diff --git a/README.md b/README.md index 736ba3b..667de6e 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,7 @@ This includes the following artifacts of the SDK (cf. [overview of all artifacts | de.cotech:hwsecurity-piv | 14 | | | de.cotech:hwsecurity-ui | 14 | 19 | | de.cotech:hwsecurity-ssh | 14 | | +| de.cotech:hwsecurity-sshj | 14 | | ## Notice diff --git a/build.gradle b/build.gradle index 25654b8..bcaa38b 100644 --- a/build.gradle +++ b/build.gradle @@ -1,5 +1,3 @@ -import org.jetbrains.dokka.gradle.DokkaTask - buildscript { repositories { google() @@ -7,27 +5,27 @@ buildscript { } dependencies { - classpath 'com.android.tools.build:gradle:4.0.1' - classpath 'org.jetbrains.dokka:dokka-gradle-plugin:1.4.0' + classpath 'com.android.tools.build:gradle:4.1.2' + classpath 'org.jetbrains.dokka:dokka-gradle-plugin:1.4.20' } } allprojects { repositories { google() - jcenter() maven { url 'https://jitpack.io' } + jcenter() } // custom dokka format - tasks.register("dokkaHugo", DokkaTask) { + tasks.register("dokkaHugo", org.jetbrains.dokka.gradle.DokkaTask) { dependencies { - dokkaHugoPlugin 'com.github.cotechde:dokka-hugo-plugin:d053c16110' + dokkaHugoPlugin 'com.github.cotechde:dokka-hugo-plugin:2.0' } } } ext { compileSdkVersion = 29 - hwSdkVersionName = '4.2.1' + hwSdkVersionName = '4.4.0' } diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index ab53446..4a023b6 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ -#Wed Jun 24 11:02:11 CEST 2020 +#Tue Mar 16 16:29:03 CET 2021 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-6.5-bin.zip diff --git a/hwsecurity/core/build.gradle b/hwsecurity/core/build.gradle index 70e7a75..e8fa6dd 100644 --- a/hwsecurity/core/build.gradle +++ b/hwsecurity/core/build.gradle @@ -3,16 +3,16 @@ apply plugin: 'maven-publish' apply plugin: 'org.jetbrains.dokka' dependencies { - implementation 'androidx.lifecycle:lifecycle-runtime:2.2.0' + implementation 'androidx.lifecycle:lifecycle-runtime:2.3.0' compileOnly 'androidx.annotation:annotation:1.1.0' compileOnly 'io.sentry:sentry-android:2.3.1' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' - testImplementation 'junit:junit:4.12' + testImplementation 'junit:junit:4.13' testImplementation 'org.robolectric:robolectric:3.8' testImplementation 'org.mockito:mockito-core:2.18.0' } @@ -90,24 +90,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity") + moduleName.set("hwsecurity") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java index 0b8e060..cf2474a 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java index 87f4dda..d95d16d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java index ac2f909..3a30478 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java index 348e7be..9aecc7b 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java index b354194..3ff8ebd 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java index baba9c9..2feb51f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -511,7 +511,6 @@ public void rediscoverConnectedSecurityKeys() { * This method is not part of the public API. */ @AnyThread - @RestrictTo(Scope.LIBRARY_GROUP) public void clearConnectedSecurityKeys() { nfcTagManager.clearManagedNfcTags(); usbDeviceManager.clearManagedUsbDevices(); diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManagerConfig.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManagerConfig.java index b760113..188fe55 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManagerConfig.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyManagerConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -159,26 +159,25 @@ public Builder setSentryCaptureExceptionOnInternalError(boolean isSentryCaptureE * (by default Android’s Log class is used), a custom logging tree can be used. * Setting your own logging tree overrides setEnableDebugLogging(true). * 
-         * .setLoggingTree(new HwTimber.DebugTree() {
-         *     protected String createStackElementTag(@NonNull StackTraceElement element) {
-         *         if (element.getClassName().startsWith("de.cotech.hw")) {
-         *             return super.createStackElementTag(element);
-         *         } else {
-         *             return null;
+         * private static class CrashReportingTree extends HwTimber.Tree {
+         *     @Override protected void log(int priority, String tag, @NonNull String message, Throwable t) {
+         *         if (priority == Log.VERBOSE || priority == Log.DEBUG) {
+         *             return;
          *         }
-         *     }
          *
-         *     protected boolean isLoggable(String tag, int priority) {
-         *         if (tag == null) {
-         *             return false;
-         *         }
-         *         // TODO: filter based on priority
-         *     }
+         *         FakeCrashLibrary.log(priority, tag, message);
          *
-         *     protected void log(int priority, String tag, @NonNull String message, Throwable t) {
-         *         // TODO: delegate log output to your own logging framework
+         *         if (t != null) {
+         *             if (priority == Log.ERROR) {
+         *                 FakeCrashLibrary.logError(t);
+         *             } else if (priority == Log.WARN) {
+         *                 FakeCrashLibrary.logWarning(t);
+         *             }
+         *         }
          *     }
-         * });
+         * }
+         * new SecurityKeyManagerConfig.Builder()
+         *     .setLoggingTree(CrashReportingTree.class)
          *
*

* This tree overrides {@link SecurityKeyManagerConfig.Builder#setEnableDebugLogging(boolean)}. diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyTlsClientCertificateAuthenticator.java b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyTlsClientCertificateAuthenticator.java index 4b26791..99047ee 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyTlsClientCertificateAuthenticator.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/SecurityKeyTlsClientCertificateAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -41,7 +41,6 @@ import javax.net.ssl.X509ExtendedKeyManager; -@RestrictTo(Scope.LIBRARY_GROUP) public class SecurityKeyTlsClientCertificateAuthenticator { private final X509Certificate clientCertificate; private final PrivateKey privateKey; diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AppletFileNotFoundException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AppletFileNotFoundException.java index d6545ca..70e7c20 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AppletFileNotFoundException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AppletFileNotFoundException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AuthenticationMethodBlockedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AuthenticationMethodBlockedException.java index bd6e812..8fabf83 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AuthenticationMethodBlockedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/AuthenticationMethodBlockedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ClaNotSupportedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ClaNotSupportedException.java index 7ee4053..c6e8da7 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ClaNotSupportedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ClaNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ConditionsNotSatisfiedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ConditionsNotSatisfiedException.java index c644b67..b65a825 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ConditionsNotSatisfiedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/ConditionsNotSatisfiedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/DataInvalidException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/DataInvalidException.java index 20dfd69..6af6ed7 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/DataInvalidException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/DataInvalidException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/FileInTerminationStateException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/FileInTerminationStateException.java index 0945aa4..cdc0ed2 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/FileInTerminationStateException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/FileInTerminationStateException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/InsNotSupportedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/InsNotSupportedException.java index 111a265..cff9f73 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/InsNotSupportedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/InsNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityKeyDisconnectedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityKeyDisconnectedException.java index 8fd1f33..d1f026d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityKeyDisconnectedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityKeyDisconnectedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityStatusNotSatisfiedException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityStatusNotSatisfiedException.java index 5982e0c..52605f9 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityStatusNotSatisfiedException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SecurityStatusNotSatisfiedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SelectAppletException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SelectAppletException.java index d438365..360c521 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SelectAppletException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/SelectAppletException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongDataException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongDataException.java index e82b704..7ef479f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongDataException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongDataException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongRequestLengthException.java b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongRequestLengthException.java index 6660175..386769d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongRequestLengthException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/exceptions/WrongRequestLengthException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/NfcIntentDispatchActivity.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/NfcIntentDispatchActivity.java index 2b0db0b..ff1f11d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/NfcIntentDispatchActivity.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/NfcIntentDispatchActivity.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/UsbIntentDispatchActivity.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/UsbIntentDispatchActivity.java index b96720c..8ffe825 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/UsbIntentDispatchActivity.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/dispatch/UsbIntentDispatchActivity.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApdu.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApdu.java index 114da62..98acb7b 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApdu.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApdu.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApduDescriber.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApduDescriber.java index b7ff3b1..84e89a9 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApduDescriber.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/CommandApduDescriber.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/Iso7816TLV.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/Iso7816TLV.java index d209bca..831434e 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/Iso7816TLV.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/Iso7816TLV.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/ResponseApdu.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/ResponseApdu.java index 1ef6019..df89588 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/ResponseApdu.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/iso7816/ResponseApdu.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/SecurityKeyInfo.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/SecurityKeyInfo.java index e51d14e..44a3cd9 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/SecurityKeyInfo.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/SecurityKeyInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Transport.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Transport.java index 60f3476..54e201e 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Transport.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Transport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Version.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Version.java index 9348c2a..ddd90fb 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Version.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/Version.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcConnectionDispatcher.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcConnectionDispatcher.java index 971e5ab..8cdca1a 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcConnectionDispatcher.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcConnectionDispatcher.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTagManager.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTagManager.java index ad39d11..19774c0 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTagManager.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTagManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTransport.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTransport.java index ee252a5..3bd2b17 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTransport.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/nfc/NfcTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UnsupportedUsbSecurityKeyException.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UnsupportedUsbSecurityKeyException.java index 697294c..65a9256 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UnsupportedUsbSecurityKeyException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UnsupportedUsbSecurityKeyException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbConnectionDispatcher.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbConnectionDispatcher.java index 64ad356..d5bf396 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbConnectionDispatcher.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbConnectionDispatcher.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbDeviceManager.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbDeviceManager.java index 4e7bb89..cb5e7f4 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbDeviceManager.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbDeviceManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbSecurityKeyTypes.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbSecurityKeyTypes.java index 0af69a2..e748a17 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbSecurityKeyTypes.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbSecurityKeyTypes.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbTransportException.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbTransportException.java index ba8f807..948f39f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbTransportException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbTransportException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbUtils.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbUtils.java index 6928071..55dbcaa 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbUtils.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/UsbUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidDescriptor.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidDescriptor.java index cb85415..5fb6e48 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidDescriptor.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidDescriptor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiver.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiver.java index 2b87f62..1645ec2 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiver.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiver.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransportProtocol.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransportProtocol.java index 36e4b15..a5c30f3 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransportProtocol.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransportProtocol.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidErrorException.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidErrorException.java index 7969239..d552d37 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidErrorException.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidErrorException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidTransport.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidTransport.java index 88c7763..1a567c3 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidTransport.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/UsbCcidTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/Block.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/Block.java index fbd8aa5..8cd13b7 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/Block.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/Block.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/BlockChecksumAlgorithm.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/BlockChecksumAlgorithm.java index 4dd250e..27016a5 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/BlockChecksumAlgorithm.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/BlockChecksumAlgorithm.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/IBlock.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/IBlock.java index 32eba22..baca995 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/IBlock.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/IBlock.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/RBlock.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/RBlock.java index 7019000..8fe706f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/RBlock.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/RBlock.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/SBlock.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/SBlock.java index e358daf..11579f2 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/SBlock.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/SBlock.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T0ShortApduProtocol.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T0ShortApduProtocol.java index c7030ac..63e5d0f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T0ShortApduProtocol.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T0ShortApduProtocol.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1ShortApduProtocol.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1ShortApduProtocol.java index 24b24e7..d844d0a 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1ShortApduProtocol.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1ShortApduProtocol.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduBlockFactory.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduBlockFactory.java index 6aee348..e536e25 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduBlockFactory.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduBlockFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduProtocol.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduProtocol.java index d3c0308..205a46c 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduProtocol.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ccid/tpdu/T1TpduProtocol.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactory.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactory.java index 492808a..06ab34f 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactory.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidInitStructFactory.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidInitStructFactory.java index 9e8e07a..6120fce 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidInitStructFactory.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidInitStructFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocol.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocol.java index f8aa5d9..a6f7a87 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocol.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocol.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/UsbCtapHidTransport.java b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/UsbCtapHidTransport.java index 4940d71..5f32307 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/UsbCtapHidTransport.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/internal/transport/usb/ctaphid/UsbCtapHidTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKey.java b/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKey.java index 44ec121..1f9d535 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKey.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKeyConnectionMode.java b/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKeyConnectionMode.java index c116fc8..3118aa1 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKeyConnectionMode.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/raw/RawSecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/AndroidPreferenceSimplePinProvider.java b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/AndroidPreferenceSimplePinProvider.java index 4aebf2a..ac7b325 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/AndroidPreferenceSimplePinProvider.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/AndroidPreferenceSimplePinProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecret.java b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecret.java index 9b44626..0b659f4 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecret.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecret.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecretGenerator.java b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecretGenerator.java index ad926dc..952a08d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecretGenerator.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/ByteSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/PinProvider.java b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/PinProvider.java index d95eb20..4f1caf2 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/PinProvider.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/PinProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/StaticPinProvider.java b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/StaticPinProvider.java index eeb2081..48ef31c 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/secrets/StaticPinProvider.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/secrets/StaticPinProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/util/HashUtil.java b/hwsecurity/core/src/main/java/de/cotech/hw/util/HashUtil.java index 8c81ae2..8e8993d 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/util/HashUtil.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/util/HashUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/util/Hwsecurity25519PublicKey.java b/hwsecurity/core/src/main/java/de/cotech/hw/util/Hwsecurity25519PublicKey.java new file mode 100644 index 0000000..488ca42 --- /dev/null +++ b/hwsecurity/core/src/main/java/de/cotech/hw/util/Hwsecurity25519PublicKey.java @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.util; + +import java.security.PublicKey; + +/** + * Wrapper class for Ed25519 and X25519 keys, since there are no PublicKey classes + * in Android for Curve25519 keys. + *

