PeterCxy/open-keychain
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 1 Wiki Activity

rename SecurityTokenHelper to SecurityTokenConnection

Browse source
This commit is contained in:
Vincent Breitmoser 2017-10-09 01:53:57 +02:00
parent 07b7936d0b
commit e8f72718e9
8 changed files with 55 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SCP11bSecureMessaging.java
View file

@ -275,7 +275,7 @@ class SCP11bSecureMessaging implements SecureMessaging {
}
public static void establish(final SecurityTokenHelper t, final Context ctx)
public static void establish(final SecurityTokenConnection t, final Context ctx)
throws SecureMessagingException, IOException {
CommandAPDU cmd;
@ -286,9 +286,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
// retrieving key algorithm
cmd = new CommandAPDU(0, (byte)0xCA, (byte)0x00,
OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenHelper.MAX_APDU_NE_EXT);
OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenConnection.MAX_APDU_NE_EXT);
resp = t.communicate(cmd);
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
throw new SecureMessagingException("failed to retrieve secure messaging key attributes");
}
tlvs = Iso7816TLV.readList(resp.getData(), true);
@ -320,12 +320,12 @@ class SCP11bSecureMessaging implements SecureMessaging {
cmd = new CommandAPDU(0, (byte) 0xA5, (byte) 0x03, (byte) 0x04,
new byte[]{(byte) 0x60, (byte) 0x04, (byte) 0x5C, (byte) 0x02, (byte) 0x7F, (byte) 0x21});
resp = t.communicate(cmd);
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
throw new SecureMessagingException("failed to select secure messaging certificate");
}
cmd = new CommandAPDU(0, (byte) 0xCA, (byte) 0x7F, (byte) 0x21, SecurityTokenHelper.MAX_APDU_NE_EXT);
cmd = new CommandAPDU(0, (byte) 0xCA, (byte) 0x7F, (byte) 0x21, SecurityTokenConnection.MAX_APDU_NE_EXT);
resp = t.communicate(cmd);
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
throw new SecureMessagingException("failed to retrieve secure messaging certificate");
}
@ -334,9 +334,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
} else {
// retrieving public key
cmd = new CommandAPDU(0, (byte) 0x47, (byte) 0x81, (byte) 0x00,
OPENPGP_SECURE_MESSAGING_KEY_CRT, SecurityTokenHelper.MAX_APDU_NE_EXT);
OPENPGP_SECURE_MESSAGING_KEY_CRT, SecurityTokenConnection.MAX_APDU_NE_EXT);
resp = t.communicate(cmd);
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
throw new SecureMessagingException("failed to retrieve secure messaging public key");
}
tlvs = Iso7816TLV.readList(resp.getData(), true);
@ -396,9 +396,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
// internal authenticate
cmd = new CommandAPDU(0, (byte)0x88, (byte)0x01, (byte)0x0, pkout.toByteArray(),
SecurityTokenHelper.MAX_APDU_NE_EXT);
SecurityTokenConnection.MAX_APDU_NE_EXT);
resp = t.communicate(cmd);
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
throw new SecureMessagingException("failed to initiate internal authenticate");
}

8
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenHelper.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
View file

@ -70,7 +70,7 @@ import java.security.interfaces.RSAPrivateCrtKey;
* devices.
* For the full specs, see http://g10code.com/docs/openpgp-card-2.0.pdf
*/
public class SecurityTokenHelper {
public class SecurityTokenConnection {
private static final int MAX_APDU_NC = 255;
private static final int MAX_APDU_NC_EXT = 65535;
@ -100,7 +100,7 @@ public class SecurityTokenHelper {
private boolean mPw1ValidatedForDecrypt; // Mode 82 does other things; consider renaming?
private boolean mPw3Validated;
private SecurityTokenHelper() {
private SecurityTokenConnection() {
}
public static double parseOpenPgpVersion(final byte[] aid) {
@ -109,7 +109,7 @@ public class SecurityTokenHelper {
return aid[6] + minv;
}
public static SecurityTokenHelper getInstance() {
public static SecurityTokenConnection getInstance() {
return LazyHolder.SECURITY_TOKEN_HELPER;
}
@ -1007,6 +1007,6 @@ public class SecurityTokenHelper {
}
private static class LazyHolder {
private static final SecurityTokenHelper SECURITY_TOKEN_HELPER = new SecurityTokenHelper();
private static final SecurityTokenConnection SECURITY_TOKEN_HELPER = new SecurityTokenConnection();
}
}

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyActivity.java
View file

@ -139,7 +139,7 @@ public class CreateKeyActivity extends BaseSecurityTokenActivity {
return;
}
tokenInfo = mSecurityTokenHelper.getTokenInfo();
tokenInfo = mSecurityTokenConnection.getTokenInfo();
}
@Override

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateSecurityTokenAlgorithmFragment.java
View file

@ -32,7 +32,7 @@ import android.widget.TextView;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
import org.sufficientlysecure.keychain.util.Choice;
@ -100,7 +100,7 @@ public class CreateSecurityTokenAlgorithmFragment extends Fragment {
choices.add(new Choice<>(SupportedKeyType.RSA_4096, getResources().getString(
R.string.rsa_4096), getResources().getString(R.string.rsa_4096_description_html)));
final double version = SecurityTokenHelper.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
final double version = SecurityTokenConnection.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
if (version >= 3.0) {
choices.add(new Choice<>(SupportedKeyType.ECC_P256, getResources().getString(

5
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateSecurityTokenPinFragment.java
View file

@ -17,7 +17,6 @@
package org.sufficientlysecure.keychain.ui;
import android.app.Activity;
import android.content.Context;
import android.os.AsyncTask;
import android.os.Bundle;
@ -31,7 +30,7 @@ import android.widget.TextView;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
import org.sufficientlysecure.keychain.util.Passphrase;
@ -206,7 +205,7 @@ public class CreateSecurityTokenPinFragment extends Fragment {
mCreateKeyActivity.mSecurityTokenPin = new Passphrase(mPin.getText().toString());
final double version = SecurityTokenHelper.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
final double version = SecurityTokenConnection.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
Fragment frag;
if (version >= 3.0) {

10
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenChangePinOperationActivity.java
View file

@ -139,10 +139,10 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
@Override
protected void doSecurityTokenInBackground() throws IOException {
mSecurityTokenHelper.setAdminPin(new Passphrase(changePinInput.getAdminPin()));
mSecurityTokenHelper.resetPin(changePinInput.getNewPin());
mSecurityTokenConnection.setAdminPin(new Passphrase(changePinInput.getAdminPin()));
mSecurityTokenConnection.resetPin(changePinInput.getNewPin());
resultTokenInfo = mSecurityTokenHelper.getTokenInfo();
resultTokenInfo = mSecurityTokenConnection.getTokenInfo();
}
@Override
@ -156,11 +156,11 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
nfcGuideView.setCurrentStatus(NfcGuideView.NfcGuideViewStatus.DONE);
if (mSecurityTokenHelper.isPersistentConnectionAllowed()) {
if (mSecurityTokenConnection.isPersistentConnectionAllowed()) {
// Just close
finish();
} else {
mSecurityTokenHelper.clearSecureMessaging();
mSecurityTokenConnection.clearSecureMessaging();
new AsyncTask<Void, Void, Void>() {
@Override
protected Void doInBackground(Void... params) {

