v4.1.0

hwsecurity-sdk · Jun 30, 2020 · 7269955 · 7269955
1 parent 5455083
commit 7269955
Show file tree

Hide file tree

Showing 449 changed files with 17,407 additions and 5,634 deletions.
diff --git a/.gitignore b/.gitignore
@@ -12,7 +12,6 @@ ant.properties
 #Gradle
 .gradle
 build
-gradle.properties
 
 #Maven
 target

diff --git a/README.md b/README.md
@@ -16,6 +16,7 @@ This includes the following artifacts of the SDK (cf. [overview of all artifacts
 | de.cotech:hwsecurity-intent-nfc    | 14      |          |
 | de.cotech:hwsecurity-intent-usb    | 14      |          |
 | de.cotech:hwsecurity-fido          | 14      | 19       |
+| de.cotech:hwsecurity-fido2         | 14      | 19       |
 | de.cotech:hwsecurity-openpgp       | 14      |          |
 | de.cotech:hwsecurity-piv           | 14      |          |
 | de.cotech:hwsecurity-ui            | 14      | 19       |
@@ -24,7 +25,7 @@ This includes the following artifacts of the SDK (cf. [overview of all artifacts
 ## Notice
 
 This open source release does not reflect the newest version of the SDK.
-Some parts are currently not released as GPLv3, such as FIDO2 support.
+Some parts are currently not released as GPLv3.
 
 ## Contributing
 

diff --git a/build.gradle b/build.gradle
@@ -5,9 +5,8 @@ buildscript {
     }
 
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.4.2'
+        classpath 'com.android.tools.build:gradle:4.0.0'
         classpath 'org.jetbrains.dokka:dokka-android-gradle-plugin:0.9.17'
-        classpath 'digital.wup:android-maven-publish:3.6.2'
     }
 }
 
@@ -19,6 +18,6 @@ allprojects {
 }
 
 ext {
-    compileSdkVersion = 28
-    hwSdkVersionName = '3.2.1'
+    compileSdkVersion = 29
+    hwSdkVersionName = '4.1.0'
 }
diff --git a/gen-dokka.sh b/gen-dokka.sh
diff --git a/gradle.properties b/gradle.properties
@@ -0,0 +1,16 @@
+# Project-wide Gradle settings.
+# IDE (e.g. Android Studio) users:
+# Gradle settings configured through the IDE *will override*
+# any settings specified in this file.
+# For more details on how to configure your build environment visit
+# http://www.gradle.org/docs/current/userguide/build_environment.html
+# Specifies the JVM arguments used for the daemon process.
+# The setting is particularly useful for tweaking memory settings.
+org.gradle.jvmargs=-Xmx1536m
+# When configured, Gradle will run in incubating parallel mode.
+# This option should only be used with decoupled projects. More details, visit
+# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
+# org.gradle.parallel=true
+
+
+android.useAndroidX=true
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Tue Jun 18 09:22:28 CEST 2019
+#Wed Jun 24 11:02:11 CEST 2020
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip
diff --git a/gradlew b/gradlew
@@ -1,5 +1,21 @@
 #!/usr/bin/env sh
 
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 ##############################################################################
 ##
 ##  Gradle start up script for UN*X
@@ -28,7 +44,7 @@ APP_NAME="Gradle"
 APP_BASE_NAME=`basename "$0"`
 
 # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m"'
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD="maximum"

diff --git a/gradlew.bat b/gradlew.bat
@@ -1,3 +1,19 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      http://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
 @if "%DEBUG%" == "" @echo off
 @rem ##########################################################################
 @rem
@@ -14,7 +30,7 @@ set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m"
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome

diff --git a/hwsecurity/core/build.gradle b/hwsecurity/core/build.gradle
@@ -1,11 +1,11 @@
 apply plugin: 'com.android.library'
-apply plugin: 'digital.wup.android-maven-publish'
+apply plugin: 'maven-publish'
 apply plugin: 'org.jetbrains.dokka-android'
 
 dependencies {
-    implementation 'androidx.lifecycle:lifecycle-runtime:2.0.0'
+    implementation 'androidx.lifecycle:lifecycle-runtime:2.2.0'
 