+ * Hwsecurity25519PublicKey can be converted to Bouncy Castle PublicKeys using + * Bouncy25519KeyConverter from hwsecurity-openpgp artifact. + */ +public class Hwsecurity25519PublicKey implements PublicKey { + private byte[] rawPublicKey; + private String algorithm; + + /** + * @param rawPublicKey bytes of the compressed point + * @param algorithm either "Ed25519" or "X25519" + */ + public Hwsecurity25519PublicKey(byte[] rawPublicKey, String algorithm) { + this.rawPublicKey = rawPublicKey; + this.algorithm = algorithm; + } + + @Override + public String getAlgorithm() { + return algorithm; + } + + @Override + public String getFormat() { + return "hwsecurity"; + } + + @Override + public byte[] getEncoded() { + return rawPublicKey; + } +} diff --git a/hwsecurity/core/src/main/java/de/cotech/hw/util/NfcStatusObserver.java b/hwsecurity/core/src/main/java/de/cotech/hw/util/NfcStatusObserver.java index 8bd6f93..9f14084 100644 --- a/hwsecurity/core/src/main/java/de/cotech/hw/util/NfcStatusObserver.java +++ b/hwsecurity/core/src/main/java/de/cotech/hw/util/NfcStatusObserver.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -41,19 +41,19 @@ import androidx.lifecycle.LifecycleObserver; import androidx.lifecycle.LifecycleOwner; import androidx.lifecycle.OnLifecycleEvent; + import de.cotech.hw.SecurityKeyManager; /** * A helper class to monitor whether NFC hardware is available and enabled. - * *

+ * * Note that this class does not communicate with the NFC device on its own - its only purpose is to tell when NFC * functionality is available, and has been enabled or disabled! - * *

+ * * Example: - *

* 

  * public class NfcActionActivity extends AppCompatActivity {
  *     private NfcStatusObserver nfcStatusObserver;
@@ -88,7 +88,6 @@
  *     }
  * }
  *
- * */ public class NfcStatusObserver implements LifecycleObserver { private final Context context; diff --git a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiverTest.java b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiverTest.java index ce9e21a..7ddf587 100644 --- a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiverTest.java +++ b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ccid/CcidTransceiverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactoryTest.java b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactoryTest.java index 5fb0193..0f47618 100644 --- a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactoryTest.java +++ b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidFrameFactoryTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocolTest.java b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocolTest.java index 157c6e5..32e07e7 100644 --- a/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocolTest.java +++ b/hwsecurity/core/src/test/java/de/cotech/hw/internal/transport/usb/ctaphid/CtapHidTransportProtocolTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/core/src/test/java/de/cotech/hw/secrets/ByteSecretTest.java b/hwsecurity/core/src/test/java/de/cotech/hw/secrets/ByteSecretTest.java index dd50e5d..9ec15e3 100644 --- a/hwsecurity/core/src/test/java/de/cotech/hw/secrets/ByteSecretTest.java +++ b/hwsecurity/core/src/test/java/de/cotech/hw/secrets/ByteSecretTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/build.gradle b/hwsecurity/fido/build.gradle index 0c879b6..8f4cba6 100644 --- a/hwsecurity/fido/build.gradle +++ b/hwsecurity/fido/build.gradle @@ -6,15 +6,15 @@ dependencies { api project(':hwsecurity:core') api project(':hwsecurity:ui') - implementation 'androidx.appcompat:appcompat:1.1.0' - implementation 'com.google.android.material:material:1.1.0' - implementation 'androidx.constraintlayout:constraintlayout:1.1.3' + implementation 'androidx.appcompat:appcompat:1.2.0' + implementation 'com.google.android.material:material:1.3.0' + implementation 'androidx.constraintlayout:constraintlayout:2.0.4' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' - testImplementation 'junit:junit:4.12' + testImplementation 'junit:junit:4.13' testImplementation 'org.robolectric:robolectric:3.8' testImplementation 'org.mockito:mockito-core:2.18.0' } @@ -93,24 +93,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-fido") + moduleName.set("hwsecurity-fido") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.fido.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateCallback.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateCallback.java index 95f492e..3d5c8e5 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateCallback.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateRequest.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateRequest.java index 5eb4ec4..1c97900 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateRequest.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateResponse.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateResponse.java index d8defa2..d79313c 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateResponse.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoAuthenticateResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoFacetIdUtil.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoFacetIdUtil.java index d8b9cc8..b5c39e3 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoFacetIdUtil.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoFacetIdUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterCallback.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterCallback.java index fec3cf7..a06259e 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterCallback.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterRequest.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterRequest.java index 06b3c41..177d05a 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterRequest.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterResponse.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterResponse.java index 541a2b8..38d1cb6 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterResponse.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoRegisterResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKey.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKey.java index 345f30c..5408f3c 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKey.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKeyConnectionMode.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKeyConnectionMode.java index 97d2192..acf5549 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKeyConnectionMode.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/FidoSecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebViewFidoBridge.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebViewFidoBridge.java index 46fc169..944a4c8 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebViewFidoBridge.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebViewFidoBridge.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -258,9 +258,11 @@ private void showRegisterFragment(RequestData requestData, String appId, String opsBuilder.setTimeoutSeconds(timeoutSeconds); opsBuilder.setTitle(context.getString(R.string.hwsecurity_fido_title_default_register_app_id, getDisplayAppId(appId))); - FidoDialogFragment fidoDialogFragment = FidoDialogFragment.newInstance(registerRequest, opsBuilder.build()); - fidoDialogFragment.setFidoRegisterCallback(fidoRegisterCallback); - fidoDialogFragment.show(fragmentManager); + webView.getHandler().post(() -> { + FidoDialogFragment fidoDialogFragment = FidoDialogFragment.newInstance(registerRequest, opsBuilder.build()); + fidoDialogFragment.setFidoRegisterCallback(fidoRegisterCallback); + fidoDialogFragment.show(fragmentManager); + }); } private OnFidoRegisterCallback fidoRegisterCallback = new OnFidoRegisterCallback() { @@ -321,9 +323,11 @@ private void showSignFragment( opsBuilder.setTimeoutSeconds(timeoutSeconds); opsBuilder.setTitle(context.getString(R.string.hwsecurity_fido_title_default_authenticate_app_id, getDisplayAppId(appId))); - FidoDialogFragment fidoDialogFragment = FidoDialogFragment.newInstance(authenticateRequest, opsBuilder.build()); - fidoDialogFragment.setFidoAuthenticateCallback(fidoAuthenticateCallback); - fidoDialogFragment.show(fragmentManager); + webView.getHandler().post(() -> { + FidoDialogFragment fidoDialogFragment = FidoDialogFragment.newInstance(authenticateRequest, opsBuilder.build()); + fidoDialogFragment.setFidoAuthenticateCallback(fidoAuthenticateCallback); + fidoDialogFragment.show(fragmentManager); + }); } private OnFidoAuthenticateCallback fidoAuthenticateCallback = new OnFidoAuthenticateCallback() { diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebsafeBase64.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebsafeBase64.java index f42b0d7..52c54ba 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebsafeBase64.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/WebsafeBase64.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -30,7 +30,6 @@ import androidx.annotation.RestrictTo.Scope; -@RestrictTo(Scope.LIBRARY_GROUP) public class WebsafeBase64 { /** diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoPresenceRequiredException.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoPresenceRequiredException.java index cd90c07..4f42a05 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoPresenceRequiredException.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoPresenceRequiredException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fDisabledException.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fDisabledException.java index 8477766..3088572 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fDisabledException.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fDisabledException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fNotSupportedException.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fNotSupportedException.java index 5d272ce..61c9349 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fNotSupportedException.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoU2fNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoWrongKeyHandleException.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoWrongKeyHandleException.java index 5a1e993..4b043aa 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoWrongKeyHandleException.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/exceptions/FidoWrongKeyHandleException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoCommandApduDescriber.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoCommandApduDescriber.java index 0b05949..480eb31 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoCommandApduDescriber.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoCommandApduDescriber.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fAppletConnection.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fAppletConnection.java index 43c1030..2b7e714 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fAppletConnection.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fAppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fCommandApduFactory.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fCommandApduFactory.java index 4ecf8b5..9794bbf 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fCommandApduFactory.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/FidoU2fCommandApduFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManager.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManager.java index 919f569..92dac69 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManager.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAuthenticateOperationThread.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAuthenticateOperationThread.java index c8c22ae..21c6c9b 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAuthenticateOperationThread.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoAuthenticateOperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoOperationThread.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoOperationThread.java index 27b4045..2df4758 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoOperationThread.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoOperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoRegisterOperationThread.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoRegisterOperationThread.java index 9489ab5..bf456c3 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoRegisterOperationThread.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/async/FidoRegisterOperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fApiUtils.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fApiUtils.java index 23c96ad..899c5eb 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fApiUtils.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fApiUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fAuthenticateRequest.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fAuthenticateRequest.java index 926bd8a..7c81813 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fAuthenticateRequest.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fAuthenticateRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonParser.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonParser.java index 8309f6b..dc2f840 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonParser.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonSerializer.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonSerializer.java index eb94dc5..3edd5a8 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonSerializer.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fJsonSerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRegisterRequest.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRegisterRequest.java index c7c3328..87f56e7 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRegisterRequest.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRegisterRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRequest.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRequest.java index 5c01a58..6b4bb14 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRequest.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fResponse.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fResponse.java index 5cce78c..d7b1832 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fResponse.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/jsapi/U2fResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/AuthenticateOp.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/AuthenticateOp.java index e86f704..253a0ab 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/AuthenticateOp.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/AuthenticateOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/RegisterOp.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/RegisterOp.java index ef56733..1009ea3 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/RegisterOp.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/operations/RegisterOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AndroidUtils.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AndroidUtils.java index dfe6f0d..83ca452 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AndroidUtils.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AndroidUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AnimatedVectorDrawableHelper.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AnimatedVectorDrawableHelper.java index e51fd3e..f7e13a3 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AnimatedVectorDrawableHelper.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/internal/utils/AnimatedVectorDrawableHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogFragment.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogFragment.java index bfb9282..2cd8406 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogFragment.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogOptions.java b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogOptions.java index bb91c4e..ef6035e 100644 --- a/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogOptions.java +++ b/hwsecurity/fido/src/main/java/de/cotech/hw/fido/ui/FidoDialogOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/FidoSecurityKeyTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/FidoSecurityKeyTest.java index 304d8d6..ef89a73 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/FidoSecurityKeyTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/FidoSecurityKeyTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FakeU2fFidoAppletConnection.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FakeU2fFidoAppletConnection.java index 503f850..19569c1 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FakeU2fFidoAppletConnection.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FakeU2fFidoAppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FidoU2fAppletConnectionTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FidoU2fAppletConnectionTest.java index 9c5f38a..3e2f9f0 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FidoU2fAppletConnectionTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/FidoU2fAppletConnectionTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerTest.java index 5fd8155..3059780 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerUtil.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerUtil.java index 3a39a96..c1f3518 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerUtil.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoAsyncOperationManagerUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoOperationThreadTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoOperationThreadTest.java index 5cc9796..fe95b0b 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoOperationThreadTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/FidoOperationThreadTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/TestFidoOperationThread.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/TestFidoOperationThread.java index c9183a3..8610fb1 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/TestFidoOperationThread.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/async/TestFidoOperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/AuthenticateOpTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/AuthenticateOpTest.java index 2c929aa..b6c2119 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/AuthenticateOpTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/AuthenticateOpTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/RegisterOpTest.java b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/RegisterOpTest.java index 8edd5fc..94e4639 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/RegisterOpTest.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/fido/internal/operations/RegisterOpTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java b/hwsecurity/fido/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java index 081c6b1..82a064b 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java b/hwsecurity/fido/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java index 7db1fe5..b746e97 100644 --- a/hwsecurity/fido/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java +++ b/hwsecurity/fido/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/build.gradle b/hwsecurity/fido2/build.gradle index cf20bbf..a72b8ad 100644 --- a/hwsecurity/fido2/build.gradle +++ b/hwsecurity/fido2/build.gradle @@ -6,15 +6,15 @@ dependencies { api project(':hwsecurity:core') api project(':hwsecurity:ui') - implementation 'androidx.appcompat:appcompat:1.1.0' - implementation 'com.google.android.material:material:1.1.0' - implementation 'androidx.constraintlayout:constraintlayout:1.1.3' + implementation 'androidx.appcompat:appcompat:1.2.0' + implementation 'com.google.android.material:material:1.3.0' + implementation 'androidx.constraintlayout:constraintlayout:2.0.4' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' - testImplementation 'junit:junit:4.12' + testImplementation 'junit:junit:4.13' testImplementation 'org.robolectric:robolectric:3.8' testImplementation 'org.mockito:mockito-core:2.18.0' } @@ -93,24 +93,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-fido2") + moduleName.set("hwsecurity-fido2") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.fido2.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Credential.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Credential.java index d7d1596..da4c0ac 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Credential.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Credential.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Ctap2Callback.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Ctap2Callback.java index fbc20b9..2297206 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Ctap2Callback.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Ctap2Callback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKey.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKey.java index be7cbb3..5e4a9ed 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKey.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionMode.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionMode.java index bf41dd5..7d3190a 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionMode.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionModeConfig.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionModeConfig.java index 6543060..ce50730 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionModeConfig.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/Fido2SecurityKeyConnectionModeConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredential.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredential.java index 6141fed..6c49622 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredential.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredential.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -33,6 +33,7 @@ @AutoValue public abstract class PublicKeyCredential extends Credential implements WebauthnResponse { + @SuppressWarnings("mutable") public abstract byte[] rawId(); public abstract AuthenticatorResponse response(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialCreate.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialCreate.java index 2db17fc..41cf4ba 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialCreate.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialCreate.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialGet.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialGet.java index 83fdd07..1e57206 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialGet.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/PublicKeyCredentialGet.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebViewWebauthnBridge.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebViewWebauthnBridge.java index 367595e..3324ddf 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebViewWebauthnBridge.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebViewWebauthnBridge.