Check if security token keys match required once before signing/decryption

2016-04-16 01:43:13 +06:00
parent 163aef4c6b
commit a87c65c3f4
3 changed files with 22 additions and 5 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenHelper.java
@@ -131,13 +131,13 @@ public class SecurityTokenHelper {
    private boolean isSlotEmpty(KeyType keyType) throws IOException {
        // Note: special case: This should not happen, but happens with
        // https://github.com/FluffyKaon/OpenPGP-Card, thus for now assume true
-        if (getMasterKeyFingerprint(keyType.getIdx()) == null) return true;
+        if (getMasterKeyFingerprint(keyType) == null) return true;

        return keyMatchesFingerPrint(keyType, BLANK_FINGERPRINT);
    }

    public boolean keyMatchesFingerPrint(KeyType keyType, byte[] fingerprint) throws IOException {
-        return java.util.Arrays.equals(getMasterKeyFingerprint(keyType.getIdx()), fingerprint);
+        return java.util.Arrays.equals(getMasterKeyFingerprint(keyType), fingerprint);
    }

    /**
@@ -723,10 +723,10 @@ public class SecurityTokenHelper {
     * Return the fingerprint from application specific data stored on tag, or
     * null if it doesn't exist.
     *
-     * @param idx Index of the key to return the fingerprint from.
+     * @param keyType key.operatio type
     * @return The fingerprint of the requested key, or null if not found.
     */
-    public byte[] getMasterKeyFingerprint(int idx) throws IOException {
+    public byte[] getMasterKeyFingerprint(KeyType keyType) throws IOException {
        byte[] data = getFingerprints();
        if (data == null) {
            return null;
@@ -735,7 +735,7 @@ public class SecurityTokenHelper {
        // return the master key fingerprint
        ByteBuffer fpbuf = ByteBuffer.wrap(data);
        byte[] fp = new byte[20];
-        fpbuf.position(idx * 20);
+        fpbuf.position(keyType.getIdx() * 20);
        fpbuf.get(fp, 0, 20);

        return fp;
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java
@@ -36,10 +36,12 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.securitytoken.KeyType;
 import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.ui.base.BaseSecurityTokenNfcActivity;
+import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.ui.util.ThemeChanger;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.OrientationUtils;
@@ -183,6 +185,13 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenNfcActivity

        switch (mRequiredInput.mType) {
            case SECURITY_TOKEN_DECRYPT: {
+                long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
+                        mSecurityTokenHelper.getMasterKeyFingerprint(KeyType.SIGN));
+
+                if (tokenKeyId != mRequiredInput.getMasterKeyId()) {
+                    throw new IOException(getString(R.string.error_wrong_security_token));
+                }
+
                for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
                    byte[] encryptedSessionKey = mRequiredInput.mInputData[i];
                    byte[] decryptedSessionKey = mSecurityTokenHelper.decryptSessionKey(encryptedSessionKey);
@@ -191,6 +200,13 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenNfcActivity
                break;
            }
            case SECURITY_TOKEN_SIGN: {
+                long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
+                        mSecurityTokenHelper.getMasterKeyFingerprint(KeyType.SIGN));
+
+                if (tokenKeyId != mRequiredInput.getMasterKeyId()) {
+                    throw new IOException(getString(R.string.error_wrong_security_token));
+                }
+
                mInputParcel.addSignatureTime(mRequiredInput.mSignatureTime);

                for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -380,6 +380,7 @@
    <string name="error_integrity_check_failed">"integrity check failed! Data has been modified!"</string>
    <string name="error_wrong_passphrase">"wrong password"</string>
    <string name="error_could_not_extract_private_key">"could not extract private key"</string>
+    <string name="error_wrong_security_token">"this security token doesn't contain required key"</string>

    <!-- errors without preceeding Error: -->
    <string name="error_jelly_bean_needed">"You need Android 4.1 to use Android's NFC Beam feature!"</string>