cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,619 Commits 1 Branch 0 Tags
22c65f2ab823b275f498b8b2cb4b6732f628fe37
Commit Graph

126 Commits

Author SHA1 Message Date
Vincent Breitmoser
22c65f2ab8 Use Timber instead of Android.Log 2018-01-20 21:32:37 +01:00
Vincent Breitmoser
d956485463 add license headers 2018-01-14 04:07:19 +01:00
Vincent Breitmoser
442845f1fe Split up ResetAndWipeTokenOp a bit, and add test 2018-01-13 16:28:26 +01:00
Vincent Breitmoser
0d2cbd0654 rename methods that do io to "read*" instead of "get*" 2018-01-13 15:32:36 +01:00
Vincent Breitmoser
abf5e5d170 refactor OpenPgpCapabilities to use AutoValue 2018-01-13 15:32:36 +01:00
Vincent Breitmoser
401b90a493 rename UseCases to TokenOps, and move to operations package 2018-01-12 18:50:45 +01:00
Vincent Breitmoser
c00eb7b7f3 Further refactor SecurityTokenConnection 2018-01-12 17:00:32 +01:00
Vincent Breitmoser
626c08bbbe extract ModifyPinUseCase 2018-01-12 16:53:18 +01:00
Vincent Breitmoser
47319d22b9 extract GenerateKeyUseCase 2018-01-12 16:00:52 +01:00
Vincent Breitmoser
4cbdad7cb8 extract ResetAndWipeUseCase 2018-01-12 15:55:47 +01:00
Vincent Breitmoser
bb2b37cff6 SecurityTokenConnection code style 2018-01-12 15:55:47 +01:00
Vincent Breitmoser
139735f0e1 refactor decryptSessionKey 2018-01-12 15:55:46 +01:00
Vincent Breitmoser
1ed2cae2b0 Extract OpenPGP card operation logic from SecurityTokenConnection class 2018-01-12 15:55:29 +01:00
Vincent Breitmoser
04037ed0b4 Minor cleanup and better logging in SecurityTokenConnection 2018-01-10 17:48:58 +01:00
Vincent Breitmoser
9031173b8a fix misleading variable name 2018-01-10 17:48:58 +01:00
Dominik Schürmann
3cc43e9f69 Adapt copyright headers according to CLA 2017-12-15 16:03:36 +01:00
Vincent Breitmoser
9487806c08 respect experimental setting for untested usb devices 2017-11-28 15:10:04 +01:00
Vincent Breitmoser
0d099116d5 add experimental setting to allow untested usb devices 2017-11-28 15:08:13 +01:00
Vincent Breitmoser
71d2d66ee2 Use different approach for whitelisting usb security tokens 2017-11-28 15:08:12 +01:00
Vincent Breitmoser
1f7c7f49d4 remove check for unsupported usb devices 2017-11-22 16:19:26 +01:00
Vincent Breitmoser
8c2c131be6 refresh connection capabilities after token reset 2017-11-22 15:11:54 +01:00
Vincent Breitmoser
21d533902e handle unavailable pins better for SecurityTokenConnection 2017-11-22 14:57:36 +01:00
Dominik Schürmann
9c1915423a Support Nitrokey Start and Storage 2017-11-06 14:11:32 +01:00
Dominik Schürmann
106dbdf4a9 Simplify SecurityTokenInfo.Version using AutoValue 2017-11-05 23:13:18 +01:00
Dominik Schürmann
221eb194d9 Merge SUPPORTED_PUT_KEY and SUPPORTED_RESET 2017-11-05 22:59:11 +01:00
Dominik Schürmann
da186ca49f Reset PW3 validation directly in modifyPw3Pin 2017-11-05 19:10:59 +01:00
Dominik Schürmann
2cf3e27e51 First set Admin PIN, then PIN to prevent Gnuk from going into 'admin less mode' 2017-11-03 14:06:26 +01:00
Vincent Breitmoser
3a818e8cde improve security token connection unit tests 2017-11-02 19:25:08 +01:00
Dominik Schürmann
b56a420aed Enable Gnuk 1.2.5 for put key 2017-11-02 19:21:37 +01:00
Dominik Schürmann
8acf62a0e8 Use check for life cycle management to determine if token supports reset 2017-11-02 19:13:44 +01:00
Dominik Schürmann
90310b7036 Read life cycle management from historical bytes 2017-11-02 18:54:41 +01:00
Dominik Schürmann
bfce1cb4a9 Fix GNUK version comparison. 1.2.5 already supports reset, use class to make 1.2.10 bigger as 1.2.9 2017-11-02 14:19:38 +01:00
Christian Hagau
2619cb1db3 Add sshauthentication-api v1 support 2017-11-01 14:28:17 +00:00
Vincent Breitmoser
a42391f7e9 add Nitrokey Pro to whitelist for reset and key import after testing 2017-10-31 16:07:07 +01:00
Vincent Breitmoser
aef66e97ea Disable reset for Gnuk token version < 1.2.5 2017-10-31 15:40:14 +01:00
Vincent Breitmoser
a51d0555e1 Retain RSA public exponent length when setting key attributes in putKey operation 
Similar to the previous commit, openpgp applet implementations differ in
regards to the public exponent length. As of this writing:
- The SmartPGP applet requires an 11 bit public exponent size
- The Gnuk token requires a 32 bit public exponent size

