gridplus

package

v0.0.0-...-1153de6 Latest Latest Go to latest Published: Apr 26, 2023 License: MPL-2.0 Imports: 9 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/GridPlus/keycard-go

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NewAPDUPairStep1(clientSalt []byte, pubKey *ecdsa.PublicKey) *apdu.Command
func NewAPDUPairStep2(cryptogram []byte) *apdu.Command
func ParseCertPubkeyToECDSA(cert []byte) (*ecdsa.PublicKey, error)
func ParseExportSeedResponse(resp []byte) ([]byte, error)
func ParseSelectResponse(resp []byte) (instanceUID []byte, cardPubKey []byte, err error)
func SerializePubKey(pubKey ecdsa.PublicKey) []byte
func ValidateCardCertificate(cert SafecardCert) bool
func ValidateECCPubKey(pubKey *ecdsa.PublicKey) bool
func ValidateECDSASignature(sigBytes []byte, pubKeyBytes []byte, hashBytes []byte) bool
type SafecardCert
type SafecardRAPDUStep1
- func ParsePairStep1Response(resp []byte) (apduResp SafecardRAPDUStep1, err error)
type SafecardRAPDUStep2
- func ParsePairStep2Response(resp []byte) (SafecardRAPDUStep2, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	SafecardAID                                   = []byte{0xA0, 0x00, 0x00, 0x08, 0x20, 0x00, 0x01, 0x01}
	SAFECARD_APDU_CLA_ENCRYPTED_PROPRIETARY uint8 = 0x80
	SAFECARD_APDU_INS_PAIR                  uint8 = 0x12
	PAIR_STEP1                              uint8 = 0x00
	PAIR_STEP2                              uint8 = 0x01
	TLV_TYPE_CUSTOM                         uint8 = 0x80
)

View Source

var (
	ErrCardUninitialized = errors.New("card uninitialized")
	ErrSeedInvalidLength = errors.New("export seed response invalid length")
)

View Source

var SafecardCertCAPubKey = []byte{
	0x04,
	0x77, 0x81, 0x6e, 0x8e, 0x83, 0xbb, 0x17, 0xc4,
	0x30, 0x9c, 0xc2, 0xe5, 0xaa, 0x13, 0x4c, 0x57,
	0x3a, 0x59, 0x43, 0x15, 0x49, 0x40, 0x09, 0x5a,
	0x42, 0x31, 0x49, 0xf7, 0xcc, 0x03, 0x84, 0xad,
	0x52, 0xd3, 0x3f, 0x1b, 0x4c, 0xd8, 0x9c, 0x96,
	0x7b, 0xf2, 0x11, 0xc0, 0x39, 0x20, 0x2d, 0xf3,
	0xa7, 0x89, 0x9c, 0xb7, 0x54, 0x3d, 0xe4, 0x73,
	0x8c, 0x96, 0xa8, 0x1c, 0xfd, 0xe4, 0xb1, 0x17,
}

Prod cert CA Key

Functions ¶

func NewAPDUPairStep1 ¶

func NewAPDUPairStep1(clientSalt []byte, pubKey *ecdsa.PublicKey) *apdu.Command

func NewAPDUPairStep2 ¶

func NewAPDUPairStep2(cryptogram []byte) *apdu.Command

func ParseCertPubkeyToECDSA ¶

func ParseCertPubkeyToECDSA(cert []byte) (*ecdsa.PublicKey, error)

func ParseExportSeedResponse ¶

func ParseExportSeedResponse(resp []byte) ([]byte, error)

func ParseSelectResponse ¶

func ParseSelectResponse(resp []byte) (instanceUID []byte, cardPubKey []byte, err error)

Manually parse possible TLV responses

func SerializePubKey ¶

func SerializePubKey(pubKey ecdsa.PublicKey) []byte

func ValidateCardCertificate ¶

func ValidateCardCertificate(cert SafecardCert) bool

Validate that a card's certificate was signed by the known GridPlus signer

func ValidateECCPubKey ¶

func ValidateECCPubKey(pubKey *ecdsa.PublicKey) bool

func ValidateECDSASignature ¶

func ValidateECDSASignature(sigBytes []byte, pubKeyBytes []byte, hashBytes []byte) bool

Types ¶

type SafecardCert ¶

type SafecardCert struct {
	Permissions []byte
	PubKey      []byte
	Sig         []byte
}

type SafecardRAPDUStep1 ¶

type SafecardRAPDUStep1 struct {
	SafecardSalt []byte
	SafecardCert SafecardCert
	SafecardSig  []byte
}

func ParsePairStep1Response ¶

func ParsePairStep1Response(resp []byte) (apduResp SafecardRAPDUStep1, err error)

type SafecardRAPDUStep2 ¶

type SafecardRAPDUStep2 struct {
	PairingIdx int
	Salt       []byte
}

func ParsePairStep2Response ¶

func ParsePairStep2Response(resp []byte) (SafecardRAPDUStep2, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL