From f85befd98284663bf58cf9eb42238e2f0f4b2459 Mon Sep 17 00:00:00 2001 From: Joey Castillo Date: Tue, 14 Apr 2015 16:19:28 -0400 Subject: Consolidate PIN verify operation in nfcVerifyPIN method. --- .../keychain/ui/base/BaseNfcActivity.java | 72 +++++++++------------- 1 file changed, 28 insertions(+), 44 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java index 1faa5f6b5..b36b9b89e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java @@ -301,28 +301,7 @@ public abstract class BaseNfcActivity extends BaseActivity { * @return a big integer representing the MPI for the given hash */ public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException { - - if (mPin != null) { - - byte[] pin = new String(mPin.getCharArray()).getBytes(); - // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. - // See specification, page 51 - String accepted = "9000"; - - // Command APDU for VERIFY command (page 32) - String login = - "00" // CLA - + "20" // INS - + "00" // P1 - + "81" // P2 (PW1 with mode 81 for signing) - + String.format("%02x", pin.length) // Lc - + Hex.toHexString(pin); - if (!nfcCommunicate(login).equals(accepted)) { // login - handlePinError(); - throw new IOException("Bad PIN!"); - } - - } + nfcVerifyPIN(0x81); // (Verify PW1 with mode 81 for signing) // dsi, including Lc String dsi; @@ -416,28 +395,7 @@ public abstract class BaseNfcActivity extends BaseActivity { * @return the decoded session key */ public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException { - - if (mPin != null) { - - byte[] pin = new String(mPin.getCharArray()).getBytes(); - // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. - // See specification, page 51 - String accepted = "9000"; - - // Command APDU for VERIFY command (page 32) - String login = - "00" // CLA - + "20" // INS - + "00" // P1 - + "82" // P2 (PW1 with mode 82 for decryption) - + String.format("%02x", pin.length) // Lc - + Hex.toHexString(pin); - if (!nfcCommunicate(login).equals(accepted)) { // login - handlePinError(); - throw new IOException("Bad PIN!"); - } - - } + nfcVerifyPIN(0x82); // (Verify PW1 with mode 82 for decryption) String firstApdu = "102a8086fe"; String secondApdu = "002a808603"; @@ -462,6 +420,32 @@ public abstract class BaseNfcActivity extends BaseActivity { return Hex.decode(decryptedSessionKey); } + /** Verifies the user's PW1 with the appropriate mode. + * + * @param mode This is 0x81 for signing, 0x82 for everything else + */ + public void nfcVerifyPIN(int mode) throws IOException { + if (mPin != null) { + byte[] pin = new String(mPin.getCharArray()).getBytes(); + // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. + // See specification, page 51 + String accepted = "9000"; + + // Command APDU for VERIFY command (page 32) + String login = + "00" // CLA + + "20" // INS + + "00" // P1 + + String.format("%02x", mode) // P2 + + String.format("%02x", pin.length) // Lc + + Hex.toHexString(pin); + if (!nfcCommunicate(login).equals(accepted)) { // login + handlePinError(); + throw new IOException("Bad PIN!"); + } + } + } + /** * Prints a message to the screen * -- cgit v1.2.3