mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-12-25 08:28:50 -05:00
pass (encryption) key id from Decrypt*Fragment to NfcActivity
This commit is contained in:
parent
11d0f4510b
commit
b2b19d7b2b
@ -289,7 +289,7 @@ public class PgpDecryptVerify {
|
|||||||
|
|
||||||
// allow only specific keys for decryption?
|
// allow only specific keys for decryption?
|
||||||
if (mAllowedKeyIds != null) {
|
if (mAllowedKeyIds != null) {
|
||||||
long masterKeyId = secretEncryptionKey.getRing().getMasterKeyId();
|
long masterKeyId = secretKeyRing.getMasterKeyId();
|
||||||
Log.d(Constants.TAG, "encData.getKeyID(): " + subKeyId);
|
Log.d(Constants.TAG, "encData.getKeyID(): " + subKeyId);
|
||||||
Log.d(Constants.TAG, "mAllowedKeyIds: " + mAllowedKeyIds);
|
Log.d(Constants.TAG, "mAllowedKeyIds: " + mAllowedKeyIds);
|
||||||
Log.d(Constants.TAG, "masterKeyId: " + masterKeyId);
|
Log.d(Constants.TAG, "masterKeyId: " + masterKeyId);
|
||||||
@ -418,7 +418,7 @@ public class PgpDecryptVerify {
|
|||||||
log.add(LogType.MSG_DC_PENDING_NFC, indent +1);
|
log.add(LogType.MSG_DC_PENDING_NFC, indent +1);
|
||||||
DecryptVerifyResult result =
|
DecryptVerifyResult result =
|
||||||
new DecryptVerifyResult(DecryptVerifyResult.RESULT_PENDING_NFC, log);
|
new DecryptVerifyResult(DecryptVerifyResult.RESULT_PENDING_NFC, log);
|
||||||
result.setNfcState(e.encryptedSessionKey, mPassphrase);
|
result.setNfcState(secretEncryptionKey.getKeyId(), e.encryptedSessionKey, mPassphrase);
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
encryptedData = encryptedDataAsymmetric;
|
encryptedData = encryptedDataAsymmetric;
|
||||||
|
@ -35,6 +35,7 @@ public class DecryptVerifyResult extends OperationResult {
|
|||||||
|
|
||||||
long mKeyIdPassphraseNeeded;
|
long mKeyIdPassphraseNeeded;
|
||||||
|
|
||||||
|
long mNfcSubKeyId;
|
||||||
byte[] mNfcSessionKey;
|
byte[] mNfcSessionKey;
|
||||||
String mNfcPassphrase;
|
String mNfcPassphrase;
|
||||||
|
|
||||||
@ -49,11 +50,16 @@ public class DecryptVerifyResult extends OperationResult {
|
|||||||
mKeyIdPassphraseNeeded = keyIdPassphraseNeeded;
|
mKeyIdPassphraseNeeded = keyIdPassphraseNeeded;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setNfcState(byte[] sessionKey, String passphrase) {
|
public void setNfcState(long subKeyId, byte[] sessionKey, String passphrase) {
|
||||||
|
mNfcSubKeyId = subKeyId;
|
||||||
mNfcSessionKey = sessionKey;
|
mNfcSessionKey = sessionKey;
|
||||||
mNfcPassphrase = passphrase;
|
mNfcPassphrase = passphrase;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public long getNfcSubKeyId() {
|
||||||
|
return mNfcSubKeyId;
|
||||||
|
}
|
||||||
|
|
||||||
public byte[] getNfcEncryptedSessionKey() {
|
public byte[] getNfcEncryptedSessionKey() {
|
||||||
return mNfcSessionKey;
|
return mNfcSessionKey;
|
||||||
}
|
}
|
||||||
|
@ -216,7 +216,7 @@ public class DecryptFilesFragment extends DecryptFragment {
|
|||||||
startPassphraseDialog(Constants.key.symmetric);
|
startPassphraseDialog(Constants.key.symmetric);
|
||||||
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
||||||
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
||||||
startNfcDecrypt(pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
startNfcDecrypt(pgpResult.getNfcSubKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
||||||
} else {
|
} else {
|
||||||
throw new RuntimeException("Unhandled pending result!");
|
throw new RuntimeException("Unhandled pending result!");
|
||||||
}
|
}
|
||||||
@ -290,7 +290,7 @@ public class DecryptFilesFragment extends DecryptFragment {
|
|||||||
startPassphraseDialog(Constants.key.symmetric);
|
startPassphraseDialog(Constants.key.symmetric);
|
||||||
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
||||||
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
||||||
startNfcDecrypt(pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
startNfcDecrypt(pgpResult.getNfcSubKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
||||||
} else {
|
} else {
|
||||||
throw new RuntimeException("Unhandled pending result!");
|
throw new RuntimeException("Unhandled pending result!");
|
||||||
}
|
}
|
||||||
|
@ -89,11 +89,12 @@ public abstract class DecryptFragment extends Fragment {
|
|||||||
startActivityForResult(intent, REQUEST_CODE_PASSPHRASE);
|
startActivityForResult(intent, REQUEST_CODE_PASSPHRASE);