-    compileOnly 'androidx.annotation:annotation:1.0.0'
+    compileOnly 'androidx.annotation:annotation:1.1.0'
 
     api 'com.google.auto.value:auto-value-annotations:1.6.2'
     annotationProcessor 'com.google.auto.value:auto-value:1.6.2'
@@ -35,51 +35,54 @@ android {
     }
 }
 
-publishing {
-    publications {
-        mavenAar(MavenPublication) {
-            groupId = 'de.cotech'
-            artifactId = 'hwsecurity'
-            version = android.defaultConfig.versionName
+// https://developer.android.com/studio/build/maven-publish-plugin
+afterEvaluate {
+    publishing {
+        publications {
+            release(MavenPublication) {
+                from components.release
 
-            from components.android
+                groupId = 'de.cotech'
+                artifactId = 'hwsecurity'
+                version = android.defaultConfig.versionName
 
-            pom {
-                url = 'https://hwsecurity.dev'
-                licenses {
-                    license {
-                        name = 'Commercial'
-                        url = 'https://hwsecurity.dev/sales/'
-                        distribution = 'repo'
+                pom {
+                    url = 'https://hwsecurity.dev'
+                    licenses {
+                        license {
+                            name = 'Commercial'
+                            url = 'https://hwsecurity.dev/sales/'
+                            distribution = 'repo'
+                        }
+                        license {
+                            name = 'GNU General Public License, version 3'
+                            url = 'https://www.gnu.org/licenses/gpl-3.0.txt'
+                        }
                     }
-                    license {
-                        name = 'GNU General Public License, version 3'
-                        url = 'https://www.gnu.org/licenses/gpl-3.0.txt'
+                    organization {
+                        name = 'Confidential Technologies GmbH'
+                        url = 'https://www.cotech.de'
                     }
                 }
-                organization {
-                    name = 'Confidential Technologies GmbH'
-                    url = 'https://www.cotech.de'
-                }
             }
         }
-    }
-    /*
-     * To upload release, create file gradle.properties in ~/.gradle/ with this content:
-     *
-     * cotechMavenName=xxx
-     * cotechMavenPassword=xxx
-     */
-    if (project.hasProperty('cotechMavenName') && project.hasProperty('cotechMavenPassword')) {
-        println "Found cotechMavenName, cotechMavenPassword in gradle.properties!"
+        /*
+         * To upload release, create file gradle.properties in ~/.gradle/ with this content:
+         *
+         * cotechMavenName=xxx
+         * cotechMavenPassword=xxx
+         */
+        if (project.hasProperty('cotechMavenName') && project.hasProperty('cotechMavenPassword')) {
+            println "Found cotechMavenName, cotechMavenPassword in gradle.properties!"
 
-        repositories {
-            maven {
-                credentials {
-                    username cotechMavenName
-                    password cotechMavenPassword
+            repositories {
+                maven {
+                    credentials {
+                        username cotechMavenName
+                        password cotechMavenPassword
+                    }
+                    url = "https://maven.cotech.de"
                 }
-                url = "https://maven.cotech.de"
             }
         }
     }
@@ -90,8 +93,9 @@ dokka {
     dokkaFatJar = files('libs/dokka-hugo-fatjar-0.9.17.jar')
     // does not work correctly with Maven:
     //dokkaFatJar = 'de.cotech:dokka-hugo-fatjar:0.9.17'
+    moduleName = 'hwsecurity'
     outputFormat = "hugo"
-    outputDirectory = "$buildDir/dokka/reference"
+    outputDirectory = "$projectDir/../../hwsecurity.dev/content/reference"
     sourceDirs = files('src/main/java')
 
     packageOptions {

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial
@@ -29,7 +29,7 @@
 
 import androidx.annotation.AnyThread;
 import androidx.annotation.WorkerThread;
-import androidx.lifecycle.LifecycleOwner;
+
 import de.cotech.hw.internal.transport.SecurityKeyInfo.TransportType;
 import de.cotech.hw.internal.transport.Transport;
 
