A User Centric Security Model for Tamper-Resistant Devices

C.7 Application Binding Protocol - Local
149 byte [ ] temp = new byte [ pMessage [ 0 ] ] ;
150 pMessage [ 1 ] = ( byte ) AESCipher . doFinal ( pMessage , ( short ) 4 , ( short )
151 ( pMessage [ 0 ] − 4) , temp , ( short ) 0) ;
152 pMessage [ 3 ] += pMessage [ 1 ] ;
153 pMessage [ 0 ] −= ( byte ) paddingbytes ;
154 U t i l . arrayCopyNonAtomic ( temp , ( short ) 0 , pMessage , pMessage [ 0 ] ,
155 ( short ) pMessage [ 1 ] ) ;
156 }
157 protected void encryptData ( short s t a r t , short length , AESKey Key) {
158 short paddingbytes = 0 ;
159 i f ( ( short ) ( l e n g t h % 16) != 0) {
160 paddingbytes = ( short ) (16 −( l e n g t h % 16) ) ;
161 }
162 byte [ ] temp = JCSystem . makeTransientByteArray ( ( short ) ( l e n g t h +
163 paddingbytes ) , JCSystem .CLEAR_ON_DESELECT) ;
164 AESCipher . i n i t (Key , Cipher .MODE_ENCRYPT) ;
165 U t i l . arrayCopyNonAtomic ( pMessage , ( short ) s t a r t , temp , ( short ) 0 ,
166 ( short ) l e n g t h ) ;
167 i f ( paddingbytes != 0) {
168 for ( short i = 0 ; i < paddingbytes ; i ++, l e n g t h++) {
169 temp [ ( short ) ( l e n g t h ) ] = ( byte ) 0xFF ;
170 }
171 }
172 AESCipher . doFinal ( temp , ( short ) 0 , ( short ) length , pMessage , ( short )
173 s t a r t ) ;
174 }
175 protected void generateSignatureData ( ) {
176 byte [ ] s i g B u f f = JCSystem . makeTransientByteArray ( ( short ) 256 ,
177 JCSystem .CLEAR_ON_DESELECT) ;
178 short sigLen = 0 ;
179 myClientAppSignature . i n i t ( client_SignKeyPair . g e t P r i v a t e ( ) ,
180 Cipher .MODE_ENCRYPT) ;
181 sigLen = myClientAppSignature . doFinal ( pMessage , ( short ) 4 , ( short )
182 64 , s i g B u f f , ( short ) 0) ;
183 U t i l . arrayCopyNonAtomic ( s i g B u f f , ( short ) 0 , pMessage , ( short ) 4 ,
184 sigLen ) ;
185 pMessage [ 2 ] = ( byte ) sigLen ;
186 }
187 protected void generatedDecryptedData ( short s t a r t , short length ,
188 AESKey Key) {
189 byte [ ] tempBuff = JCSystem . makeTransientByteArray ( length ,
190 JCSystem .MEMORY_TYPE_TRANSIENT_DESELECT) ;
191 AESCipher . i n i t (Key , Cipher .MODE_DECRYPT) ;
192 U t i l . arrayCopyNonAtomic ( pMessage , s t a r t , tempBuff , ( short ) 0 ,
193 ( short ) l e n g t h ) ;
194 AESCipher . doFinal ( tempBuff , ( short ) 0 , ( short ) length , pMessage ,
195 ( short ) s t a r t ) ;
196 }
197 protected boolean v e r i f y SignedData ( short s t a r t , short l e n g t h ) {
198 myClientAppSignature . i n i t ( s e r v e r V e r i f i c a t i o n K e y ,
199 Cipher .MODE_DECRYPT) ;
368