xed, 0x16, 0x21,
0x58, 0x36, 0xf7, 0xba, 0xd4, 0xdb, 0x0e, 0x48
};
uint8_t ba_key[16] = {
0xa5, 0xb1, 0x15, 0x53, 0x6d, 0x5b, 0xf3, 0x50,
0xc5, 0xb0, 0xfa, 0x6f, 0x69, 0x24, 0x2f, 0x18
};
uint8_t t_hmac[64];
memset(t_hmac, '\0', 64);
int error = calculateHMAC(ba_key, ba_nonce, t_hmac);
I don't see what I'm doing wrong!?
This will result in
7d2f2e3d57c84a58945b9016fb37e2df03afdde313c9d79c31ec1e6612d6d6b20456a8fcf799ef74d16f60c7f283e621400004422885f33fb3d2bb7ae7a1daa3
which is wrong according to this calculator here
Your issue is strtol(). It expects a string. In C a string is an arbitrary sequence of characters terminated with a NULL-byte. However, it is provided a pointer to an array of size two where the last entry is not NULL. Therefore, strtol() also analysis the bytes behind your tmp array.
Since, tmp is stored on the stack we can not assume that the subsequent bytes are always the same for different invocations. Thus, you get random results.
Solution: Either, you increase the size of tmp and add a NULL byte in the last place or - and this is probably the better solution - you directly initialize nonce and key with what you need (see also this post):
uint8_t ba_nonce[16] = {
0x7d, 0x93, 0x09, 0x9f, 0x7f, 0xed, 0x16, 0x21,
0x58, 0x36, 0xf7, 0xba, 0xd4, 0xdb, 0x0e, 0x48
};
uint8_t ba_key[16] = {
0xa5, 0xb1, 0x15, 0x53, 0x6d, 0x5b, 0xf3, 0x50,
0xc5, 0xb0, 0xfa, 0x6f, 0x69, 0x24, 0x2f, 0x18
};

USB DUAL CDC endpoints for transferring data

I have emulated two VCPs with only one USB Device. I can send data in one VCP that has the following Endpoint Address.
#define CDC_IN_EP 0x81 /* EP1 for data IN */
#define CDC_OUT_EP 0x01 /* EP1 for data OUT */
#define CDC_CMD_EP 0x82 /* EP2 for CDC commands */
I would like to know if it's possible to send data in the other VCP with other Endpoint Address like:
#define CDC_IN_EP3 0x83 /* EP3 for data IN */
#define CDC_OUT_EP3 0x03 /* EP3 for data OUT */
#define CDC_CMD_EP4 0x84 /* EP4 for CDC commands */
My problem is that addresses others than 0x81 don't allow me to send data over the second VCP. I'm using two CDC interfaces Full-Speed. Normally we can use seven endpoints with CDC_FS and that's what I'm trying to do... I have six Endpoints: three for each VCP and the seventh is Endpoint 0 for configuration.
Have I missed something in the Endpoints Configuration or in the Composite Device Descriptors?
/* USB CDC device Configuration Descriptor */
__ALIGN_BEGIN uint8_t USBD_CDC_CfgFSDesc[USB_CDC_CONFIG_DESC_SIZ] __ALIGN_END =
{
/* Configuration Descriptor */
0x09, /* bLength: Configuration Descriptor size */
USB_DESC_TYPE_CONFIGURATION, /* bDescriptorType: Configuration */
USB_CDC_CONFIG_DESC_SIZ, /* wTotalLength:no of returned bytes */
0x00,
0x04, /* bNumInterfaces: 4 interface */
0x01, /* bConfigurationValue: Configuration value */
0x00, /* iConfiguration: Index of string descriptor describing the configuration */
0xC0, /* bmAttributes: Self powered */
0x32, /* MaxPower 100 mA */
/*---------------------------------------------------------------------------*/
// IAD0
0x08, // bLength: Interface Descriptor size
0x0B, // bDescriptorType: IAD
0x00, // bFirstInterface
0x02, // bInterfaceCount
0x02, // bFunctionClass: CDC
0x02, // bFunctionSubClass
0x01, // bFunctionProtocol
0x02, // iFunction
/* Interface0 Descriptor */
0x09, /* bLength: Interface Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: Interface */
/* Interface descriptor type */
0x00, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x01, /* bNumEndpoints: One endpoints used */
0x02, /* bInterfaceClass: Communication Interface Class */
0x02, /* bInterfaceSubClass: Abstract Control Model */
0x01, /* bInterfaceProtocol: Common AT commands */
