cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add support for cv25519 on security tokens (currently only gnuk)

Browse Source
This commit is contained in:
Vincent Breitmoser
2018-02-14 03:57:49 +01:00
parent 56af349cf4
commit 656903a1d8
1 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/operations/PsoDecryptTokenOp.java
View File

@@ -32,6 +32,7 @@ import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.jcajce.util.MessageDigestUtils; import org.bouncycastle.jcajce.util.MessageDigestUtils;
import org.bouncycastle.math.ec.ECPoint; import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
@@ -114,13 +115,7 @@ public class PsoDecryptTokenOp {
int mpiLength = getMpiLength(encryptedSessionKeyMpi); int mpiLength = getMpiLength(encryptedSessionKeyMpi);
byte[] encryptedPoint = Arrays.copyOfRange(encryptedSessionKeyMpi, 2, mpiLength + 2); byte[] encryptedPoint = Arrays.copyOfRange(encryptedSessionKeyMpi, 2, mpiLength + 2);
X9ECParameters x9Params = NISTNamedCurves.getByOID(eckf.getCurveOID()); byte[] psoDecipherPayload = getEcDecipherPayload(eckf, encryptedPoint);
ECPoint p = x9Params.getCurve().decodePoint(encryptedPoint);
if (!p.isValid()) {
throw new CardException("Invalid EC point!");
}
byte[] psoDecipherPayload = p.getEncoded(false);
byte[] dataLen; byte[] dataLen;
if (psoDecipherPayload.length < 128) { if (psoDecipherPayload.length < 128) {
@@ -198,6 +193,20 @@ public class PsoDecryptTokenOp {
} }
} }
private byte[] getEcDecipherPayload(ECKeyFormat eckf, byte[] encryptedPoint) throws CardException {
if (CustomNamedCurves.CV25519.equals(eckf.getCurveOID())) {
return Arrays.copyOfRange(encryptedPoint, 1, 33);
} else {
X9ECParameters x9Params = NISTNamedCurves.getByOID(eckf.getCurveOID());
ECPoint p = x9Params.getCurve().decodePoint(encryptedPoint);
if (!p.isValid()) {
throw new CardException("Invalid EC point!");
}
return p.getEncoded(false);
}
}
private int getMpiLength(byte[] multiPrecisionInteger) { private int getMpiLength(byte[] multiPrecisionInteger) {
return ((((multiPrecisionInteger[0] & 0xff) << 8) + (multiPrecisionInteger[1] & 0xff)) + 7) / 8; return ((((multiPrecisionInteger[0] & 0xff) << 8) + (multiPrecisionInteger[1] & 0xff)) + 7) / 8;
} }