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void startNfcDecrypt(String pin, byte[] encryptedSessionKey) {
|
protected void startNfcDecrypt(long subKeyId, String pin, byte[] encryptedSessionKey) {
|
||||||
// build PendingIntent for Yubikey NFC operations
|
// build PendingIntent for Yubikey NFC operations
|
||||||
Intent intent = new Intent(getActivity(), NfcActivity.class);
|
Intent intent = new Intent(getActivity(), NfcActivity.class);
|
||||||
intent.setAction(NfcActivity.ACTION_DECRYPT_SESSION_KEY);
|
intent.setAction(NfcActivity.ACTION_DECRYPT_SESSION_KEY);
|
||||||
intent.putExtra(NfcActivity.EXTRA_DATA, new Intent()); // not used, only relevant to OpenPgpService
|
intent.putExtra(NfcActivity.EXTRA_DATA, new Intent()); // not used, only relevant to OpenPgpService
|
||||||
|
intent.putExtra(NfcActivity.EXTRA_KEY_ID, subKeyId);
|
||||||
intent.putExtra(NfcActivity.EXTRA_PIN, pin);
|
intent.putExtra(NfcActivity.EXTRA_PIN, pin);
|
||||||
|
|
||||||
intent.putExtra(NfcActivity.EXTRA_NFC_ENC_SESSION_KEY, encryptedSessionKey);
|
intent.putExtra(NfcActivity.EXTRA_NFC_ENC_SESSION_KEY, encryptedSessionKey);
|
||||||
|
@ -172,7 +172,7 @@ public class DecryptTextFragment extends DecryptFragment {
|
|||||||
startPassphraseDialog(Constants.key.symmetric);
|
startPassphraseDialog(Constants.key.symmetric);
|
||||||
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
||||||
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
||||||
startNfcDecrypt(pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
startNfcDecrypt(pgpResult.getNfcSubKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
||||||
} else {
|
} else {
|
||||||
throw new RuntimeException("Unhandled pending result!");
|
throw new RuntimeException("Unhandled pending result!");
|
||||||
}
|
}
|
||||||
|
@ -205,19 +205,6 @@ public class NfcActivity extends ActionBarActivity {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If we were supplied with a key id for checking, do so
|
|
||||||
if (mKeyId != null) {
|
|
||||||
// We always check the master key id
|
|
||||||
long keyId = nfcGetKeyId(mIsoDep, 0);
|
|
||||||
// If it's wrong, just cancel
|
|
||||||
if (keyId != mKeyId) {
|
|
||||||
toast("NFC Tag has wrong key id!");
|
|
||||||
setResult(RESULT_CANCELED, mServiceIntent);
|
|
||||||
finish();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Command APDU for VERIFY command (page 32)
|
// Command APDU for VERIFY command (page 32)
|
||||||
String login =
|
String login =
|
||||||
"00" // CLA
|
"00" // CLA
|
||||||
@ -234,6 +221,20 @@ public class NfcActivity extends ActionBarActivity {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (ACTION_SIGN_HASH.equals(mAction)) {
|
if (ACTION_SIGN_HASH.equals(mAction)) {
|
||||||
|
|
||||||
|
// If we were supplied with a key id for checking, do so
|
||||||
|
if (mKeyId != null) {
|
||||||
|
// For signing, we check the master key
|
||||||
|
long keyId = nfcGetKeyId(mIsoDep, 0);
|
||||||
|
// If it's wrong, just cancel
|
||||||
|
if (keyId != mKeyId) {
|
||||||
|
toast("NFC Tag has wrong signing key id!");
|
||||||
|
setResult(RESULT_CANCELED, mServiceIntent);
|
||||||
|
finish();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// returns signed hash
|
// returns signed hash
|
||||||
byte[] signedHash = nfcCalculateSignature(mHashToSign, mHashAlgo);
|
byte[] signedHash = nfcCalculateSignature(mHashToSign, mHashAlgo);
|
||||||
|
|
||||||
@ -252,6 +253,20 @@ public class NfcActivity extends ActionBarActivity {
|
|||||||
finish();
|
finish();
|
||||||
|
|
||||||
} else if (ACTION_DECRYPT_SESSION_KEY.equals(mAction)) {
|
} else if (ACTION_DECRYPT_SESSION_KEY.equals(mAction)) {
|
||||||
|
|
||||||
|
// If we were supplied with a key id for checking, do so
|
||||||
|
if (mKeyId != null) {
|
||||||
|
// For decryption, we check the confidentiality key
|
||||||
|
long keyId = nfcGetKeyId(mIsoDep, 1);
|
||||||
|
// If it's wrong, just cancel
|
||||||
|
if (keyId != mKeyId) {
|
||||||
|
toast("NFC Tag has wrong encryption key id!");
|
||||||
|
setResult(RESULT_CANCELED, mServiceIntent);
|
||||||
|
finish();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
byte[] decryptedSessionKey = nfcDecryptSessionKey(mEncryptedSessionKey);
|
byte[] decryptedSessionKey = nfcDecryptSessionKey(mEncryptedSessionKey);
|
||||||
|
|
||||||
// give data through for new service call
|
// give data through for new service call
|
||||||
|
Loading…
Reference in New Issue
Block a user