From d6520cde04a27f5a43543f0ccee5a1e02ade69e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Tue, 8 Mar 2016 04:04:18 +0100 Subject: Fix code style and documentation in BaseSecurityTokenNfcActivity --- .../ui/SecurityTokenOperationActivity.java | 6 +- .../ui/base/BaseSecurityTokenNfcActivity.java | 79 ++++++++++++---------- 2 files changed, 45 insertions(+), 40 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java index 78d82d436..d2ecce242 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java @@ -249,13 +249,13 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenNfcActivity } // change PINs afterwards - nfcModifyPIN(0x81, newPin); - nfcModifyPIN(0x83, newAdminPin); + nfcModifyPin(0x81, newPin); + nfcModifyPin(0x83, newAdminPin); break; } case NFC_RESET_CARD: { - nfcResetCard(); + nfcReset(); break; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenNfcActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenNfcActivity.java index d3000e565..77044cd2b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenNfcActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenNfcActivity.java @@ -26,14 +26,11 @@ import java.nio.ByteBuffer; import java.security.interfaces.RSAPrivateCrtKey; import android.app.Activity; -import android.app.PendingIntent; import android.content.Intent; -import android.content.IntentFilter; import android.content.pm.PackageManager; import android.nfc.NfcAdapter; import android.nfc.Tag; import android.nfc.TagLostException; -import android.nfc.tech.IsoDep; import android.os.AsyncTask; import android.os.Bundle; @@ -319,7 +316,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } // 6A82 app not installed on security token! case 0x6A82: { - if (isFidesmoDevice()) { + if (isFidesmoToken()) { // Check if the Fidesmo app is installed if (isAndroidAppInstalled(FIDESMO_APP_PACKAGE)) { promptFidesmoPgpInstall(); @@ -530,18 +527,18 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen public String nfcGetUserId() throws IOException { String info = "00CA006500"; - return nfcGetHolderName(nfcCommunicate(info)); + return getHolderName(nfcCommunicate(info)); } /** - * Calls to calculate the signature and returns the MPI value + * Call COMPUTE DIGITAL SIGNATURE command and returns the MPI value * * @param hash the hash for signing * @return a big integer representing the MPI for the given hash */ public byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException { if (!mPw1ValidatedForSignature) { - nfcVerifyPIN(0x81); // (Verify PW1 with mode 81 for signing) + nfcVerifyPin(0x81); // (Verify PW1 with mode 81 for signing) } // dsi, including Lc @@ -634,14 +631,14 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } /** - * Calls to calculate the signature and returns the MPI value + * Call DECIPHER command * * @param encryptedSessionKey the encoded session key * @return the decoded session key */ public byte[] nfcDecryptSessionKey(byte[] encryptedSessionKey) throws IOException { if (!mPw1ValidatedForDecrypt) { - nfcVerifyPIN(0x82); // (Verify PW1 with mode 82 for decryption) + nfcVerifyPin(0x82); // (Verify PW1 with mode 82 for decryption) } String firstApdu = "102a8086fe"; @@ -657,10 +654,10 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen two[i] = encryptedSessionKey[i + one.length + 1]; } - String first = nfcCommunicate(firstApdu + getHex(one)); + nfcCommunicate(firstApdu + getHex(one)); String second = nfcCommunicate(secondApdu + getHex(two) + le); - String decryptedSessionKey = nfcGetDataField(second); + String decryptedSessionKey = getDataField(second); return Hex.decode(decryptedSessionKey); } @@ -670,7 +667,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen * @param mode For PW1, this is 0x81 for signing, 0x82 for everything else. * For PW3 (Admin PIN), mode is 0x83. */ - public void nfcVerifyPIN(int mode) throws IOException { + public void nfcVerifyPin(int mode) throws IOException { if (mPin != null || mode == 0x83) { byte[] pin; @@ -683,7 +680,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen // SW1/2 0x9000 is the generic "ok" response, which we expect most of the time. // See specification, page 51 String accepted = "9000"; - String response = tryPin(mode, pin); // login + String response = nfcTryPin(mode, pin); // login if (!response.equals(accepted)) { throw new CardException("Bad PIN!", parseCardStatus(response)); } @@ -698,13 +695,18 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } } - public void nfcResetCard() throws IOException { + /** + * Resets security token, which deletes all keys and data objects. + * This works by entering a wrong PIN and then Admin PIN 4 times respectively. + * Afterwards, the token is reactivated. + */ + public void nfcReset() throws IOException { String accepted = "9000"; // try wrong PIN 4 times until counter goes to C0 byte[] pin = "XXXXXX".getBytes(); for (int i = 0; i <= 4; i++) { - String response = tryPin(0x81, pin); + String response = nfcTryPin(0x81, pin); if (response.equals(accepted)) { // Should NOT accept! throw new CardException("Should never happen, XXXXXX has been accepted!", parseCardStatus(response)); } @@ -713,7 +715,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen // try wrong Admin PIN 4 times until counter goes to C0 byte[] adminPin = "XXXXXXXX".getBytes(); for (int i = 0; i <= 4; i++) { - String response = tryPin(0x83, adminPin); + String response = nfcTryPin(0x83, adminPin); if (response.equals(accepted)) { // Should NOT accept! throw new CardException("Should never happen, XXXXXXXX has been accepted", parseCardStatus(response)); } @@ -730,7 +732,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } - private String tryPin(int mode, byte[] pin) throws IOException { + private String nfcTryPin(int mode, byte[] pin) throws IOException { // Command APDU for VERIFY command (page 32) String login = "00" // CLA @@ -749,7 +751,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen * @param pw For PW1, this is 0x81. For PW3 (Admin PIN), mode is 0x83. * @param newPin The new PW1 or PW3. */ - public void nfcModifyPIN(int pw, byte[] newPin) throws IOException { + public void nfcModifyPin(int pw, byte[] newPin) throws IOException { final int MAX_PW1_LENGTH_INDEX = 1; final int MAX_PW3_LENGTH_INDEX = 3; @@ -802,10 +804,10 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } if (dataObject == 0x0101 || dataObject == 0x0103) { if (!mPw1ValidatedForDecrypt) { - nfcVerifyPIN(0x82); // (Verify PW1 for non-signing operations) + nfcVerifyPin(0x82); // (Verify PW1 for non-signing operations) } } else if (!mPw3Validated) { - nfcVerifyPIN(0x83); // (Verify PW3) + nfcVerifyPin(0x83); // (Verify PW3) } String putDataApdu = "00" // CLA @@ -854,7 +856,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } if (!mPw3Validated) { - nfcVerifyPIN(0x83); // (Verify PW3 with mode 83) + nfcVerifyPin(0x83); // (Verify PW3 with mode 83) } byte[] header= Hex.decode( @@ -947,13 +949,13 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen * @return the public key data objects, in TLV format. For RSA this will be the public modulus * (0x81) and exponent (0x82). These may come out of order; proper TLV parsing is required. */ - public byte[] nfcGenerateOnCardKey(int slot) throws IOException { + public byte[] nfcGenerateKey(int slot) throws IOException { if (slot != 0xB6 && slot != 0xB8 && slot != 0xA4) { throw new IOException("Invalid key slot"); } if (!mPw3Validated) { - nfcVerifyPIN(0x83); // (Verify PW3 with mode 83) + nfcVerifyPin(0x83); // (Verify PW3 with mode 83) } String generateKeyApdu = "0047800002" + String.format("%02x", slot) + "0000"; @@ -966,13 +968,20 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen throw new IOException("On-card key generation failed"); } - String publicKeyData = nfcGetDataField(first) + nfcGetDataField(second); + String publicKeyData = getDataField(first) + getDataField(second); Log.d(Constants.TAG, "Public Key Data Objects: " + publicKeyData); return Hex.decode(publicKeyData); } + /** + * Transceive data via NFC encoded as Hex + */ + public String nfcCommunicate(String apdu) throws IOException { + return getHex(mIsoCard.transceive(Hex.decode(apdu))); + } + /** * Parses out the status word from a JavaCard response string. * @@ -991,7 +1000,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } } - public String nfcGetHolderName(String name) { + public String getHolderName(String name) { try { String slength; int ilength; @@ -1011,14 +1020,10 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } } - private String nfcGetDataField(String output) { + private String getDataField(String output) { return output.substring(0, output.length() - 4); } - public String nfcCommunicate(String apdu) throws IOException { - return getHex(mIsoCard.transceive(Hex.decode(apdu))); - } - public static String getHex(byte[] raw) { return new String(Hex.encode(raw)); } @@ -1045,7 +1050,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } - private boolean isFidesmoDevice() { + private boolean isFidesmoToken() { if (isNfcConnected()) { // Check if we can still talk to the card try { // By trying to select any apps that have the Fidesmo AID prefix we can @@ -1061,11 +1066,11 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen } /** - * Ask user if she wants to install PGP onto her Fidesmo device + * Ask user if she wants to install PGP onto her Fidesmo token */ private void promptFidesmoPgpInstall() { - FidesmoPgpInstallDialog mFidesmoPgpInstallDialog = new FidesmoPgpInstallDialog(); - mFidesmoPgpInstallDialog.show(getSupportFragmentManager(), "mFidesmoPgpInstallDialog"); + FidesmoPgpInstallDialog fidesmoPgpInstallDialog = new FidesmoPgpInstallDialog(); + fidesmoPgpInstallDialog.show(getSupportFragmentManager(), "fidesmoPgpInstallDialog"); } /** @@ -1073,8 +1078,8 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen * to launch the Google Play store. */ private void promptFidesmoAppInstall() { - FidesmoInstallDialog mFidesmoInstallDialog = new FidesmoInstallDialog(); - mFidesmoInstallDialog.show(getSupportFragmentManager(), "mFidesmoInstallDialog"); + FidesmoInstallDialog fidesmoInstallDialog = new FidesmoInstallDialog(); + fidesmoInstallDialog.show(getSupportFragmentManager(), "fidesmoInstallDialog"); } /** @@ -1084,7 +1089,7 @@ public abstract class BaseSecurityTokenNfcActivity extends BaseActivity implemen */ private boolean isAndroidAppInstalled(String uri) { PackageManager mPackageManager = getPackageManager(); - boolean mAppInstalled = false; + boolean mAppInstalled; try { mPackageManager.getPackageInfo(uri, PackageManager.GET_ACTIVITIES); mAppInstalled = true; -- cgit v1.2.3