rename SecurityTokenHelper to SecurityTokenConnection
This commit is contained in:
parent
07b7936d0b
commit
e8f72718e9
|
@ -275,7 +275,7 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
}
|
||||
|
||||
|
||||
public static void establish(final SecurityTokenHelper t, final Context ctx)
|
||||
public static void establish(final SecurityTokenConnection t, final Context ctx)
|
||||
throws SecureMessagingException, IOException {
|
||||
|
||||
CommandAPDU cmd;
|
||||
|
@ -286,9 +286,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
|
||||
// retrieving key algorithm
|
||||
cmd = new CommandAPDU(0, (byte)0xCA, (byte)0x00,
|
||||
OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenHelper.MAX_APDU_NE_EXT);
|
||||
OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG, SecurityTokenConnection.MAX_APDU_NE_EXT);
|
||||
resp = t.communicate(cmd);
|
||||
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
|
||||
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
|
||||
throw new SecureMessagingException("failed to retrieve secure messaging key attributes");
|
||||
}
|
||||
tlvs = Iso7816TLV.readList(resp.getData(), true);
|
||||
|
@ -320,12 +320,12 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
cmd = new CommandAPDU(0, (byte) 0xA5, (byte) 0x03, (byte) 0x04,
|
||||
new byte[]{(byte) 0x60, (byte) 0x04, (byte) 0x5C, (byte) 0x02, (byte) 0x7F, (byte) 0x21});
|
||||
resp = t.communicate(cmd);
|
||||
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
|
||||
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
|
||||
throw new SecureMessagingException("failed to select secure messaging certificate");
|
||||
}
|
||||
cmd = new CommandAPDU(0, (byte) 0xCA, (byte) 0x7F, (byte) 0x21, SecurityTokenHelper.MAX_APDU_NE_EXT);
|
||||
cmd = new CommandAPDU(0, (byte) 0xCA, (byte) 0x7F, (byte) 0x21, SecurityTokenConnection.MAX_APDU_NE_EXT);
|
||||
resp = t.communicate(cmd);
|
||||
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
|
||||
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
|
||||
throw new SecureMessagingException("failed to retrieve secure messaging certificate");
|
||||
}
|
||||
|
||||
|
@ -334,9 +334,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
} else {
|
||||
// retrieving public key
|
||||
cmd = new CommandAPDU(0, (byte) 0x47, (byte) 0x81, (byte) 0x00,
|
||||
OPENPGP_SECURE_MESSAGING_KEY_CRT, SecurityTokenHelper.MAX_APDU_NE_EXT);
|
||||
OPENPGP_SECURE_MESSAGING_KEY_CRT, SecurityTokenConnection.MAX_APDU_NE_EXT);
|
||||
resp = t.communicate(cmd);
|
||||
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
|
||||
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
|
||||
throw new SecureMessagingException("failed to retrieve secure messaging public key");
|
||||
}
|
||||
tlvs = Iso7816TLV.readList(resp.getData(), true);
|
||||
|
@ -396,9 +396,9 @@ class SCP11bSecureMessaging implements SecureMessaging {
|
|||
|
||||
// internal authenticate
|
||||
cmd = new CommandAPDU(0, (byte)0x88, (byte)0x01, (byte)0x0, pkout.toByteArray(),
|
||||
SecurityTokenHelper.MAX_APDU_NE_EXT);
|
||||
SecurityTokenConnection.MAX_APDU_NE_EXT);
|
||||
resp = t.communicate(cmd);
|
||||
if (resp.getSW() != SecurityTokenHelper.APDU_SW_SUCCESS) {
|
||||
if (resp.getSW() != SecurityTokenConnection.APDU_SW_SUCCESS) {
|
||||
throw new SecureMessagingException("failed to initiate internal authenticate");
|
||||
}
|
||||
|
||||
|
|
|
@ -70,7 +70,7 @@ import java.security.interfaces.RSAPrivateCrtKey;
|
|||
* devices.
