Merge pull request #2404 from Secalot/master

Add Secalot hardware token support.
2018-10-30 15:45:58 +01:00
parent 09f63e7f30 01b2f6e95b
commit 894bac6c8d
6 changed files with 39 additions and 13 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/CardCapabilities.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/CardCapabilities.java
@@ -18,7 +18,7 @@
 package org.sufficientlysecure.keychain.securitytoken;

 import org.sufficientlysecure.keychain.securitytoken.usb.UsbTransportException;
-
+import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo.TokenType;
 import java.nio.ByteBuffer;
 import java.util.Arrays;

@@ -36,12 +36,15 @@ class CardCapabilities {
    private byte[] historicalBytes;
    private byte[] capabilityBytes;

-    public CardCapabilities(byte[] historicalBytes) throws UsbTransportException {
+    private TokenType tokenType;
+
+    public CardCapabilities(byte[] historicalBytes, TokenType tokenType) throws UsbTransportException {
        if ((historicalBytes == null) || (historicalBytes[0] != 0x00)) {
            throw new UsbTransportException("Invalid historical bytes category indicator byte");
        }
        this.historicalBytes = historicalBytes;
        capabilityBytes = getCapabilitiesBytes(historicalBytes);
+        this.tokenType = tokenType;
    }

    public CardCapabilities() {
@@ -81,6 +84,10 @@ class CardCapabilities {
            return true;
        }

+        if (tokenType == TokenType.SECALOT) {
+            return true;
+        }
+
        int statusIndicatorByte = historicalBytes[historicalBytes.length - 3];
        switch (statusIndicatorByte) {
            case STATUS_INDICATOR_NO_INFORMATION: {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java
@@ -98,11 +98,11 @@ public abstract class OpenPgpCapabilities {
    }

    public int getPw1MaxLength() {
-        return getPwStatusBytes()[MAX_PW1_LENGTH_INDEX];
+        return getPwStatusBytes()[MAX_PW1_LENGTH_INDEX] & 0xFF;
    }

    public int getPw3MaxLength() {
-        return getPwStatusBytes()[MAX_PW3_LENGTH_INDEX];
+        return getPwStatusBytes()[MAX_PW3_LENGTH_INDEX] & 0xFF;
    }

    public int getPw1TriesLeft() {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
@@ -167,7 +167,7 @@ public class SecurityTokenConnection {
    @VisibleForTesting
    void setConnectionCapabilities(OpenPgpCapabilities openPgpCapabilities) throws IOException {
        this.openPgpCapabilities = openPgpCapabilities;
-        this.cardCapabilities = new CardCapabilities(openPgpCapabilities.getHistoricalBytes());
+        this.cardCapabilities = new CardCapabilities(openPgpCapabilities.getHistoricalBytes(), tokenType);
    }

    // endregion
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenInfo.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenInfo.java
@@ -117,7 +117,7 @@ public abstract class SecurityTokenInfo implements Parcelable {

    public enum TokenType {
        YUBIKEY_NEO, YUBIKEY_4, FIDESMO, NITROKEY_PRO, NITROKEY_STORAGE, NITROKEY_START_OLD,
-        NITROKEY_START_1_25_AND_NEWER, GNUK_OLD, GNUK_1_25_AND_NEWER, LEDGER_NANO_S, UNKNOWN
+        NITROKEY_START_1_25_AND_NEWER, GNUK_OLD, GNUK_1_25_AND_NEWER, LEDGER_NANO_S, SECALOT, UNKNOWN
    }

    public static final Set<TokenType> SUPPORTED_USB_TOKENS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
@@ -129,7 +129,8 @@ public abstract class SecurityTokenInfo implements Parcelable {
            TokenType.NITROKEY_START_1_25_AND_NEWER,
            TokenType.GNUK_OLD,
            TokenType.GNUK_1_25_AND_NEWER,
-            TokenType.LEDGER_NANO_S
+            TokenType.LEDGER_NANO_S,
+            TokenType.SECALOT
    )));

    private static final Set<TokenType> SUPPORTED_USB_SETUP = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
@@ -138,7 +139,8 @@ public abstract class SecurityTokenInfo implements Parcelable {
            TokenType.NITROKEY_PRO,
            TokenType.NITROKEY_STORAGE,
            TokenType.NITROKEY_START_1_25_AND_NEWER,
-            TokenType.GNUK_1_25_AND_NEWER
+            TokenType.GNUK_1_25_AND_NEWER,
+            TokenType.SECALOT
    )));

    public boolean isPutKeySupported() {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/usb/UsbTransport.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/usb/UsbTransport.java
@@ -70,6 +70,9 @@ public class UsbTransport implements Transport {
    private static final int VENDOR_FSIJ = 9035;
    private static final int VENDOR_LEDGER = 11415;

+    private static final int VENDOR_SECALOT = 4617;
+    private static final int PRODUCT_SECALOT = 28672;
+
    private final UsbDevice usbDevice;
    private final UsbManager usbManager;

@@ -254,6 +257,13 @@ public class UsbTransport implements Transport {
            case VENDOR_LEDGER: {
                return TokenType.LEDGER_NANO_S;
            }
+            case VENDOR_SECALOT: {
+                switch (productId) {
+                    case PRODUCT_SECALOT:
+                        return TokenType.SECALOT;
+                }
+                break;
+            }
        }

        Timber.d("Unknown USB token. Vendor ID: %s, Product ID: %s", vendorId, productId);