29
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java
View file

@ -190,7 +190,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
switch (mRequiredInput.mType) {
case SECURITY_TOKEN_DECRYPT: {
long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
mSecurityTokenHelper.getKeyFingerprint(KeyType.ENCRYPT));
mSecurityTokenConnection.getKeyFingerprint(KeyType.ENCRYPT));
if (tokenKeyId != mRequiredInput.getSubKeyId()) {
throw new IOException(getString(R.string.error_wrong_security_token));
@ -208,14 +208,15 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
byte[] encryptedSessionKey = mRequiredInput.mInputData[i];
byte[] decryptedSessionKey = mSecurityTokenHelper.decryptSessionKey(encryptedSessionKey, publicKeyRing.getPublicKey(tokenKeyId));
byte[] decryptedSessionKey = mSecurityTokenConnection
.decryptSessionKey(encryptedSessionKey, publicKeyRing.getPublicKey(tokenKeyId));
mInputParcel = mInputParcel.withCryptoData(encryptedSessionKey, decryptedSessionKey);
}
break;
}
case SECURITY_TOKEN_SIGN: {
long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
mSecurityTokenHelper.getKeyFingerprint(KeyType.SIGN));
mSecurityTokenConnection.getKeyFingerprint(KeyType.SIGN));
if (tokenKeyId != mRequiredInput.getSubKeyId()) {
throw new IOException(getString(R.string.error_wrong_security_token));
@ -226,15 +227,15 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
byte[] hash = mRequiredInput.mInputData[i];
int algo = mRequiredInput.mSignAlgos[i];
byte[] signedHash = mSecurityTokenHelper.calculateSignature(hash, algo);
byte[] signedHash = mSecurityTokenConnection.calculateSignature(hash, algo);
mInputParcel = mInputParcel.withCryptoData(hash, signedHash);
}
break;
}
case SECURITY_TOKEN_MOVE_KEY_TO_CARD: {
// TODO: assume PIN and Admin PIN to be default for this operation
mSecurityTokenHelper.setPin(new Passphrase("123456"));
mSecurityTokenHelper.setAdminPin(new Passphrase("12345678"));
mSecurityTokenConnection.setPin(new Passphrase("123456"));
mSecurityTokenConnection.setAdminPin(new Passphrase("12345678"));
KeyRepository keyRepository =
KeyRepository.create(this);
@ -256,7 +257,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
long subkeyId = buf.getLong();
CanonicalizedSecretKey key = secretKeyRing.getSecretKey(subkeyId);
byte[] tokenSerialNumber = Arrays.copyOf(mSecurityTokenHelper.getAid(), 16);
byte[] tokenSerialNumber = Arrays.copyOf(mSecurityTokenConnection.getAid(), 16);
Passphrase passphrase;
try {
@ -266,21 +267,21 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
throw new IOException("Unable to get cached passphrase!");
}
mSecurityTokenHelper.changeKey(key, passphrase);
mSecurityTokenConnection.changeKey(key, passphrase);
// TODO: Is this really used anywhere?
mInputParcel = mInputParcel.withCryptoData(subkeyBytes, tokenSerialNumber);
}
// change PINs afterwards
mSecurityTokenHelper.modifyPin(0x81, newPin);
mSecurityTokenHelper.modifyPin(0x83, newAdminPin);
mSecurityTokenConnection.modifyPin(0x81, newPin);
mSecurityTokenConnection.modifyPin(0x83, newAdminPin);
break;
}
case SECURITY_TOKEN_RESET_CARD: {
mSecurityTokenHelper.resetAndWipeToken();
mResultTokenInfo = mSecurityTokenHelper.getTokenInfo();
mSecurityTokenConnection.resetAndWipeToken();
mResultTokenInfo = mSecurityTokenConnection.getTokenInfo();
break;
}
@ -300,11 +301,11 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
nfcGuideView.setCurrentStatus(NfcGuideView.NfcGuideViewStatus.DONE);
if (mSecurityTokenHelper.isPersistentConnectionAllowed()) {
if (mSecurityTokenConnection.isPersistentConnectionAllowed()) {
// Just close
finish();
} else {
mSecurityTokenHelper.clearSecureMessaging();
mSecurityTokenConnection.clearSecureMessaging();
new AsyncTask<Void, Void, Void>() {
@Override
protected Void doInBackground(Void... params) {

32
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenActivity.java
View file