|
||||
* For the full specs, see http://g10code.com/docs/openpgp-card-2.0.pdf
|
||||
*/
|
||||
public class SecurityTokenHelper {
|
||||
public class SecurityTokenConnection {
|
||||
private static final int MAX_APDU_NC = 255;
|
||||
private static final int MAX_APDU_NC_EXT = 65535;
|
||||
|
||||
|
@ -100,7 +100,7 @@ public class SecurityTokenHelper {
|
|||
private boolean mPw1ValidatedForDecrypt; // Mode 82 does other things; consider renaming?
|
||||
private boolean mPw3Validated;
|
||||
|
||||
private SecurityTokenHelper() {
|
||||
private SecurityTokenConnection() {
|
||||
}
|
||||
|
||||
public static double parseOpenPgpVersion(final byte[] aid) {
|
||||
|
@ -109,7 +109,7 @@ public class SecurityTokenHelper {
|
|||
return aid[6] + minv;
|
||||
}
|
||||
|
||||
public static SecurityTokenHelper getInstance() {
|
||||
public static SecurityTokenConnection getInstance() {
|
||||
return LazyHolder.SECURITY_TOKEN_HELPER;
|
||||
}
|
||||
|
||||
|
@ -1007,6 +1007,6 @@ public class SecurityTokenHelper {
|
|||
}
|
||||
|
||||
private static class LazyHolder {
|
||||
private static final SecurityTokenHelper SECURITY_TOKEN_HELPER = new SecurityTokenHelper();
|
||||
private static final SecurityTokenConnection SECURITY_TOKEN_HELPER = new SecurityTokenConnection();
|
||||
}
|
||||
}
|
|
@ -139,7 +139,7 @@ public class CreateKeyActivity extends BaseSecurityTokenActivity {
|
|||
return;
|
||||
}
|
||||
|
||||
tokenInfo = mSecurityTokenHelper.getTokenInfo();
|
||||
tokenInfo = mSecurityTokenConnection.getTokenInfo();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -32,7 +32,7 @@ import android.widget.TextView;
|
|||
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
|
||||
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
|
||||
import org.sufficientlysecure.keychain.util.Choice;
|
||||
|
||||
|
@ -100,7 +100,7 @@ public class CreateSecurityTokenAlgorithmFragment extends Fragment {
|
|||
choices.add(new Choice<>(SupportedKeyType.RSA_4096, getResources().getString(
|
||||
R.string.rsa_4096), getResources().getString(R.string.rsa_4096_description_html)));
|
||||
|
||||
final double version = SecurityTokenHelper.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
|
||||
final double version = SecurityTokenConnection.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
|
||||
|
||||
if (version >= 3.0) {
|
||||
choices.add(new Choice<>(SupportedKeyType.ECC_P256, getResources().getString(
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
|
||||
package org.sufficientlysecure.keychain.ui;
|
||||
|
||||
import android.app.Activity;
|
||||
import android.content.Context;
|
||||
import android.os.AsyncTask;
|
||||
import android.os.Bundle;
|
||||
|
@ -31,7 +30,7 @@ import android.widget.TextView;
|
|||
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
|
||||
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
|
||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||
|
||||
|
@ -206,7 +205,7 @@ public class CreateSecurityTokenPinFragment extends Fragment {
|
|||
|
||||
mCreateKeyActivity.mSecurityTokenPin = new Passphrase(mPin.getText().toString());
|
||||
|
||||
final double version = SecurityTokenHelper.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
|
||||
final double version = SecurityTokenConnection.parseOpenPgpVersion(mCreateKeyActivity.tokenInfo.getAid());
|
||||
|
||||
Fragment frag;
|
||||
if (version >= 3.0) {
|
||||
|
|
|
@ -139,10 +139,10 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
|
|||
|
||||
@Override
|
||||
protected void doSecurityTokenInBackground() throws IOException {
|
||||
mSecurityTokenHelper.setAdminPin(new Passphrase(changePinInput.getAdminPin()));
|
||||
mSecurityTokenHelper.resetPin(changePinInput.getNewPin());
|
||||
mSecurityTokenConnection.setAdminPin(new Passphrase(changePinInput.getAdminPin()));
|
||||
mSecurityTokenConnection.resetPin(changePinInput.getNewPin());
|
||||
|
||||
resultTokenInfo = mSecurityTokenHelper.getTokenInfo();
