From 766068b5bc75f985f586c909bf6298941cccfd93 Mon Sep 17 00:00:00 2001 From: marisawoo Date: Wed, 1 Nov 2023 18:13:33 -0400 Subject: [PATCH] add support for decrypt RSA OAEP --- README.md | 1 + commands/constructors.go | 18 ++++++++++++++++++ commands/response.go | 12 ++++++++++++ 3 files changed, 31 insertions(+) diff --git a/README.md b/README.md index 05aa9a2..a6cdeee 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ Currently the following commands are implemented: * PutAsymmetricKey * GetPubKey * DeriveEcdh + * DecryptOaep * Echo * ChangeAuthenticationKey * PutAuthenticationKey diff --git a/commands/constructors.go b/commands/constructors.go index 9b95a4f..33f03b3 100644 --- a/commands/constructors.go +++ b/commands/constructors.go @@ -264,6 +264,24 @@ func CreateDeriveEcdhCommand(objID uint16, pubkey []byte) (*CommandMessage, erro return command, nil } +func CreateDecryptOaepCommand(objID uint16, algorithm Algorithm, ciphertextFile []byte) (*CommandMessage, error) { + if algorithm < AlgorithmRSAOAEPSHA1 || algorithm > AlgorithmRSAOAEPSHA512 { + return nil, errors.New("invalid algorithm") + } + + command := &CommandMessage{ + CommandType: CommandTypeDecryptOaep, + } + + payload := bytes.NewBuffer([]byte{}) + binary.Write(payload, binary.BigEndian, objID) + binary.Write(payload, binary.BigEndian, algorithm) + payload.Write(ciphertextFile) + command.Data = payload.Bytes() + + return command, nil +} + func CreateChangeAuthenticationKeyCommand(objID uint16, newPassword string) (*CommandMessage, error) { command := &CommandMessage{ CommandType: CommandTypeChangeAuthenticationKey, diff --git a/commands/response.go b/commands/response.go index 87bcaee..453e4c0 100644 --- a/commands/response.go +++ b/commands/response.go @@ -94,6 +94,10 @@ type ( XCoordinate []byte } + DecryptOaepResponse struct { + Plaintext []byte + } + ChangeAuthenticationKeyResponse struct { ObjectID uint16 } @@ -183,6 +187,8 @@ func ParseResponse(data []byte) (Response, error) { return parseEchoResponse(payload) case CommandTypeDeriveEcdh: return parseDeriveEcdhResponse(payload) + case CommandTypeDecryptOaep: + return parseDecryptOaepResponse(payload) case CommandTypeChangeAuthenticationKey: return parseChangeAuthenticationKeyResponse(payload) case CommandTypeGetPseudoRandom: @@ -364,6 +370,12 @@ func parseDeriveEcdhResponse(payload []byte) (Response, error) { }, nil } +func parseDecryptOaepResponse(payload []byte) (Response, error) { + return &DecryptOaepResponse{ + Plaintext: payload, + }, nil +} + func parseChangeAuthenticationKeyResponse(payload []byte) (Response, error) { if len(payload) != 2 { return nil, errors.New("invalid response payload length")