moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-23 17:22:16 -05:00
Code Issues Releases Wiki Activity

Move PIN verify inside sign/decrypt operation and set correct mode.

Browse Source
This commit is contained in:
Joey Castillo 2015-04-14 15:34:25 -04:00
parent 191784bf4b
commit f981c36bf4
1 changed files with 45 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java
View File

@ -185,25 +185,6 @@ public abstract class BaseNfcActivity extends BaseActivity {
throw new IOException("Initialization failed!"); throw new IOException("Initialization failed!");
} }
if (mPin != null) {
byte[] pin = new String(mPin.getCharArray()).getBytes();
// Command APDU for VERIFY command (page 32)
String login =
"00" // CLA
+ "20" // INS
+ "00" // P1
+ "82" // P2 (PW1)
+ String.format("%02x", pin.length) // Lc
+ Hex.toHexString(pin);
if (!nfcCommunicate(login).equals(accepted)) { // login
handlePinError();
return;
}
}
onNfcPerform(); onNfcPerform();
mIsoDep.close(); mIsoDep.close();
@ -321,6 +302,28 @@ public abstract class BaseNfcActivity extends BaseActivity {
*/ */
public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException { public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException {
if (mPin != null) {
byte[] pin = new String(mPin.getCharArray()).getBytes();
// SW1/2 0x9000 is the generic "ok" response, which we expect most of the time.
// See specification, page 51
String accepted = "9000";
// Command APDU for VERIFY command (page 32)
String login =
"00" // CLA
+ "20" // INS
+ "00" // P1
+ "81" // P2 (PW1 with mode 81 for signing)
+ String.format("%02x", pin.length) // Lc
+ Hex.toHexString(pin);
if (!nfcCommunicate(login).equals(accepted)) { // login
handlePinError();
throw new IOException("Bad PIN!");
}
}
// dsi, including Lc // dsi, including Lc
String dsi; String dsi;
@ -413,6 +416,29 @@ public abstract class BaseNfcActivity extends BaseActivity {
* @return the decoded session key * @return the decoded session key
*/ */
public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException { public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException {
if (mPin != null) {
byte[] pin = new String(mPin.getCharArray()).getBytes();
// SW1/2 0x9000 is the generic "ok" response, which we expect most of the time.
// See specification, page 51
String accepted = "9000";
// Command APDU for VERIFY command (page 32)
String login =
"00" // CLA
+ "20" // INS
+ "00" // P1
+ "82" // P2 (PW1 with mode 82 for decryption)
+ String.format("%02x", pin.length) // Lc
+ Hex.toHexString(pin);
if (!nfcCommunicate(login).equals(accepted)) { // login
handlePinError();
throw new IOException("Bad PIN!");
}
}
String firstApdu = "102a8086fe"; String firstApdu = "102a8086fe";
String secondApdu = "002a808603"; String secondApdu = "002a808603";
String le = "00"; String le = "00";