@@ -81,7 +81,7 @@ public boolean isTransportNfc() {
      */
     @AnyThread
     public boolean isTransportUsb() {
-        return transport.getTransportType() == TransportType.USB_CCID || transport.getTransportType() == TransportType.USB_U2FHID;
+        return transport.getTransportType() == TransportType.USB_CCID || transport.getTransportType() == TransportType.USB_CTAPHID;
     }
 
     /**

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial
@@ -65,7 +65,7 @@ default void onSecurityKeyDiscoveryFailed(@NonNull IOException exception) {
      * <p>
      * This callback is only called on Security Keys for which {@link SecurityKey#isPersistentlyConnected()}
      * returns true. This typically applies to USB devices, but can be applied to NFC devices as well if
-     * NFC tag monitoring has been enabled via {@link SecurityKeyManagerConfig.Builder#setEnableNfcTagMonitoring}.
+     * persistent NFC connection has been enabled via {@link SecurityKeyManagerConfig.Builder#setEnablePersistentNfcConnection}.
      * Those Security Keys are also listed under {@link SecurityKeyManager#getConnectedPersistentSecurityKeys()}.
      *
      * <p>

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial

diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ * Copyright (C) 2018-2020 Confidential Technologies GmbH
  *
  * You can purchase a commercial license at https://hwsecurity.dev.
  * Buying such a license is mandatory as soon as you develop commercial
@@ -206,7 +206,7 @@ protected boolean isLoggable(String tag, int priority) {
                 callbackHandlerWorker, config.isAllowUntestedUsbDevices(), config.isEnableDebugLogging());
         nfcTagManager = NfcTagManager.createInstance(
                 this::transportConnectAndDeliverOrPostponeOrFail,
-                callbackHandlerWorker, config.isEnableDebugLogging(), config.isEnableNfcTagMonitoring());
+                callbackHandlerWorker, config.isEnableDebugLogging(), config.isEnablePersistentNfcConnection());
         application.registerActivityLifecycleCallbacks(activityLifecycleCallbacks);
 
         installCotechProviderIfAvailable();
@@ -243,6 +243,12 @@ private void bindToActivity(Activity activity) {
             if (isUsbDispatchActivity(activity)) {
                 return;
             }
+            if (config.getExcludedActivityClasses().contains(activity.getClass())) {
+                HwTimber.d(
+                        "Activity with class %s is excluded, skipping SecurityKeyManager lifecycle initialization.",
+                        activity.getClass().getSimpleName());
+                return;
+            }
             if (activity == boundActivity) {
                 return;
             }
@@ -401,12 +407,20 @@ private boolean hasActiveCallbacks() {
 
     /**
      * Registers a callback for when a security key is discovered.
+     *
+     * @throws IllegalArgumentException if LifecycleOwner is an excluded class, see {@link SecurityKeyManagerConfig.Builder#addExcludedActivityClass}.
      */
     public <T extends SecurityKey> void registerCallback(SecurityKeyConnectionMode<T> mode,
             LifecycleOwner lifecycleOwner, SecurityKeyCallback<T> callback) {
         if (config == null) {
             throw new IllegalStateException("SecurityKeyManager must be initialized in your Application class!");
         }
+        if (config.getExcludedActivityClasses().contains(lifecycleOwner.getClass())) {
+            throw new IllegalArgumentException(
+                    "Cannot registerCallback for Activity with excluded class " +
+                            lifecycleOwner.getClass().getSimpleName() + ". " +
+                            "This is a programming error, check your SecurityKeyManagerConfig.");
+        }
         RegisteredConnectionMode<T> registeredConnectionMode = new RegisteredConnectionMode<>(mode, callback, false);
         lifecycleOwner.getLifecycle().addObserver(registeredConnectionMode);
         registeredCallbacks.add(0, registeredConnectionMode);