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -37,12 +37,14 @@ import android.net.Uri; import android.os.Build.VERSION_CODES; import android.os.Handler; +import android.os.Looper; import android.webkit.JavascriptInterface; import android.webkit.WebResourceRequest; import android.webkit.WebView; import androidx.annotation.Keep; import androidx.annotation.NonNull; +import androidx.annotation.UiThread; import androidx.appcompat.app.AppCompatActivity; import androidx.fragment.app.FragmentManager; @@ -269,10 +271,12 @@ public void onGetAssertionTimeout() { optionsBuilder.setTimeoutMs(options.timeout()); optionsBuilder.setTitle(context.getString(R.string.hwsecurity_fido_title_default_authenticate_app_id, getDisplayOrigin(currentOrigin))); - WebauthnDialogFragment webauthnDialogFragment = WebauthnDialogFragment.newInstance( - credentialGetCommand, optionsBuilder.build()); - webauthnDialogFragment.setOnGetAssertionCallback(onGetCredentialCallback); - webauthnDialogFragment.show(fragmentManager); + webView.getHandler().post(() -> { + WebauthnDialogFragment webauthnDialogFragment = WebauthnDialogFragment.newInstance( + credentialGetCommand, optionsBuilder.build()); + webauthnDialogFragment.setOnGetAssertionCallback(onGetCredentialCallback); + webauthnDialogFragment.show(fragmentManager); + }); } private void javascriptPublicKeyCredentialStore(String optionsJsonString) { @@ -316,10 +320,12 @@ public void onMakeCredentialTimeout() { optionsBuilder.setTimeoutMs(options.timeout()); optionsBuilder.setTitle(context.getString(R.string.hwsecurity_fido_title_default_register_app_id, getDisplayOrigin(currentOrigin))); - WebauthnDialogFragment webauthnDialogFragment = WebauthnDialogFragment.newInstance( - credentialCreateCommand, optionsBuilder.build()); - webauthnDialogFragment.setOnMakeCredentialCallback(onMakeCredentialCallback); - webauthnDialogFragment.show(fragmentManager); + webView.getHandler().post(() -> { + WebauthnDialogFragment webauthnDialogFragment = WebauthnDialogFragment.newInstance( + credentialCreateCommand, optionsBuilder.build()); + webauthnDialogFragment.setOnMakeCredentialCallback(onMakeCredentialCallback); + webauthnDialogFragment.show(fragmentManager); + }); } private void javascriptPublicKeyCredentialPreventSilentAccess() { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnCallback.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnCallback.java index 5424bbc..a7d5410 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnCallback.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnJsonCallback.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnJsonCallback.java index a4b39e9..ae9ab7e 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnJsonCallback.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/WebauthnJsonCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorResponse.java index 9e22123..91f45f1 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -26,5 +26,6 @@ public abstract class AuthenticatorResponse { + @SuppressWarnings("mutable") public abstract byte[] clientDataJson(); } diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorTransport.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorTransport.java index f55839c..82f0ddb 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorTransport.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/AuthenticatorTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/CollectedClientData.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/CollectedClientData.java index 1cc4c9e..26463bb 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/CollectedClientData.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/CollectedClientData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,6 +31,7 @@ @AutoValue public abstract class CollectedClientData { public abstract String type(); + @SuppressWarnings("mutable") public abstract byte[] challenge(); public abstract String origin(); public abstract String hashAlgorithm(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialDescriptor.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialDescriptor.java index bd73a9c..632217e 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialDescriptor.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialDescriptor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -37,6 +37,7 @@ @AutoValue public abstract class PublicKeyCredentialDescriptor implements Parcelable { public abstract PublicKeyCredentialType type(); + @SuppressWarnings("mutable") public abstract byte[] id(); @Nullable public abstract List transports(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialEntity.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialEntity.java index 035574e..8ab8929 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialEntity.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialEntity.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialParameters.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialParameters.java index 2156af5..92a7b41 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialParameters.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialRpEntity.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialRpEntity.java index accd3fe..bf49f62 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialRpEntity.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialRpEntity.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialType.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialType.java index 68f6602..0f63f65 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialType.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialType.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialUserEntity.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialUserEntity.java index c30d54b..35c3e20 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialUserEntity.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/PublicKeyCredentialUserEntity.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -34,6 +34,7 @@ @AutoValue public abstract class PublicKeyCredentialUserEntity extends PublicKeyCredentialEntity implements Parcelable { + @SuppressWarnings("mutable") public abstract byte[] id(); @Nullable public abstract String displayName(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/UserVerificationRequirement.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/UserVerificationRequirement.java index 16976cd..a0b99b5 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/UserVerificationRequirement.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/UserVerificationRequirement.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationConveyancePreference.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationConveyancePreference.java index 780b8f0..12d03e7 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationConveyancePreference.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationConveyancePreference.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationObject.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationObject.java index 656e567..2cdd65f 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationObject.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestationObject.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -35,8 +35,10 @@ public abstract class AttestationObject extends Ctap2Response { // fmt String Required The attestation statement format identifier. public abstract String fmt(); // authData Byte Array Required The authenticator data object. + @SuppressWarnings("mutable") public abstract byte[] authData(); // attStmt Byte Array, the structure of which depends on the attestation statement format identifier Required The attestation statement, whose format is identified by the "fmt" object member. The client treats it as an opaque object. abstract List versions(); + @SuppressWarnings("mutable") public abstract byte[] attStmt(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestedCredentialData.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestedCredentialData.java index 9d496f4..93d22df 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestedCredentialData.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AttestedCredentialData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -32,8 +32,11 @@ public abstract class AttestedCredentialData { private static final byte[] LENGTH_AAGUID = new byte[16]; + @SuppressWarnings("mutable") public abstract byte[] aaguid(); + @SuppressWarnings("mutable") public abstract byte[] credentialId(); + @SuppressWarnings("mutable") public abstract byte[] credentialPublicKey(); public static AttestedCredentialData create(byte[] aaguid, byte[] credentialId, byte[] credentialPublicKey) { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttachment.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttachment.java index 5343765..8c84e9c 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttachment.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttachment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttestationResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttestationResponse.java index 4c67faa..c455293 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttestationResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorAttestationResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,6 +31,7 @@ @AutoValue public abstract class AuthenticatorAttestationResponse extends AuthenticatorResponse { + @SuppressWarnings("mutable") public abstract byte[] attestationObject(); public static AuthenticatorAttestationResponse create( diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorData.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorData.java index 736ba3c..263e81a 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorData.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -53,6 +53,7 @@ public abstract class AuthenticatorData { public static final byte FLAG_EXTENSION_DATA = (byte) (1<<7); // rpIdHash 32 SHA-256 hash of the RP ID the credential is scoped to. + @SuppressWarnings("mutable") public abstract byte[] rpIdHash(); // flags 1 Flags (bit 0 is the least significant bit): @@ -67,6 +68,7 @@ public abstract class AuthenticatorData { // extensions variable (if present) Extension-defined authenticator data. This is a CBOR [RFC7049] map with extension identifiers as keys, and authenticator extension outputs as values. See §9 WebAuthn Extensions for details. @Nullable + @SuppressWarnings("mutable") public abstract byte[] extensions(); public boolean hasAttestedCredentialData() { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorSelectionCriteria.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorSelectionCriteria.java index f518c11..d801dc1 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorSelectionCriteria.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/AuthenticatorSelectionCriteria.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/CredentialCreationData.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/CredentialCreationData.java index 298f352..eb0202b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/CredentialCreationData.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/CredentialCreationData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,6 +31,7 @@ @AutoValue public abstract class CredentialCreationData { public abstract AttestationObject attestationObjectResult(); + @SuppressWarnings("mutable") public abstract byte[] clientDataJSONResult(); public abstract AttestationConveyancePreference attestationConveyancePreferenceOption(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/PublicKeyCredentialCreationOptions.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/PublicKeyCredentialCreationOptions.java index 539c08a..daea5d6 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/PublicKeyCredentialCreationOptions.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/create/PublicKeyCredentialCreationOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -41,6 +41,7 @@ public abstract class PublicKeyCredentialCreationOptions implements Parcelable { public abstract PublicKeyCredentialRpEntity rp(); public abstract PublicKeyCredentialUserEntity user(); + @SuppressWarnings("mutable") public abstract byte[] challenge(); public abstract List pubKeyCredParams(); @Nullable diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AssertionCreationData.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AssertionCreationData.java index df7ae2f..99b891e 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AssertionCreationData.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AssertionCreationData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,11 +31,16 @@ @AutoValue public abstract class AssertionCreationData { + @SuppressWarnings("mutable") public abstract byte[] credentialIdResult(); + @SuppressWarnings("mutable") public abstract byte[] clientDataJSONResult(); + @SuppressWarnings("mutable") public abstract byte[] authenticatorDataResult(); + @SuppressWarnings("mutable") public abstract byte[] signatureResult(); @Nullable + @SuppressWarnings("mutable") public abstract byte[] userHandleResult(); public static AssertionCreationData create(byte[] credentialId, byte[] clientDataJSON, byte[] authenticatorData, byte[] signature, @Nullable byte[] userHandle) { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AuthenticatorAssertionResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AuthenticatorAssertionResponse.java index 1a12217..200ebb2 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AuthenticatorAssertionResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/AuthenticatorAssertionResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -32,9 +32,12 @@ @AutoValue public abstract class AuthenticatorAssertionResponse extends AuthenticatorResponse { + @SuppressWarnings("mutable") public abstract byte[] authenticatorData(); + @SuppressWarnings("mutable") public abstract byte[] signature(); @Nullable + @SuppressWarnings("mutable") public abstract byte[] userHandle(); public static AuthenticatorAssertionResponse create(byte[] clientDataJson, byte[] authenticatorData, byte[] signature, @Nullable byte[] userHandle) { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/PublicKeyCredentialRequestOptions.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/PublicKeyCredentialRequestOptions.java index 1dd9baa..1d3cca5 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/PublicKeyCredentialRequestOptions.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/domain/get/PublicKeyCredentialRequestOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -37,6 +37,7 @@ @AutoValue public abstract class PublicKeyCredentialRequestOptions implements Parcelable { + @SuppressWarnings("mutable") public abstract byte[] challenge(); @Nullable public abstract Long timeout(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/Fido2AndU2fNotSupportedException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/Fido2AndU2fNotSupportedException.java index 0df629f..ab3ad71 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/Fido2AndU2fNotSupportedException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/Fido2AndU2fNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinBlockedException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinBlockedException.java index 0058c27..434ccb9 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinBlockedException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinBlockedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinInvalidException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinInvalidException.java index 13bddd8..e22d2bd 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinInvalidException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinInvalidException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinLastAttemptException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinLastAttemptException.java index 3978ffd..b69217a 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinLastAttemptException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinLastAttemptException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSetException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSetException.java index 532b624..e35241d 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSetException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSetException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSupportedException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSupportedException.java index 36bac61..f2c85bc 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSupportedException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinRequiredException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinRequiredException.java index 2cccfd7..eb4024b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinRequiredException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinRequiredException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinTooShortException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinTooShortException.java index 31f7923..d0bd5a3 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinTooShortException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoClientPinTooShortException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoInvalidCredentialException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoInvalidCredentialException.java index cb3e0d0..1ccd972 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoInvalidCredentialException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoInvalidCredentialException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoPresenceRequiredException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoPresenceRequiredException.java index 4ab44b2..e72375e 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoPresenceRequiredException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoPresenceRequiredException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNoCredentialException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNoCredentialException.java index 303c43b..ea7d8ac 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNoCredentialException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNoCredentialException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNotSupportedException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNotSupportedException.java index 761e964..45268b4 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNotSupportedException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoResidentKeyNotSupportedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoSecurityError.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoSecurityError.java index f90f6f2..9e1b79f 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoSecurityError.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoSecurityError.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoWrongKeyHandleException.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoWrongKeyHandleException.java index d86860f..1111fcc 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoWrongKeyHandleException.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/exceptions/FidoWrongKeyHandleException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/AuthenticationPin.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/AuthenticationPin.java index fb10e5a..0795536 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/AuthenticationPin.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/AuthenticationPin.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2AppletConnection.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2AppletConnection.java index aeac08a..823d1d1 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2AppletConnection.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2AppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduDescriber.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduDescriber.java index 0464472..426fd3b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduDescriber.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduDescriber.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduFactory.java index cedd366..40fbc98 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/Fido2CommandApduFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/GenericFido2SecurityKeyDialogPresenter.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/GenericFido2SecurityKeyDialogPresenter.java index 432c770..3c86209 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/GenericFido2SecurityKeyDialogPresenter.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/GenericFido2SecurityKeyDialogPresenter.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Ctap2Fido2OperationThread.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Ctap2Fido2OperationThread.java index 113598c..febd3c5 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Ctap2Fido2OperationThread.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Ctap2Fido2OperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManager.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManager.java index 5cb9330..a6a4ca7 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManager.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2OperationThread.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2OperationThread.java index ec72faa..07c2794 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2OperationThread.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/Fido2OperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/WebauthnFido2OperationThread.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/WebauthnFido2OperationThread.java index 37e8fa1..26ccc68 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/WebauthnFido2OperationThread.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/async/WebauthnFido2OperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborAttestationObjectSerializer.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborAttestationObjectSerializer.java index 92797d5..bb7c5df 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborAttestationObjectSerializer.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborAttestationObjectSerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborConstants.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborConstants.java index ac116fe..5b4c0ad 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborConstants.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborConstants.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborCtap1AttestationStatementUtil.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborCtap1AttestationStatementUtil.java index 575479b..0baed21 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborCtap1AttestationStatementUtil.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborCtap1AttestationStatementUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborPublicKeyCredentialDescriptorParser.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborPublicKeyCredentialDescriptorParser.java index 081429f..abb1516 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborPublicKeyCredentialDescriptorParser.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborPublicKeyCredentialDescriptorParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborUtils.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborUtils.java index e512f4f..bd641a3 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborUtils.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cbor/CborUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CoseIdentifiers.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CoseIdentifiers.java index 6acc2ba..00a3480 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CoseIdentifiers.