Adding NFC Key to Card operation, accessible from Edit Key activity.

author: Joey Castillo <jose.castillo@gmail.com> 2015-05-06 13:08:03 -0400
committer: Joey Castillo <jose.castillo@gmail.com> 2015-05-12 14:44:26 -0400
commit: 76241e90ad440bedaf40f148ba0584e06064096a (patch)
tree: feee753bb557be2f4a589126097c8942525b8b2e /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java
parent: 5c44f8400970de5943fd6c5e804dfa394f3deb01 (diff)
download: open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.tar.gz
open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.tar.bz2
open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.zip
1 files changed, 49 insertions, 2 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java
index aa66053fa..1a618329d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java
@@ -10,8 +10,13 @@ import android.content.Intent;
 import android.os.Bundle;
 import android.view.WindowManager;
 
+import org.spongycastle.util.Arrays;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
+import org.sufficientlysecure.keychain.provider.KeychainContract;
+import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.remote.CryptoInputParcelCacheService;
 import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -21,6 +26,7 @@ import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Preferences;
 
 import java.io.IOException;
+import java.nio.ByteBuffer;
 
 /**
  * This class provides a communication interface to OpenPGP applications on ISO SmartCard compliant
@@ -53,8 +59,11 @@ public class NfcOperationActivity extends BaseNfcActivity {
         mRequiredInput = data.getParcelable(EXTRA_REQUIRED_INPUT);
         mServiceIntent = data.getParcelable(EXTRA_SERVICE_INTENT);
 
-        // obtain passphrase for this subkey
-        obtainYubiKeyPin(RequiredInputParcel.createRequiredPassphrase(mRequiredInput));
+        if (mRequiredInput.mType == RequiredInputParcel.RequiredInputType.NFC_KEYTOCARD) {
+            obtainKeyExportPassphrase(RequiredInputParcel.createRequiredPassphrase(mRequiredInput));
+        } else {
+            obtainYubiKeyPin(RequiredInputParcel.createRequiredPassphrase(mRequiredInput));
+        }
     }
 
     @Override
@@ -85,6 +94,44 @@ public class NfcOperationActivity extends BaseNfcActivity {
                 }
                 break;
             }
+            case NFC_KEYTOCARD: {
+                ProviderHelper providerHelper = new ProviderHelper(this);
+                CanonicalizedSecretKeyRing secretKeyRing;
+                try {
+                    secretKeyRing = providerHelper.getCanonicalizedSecretKeyRing(
+                            KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(mRequiredInput.getSubKeyId())
+                    );
+                } catch (ProviderHelper.NotFoundException e) {
+                    throw new IOException("Couldn't find subkey for key to card operation.");
+                }
+                CanonicalizedSecretKey key = secretKeyRing.getSecretKey(mRequiredInput.getSubKeyId());
+
+                long keyGenerationTimestampMillis = key.getCreationTime().getTime();
+                long keyGenerationTimestamp = keyGenerationTimestampMillis / 1000;
+                byte[] timestampBytes = ByteBuffer.allocate(4).putInt((int) keyGenerationTimestamp).array();
+                byte[] cardSerialNumber = Arrays.copyOf(nfcGetAid(), 16);
+
+                if (key.canSign() || key.canCertify()) {
+                    nfcPutKey(0xB6, key);
+                    nfcPutData(0xCE, timestampBytes);
+                    nfcPutData(0xC7, key.getFingerprint());
+                } else if (key.canEncrypt()) {
+                    nfcPutKey(0xB8, key);
+                    nfcPutData(0xCF, timestampBytes);
+                    nfcPutData(0xC8, key.getFingerprint());
+                } else if (key.canAuthenticate()) {
+                    nfcPutKey(0xA4, key);
+                    nfcPutData(0xD0, timestampBytes);
+                    nfcPutData(0xC9, key.getFingerprint());
+                } else {
+                    throw new IOException("Inappropriate key flags for smart card key.");
+                }
+
+                byte[] subKeyId = new byte[8];
+                ByteBuffer buf = ByteBuffer.wrap(subKeyId);
+                buf.putLong(mRequiredInput.getSubKeyId());
+                inputParcel.addCryptoData(subKeyId, cardSerialNumber);
+            }
         }
 
         if (mServiceIntent != null) {
author	Joey Castillo <jose.castillo@gmail.com>	2015-05-06 13:08:03 -0400
committer	Joey Castillo <jose.castillo@gmail.com>	2015-05-12 14:44:26 -0400
commit	76241e90ad440bedaf40f148ba0584e06064096a (patch)
tree	feee753bb557be2f4a589126097c8942525b8b2e /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java
parent	5c44f8400970de5943fd6c5e804dfa394f3deb01 (diff)
download	open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.tar.gz open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.tar.bz2 open-keychain-76241e90ad440bedaf40f148ba0584e06064096a.zip