|
||||
resultTokenInfo = mSecurityTokenConnection.getTokenInfo();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -156,11 +156,11 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
|
|||
|
||||
nfcGuideView.setCurrentStatus(NfcGuideView.NfcGuideViewStatus.DONE);
|
||||
|
||||
if (mSecurityTokenHelper.isPersistentConnectionAllowed()) {
|
||||
if (mSecurityTokenConnection.isPersistentConnectionAllowed()) {
|
||||
// Just close
|
||||
finish();
|
||||
} else {
|
||||
mSecurityTokenHelper.clearSecureMessaging();
|
||||
mSecurityTokenConnection.clearSecureMessaging();
|
||||
new AsyncTask<Void, Void, Void>() {
|
||||
@Override
|
||||
protected Void doInBackground(Void... params) {
|
||||
|
|
|
@ -190,7 +190,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
switch (mRequiredInput.mType) {
|
||||
case SECURITY_TOKEN_DECRYPT: {
|
||||
long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
|
||||
mSecurityTokenHelper.getKeyFingerprint(KeyType.ENCRYPT));
|
||||
mSecurityTokenConnection.getKeyFingerprint(KeyType.ENCRYPT));
|
||||
|
||||
if (tokenKeyId != mRequiredInput.getSubKeyId()) {
|
||||
throw new IOException(getString(R.string.error_wrong_security_token));
|
||||
|
@ -208,14 +208,15 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
|
||||
for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
|
||||
byte[] encryptedSessionKey = mRequiredInput.mInputData[i];
|
||||
byte[] decryptedSessionKey = mSecurityTokenHelper.decryptSessionKey(encryptedSessionKey, publicKeyRing.getPublicKey(tokenKeyId));
|
||||
byte[] decryptedSessionKey = mSecurityTokenConnection
|
||||
.decryptSessionKey(encryptedSessionKey, publicKeyRing.getPublicKey(tokenKeyId));
|
||||
mInputParcel = mInputParcel.withCryptoData(encryptedSessionKey, decryptedSessionKey);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case SECURITY_TOKEN_SIGN: {
|
||||
long tokenKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(
|
||||
mSecurityTokenHelper.getKeyFingerprint(KeyType.SIGN));
|
||||
mSecurityTokenConnection.getKeyFingerprint(KeyType.SIGN));
|
||||
|
||||
if (tokenKeyId != mRequiredInput.getSubKeyId()) {
|
||||
throw new IOException(getString(R.string.error_wrong_security_token));
|
||||
|
@ -226,15 +227,15 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
for (int i = 0; i < mRequiredInput.mInputData.length; i++) {
|
||||
byte[] hash = mRequiredInput.mInputData[i];
|
||||
int algo = mRequiredInput.mSignAlgos[i];
|
||||
byte[] signedHash = mSecurityTokenHelper.calculateSignature(hash, algo);
|
||||
byte[] signedHash = mSecurityTokenConnection.calculateSignature(hash, algo);
|
||||
mInputParcel = mInputParcel.withCryptoData(hash, signedHash);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case SECURITY_TOKEN_MOVE_KEY_TO_CARD: {
|
||||
// TODO: assume PIN and Admin PIN to be default for this operation
|
||||
mSecurityTokenHelper.setPin(new Passphrase("123456"));
|
||||
mSecurityTokenHelper.setAdminPin(new Passphrase("12345678"));
|
||||
mSecurityTokenConnection.setPin(new Passphrase("123456"));
|
||||
mSecurityTokenConnection.setAdminPin(new Passphrase("12345678"));
|
||||
|
||||
KeyRepository keyRepository =
|
||||
KeyRepository.create(this);
|
||||
|
@ -256,7 +257,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
long subkeyId = buf.getLong();
|
||||
|
||||
CanonicalizedSecretKey key = secretKeyRing.getSecretKey(subkeyId);
|
||||
byte[] tokenSerialNumber = Arrays.copyOf(mSecurityTokenHelper.getAid(), 16);
|
||||
byte[] tokenSerialNumber = Arrays.copyOf(mSecurityTokenConnection.getAid(), 16);
|
||||
|
||||
Passphrase passphrase;
|
||||
try {
|
||||
|
@ -266,21 +267,21 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
throw new IOException("Unable to get cached passphrase!");
|
||||
}
|
||||
|
||||
mSecurityTokenHelper.changeKey(key, passphrase);
|
||||
mSecurityTokenConnection.changeKey(key, passphrase);
|
||||
|
||||
// TODO: Is this really used anywhere?
|
||||
mInputParcel = mInputParcel.withCryptoData(subkeyBytes, tokenSerialNumber);
|
||||
}
|
||||
|
||||
// change PINs afterwards
|
||||
mSecurityTokenHelper.modifyPin(0x81, newPin);
|
||||
mSecurityTokenHelper.modifyPin(0x83, newAdminPin);
|
||||
mSecurityTokenConnection.modifyPin(0x81, newPin);
|
||||
mSecurityTokenConnection.modifyPin(0x83, newAdminPin);
|
||||
|
||||
break;
|
||||
}
|
||||
case SECURITY_TOKEN_RESET_CARD: {
|
||||
mSecurityTokenHelper.resetAndWipeToken();
|
||||
mResultTokenInfo = mSecurityTokenHelper.getTokenInfo();
|
||||
mSecurityTokenConnection.resetAndWipeToken();
|
||||
mResultTokenInfo = mSecurityTokenConnection.getTokenInfo();
|
||||
|
||||
break;
|
||||
}
|
||||
|
@ -300,11 +301,11 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
|
||||
nfcGuideView.setCurrentStatus(NfcGuideView.NfcGuideViewStatus.DONE);
|
||||
|
||||
if (mSecurityTokenHelper.isPersistentConnectionAllowed()) {
|
||||
if (mSecurityTokenConnection.isPersistentConnectionAllowed()) {
|
||||
// Just close
|
||||
finish();
|
||||
} else {
|
||||
mSecurityTokenHelper.clearSecureMessaging();
|
||||
mSecurityTokenConnection.clearSecureMessaging();
|
||||
new AsyncTask<Void, Void, Void>() {
|
||||
@Override
|
||||
protected Void doInBackground(Void... params) {
|
||||
|
|
|
@ -43,7 +43,7 @@ import org.sufficientlysecure.keychain.Constants;
|
|||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.securitytoken.CardException;
|
||||
import org.sufficientlysecure.keychain.securitytoken.NfcTransport;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;
|
||||
import org.sufficientlysecure.keychain.securitytoken.SecurityTokenInfo;
|
||||
import org.sufficientlysecure.keychain.securitytoken.Transport;
|
||||
import org.sufficientlysecure.keychain.securitytoken.UsbConnectionDispatcher;
|
||||
|
@ -68,7 +68,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
|
||||
private static final String FIDESMO_APP_PACKAGE = "com.fidesmo.sec.android";
|
||||
|
||||
protected SecurityTokenHelper mSecurityTokenHelper = SecurityTokenHelper.getInstance();
|
||||
protected SecurityTokenConnection mSecurityTokenConnection = SecurityTokenConnection.getInstance();
|
||||
protected TagDispatcher mNfcTagDispatcher;
|
||||
protected UsbConnectionDispatcher mUsbDispatcher;
|
||||
private boolean mTagHandlingEnabled;
|
||||
|
@ -85,7 +85,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
* Override to implement SecurityToken operations (background thread)
|
||||
*/
|
||||
protected void doSecurityTokenInBackground() throws IOException {
|
||||
tokenInfo = mSecurityTokenHelper.getTokenInfo();
|
||||
tokenInfo = mSecurityTokenConnection.getTokenInfo();
|
||||
Log.d(Constants.TAG, "Security Token: " + tokenInfo);
|
||||
}
|
||||
|
||||
|
@ -250,7 +250,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
|
||||
SecurityTokenInfo tokeninfo = null;
|
||||
try {
|
||||
tokeninfo = mSecurityTokenHelper.getTokenInfo();
|
||||
tokeninfo = mSecurityTokenConnection.getTokenInfo();
|
||||
} catch (IOException e2) {
|
||||
// don't care
|
||||
}
|
||||
|
@ -271,7 +271,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
case 0x6982: {
|
||||
SecurityTokenInfo tokeninfo = null;
|
||||
try {
|
||||
tokeninfo = mSecurityTokenHelper.getTokenInfo();
|
||||
tokeninfo = mSecurityTokenConnection.getTokenInfo();
|
||||
} catch (IOException e2) {
|
||||
// don't care
|
||||
}
|
||||
|
@ -325,7 +325,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
}
|
||||
// 6A82 app not installed on security token!