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CoseIdentifiers.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CosePublicKeyUtils.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CosePublicKeyUtils.java index ee0dce0..7789d5c 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CosePublicKeyUtils.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/cose/CosePublicKeyUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborConstants.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborConstants.java index 1572696..83ed789 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborConstants.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborConstants.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborSerializer.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborSerializer.java index b79e162..c152be9 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborSerializer.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CborSerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Command.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Command.java index 435349f..800b47d 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Command.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Command.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CommandApduTransformer.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CommandApduTransformer.java index cf50a69..63e6ae6 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CommandApduTransformer.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2CommandApduTransformer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Exception.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Exception.java index 74f3b64..ecf4f2b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Exception.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Exception.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Response.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Response.java index 368de66..5ea3ecf 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Response.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2Response.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2ResponseFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2ResponseFactory.java index d8e55df..ba96e9d 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2ResponseFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/Ctap2ResponseFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/CtapErrorResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/CtapErrorResponse.java index 2558641..7a97a96 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/CtapErrorResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/CtapErrorResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPin.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPin.java index 483f74c..6abfd71 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPin.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPin.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponse.java index d80e5ad..124a8ed 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -34,9 +34,11 @@ public abstract class AuthenticatorClientPinResponse extends Ctap2Response { // KeyAgreement (0x01) COSE_Key Optional Authenticator key agreement public key in COSE_Key format. This will be used to establish a sharedSecret between platform and the authenticator. The COSE_Key-encoded public key MUST contain the optional "alg" parameter and MUST NOT contain any other optional parameters. The "alg" parameter MUST contain a COSEAlgorithmIdentifier value. @Nullable + @SuppressWarnings("mutable") public abstract byte[] keyAgreement(); // pinToken (0x02) Byte Array Optional Encrypted pinToken using sharedSecret to be used in subsequent authenticatorMakeCredential and authenticatorGetAssertion operations. @Nullable + @SuppressWarnings("mutable") public abstract byte[] pinToken(); // retries (0x03) Unsigned Integer Optional Number of PIN attempts remaining before lockout. This is optionally used to show in UI when collecting the PIN in Setting a new PIN, Changing existing PIN and Getting pinToken from the authenticator flows. @Nullable diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponseFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponseFactory.java index 964a9d9..cfe3ec5 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponseFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/clientPin/AuthenticatorClientPinResponseFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertion.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertion.java index fabef47..5880fe0 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertion.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertion.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponse.java index c2de4cc..6ed0a05 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -35,10 +35,13 @@ public abstract class AuthenticatorGetAssertionResponse extends Ctap2Response { // credential 0x01 definite length map (CBOR major type 5). @Nullable + @SuppressWarnings("mutable") public abstract byte[] credential(); // authData 0x02 byte string (CBOR major type 2). + @SuppressWarnings("mutable") public abstract byte[] authData(); // signature 0x03 byte string (CBOR major type 2). + @SuppressWarnings("mutable") public abstract byte[] signature(); // publicKeyCredentialUserEntity 0x04 definite length map (CBOR major type 5). @Nullable @@ -47,6 +50,7 @@ public abstract class AuthenticatorGetAssertionResponse extends Ctap2Response { @Nullable public abstract Integer numberOfCredentials(); + @SuppressWarnings("mutable") public abstract byte[] clientDataJSON(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponseFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponseFactory.java index 02a7fb7..1563e48 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponseFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getAssertion/AuthenticatorGetAssertionResponseFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfo.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfo.java index 7cd8958..b45f126 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfo.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponse.java index b268374..96abd1a 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponseFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponseFactory.java index 7366812..bbe7299 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponseFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorGetInfoResponseFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorOptions.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorOptions.java index 6f08aa4..dd58242 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorOptions.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getInfo/AuthenticatorOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getNextAssertion/AuthenticatorGetNextAssertion.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getNextAssertion/AuthenticatorGetNextAssertion.java index c2bbd4d..85e6d1b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getNextAssertion/AuthenticatorGetNextAssertion.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/getNextAssertion/AuthenticatorGetNextAssertion.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredential.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredential.java index ba661be..6ef783c 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredential.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredential.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponse.java index b98dec6..7aadcbb 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -34,10 +34,13 @@ public abstract class AuthenticatorMakeCredentialResponse extends Ctap2Response // fmt 0x01 text string (CBOR major type 3). public abstract String fmt(); // authData 0x02 byte string (CBOR major type 2). + @SuppressWarnings("mutable") public abstract byte[] authData(); // attStmt 0x03 definite length map (CBOR major type 5). + @SuppressWarnings("mutable") public abstract byte[] attStmt(); + @SuppressWarnings("mutable") public abstract byte[] clientDataJSON(); diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponseFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponseFactory.java index 4c484d7..6ff9fd0 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponseFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/makeCredential/AuthenticatorMakeCredentialResponseFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Command.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Command.java index 4dd0d87..d802183 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Command.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Command.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -32,6 +32,7 @@ @AutoValue public abstract class RawCtap2Command extends Ctap2Command { + @SuppressWarnings("mutable") public abstract byte[] data(); public Ctap2ResponseFactory getResponseFactory() { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Response.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Response.java index 8d5784b..4154891 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Response.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/rawCommand/RawCtap2Response.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,6 +31,7 @@ @AutoValue public abstract class RawCtap2Response extends Ctap2Response { + @SuppressWarnings("mutable") public abstract byte[] data(); static RawCtap2Response create(byte[] data) { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/reset/AuthenticatorReset.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/reset/AuthenticatorReset.java index 531933b..481cf8b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/reset/AuthenticatorReset.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/ctap2/commands/reset/AuthenticatorReset.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonCollectedClientDataSerializer.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonCollectedClientDataSerializer.java index 126221e..8b917be 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonCollectedClientDataSerializer.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonCollectedClientDataSerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonPublicKeyCredentialSerializer.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonPublicKeyCredentialSerializer.java index bf4aebe..b4be205 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonPublicKeyCredentialSerializer.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonPublicKeyCredentialSerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonWebauthnOptionsParser.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonWebauthnOptionsParser.java index 1f40009..f84a158 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonWebauthnOptionsParser.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/json/JsonWebauthnOptionsParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperation.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperation.java index 6d4917c..ad92080 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperation.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperation.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperationFactory.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperationFactory.java index b4d693b..d2a7a89 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperationFactory.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/WebauthnSecurityKeyOperationFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorGetAssertionCtap1Operation.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorGetAssertionCtap1Operation.java index 18952ee..0a40b76 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorGetAssertionCtap1Operation.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorGetAssertionCtap1Operation.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorMakeCredentialCtap1Operation.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorMakeCredentialCtap1Operation.java index 0ed4f7a..ba46757 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorMakeCredentialCtap1Operation.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/AuthenticatorMakeCredentialCtap1Operation.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateRequest.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateRequest.java index 206b3fa..d624204 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateRequest.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateRequest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -30,8 +30,11 @@ @AutoValue public abstract class U2fAuthenticateRequest { + @SuppressWarnings("mutable") abstract byte[] challengeParameter(); + @SuppressWarnings("mutable") abstract byte[] applicationParameter(); + @SuppressWarnings("mutable") abstract byte[] keyHandle(); public static U2fAuthenticateRequest create(byte[] challengeParameter, byte[] applicationParameter, byte[] keyHandle) { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateResponse.java index 24786c3..bc574c7 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fAuthenticateResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -35,6 +35,7 @@ public abstract class U2fAuthenticateResponse { abstract byte presence(); abstract int counter(); + @SuppressWarnings("mutable") abstract byte[] signature(); public static U2fAuthenticateResponse fromBytes(byte[] data) throws IOException { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fRegisterResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fRegisterResponse.java index a37914e..49ffd47 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fRegisterResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap1/U2fRegisterResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -34,9 +34,13 @@ @AutoValue public abstract class U2fRegisterResponse { + @SuppressWarnings("mutable") abstract byte[] publicKey(); + @SuppressWarnings("mutable") abstract byte[] keyHandle(); + @SuppressWarnings("mutable") abstract byte[] attestationCertificate(); + @SuppressWarnings("mutable") abstract byte[] signature(); public static U2fRegisterResponse fromBytes(byte[] data) throws IOException { diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorGetAssertionOperation.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorGetAssertionOperation.java index 3ad05ff..619ed1d 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorGetAssertionOperation.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorGetAssertionOperation.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorMakeCredentialOperation.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorMakeCredentialOperation.java index 16417c8..a5caa27 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorMakeCredentialOperation.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/operations/ctap2/AuthenticatorMakeCredentialOperation.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinAuthCryptoUtil.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinAuthCryptoUtil.java index eff0b86..70e8843 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinAuthCryptoUtil.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinAuthCryptoUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinProtocolV1.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinProtocolV1.java index 7bee477..bde6400 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinProtocolV1.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinProtocolV1.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinToken.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinToken.java index bd66805..3e50684 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinToken.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/pinauth/PinToken.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AndroidUtils.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AndroidUtils.java index 0257e85..23cce43 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AndroidUtils.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AndroidUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AnimatedVectorDrawableHelper.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AnimatedVectorDrawableHelper.java index 2b802bb..230e753 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AnimatedVectorDrawableHelper.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/AnimatedVectorDrawableHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/DerUtils.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/DerUtils.java index 0767084..fbd5f43 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/DerUtils.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/DerUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/WebsafeBase64.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/WebsafeBase64.java index 1ed6c39..316252f 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/WebsafeBase64.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/utils/WebsafeBase64.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/AuthenticatorDataParser.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/AuthenticatorDataParser.java index 5e60627..7477603 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/AuthenticatorDataParser.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/AuthenticatorDataParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/ConstructCredentialAlg.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/ConstructCredentialAlg.java index 199929c..3c1cfea 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/ConstructCredentialAlg.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/ConstructCredentialAlg.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnCommand.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnCommand.java index 05d81f5..631a6cf 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnCommand.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnCommand.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnResponse.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnResponse.java index fd0030d..6bbf378 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnResponse.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/internal/webauthn/WebauthnResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/GenericFido2SecurityKeyDialogFragment.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/GenericFido2SecurityKeyDialogFragment.java index f81841a..df0fa2b 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/GenericFido2SecurityKeyDialogFragment.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/GenericFido2SecurityKeyDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogFragment.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogFragment.java index 47ae672..196c713 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogFragment.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogOptions.java b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogOptions.java index 357b1f5..e2e4317 100644 --- a/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogOptions.java +++ b/hwsecurity/fido2/src/main/java/de/cotech/hw/fido2/ui/WebauthnDialogOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/Fido2SecurityKeyTest.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/Fido2SecurityKeyTest.java index fd1e6d3..cff4680 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/Fido2SecurityKeyTest.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/Fido2SecurityKeyTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/FakeFido2AppletConnection.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/FakeFido2AppletConnection.java index 9c8a727..78f3145 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/FakeFido2AppletConnection.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/FakeFido2AppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManagerTest.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManagerTest.java index 9823c4a..11a1221 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManagerTest.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2AsyncOperationManagerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2OperationThreadTest.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2OperationThreadTest.java index 54d920e..28629bc 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2OperationThreadTest.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/Fido2OperationThreadTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/FidoAsyncOperationManagerUtil.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/FidoAsyncOperationManagerUtil.java index ba8a605..bfda177 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/FidoAsyncOperationManagerUtil.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/FidoAsyncOperationManagerUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/TestFido2OperationThread.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/TestFido2OperationThread.java index 8662a80..6a6ac37 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/TestFido2OperationThread.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/fido2/internal/async/TestFido2OperationThread.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java index 081c6b1..82a064b 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/iso7816/ResponseApduUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java b/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java index 4aae876..2973b1f 100644 --- a/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java +++ b/hwsecurity/fido2/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/build.gradle b/hwsecurity/openpgp/build.gradle index 51851e0..7f8d5b3 100644 --- a/hwsecurity/openpgp/build.gradle +++ b/hwsecurity/openpgp/build.gradle @@ -6,19 +6,20 @@ dependencies { api project(':hwsecurity:core') implementation project(':hwsecurity:provider') - compileOnly project(':hwsecurity:ui') - compileOnly 'com.google.android.material:material:1.1.0' - implementation 'org.bouncycastle:bcprov-jdk15on:1.65' + compileOnly project(':hwsecurity:ui') + compileOnly 'com.google.android.material:material:1.3.0' + compileOnly 'androidx.annotation:annotation:1.1.0' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' - testImplementation 'junit:junit:4.12' - testImplementation 'org.robolectric:robolectric:3.2.2' + testImplementation 'androidx.annotation:annotation:1.1.0' + testImplementation 'junit:junit:4.13' + testImplementation 'org.robolectric:robolectric:3.8' testImplementation 'org.mockito:mockito-core:2.18.0' } @@ -96,24 +97,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-openpgp") + moduleName.set("hwsecurity-openpgp") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.openpgp.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/CardCapabilities.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/CardCapabilities.java index 0b50b4c..a3a9d39 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/CardCapabilities.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/CardCapabilities.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCapabilities.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCapabilities.java index 5137e6e..35bac76 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCapabilities.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCapabilities.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -45,9 +45,11 @@ public abstract class OpenPgpCapabilities { private static final byte[] EMPTY_FINGERPRINT = new byte[20]; + // Extended Capabilites flag bit offsets are defined on page 32 of [0] private final static int MASK_SM = 1 << 7; private final static int MASK_KEY_IMPORT = 1 << 5; private final static int MASK_ATTRIBUTES_CHANGABLE = 1 << 2; + private final static int MASK_KDF_DO = 1; private static final int MAX_PW1_LENGTH_INDEX = 1; private static final int MAX_PW3_LENGTH_INDEX = 3; @@ -91,6 +93,8 @@ public abstract class OpenPgpCapabilities { public abstract boolean isHasScp11bSm(); + public abstract boolean isHasKdf(); + abstract int getMaxGetChallengeLength(); public abstract int getMaxCardholderCertLength(); @@ -193,6 +197,8 @@ abstract static class Builder { abstract Builder hasScp11bSm(boolean hasScp11bSm); + abstract Builder hasKdf(boolean hasKdf); + abstract Builder maxGetChallengeLength(int maxResponseLen); abstract Builder maxCardholderCertLength(int maxCommandLen); @@ -207,6 +213,7 @@ public Builder() { hasSM(false); hasAesSm(false); hasScp11bSm(false); + hasKdf(false); maxGetChallengeLength(0); maxCardholderCertLength(0); maxSpecialDoLength(0); @@ -307,6 +314,8 @@ private void parseExtendedCaps(byte[] v) { hasScp11bSm(smType == 3); } + hasKdf((v[0] & MASK_KDF_DO) == 1); + maxGetChallengeLength(((v[2] & 0xff) << 8) + (v[3] & 0xff)); maxCardholderCertLength(((v[4] & 0xff) << 8) + (v[5] & 0xff)); maxSpecialDoLength(((v[6] & 0xff) << 8) + (v[7] & 0xff)); diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKey.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKey.java index 8b6b745..7b782c6 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKey.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -32,8 +32,6 @@ import androidx.annotation.WorkerThread; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.sec.SECObjectIdentifiers; -import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import java.io.IOException; import java.security.KeyPair; @@ -52,9 +50,12 @@ import de.cotech.hw.internal.transport.usb.UsbSecurityKeyTypes; import de.cotech.hw.openpgp.exceptions.OpenPgpPublicKeyUnavailableException; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.EcObjectIdentifiers; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyType; import de.cotech.hw.openpgp.internal.openpgp.OpenPgpAid; +import de.cotech.hw.openpgp.internal.openpgp.RsaKeyFormat; import de.cotech.hw.openpgp.internal.operations.ChangeKeyEccOp; import de.cotech.hw.openpgp.internal.operations.ChangeKeyRsaOp; import de.cotech.hw.openpgp.internal.operations.ModifyPinOp; @@ -66,7 +67,6 @@ import de.cotech.hw.provider.SecurityKeyPrivateKey.SecurityKeyRsaPrivateKey; import de.cotech.hw.secrets.ByteSecret; import de.cotech.hw.secrets.PinProvider; -import de.cotech.hw.util.HwTimber; @SuppressWarnings({"WeakerAccess", "unused"}) // public API @@ -78,7 +78,8 @@ public enum AlgorithmConfig { RSA_2048_ONLY_ENCRYPTION_UPLOAD, NIST_P256_GENERATE_ON_HARDWARE, NIST_P384_GENERATE_ON_HARDWARE, - NIST_P521_GENERATE_ON_HARDWARE + NIST_P521_GENERATE_ON_HARDWARE, + CURVE25519_GENERATE_ON_HARDWARE } public final OpenPgpAppletConnection openPgpAppletConnection; @@ -217,73 +218,77 @@ public PairedSecurityKey setupPairedKey(ByteSecret newPin, ByteSecret newPuk, Al wipeAndVerify(); } - try { - Date creationTime = new Date(); - ChangeKeyRsaOp changeKeyRsaOp = ChangeKeyRsaOp.create(openPgpAppletConnection); - - switch (algorithmConfig) { - case RSA_2048_UPLOAD: { - RsaEncryptionUtil rsaEncryptUtil = new RsaEncryptionUtil(); - KeyPair encryptKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); - KeyPair signKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); - KeyPair authKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); - byte[] encryptFingerprint = changeKeyRsaOp.changeKey(KeyType.ENCRYPT, encryptKeyPair, creationTime); - byte[] signFingerprint = changeKeyRsaOp.changeKey(KeyType.SIGN, signKeyPair, creationTime); - byte[] authFingerprint = changeKeyRsaOp.changeKey(KeyType.AUTH, authKeyPair, creationTime); - updatePinAndPukUsingDefaultPuk(newPin, newPuk); - - openPgpAppletConnection.refreshConnectionCapabilities(); - - return new PairedSecurityKey(getOpenPgpInstanceAid(), - encryptFingerprint, encryptKeyPair.getPublic(), - signFingerprint, signKeyPair.getPublic(), - authFingerprint, authKeyPair.getPublic() - ); - } - case RSA_2048_ONLY_ENCRYPTION_UPLOAD: { - RsaEncryptionUtil rsaEncryptUtil = new RsaEncryptionUtil(); - KeyPair encryptKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); - byte[] encryptFingerprint = changeKeyRsaOp.changeKey(KeyType.ENCRYPT, encryptKeyPair, creationTime); - - updatePinAndPukUsingDefaultPuk(newPin, newPuk); - - openPgpAppletConnection.refreshConnectionCapabilities(); - - return new PairedSecurityKey(getOpenPgpInstanceAid(), - encryptFingerprint, encryptKeyPair.getPublic(), - null, null, - null, null - ); - } - case NIST_P256_GENERATE_ON_HARDWARE: { - ASN1ObjectIdentifier curveOid = X9ObjectIdentifiers.prime256v1; - return generateEccKeys(newPin, newPuk, curveOid, creationTime); - } - case NIST_P384_GENERATE_ON_HARDWARE: { - ASN1ObjectIdentifier curveOid = SECObjectIdentifiers.secp384r1; - return generateEccKeys(newPin, newPuk, curveOid, creationTime); - } - case NIST_P521_GENERATE_ON_HARDWARE: { - ASN1ObjectIdentifier curveOid = SECObjectIdentifiers.secp521r1; - return generateEccKeys(newPin, newPuk, curveOid, creationTime); - } - default: { - throw new IOException("Unsupported AlgorithmConfig!"); - } + Date creationTime = new Date(); + ChangeKeyRsaOp changeKeyRsaOp = ChangeKeyRsaOp.create(openPgpAppletConnection); + + switch (algorithmConfig) { + case RSA_2048_UPLOAD: { + RsaEncryptionUtil rsaEncryptUtil = new RsaEncryptionUtil(); + KeyPair encryptKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); + KeyPair signKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); + KeyPair authKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); + byte[] encryptFingerprint = changeKeyRsaOp.changeKey(KeyType.ENCRYPT, encryptKeyPair, creationTime); + byte[] signFingerprint = changeKeyRsaOp.changeKey(KeyType.SIGN, signKeyPair, creationTime); + byte[] authFingerprint = changeKeyRsaOp.changeKey(KeyType.AUTH, authKeyPair, creationTime); + updatePinAndPukUsingDefaultPuk(newPin, newPuk); + + openPgpAppletConnection.refreshConnectionCapabilities(); + + return new PairedSecurityKey(getOpenPgpInstanceAid(), + encryptFingerprint, encryptKeyPair.getPublic(), + signFingerprint, signKeyPair.getPublic(), + authFingerprint, authKeyPair.getPublic() + ); + } + case RSA_2048_ONLY_ENCRYPTION_UPLOAD: { + RsaEncryptionUtil rsaEncryptUtil = new RsaEncryptionUtil(); + KeyPair encryptKeyPair = rsaEncryptUtil.generateRsa2048KeyPair(); + byte[] encryptFingerprint = changeKeyRsaOp.changeKey(KeyType.ENCRYPT, encryptKeyPair, creationTime); + + updatePinAndPukUsingDefaultPuk(newPin, newPuk); + + openPgpAppletConnection.refreshConnectionCapabilities(); + + return new PairedSecurityKey(getOpenPgpInstanceAid(), + encryptFingerprint, encryptKeyPair.getPublic(), + null, null, + null, null + ); + } + case NIST_P256_GENERATE_ON_HARDWARE: { + return generateEccKeys(newPin, newPuk, EcObjectIdentifiers.NIST_P_256, creationTime); + } + case NIST_P384_GENERATE_ON_HARDWARE: { + return generateEccKeys(newPin, newPuk, EcObjectIdentifiers.NIST_P_384, creationTime); + } + case NIST_P521_GENERATE_ON_HARDWARE: { + return generateEccKeys(newPin, newPuk, EcObjectIdentifiers.NIST_P_521, creationTime); + } + case CURVE25519_GENERATE_ON_HARDWARE: { + return generateEccKeys(newPin, newPuk, + EcObjectIdentifiers.X25519, EcObjectIdentifiers.ED25519, EcObjectIdentifiers.ED25519, + creationTime); + } + default: { + throw new IOException("Unsupported AlgorithmConfig!"); } - } catch (Exception e) { - HwTimber.e(e); - return null; } } private PairedSecurityKey generateEccKeys(ByteSecret newPin, ByteSecret newPuk, - ASN1ObjectIdentifier curveOid, Date creationTime) throws IOException { + ASN1ObjectIdentifier curveOid, + Date creationTime) throws IOException { + return generateEccKeys(newPin, newPuk, curveOid, curveOid, curveOid, creationTime); + } + + private PairedSecurityKey generateEccKeys(ByteSecret newPin, ByteSecret newPuk, + ASN1ObjectIdentifier encryptOid, ASN1ObjectIdentifier signOid, ASN1ObjectIdentifier authOid, + Date creationTime) throws IOException { ChangeKeyEccOp changeKeyEccOp = ChangeKeyEccOp.create(openPgpAppletConnection); - ECPublicKey encryptPublicKey = changeKeyEccOp.generateKey(KeyType.ENCRYPT, curveOid, creationTime); - ECPublicKey signPublicKey = changeKeyEccOp.generateKey(KeyType.SIGN, curveOid, creationTime); - ECPublicKey authPublicKey = changeKeyEccOp.generateKey(KeyType.AUTH, curveOid, creationTime); + PublicKey encryptPublicKey = changeKeyEccOp.generateKey(KeyType.ENCRYPT, encryptOid, creationTime); + PublicKey signPublicKey = changeKeyEccOp.generateKey(KeyType.SIGN, signOid, creationTime); + PublicKey authPublicKey = changeKeyEccOp.generateKey(KeyType.AUTH, authOid, creationTime); updatePinAndPukUsingDefaultPuk(newPin, newPuk); @@ -367,7 +372,6 @@ public boolean matchesPairedSecurityKey(PairedSecurityKey pairedSecurityKey) { return Arrays.equals(openPgpAppletConnection.getOpenPgpCapabilities().getFingerprintEncrypt(), pairedSecurityKey.getEncryptFingerprint()); } - @RestrictTo(Scope.LIBRARY_GROUP) @AnyThread public PrivateKey getJcaPrivateKeyForAuthentication(PinProvider pinProvider) { if (!CotechSecurityKeyProvider.isInstalled()) { @@ -375,17 +379,16 @@ public PrivateKey getJcaPrivateKeyForAuthentication(PinProvider pinProvider) { } SecurityKeyAuthenticator securityKeyAuthenticator = createSecurityKeyAuthenticator(pinProvider); - switch (openPgpAppletConnection.getOpenPgpCapabilities().getAuthKeyFormat().keyFormatType()) { - case RSAKeyFormatType: - return new SecurityKeyRsaPrivateKey(securityKeyAuthenticator); - case ECKeyFormatType: - return new SecurityKeyEcdsaPrivateKey(securityKeyAuthenticator); - default: - throw new IllegalStateException("Authentication key format not supported for this operation!"); + KeyFormat keyFormat = openPgpAppletConnection.getOpenPgpCapabilities().getAuthKeyFormat(); + if (keyFormat instanceof RsaKeyFormat) { + return new SecurityKeyRsaPrivateKey(securityKeyAuthenticator); + } else if (keyFormat instanceof EcKeyFormat) { + return new SecurityKeyEcdsaPrivateKey(securityKeyAuthenticator); + } else { + throw new IllegalStateException("Unsupported KeyFormat."); } } - @RestrictTo(Scope.LIBRARY_GROUP) public SecurityKeyAuthenticator createSecurityKeyAuthenticator(PinProvider pinProvider) { return new OpenPgpSecurityKeyAuthenticator(this, pinProvider); } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyAuthenticator.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyAuthenticator.java index edf3855..e30b9a6 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyAuthenticator.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -26,8 +26,11 @@ import androidx.annotation.WorkerThread; + import de.cotech.hw.SecurityKeyAuthenticator; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyType; import de.cotech.hw.openpgp.internal.operations.InternalAuthenticateOp; import de.cotech.hw.secrets.ByteSecret; @@ -53,12 +56,19 @@ public class OpenPgpSecurityKeyAuthenticator implements SecurityKeyAuthenticator public byte[] authenticatePresignedDigest(byte[] digest, String hashAlgo) throws IOException { ByteSecret pairedPin = pinProvider.getPin(openPgpSecurityKey.getOpenPgpInstanceAid()); - InternalAuthenticateOp psoDecryptOp = InternalAuthenticateOp.create(openPgpSecurityKey.openPgpAppletConnection); - return psoDecryptOp.calculateAuthenticationSignature(pairedPin, digest, hashAlgo); + InternalAuthenticateOp psoAuthenticateOp = InternalAuthenticateOp.create(openPgpSecurityKey.openPgpAppletConnection); + return psoAuthenticateOp.calculateAuthenticationSignature(pairedPin, digest, hashAlgo); } public byte[] authenticateWithDigest(byte[] challenge, String hashAlgo) throws IOException, NoSuchAlgorithmException { - byte[] digest = MessageDigest.getInstance(hashAlgo).digest(challenge); + byte[] digest; + KeyFormat keyFormat = openPgpSecurityKey.openPgpAppletConnection.getOpenPgpCapabilities().getAuthKeyFormat(); + if (keyFormat instanceof EcKeyFormat && ((EcKeyFormat) keyFormat).isEdDsa()) { + // Do not pre-hash the challenge for authentication with EdDSA (padding should be SHA-512) + digest = challenge; + } else { + digest = MessageDigest.getInstance(hashAlgo).digest(challenge); + } return authenticatePresignedDigest(digest, hashAlgo); } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionMode.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionMode.java index 274b9cc..2700fe0 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionMode.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionModeConfig.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionModeConfig.java index d1ba4cb..27f33c5 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionModeConfig.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyConnectionModeConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyDialogFragment.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyDialogFragment.java index fc183d6..c691e42 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyDialogFragment.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpSecurityKeyDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpLockedException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpLockedException.java index 416b293..d98235b 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpLockedException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpLockedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPinTooShortException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPinTooShortException.java index f1481c3..6b8a552 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPinTooShortException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPinTooShortException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPublicKeyUnavailableException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPublicKeyUnavailableException.java index 4fb887d..92dc4a9 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPublicKeyUnavailableException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpPublicKeyUnavailableException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpWrongPinException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpWrongPinException.java index 1bb0373..6d0a0b9 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpWrongPinException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/OpenPgpWrongPinException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/SecurityKeyTerminatedException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/SecurityKeyTerminatedException.java index f412555..0c2e404 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/SecurityKeyTerminatedException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/exceptions/SecurityKeyTerminatedException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpAppletConnection.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpAppletConnection.java index 5d45193..96350dd 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpAppletConnection.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpAppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -61,8 +61,10 @@ import de.cotech.hw.openpgp.exceptions.OpenPgpPinTooShortException; import de.cotech.hw.openpgp.exceptions.OpenPgpWrongPinException; import de.cotech.hw.openpgp.exceptions.SecurityKeyTerminatedException; +import de.cotech.hw.openpgp.internal.openpgp.KdfCalculator; import de.cotech.hw.openpgp.internal.openpgp.KeyType; -import de.cotech.hw.openpgp.internal.securemessaging.SCP11bSecureMessaging; +import de.cotech.hw.openpgp.internal.openpgp.KdfParameters; +import de.cotech.hw.openpgp.internal.securemessaging.Scp11bSecureMessaging; import de.cotech.hw.openpgp.internal.securemessaging.SecureMessaging; import de.cotech.hw.openpgp.internal.securemessaging.SecureMessagingException; import de.cotech.hw.secrets.ByteSecret; @@ -72,7 +74,12 @@ /** * This class provides a communication interface to OpenPGP applications on ISO SmartCard compliant * devices. - * For the full specs, see http://g10code.com/docs/openpgp-card-2.0.pdf + * For the full specs, see [0] + * + * References: + * [0] `Functional Specification of the OpenPGP application on ISO Smart Card Operating Systems` + * version 3.4.1 + * https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.1.pdf */ @RestrictTo(Scope.LIBRARY_GROUP) public class OpenPgpAppletConnection { @@ -90,6 +97,7 @@ public class OpenPgpAppletConnection { private SecurityKeyType securityKeyType; private CardCapabilities cardCapabilities; private OpenPgpCapabilities openPgpCapabilities; + private KdfParameters kdfParameters; private SecureMessaging secureMessaging; @@ -216,21 +224,6 @@ void determineSecurityKeyType() throws IOException { return; } -// CommandApdu selectFidesmoApdu = commandFactory.createSelectFileCommand(AID_PREFIX_FIDESMO); -// if (communicate(selectFidesmoApdu).isSuccess()) { -// securityKeyType = SecurityKeyType.FIDESMO; -// return; -// } - - /* We could determine if this is a yubikey here. The info isn't used at the moment, so we save the roundtrip - // AID from https://github.com/Yubico/ykneo-oath/blob/master/build.xml#L16 - CommandApdu selectYubicoApdu = commandFactory.createSelectFileCommand("A000000527200101"); - if (communicate(selectYubicoApdu).isSuccess()) { - securityKeyType = SecurityKeyType.YUBIKEY_UNKNOWN; - return; - } - */ - securityKeyType = SecurityKeyType.UNKNOWN; } @@ -386,7 +379,7 @@ private void smEstablishIfAvailable(KeyStore smKeyStore) throws IOException { try { long elapsedRealtimeStart = SystemClock.elapsedRealtime(); - secureMessaging = SCP11bSecureMessaging.establish(this, commandFactory, smKeyStore); + secureMessaging = Scp11bSecureMessaging.establish(this, commandFactory, smKeyStore); long elapsedTime = SystemClock.elapsedRealtime() - elapsedRealtimeStart; HwTimber.d("Established secure messaging in %d ms", elapsedTime); } catch (SecureMessagingException e) { @@ -430,14 +423,58 @@ public void clearSecureMessaging() { // region pin management + private byte[] calculateKdfIfNecessary(byte[] pin, KdfParameters.PasswordType type) throws IOException { + if (!openPgpCapabilities.isHasKdf()) { + HwTimber.d("KDF not supported, using normal PIN"); + return pin; + } + + KdfParameters kdfParameters = retrieveKdfDo(); + if (kdfParameters == null || !kdfParameters.isHasUsesKdf()) { + HwTimber.d("KDF supported, but not used, using normal PIN"); + return pin; + } else { + HwTimber.d("KDF supported and retrieved: %s", kdfParameters); + return KdfCalculator.calculateKdf(kdfParameters.forType(type), pin); + } + } + + private KdfParameters retrieveKdfDo() throws IOException { + if (kdfParameters != null) { + return kdfParameters; + } + + // query hardware for KDF-DO + // see page 18 of [0] + CommandApdu getKdfDoCommand = commandFactory.createGetDataKdf(); + ResponseApdu kdfDoResponse = communicateOrThrow(getKdfDoCommand); + byte[] kdfDo = kdfDoResponse.getData(); + + // empty KDF-DO means plain UTF-8 password is being used + // see page 19 of [0] + if (kdfDo.length == 0) { + return null; + } + + kdfParameters = KdfParameters.fromKdfDo(kdfDo); + + return kdfParameters; + } + public void verifyPinForSignature(ByteSecret pinSecret) throws IOException { if (isPw1ValidatedForSignature) { return; } byte[] pin = pinSecret.unsafeGetByteCopy(); - CommandApdu verifyPw1ForSignatureCommand = commandFactory.createVerifyPw1ForSignatureCommand(pin); + byte[] transformedPin = calculateKdfIfNecessary(pin, KdfParameters.PasswordType.PW1); + + CommandApdu verifyPw1ForSignatureCommand = commandFactory.createVerifyPw1ForSignatureCommand(transformedPin); + + // delete secrets from memory Arrays.fill(pin, (byte) 0); + Arrays.fill(transformedPin, (byte) 0); + ResponseApdu response = communicateOrThrow(verifyPw1ForSignatureCommand); isPw1ValidatedForSignature = true; @@ -449,8 +486,13 @@ public void verifyPinForOther(ByteSecret pinSecret) throws IOException { } byte[] pin = pinSecret.unsafeGetByteCopy(); - CommandApdu verifyPw1ForOtherCommand = commandFactory.createVerifyPw1ForOtherCommand(pin); + byte[] transformedPin = calculateKdfIfNecessary(pin, KdfParameters.PasswordType.PW1); + + CommandApdu verifyPw1ForOtherCommand = commandFactory.createVerifyPw1ForOtherCommand(transformedPin); + + // delete secrets from memory Arrays.fill(pin, (byte) 0); + Arrays.fill(transformedPin, (byte) 0); communicateOrThrow(verifyPw1ForOtherCommand); @@ -463,7 +505,14 @@ public void verifyPuk(ByteSecret pukSecret) throws IOException { } byte[] puk = pukSecret.unsafeGetByteCopy(); - CommandApdu verifyPw3Command = commandFactory.createVerifyPw3Command(puk); + byte[] transformedPuk = calculateKdfIfNecessary(puk, KdfParameters.PasswordType.PW3); + + CommandApdu verifyPw3Command = commandFactory.createVerifyPw3Command(transformedPuk); + + // delete secrets from memory + Arrays.fill(puk, (byte) 0); + Arrays.fill(transformedPuk, (byte) 0); + communicateOrThrow(verifyPw3Command); isPw3Validated = true; @@ -532,7 +581,6 @@ private static String parseHolderName(byte[] name) { try { return (new String(name, 4, name[3])).replace('<', ' '); } catch (IndexOutOfBoundsException e) { - // try-catch for https://github.com/FluffyKaon/OpenPGP-Card // Note: This should not happen, but happens with // https://github.com/FluffyKaon/OpenPGP-Card, thus return an empty string for now! diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCardUtils.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCardUtils.java similarity index 78% rename from hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCardUtils.java rename to hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCardUtils.java index 5eb688b..3dee1de 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/OpenPgpCardUtils.