Merge pull request #2131 from af-anssi/master

Update SecureMessaging/SCP11b wrt OpenPGP card v3.3

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java

@@ -34,7 +34,7 @@ public class OpenPgpCapabilities {
     private boolean mAttriburesChangable;
     private boolean mHasKeyImport;
 
-    private int mSMAESKeySize;
+    private int mSMType;
     private int mMaxCmdLen;
     private int mMaxRspLen;
 
@@ -108,16 +108,7 @@ public class OpenPgpCapabilities {
         mHasKeyImport = (v[0] & MASK_KEY_IMPORT) != 0;
         mAttriburesChangable = (v[0] & MASK_ATTRIBUTES_CHANGABLE) != 0;
 
-        mSMAESKeySize = 0;
-
-        switch(v[1]) {
-        case 1:
-            mSMAESKeySize = 16;
-            break;
-        case 2:
-            mSMAESKeySize = 32;
-            break;
-        }
+        mSMType = v[1];
 
         mMaxCmdLen = (v[6] << 8) + v[7];
         mMaxRspLen = (v[8] << 8) + v[9];
@@ -147,12 +138,12 @@ public class OpenPgpCapabilities {
         return mHasKeyImport;
     }
 
-    public int getSMAESKeySize() {
-        return mSMAESKeySize;
+    public boolean isHasAESSM() {
+        return isHasSM() && ((mSMType == 1) || (mSMType == 2));
     }
 
-    public boolean isHasAESSM() {
-        return isHasSM() && ((mSMAESKeySize == 16) || (mSMAESKeySize == 32));
+    public boolean isHasSCP11bSM() {
+        return isHasSM() && (mSMType == 3);
     }
 
     public int getMaxCmdLen() {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SCP11bSecureMessaging.java

@@ -60,6 +60,7 @@ import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.ECParameterSpec;
+import java.security.spec.EllipticCurve;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.InvalidParameterSpecException;
 import java.util.ArrayList;
@@ -277,19 +278,12 @@ class SCP11bSecureMessaging implements SecureMessaging {
     public static void establish(final SecurityTokenHelper t, final Context ctx)
             throws SecureMessagingException, IOException {
 
-        final int keySize = t.getOpenPgpCapabilities().getSMAESKeySize();
-
-        t.clearSecureMessaging();
-
-        if ((keySize != 16)
-                && (keySize != 32)) {
-            throw  new SecureMessagingException("invalid key size");
-        }
-
         CommandAPDU cmd;
         ResponseAPDU resp;
         Iso7816TLV[] tlvs;
 
+        t.clearSecureMessaging();
+
         // retrieving key algorithm
         cmd = new CommandAPDU(0, (byte)0xCA, (byte)0x00,
                 OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenHelper.MAX_APDU_NE_EXT);
@@ -365,6 +359,16 @@ class SCP11bSecureMessaging implements SecureMessaging {
                 throw new SecureMessagingException("No key in token for secure messaging");
             }
 
+            final EllipticCurve curve = pkcard.getParams().getCurve();
+            final int fieldSize = curve.getField().getFieldSize();
+            int keySize;
+
+            if(fieldSize < 512) {
+                keySize = 16;
+            } else {
+                keySize = 32;
+            }
+
             final KeyPair ekoce = generateECDHKeyPair(eckf);
             final ECPublicKey epkoce = (ECPublicKey)ekoce.getPublic();
             final ECPrivateKey eskoce = (ECPrivateKey)ekoce.getPrivate();

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenHelper.java

@@ -206,7 +206,7 @@ public class SecurityTokenHelper {
         mPw1ValidatedForDecrypt = false;
         mPw3Validated = false;
 
-        if (mOpenPgpCapabilities.isHasAESSM()) {
+        if (mOpenPgpCapabilities.isHasSCP11bSM()) {
             try {
                 SCP11bSecureMessaging.establish(this, ctx);
             } catch (SecureMessagingException e) {