shaibuttoncoprvm.java

这是一个以JAVA编写的程序,本人还没有试过,是一个简单的温度控制系统

    * @param macStart the offset into mac_buffer where copying should start.

    * @return <code>true</code> if successful, <code>false</code> if an error
    *         occurred  (use <code>getLastError()</code> for more
    *         information on the type of error)
    *
    * @throws OneWireIOException on a 1-Wire communication error such as
    *         reading an incorrect CRC from a 1-Wire device.  This could be
    *         caused by a physical interruption in the 1-Wire Network due to
    *         shorts or a newly arriving 1-Wire device issuing a 'presence pulse'.
    * @throws OneWireException on a communication or setup error with the 1-Wire
    *         adapter
    *
    * @see OneWireContainer18#SHAFunction(byte,int)
    * @see #getLastError()
    */
   public boolean createDataSignature(byte[] accountData,
                                      byte[] signScratchpad,
                                      byte[] mac_buffer,
                                      int    macStart)
      throws OneWireException, OneWireIOException
   {
      //clear any errors
      this.lastError = this.NO_ERROR;

      if(SHAFunction(OneWireContainer18.SIGN_DATA_PAGE,
                      secretPage[signPageNumber&7],
                      accountData,
                      signScratchpad,
                      null,
                      signPageNumber,
                      -1))
      {
         System.arraycopy(signScratchpad, 8, mac_buffer, macStart, 20);
         return true;
      }

      this.lastError = this.SHA_FUNCTION_FAILED;
      return false;
   }

   //prevent malloc'ing in the critical path
   private byte[] generateChallenge_chlg = new byte[20];

   /**
    * <p>Generates a 3 byte random challenge in the iButton, sufficient to be used
    * as a challenge to be answered by a User iButton.  The user answers the challenge
    * with an authenticated read of it's account data.</p>
    *
    * <p>The DS1963S will generate 20 bytes of pseudo random data, though only
    * 3 bytes are needed for the challenge.  Programs can add more 'randomness'
    * by selecting different bytes from the 20 bytes of random data using the
    * <code>offset</code> parameter.</p>
    *
    * <p>The random number generator is actually the DS1963S's SHA engine, which requires
    * page data to compute a hash.  Select a page number with the <code>page_number</code>
    * parameter.</p>
    *
    * @param offset offset into the 20 random bytes to draw random data from
    *        (must be in range 0-16)
    * @param ch buffer for the challenge to be returned (must be of length 3 or more)
    * @param start the starting index into array <code>ch</code> to begin copying
    *        the challenge bytes.
    *
    * @return <code>true</code> if successful, <code>false</code> if an error
    *         occurred  (use <code>getLastError()</code> for more
    *         information on the type of error)
    *
    * @throws OneWireIOException on a 1-Wire communication error such as
    *         reading an incorrect CRC from a 1-Wire device.  This could be
    *         caused by a physical interruption in the 1-Wire Network due to
    *         shorts or a newly arriving 1-Wire device issuing a 'presence pulse'.
    * @throws OneWireException on a communication or setup error with the 1-Wire
    *         adapter
    *
    * @see SHAiButtonUser#readAccountData(byte[],int,byte[],int,byte[],int)
    * @see #getLastError()
    */
   public synchronized boolean generateChallenge (int offset, byte[] ch, int start)
      throws OneWireIOException, OneWireException
   {
      //clear any errors
      this.lastError = this.NO_ERROR;

      this.rand.nextBytes(this.generateChallenge_chlg);

