Skip to content

Commit

Permalink
HSMAUTH: Fix public key data format for calculate session keys cmd
Browse files Browse the repository at this point in the history
  • Loading branch information
elibon99 committed Aug 1, 2023
1 parent 4d239c2 commit 6f9a037
Showing 1 changed file with 14 additions and 8 deletions.
22 changes: 14 additions & 8 deletions yubikit/hsmauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
from enum import IntEnum, unique
from dataclasses import dataclass
from typing import Optional, List, Union, Tuple
import struct

import logging

Expand Down Expand Up @@ -106,7 +107,7 @@ def key_len(self):
@property
def pubkey_len(self):
if self.name.startswith("EC_P256"):
return 65
return 64


def _parse_credential_password(credential_password: bytes) -> bytes:
Expand Down Expand Up @@ -467,7 +468,7 @@ def calculate_session_keys_asymmetric(
self,
label: str,
context: bytes,
public_key: ec.EllipticCurvePublicKeyWithSerialization,
public_key: ec.EllipticCurvePublicKey,
credential_password: bytes,
card_crypto: bytes,
) -> SessionKeys:
Expand All @@ -477,16 +478,21 @@ def calculate_session_keys_asymmetric(
if not isinstance(public_key.curve, ec.SECP256R1):
raise ValueError("Unsupported curve")

ln = ALGORITHM.EC_P256_YUBICO_AUTHENTICATION
numbers = public_key.public_numbers()

public_key_data = (
struct.pack("!B", 4)
+ int.to_bytes(numbers.x, public_key.key_size // 8, "big")
+ int.to_bytes(numbers.y, public_key.key_size // 8, "big")
)

return SessionKeys.parse(
self._calculate_session_keys(
label,
context,
card_crypto,
int2bytes((numbers.x + numbers.y), ln),
credential_password,
label=label,
context=context,
credential_password=credential_password,
card_crypto=card_crypto,
public_key=public_key_data,
)
)

Expand Down

0 comments on commit 6f9a037

Please sign in to comment.