status-im initial diffs

status-im.diff

--- ./status-keycard-java/lib/src/main/java/im/status/keycard/globalplatform/SCP02Wrapper.java	2019-12-05 01:43:09.053108152 +0800
+++ /tmp/ccc/SCP02Wrapper.java	2019-12-20 21:50:49.323087663 +0800
@@ -10,7 +10,9 @@
  * Adds a SCP02 MAC to APDUs.
  */
 public class SCP02Wrapper {
-  private byte[] macKeyData;
+  private SCP02Keys keys;
+  public boolean bMAC = true; 
+  public boolean bENC = false; // temporarily public
   private byte[] icv;
 
   /**
@@ -18,8 +20,8 @@
    *
    * @param macKeyData the MAC key
    */
-  public SCP02Wrapper(byte[] macKeyData) {
-    this.macKeyData = macKeyData;
+  public SCP02Wrapper(SCP02Keys keys) {
+    this.keys = keys;
     this.icv = Crypto.NullBytes8.clone();
   }
 
@@ -33,30 +35,42 @@
       int cla = (cmd.getCla() | 0x04) & 0xff;
       byte[] data = cmd.getData();
 
-      ByteArrayOutputStream macData = new ByteArrayOutputStream();
-      macData.write(cla);
-      macData.write(cmd.getIns());
-      macData.write(cmd.getP1());
-      macData.write(cmd.getP2());
-      macData.write(data.length + 8);
-      macData.write(data);
-
-      byte[] icv;
-      if (Arrays.equals(this.icv, Crypto.NullBytes8)) {
-        icv = this.icv;
-      } else {
-        icv = Crypto.encryptICV(this.macKeyData, this.icv);
+      ByteArrayOutputStream Data = new ByteArrayOutputStream();
+      Data.write(cla);
+      Data.write(cmd.getIns());
+      Data.write(cmd.getP1());
+      Data.write(cmd.getP2());
+      Data.write(data.length + 8);
+      Data.write(data);
+
+      byte[] wrappedData = null;
+      byte[] mac = null;
+      
+      if (bMAC) {
+        byte[] icv;
+        if (Arrays.equals(this.icv, Crypto.NullBytes8)) {
+          icv = this.icv;
+        } else {
+          icv = Crypto.encryptICV(keys.getMacKeyData(), this.icv);
+        }
+
+        mac = Crypto.macFull3des(keys.getMacKeyData(), Crypto.appendDESPadding(Data.toByteArray()), icv);
+        this.icv = mac.clone();
+        byte[] newData = new byte[data.length + mac.length];
+        System.arraycopy(data, 0, newData, 0, data.length );
+        System.arraycopy(mac, 0, newData, data.length, mac.length );
+        wrappedData = newData;
       }
 
-      byte[] mac = Crypto.macFull3des(this.macKeyData, Crypto.appendDESPadding(macData.toByteArray()), icv);
-      byte[] newData = new byte[data.length + mac.length];
-      System.arraycopy(data, 0, newData, 0, data.length );
-      System.arraycopy(mac, 0, newData, data.length, mac.length );
-
-      APDUCommand wrapped = new APDUCommand(cla, cmd.getIns(), cmd.getP1(), cmd.getP2(), newData, cmd.getNeedsLE());
-      this.icv = mac.clone();
+      if (bENC) {
+        Data.reset();
+        byte[] enc = Crypto.encryptData(keys.getEncKeyData(), data);
+        Data.write(enc);
+        Data.write(mac);
+        wrappedData = Data.toByteArray();
+      }
 
-      return wrapped;
+      return (wrappedData != null) ? new APDUCommand(cla, cmd.getIns(), cmd.getP1(), cmd.getP2(), wrappedData, cmd.getNeedsLE()) : cmd;
     } catch (IOException e) {
       throw new RuntimeException("error wrapping APDU command.", e);
     }
--- ./status-keycard-java/lib/src/main/java/im/status/keycard/globalplatform/Crypto.java	2019-12-05 01:43:09.053108152 +0800
+++ /tmp/ccc/Crypto.java	2019-12-20 21:55:56.461046249 +0800
@@ -241,4 +241,20 @@
     SecureRandom random = new SecureRandom();
     return Math.abs(random.nextLong()) % bound;
   }
+
+  /**
+  * Taken from gppro
+  *
+  */
+  public static byte[] encryptData(byte[] key,byte[] data) {
+    try {
+      Cipher c = Cipher.getInstance("DESede/CBC/NoPadding");
+      SecretKeySpec keyspec = new SecretKeySpec(resizeKey24(key), "DESede");
+      c.init(Cipher.ENCRYPT_MODE,keyspec, new IvParameterSpec(Crypto.NullBytes8));
+      byte[] data_padded = Crypto.appendDESPadding(data);
+      return c.doFinal(data_padded); 
+    } catch (GeneralSecurityException e) {
+      throw new RuntimeException("error doing enc.", e);
+    }
+  }
 }