diff --git a/lightwallet/actions/actions.go b/lightwallet/actions/actions.go index 13d41b1..ce4b246 100644 --- a/lightwallet/actions/actions.go +++ b/lightwallet/actions/actions.go @@ -3,6 +3,7 @@ package actions import ( "crypto/rand" "crypto/sha256" + "crypto/sha512" "errors" "fmt" @@ -105,16 +106,29 @@ func Pair(c globalplatform.Channel, pairingPass string, pin string) (*lightwalle }, nil } -func OpenSecureChannel(c globalplatform.Channel, appInfo *lightwallet.ApplicationInfo, pairingIndex uint8, pairingKey []byte) error { +func OpenSecureChannel(c globalplatform.Channel, appInfo *lightwallet.ApplicationInfo, pairingIndex uint8, pairingKey []byte) (*lightwallet.SecureChannel, error) { sc, err := lightwallet.NewSecureChannel(c, appInfo.PublicKey) - cmd := lightwallet.NewCommandOpenSecureChannel(pairingIndex, sc.RawPublicKey()) resp, err := c.Send(cmd) if err = checkOKResponse(err, resp); err != nil { - return err + return nil, err } - return nil + salt := resp.Data[:32] + iv := resp.Data[32:] + + h := sha512.New() + h.Write(sc.Secret()) + h.Write(pairingKey) + h.Write(salt) + data := h.Sum(nil) + + encKey := data[:32] + macKey := data[32:] + + sc.Init(iv, encKey, macKey) + + return sc, nil } func parseApplicationInfo(resp *apdu.Response) (*lightwallet.ApplicationInfo, error) { diff --git a/lightwallet/secure_channel.go b/lightwallet/secure_channel.go index 04bc3ba..c46b9ad 100644 --- a/lightwallet/secure_channel.go +++ b/lightwallet/secure_channel.go @@ -13,6 +13,9 @@ type SecureChannel struct { c globalplatform.Channel secret []byte publicKey *ecdsa.PublicKey + encKey []byte + macKey []byte + iv []byte } func NewSecureChannel(c globalplatform.Channel, cardKeyData []byte) (*SecureChannel, error) { @@ -35,6 +38,16 @@ func NewSecureChannel(c globalplatform.Channel, cardKeyData []byte) (*SecureChan }, nil } +func (sc *SecureChannel) Init(iv, encKey, macKey []byte) { + sc.iv = iv + sc.encKey = encKey + sc.macKey = macKey +} + +func (sc *SecureChannel) Secret() []byte { + return sc.secret +} + func (sc *SecureChannel) PublicKey() *ecdsa.PublicKey { return sc.publicKey }