diff options
| author | Joey Castillo <jose.castillo@gmail.com> | 2015-04-14 15:34:25 -0400 |
|---|---|---|
| committer | Joey Castillo <jose.castillo@gmail.com> | 2015-04-14 15:34:25 -0400 |
| commit | f981c36bf4124f892c5b4c75f89437f320772fbd (patch) | |
| tree | 6bf6d2340328a1b12954cf73eb8c70532ad392c5 /OpenKeychain | |
| parent | 191784bf4b129fcf5cfc15e1052172053d106bf4 (diff) | |
| download | open-keychain-f981c36bf4124f892c5b4c75f89437f320772fbd.tar.gz open-keychain-f981c36bf4124f892c5b4c75f89437f320772fbd.tar.bz2 open-keychain-f981c36bf4124f892c5b4c75f89437f320772fbd.zip | |
Move PIN verify inside sign/decrypt operation and set correct mode.
Diffstat (limited to 'OpenKeychain')
| -rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java | 64 |
1 files changed, 45 insertions, 19 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java index 9b10ccdb1..1faa5f6b5 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java @@ -185,25 +185,6 @@ public abstract class BaseNfcActivity extends BaseActivity { throw new IOException("Initialization failed!"); } - if (mPin != null) { - - byte[] pin = new String(mPin.getCharArray()).getBytes(); - - // Command APDU for VERIFY command (page 32) - String login = - "00" // CLA - + "20" // INS - + "00" // P1 - + "82" // P2 (PW1) - + String.format("%02x", pin.length) // Lc - + Hex.toHexString(pin); - if (!nfcCommunicate(login).equals(accepted)) { // login - handlePinError(); - return; - } - - } - onNfcPerform(); mIsoDep.close(); @@ -321,6 +302,28 @@ public abstract class BaseNfcActivity extends BaseActivity { */ public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException { + if (mPin != null) { + + byte[] pin = new String(mPin.getCharArray()).getBytes(); + // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. + // See specification, page 51 + String accepted = "9000"; + + // Command APDU for VERIFY command (page 32) + String login = + "00" // CLA + + "20" // INS + + "00" // P1 + + "81" // P2 (PW1 with mode 81 for signing) + + String.format("%02x", pin.length) // Lc + + Hex.toHexString(pin); + if (!nfcCommunicate(login).equals(accepted)) { // login + handlePinError(); + throw new IOException("Bad PIN!"); + } + + } + // dsi, including Lc String dsi; @@ -413,6 +416,29 @@ public abstract class BaseNfcActivity extends BaseActivity { * @return the decoded session key */ public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException { + + if (mPin != null) { + + byte[] pin = new String(mPin.getCharArray()).getBytes(); + // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. + // See specification, page 51 + String accepted = "9000"; + + // Command APDU for VERIFY command (page 32) + String login = + "00" // CLA + + "20" // INS + + "00" // P1 + + "82" // P2 (PW1 with mode 82 for decryption) + + String.format("%02x", pin.length) // Lc + + Hex.toHexString(pin); + if (!nfcCommunicate(login).equals(accepted)) { // login + handlePinError(); + throw new IOException("Bad PIN!"); + } + + } + String firstApdu = "102a8086fe"; String secondApdu = "002a808603"; String le = "00"; |