diff options
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java index 163e9b253..4750d9840 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcActivity.java @@ -205,19 +205,6 @@ public class NfcActivity extends ActionBarActivity { return; } - // If we were supplied with a key id for checking, do so - if (mKeyId != null) { - // We always check the master key id - long keyId = nfcGetKeyId(mIsoDep, 0); - // If it's wrong, just cancel - if (keyId != mKeyId) { - toast("NFC Tag has wrong key id!"); - setResult(RESULT_CANCELED, mServiceIntent); - finish(); - return; - } - } - // Command APDU for VERIFY command (page 32) String login = "00" // CLA @@ -234,6 +221,20 @@ public class NfcActivity extends ActionBarActivity { } if (ACTION_SIGN_HASH.equals(mAction)) { + + // If we were supplied with a key id for checking, do so + if (mKeyId != null) { + // For signing, we check the master key + long keyId = nfcGetKeyId(mIsoDep, 0); + // If it's wrong, just cancel + if (keyId != mKeyId) { + toast("NFC Tag has wrong signing key id!"); + setResult(RESULT_CANCELED, mServiceIntent); + finish(); + return; + } + } + // returns signed hash byte[] signedHash = nfcCalculateSignature(mHashToSign, mHashAlgo); @@ -252,6 +253,20 @@ public class NfcActivity extends ActionBarActivity { finish(); } else if (ACTION_DECRYPT_SESSION_KEY.equals(mAction)) { + + // If we were supplied with a key id for checking, do so + if (mKeyId != null) { + // For decryption, we check the confidentiality key + long keyId = nfcGetKeyId(mIsoDep, 1); + // If it's wrong, just cancel + if (keyId != mKeyId) { + toast("NFC Tag has wrong encryption key id!"); + setResult(RESULT_CANCELED, mServiceIntent); + finish(); + return; + } + } + byte[] decryptedSessionKey = nfcDecryptSessionKey(mEncryptedSessionKey); // give data through for new service call |