commit
1734a5c46e
|
@ -1,3 +1,4 @@
|
||||||
.idea
|
.idea
|
||||||
*.iml
|
*.iml
|
||||||
*.swp
|
*.swp
|
||||||
|
*.swo
|
||||||
|
|
|
@ -248,3 +248,45 @@ func CreateGetPseudoRandomCommand(numBytes uint16) *CommandMessage {
|
||||||
|
|
||||||
return command
|
return command
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func CreatePutWrapkeyCommand(objID uint16, label []byte, domains uint16, capabilities uint64, algorithm Algorithm, delegated uint64, wrapkey []byte) (*CommandMessage, error) {
|
||||||
|
if len(label) > LabelLength {
|
||||||
|
return nil, errors.New("label is too long")
|
||||||
|
}
|
||||||
|
if len(label) < LabelLength {
|
||||||
|
label = append(label, bytes.Repeat([]byte{0x00}, LabelLength-len(label))...)
|
||||||
|
}
|
||||||
|
switch algorithm {
|
||||||
|
case AlgorithmAES128CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 16 {
|
||||||
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
|
}
|
||||||
|
case AlgorithmAES192CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 24 {
|
||||||
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
|
}
|
||||||
|
case AlgorithmAES256CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 32 {
|
||||||
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
return nil, errors.New("invalid algorithm")
|
||||||
|
}
|
||||||
|
|
||||||
|
command := &CommandMessage{
|
||||||
|
CommandType: CommandTypePutWrapKey,
|
||||||
|
}
|
||||||
|
|
||||||
|
payload := bytes.NewBuffer([]byte{})
|
||||||
|
binary.Write(payload, binary.BigEndian, objID)
|
||||||
|
payload.Write(label)
|
||||||
|
binary.Write(payload, binary.BigEndian, domains)
|
||||||
|
binary.Write(payload, binary.BigEndian, capabilities)
|
||||||
|
binary.Write(payload, binary.BigEndian, algorithm)
|
||||||
|
binary.Write(payload, binary.BigEndian, delegated)
|
||||||
|
payload.Write(wrapkey)
|
||||||
|
|
||||||
|
command.Data = payload.Bytes()
|
||||||
|
|
||||||
|
return command, nil
|
||||||
|
}
|
||||||
|
|
|
@ -83,6 +83,10 @@ type (
|
||||||
ChangeAuthenticationKeyResponse struct {
|
ChangeAuthenticationKeyResponse struct {
|
||||||
ObjectID uint16
|
ObjectID uint16
|
||||||
}
|
}
|
||||||
|
|
||||||
|
PutWrapkeyResponse struct {
|
||||||
|
ObjectID uint16
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
// ParseResponse parses the binary response from the card to the relevant Response type.
|
// ParseResponse parses the binary response from the card to the relevant Response type.
|
||||||
|
@ -139,6 +143,8 @@ func ParseResponse(data []byte) (Response, error) {
|
||||||
return parseChangeAuthenticationKeyResponse(payload)
|
return parseChangeAuthenticationKeyResponse(payload)
|
||||||
case CommandTypeGetPseudoRandom:
|
case CommandTypeGetPseudoRandom:
|
||||||
return parseGetPseudoRandomResponse(payload), nil
|
return parseGetPseudoRandomResponse(payload), nil
|
||||||
|
case CommandTypePutWrapKey:
|
||||||
|
return parsePutWrapkeyResponse(payload)
|
||||||
case ErrorResponseCode:
|
case ErrorResponseCode:
|
||||||
return nil, parseErrorResponse(payload)
|
return nil, parseErrorResponse(payload)
|
||||||
default:
|
default:
|
||||||
|
@ -288,6 +294,19 @@ func parseGetPseudoRandomResponse(payload []byte) Response {
|
||||||
return payload
|
return payload
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func parsePutWrapkeyResponse(payload []byte) (Response, error) {
|
||||||
|
if len(payload) != 2 {
|
||||||
|
return nil, errors.New("invalid response payload length")
|
||||||
|
}
|
||||||
|
|
||||||
|
var objectID uint16
|
||||||
|
err := binary.Read(bytes.NewReader(payload), binary.BigEndian, &objectID)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &PutWrapkeyResponse{ObjectID: objectID}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Error formats a card error message into a human readable format
|
// Error formats a card error message into a human readable format
|
||||||
func (e *Error) Error() string {
|
func (e *Error) Error() string {
|
||||||
message := ""
|
message := ""
|
||||||
|
|
|
@ -84,6 +84,9 @@ const (
|
||||||
AlgorithmSecp256k1 Algorithm = 15
|
AlgorithmSecp256k1 Algorithm = 15
|
||||||
AlgorithmYubicoAESAuthentication Algorithm = 38
|
AlgorithmYubicoAESAuthentication Algorithm = 38
|
||||||
AlgorighmED25519 Algorithm = 46
|
AlgorighmED25519 Algorithm = 46
|
||||||
|
AlgorithmAES128CCMWrap Algorithm = 29
|
||||||
|
AlgorithmAES192CCMWrap Algorithm = 41
|
||||||
|
AlgorithmAES256CCMWrap Algorithm = 42
|
||||||
|
|
||||||
// Capabilities
|
// Capabilities
|
||||||
CapabilityGetOpaque uint64 = 0x0000000000000001
|
CapabilityGetOpaque uint64 = 0x0000000000000001
|
||||||
|
|
Loading…
Reference in New Issue