|
||||
case 0x6A82: {
|
||||
if (mSecurityTokenHelper.isFidesmoToken()) {
|
||||
if (mSecurityTokenConnection.isFidesmoToken()) {
|
||||
// Check if the Fidesmo app is installed
|
||||
if (isAndroidAppInstalled(FIDESMO_APP_PACKAGE)) {
|
||||
promptFidesmoPgpInstall();
|
||||
|
@ -396,7 +396,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
Passphrase passphrase = PassphraseCacheService.getCachedPassphrase(this,
|
||||
requiredInput.getMasterKeyId(), requiredInput.getSubKeyId());
|
||||
if (passphrase != null) {
|
||||
mSecurityTokenHelper.setPin(passphrase);
|
||||
mSecurityTokenConnection.setPin(passphrase);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -421,7 +421,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
return;
|
||||
}
|
||||
CryptoInputParcel input = data.getParcelableExtra(PassphraseDialogActivity.RESULT_CRYPTO_INPUT);
|
||||
mSecurityTokenHelper.setPin(input.getPassphrase());
|
||||
mSecurityTokenConnection.setPin(input.getPassphrase());
|
||||
break;
|
||||
}
|
||||
default:
|
||||
|
@ -431,17 +431,17 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
|
||||
protected void handleSecurityToken(Transport transport, Context ctx) throws IOException {
|
||||
// Don't reconnect if device was already connected
|
||||
if (!(mSecurityTokenHelper.isPersistentConnectionAllowed()
|
||||
&& mSecurityTokenHelper.isConnected()
|
||||
&& mSecurityTokenHelper.getTransport().equals(transport))) {
|
||||
mSecurityTokenHelper.setTransport(transport);
|
||||
mSecurityTokenHelper.connectToDevice(ctx);
|
||||
if (!(mSecurityTokenConnection.isPersistentConnectionAllowed()
|
||||
&& mSecurityTokenConnection.isConnected()
|
||||
&& mSecurityTokenConnection.getTransport().equals(transport))) {
|
||||
mSecurityTokenConnection.setTransport(transport);
|
||||
mSecurityTokenConnection.connectToDevice(ctx);
|
||||
}
|
||||
doSecurityTokenInBackground();
|
||||
}
|
||||
|
||||
public boolean isSecurityTokenConnected() {
|
||||
return mSecurityTokenHelper.isConnected();
|
||||
return mSecurityTokenConnection.isConnected();
|
||||
}
|
||||
|
||||
public static class IsoDepNotSupportedException extends IOException {
|
||||
|
@ -500,8 +500,8 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
|
|||
mUsbDispatcher.onStart();
|
||||
}
|
||||
|
||||
public SecurityTokenHelper getSecurityTokenHelper() {
|
||||
return mSecurityTokenHelper;
|
||||
public SecurityTokenConnection getSecurityTokenHelper() {
|
||||
return mSecurityTokenConnection;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue