mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-24 01:32:16 -05:00
Move PIN verify inside sign/decrypt operation and set correct mode.
This commit is contained in:
parent
191784bf4b
commit
f981c36bf4
@ -185,25 +185,6 @@ public abstract class BaseNfcActivity extends BaseActivity {
|
|||||||
throw new IOException("Initialization failed!");
|
throw new IOException("Initialization failed!");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mPin != null) {
|
|
||||||
|
|
||||||
byte[] pin = new String(mPin.getCharArray()).getBytes();
|
|
||||||
|
|
||||||
// Command APDU for VERIFY command (page 32)
|
|
||||||
String login =
|
|
||||||
"00" // CLA
|
|
||||||
+ "20" // INS
|
|
||||||
+ "00" // P1
|
|
||||||
+ "82" // P2 (PW1)
|
|
||||||
+ String.format("%02x", pin.length) // Lc
|
|
||||||
+ Hex.toHexString(pin);
|
|
||||||
if (!nfcCommunicate(login).equals(accepted)) { // login
|
|
||||||
handlePinError();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
onNfcPerform();
|
onNfcPerform();
|
||||||
|
|
||||||
mIsoDep.close();
|
mIsoDep.close();
|
||||||
@ -321,6 +302,28 @@ public abstract class BaseNfcActivity extends BaseActivity {
|
|||||||
*/
|
*/
|
||||||
public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException {
|
public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException {
|
||||||
|
|
||||||
|
if (mPin != null) {
|
||||||
|
|
||||||
|
byte[] pin = new String(mPin.getCharArray()).getBytes();
|
||||||
|
// SW1/2 0x9000 is the generic "ok" response, which we expect most of the time.
|
||||||
|
// See specification, page 51
|
||||||
|
String accepted = "9000";
|
||||||
|
|
||||||
|
// Command APDU for VERIFY command (page 32)
|
||||||
|
String login =
|
||||||
|
"00" // CLA
|
||||||
|
+ "20" // INS
|
||||||
|
+ "00" // P1
|
||||||
|
+ "81" // P2 (PW1 with mode 81 for signing)
|
||||||
|
+ String.format("%02x", pin.length) // Lc
|
||||||
|
+ Hex.toHexString(pin);
|
||||||
|
if (!nfcCommunicate(login).equals(accepted)) { // login
|
||||||
|
handlePinError();
|
||||||
|
throw new IOException("Bad PIN!");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// dsi, including Lc
|
// dsi, including Lc
|
||||||
String dsi;
|
String dsi;
|
||||||
|
|
||||||
@ -413,6 +416,29 @@ public abstract class BaseNfcActivity extends BaseActivity {
|
|||||||
* @return the decoded session key
|
* @return the decoded session key
|
||||||
*/
|
*/
|
||||||
public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException {
|
public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException {
|
||||||
|
|
||||||
|
if (mPin != null) {
|
||||||
|
|
||||||
|
byte[] pin = new String(mPin.getCharArray()).getBytes();
|
||||||
|
// SW1/2 0x9000 is the generic "ok" response, which we expect most of the time.
|
||||||
|
// See specification, page 51
|
||||||
|
String accepted = "9000";
|
||||||
|
|
||||||
|
// Command APDU for VERIFY command (page 32)
|
||||||
|
String login =
|
||||||
|
"00" // CLA
|
||||||
|
+ "20" // INS
|
||||||
|
+ "00" // P1
|
||||||
|
+ "82" // P2 (PW1 with mode 82 for decryption)
|
||||||
|
+ String.format("%02x", pin.length) // Lc
|
||||||
|
+ Hex.toHexString(pin);
|
||||||
|
if (!nfcCommunicate(login).equals(accepted)) { // login
|
||||||
|
handlePinError();
|
||||||
|
throw new IOException("Bad PIN!");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
String firstApdu = "102a8086fe";
|
String firstApdu = "102a8086fe";
|
||||||
String secondApdu = "002a808603";
|
String secondApdu = "002a808603";
|
||||||
String le = "00";
|
String le = "00";
|
||||||
|
Loading…
Reference in New Issue
Block a user