0x00, /* iInterface: */
/* Header Functional Descriptor */
0x05, /* bLength: Endpoint Descriptor size */
0x24, /* bDescriptorType: CS_INTERFACE */
0x00, /* bDescriptorSubtype: Header Func Desc */
0x10, /* bcdCDC: spec release number */
0x01,
/* Call Management Functional Descriptor */
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x01, /* bDescriptorSubtype: Call Management Func Desc */
0x03, /* bmCapabilities: D0+D1 */
0x01, /* bDataInterface: 1 */
/* ACM Functional Descriptor */
0x04, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x02, /* bDescriptorSubtype: Abstract Control Management desc */
0x02, /* bmCapabilities */
/* Union Functional Descriptor */
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x06, /* bDescriptorSubtype: Union func desc */
0x00, /* bMasterInterface: Communication class interface */
0x01, /* bSlaveInterface0: Data Class Interface */
/* Endpoint 2 Descriptor */
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_CMD_EP, /* bEndpointAddress */
0x03, /* bmAttributes: Interrupt */
LOBYTE(CDC_CMD_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_CMD_PACKET_SIZE),
0xFF, /* bInterval: */
/*---------------------------------------------------------------------------*/
/*Data class interface descriptor*/
0x09, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: */
0x01, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x02, /* bNumEndpoints: Two endpoints used */
0x0A, /* bInterfaceClass: CDC */
0x00, /* bInterfaceSubClass: */
0x00, /* bInterfaceProtocol: */
0x00, /* iInterface: */
/*Endpoint OUT Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_OUT_EP, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00, /* bInterval: ignore for Bulk transfer */
/*Endpoint IN Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_IN_EP, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00, /* bInterval: ignore for Bulk transfer */
/*---------------------------------------------------------------------------*/
// IAD1
0x08, // bLength: Interface Descriptor size
0x0B, // bDescriptorType: IAD
0x02, // bFirstInterface
0x02, // bInterfaceCount
0x02, // bFunctionClass: CDC
0x02, // bFunctionSubClass
0x01, // bFunctionProtocol
0x02, // iFunction
/* Interface1 Descriptor */
0x09, /* bLength: Interface Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: Interface */
/* Interface descriptor type */
0x02, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x01, /* bNumEndpoints: One endpoints used */
0x02, /* bInterfaceClass: Communication Interface Class */
0x02, /* bInterfaceSubClass: Abstract Control Model */
0x01, /* bInterfaceProtocol: Common AT commands */
0x00, /* iInterface: */
/*Header Functional Descriptor*/
0x05, /* bLength: Endpoint Descriptor size */
0x24, /* bDescriptorType: CS_INTERFACE */
0x00, /* bDescriptorSubtype: Header Func Desc */
0x10, /* bcdCDC: spec release number */
0x01,
/*Call Management Functional Descriptor*/
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x01, /* bDescriptorSubtype: Call Management Func Desc */
0x03, /* bmCapabilities: D0+D1 */
0x03, /* bDataInterface: 1 */
/*ACM Functional Descriptor*/
0x04, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x02, /* bDescriptorSubtype: Abstract Control Management desc */
0x02, /* bmCapabilities */
/*Union Functional Descriptor*/
0x05, /* bFunctionLength */
0x24, /* bDescriptorType: CS_INTERFACE */
0x06, /* bDescriptorSubtype: Union func desc */
0x02, /* bMasterInterface: Communication class interface */
0x03, /* bSlaveInterface0: Data Class Interface */
/*Endpoint 2 Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_CMD_EP4, /* bEndpointAddress */
0x03, /* bmAttributes: Interrupt */