For this reason, we simply set the public exponent size to the one
previously set in the key attribute info. With this commit, the only
variable that can actually change for an RSA key is its modulus size.
 2017-10-30 22:57:13 +01:00
Vincent Breitmoser
778fb8e94a Retain RSA key format when setting key attributes in putKey operation 
For the put secret key operation, openpgp applet implementations differ
in their handling of attributes:

- there are four formats for sending key data: standard, standard with
  modulus, with crt, and with crt and modulus.
- the key attributes (modulus length, public exponent length, key
  format) can not be changed on all cards. changing them is only
  necessary for cards that support different key lengths (that is,
  RSA 4096)
- on the cards where they *can* be changed, not all parameters might be
  changeable. in particular, modulus length may be changeable but not
  key format.

Because of this constellation, the put key operation now only sets the
modulus of the key, while retaining the key format. At the time of
writing, the Gnuk and Nitrokey use the standard format, while the
Yubikey and other applets use crt+modulus.

This fixes loading keys into the Nitrokey Pro, and partially for the
Gnuk token.
 2017-10-30 21:45:38 +01:00
Vincent Breitmoser
5f622339b1 Output usb data to debug log 2017-10-30 17:01:49 +01:00
Vincent Breitmoser
83b6c0e2f0 use correct max packet size in CcidReceiver 2017-10-29 02:42:26 +02:00
Vincent Breitmoser
0021c1f15f add tests for CcidTransceiver 2017-10-29 02:42:26 +02:00
Vincent Breitmoser
8b07428ec0 document T1TpduProtocol slighly better 2017-10-28 23:32:07 +02:00
Vincent Breitmoser
19dc0db89b add gnuk to supported tokens 2017-10-28 23:32:03 +02:00
Nikita Mikhailov
06b5a878c5 SecurityToken: more robust voltage selection 2017-10-28 23:31:57 +02:00
Vincent Breitmoser
95034e36b1 fix unit test 2017-10-26 17:44:13 +02:00
Vincent Breitmoser
b6236bde59 determine token type during connect 2017-10-26 17:20:13 +02:00
Vincent Breitmoser
8649332bdc don't distinguish unknown tokens by transport 2017-10-26 17:20:13 +02:00
Dominik Schürmann
0920d97572 Check for security token support 2017-10-26 17:20:13 +02:00
Dominik Schürmann
e7705eaca8 Use constants for vendor and product IDs 2017-10-26 17:20:12 +02:00
Vincent Breitmoser
14b74b7590 add token transport and type to SecurityTokenInfo 2017-10-26 17:19:22 +02:00
Dominik Schürmann
0ca46c46aa Route all class 11 USB devices to OpenKeychain, some class 3 for info 2017-10-26 12:28:32 +02:00