Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add GET_CHALLENGE for openpgp #86

Merged
merged 2 commits into from
May 22, 2024
Merged

add GET_CHALLENGE for openpgp #86

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
da60447
add GET_CHALLENGE for openpgp
dangfan May 21, 2024
6d0b5a2
test openpgp Get Challenge
May 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 14 additions & 3 deletions applets/openpgp/openpgp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,10 +78,10 @@ static const uint8_t extended_length_info[] = {0x02, 0x02, HI(APDU_BUFFER_SIZE),
0x02, 0x02, HI(APDU_BUFFER_SIZE), LO(APDU_BUFFER_SIZE)};

static const uint8_t extended_capabilities[] = {
0x34, // Support key import, pw1 status change, and algorithm attributes changes
0x74, // Support get challenge, key import, pw1 status change, and algorithm attributes changes
0x00, // No SM algorithm
0x00,
0x00, // No challenge support
HI(APDU_BUFFER_SIZE),
LO(APDU_BUFFER_SIZE), // Challenge size
HI(MAX_CERT_LENGTH),
LO(MAX_CERT_LENGTH), // Cert length
HI(MAX_DO_LENGTH),
Expand Down Expand Up @@ -1201,6 +1201,14 @@ static int openpgp_activate(const CAPDU *capdu, RAPDU *rapdu) {
return openpgp_install(1);
}

static int openpgp_get_challenge(const CAPDU *capdu, RAPDU *rapdu) {
if (P1 != 0x00 || P2 != 0x00) EXCEPT(SW_WRONG_P1P2);
if (LE > APDU_BUFFER_SIZE) EXCEPT(SW_WRONG_LENGTH);
random_buffer(RDATA, LE);
LL = LE;
return 0;
}

int openpgp_process_apdu(const CAPDU *capdu, RAPDU *rapdu) {
LL = 0;
SW = SW_NO_ERROR;
Expand Down Expand Up @@ -1287,6 +1295,9 @@ int openpgp_process_apdu(const CAPDU *capdu, RAPDU *rapdu) {
ret = openpgp_sign_or_auth(capdu, rapdu, false);
stop_blinking();
break;
case OPENPGP_INS_GET_CHALLENGE:
ret = openpgp_get_challenge(capdu, rapdu);
break;
case OPENPGP_INS_TERMINATE:
ret = openpgp_terminate(capdu, rapdu);
break;
Expand Down
1 change: 1 addition & 0 deletions include/openpgp.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
#define OPENPGP_INS_GENERATE_ASYMMETRIC_KEY_PAIR 0x47
#define OPENPGP_INS_TERMINATE 0xE6
#define OPENPGP_INS_ACTIVATE 0x44
#define OPENPGP_INS_GET_CHALLENGE 0x84

#define TAG_AID 0x4F
#define TAG_LOGIN 0x5E
Expand Down
7 changes: 7 additions & 0 deletions test-via-pcsc/openpgp_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,13 @@ func TestOpenPGPApplet(t *testing.T) {
So(res, ShouldResemble, []byte{2, 2, 0x05, 0x3C, 2, 2, 0x05, 0x3C}) // 1340 bytes
})

Convey("Get challenge", func(ctx C) {
res, code, err := app.Send([]byte{0x00, 0x84, 0x00, 0x00, 0x00, 0x05, 0x3C})
So(err, ShouldBeNil)
So(code, ShouldEqual, 0x9000)
So(len(res), ShouldEqual, 0x53C) // 1340 bytes
})

Convey("Admin PIN retry times", func(ctx C) {
_, code, err := app.Send([]byte{0x00, 0x20, 0x00, 0x83})
So(err, ShouldBeNil)
Expand Down
Loading