Tarpit added

rileyg98 · rileyg98 · commit 707eb3647e2c · 2020-01-10T20:10:04.000+10:00
Tarpit added and rebranded source tree to com.vivokey.otp - 600ms delay on failed authentication
diff --git a/applet/src/com/vivokey/otp/OathObj.java b/applet/src/com/vivokey/otp/OathObj.java
diff --git a/applet/src/com/vivokey/otp/YkneoOath.java b/applet/src/com/vivokey/otp/YkneoOath.java
@@ -1,4 +1,4 @@
-package pkgYkneoOath;
+package com.vivokey.otp;
 
 /*
  * Copyright (c) 2013-2015 Yubico AB
@@ -23,6 +23,7 @@
 import javacard.framework.ISOException;
 import javacard.framework.JCSystem;
 import javacard.framework.Util;
+import javacard.security.MessageDigest;
 import javacard.security.RandomData;
 
 public class YkneoOath extends Applet {
@@ -60,6 +61,10 @@ public class YkneoOath extends Applet {
 	private OathObj scratchAuth;
 	private byte[] propBuf;
 
+	private byte[] tar1;
+	private byte[] tar2;
+	private MessageDigest sha224;
+	
 	private static final byte PROP_AUTH_OFFS = 0;
 	private static final byte PROP_SENT_DATA_OFFS = 1;
 	private static final byte PROP_REMAINING_DATA_LEN = 3;
@@ -79,6 +84,10 @@ public YkneoOath() {
 		sendBuffer = JCSystem.makeTransientByteArray(BUFSIZE, JCSystem.CLEAR_ON_DESELECT);
 		propBuf = JCSystem.makeTransientByteArray(PROP_BUF_SIZE, JCSystem.CLEAR_ON_DESELECT);
 		rng = RandomData.getInstance(RandomData.ALG_PSEUDO_RANDOM);
+		
+		sha224 = MessageDigest.getInstance(MessageDigest.ALG_SHA_224, false);
+		tar1 = JCSystem.makeTransientByteArray((short) 28, JCSystem.CLEAR_ON_RESET);
+		tar2 = JCSystem.makeTransientByteArray((short)28, JCSystem.CLEAR_ON_RESET);
 
 		identity = new byte[CHALLENGE_LENGTH];
 		rng.generateData(identity, _0, CHALLENGE_LENGTH);
@@ -231,6 +240,10 @@ private short handleValidate(byte[] input, byte[] output) {
 		if(Util.arrayCompare(input, offs, tempBuf, _0, len) == 0) {
 			propBuf[PROP_AUTH_OFFS] = 1;
 		} else {
+			rng.generateData(tar1, (short)0, (short)28);
+			sha224.doFinal(tar1, (short)0, (short)28, tar2, (short)0);
+			sha224.doFinal(tar2, (short)0, (short)28, tar1, (short)0);
+			sha224.doFinal(tar1, (short)0, (short)28, tar2, (short)0);
 			ISOException.throwIt(ISO7816.SW_WRONG_DATA);
 		}
 		offs += len;
@@ -440,6 +453,7 @@ private void handlePut(byte[] buf) {
 		byte digits = buf[offs++];
 
 		// protect against tearing (we want to do this as late as possible)
+
 		object.setActive(false);
 		object.setDigits(digits);
 
@@ -464,6 +478,7 @@ private void handlePut(byte[] buf) {
 			object.clearImf();
 		}
 		object.setActive(true);
+
 	}
 
 	private short getLength(byte[] buf, short offs) {
diff --git a/build.xml b/build.xml
@@ -10,7 +10,7 @@
   <target name="build" depends="test,ant-javacard">
     <javacard>
       <cap jckit="oracle_javacard_sdks/jc222_kit" aid="A0:00:00:06:17:00:61:FC:54:D5:01" output="vivokey-otp.cap" sources="applet/src">
-        <applet class="pkgYkneoOath.YkneoOath"/>
+        <applet class="com.vivokey.otp.YkneoOath"/>
       </cap>
     </javacard>
   </target>
