From: Eugene Crosser Date: Thu, 2 May 2013 19:37:33 +0000 (+0400) Subject: got enrollment work X-Git-Url: http://www.average.org/gitweb/?p=YkNeoCR.git;a=commitdiff_plain;h=bdfe828f712fa2a187a424923c6594f12e965a5d got enrollment work --- diff --git a/src/org/average/nfcauthcr/NFCAuthCRCheck.java b/src/org/average/nfcauthcr/NFCAuthCRCheck.java index dc59b69..ea37128 100644 --- a/src/org/average/nfcauthcr/NFCAuthCRCheck.java +++ b/src/org/average/nfcauthcr/NFCAuthCRCheck.java @@ -1,7 +1,5 @@ package org.average.nfcauthcr; -import java.io.IOException; - import android.app.Activity; import android.app.AlertDialog; import android.app.PendingIntent; @@ -21,10 +19,6 @@ public class NFCAuthCRCheck extends Activity { private final String TAG = getClass().getName(); - private static final byte[] selectCommand = - {0x00, (byte) 0xA4, 0x04, 0x00, 0x07, (byte) 0xA0, - 0x00, 0x00, 0x05, 0x27, 0x20, 0x01, 0x00}; - private AlertDialog swipeDialog; private PendingIntent tagIntent; @@ -67,7 +61,8 @@ public class NFCAuthCRCheck extends Activity { Tag tag = intent.getParcelableExtra(NfcAdapter.EXTRA_TAG); if (tag == null) return; IsoDep isoTag = IsoDep.get(tag); - byte[] response = doChallengeYubiKey(isoTag, slot, challenge); + byte[] response = NFCAuthCRYubiNeo.doChallengeYubiKey( + isoTag, slot, challenge); if (response != null) { Intent data = getIntent(); data.putExtra("response", response); @@ -124,29 +119,4 @@ public class NFCAuthCRCheck extends Activity { adapter.disableForegroundDispatch(this); } } - - private byte[] doChallengeYubiKey(IsoDep isoTag, int slot, - byte[] challenge) { - try { - isoTag.connect(); - byte[] resp = isoTag.transceive(selectCommand); - int length = resp.length; - if (resp[length - 2] == (byte)0x90 && - resp[length - 1] == 0x00) { - return challenge; - } else { - Toast.makeText(this, R.string.tag_error, - Toast.LENGTH_LONG).show(); - } - } catch (TagLostException e) { - Toast.makeText(this, - R.string.tag_lost, Toast.LENGTH_LONG).show(); - } catch (IOException e) { - Toast.makeText(this, - getText(R.string.tag_error) + - e.getMessage(), - Toast.LENGTH_LONG).show(); - } - return null; - } } diff --git a/src/org/average/nfcauthcr/NFCAuthCREnroll.java b/src/org/average/nfcauthcr/NFCAuthCREnroll.java index daea0d8..50933cb 100644 --- a/src/org/average/nfcauthcr/NFCAuthCREnroll.java +++ b/src/org/average/nfcauthcr/NFCAuthCREnroll.java @@ -97,6 +97,11 @@ public class NFCAuthCREnroll extends Activity { Log.v(TAG, "Challenge is \"" + hex(challenge) + "\""); byte[] response = intent.getByteArrayExtra("response"); Log.v(TAG, "Response is \"" + hex(response) + "\""); + Editor editor = prefs.edit(); + editor.putString("challenge", hex(challenge)); + editor.putString("response", hex(response)); + editor.commit(); + Log.v(TAG, "stored new challenge and response"); } private void showEnrollResult(final String msg) { diff --git a/src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java b/src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java new file mode 100644 index 0000000..67596e6 --- /dev/null +++ b/src/org/average/nfcauthcr/NFCAuthCRYubiNeo.java @@ -0,0 +1,83 @@ +package org.average.nfcauthcr; + +import java.io.IOException; +import java.util.Arrays; + +import android.nfc.NfcAdapter; +import android.nfc.Tag; +import android.nfc.TagLostException; +import android.nfc.tech.IsoDep; +import android.util.Log; + +import org.average.nfcauthcr.NFCAuthCRYubiNeo; + +public class NFCAuthCRYubiNeo { + + private static final String TAG = "NFCAuthCRYubiNeo"; + + // Is it CCID APDU? ISO 7816-4? + + // 00 A4 04 00 xx AID - GlobalPlatform - SELECT + // Le send data = 07: A0 00 00 05 27 20 01 + // Le recv data = 00 + private static final byte[] selectCommand = + {0x00, (byte) 0xA4, 0x04, 0x00, 0x07, (byte) 0xA0, + 0x00, 0x00, 0x05, 0x27, 0x20, 0x01, 0x00}; + + private static final byte[] crCommand = + {0x00, 0x01, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00}; + + private static final byte SLOT_CHAL_HMAC1 = 0x30; + private static final byte SLOT_CHAL_HMAC2 = 0x38; + + public static final byte[] doChallengeYubiKey(IsoDep isoTag, int slot, + byte[] challenge) { + try { + isoTag.connect(); + byte[] resp = isoTag.transceive(selectCommand); + int length = resp.length; + Log.v(TAG, "response to select length is " + length); + if (resp[length - 2] != (byte)0x90 || + resp[length - 1] != 0x00) { + Log.v(TAG, "Wrong response to select"); + //Toast.makeText(this, R.string.tag_error, + // Toast.LENGTH_LONG).show(); + return null; + } + byte[] apdu = new byte[69]; + apdu[0] = 0x00; // CLA + apdu[1] = 0x01; // INS + switch (slot) { + case 1: apdu[2] = SLOT_CHAL_HMAC1; break; // P1 + case 2: apdu[2] = SLOT_CHAL_HMAC2; break; // P1 + } + apdu[3] = 0x00; // P2 + apdu[4] = 63; // Lc + System.arraycopy(challenge, 0, apdu, 5, + challenge.length); + apdu[apdu.length-1] = 22; + resp = isoTag.transceive(apdu); + length = resp.length; + if (resp[length - 2] != (byte)0x90 || + resp[length - 1] != 0x00) { + Log.v(TAG, "Wrong response to challenge"); + //Toast.makeText(this, R.string.tag_error, + // Toast.LENGTH_LONG).show(); + return null; + } + Log.v(TAG, "response to challenge length is " + length); + return Arrays.copyOf(resp, length-2); + } catch (TagLostException e) { + Log.v(TAG, e.getMessage()); + //Toast.makeText(this, + // R.string.tag_lost, Toast.LENGTH_LONG).show(); + } catch (IOException e) { + Log.v(TAG, e.getMessage()); + //Toast.makeText(this, + // getText(R.string.tag_error) + + // e.getMessage(), + // Toast.LENGTH_LONG).show(); + } + return null; + } +}