Use different approach for whitelisting usb security tokens

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java

@@ -189,10 +189,11 @@ public class SecurityTokenConnection {
     @VisibleForTesting
     void connectToDevice(Context context) throws IOException {
         // Connect on transport layer
-        mCardCapabilities = new CardCapabilities();
-
         mTransport.connect();
 
+        // dummy instance for initial communicate() calls
+        mCardCapabilities = new CardCapabilities();
+
         determineTokenType();
 
         CommandApdu select = commandFactory.createSelectFileOpenPgpCommand();
@@ -546,7 +547,7 @@ public class SecurityTokenConnection {
         }
 
         // Now we're ready to communicate with the token.
-        byte[] keyBytes = null;
+        byte[] keyBytes;
 
         try {
             secretKey.unlock(passphrase);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenInfo.java

@@ -3,8 +3,10 @@ package org.sufficientlysecure.keychain.securitytoken;
 
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -100,7 +102,7 @@ public abstract class SecurityTokenInfo implements Parcelable {
         NITROKEY_START_1_25_AND_NEWER, GNUK_OLD, GNUK_1_25_AND_NEWER, LEDGER_NANO_S, UNKNOWN
     }
 
-    private static final HashSet<TokenType> SUPPORTED_USB_TOKENS = new HashSet<>(Arrays.asList(
+    public static final Set<TokenType> SUPPORTED_USB_TOKENS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
             TokenType.YUBIKEY_NEO,
             TokenType.YUBIKEY_4,
             TokenType.NITROKEY_PRO,
@@ -109,23 +111,16 @@ public abstract class SecurityTokenInfo implements Parcelable {
             TokenType.NITROKEY_START_1_25_AND_NEWER,
             TokenType.GNUK_OLD,
             TokenType.GNUK_1_25_AND_NEWER
-    ));
+    )));
 
-    private static final HashSet<TokenType> SUPPORTED_USB_SETUP = new HashSet<>(Arrays.asList(
+    private static final Set<TokenType> SUPPORTED_USB_SETUP = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
             TokenType.YUBIKEY_NEO,
             TokenType.YUBIKEY_4,
             TokenType.NITROKEY_PRO,
             TokenType.NITROKEY_STORAGE,
             TokenType.NITROKEY_START_1_25_AND_NEWER,
             TokenType.GNUK_1_25_AND_NEWER
-    ));
+    )));
-
-    public boolean isSecurityTokenSupported() {
-        boolean isKnownSupported = SUPPORTED_USB_TOKENS.contains(getTokenType());
-        boolean isNfcTransport = getTransportType() == TransportType.NFC;
-
-        return isKnownSupported || isNfcTransport;
-    }
 
     public boolean isPutKeySupported() {
         boolean isKnownSupported = SUPPORTED_USB_SETUP.contains(getTokenType());

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/usb/UnsupportedUsbTokenException.java

@@ -0,0 +1,8 @@
+package org.sufficientlysecure.keychain.securitytoken.usb;
+
+
+public class UnsupportedUsbTokenException extends UsbTransportException {
+    UnsupportedUsbTokenException() {
+        super("This USB token is not supported!");
+    }
+}

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/usb/UsbTransport.java

@@ -134,6 +134,13 @@ public class UsbTransport implements Transport {
             throw new UsbTransportException("USB error: failed to connect to device");
         }
 
+        boolean tokenTypeSupported = SecurityTokenInfo.SUPPORTED_USB_TOKENS.contains(getTokenTypeIfAvailable());
+        if (!tokenTypeSupported) {
+            usbConnection.close();
+            usbConnection = null;
+            throw new UnsupportedUsbTokenException();
+        }
+
         if (!usbConnection.claimInterface(usbInterface, true)) {
             throw new UsbTransportException("USB error: failed to claim interface");
         }