Update SecureMessaging/SCP11b wrt OpenPGP card v3.3
This commit is contained in:
parent
ddd8be07da
commit
47b0763f9f
|
@ -34,7 +34,7 @@ public class OpenPgpCapabilities {
|
|||
private boolean mAttriburesChangable;
|
||||
private boolean mHasKeyImport;
|
||||
|
||||
private int mSMAESKeySize;
|
||||
private int mSMType;
|
||||
private int mMaxCmdLen;
|
||||
private int mMaxRspLen;
|
||||
|
||||
|
@ -108,16 +108,7 @@ public class OpenPgpCapabilities {
|
|||
mHasKeyImport = (v[0] & MASK_KEY_IMPORT) != 0;
|
||||
mAttriburesChangable = (v[0] & MASK_ATTRIBUTES_CHANGABLE) != 0;
|
||||
|
||||
mSMAESKeySize = 0;
|
||||
|
||||
switch(v[1]) {
|
||||
case 1:
|
||||
mSMAESKeySize = 16;
|
||||
break;
|
||||
case 2:
|
||||
mSMAESKeySize = 32;
|
||||
break;
|
||||
}
|
||||
mSMType = v[1];
|
||||
|
||||
mMaxCmdLen = (v[6] << 8) + v[7];
|
||||
mMaxRspLen = (v[8] << 8) + v[9];
|
||||
|
@ -147,12 +138,12 @@ public class OpenPgpCapabilities {
|
|||
return mHasKeyImport;
|
||||
}
|
||||
|
||||
public int getSMAESKeySize() {
|
||||
return mSMAESKeySize;
|
||||
public boolean isHasAESSM() {
|
||||
return isHasSM() && ((mSMType == 1) || (mSMType == 2));
|
||||
}
|
||||
|
||||
public boolean isHasAESSM() {
|
||||
return isHasSM() && ((mSMAESKeySize == 16) || (mSMAESKeySize == 32));
|
||||
public boolean isHasSCP11bSM() {
|
||||
return isHasSM() && (mSMType == 3);
|
||||
}
|
||||
|
||||
public int getMaxCmdLen() {
|
||||
|
|
|
@ -277,19 +277,12 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
public static void establish(final SecurityTokenHelper t, final Context ctx)
|
||||
throws SecureMessagingException, IOException {
|
||||
|
||||
final int keySize = t.getOpenPgpCapabilities().getSMAESKeySize();
|
||||
|
||||
t.clearSecureMessaging();
|
||||
|
||||
if ((keySize != 16)
|
||||
&& (keySize != 32)) {
|
||||
throw new SecureMessagingException("invalid key size");
|
||||
}
|
||||
|
||||
CommandAPDU cmd;
|
||||
ResponseAPDU resp;
|
||||
Iso7816TLV[] tlvs;
|
||||
|
||||
t.clearSecureMessaging();
|
||||
|
||||
// retrieving key algorithm
|
||||
cmd = new CommandAPDU(0, (byte)0xCA, (byte)0x00,
|
||||
OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenHelper.MAX_APDU_NE_EXT);
|
||||
|
@ -365,6 +358,14 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
throw new SecureMessagingException("No key in token for secure messaging");
|
||||
}
|
||||
|
||||
final int fieldSize = pkcard.getParams().getCurve().getField().getFieldSize();
|
||||
int keySize;
|
||||
if(fieldSize < 512) {
|
||||
keySize = 16;
|
||||
} else {
|
||||
keySize = 32;
|
||||
}
|
||||
|
||||
final KeyPair ekoce = generateECDHKeyPair(eckf);
|
||||
final ECPublicKey epkoce = (ECPublicKey)ekoce.getPublic();
|
||||
final ECPrivateKey eskoce = (ECPrivateKey)ekoce.getPrivate();
|
||||
|
|
|
@ -206,7 +206,7 @@ public class SecurityTokenHelper {
|
|||
mPw1ValidatedForDecrypt = false;
|
||||
mPw3Validated = false;
|
||||
|
||||
if (mOpenPgpCapabilities.isHasAESSM()) {
|
||||
if (mOpenPgpCapabilities.isHasSCP11bSM()) {
|
||||
try {
|
||||
SCP11bSecureMessaging.establish(this, ctx);
|
||||
} catch (SecureMessagingException e) {
|
||||
|
|
Loading…
Reference in a new issue