LOBYTE(CDC_CMD_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_CMD_PACKET_SIZE),
0xFF, /* bInterval: */
/*---------------------------------------------------------------------------*/
/*Data class interface descriptor*/
0x09, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_INTERFACE, /* bDescriptorType: */
0x03, /* bInterfaceNumber: Number of Interface */
0x00, /* bAlternateSetting: Alternate setting */
0x02, /* bNumEndpoints: Two endpoints used */
0x0A, /* bInterfaceClass: CDC */
0x00, /* bInterfaceSubClass: */
0x00, /* bInterfaceProtocol: */
0x00, /* iInterface: */
/*Endpoint OUT Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_OUT_EP3, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00, /* bInterval: ignore for Bulk transfer */
/*Endpoint IN Descriptor*/
0x07, /* bLength: Endpoint Descriptor size */
USB_DESC_TYPE_ENDPOINT, /* bDescriptorType: Endpoint */
CDC_IN_EP3, /* bEndpointAddress */
0x02, /* bmAttributes: Bulk */
LOBYTE(CDC_DATA_FS_MAX_PACKET_SIZE), /* wMaxPacketSize: */
HIBYTE(CDC_DATA_FS_MAX_PACKET_SIZE),
0x00 /* bInterval: ignore for Bulk transfer */
};
I had a similar problem with the STM32 USB device library. When you modify or add a new endpoint address in the configuration descriptor, you also have to set the endpoint address in the PMA (packet memory area). You can do that in the USBD_LL_INIT block with the HAL_PCDEx_PMAConfig function:
USBD_StatusTypeDef USBD_LL_Init (USBD_HandleTypeDef *pdev)
{
/* Init USB_IP */
/* enable USB power on Pwrctrl CR2 register */
HAL_PWREx_EnableVddUSB();
/* Link The driver to the stack */
hpcd_USB_FS.pData = pdev;
pdev->pData = &hpcd_USB_FS;
hpcd_USB_FS.Instance = USB;
hpcd_USB_FS.Init.dev_endpoints = 8;
hpcd_USB_FS.Init.speed = PCD_SPEED_FULL;
hpcd_USB_FS.Init.ep0_mps = DEP0CTL_MPS_8;
hpcd_USB_FS.Init.phy_itface = PCD_PHY_EMBEDDED;
hpcd_USB_FS.Init.Sof_enable = DISABLE;
hpcd_USB_FS.Init.low_power_enable = DISABLE;
hpcd_USB_FS.Init.lpm_enable = DISABLE;
hpcd_USB_FS.Init.battery_charging_enable = DISABLE;
if (HAL_PCD_Init(&hpcd_USB_FS) != HAL_OK)
{
Error_Handler();
}
HAL_PCDEx_PMAConfig((PCD_HandleTypeDef*)pdev->pData , 0x00 , PCD_SNG_BUF, 0x18);
HAL_PCDEx_PMAConfig((PCD_HandleTypeDef*)pdev->pData , 0x80 , PCD_SNG_BUF, 0x58);
HAL_PCDEx_PMAConfig((PCD_HandleTypeDef*)pdev->pData , 0x81 , PCD_SNG_BUF, 0xC0);
HAL_PCDEx_PMAConfig((PCD_HandleTypeDef*)pdev->pData , 0x01 , PCD_SNG_BUF, 0x110);
HAL_PCDEx_PMAConfig((PCD_HandleTypeDef*)pdev->pData , 0x82 , PCD_SNG_BUF, 0x100);
return USBD_OK;
}
After that I could use the new endpoints for data transfer.

Java Card setExponent() method fails when exponent has more than 10 bytes

I'm trying to implement the modPow function on Java Card using the build in RSA CryptoSystem. The code seems trivial but I have issued on implementation.
My code untill now :
Cipher m_encryptCipherRSA = Cipher.getInstance(Cipher.ALG_RSA_NOPAD, false); // create the cipher
RSAPublicKey m_rsaPublicKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC,KeyBuilder.LENGTH_RSA_1024,false); // create the public key
m_random = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
m_random.generateData(temp1, (short)0, MODULUS_LENGTH);
m_rsaPublicKey.setModulus(temp1,(short)0, MODULUS_LENGTH); //generate modulus
m_random.generateData(temp1,(short)0, (short) EXPONENT_LENGTH);
m_rsaPublicKey.setExponent(temp1,(short)0, (short)EXPONENT_LENGTH);
The cod seems to work ok if EXPONENT_LENGTH has no more than 10 bytes.The Java Card I have has limited the dimension of public exponent. However my project is based on numbers up to 128bytes long.Is there a way to create a generic modpow function based on this hardware limitation? Is there another way I could implement the power exponentiation which is still feasible.