      System.arraycopy(this.generateChallenge_chlg,offset, ch,start, 3);

      return true;
   }

   /**
    * <p>Determines if a <code>SHAiButtonUser</code> belongs to the system
    * defined by this Coprocessor iButton.See the usage example in this
    * class for initializing a Coprocessor iButton.</p>
    *
    * <p>The first step in user authentication is to recreate the user's
    * unique secret on the coprocessor button using
    * <code>bindSecretToiButton(int,byte[],byte[],int)</code>.  Then the
    * coprocessor signs the pageData to produce a MAC.  If the MAC matches
    * that produced by the user, the user belongs to the system.</p>
    *
    * <p>The TMEX formatted page with the user's account data is in the
    * 32-byte parameter <code>pageData</code>.  If the verification
    * is successful, the data data signature must still be verified with
    * the <code>verifySignature()</code> method.</p>
    *
    * <p>Failure of this method does not necessarily mean that
    * the User iButton does not belong to the system.  It is possible that
    * a communication disruption here could cause a CRC error that
    * would be indistinguishable from a failed authentication.  However,
    * repeated attempts should reveal whether it was truly a communication
    * problem or a User iButton that does not belong to the system.</p>
    *
    * @param fullBindCode 15-byte binding code used to recreate user iButtons
    *        unique secret in the coprocessor.
    * @param pageData 32-byte buffer containing the data page holding the user's
    *        account data.
    * @param scratchpad the 32-byte scratchpad contents for which the
    *        signature is generated.  This will contain parameters such
    *        as the user's write cycle counter for the page, the user's
    *        1-wire address, and the page number where account data is
    *        stored.
    * @param verify_mac the 20-byte buffer containing the user's authentication
    *        response to the coprocessor's challenge.
    *
    * @return <code>true</code> if the operation was successful and the user's
    *         MAC matches that generated by the coprocessor.
    *
    * @throws OneWireIOException on a 1-Wire communication error such as
    *         reading an incorrect CRC from a 1-Wire device.  This could be
    *         caused by a physical interruption in the 1-Wire Network due to
    *         shorts or a newly arriving 1-Wire device issuing a 'presence pulse'.
    * @throws OneWireException on a communication or setup error with the 1-Wire
    *         adapter
    *
    * @see #generateChallenge(int,byte[],int)
    * @see #verifySignature(byte[],byte[],byte[])
    * @see #bindSecretToiButton(int,byte[],byte[],int)
    * @see OneWireContainer18#SHAFunction(byte,int)
    * @see OneWireContainer18#matchScratchPad(byte[])
    * @see #getLastError()
    */
   public boolean verifyAuthentication(byte[] fullBindCode,
                                       byte[] pageData,
                                       byte[] scratchpad,
                                       byte[] verify_mac,
                                       byte   authCmd)
      throws OneWireIOException, OneWireException
   {
      //clear any errors
      this.lastError = this.NO_ERROR;
      int secretNum = this.wspcPageNumber&7;

      //set Workspace Secret
      bindSecretToiButton(authPageNumber,
                          this.bindData, fullBindCode,
                          secretNum);

      if(SHAFunction( authCmd,
                      secretPage[secretNum],
                      pageData,
                      scratchpad,
                      null,
                      wspcPageNumber,
                      -1))
      {
         for(int i=0; i<20; i++)
         {
            if( scratchpad[i+8]!=verify_mac[i] )
            {
               this.lastError = this.MATCH_SCRATCHPAD_FAILED;
               return false;
            }
         }
         return true;
      }
      this.lastError = this.SHA_FUNCTION_FAILED;
      return false;

   }

   /**
    * <p>Creates a data signature, but instead of using the signing secret,
    * it uses the authentication secret, bound for a particular button.</p>
    *
    * <P><code>fullBindCode</code> is ignored by the Coprocessor VM.  Instead
    * of binding the secret to the signing page, the coprocessor VM "cheats"
    * and lets you sign the workspace page, where (presumably) the secret is
    * already bound.</p>
    *
    * @param accountData the 32-byte data page for which the signature is
    *        generated.
    * @param signScratchpad the 32-byte scratchpad contents for which the
    *        signature is generated.  This will contain parameters such
    *        as the user's write cycle counter for the page, the user's
    *        1-wire address, and the page number where account data is
    *        stored.
    * @param mac_buffer used to return the 20-byte signature generated
    *        by signing the page using the coprocessor's system signing
    *        secret.
    * @param macStart the offset into mac_buffer where copying should start.
    * @param fullBindCode ignored by simulated coprocessor

