Disable reset for Gnuk token version < 1.2.5
This commit is contained in:
Vincent Breitmoser
@@ -5,6 +5,8 @@ import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import android.os.Parcelable;
|
||||
import android.support.annotation.Nullable;
|
||||
@@ -18,6 +20,7 @@ import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
||||
@AutoValue
|
||||
public abstract class SecurityTokenInfo implements Parcelable {
|
||||
private static final byte[] EMPTY_ARRAY = new byte[20];
|
||||
private static final Pattern GNUK_VERSION_PATTERN = Pattern.compile("FSIJ-(\\d\\.\\d\\.\\d)-.+");
|
||||
|
||||
public abstract TransportType getTransportType();
|
||||
public abstract TokenType getTokenType();
|
||||
@@ -90,7 +93,8 @@ public abstract class SecurityTokenInfo implements Parcelable {
|
||||
}
|
||||
|
||||
public enum TokenType {
|
||||
YUBIKEY_NEO, YUBIKEY_4, FIDESMO, NITROKEY_PRO, NITROKEY_STORAGE, NITROKEY_START, GNUK, LEDGER_NANO_S, UNKNOWN
|
||||
YUBIKEY_NEO, YUBIKEY_4, FIDESMO, NITROKEY_PRO, NITROKEY_STORAGE, NITROKEY_START,
|
||||
GNUK_OLD, GNUK_UNKNOWN, GNUK_NEWER_1_25, LEDGER_NANO_S, UNKNOWN
|
||||
}
|
||||
|
||||
private static final HashSet<TokenType> SUPPORTED_USB_TOKENS = new HashSet<>(Arrays.asList(
|
||||
@@ -98,7 +102,15 @@ public abstract class SecurityTokenInfo implements Parcelable {
|
||||
TokenType.YUBIKEY_4,
|
||||
TokenType.NITROKEY_PRO,
|
||||
TokenType.NITROKEY_STORAGE,
|
||||
TokenType.GNUK
|
||||
TokenType.GNUK_OLD,
|
||||
TokenType.GNUK_UNKNOWN,
|
||||
TokenType.GNUK_NEWER_1_25
|
||||
));
|
||||
|
||||
private static final HashSet<TokenType> SUPPORTED_USB_RESET = new HashSet<>(Arrays.asList(
|
||||
TokenType.YUBIKEY_NEO,
|
||||
TokenType.YUBIKEY_4,
|
||||
TokenType.GNUK_NEWER_1_25
|
||||
));
|
||||
|
||||
private static final HashSet<TokenType> SUPPORTED_USB_PUT_KEY = new HashSet<>(Arrays.asList(
|
||||
@@ -120,4 +132,22 @@ public abstract class SecurityTokenInfo implements Parcelable {
|
||||
return isKnownSupported || isNfcTransport;
|
||||
}
|
||||
|
||||
public boolean isResetSupported() {
|
||||
boolean isKnownSupported = SUPPORTED_USB_RESET.contains(getTokenType());
|
||||
boolean isNfcTransport = getTransportType() == TransportType.NFC;
|
||||
|
||||
return isKnownSupported || isNfcTransport;
|
||||
}
|
||||
|
||||
public static String parseGnukVersionString(String serialNo) {
|
||||
if (serialNo == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Matcher matcher = GNUK_VERSION_PATTERN.matcher(serialNo);
|
||||
if (!matcher.matches()) {
|
||||
return null;
|
||||
}
|
||||
return matcher.group(1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,6 +34,7 @@ import org.bouncycastle.util.encoders.Hex;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.securitytoken.CommandApdu;
|
||||
import org.sufficientlysecure.keychain.securitytoken.ResponseApdu;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo.TokenType;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo.TransportType;
|
||||
import org.sufficientlysecure.keychain.securitytoken.Transport;
|
||||
@@ -217,7 +218,10 @@ public class UsbTransport implements Transport {
|
||||
break;
|
||||
}
|
||||
case VENDOR_FSIJ: {
|
||||
return TokenType.GNUK;
|
||||
String serialNo = usbConnection.getSerial();
|
||||
String gnukVersion = SecurityTokenInfo.parseGnukVersionString(serialNo);
|
||||
boolean versionBigger125 = gnukVersion != null && "1.2.5".compareTo(gnukVersion) < 0;
|
||||
return versionBigger125 ? TokenType.GNUK_NEWER_1_25 : TokenType.GNUK_OLD;
|
||||
}
|
||||
case VENDOR_LEDGER: {
|
||||
return TokenType.LEDGER_NANO_S;
|
||||
|
||||
Reference in New Issue
Block a user