I managed to solve the problem by using the private exponent ( which seems not be constraint by RSA cryptosystem).Below is the working code.
public byte[] modPow(byte[] x,short xOffset,short xLength,byte[] y,short yOffset,short yLength)
{
Util.arrayCopy(y, yOffset, tempBuffer, (short)(Configuration.TEMP_OFFSET_EXPONENT+4), yLength);
Util.arrayFillNonAtomic(tempBuffer, Configuration.TEMP_OFFSET_EXPONENT, (byte)4,(byte)0x00);
mRsaPrivateKeyModPow.setExponent(tempBuffer,Configuration.TEMP_OFFSET_EXPONENT, (short)(yLength+4));
mRsaCipherModPow.init(mRsaPrivateKeyModPow, Cipher.MODE_DECRYPT);
Util.arrayCopy(x,xOffset,tempBuffer, Configuration.TEMP_OFFSET_RSA, Configuration.LENGTH_RSAOBJECT_MODULUS);
mRsaCipherModPow.doFinal(tempBuffer,Configuration.TEMP_OFFSET_RSA, (short) (Configuration.LENGTH_RSAOBJECT_MODULUS), tempBuffer,Configuration.TEMP_OFFSET_RSA);
mRsaPrivateKeyModPow.clearKey();
return tempBuffer;
}
Well, I tried both RSAPublicKey and RSAPrivateKey for two different cards, and both worked fine:
package soqPack;
import javacard.framework.*;
import javacard.security.KeyBuilder;
import javacard.security.RSAPrivateKey;
import javacard.security.RSAPublicKey;
import javacard.security.RandomData;
import javacardx.biometry.BioBuilder;
import javacardx.crypto.Cipher;
public class modPowtest extends Applet {
//Definition Of INS in APDU command
public static final byte INS_MOD_POW = (byte) 0x00;
//Switch cases to choose RSA Public key or RSA Private key for ModPow()
//P1 in APDU command.
public static final byte USE_PUB_KEY = (byte) 0x00;
public static final byte USE_PRI_KEY = (byte) 0x01;
//Required objects
byte[] tempMem;
Cipher myCipher;
RSAPrivateKey rsaPriKey;
RSAPublicKey rsaPubKey;
RandomData random;
public static void install(byte[] bArray, short bOffset, byte bLength) {
new modPowtest();
}
protected modPowtest() {
myCipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
rsaPriKey = (RSAPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PRIVATE, KeyBuilder.LENGTH_RSA_1024, false);
rsaPubKey = (RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, KeyBuilder.LENGTH_RSA_1024, false);
tempMem = JCSystem.makeTransientByteArray((short) 0x80, JCSystem.CLEAR_ON_DESELECT);
random = RandomData.getInstance(RandomData.ALG_PSEUDO_RANDOM);
register();
}
public void process(APDU apdu) {
if (selectingApplet()) {
return;
}
byte[] buffer = apdu.getBuffer();
switch (buffer[ISO7816.OFFSET_INS]) {
case INS_MOD_POW:
modPow(apdu);
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
}
public void modPow(APDU apdu) {
byte[] buffer = apdu.getBuffer();
switch (buffer[ISO7816.OFFSET_P1]) {
case USE_PUB_KEY:
random.generateData(tempMem, (short) 0x00, (short) 0x80);
rsaPubKey.setModulus(tempMem, (short) 0x00, (short) 0x80);
random.generateData(tempMem, (short) 0x00, (short) 0x03);
rsaPubKey.setExponent(tempMem, (short) 0x00, (short) 0x03);
break;
case USE_PRI_KEY:
random.generateData(tempMem, (short) 0x00, (short) 0x80);
rsaPriKey.setModulus(tempMem, (short) 0x00, (short) 0x80);
random.generateData(tempMem, (short) 0x00, (short) 0x03);
rsaPriKey.setExponent(tempMem, (short) 0x00, (short) 0x03);
break;
default:
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
}
}
}
Works as below:
Download Cap begin...
Download Cap successful.
Install Applet begin...
Install Applet successful.
Select Applet begin...
Select Applet successful.
Send: 00 00 00 00 00
Recv: 90 00
Send: 00 00 01 00 00
Recv: 90 00
Update: (Related your new question in the comments and here):
I also, changed value of tempMem[0] just before the setModulus and setExponent methods to 0x69, and it still works fine.