Refactor YubiKey decryptor (#663)

- Add YKFSmartCardInterface extension to simplify smart card related calls - Use async/await to rewrite callback closures - Update YubiKeyConnection - Better error handling
2024-12-15 21:08:27 -08:00 · 2024-12-15 21:08:27 -08:00 · a410c9480a
commit a410c9480a
parent fc35805565
9 changed files with 344 additions and 320 deletions
--- a/passKit/Helpers/YubiKeyAPDU.swift
+++ b/passKit/Helpers/YubiKeyAPDU.swift
@ -13,30 +13,12 @@ public enum YubiKeyAPDU {
    }

    public static func verify(password: String) -> YKFAPDU {
-        let pw1: [UInt8] = Array(password.utf8)
-        var apdu: [UInt8] = []
-        apdu += [0x00] // CLA
-        apdu += [0x20] // INS: VERIFY
-        apdu += [0x00] // P1
-        apdu += [0x82] // P2: PW1
-        apdu += withUnsafeBytes(of: UInt8(pw1.count).bigEndian, Array.init)
-        apdu += pw1
-        return YKFAPDU(data: Data(apdu))!
+        YKFAPDU(cla: 0x00, ins: 0x20, p1: 0x00, p2: 0x82, data: Data(password.utf8), type: .extended)!
    }

    public static func decipherExtended(data: Data) -> [YKFAPDU] {
-        var apdu: [UInt8] = []
-        apdu += [0x00] // CLA (last or only command of a chain)
-        apdu += [0x2A, 0x80, 0x86] // INS, P1, P2: PSO.DECIPHER
-        // Lc, An extended Lc field consists of three bytes:
-        // one byte set to '00' followed by two bytes not set to '0000' (1 to 65535 dec.).
-        apdu += [0x00] + withUnsafeBytes(of: UInt16(data.count + 1).bigEndian, Array.init)
-        // Padding indicator byte (00) for RSA or (02) for AES followed by cryptogram Cipher DO 'A6' for ECDH
-        apdu += [0x00]
-        apdu += data
-        apdu += [0x02, 0x00]
-
-        return [YKFAPDU(data: Data(apdu))!]
+        let apdu = YKFAPDU(cla: 0x00, ins: 0x2A, p1: 0x80, p2: 0x86, data: data, type: .extended)!
+        return [apdu]
    }

    public static func decipherChained(data: Data) -> [YKFAPDU] {
@ -63,14 +45,8 @@ public enum YubiKeyAPDU {
        return result
    }

-    public static func get_application_related_data() -> YKFAPDU {
-        var apdu: [UInt8] = []
-        apdu += [0x00] // CLA
-        apdu += [0xCA] // INS: GET DATA
-        apdu += [0x00]
-        apdu += [0x6E] // P2: application related data
-        apdu += [0x00]
-        return YKFAPDU(data: Data(apdu))!
+    public static func getApplicationRelatedData() -> YKFAPDU {
+        YKFAPDU(cla: 0x00, ins: 0xCA, p1: 0x00, p2: 0x6E, data: Data(), type: .short)!
    }

    static func chunk(data: Data) -> [[UInt8]] {