    * @return <code>true</code> if successful, <code>false</code> if an error
    *         occurred  (use <code>getLastError()</code> for more
    *         information on the type of error)
    *
    * @throws OneWireIOException on a 1-Wire communication error such as
    *         reading an incorrect CRC from a 1-Wire device.  This could be
    *         caused by a physical interruption in the 1-Wire Network due to
    *         shorts or a newly arriving 1-Wire device issuing a 'presence pulse'.
    * @throws OneWireException on a communication or setup error with the 1-Wire
    *         adapter
    *
    * @see OneWireContainer18#SHAFunction(byte,int)
    * @see #createDataSignature(byte[],byte[],byte[],int)
    * @see #getLastError()
    */
   public boolean createDataSignatureAuth(byte[] accountData,
                                          byte[] signScratchpad,
                                          byte[] mac_buffer, int macStart,
                                          byte[] fullBindCode)
      throws OneWireException, OneWireIOException
   {
      //clear any errors
      this.lastError = this.NO_ERROR;

      if(SHAFunction(OneWireContainer18.SIGN_DATA_PAGE,
                      secretPage[wspcPageNumber&7],
                      accountData,
                      signScratchpad,
                      null,
                      signPageNumber,
                      -1))
      {
         System.arraycopy(signScratchpad, 8, mac_buffer, macStart, 20);
         return true;
      }

      this.lastError = this.SHA_FUNCTION_FAILED;
      return false;
   }

   /**
    * <P>Verifies a User iButton's signed data on this Coprocessor iButton.
    * The Coprocessor must recreate the signature based on the data in the
    * file and the contents of the given scratchpad, and then match that
    * with the signature passed in verify_mac.</P>
    *
    * @param pageData the full 32 byte TMEX file from the User iButton
    *        (from <code>verifyAuthentication</code>) with the
    * @param scratchpad the 32-byte scratchpad contents for which the
    *        signature is generated.  This will contain parameters such
    *        as the user's write cycle counter for the page, the user's
    *        1-wire address, and the page number where account data is
    *        stored.
    * @param verify_mac the 20-byte buffer containing the signature the user
    *        had stored with the account data file.
    *
    * @return <code>true<code> if the data file is valid, <code>false</code>
    *         if an error occurred (use <code>getLastError()</code> for more
    *         information on the type of error)
    *
    * @throws OneWireIOException on a 1-Wire communication error such as
    *         reading an incorrect CRC from a 1-Wire device.  This could be
    *         caused by a physical interruption in the 1-Wire Network due to
    *         shorts or a newly arriving 1-Wire device issuing a 'presence pulse'.
    * @throws OneWireException on a communication or setup error with the 1-Wire
    *         adapter
    *
    * @see #verifyAuthentication(byte[],byte[],byte[],byte[],byte)
    * @see #getLastError()
    */
   public boolean verifySignature(byte[] pageData, byte[] scratchpad,
                                  byte[] verify_mac)
      throws OneWireIOException, OneWireException
   {
      //clear any errors
      this.lastError = this.NO_ERROR;

      if(SHAFunction(OneWireContainer18.VALIDATE_DATA_PAGE,
                      this.secretPage[signPageNumber&7],
                      pageData,
                      scratchpad,
                      this.address,
                      signPageNumber,
                      -1))
      {
         for(int i=0; i<20; i++)
         {
            if( scratchpad[i+8]!=verify_mac[i] )
            {
               this.lastError = this.MATCH_SCRATCHPAD_FAILED;
               return false;
            }
         }
         return true;
      }
      this.lastError = this.SHA_FUNCTION_FAILED;
      return false;
   }

   private byte[] bindSecretToiButton_scratchpad = new byte[32];
   /**
    * <p>Binds an installed secret to this virtual DS1963S by using
    * well-known binding data and this DS1963S's (unique?)
    * address.  This makes the secret unique
    * for this iButton.  Coprocessor iButtons use this method
    * to recreate the iButton's secret to verify authentication.
    * Roving iButtons use this method to finalize their secret keys.</p>
    *
    * <p>Note that unlike in the <code>installMasterSecret()</code> method,
    * the page number does not need to be equivalent to the <code>secret_number</code>
    * modulo 8.  The new secret (installed secret + binding code) is generated