got enrollment work
authorEugene Crosser <crosser@average.org>
Thu, 2 May 2013 19:37:33 +0000 (23:37 +0400)
committerEugene Crosser <crosser@average.org>
Thu, 2 May 2013 19:37:33 +0000 (23:37 +0400)
src/org/average/nfcauthcr/NFCAuthCRCheck.java
src/org/average/nfcauthcr/NFCAuthCREnroll.java
src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java [new file with mode: 0644]

index dc59b69e4391ebec2552a9a96915579b3150617f..ea37128d65ed936f8dda42c0079809ed7318392f 100644 (file)
@@ -1,7 +1,5 @@
 package org.average.nfcauthcr;
 
-import java.io.IOException;
-
 import android.app.Activity;
 import android.app.AlertDialog;
 import android.app.PendingIntent;
@@ -21,10 +19,6 @@ public class NFCAuthCRCheck extends Activity {
 
        private final String TAG = getClass().getName();
 
-       private static final byte[] selectCommand =
-               {0x00, (byte) 0xA4, 0x04, 0x00, 0x07, (byte) 0xA0,
-                0x00, 0x00, 0x05, 0x27, 0x20, 0x01, 0x00};
-
        private AlertDialog swipeDialog;
        private PendingIntent tagIntent;
 
@@ -67,7 +61,8 @@ public class NFCAuthCRCheck extends Activity {
                Tag tag = intent.getParcelableExtra(NfcAdapter.EXTRA_TAG);
                if (tag == null) return;
                IsoDep isoTag = IsoDep.get(tag);
-               byte[] response = doChallengeYubiKey(isoTag, slot, challenge);
+               byte[] response = NFCAuthCRYubiNeo.doChallengeYubiKey(
+                                               isoTag, slot, challenge);
                if (response != null) {
                        Intent data = getIntent();
                        data.putExtra("response", response);
@@ -124,29 +119,4 @@ public class NFCAuthCRCheck extends Activity {
                        adapter.disableForegroundDispatch(this);
                }
        }
-
-       private byte[] doChallengeYubiKey(IsoDep isoTag, int slot,
-                                               byte[] challenge) {
-               try {
-                       isoTag.connect();
-                       byte[] resp = isoTag.transceive(selectCommand);
-                       int length = resp.length;
-                       if (resp[length - 2] == (byte)0x90 &&
-                           resp[length - 1] == 0x00) {
-                               return challenge;
-                       } else {
-                               Toast.makeText(this, R.string.tag_error,
-                                               Toast.LENGTH_LONG).show();
-                       }
-               } catch (TagLostException e) {
-                       Toast.makeText(this,
-                               R.string.tag_lost, Toast.LENGTH_LONG).show();
-               } catch (IOException e) {
-                       Toast.makeText(this,
-                               getText(R.string.tag_error) +
-                               e.getMessage(),
-                               Toast.LENGTH_LONG).show();
-               }
-               return null;
-       }
 }
index daea0d848c0bbe42103db9f6841ca48a3542dc57..50933cb02debbc1af6e40a7ac2e31fbc3f57fd03 100644 (file)
@@ -97,6 +97,11 @@ public class NFCAuthCREnroll extends Activity {
                Log.v(TAG, "Challenge is \"" + hex(challenge) + "\"");
                byte[] response = intent.getByteArrayExtra("response");
                Log.v(TAG, "Response is  \"" + hex(response) + "\"");
+               Editor editor = prefs.edit();
+               editor.putString("challenge", hex(challenge));
+               editor.putString("response", hex(response));
+               editor.commit();
+               Log.v(TAG, "stored new challenge and response");
        }
 
        private void showEnrollResult(final String msg) {
diff --git a/src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java b/src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java
new file mode 100644 (file)
index 0000000..67596e6
--- /dev/null
@@ -0,0 +1,83 @@
+package org.average.nfcauthcr;
+
+import java.io.IOException;
+import java.util.Arrays;
+
+import android.nfc.NfcAdapter;
+import android.nfc.Tag;
+import android.nfc.TagLostException;
+import android.nfc.tech.IsoDep;
+import android.util.Log;
+
+import org.average.nfcauthcr.NFCAuthCRYubiNeo;
+
+public class NFCAuthCRYubiNeo {
+
+       private static final String TAG = "NFCAuthCRYubiNeo";
+
+       // Is it CCID APDU? ISO 7816-4?
+
+       // 00 A4 04 00 xx AID - GlobalPlatform - SELECT
+       // Le send data = 07: A0 00 00 05 27 20 01
+       // Le recv data = 00
+       private static final byte[] selectCommand =
+               {0x00, (byte) 0xA4, 0x04, 0x00, 0x07, (byte) 0xA0,
+                0x00, 0x00, 0x05, 0x27, 0x20, 0x01, 0x00};
+
+       private static final byte[] crCommand =
+               {0x00, 0x01, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00};
+
+       private static final byte SLOT_CHAL_HMAC1 = 0x30;
+       private static final byte SLOT_CHAL_HMAC2 = 0x38;
+
+       public static final byte[] doChallengeYubiKey(IsoDep isoTag, int slot,
+                                               byte[] challenge) {
+               try {
+                       isoTag.connect();
+                       byte[] resp = isoTag.transceive(selectCommand);
+                       int length = resp.length;
+                       Log.v(TAG, "response to select length is " + length);
+                       if (resp[length - 2] != (byte)0x90 ||
+                           resp[length - 1] != 0x00) {
+                               Log.v(TAG, "Wrong response to select");
+                               //Toast.makeText(this, R.string.tag_error,
+                               //              Toast.LENGTH_LONG).show();
+                               return null;
+                       }
+                       byte[] apdu = new byte[69];
+                       apdu[0] = 0x00; // CLA
+                       apdu[1] = 0x01; // INS
+                       switch (slot) {
+                       case 1: apdu[2] = SLOT_CHAL_HMAC1; break; // P1
+                       case 2: apdu[2] = SLOT_CHAL_HMAC2; break; // P1
+                       }
+                       apdu[3] = 0x00; // P2
+                       apdu[4] = 63;   // Lc
+                       System.arraycopy(challenge, 0, apdu, 5,
+                                                       challenge.length);
+                       apdu[apdu.length-1] = 22;
+                       resp = isoTag.transceive(apdu);
+                       length = resp.length;
+                       if (resp[length - 2] != (byte)0x90 ||
+                           resp[length - 1] != 0x00) {
+                               Log.v(TAG, "Wrong response to challenge");
+                               //Toast.makeText(this, R.string.tag_error,
+                               //              Toast.LENGTH_LONG).show();
+                               return null;
+                       }
+                       Log.v(TAG, "response to challenge length is " + length);
+                       return Arrays.copyOf(resp, length-2);
+               } catch (TagLostException e) {
+                       Log.v(TAG, e.getMessage());
+                       //Toast.makeText(this,
+                       //      R.string.tag_lost, Toast.LENGTH_LONG).show();
+               } catch (IOException e) {
+                       Log.v(TAG, e.getMessage());
+                       //Toast.makeText(this,
+                       //      getText(R.string.tag_error) +
+                       //      e.getMessage(),
+                       //      Toast.LENGTH_LONG).show();
+               }
+               return null;
+       }
+}