fix icv encryption in apdu wrapper

2025-02-20 23:58:13 +00:00 · 2018-09-28 11:25:08 +02:00 · 2018-09-28 11:25:08 +02:00 · 0ef7630270
commit 0ef7630270
parent 7b24b7bc42
5 changed files with 36 additions and 10 deletions
--- a/apdu/command.go
+++ b/apdu/command.go
@ -11,7 +11,7 @@ type Command struct {
 	P1         uint8
 	P2         uint8
 	Data       []byte
-	Le         uint8
+	le         uint8
 	requiresLe bool
 }

@ -26,9 +26,13 @@ func NewCommand(cla, ins, p1, p2 uint8, data []byte) *Command {
 	}
 }

-func (c *Command) SetLE(le uint8) {
+func (c *Command) SetLe(le uint8) {
 	c.requiresLe = true
-	c.Le = le
+	c.le = le
+}
+
+func (c *Command) Le() (bool, uint8) {
+	return c.requiresLe, c.le
 }

 func (c *Command) Serialize() ([]byte, error) {
@ -60,7 +64,7 @@ func (c *Command) Serialize() ([]byte, error) {
 	}

 	if c.requiresLe {
-		if err := binary.Write(buf, binary.BigEndian, c.Le); err != nil {
+		if err := binary.Write(buf, binary.BigEndian, c.le); err != nil {
 			return nil, err
 		}
 	}
--- a/apdu/command_test.go
+++ b/apdu/command_test.go
@ -21,7 +21,7 @@ func TestNewCommand(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, expected, hexutils.BytesToHexWithSpaces(result))

-	cmd.SetLE(uint8(0x77))
+	cmd.SetLe(uint8(0x77))
 	expected = "80 50 01 02 08 84 76 23 36 C5 18 7F E8 77"
 	result, err = cmd.Serialize()
 	assert.NoError(t, err)
--- a/globalplatform/apdu_wrapper.go
+++ b/globalplatform/apdu_wrapper.go
@ -71,5 +71,12 @@ func (w *APDUWrapper) Wrap(cmd *apdu.Command) (*apdu.Command, error) {
 	newData = append(newData, cmd.Data...)
 	newData = append(newData, mac...)

-	return apdu.NewCommand(cla, cmd.Ins, cmd.P1, cmd.P2, newData), nil
+	w.icv = mac
+
+	newCmd := apdu.NewCommand(cla, cmd.Ins, cmd.P1, cmd.P2, newData)
+	if ok, le := cmd.Le(); ok {
+		newCmd.SetLe(le)
+	}
+
+	return newCmd, nil
 }
--- a/globalplatform/apdu_wrapper_test.go
+++ b/globalplatform/apdu_wrapper_test.go
@ -11,11 +11,12 @@ import (

 func TestAPDUWrapper_Wrap(t *testing.T) {
 	macKey := hexutils.HexToBytes("2983BA77D709C2DAA1E6000ABCCAC951")
-	data := hexutils.HexToBytes("1d4de92eaf7a2c9f")
-
-	cmd := apdu.NewCommand(uint8(0x80), uint8(0x82), uint8(0x01), uint8(0x00), data)
 	w := NewAPDUWrapper(macKey)

+	data := hexutils.HexToBytes("1d4de92eaf7a2c9f")
+	cmd := apdu.NewCommand(uint8(0x80), uint8(0x82), uint8(0x01), uint8(0x00), data)
+
+	// check initial icv
 	assert.Equal(t, crypto.NullBytes8, w.icv)

 	wrappedCmd, err := w.Wrap(cmd)
@ -25,4 +26,18 @@ func TestAPDUWrapper_Wrap(t *testing.T) {

 	expected := "84 82 01 00 10 1D 4D E9 2E AF 7A 2C 9F 8F 9B 0D F6 81 C1 D3 EC"
 	assert.Equal(t, expected, hexutils.BytesToHexWithSpaces(raw))
+
+	// check icv generated from previous mac
+	assert.Equal(t, "8F9B0DF681C1D3EC", hexutils.BytesToHex(w.icv))
+
+	data = hexutils.HexToBytes("4F00")
+	cmd = apdu.NewCommand(uint8(0x80), uint8(0xF2), uint8(0x80), uint8(0x02), data)
+	cmd.SetLe(0x00)
+	wrappedCmd, err = w.Wrap(cmd)
+	assert.NoError(t, err)
+	raw, err = wrappedCmd.Serialize()
+	assert.NoError(t, err)
+
+	expected = "84 F2 80 02 0A 4F 00 30 F1 49 20 9E 17 B3 97 00"
+	assert.Equal(t, expected, hexutils.BytesToHexWithSpaces(raw))
 }
--- a/globalplatform/crypto/crypto.go
+++ b/globalplatform/crypto/crypto.go
@ -82,7 +82,7 @@ func EncryptICV(macKey, mac []byte) ([]byte, error) {
 		return nil, err
 	}

-	ciphertext := make([]byte, 16)
+	ciphertext := make([]byte, 8)
 	mode := cipher.NewCBCEncrypter(block, NullBytes8)
 	mode.CryptBlocks(ciphertext, mac)