Merge pull request #1278 from josecastillo/nfckeytocard

Support for moving RSA keys to Yubikey or NFC smart card
author: Vincent <valodim@mugenguild.com> 2015-05-15 12:42:42 +0200
committer: Vincent <valodim@mugenguild.com> 2015-05-15 12:42:42 +0200
commit: 5f6421e82b3875386818c4e7da89f79004695f4c (patch)
tree: a97b7a5d71134e46ed735ebe9c5338067f93746c /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
parent: 5c44f8400970de5943fd6c5e804dfa394f3deb01 (diff)
parent: 2d3f745c36280fcd0e5c73820cc3e72f41feae2d (diff)
download: open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.tar.gz
open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.tar.bz2
open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.zip
1 files changed, 24 insertions, 0 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
index 39d0a2f1d..fd023576b 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
@@ -33,6 +33,7 @@ import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
 import org.spongycastle.openpgp.operator.PGPContentSignerBuilder;
 import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
 import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
+import org.spongycastle.openpgp.operator.jcajce.JcaPGPKeyConverter;
 import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
 import org.spongycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
 import org.spongycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
@@ -45,6 +46,8 @@ import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
 
 import java.nio.ByteBuffer;
+import java.security.PrivateKey;
+import java.security.interfaces.RSAPrivateCrtKey;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashMap;
@@ -281,6 +284,27 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
         }
     }
 
+    // For use only in card export; returns the secret key in Chinese Remainder Theorem format.
+    public RSAPrivateCrtKey getCrtSecretKey() throws PgpGeneralException {
+        if (mPrivateKeyState == PRIVATE_KEY_STATE_LOCKED) {
+            throw new PgpGeneralException("Cannot get secret key attributes while key is locked.");
+        }
+
+        if (mPrivateKeyState == PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
+            throw new PgpGeneralException("Cannot get secret key attributes of divert-to-card key.");
+        }
+
+        JcaPGPKeyConverter keyConverter = new JcaPGPKeyConverter();
+        PrivateKey retVal;
+        try {
+            retVal = keyConverter.getPrivateKey(mPrivateKey);
+        } catch (PGPException e) {
+            throw new PgpGeneralException("Error converting private key!", e);
+        }
+
+        return (RSAPrivateCrtKey)retVal;
+    }
+
     public byte[] getIv() {
         return mSecretKey.getIV();
     }
author	Vincent <valodim@mugenguild.com>	2015-05-15 12:42:42 +0200
committer	Vincent <valodim@mugenguild.com>	2015-05-15 12:42:42 +0200
commit	5f6421e82b3875386818c4e7da89f79004695f4c (patch)
tree	a97b7a5d71134e46ed735ebe9c5338067f93746c /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
parent	5c44f8400970de5943fd6c5e804dfa394f3deb01 (diff)
parent	2d3f745c36280fcd0e5c73820cc3e72f41feae2d (diff)
download	open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.tar.gz open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.tar.bz2 open-keychain-5f6421e82b3875386818c4e7da89f79004695f4c.zip