@ -43,7 +43,7 @@ import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.securitytoken.CardException;
import org.sufficientlysecure.keychain.securitytoken.NfcTransport;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo;
import org.sufficientlysecure.keychain.securitytoken.Transport;
import org.sufficientlysecure.keychain.securitytoken.UsbConnectionDispatcher;
@ -68,7 +68,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
private static final String FIDESMO_APP_PACKAGE = "com.fidesmo.sec.android";
protected SecurityTokenHelper mSecurityTokenHelper = SecurityTokenHelper.getInstance();
protected SecurityTokenConnection mSecurityTokenConnection = SecurityTokenConnection.getInstance();
protected TagDispatcher mNfcTagDispatcher;
protected UsbConnectionDispatcher mUsbDispatcher;
private boolean mTagHandlingEnabled;
@ -85,7 +85,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
* Override to implement SecurityToken operations (background thread)
*/
protected void doSecurityTokenInBackground() throws IOException {
tokenInfo = mSecurityTokenHelper.getTokenInfo();
tokenInfo = mSecurityTokenConnection.getTokenInfo();
Log.d(Constants.TAG, "Security Token: " + tokenInfo);
}
@ -250,7 +250,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
SecurityTokenInfo tokeninfo = null;
try {
tokeninfo = mSecurityTokenHelper.getTokenInfo();
tokeninfo = mSecurityTokenConnection.getTokenInfo();
} catch (IOException e2) {
// don't care
}
@ -271,7 +271,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
case 0x6982: {
SecurityTokenInfo tokeninfo = null;
try {
tokeninfo = mSecurityTokenHelper.getTokenInfo();
tokeninfo = mSecurityTokenConnection.getTokenInfo();
} catch (IOException e2) {
// don't care
}
@ -325,7 +325,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
}
// 6A82 app not installed on security token!
case 0x6A82: {
if (mSecurityTokenHelper.isFidesmoToken()) {
if (mSecurityTokenConnection.isFidesmoToken()) {
// Check if the Fidesmo app is installed
if (isAndroidAppInstalled(FIDESMO_APP_PACKAGE)) {
promptFidesmoPgpInstall();
@ -396,7 +396,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
Passphrase passphrase = PassphraseCacheService.getCachedPassphrase(this,
requiredInput.getMasterKeyId(), requiredInput.getSubKeyId());
if (passphrase != null) {
mSecurityTokenHelper.setPin(passphrase);
mSecurityTokenConnection.setPin(passphrase);
return;
}
@ -421,7 +421,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
return;
}
CryptoInputParcel input = data.getParcelableExtra(PassphraseDialogActivity.RESULT_CRYPTO_INPUT);
mSecurityTokenHelper.setPin(input.getPassphrase());
mSecurityTokenConnection.setPin(input.getPassphrase());
break;
}
default:
@ -431,17 +431,17 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
protected void handleSecurityToken(Transport transport, Context ctx) throws IOException {
// Don't reconnect if device was already connected
if (!(mSecurityTokenHelper.isPersistentConnectionAllowed()
&& mSecurityTokenHelper.isConnected()
&& mSecurityTokenHelper.getTransport().equals(transport))) {
mSecurityTokenHelper.setTransport(transport);
mSecurityTokenHelper.connectToDevice(ctx);
if (!(mSecurityTokenConnection.isPersistentConnectionAllowed()
&& mSecurityTokenConnection.isConnected()
&& mSecurityTokenConnection.getTransport().equals(transport))) {
mSecurityTokenConnection.setTransport(transport);
mSecurityTokenConnection.connectToDevice(ctx);
}
doSecurityTokenInBackground();
}
public boolean isSecurityTokenConnected() {
return mSecurityTokenHelper.isConnected();
return mSecurityTokenConnection.isConnected();
}
public static class IsoDepNotSupportedException extends IOException {
@ -500,8 +500,8 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
mUsbDispatcher.onStart();
}
public SecurityTokenHelper getSecurityTokenHelper() {
return mSecurityTokenHelper;
public SecurityTokenConnection getSecurityTokenHelper() {
return mSecurityTokenConnection;
}
/**