reduce number of token roundtrips used to obtain SecurityTokenInfo

2017-10-23 20:30:49 +02:00 · 2017-10-23 20:30:49 +02:00 · 7eb37a89d8
parent 2812f07d34
commit 7eb37a89d8
3 changed files with 25 additions and 43 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java
@ -27,7 +27,6 @@ class OpenPgpCapabilities {
    private final static int MASK_KEY_IMPORT = 1 << 5;
    private final static int MASK_ATTRIBUTES_CHANGABLE = 1 << 2;

-    private boolean mPw1ValidForMultipleSignatures;
    private byte[] mAid;
    private byte[] mHistoricalBytes;

@ -40,6 +39,8 @@ class OpenPgpCapabilities {
    private int mMaxRspLen;

    private Map<KeyType, KeyFormat> mKeyFormats;
+    private byte[] mFingerprints;
+    private byte[] mPwStatusBytes;

    OpenPgpCapabilities(byte[] data) throws IOException {
        mKeyFormats = new HashMap<>();
@ -76,7 +77,10 @@ class OpenPgpCapabilities {
                    mKeyFormats.put(KeyType.AUTH, KeyFormat.fromBytes(tlv.mV));
                    break;
                case 0xC4:
-                    mPw1ValidForMultipleSignatures = tlv.mV[0] == 1;
+                    mPwStatusBytes = tlv.mV;
+                    break;
+                case 0xC5:
+                    mFingerprints = tlv.mV;
                    break;
            }
        }
@ -98,7 +102,10 @@ class OpenPgpCapabilities {
                    mKeyFormats.put(KeyType.AUTH, KeyFormat.fromBytes(tlv.mV));
                    break;
                case 0xC4:
-                    mPw1ValidForMultipleSignatures = tlv.mV[0] == 1;
+                    mPwStatusBytes = tlv.mV;
+                    break;
+                case 0xC5:
+                    mFingerprints = tlv.mV;
                    break;
            }
        }
@ -115,14 +122,18 @@ class OpenPgpCapabilities {
        mMaxRspLen = (v[8] << 8) + v[9];
    }

-    boolean isPw1ValidForMultipleSignatures() {
-        return mPw1ValidForMultipleSignatures;
-    }
-
    byte[] getAid() {
        return mAid;
    }

+    byte[] getPwStatusBytes() {
+        return mPwStatusBytes;
+    }
+
+    boolean isPw1ValidForMultipleSignatures() {
+        return mPwStatusBytes[0] == 1;
+    }
+
    byte[] getHistoricalBytes() {
        return mHistoricalBytes;
    }
@ -158,4 +169,8 @@ class OpenPgpCapabilities {
    KeyFormat getFormatForKeyType(KeyType keyType) {
        return mKeyFormats.get(keyType);
    }
+
+    public byte[] getFingerprints() {
+        return mFingerprints;
+    }
 }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
@ -572,29 +572,7 @@ public class SecurityTokenConnection {
     * @return The fingerprints of all subkeys in a contiguous byte array.
     */
    public byte[] getFingerprints() throws IOException {
-        CommandApdu apdu = commandFactory.createGetDataCommand(0x00, 0x6E);
-        ResponseApdu response = communicate(apdu);
-
-        if (!response.isSuccess()) {
-            throw new CardException("Failed to get fingerprints", response.getSw());
-        }
-
-        Iso7816TLV[] tlvList = Iso7816TLV.readList(response.getData(), true);
-        Iso7816TLV fingerPrintTlv = null;
-
-        for (Iso7816TLV tlv : tlvList) {
-            Log.d(Constants.TAG, "nfcGetFingerprints() Iso7816TLV tlv data:\n" + tlv.prettyPrint());
-
-            Iso7816TLV matchingTlv = Iso7816TLV.findRecursive(tlv, 0xc5);
-            if (matchingTlv != null) {
-                fingerPrintTlv = matchingTlv;
-            }
-        }
-
-        if (fingerPrintTlv == null) {
-            return null;
-        }
-        return fingerPrintTlv.mV;
+        return mOpenPgpCapabilities.getFingerprints();
    }

    /**
@ -603,11 +581,11 @@ public class SecurityTokenConnection {
     * @return Seven bytes in fixed format, plus 0x9000 status word at the end.
     */
    private byte[] getPwStatusBytes() throws IOException {
-        return getData(0x00, 0xC4);
+        return mOpenPgpCapabilities.getPwStatusBytes();
    }

    public byte[] getAid() throws IOException {
-        return getData(0x00, 0x4F);
+        return mOpenPgpCapabilities.getAid();
    }

    public String getUrl() throws IOException {
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnectionTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnectionTest.java
@ -70,21 +70,10 @@ public class SecurityTokenConnectionTest {
        securityTokenConnection.setConnectionCapabilities(openPgpCapabilities);

        String[] dialog = {
-                "00ca006e00",
-                "6e81de4f10d27600012401020000060364311500005f520f0073000080000000000000000000007381b7c00af" +
-                        "00000ff04c000ff00ffc106010800001103c206010800001103c306010800001103c407007f7f7f03030" +
-                        "3c53c4ec5fee25c4e89654d58cad8492510a89d3c3d8468da7b24e15bfc624c6a792794f15b7599915f7" +
-                        "03aab55ed25424d60b17026b7b06c6ad4b9be30a3c63c000000000000000000000000000000000000000" +
-                        "000000000000000000000000000000000000000000000000000000000000000000000000000000000cd0" +
-                        "c59cd0f2a59cd0af059cd0c959000",
-                "00ca004f00",
-                "d27600012401020000060364311500009000",
                "00ca006500",
                "65095b005f2d005f3501399000",
                "00ca5f5000",
                "9000",
-                "00ca00c400",
-                "007f7f7f0303039000"
        };
        expect(transport, dialog);