cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add nfcGenerateOnCardKey by Joey Castillo before it gets lost

Browse Source
This commit is contained in:
Dominik Schürmann
2016-03-08 02:27:56 +01:00
parent b6db814951
commit 3d1d268997
1 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenNfcActivity.java
View File

@@ -933,6 +933,48 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen
Arrays.fill(dataToSend, (byte) 0); Arrays.fill(dataToSend, (byte) 0);
} }
/**
* Generates a key on the card in the given slot. If the slot is 0xB6 (the signature key),
* this command also has the effect of resetting the digital signature counter.
* NOTE: This does not set the key fingerprint data object! After calling this command, you
* must construct a public key packet using the returned public key data objects, compute the
* key fingerprint, and store it on the card using the nfcSetFingerprint method.
*
* @param slot The slot on the card where the key should be generated:
* 0xB6: Signature Key
* 0xB8: Decipherment Key
* 0xA4: Authentication Key
* @return the public key data objects, in TLV format. For RSA this will be the public modulus
* (0x81) and exponent (0x82). These may come out of order; proper TLV parsing is required.
*
* TODO: nfcSetFingerprint missing.
*/
public byte[] nfcGenerateOnCardKey(int slot) throws IOException {
if (slot != 0xB6 && slot != 0xB8 && slot != 0xA4) {
throw new IOException("Invalid key slot");
}
if (!mPw3Validated) {
nfcVerifyPIN(0x83); // (Verify PW1 with mode 82 for decryption)
}
String generateKeyApdu = "0047800002" + String.format("%02x", slot) + "0000";
String getResponseApdu = "00C00000";
String first = nfcCommunicate(generateKeyApdu);
String second = nfcCommunicate(getResponseApdu);
if (!second.endsWith("9000")) {
throw new IOException("On-card key generation failed");
}
String publicKeyData = nfcGetDataField(first) + nfcGetDataField(second);
Log.d(Constants.TAG, "Public Key Data Objects: " + publicKeyData);
return Hex.decode(publicKeyData);
}
/** /**
* Parses out the status word from a JavaCard response string. * Parses out the status word from a JavaCard response string.
* *