add initial Installer class

2018-08-30 12:19:32 +02:00 · 2018-08-30 12:19:32 +02:00 · a8e2f27624
parent d5301304eb
commit a8e2f27624
8 changed files with 136 additions and 4 deletions
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/CardChannel.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/CardChannel.java
@ -0,0 +1,22 @@
 package im.status.applet_installer_test.appletinstaller;
 import android.nfc.tech.IsoDep;
 import java.io.IOException;
 import im.status.applet_installer_test.appletinstaller.CardManager;
 public class CardChannel implements Channel {
    private IsoDep isoDep;
    public CardChannel(IsoDep isoDep) {
        this.isoDep = isoDep;
    }
    public byte[] transceive(byte[] data) throws IOException {
        Logger.log(String.format("COMMAND %s %n", HexUtils.byteArrayToHexString(data)));
        byte[] resp = this.isoDep.transceive(data);
        Logger.log(String.format("RESPONSE %s %n", HexUtils.byteArrayToHexString(resp)));
        return resp;
    }
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/CardManager.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/CardManager.java
@ -0,0 +1,26 @@
 package im.status.applet_installer_test.appletinstaller;
 import android.nfc.Tag;
 import android.nfc.tech.IsoDep;
 import java.io.IOException;
 public class CardManager {
    private Tag tag;
    private IsoDep isoDep;
    public CardManager(Tag tag) {
        this.tag = tag;
    }
    public void connect() throws IOException {
        this.isoDep = IsoDep.get(tag);
        this.isoDep.connect();
    }
    public void install() throws IOException, APDUException {
        CardChannel ch = new CardChannel(this.isoDep);
        Installer installer = new Installer(ch);
        installer.start();
    }
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/Channel.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/Channel.java
@ -0,0 +1,7 @@
 package im.status.applet_installer_test.appletinstaller;
 import java.io.IOException;
 public interface Channel {
    byte[] transceive(byte[] data) throws IOException;
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/Crypto.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/Crypto.java
@ -15,7 +15,6 @@ import javax.crypto.spec.SecretKeySpec;
 public class Crypto {
    public static final byte[] NullBytes8 = new byte[]{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
    public static byte[] deriveKey(byte[] cardKey, byte[] seq, byte[] purposeData) {
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/Installer.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/Installer.java
@ -0,0 +1,36 @@
 package im.status.applet_installer_test.appletinstaller;
 import java.io.IOException;
 import java.security.SecureRandom;
 import im.status.applet_installer_test.appletinstaller.apducommands.InitializeUpdate;
 public class Installer {
    private Channel channel;
    static final byte[] cardKeyData = HexUtils.hexStringToByteArray("404142434445464748494a4b4c4d4e4f");
    private Keys cardKeys;
    public Installer(Channel channel) {
        this.channel = channel;
        this.cardKeys = new Keys(cardKeyData, cardKeyData);
    }
    public void start() throws IOException, APDUException {
        SecureRandom random = new SecureRandom();
        byte hostChallenge[] = new byte[8];
        random.nextBytes(hostChallenge);
        InitializeUpdate init = new InitializeUpdate(hostChallenge);
        byte[] data = init.getCommand().serialize();
        // get data
        //byte[] data = new byte[]{(byte) 0x80, (byte) 0xCA, 0x00, (byte) 0x66};
        byte[] respData = this.channel.transceive(data);
        APDUResponse resp = new APDUResponse(respData);
        Logger.log(respData);
        Keys keys = init.verifyResponse(this.cardKeys, resp);
    }
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/Keys.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/Keys.java
@ -0,0 +1,19 @@
 package im.status.applet_installer_test.appletinstaller;
 public class Keys {
    public byte[] encKeyData;
    public byte[] macKeyData;
    public Keys(byte[] encKeyData, byte[] macKeyData) {
        this.encKeyData = encKeyData;
        this.macKeyData = macKeyData;
    }
    public byte[] getEncKeyData() {
        return encKeyData;
    }
    public byte[] getMacKeyData() {
        return macKeyData;
    }
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/Logger.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/Logger.java
@ -0,0 +1,13 @@
 package im.status.applet_installer_test.appletinstaller;
 import android.util.Log;
 public class Logger {
    public static void log(String m) {
        Log.d("installer-debug", m);
    }
    public static void log(byte[] m) {
        Log.d("installer-debug", HexUtils.byteArrayToHexString(m));
    }
 }
--- a/app/src/main/java/im/status/applet_installer_test/appletinstaller/apducommands/InitializeUpdate.java
+++ b/app/src/main/java/im/status/applet_installer_test/appletinstaller/apducommands/InitializeUpdate.java
@ -7,6 +7,8 @@ import im.status.applet_installer_test.appletinstaller.APDUException;
 import im.status.applet_installer_test.appletinstaller.APDUResponse;
 import im.status.applet_installer_test.appletinstaller.Crypto;
 import im.status.applet_installer_test.appletinstaller.HexUtils;
 import im.status.applet_installer_test.appletinstaller.Keys;
 import im.status.applet_installer_test.appletinstaller.Logger;
 public class InitializeUpdate {
    public static final int CLA = 0x80;
@ -36,7 +38,7 @@ public class InitializeUpdate {
        return challenge;
    }
-    public boolean validateResponse(byte[] encKeyData, APDUResponse resp) throws APDUException {
+    public Keys verifyResponse(Keys cardKeys, APDUResponse resp) throws APDUException {
        if (resp.getSw() == APDUResponse.SW_SECURITY_CONDITION_NOT_SATISFIED) {
            throw new APDUException(resp.getSw(), "security confition not satisfied");
        }
@ -57,9 +59,17 @@ public class InitializeUpdate {
        byte[] cardCryptogram = new byte[8];
        System.arraycopy(data, 20, cardCryptogram, 0, 8);
-        return Crypto.verifyCryptogram(encKeyData, this.hostChallenge, cardChallenge, cardCryptogram);
+        byte[] seq = new byte[2];
        System.arraycopy(data, 12, seq, 0, 2);
-        //System.out.printf("key data: %s, %n", HexUtils.byteArrayToHexString(keyData));
+        byte[] sessionEncKey = Crypto.deriveKey(cardKeys.getEncKeyData(), seq, DERIVATION_PURPOSE_ENC);
        byte[] sessionMacKey = Crypto.deriveKey(cardKeys.getMacKeyData(), seq, DERIVATION_PURPOSE_MAC);
        Keys sessionKeys = new Keys(sessionEncKey, sessionMacKey);
        boolean x = Crypto.verifyCryptogram(sessionKeys.getEncKeyData(), this.hostChallenge, cardChallenge, cardCryptogram);
        Logger.log("VERIFIED: " + x);
        return sessionKeys;
    }
 }