Wrap Algorithms
This commit is contained in:
parent
8ea63b0b20
commit
fe9ad5f86f
|
@ -249,16 +249,29 @@ func CreateGetPseudoRandomCommand(numBytes uint16) *CommandMessage {
|
||||||
return command
|
return command
|
||||||
}
|
}
|
||||||
|
|
||||||
func CreatePutWrapkeyCommand(objID uint16, label []byte, domains uint16, capabilities, delegated uint64, wrapkey []byte) (*CommandMessage, error) {
|
func CreatePutWrapkeyCommand(objID uint16, label []byte, domains uint16, capabilities uint64, algorithm Algorithm, delegated uint64, wrapkey []byte) (*CommandMessage, error) {
|
||||||
if len(label) > LabelLength {
|
if len(label) > LabelLength {
|
||||||
return nil, errors.New("label is too long")
|
return nil, errors.New("label is too long")
|
||||||
}
|
}
|
||||||
if len(label) < LabelLength {
|
if len(label) < LabelLength {
|
||||||
label = append(label, bytes.Repeat([]byte{0x00}, LabelLength-len(label))...)
|
label = append(label, bytes.Repeat([]byte{0x00}, LabelLength-len(label))...)
|
||||||
}
|
}
|
||||||
if keyLen := len(wrapkey); keyLen != 16 && keyLen != 24 && keyLen != 32 {
|
switch algorithm {
|
||||||
|
case AlgorithmAES128CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 16 {
|
||||||
return nil, errors.New("wrapkey is wrong length")
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
}
|
}
|
||||||
|
case AlgorithmAES192CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 24 {
|
||||||
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
|
}
|
||||||
|
case AlgorithmAES256CCMWrap:
|
||||||
|
if keyLen := len(wrapkey); keyLen != 32 {
|
||||||
|
return nil, errors.New("wrapkey is wrong length")
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
return nil, errors.New("invalid algorithm")
|
||||||
|
}
|
||||||
|
|
||||||
command := &CommandMessage{
|
command := &CommandMessage{
|
||||||
CommandType: CommandTypePutWrapKey,
|
CommandType: CommandTypePutWrapKey,
|
||||||
|
@ -269,6 +282,7 @@ func CreatePutWrapkeyCommand(objID uint16, label []byte, domains uint16, capabil
|
||||||
payload.Write(label)
|
payload.Write(label)
|
||||||
binary.Write(payload, binary.BigEndian, domains)
|
binary.Write(payload, binary.BigEndian, domains)
|
||||||
binary.Write(payload, binary.BigEndian, capabilities)
|
binary.Write(payload, binary.BigEndian, capabilities)
|
||||||
|
binary.Write(payload, binary.BigEndian, algorithm)
|
||||||
binary.Write(payload, binary.BigEndian, delegated)
|
binary.Write(payload, binary.BigEndian, delegated)
|
||||||
payload.Write(wrapkey)
|
payload.Write(wrapkey)
|
||||||
|
|
||||||
|
|
|
@ -84,6 +84,9 @@ const (
|
||||||
AlgorithmSecp256k1 Algorithm = 15
|
AlgorithmSecp256k1 Algorithm = 15
|
||||||
AlgorithmYubicoAESAuthentication Algorithm = 38
|
AlgorithmYubicoAESAuthentication Algorithm = 38
|
||||||
AlgorighmED25519 Algorithm = 46
|
AlgorighmED25519 Algorithm = 46
|
||||||
|
AlgorithmAES128CCMWrap Algorithm = 29
|
||||||
|
AlgorithmAES192CCMWrap Algorithm = 41
|
||||||
|
AlgorithmAES256CCMWrap Algorithm = 42
|
||||||
|
|
||||||
// Capabilities
|
// Capabilities
|
||||||
CapabilityGetOpaque uint64 = 0x0000000000000001
|
CapabilityGetOpaque uint64 = 0x0000000000000001
|
||||||
|
|
Loading…
Reference in New Issue