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCardUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -22,7 +22,7 @@ * along with this program. If not, see . */ -package de.cotech.hw.openpgp; +package de.cotech.hw.openpgp.internal; import java.io.ByteArrayOutputStream; @@ -35,10 +35,10 @@ import androidx.annotation.RestrictTo; import androidx.annotation.RestrictTo.Scope; -import de.cotech.hw.openpgp.internal.openpgp.ECKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyType; -import de.cotech.hw.openpgp.internal.openpgp.RSAKeyFormat; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import de.cotech.hw.openpgp.internal.openpgp.RsaKeyFormat; + import org.bouncycastle.util.Arrays; import org.bouncycastle.util.encoders.Hex; @@ -46,46 +46,65 @@ @RestrictTo(Scope.LIBRARY_GROUP) public class OpenPgpCardUtils { - public static byte[] createRSAPrivKeyTemplate(RSAPrivateCrtKey secretKey, KeyType slot, - RSAKeyFormat format) throws IOException { + private static byte[] generateLengthByteArray(int length) throws IOException { + if (length < 128) { + return new byte[]{(byte) length}; + } else if (length < 256) { + return new byte[]{(byte) 0x81, (byte) length}; + } else if (length < 65536) { + return new byte[]{(byte) 0x82, (byte) (length >> 8), (byte) (length & 0xFF)}; + } else { + throw new IOException("Unsupported key length"); + } + } + + public static byte[] createRsaPrivKeyTemplate(RSAPrivateCrtKey secretKey, KeyType slot, + RsaKeyFormat format) throws IOException { ByteArrayOutputStream stream = new ByteArrayOutputStream(), template = new ByteArrayOutputStream(), data = new ByteArrayOutputStream(), res = new ByteArrayOutputStream(); - int expLengthBytes = (format.getExponentLength() + 7) / 8; + int expLengthBytes = (format.exponentLength() + 7) / 8; // Public exponent template.write(new byte[]{(byte) 0x91, (byte) expLengthBytes}); writeBits(data, secretKey.getPublicExponent(), expLengthBytes); - final int modLengthBytes = format.getModulusLength() / 8; + final int modLengthBytes = format.modulusLength() / 8; + final byte[] lengthByteArray = generateLengthByteArray(modLengthBytes / 2); // Prime P, length modLengthBytes / 2 - template.write(Hex.decode("928180")); + template.write(Hex.decode("92")); + template.write(lengthByteArray); writeBits(data, secretKey.getPrimeP(), modLengthBytes / 2); // Prime Q, length modLengthBytes / 2 - template.write(Hex.decode("938180")); + template.write(Hex.decode("93")); + template.write(lengthByteArray); writeBits(data, secretKey.getPrimeQ(), modLengthBytes / 2); - if (format.getAlgorithmFormat().isIncludeCrt()) { + if (format.rsaImportFormat().isIncludeCrt()) { // Coefficient (1/q mod p), length modLengthBytes / 2 - template.write(Hex.decode("948180")); + template.write(Hex.decode("94")); + template.write(lengthByteArray); writeBits(data, secretKey.getCrtCoefficient(), modLengthBytes / 2); // Prime exponent P (d mod (p - 1)), length modLengthBytes / 2 - template.write(Hex.decode("958180")); + template.write(Hex.decode("95")); + template.write(lengthByteArray); writeBits(data, secretKey.getPrimeExponentP(), modLengthBytes / 2); // Prime exponent Q (d mod (1 - 1)), length modLengthBytes / 2 - template.write(Hex.decode("968180")); + template.write(Hex.decode("96")); + template.write(lengthByteArray); writeBits(data, secretKey.getPrimeExponentQ(), modLengthBytes / 2); } - if (format.getAlgorithmFormat().isIncludeModulus()) { + if (format.rsaImportFormat().isIncludeModulus()) { // Modulus, length modLengthBytes, last item in private key template - template.write(Hex.decode("97820100")); + template.write(Hex.decode("97")); + template.write(generateLengthByteArray(modLengthBytes)); writeBits(data, secretKey.getModulus(), modLengthBytes); } @@ -114,8 +133,8 @@ public static byte[] createRSAPrivKeyTemplate(RSAPrivateCrtKey secretKey, KeyTyp return res.toByteArray(); } - public static byte[] createECPrivKeyTemplate(ECPrivateKey secretKey, ECPublicKey publicKey, KeyType slot, - ECKeyFormat format) throws IOException { + public static byte[] createEcPrivKeyTemplate(ECPrivateKey secretKey, ECPublicKey publicKey, KeyType slot, + EcKeyFormat format) throws IOException { ByteArrayOutputStream stream = new ByteArrayOutputStream(), template = new ByteArrayOutputStream(), data = new ByteArrayOutputStream(), @@ -127,7 +146,7 @@ public static byte[] createECPrivKeyTemplate(ECPrivateKey secretKey, ECPublicKey template.write(Hex.decode("92")); template.write(encodeLength(data.size())); - if (format.ecAlgorithmFormat().isWithPubkey()) { + if (format.withPubkey()) { data.write(Hex.decode("04")); writeBits(data, publicKey.getW().getAffineX(), csize); writeBits(data, publicKey.getW().getAffineY(), csize); diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduDescriber.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduDescriber.java index 44fedda..7348aa5 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduDescriber.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduDescriber.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -167,6 +167,9 @@ private void describeDataObjectP1P2(CommandApdu commandApdu, StringBuilder build case OpenPgpCommandApduFactory.DO_GET_DATA_CARDHOLDER_RELATED_DATA: builder.append(" [cardholder related]"); break; + case OpenPgpCommandApduFactory.DO_GET_DATA_KDF: + builder.append(" [kdf do]"); + break; default: builder.append(" [unknown DO 0x").append(Integer.toHexString(p1p2)).append("]"); break; diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduFactory.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduFactory.java index 7309c67..626d4a4 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduFactory.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpCommandApduFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -88,6 +88,7 @@ public class OpenPgpCommandApduFactory { static final int DO_GET_DATA_URL = 0x5F50; static final int DO_GET_DATA_CARDHOLDER_RELATED_DATA = 0x0065; static final int DO_GET_DATA_APPLICATION_RELATED_DATA = 0x006E; + static final int DO_GET_DATA_KDF = 0x00f9; static final int INS_PUT_DATA = 0xDA; @@ -235,6 +236,11 @@ public CommandApdu createGetDataApplicationRelatedData() { return createGetDataCommand(DO_GET_DATA_APPLICATION_RELATED_DATA).withDescriber(DESCRIBER); } + @NonNull + public CommandApdu createGetDataKdf() { + return createGetDataCommand(DO_GET_DATA_KDF).withDescriber(DESCRIBER); + } + // ISO/IEC 7816-4 // SELECT command always as short APDU @NonNull diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpSecurityKeyDialogPresenter.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpSecurityKeyDialogPresenter.java index f7c6a20..82057b0 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpSecurityKeyDialogPresenter.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/OpenPgpSecurityKeyDialogPresenter.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormat.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormat.java deleted file mode 100644 index 5d33f31..0000000 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormat.java +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright (C) 2018-2020 Confidential Technologies GmbH - * - * You can purchase a commercial license at https://hwsecurity.dev. - * Buying such a license is mandatory as soon as you develop commercial - * activities involving this program without disclosing the source code - * of your own applications. - * - * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package de.cotech.hw.openpgp.internal.openpgp; - - -import java.io.IOException; - -import androidx.annotation.Nullable; -import androidx.annotation.RestrictTo; -import androidx.annotation.RestrictTo.Scope; - -import com.google.auto.value.AutoValue; - -import org.bouncycastle.asn1.ASN1ObjectIdentifier; - - -// 4.3.3.6 Algorithm Attributes -@RestrictTo(Scope.LIBRARY_GROUP) -@AutoValue -public abstract class ECKeyFormat extends KeyFormat { - - @Nullable - public abstract ASN1ObjectIdentifier curveOid(); - - @Nullable // TODO - public abstract ECAlgorithmFormat ecAlgorithmFormat(); - - private static final byte ATTRS_IMPORT_FORMAT_WITH_PUBKEY = (byte) 0xff; - - ECKeyFormat() { - super(KeyFormatType.ECKeyFormatType); - } - - public static KeyFormat getInstance(ASN1ObjectIdentifier oid, ECAlgorithmFormat from) { - return new AutoValue_ECKeyFormat(oid, from); - } - - public static ECKeyFormat getInstanceECDSAwithOid(ASN1ObjectIdentifier curveOid) { - return new AutoValue_ECKeyFormat(curveOid, ECAlgorithmFormat.ECDSA_WITH_PUBKEY); - } - - public static ECKeyFormat getInstanceECDHwithOid(ASN1ObjectIdentifier curveOid) { - return new AutoValue_ECKeyFormat(curveOid, ECAlgorithmFormat.ECDH_WITH_PUBKEY); - } - - public static KeyFormat getInstanceFromBytes(byte[] bytes) { - if (bytes.length < 2) { - throw new IllegalArgumentException("Bad length for EC attributes"); - } - - int len = bytes.length - 1; - if (bytes[bytes.length - 1] == ATTRS_IMPORT_FORMAT_WITH_PUBKEY) { - len -= 1; - } - - final byte[] boid = new byte[2 + len]; - boid[0] = (byte) 0x06; - boid[1] = (byte) len; - System.arraycopy(bytes, 1, boid, 2, len); - final ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(boid); - return getInstance(oid, ECKeyFormat.ECAlgorithmFormat.from(bytes[0], bytes[bytes.length - 1])); - } - - public byte[] toBytes(KeyType slot) { - byte[] oid; - try { - oid = curveOid().getEncoded(); - } catch (IOException e) { - throw new IllegalStateException("Failed to encode curve oid!"); - } - byte[] attrs = new byte[1 + (oid.length - 2) + 1]; - - attrs[0] = ecAlgorithmFormat().getAlgorithmId(); - System.arraycopy(oid, 2, attrs, 1, (oid.length - 2)); - attrs[attrs.length - 1] = ATTRS_IMPORT_FORMAT_WITH_PUBKEY; - - return attrs; - } - - @Override - public KeyFormatParser getKeyFormatParser() { - return new ECKeyFormatParser(curveOid()); - } - - public enum ECAlgorithmFormat { - ECDH((byte) PublicKeyAlgorithmTags.ECDH, true, false), - ECDH_WITH_PUBKEY((byte) PublicKeyAlgorithmTags.ECDH, true, true), - ECDSA((byte) PublicKeyAlgorithmTags.ECDSA, false, false), - ECDSA_WITH_PUBKEY((byte)PublicKeyAlgorithmTags.ECDSA, false, true); - - private final byte mAlgorithmId; - private final boolean mIsECDH; - private final boolean mWithPubkey; - - ECAlgorithmFormat(final byte algorithmId, final boolean isECDH, final boolean withPubkey) { - mAlgorithmId = algorithmId; - mIsECDH = isECDH; - mWithPubkey = withPubkey; - } - - public static ECKeyFormat.ECAlgorithmFormat from(final byte bFirst, final byte bLast) { - for (ECKeyFormat.ECAlgorithmFormat format : values()) { - if (format.mAlgorithmId == bFirst && - ((bLast == ATTRS_IMPORT_FORMAT_WITH_PUBKEY) == format.isWithPubkey())) { - return format; - } - } - return null; - } - - public final byte getAlgorithmId() { - return mAlgorithmId; - } - - public final boolean isECDH() { - return mIsECDH; - } - - public final boolean isWithPubkey() { - return mWithPubkey; - } - } -} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormat.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormat.java new file mode 100644 index 0000000..ca859a6 --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormat.java @@ -0,0 +1,117 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import androidx.annotation.RestrictTo; +import androidx.annotation.RestrictTo.Scope; + +import com.google.auto.value.AutoValue; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; + + +// OpenPGP Card Spec: Algorithm Attributes: ECC +@RestrictTo(Scope.LIBRARY_GROUP) +@AutoValue +public abstract class EcKeyFormat extends KeyFormat { + + public abstract int algorithmId(); + + public abstract ASN1ObjectIdentifier curveOid(); + + public abstract boolean withPubkey(); + + private static final byte ATTRS_IMPORT_FORMAT_WITH_PUBKEY = (byte) 0xff; + + public static EcKeyFormat getInstance(int algorithmId, ASN1ObjectIdentifier oid, boolean withPubkey) { + return new AutoValue_EcKeyFormat(algorithmId, oid, withPubkey); + } + + public static EcKeyFormat getInstanceForKeyGeneration(KeyType keyType, ASN1ObjectIdentifier oidAsn1) { + if (keyType == KeyType.ENCRYPT) { + return getInstance(PublicKeyAlgorithmTags.ECDH, oidAsn1, true); + } else { // SIGN, AUTH + if (EcObjectIdentifiers.ED25519.equals(oidAsn1)) { + return getInstance(PublicKeyAlgorithmTags.EDDSA, oidAsn1, true); + } else { + return getInstance(PublicKeyAlgorithmTags.ECDSA, oidAsn1, true); + } + } + } + + public static EcKeyFormat getInstanceFromBytes(byte[] bytes) { + if (bytes.length < 2) { + throw new IllegalArgumentException("Bad length for EC attributes"); + } + + int algorithmId = bytes[0]; + int oidLen = bytes.length - 1; + + boolean withPubkey = false; + if (bytes[bytes.length - 1] == ATTRS_IMPORT_FORMAT_WITH_PUBKEY) { + withPubkey = true; + oidLen -= 1; + } + + final byte[] oidField = new byte[oidLen]; + System.arraycopy(bytes, 1, oidField, 0, oidLen); + ASN1ObjectIdentifier oid = EcObjectIdentifiers.parseOid(oidField); + + return getInstance(algorithmId, oid, withPubkey); + } + + public byte[] toBytes(KeyType slot) { + byte[] oidField = EcObjectIdentifiers.asn1ToOidField(curveOid()); + + int len = 1 + oidField.length; + if (withPubkey()) { + len += 1; + } + byte[] attrs = new byte[len]; + + attrs[0] = (byte) algorithmId(); + System.arraycopy(oidField, 0, attrs, 1, oidField.length); + if (withPubkey()) { + attrs[len - 1] = ATTRS_IMPORT_FORMAT_WITH_PUBKEY; + } + + return attrs; + } + + public boolean isX25519() { + return EcObjectIdentifiers.X25519.equals(curveOid()); + } + + public final boolean isEdDsa() { + return algorithmId() == PublicKeyAlgorithmTags.EDDSA; + } + + @Override + public KeyFormatParser getKeyFormatParser() { + return new EcKeyFormatParser(curveOid()); + } + +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormatParser.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormatParser.java similarity index 52% rename from hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormatParser.java rename to hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormatParser.java index 9c632f0..9300a78 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/ECKeyFormatParser.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcKeyFormatParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -25,58 +25,79 @@ package de.cotech.hw.openpgp.internal.openpgp; +import androidx.annotation.RestrictTo; +import androidx.annotation.RestrictTo.Scope; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x9.ECNamedCurveTable; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.jce.ECPointUtil; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; + import java.io.IOException; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; import java.security.interfaces.ECPublicKey; import java.security.spec.ECPoint; import java.security.spec.ECPublicKeySpec; import java.security.spec.InvalidKeySpecException; -import androidx.annotation.RestrictTo; -import androidx.annotation.RestrictTo.Scope; - import de.cotech.hw.internal.iso7816.Iso7816TLV; - -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.x9.ECNamedCurveTable; -import org.bouncycastle.asn1.x9.X9ECParameters; -import org.bouncycastle.jce.ECPointUtil; -import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import de.cotech.hw.util.Hex; +import de.cotech.hw.util.HwTimber; +import de.cotech.hw.util.Hwsecurity25519PublicKey; @RestrictTo(Scope.LIBRARY_GROUP) -public class ECKeyFormatParser implements KeyFormatParser { +public class EcKeyFormatParser implements KeyFormatParser { private static final int DO_ECC_PUBKEY_TAG = 0x86; private final ASN1ObjectIdentifier curveOid; - ECKeyFormatParser(ASN1ObjectIdentifier curveOid) { + EcKeyFormatParser(ASN1ObjectIdentifier curveOid) { this.curveOid = curveOid; } @Override - public ECPublicKey parseKey(byte[] publicKeyBytes) throws IOException { + public PublicKey parseKey(byte[] publicKeyBytes) throws IOException { Iso7816TLV publicKeyTlv = Iso7816TLV.readSingle(publicKeyBytes, true); Iso7816TLV eccEncodedPoints = Iso7816TLV.findRecursive(publicKeyTlv, DO_ECC_PUBKEY_TAG); if (eccEncodedPoints == null) { throw new IOException("Missing ECC public key data (tag 0x86)"); } + byte[] pEnc = eccEncodedPoints.mV; - String curveName = ECNamedCurveTable.getName(curveOid); - X9ECParameters spec = ECNamedCurveTable.getByOID(curveOid); - if (spec == null) { - throw new IOException("Unknown curve OID: " + curveOid.getId()); - } + if (EcObjectIdentifiers.X25519.equals(curveOid)) { + Hwsecurity25519PublicKey publicKey = new Hwsecurity25519PublicKey(pEnc, "X25519"); + + HwTimber.d("ECC key parsed as X25519. Returned as Hwsecurity25519PublicKey wrapper object"); + return publicKey; + } else if (EcObjectIdentifiers.ED25519.equals(curveOid)) { + Hwsecurity25519PublicKey publicKey = new Hwsecurity25519PublicKey(pEnc, "Ed25519"); + + HwTimber.d("ECC key parsed as Ed25519. Returned as Hwsecurity25519PublicKey wrapper object"); + return publicKey; + } else { + String curveName = ECNamedCurveTable.getName(curveOid); + X9ECParameters curveParams = ECNamedCurveTable.getByOID(curveOid); + if (curveParams == null) { + throw new IOException("Unknown curve OID: " + curveOid.getId()); + } - ECNamedCurveSpec params = new ECNamedCurveSpec(curveName, spec.getCurve(), spec.getG(), spec.getN()); - ECPoint point = ECPointUtil.decodePoint(params.getCurve(), eccEncodedPoints.mV); - ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params); - try { - return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(pubKeySpec); - } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { - throw new IOException(e); + try { + ECNamedCurveSpec params = new ECNamedCurveSpec(curveName, curveParams.getCurve(), curveParams.getG(), curveParams.getN()); + ECPoint point = ECPointUtil.decodePoint(params.getCurve(), pEnc); + ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params); + ECPublicKey publicKey = (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(pubKeySpec); + + HwTimber.d("ECC key parsed as %s. Returned as ECPublicKey object.", curveName); + return publicKey; + } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { + throw new IOException(e); + } } } + } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcObjectIdentifiers.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcObjectIdentifiers.java new file mode 100644 index 0000000..532c540 --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EcObjectIdentifiers.java @@ -0,0 +1,101 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import androidx.annotation.RestrictTo; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers; +import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers; +import org.bouncycastle.asn1.sec.SECObjectIdentifiers; +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; + +import java.io.IOException; +import java.util.Arrays; +import java.util.HashSet; + +import de.cotech.hw.util.HwTimber; + +// https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-10#section-9.2 +@RestrictTo(RestrictTo.Scope.LIBRARY_GROUP) +public class EcObjectIdentifiers { + + public static final ASN1ObjectIdentifier NIST_P_256 = SECObjectIdentifiers.secp256r1; + public static final ASN1ObjectIdentifier NIST_P_384 = SECObjectIdentifiers.secp384r1; + public static final ASN1ObjectIdentifier NIST_P_521 = SECObjectIdentifiers.secp521r1; + public static final ASN1ObjectIdentifier BRAINPOOL_P256_R1 = TeleTrusTObjectIdentifiers.brainpoolP256r1; + public static final ASN1ObjectIdentifier BRAINPOOL_P512_R1 = TeleTrusTObjectIdentifiers.brainpoolP512r1; + public static final ASN1ObjectIdentifier ED25519 = GNUObjectIdentifiers.Ed25519; // for use with EdDSA + public static final ASN1ObjectIdentifier X25519 = CryptlibObjectIdentifiers.curvey25519; // for use with ECDH + + public static HashSet sOids = new HashSet<>(Arrays.asList( + NIST_P_256, NIST_P_384, NIST_P_521, BRAINPOOL_P256_R1, BRAINPOOL_P512_R1, ED25519, X25519 + )); + + public static ASN1ObjectIdentifier parseOid(byte[] oidField) { + ASN1ObjectIdentifier asn1CurveOid = oidFieldToOidAsn1(oidField); + if (sOids.contains(asn1CurveOid)) { + return asn1CurveOid; + } + HwTimber.w("Unknown curve OID: %s. Could be YubiKey firmware bug < 5.2.8. Trying again with last byte removed.", asn1CurveOid.getId()); + + // https://bugs.chromium.org/p/chromium/issues/detail?id=1120933#c10 + // The OpenPGP applet of a Yubikey with firmware version below 5.2.8 appends + // a potentially arbitrary byte to the intended byte representation of an ECC + // curve OID. This case is handled by retrying the decoding with the last + // byte stripped if the resulting OID does not label a known curve. + byte[] oidRemoveLastByte = Arrays.copyOf(oidField, oidField.length - 1); + ASN1ObjectIdentifier asn1CurveOidYubikey = oidFieldToOidAsn1(oidRemoveLastByte); + if (sOids.contains(asn1CurveOidYubikey)) { + HwTimber.w("Detected curve OID: %s", asn1CurveOidYubikey.getId()); + } else { + HwTimber.e("Still Unknown curve OID: %s", asn1CurveOidYubikey.getId()); + } + return asn1CurveOidYubikey; + } + + public static byte[] asn1ToOidField(ASN1ObjectIdentifier oidAsn1) { + byte[] encodedAsn1Oid; + try { + encodedAsn1Oid = oidAsn1.getEncoded(); + } catch (IOException e) { + throw new IllegalStateException("Failed to encode curve OID!"); + } + byte[] oidField = new byte[encodedAsn1Oid.length - 2]; + System.arraycopy(encodedAsn1Oid, 2, oidField, 0, encodedAsn1Oid.length - 2); + + return oidField; + } + + public static ASN1ObjectIdentifier oidFieldToOidAsn1(byte[] oidField) { + final byte[] boid = new byte[2 + oidField.length]; + boid[0] = (byte) 0x06; + boid[1] = (byte) oidField.length; + System.arraycopy(oidField, 0, boid, 2, oidField.length); + return ASN1ObjectIdentifier.getInstance(boid); + } + +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfCalculator.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfCalculator.java new file mode 100644 index 0000000..facea9f --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfCalculator.java @@ -0,0 +1,83 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + +import androidx.annotation.RestrictTo; + +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; + +import java.util.Arrays; + +// References: +// [0] RFC 4880 `OpenPGP Message Format` +@RestrictTo(RestrictTo.Scope.LIBRARY_GROUP) +public class KdfCalculator { + public static class KdfCalculatorArguments { + public KdfParameters.HashType digestAlgorithm; + public byte[] salt; + public int iterations; + } + + public static byte[] calculateKdf(KdfCalculatorArguments kdfCalculatorArguments, byte[] pin) { + Digest digester; + switch (kdfCalculatorArguments.digestAlgorithm) { + case SHA256: + digester = new SHA256Digest(); + break; + case SHA512: + digester = new SHA512Digest(); + break; + default: + throw new RuntimeException("Unknown hash algorithm!"); + } + byte[] salt = kdfCalculatorArguments.salt; + int iterations = kdfCalculatorArguments.iterations; + + // prepare input to hash function + byte[] data = new byte[salt.length + pin.length]; + System.arraycopy(salt, 0, data, 0, salt.length); + System.arraycopy(pin, 0, data, salt.length, pin.length); + + // hash data repeatedly + // the iteration count is actually the number of octets to be hashed + // see 3.7.1.2 of [0] + int q = iterations / data.length; + int r = iterations % data.length; + for (int i = 0; i < q; i++) { + digester.update(data, 0, data.length); + } + digester.update(data, 0, r); + + byte[] digest = new byte[digester.getDigestSize()]; + digester.doFinal(digest, 0); + + // delete secrets from memory + Arrays.fill(data, (byte) 0); + + return digest; + } +} \ No newline at end of file diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfParameters.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfParameters.java new file mode 100644 index 0000000..82ad06c --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KdfParameters.java @@ -0,0 +1,185 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import androidx.annotation.RestrictTo; + +import com.google.auto.value.AutoValue; + +import java.io.IOException; +import java.nio.ByteBuffer; + +import de.cotech.hw.internal.iso7816.Iso7816TLV; + +@SuppressWarnings("unused") // just expose all included data +@AutoValue +@RestrictTo(RestrictTo.Scope.LIBRARY_GROUP) +public abstract class KdfParameters { + + public enum HashType { + SHA256, SHA512 + } + + public enum PasswordType { + PW1, PW2, PW3 + } + + public abstract HashType getDigestAlgorithm(); + + public abstract int getIterations(); + + @SuppressWarnings("mutable") + public abstract byte[] getSaltPw1(); + + @SuppressWarnings("mutable") + public abstract byte[] getSaltPw2(); + + @SuppressWarnings("mutable") + public abstract byte[] getSaltPw3(); + + @SuppressWarnings("mutable") + public abstract byte[] getHashUser(); + + @SuppressWarnings("mutable") + public abstract byte[] getHashAdmin(); + + public abstract boolean isHasUsesKdf(); + + + public static KdfParameters fromKdfDo(byte[] kdfDo) throws IOException { + // parse elements of KDF-DO + Iso7816TLV[] tlvs = Iso7816TLV.readList(kdfDo, false); + return new AutoValue_KdfParameters.Builder().parseKdfTLVs(tlvs).build(); + } + + public KdfCalculator.KdfCalculatorArguments forType(PasswordType passwordType) { + byte[] salt = null; + // select salt based on the specified password type + switch (passwordType) { + case PW1: + salt = getSaltPw1(); + break; + case PW2: + salt = getSaltPw2(); + break; + case PW3: + salt = getSaltPw3(); + break; + } + KdfCalculator.KdfCalculatorArguments arguments = new KdfCalculator.KdfCalculatorArguments(); + arguments.digestAlgorithm = getDigestAlgorithm(); + arguments.salt = salt; + arguments.iterations = getIterations(); + return arguments; + } + + @AutoValue.Builder + abstract static class Builder { + abstract Builder digestAlgorithm(HashType digestAlgorithm); + + abstract Builder iterations(int iterations); + + abstract Builder saltPw1(byte[] saltPw1); + + abstract Builder saltPw2(byte[] saltPw2); + + abstract Builder saltPw3(byte[] saltPw3); + + abstract Builder hashUser(byte[] hashUser); + + abstract Builder hashAdmin(byte[] hashAdmin); + + abstract Builder hasUsesKdf(boolean hasUsesKdf); + + abstract KdfParameters build(); + + public Builder() { + hasUsesKdf(false); + digestAlgorithm(HashType.SHA256); + iterations(0); + saltPw1(new byte[0]); + saltPw2(new byte[0]); + saltPw3(new byte[0]); + hashUser(new byte[0]); + hashAdmin(new byte[0]); + } + + Builder parseKdfTLVs(Iso7816TLV[] tlvs) throws IOException { + for (Iso7816TLV tlv : tlvs) { + switch (tlv.mT) { + case 0x81: + switch (tlv.mV[0]) { + case (byte) 0x00: + // no KDF, plain password + hasUsesKdf(false); + break; + case (byte) 0x03: + // using KDF + hasUsesKdf(true); + break; + default: + throw new IOException("Unknown KDF algorithm!"); + } + break; + case 0x82: + // hash algorithm + switch (tlv.mV[0]) { + case (byte) 0x08: // SHA256 + digestAlgorithm(HashType.SHA256); + break; + case (byte) 0x0a: // SHA512 + digestAlgorithm(HashType.SHA512); + break; + default: + throw new IOException("Unknown hash algorithm!"); + } + break; + case 0x83: + // iteration count + ByteBuffer buf = ByteBuffer.wrap(tlv.mV); + iterations(buf.getInt()); + break; + case 0x84: + saltPw1(tlv.mV); + break; + case 0x85: + saltPw2(tlv.mV); + break; + case 0x86: + saltPw3(tlv.mV); + break; + case 0x87: + hashUser(tlv.mV); + break; + case 0x88: + hashAdmin(tlv.mV); + break; + } + } + return this; + } + } +} \ No newline at end of file diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormat.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormat.java index 84a2d96..b7562df 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormat.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormat.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,31 +31,14 @@ @RestrictTo(Scope.LIBRARY_GROUP) public abstract class KeyFormat { - public enum KeyFormatType { - RSAKeyFormatType, - ECKeyFormatType, - EdDSAKeyFormatType - } - - private final KeyFormatType mKeyFormatType; - - KeyFormat(final KeyFormatType keyFormatType) { - mKeyFormatType = keyFormatType; - } - - public final KeyFormatType keyFormatType() { - return mKeyFormatType; - } - public static KeyFormat fromBytes(byte[] bytes) { switch (bytes[0]) { case PublicKeyAlgorithmTags.RSA_GENERAL: - return RSAKeyFormat.fromBytes(bytes); + return RsaKeyFormat.getInstanceFromBytes(bytes); case PublicKeyAlgorithmTags.ECDH: case PublicKeyAlgorithmTags.ECDSA: - return ECKeyFormat.getInstanceFromBytes(bytes); case PublicKeyAlgorithmTags.EDDSA: - return new EdDSAKeyFormat(); + return EcKeyFormat.getInstanceFromBytes(bytes); default: throw new IllegalArgumentException("Unsupported Algorithm ID " + bytes[0]); } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormatParser.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormatParser.java index 81105a3..87f0071 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormatParser.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyFormatParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyType.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyType.java index a7575c0..4fea74b 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyType.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/KeyType.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -31,41 +31,35 @@ @RestrictTo(Scope.LIBRARY_GROUP) public enum KeyType { - SIGN(0, 0xB6, 0xCE, 0xC7, 0xC1), - ENCRYPT(1, 0xB8, 0xCF, 0xC8, 0xC2), - AUTH(2, 0xA4, 0xD0, 0xC9, 0xC3); + SIGN(0xB6, 0xCE, 0xC7, 0xC1), + ENCRYPT(0xB8, 0xCF, 0xC8, 0xC2), + AUTH(0xA4, 0xD0, 0xC9, 0xC3); - private final int mIdx; - private final int mSlot; - private final int mTimestampObjectId; - private final int mFingerprintObjectId; - private final int mAlgoAttributeSlot; + private final int slot; + private final int timestampObjectId; + private final int fingerprintObjectId; + private final int algoAttributeSlot; - KeyType(int idx, int slot, int timestampObjectId, int fingerprintObjectId, int algoAttributeSlot) { - this.mIdx = idx; - this.mSlot = slot; - this.mTimestampObjectId = timestampObjectId; - this.mFingerprintObjectId = fingerprintObjectId; - this.mAlgoAttributeSlot = algoAttributeSlot; - } - - public int getIdx() { - return mIdx; + KeyType(int slot, int timestampObjectId, int fingerprintObjectId, int algoAttributeSlot) { + this.slot = slot; + this.timestampObjectId = timestampObjectId; + this.fingerprintObjectId = fingerprintObjectId; + this.algoAttributeSlot = algoAttributeSlot; } public int getSlot() { - return mSlot; + return slot; } public int getTimestampObjectId() { - return mTimestampObjectId; + return timestampObjectId; } public int getFingerprintObjectId() { - return mFingerprintObjectId; + return fingerprintObjectId; } public int getAlgoAttributeSlot() { - return mAlgoAttributeSlot; + return algoAttributeSlot; } } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/OpenPgpAid.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/OpenPgpAid.java index 3d71f59..cdb1a88 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/OpenPgpAid.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/OpenPgpAid.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -41,12 +41,14 @@ @AutoValue public abstract class OpenPgpAid { + @SuppressWarnings("mutable") public abstract byte[] getAid(); public abstract Version getOpenPgpSpecVersion(); public abstract int getManufacturer(); + @SuppressWarnings("mutable") public abstract byte[] getSerialNumber(); // https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg-verein.git;a=blob_plain;f=office/misc/OpenPGP-Card-Vendors diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PgpFingerprintCalculator.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PgpFingerprintCalculator.java deleted file mode 100644 index 346295e..0000000 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PgpFingerprintCalculator.java +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright (C) 2018-2020 Confidential Technologies GmbH - * - * You can purchase a commercial license at https://hwsecurity.dev. - * Buying such a license is mandatory as soon as you develop commercial - * activities involving this program without disclosing the source code - * of your own applications. - * - * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package de.cotech.hw.openpgp.internal.openpgp; - - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.interfaces.ECPublicKey; -import java.security.interfaces.RSAPublicKey; -import java.util.Date; - -import androidx.annotation.RestrictTo; -import androidx.annotation.RestrictTo.Scope; - -import org.bouncycastle.asn1.ASN1ObjectIdentifier; - - -@RestrictTo(Scope.LIBRARY_GROUP) -public class PgpFingerprintCalculator { - public static byte[] calculateRsaFingerprint(RSAPublicKey publicKey, Date timestamp) { - try { - byte[] encodedOpenPgpKeyBytes = encodeRsaAlgorithmSpecificPart(publicKey, timestamp); - return calculateFingerprintOrThrow(encodedOpenPgpKeyBytes); - } catch (NoSuchAlgorithmException | IOException e) { - throw new IllegalArgumentException(e); - } - } - - public static byte[] calculateEccFingerprint(ECPublicKey ecPublicKey, ASN1ObjectIdentifier curveOid, Date timestamp) { - try { - byte[] encodedOpenPgpKeyBytes = encodeEccAlgorithmSpecificPart(ecPublicKey, curveOid, timestamp); - return calculateFingerprintOrThrow(encodedOpenPgpKeyBytes); - } catch (NoSuchAlgorithmException | IOException e) { - throw new IllegalArgumentException(e); - } - } - - private static byte[] calculateFingerprintOrThrow(byte[] encodedOpenPgpKeyBytes) throws NoSuchAlgorithmException { - MessageDigest digest = MessageDigest.getInstance("SHA1"); - - digest.update((byte) 0x99); - digest.update((byte) (encodedOpenPgpKeyBytes.length >> 8)); - digest.update((byte) encodedOpenPgpKeyBytes.length); - digest.update(encodedOpenPgpKeyBytes); - - return digest.digest(); - } - - private static byte[] encodeEccAlgorithmSpecificPart(ECPublicKey publicKey, ASN1ObjectIdentifier curveOid, Date timestamp) - throws IOException { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - - long time = timestamp.getTime(); - out.write((byte) (time >> 24)); - out.write((byte) (time >> 16)); - out.write((byte) (time >> 8)); - out.write((byte) time); - - out.write(PublicKeyAlgorithmTags.ECDSA); - - out.write(curveOid.getEncoded()); - out.write(publicKey.getEncoded()); // TODO not openpgp conform! - - return out.toByteArray(); - } - - private static byte[] encodeRsaAlgorithmSpecificPart(RSAPublicKey publicKey, Date timestamp) throws IOException { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - - long time = timestamp.getTime(); - out.write((byte) (time >> 24)); - out.write((byte) (time >> 16)); - out.write((byte) (time >> 8)); - out.write((byte) time); - - out.write(PublicKeyAlgorithmTags.RSA_ENCRYPT); - - out.write(encodeBigIntegerAsMpi(publicKey.getModulus())); - out.write(encodeBigIntegerAsMpi(publicKey.getPublicExponent())); - - return out.toByteArray(); - } - - private static byte[] encodeBigIntegerAsMpi(BigInteger value) { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - - int length = value.bitLength(); - - out.write(length >> 8); - out.write(length); - - byte[] bytes = value.toByteArray(); - - if (bytes[0] == 0) { - out.write(bytes, 1, bytes.length - 1); - } else { - out.write(bytes, 0, bytes.length); - } - - return out.toByteArray(); - } -} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PublicKeyAlgorithmTags.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PublicKeyAlgorithmTags.java index f6f2134..8c0d271 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PublicKeyAlgorithmTags.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/PublicKeyAlgorithmTags.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormat.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormat.java deleted file mode 100644 index a28cfd9..0000000 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormat.java +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (C) 2018-2020 Confidential Technologies GmbH - * - * You can purchase a commercial license at https://hwsecurity.dev. - * Buying such a license is mandatory as soon as you develop commercial - * activities involving this program without disclosing the source code - * of your own applications. - * - * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package de.cotech.hw.openpgp.internal.openpgp; - - -import androidx.annotation.RestrictTo; -import androidx.annotation.RestrictTo.Scope; - - -// 4.3.3.6 Algorithm Attributes -@RestrictTo(Scope.LIBRARY_GROUP) -public class RSAKeyFormat extends KeyFormat { - private int mModulusLength; - private int mExponentLength; - private RSAAlgorithmFormat mRSAAlgorithmFormat; - - public static RSAKeyFormat getDefault2048BitFormat() { - return new RSAKeyFormat(2048, 4, RSAAlgorithmFormat.CRT_WITH_MODULUS); - } - - RSAKeyFormat(int modulusLength, - int exponentLength, - RSAAlgorithmFormat rsaAlgorithmFormat) { - super(KeyFormatType.RSAKeyFormatType); - mModulusLength = modulusLength; - mExponentLength = exponentLength; - mRSAAlgorithmFormat = rsaAlgorithmFormat; - } - - public int getModulusLength() { - return mModulusLength; - } - - public int getExponentLength() { - return mExponentLength; - } - - public RSAAlgorithmFormat getAlgorithmFormat() { - return mRSAAlgorithmFormat; - } - - public RSAKeyFormat withModulus(int modulus) { - return new RSAKeyFormat(modulus, mExponentLength, mRSAAlgorithmFormat); - } - - public static KeyFormat fromBytes(byte[] bytes) { - if (bytes.length < 6) { - throw new IllegalArgumentException("Bad length for RSA attributes"); - } - return new RSAKeyFormat(bytes[1] << 8 | bytes[2], - bytes[3] << 8 | bytes[4], - RSAKeyFormat.RSAAlgorithmFormat.from(bytes[5])); - } - - @Override - public byte[] toBytes(KeyType slot) { - int i = 0; - byte[] attrs = new byte[6]; - attrs[i++] = (byte) PublicKeyAlgorithmTags.RSA_GENERAL; - attrs[i++] = (byte) ((mModulusLength >> 8) & 0xff); - attrs[i++] = (byte) (mModulusLength & 0xff); - attrs[i++] = (byte) ((mExponentLength >> 8) & 0xff); - attrs[i++] = (byte) (mExponentLength & 0xff); - attrs[i] = mRSAAlgorithmFormat.getImportFormat(); - - return attrs; - } - - @Override - public KeyFormatParser getKeyFormatParser() { - return new RSAKeyFormatParser(); - } - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - RSAKeyFormat that = (RSAKeyFormat) o; - return mModulusLength == that.mModulusLength && - mExponentLength == that.mExponentLength && - mRSAAlgorithmFormat == that.mRSAAlgorithmFormat; - } - - @Override - public int hashCode() { - int result = mModulusLength; - result = 31 * result + mExponentLength; - result = 31 * result + (mRSAAlgorithmFormat != null ? mRSAAlgorithmFormat.hashCode() : 0); - return result; - } - - public enum RSAAlgorithmFormat { - STANDARD((byte) 0x00, false, false), - STANDARD_WITH_MODULUS((byte) 0x01, false, true), - CRT((byte) 0x02, true, false), - CRT_WITH_MODULUS((byte) 0x03, true, true); - - private byte mImportFormat; - private boolean mIncludeModulus; - private boolean mIncludeCrt; - - RSAAlgorithmFormat(byte importFormat, boolean includeCrt, boolean includeModulus) { - mImportFormat = importFormat; - mIncludeModulus = includeModulus; - mIncludeCrt = includeCrt; - } - - public static RSAAlgorithmFormat from(byte importFormatByte) { - for (RSAAlgorithmFormat format : values()) { - if (format.mImportFormat == importFormatByte) { - return format; - } - } - return null; - } - - public byte getImportFormat() { - return mImportFormat; - } - - public boolean isIncludeModulus() { - return mIncludeModulus; - } - - public boolean isIncludeCrt() { - return mIncludeCrt; - } - } -} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculator.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculator.java new file mode 100644 index 0000000..55f12a2 --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculator.java @@ -0,0 +1,273 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import androidx.annotation.RestrictTo; +import androidx.annotation.RestrictTo.Scope; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.math.ec.ECCurve; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.interfaces.ECPublicKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.ECPoint; +import java.util.Date; + +import de.cotech.hw.util.Hwsecurity25519PublicKey; + + +/** + * Fingerprints are very specific to the OpenPGP package format in RFC4880. They are not specified + * in the OpenPGP Card Specification. + *

+ * We need to calculate them correctly as they are written in the key attributes + * and other implementations may check that they match with the retrieved public key. + *

+ * We don't want to depend on the Bouncy Castle OpenPGP artifact, so we are recreating + * the package format on demand here. + *

+ * For ECDH public keys we assume the KDF parameters SHA256 and AES128. + */ +@RestrictTo(Scope.LIBRARY_GROUP) +public class Rfc4880FingerprintCalculator { + + /** + * Calculates OpenPGP v4 fingerprint for RSA + */ + public static byte[] calculateRsaFingerprint(RSAPublicKey publicKey, Date timestamp) { + try { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + writeVersionTimeAlgorithm(out, timestamp, PublicKeyAlgorithmTags.RSA_GENERAL); + writeRsaAlgorithmSpecificPart(out, publicKey); + byte[] encodedOpenPgpKeyBytes = out.toByteArray(); + + return calculateFingerprintOrThrow(encodedOpenPgpKeyBytes); + } catch (NoSuchAlgorithmException | IOException e) { + throw new IllegalArgumentException(e); + } + } + + /** + * Calculates OpenPGP v4 fingerprint for ECC + */ + public static byte[] calculateEccFingerprint(PublicKey publicKey, EcKeyFormat ecKeyFormat, Date timestamp) { + try { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + writeVersionTimeAlgorithm(out, timestamp, ecKeyFormat.algorithmId()); + writeEccAlgorithmSpecificPart(out, publicKey, ecKeyFormat); + byte[] encodedOpenPgpKeyBytes = out.toByteArray(); + + return calculateFingerprintOrThrow(encodedOpenPgpKeyBytes); + } catch (NoSuchAlgorithmException | IOException e) { + throw new IllegalArgumentException(e); + } + } + + private static void writeVersionTimeAlgorithm(ByteArrayOutputStream out, Date timestamp, int algorithmId) { + // b) version number = 4 (1 octet); + // c) timestamp of key creation (4 octets); + // d) algorithm (1 octet): 17 = DSA (example); + out.write((byte) 4); + long time = timestamp.getTime() / 1000; + out.write((byte) (time >> 24)); + out.write((byte) (time >> 16)); + out.write((byte) (time >> 8)); + out.write((byte) time); + out.write(algorithmId); + } + + private static void writeEccAlgorithmSpecificPart(ByteArrayOutputStream out, PublicKey publicKey, EcKeyFormat ecKeyFormat) + throws IOException { + // e) Algorithm-specific fields. + + switch (ecKeyFormat.algorithmId()) { + case PublicKeyAlgorithmTags.ECDH: + // * a variable-length field containing a curve OID, formatted as + // follows: + // + // - a one-octet size of the following field; values 0 and 0xFF are + // reserved for future extensions, + // + // - the octets representing a curve OID, defined in Section 9.2; + // + // * a MPI of an EC point representing a public key; + // + // * a variable-length field containing KDF parameters, formatted as + // follows: + // + // - a one-octet size of the following fields; values 0 and 0xff are + // reserved for future extensions; + // + // - a one-octet value 1, reserved for future extensions; + // + // - a one-octet hash function ID used with a KDF; + // + // - a one-octet algorithm ID for the symmetric algorithm used to + // wrap the symmetric key used for the message encryption; see + // Section 13.5 for details. + // + // Observe that an ECDH public key is composed of the same sequence of + // fields that define an ECDSA key, plus the KDF parameters field. + if (ecKeyFormat.isX25519()) { + Hwsecurity25519PublicKey x25519PublicKey = (Hwsecurity25519PublicKey) publicKey; + out.write(encodeOid(ecKeyFormat.curveOid())); + out.write(encodeBigIntegerAsMpi(encodeCustomCompressedPoint(x25519PublicKey.getEncoded()))); + } else { + ECPublicKey ecdhPublicKey = (ECPublicKey) publicKey; + out.write(encodeOid(ecKeyFormat.curveOid())); + out.write(encodeBigIntegerAsMpi(encodeUncompressedPoint(ecdhPublicKey))); + } + out.write(encodeKdf()); + break; + case PublicKeyAlgorithmTags.ECDSA: + ECPublicKey ecdsaPublicKey = (ECPublicKey) publicKey; + // * a variable-length field containing a curve OID, formatted as + // follows: + // + // - a one-octet size of the following field; values 0 and 0xFF are + // reserved for future extensions, + // + // - the octets representing a curve OID, defined in Section 9.2; + // + // * a MPI of an EC point representing a public key. + out.write(encodeOid(ecKeyFormat.curveOid())); + out.write(encodeBigIntegerAsMpi(encodeUncompressedPoint(ecdsaPublicKey))); + break; + case PublicKeyAlgorithmTags.EDDSA: + Hwsecurity25519PublicKey ed25519PublicKey = (Hwsecurity25519PublicKey) publicKey; + // * a variable-length field containing a curve OID, formatted as + // follows: + // + // - a one-octet size of the following field; values 0 and 0xFF are + // reserved for future extensions, + // + // - the octets representing a curve OID, defined in Section 9.2; + // + // * a MPI of an EC point representing a public key Q as described + // under EdDSA Point Format below. + out.write(encodeOid(ecKeyFormat.curveOid())); + out.write(encodeBigIntegerAsMpi(encodeCustomCompressedPoint(ed25519PublicKey.getEncoded()))); + break; + default: + throw new IllegalStateException("Unsupported algorithm id"); + } + } + + // see RFC4880 13.2. ECDSA and ECDH Conversion Primitives + private static BigInteger encodeCustomCompressedPoint(byte[] rawPoint) { + byte[] pointEnc = new byte[1 + rawPoint.length]; + pointEnc[0] = 0x40; + System.arraycopy(rawPoint, 0, pointEnc, 1, pointEnc.length - 1); + return new BigInteger(1, pointEnc); + } + + // see RFC4880 13.2. ECDSA and ECDH Conversion Primitives + private static BigInteger encodeUncompressedPoint(ECPublicKey publicKey) { + ECPoint point = publicKey.getW(); + + // TODO: can we get rid of the bouncy castle conversions here? + ECCurve bcCurve = EC5Util.convertCurve(publicKey.getParams().getCurve()); + org.bouncycastle.math.ec.ECPoint bcPoint = EC5Util.convertPoint(bcCurve, point); + org.bouncycastle.math.ec.ECPoint bcNormed = bcPoint.normalize(); + byte[] x = bcNormed.getXCoord().getEncoded(); + byte[] y = bcNormed.getYCoord().getEncoded(); + + byte[] pointEnc = new byte[1 + x.length + y.length]; + pointEnc[0] = 0x04; + System.arraycopy(x, 0, pointEnc, 1, x.length); + System.arraycopy(y, 0, pointEnc, 1 + x.length, y.length); + return new BigInteger(1, pointEnc); + } + + private static byte[] encodeOid(ASN1ObjectIdentifier oid) throws IOException { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + + byte[] boid = oid.getEncoded(); + // skip the first ASN1 byte, so it only contains len | oid + out.write(boid, 1, boid.length - 1); + + return out.toByteArray(); + } + + private static byte[] encodeKdf() throws IOException { + // Bouncy Castle uses these as default KDF parameters + // kdfParams = new PGPKdfParameters(HashAlgorithmTags.SHA256, SymmetricKeyAlgorithmTags.AES_128); + // see org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter + + byte size = 0x03; + byte reserved = 0x01; + byte hashAlgorithmId = 0x08; // HashAlgorithmTags.SHA256 + byte symmetricKeyAlgorithmId = 0x07; // SymmetricKeyAlgorithmTags.AES_128 + + return new byte[]{size, reserved, hashAlgorithmId, symmetricKeyAlgorithmId}; + } + + private static void writeRsaAlgorithmSpecificPart(ByteArrayOutputStream out, RSAPublicKey publicKey) throws IOException { + // e) Algorithm-specific fields. + + // MPI of RSA public modulus n; + // MPI of RSA public encryption exponent e. + out.write(encodeBigIntegerAsMpi(publicKey.getModulus())); + out.write(encodeBigIntegerAsMpi(publicKey.getPublicExponent())); + } + + private static byte[] calculateFingerprintOrThrow(byte[] encodedOpenPgpKeyBytes) throws NoSuchAlgorithmException { + MessageDigest digest = MessageDigest.getInstance("SHA1"); + + digest.update((byte) 0x99); + digest.update((byte) (encodedOpenPgpKeyBytes.length >> 8)); + digest.update((byte) encodedOpenPgpKeyBytes.length); + digest.update(encodedOpenPgpKeyBytes); + + return digest.digest(); + } + + private static byte[] encodeBigIntegerAsMpi(BigInteger value) { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + + int length = value.bitLength(); + + out.write(length >> 8); + out.write(length); + + byte[] bytes = value.toByteArray(); + + if (bytes[0] == 0) { + out.write(bytes, 1, bytes.length - 1); + } else { + out.write(bytes, 0, bytes.length); + } + + return out.toByteArray(); + } +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormat.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormat.java new file mode 100644 index 0000000..1bb5074 --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormat.java @@ -0,0 +1,126 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import androidx.annotation.RestrictTo; +import androidx.annotation.RestrictTo.Scope; + +import com.google.auto.value.AutoValue; + + +// OpenPGP Card Spec: Algorithm Attributes: RSA +@RestrictTo(Scope.LIBRARY_GROUP) +@AutoValue +public abstract class RsaKeyFormat extends KeyFormat { + + public static final int ALGORITHM_ID = PublicKeyAlgorithmTags.RSA_GENERAL; + + public abstract int modulusLength(); + + public abstract int exponentLength(); + + public abstract RsaImportFormat rsaImportFormat(); + + public static RsaKeyFormat getInstance(int modulusLength, int exponentLength, RsaImportFormat from) { + return new AutoValue_RsaKeyFormat(modulusLength, exponentLength, from); + } + + public static RsaKeyFormat getInstanceDefault2048BitFormat() { + return getInstance(2048, 4, RsaImportFormat.CRT_WITH_MODULUS); + } + + public RsaKeyFormat withModulus(int modulus) { + return RsaKeyFormat.getInstance(modulus, exponentLength(), rsaImportFormat()); + } + + public static KeyFormat getInstanceFromBytes(byte[] bytes) { + if (bytes.length < 6) { + throw new IllegalArgumentException("Bad length for RSA attributes"); + } + int modulusLength = bytes[1] << 8 | bytes[2]; + int exponentLength = bytes[3] << 8 | bytes[4]; + RsaImportFormat importFormat = RsaImportFormat.from(bytes[5]); + + return getInstance(modulusLength, exponentLength, importFormat); + } + + @Override + public byte[] toBytes(KeyType slot) { + int i = 0; + byte[] attrs = new byte[6]; + attrs[i++] = (byte) ALGORITHM_ID; + attrs[i++] = (byte) ((modulusLength() >> 8) & 0xff); + attrs[i++] = (byte) (modulusLength() & 0xff); + attrs[i++] = (byte) ((exponentLength() >> 8) & 0xff); + attrs[i++] = (byte) (exponentLength() & 0xff); + attrs[i] = rsaImportFormat().getImportFormat(); + + return attrs; + } + + @Override + public KeyFormatParser getKeyFormatParser() { + return new RsaKeyFormatParser(); + } + + public enum RsaImportFormat { + STANDARD((byte) 0x00, false, false), + STANDARD_WITH_MODULUS((byte) 0x01, false, true), + CRT((byte) 0x02, true, false), + CRT_WITH_MODULUS((byte) 0x03, true, true); + + private byte importFormat; + private boolean includeModulus; + private boolean includeCrt; + + RsaImportFormat(byte importFormat, boolean includeCrt, boolean includeModulus) { + this.importFormat = importFormat; + this.includeModulus = includeModulus; + this.includeCrt = includeCrt; + } + + public static RsaImportFormat from(byte importFormatByte) { + for (RsaImportFormat format : values()) { + if (format.importFormat == importFormatByte) { + return format; + } + } + return null; + } + + public byte getImportFormat() { + return importFormat; + } + + public boolean isIncludeModulus() { + return includeModulus; + } + + public boolean isIncludeCrt() { + return includeCrt; + } + } +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormatParser.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormatParser.java similarity index 88% rename from hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormatParser.java rename to hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormatParser.java index d4d9d95..2b1a7df 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RSAKeyFormatParser.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/RsaKeyFormatParser.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -37,10 +37,11 @@ import androidx.annotation.RestrictTo.Scope; import de.cotech.hw.internal.iso7816.Iso7816TLV; +import de.cotech.hw.util.HwTimber; @RestrictTo(Scope.LIBRARY_GROUP) -class RSAKeyFormatParser implements KeyFormatParser { +class RsaKeyFormatParser implements KeyFormatParser { private static final int DO_RSA_MODULUS_TAG = 0x81; private static final int DO_RSA_EXPONENT_TAG = 0x82; @@ -59,7 +60,10 @@ public RSAPublicKey parseKey(byte[] publicKeyBytes) throws IOException { BigInteger rsaModulus = new BigInteger(1, rsaModulusMpiTlv.mV); BigInteger rsaPublicExponent = new BigInteger(1, rsaPublicExponentMpiTlv.mV); RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(rsaModulus, rsaPublicExponent); - return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(rsaPublicKeySpec); + RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(rsaPublicKeySpec); + + HwTimber.d("key parsed as RSAPublicKey"); + return publicKey; } catch (InvalidKeySpecException | NoSuchAlgorithmException e) { throw new IOException(e); } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyEccOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyEccOp.java index d8e9098..8c7f1d6 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyEccOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyEccOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -28,6 +28,7 @@ import java.io.IOException; import java.security.KeyPair; import java.security.PrivateKey; +import java.security.PublicKey; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.util.Date; @@ -38,12 +39,12 @@ import de.cotech.hw.internal.iso7816.ResponseApdu; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; import de.cotech.hw.openpgp.OpenPgpCapabilities; -import de.cotech.hw.openpgp.OpenPgpCardUtils; +import de.cotech.hw.openpgp.internal.OpenPgpCardUtils; import de.cotech.hw.internal.iso7816.CommandApdu; -import de.cotech.hw.openpgp.internal.openpgp.ECKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyType; -import de.cotech.hw.openpgp.internal.openpgp.PgpFingerprintCalculator; +import de.cotech.hw.openpgp.internal.openpgp.Rfc4880FingerprintCalculator; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.x9.ECNamedCurveTable; @@ -67,7 +68,7 @@ public byte[] changeKey(KeyType keyType, String curveName, KeyPair keyPair, Date throws IOException { PrivateKey privateKey = keyPair.getPrivate(); if (!(privateKey instanceof ECPrivateKey)) { - throw new IllegalArgumentException("KeyPair given to uploadRsaKey must be ECC KeyPair!"); + throw new IllegalArgumentException("KeyPair given to changeKey must be ECC KeyPair!"); } ECPrivateKey ecPrivateKey = (ECPrivateKey) privateKey; ECPublicKey ecPublicKey = (ECPublicKey) keyPair.getPublic(); @@ -76,48 +77,39 @@ public byte[] changeKey(KeyType keyType, String curveName, KeyPair keyPair, Date throw new IllegalArgumentException("Curve name must be valid ECC named curve!"); } - uploadEccKey(keyType, curveOid, ecPrivateKey, ecPublicKey); - return setKeyMetadata(keyType, curveOid, creationTime, ecPublicKey); + byte[] keyBytes = prepareKeyBytes(keyType, curveOid, ecPrivateKey, ecPublicKey); + CommandApdu apdu = connection.getCommandFactory().createPutKeyCommand(keyBytes); + connection.communicateOrThrow(apdu); + + return setKeyMetadata(keyType, ecPublicKey, curveOid, creationTime); } - private byte[] setKeyMetadata(KeyType keyType, ASN1ObjectIdentifier curveOid, Date timestamp, - ECPublicKey ecPublicKey) throws IOException { - byte[] fingerprint = PgpFingerprintCalculator.calculateEccFingerprint(ecPublicKey, curveOid, timestamp); + private byte[] setKeyMetadata(KeyType keyType, PublicKey publicKey, + ASN1ObjectIdentifier curveOid, Date timestamp) throws IOException { + EcKeyFormat requestedKeyFormat = EcKeyFormat.getInstanceForKeyGeneration(keyType, curveOid); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateEccFingerprint(publicKey, requestedKeyFormat, timestamp); connection.setKeyMetadata(keyType, timestamp, fingerprint); return fingerprint; } - private void uploadEccKey(KeyType keyType, ASN1ObjectIdentifier curveOid, ECPrivateKey ecPrivateKey, - ECPublicKey ecPublicKey) throws IOException { - byte[] keyBytes = prepareKeyBytes(keyType, curveOid, ecPrivateKey, ecPublicKey); - - CommandApdu apdu = connection.getCommandFactory().createPutKeyCommand(keyBytes); - connection.communicateOrThrow(apdu); - } - private byte[] prepareKeyBytes(KeyType keyType, ASN1ObjectIdentifier curveOid, ECPrivateKey ecPrivateKey, ECPublicKey ecPublicKey) throws IOException { OpenPgpCapabilities openPgpCapabilities = connection.getOpenPgpCapabilities(); KeyFormat currentFormat = openPgpCapabilities.getFormatForKeyType(keyType); - ECKeyFormat requestedKeyFormat; - if (keyType == KeyType.ENCRYPT) { - requestedKeyFormat = ECKeyFormat.getInstanceECDHwithOid(curveOid); - } else { - requestedKeyFormat = ECKeyFormat.getInstanceECDSAwithOid(curveOid); - } + EcKeyFormat requestedKeyFormat = EcKeyFormat.getInstanceForKeyGeneration(keyType, curveOid); boolean requiresFormatChange = !requestedKeyFormat.equals(currentFormat); if (requiresFormatChange && openPgpCapabilities.isAttributesChangable()) { HwTimber.d("Setting key format"); setKeyAttributes(keyType, requestedKeyFormat); } else if (requiresFormatChange) { - throw new IOException("Different RSA format required, but applet doesn't support format change!"); + throw new IOException("Different ECC format required, but applet doesn't support format change!"); } else { HwTimber.d("Key format compatible, leaving as is"); } - return OpenPgpCardUtils.createECPrivKeyTemplate(ecPrivateKey, ecPublicKey, keyType, requestedKeyFormat); + return OpenPgpCardUtils.createEcPrivKeyTemplate(ecPrivateKey, ecPublicKey, keyType, requestedKeyFormat); } private void setKeyAttributes(KeyType keyType, KeyFormat keyFormat) throws IOException { @@ -135,15 +127,10 @@ private void putData(int dataObject, byte[] data) throws IOException { connection.communicateOrThrow(command); } - public ECPublicKey generateKey(KeyType keyType, ASN1ObjectIdentifier curveOid, Date creationTime) throws IOException { + public PublicKey generateKey(KeyType keyType, ASN1ObjectIdentifier curveOid, Date creationTime) throws IOException { OpenPgpCapabilities openPgpCapabilities = connection.getOpenPgpCapabilities(); KeyFormat currentFormat = openPgpCapabilities.getFormatForKeyType(keyType); - ECKeyFormat requestedKeyFormat; - if (keyType == KeyType.ENCRYPT) { - requestedKeyFormat = ECKeyFormat.getInstanceECDHwithOid(curveOid); - } else { - requestedKeyFormat = ECKeyFormat.getInstanceECDSAwithOid(curveOid); - } + EcKeyFormat requestedKeyFormat = EcKeyFormat.getInstanceForKeyGeneration(keyType, curveOid); boolean requiresFormatChange = !requestedKeyFormat.equals(currentFormat); if (requiresFormatChange && openPgpCapabilities.isAttributesChangable()) { @@ -159,9 +146,9 @@ public ECPublicKey generateKey(KeyType keyType, ASN1ObjectIdentifier curveOid, D ResponseApdu response = connection.communicateOrThrow(command); byte[] publicKeyBytes = response.getData(); - ECPublicKey publicKey = (ECPublicKey) requestedKeyFormat.getKeyFormatParser().parseKey(publicKeyBytes); + PublicKey publicKey = requestedKeyFormat.getKeyFormatParser().parseKey(publicKeyBytes); - byte[] fingerprint = setKeyMetadata(keyType, curveOid, creationTime, publicKey); + byte[] fingerprint = setKeyMetadata(keyType, publicKey, curveOid, creationTime); return publicKey; } diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyRsaOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyRsaOp.java index 70ad0b8..fb26749 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyRsaOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ChangeKeyRsaOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -38,12 +38,12 @@ import de.cotech.hw.internal.iso7816.CommandApdu; import de.cotech.hw.openpgp.OpenPgpCapabilities; -import de.cotech.hw.openpgp.OpenPgpCardUtils; +import de.cotech.hw.openpgp.internal.OpenPgpCardUtils; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyType; -import de.cotech.hw.openpgp.internal.openpgp.PgpFingerprintCalculator; -import de.cotech.hw.openpgp.internal.openpgp.RSAKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.Rfc4880FingerprintCalculator; +import de.cotech.hw.openpgp.internal.openpgp.RsaKeyFormat; import de.cotech.hw.util.HwTimber; @@ -68,32 +68,28 @@ public byte[] changeKey(KeyType keyType, KeyPair keyPair, Date creationTime) thr RSAPrivateCrtKey rsaPrivateCrtKey = (RSAPrivateCrtKey) privateKey; RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; - uploadRsaKey(keyType, rsaPrivateCrtKey); + byte[] keyBytes = prepareKeyBytes(keyType, rsaPrivateCrtKey); + CommandApdu apdu = connection.getCommandFactory().createPutKeyCommand(keyBytes); + connection.communicateOrThrow(apdu); + return setKeyMetadata(keyType, rsaPublicKey, creationTime); } private byte[] setKeyMetadata(KeyType keyType, RSAPublicKey rsaPublicKey, Date creationTime) throws IOException { - byte[] fingerprint = PgpFingerprintCalculator.calculateRsaFingerprint(rsaPublicKey, creationTime); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateRsaFingerprint(rsaPublicKey, creationTime); connection.setKeyMetadata(keyType, creationTime, fingerprint); return fingerprint; } - private void uploadRsaKey(KeyType keyType, RSAPrivateCrtKey rsaPrivateCrtKey) throws IOException { - byte[] keyBytes = prepareKeyBytes(keyType, rsaPrivateCrtKey); - - CommandApdu apdu = connection.getCommandFactory().createPutKeyCommand(keyBytes); - connection.communicateOrThrow(apdu); - } - private byte[] prepareKeyBytes(KeyType keyType, RSAPrivateCrtKey rsaPrivateCrtKey) throws IOException { OpenPgpCapabilities openPgpCapabilities = connection.getOpenPgpCapabilities(); KeyFormat currentFormat = openPgpCapabilities.getFormatForKeyType(keyType); - RSAKeyFormat requestedKeyFormat; - if (currentFormat instanceof RSAKeyFormat) { - requestedKeyFormat = ((RSAKeyFormat) currentFormat).withModulus(2048); + RsaKeyFormat requestedKeyFormat; + if (currentFormat instanceof RsaKeyFormat) { + requestedKeyFormat = ((RsaKeyFormat) currentFormat).withModulus(2048); } else { - requestedKeyFormat = RSAKeyFormat.getDefault2048BitFormat(); + requestedKeyFormat = RsaKeyFormat.getInstanceDefault2048BitFormat(); } boolean requiresFormatChange = !requestedKeyFormat.equals(currentFormat); @@ -106,7 +102,7 @@ private byte[] prepareKeyBytes(KeyType keyType, RSAPrivateCrtKey rsaPrivateCrtKe HwTimber.d("Key format compatible, leaving as is"); } - return OpenPgpCardUtils.createRSAPrivKeyTemplate(rsaPrivateCrtKey, keyType, requestedKeyFormat); + return OpenPgpCardUtils.createRsaPrivKeyTemplate(rsaPrivateCrtKey, keyType, requestedKeyFormat); } private void setKeyAttributes(KeyType keyType, KeyFormat keyFormat) throws IOException { diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/InternalAuthenticateOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/InternalAuthenticateOp.java index b471c48..666a328 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/InternalAuthenticateOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/InternalAuthenticateOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -32,7 +32,6 @@ import de.cotech.hw.secrets.ByteSecret; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; import de.cotech.hw.openpgp.OpenPgpCapabilities; -import de.cotech.hw.SecurityKeyException; import de.cotech.hw.internal.iso7816.CommandApdu; import de.cotech.hw.internal.iso7816.ResponseApdu; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ModifyPinOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ModifyPinOp.java index c436e61..d47f70c 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ModifyPinOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ModifyPinOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/OpenPgpSignatureUtils.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/OpenPgpSignatureUtils.java index 0b7e1fa..c69aacb 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/OpenPgpSignatureUtils.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/OpenPgpSignatureUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -25,12 +25,6 @@ package de.cotech.hw.openpgp.internal.operations; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; - -import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; -import de.cotech.hw.openpgp.internal.openpgp.RSAKeyFormat; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1OutputStream; @@ -38,29 +32,30 @@ import org.bouncycastle.util.Arrays; import org.bouncycastle.util.encoders.Hex; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; + +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.RsaKeyFormat; -class OpenPgpSignatureUtils { - private static final String RIPEMD160 = "RIPEMD160"; - private static final String SHA1 = "SHA1"; - private static final String SHA224 = "SHA224"; - private static final String SHA256 = "SHA256"; - private static final String SHA384 = "SHA384"; - private static final String SHA512 = "SHA512"; +class OpenPgpSignatureUtils { static OpenPgpSignatureUtils getInstance() { return new OpenPgpSignatureUtils(); } - private OpenPgpSignatureUtils() { } - + private OpenPgpSignatureUtils() { + } private byte[] prepareDsi(byte[] hash, String hashAlgo) throws IOException { byte[] dsi; // to produce the DSI, we simply concatenate the hash bytes with the hash-specific DSI prefix - switch (hashAlgo.replace("-", "")) { - case SHA1: + switch (hashAlgo) { + case "SHA-1": if (hash.length != 20) { throw new IOException("Bad hash length (" + hash.length + ", expected 20!)"); } @@ -71,31 +66,31 @@ private byte[] prepareDsi(byte[] hash, String hashAlgo) throws IOException { + "0500" // TLV coding of ZERO + "0414"), hash); // 0x14 are 20 hash bytes break; - case RIPEMD160: + case "RIPEMD160": if (hash.length != 20) { throw new IOException("Bad hash length (" + hash.length + ", expected 20!)"); } dsi = Arrays.concatenate(Hex.decode("3021300906052B2403020105000414"), hash); break; - case SHA224: + case "SHA-224": if (hash.length != 28) { throw new IOException("Bad hash length (" + hash.length + ", expected 28!)"); } dsi = Arrays.concatenate(Hex.decode("302D300D06096086480165030402040500041C"), hash); break; - case SHA256: + case "SHA-256": if (hash.length != 32) { throw new IOException("Bad hash length (" + hash.length + ", expected 32!)"); } dsi = Arrays.concatenate(Hex.decode("3031300D060960864801650304020105000420"), hash); break; - case SHA384: + case "SHA-384": if (hash.length != 48) { throw new IOException("Bad hash length (" + hash.length + ", expected 48!)"); } dsi = Arrays.concatenate(Hex.decode("3041300D060960864801650304020205000430"), hash); break; - case SHA512: + case "SHA-512": if (hash.length != 64) { throw new IOException("Bad hash length (" + hash.length + ", expected 64!)"); } @@ -108,31 +103,23 @@ private byte[] prepareDsi(byte[] hash, String hashAlgo) throws IOException { } byte[] prepareData(byte[] hash, String hashAlgo, KeyFormat keyFormat) throws IOException { - byte[] data; - switch (keyFormat.keyFormatType()) { - case RSAKeyFormatType: - data = prepareDsi(hash, hashAlgo); - break; - case ECKeyFormatType: - case EdDSAKeyFormatType: - data = hash; - break; - default: - throw new IOException("Not supported key type!"); + if (keyFormat instanceof RsaKeyFormat) { + return prepareDsi(hash, hashAlgo); + } else if (keyFormat instanceof EcKeyFormat) { + return hash; + } else { + throw new IOException("Unsupported KeyFormat."); } - return data; } byte[] encodeSignature(byte[] signature, KeyFormat keyFormat) throws IOException { - switch (keyFormat.keyFormatType()) { - case RSAKeyFormatType: - return encodeRsaSignature(signature, (RSAKeyFormat) keyFormat); - case ECKeyFormatType: - return encodeEcdsaSignature(signature); - case EdDSAKeyFormatType: - return signature; - default: - throw new IllegalArgumentException(); + if (keyFormat instanceof RsaKeyFormat) { + return encodeRsaSignature(signature, (RsaKeyFormat) keyFormat); + } else if (keyFormat instanceof EcKeyFormat) { + boolean isEdDsa = ((EcKeyFormat) keyFormat).isEdDsa(); + return isEdDsa ? signature : encodeEcdsaSignature(signature); + } else { + throw new IOException("Unsupported KeyFormat."); } } @@ -154,15 +141,15 @@ private byte[] encodeEcdsaSignature(byte[] signature) throws IOException { bs = Arrays.copyOfRange(bs, 1, bs.length); } ByteArrayOutputStream baos = new ByteArrayOutputStream(); - ASN1OutputStream out = new ASN1OutputStream(baos); - out.writeObject(new DERSequence(new ASN1Encodable[] { new ASN1Integer(br), new ASN1Integer(bs) })); + ASN1OutputStream out = ASN1OutputStream.create(baos); + out.writeObject(new DERSequence(new ASN1Encodable[]{new ASN1Integer(br), new ASN1Integer(bs)})); out.flush(); return baos.toByteArray(); } - private byte[] encodeRsaSignature(byte[] signature, RSAKeyFormat keyFormat) throws IOException { + private byte[] encodeRsaSignature(byte[] signature, RsaKeyFormat keyFormat) throws IOException { // No encoding necessary, but make sure the signature we received is actually the expected number of bytes long! - int modulusLength = keyFormat.getModulusLength(); + int modulusLength = keyFormat.modulusLength(); if (signature.length != (modulusLength / 8)) { throw new IOException("Bad signature length! Expected " + (modulusLength / 8) + " bytes, got " + signature.length); diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/PsoDecryptOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/PsoDecryptOp.java index ec9cadb..d6fde23 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/PsoDecryptOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/PsoDecryptOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -36,16 +36,18 @@ import androidx.annotation.RestrictTo.Scope; import androidx.annotation.VisibleForTesting; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.RsaKeyFormat; import de.cotech.hw.secrets.ByteSecret; import de.cotech.hw.internal.iso7816.CommandApdu; import de.cotech.hw.internal.iso7816.ResponseApdu; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; -import de.cotech.hw.openpgp.internal.openpgp.ECKeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; + import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.SecretKeySpec; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; + import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.math.ec.ECPoint; @@ -53,14 +55,13 @@ import org.bouncycastle.util.encoders.Hex; -/** This class implements the PSO:DECIPHER operation, as specified in OpenPGP card spec / 7.2.11 (p52 in v3.0.1). - * +/** + * This class implements the PSO:DECIPHER operation, as specified in OpenPGP card spec / 7.2.11 (p52 in v3.0.1). + *

* See https://www.g10code.com/docs/openpgp-card-3.0.pdf */ @RestrictTo(Scope.LIBRARY_GROUP) public class PsoDecryptOp { - public static final ASN1ObjectIdentifier CV25519 = new ASN1ObjectIdentifier("1.3.6.1.4.1.3029.1.5.1"); - private final OpenPgpAppletConnection connection; public static PsoDecryptOp create(OpenPgpAppletConnection connection) { @@ -72,27 +73,22 @@ private PsoDecryptOp(OpenPgpAppletConnection connection) { } public byte[] verifyAndDecryptSessionKey(ByteSecret pin, - @NonNull byte[] encryptedSessionKeyMpi, - int securityKeySymmetricKeySize, byte[] userKeyingMaterial) - throws IOException { + @NonNull byte[] encryptedSessionKeyMpi, + int securityKeySymmetricKeySize, byte[] userKeyingMaterial) throws IOException { connection.verifyPinForOther(pin); - KeyFormat kf = connection.getOpenPgpCapabilities().getEncryptKeyFormat(); - switch (kf.keyFormatType()) { - case RSAKeyFormatType: - return decryptSessionKeyRsa(encryptedSessionKeyMpi); - - case ECKeyFormatType: - return decryptSessionKeyEcdh(encryptedSessionKeyMpi, (ECKeyFormat) kf, - securityKeySymmetricKeySize, userKeyingMaterial); - - default: - throw new IOException("Unknown encryption key type!"); + KeyFormat keyFormat = connection.getOpenPgpCapabilities().getEncryptKeyFormat(); + if (keyFormat instanceof RsaKeyFormat) { + return decryptSessionKeyRsa(encryptedSessionKeyMpi); + } else if (keyFormat instanceof EcKeyFormat) { + return decryptSessionKeyEcdh(encryptedSessionKeyMpi, (EcKeyFormat) keyFormat, + securityKeySymmetricKeySize, userKeyingMaterial); + } else { + throw new IOException("Unsupported KeyFormat."); } } - public byte[] simpleDecryptSessionKeyRsa(ByteSecret pin, - byte[] encryptedSessionKey) throws IOException { + public byte[] simpleDecryptSessionKeyRsa(ByteSecret pin, byte[] encryptedSessionKey) throws IOException { connection.verifyPinForOther(pin); byte[] psoDecipherPayload = Arrays.prepend(encryptedSessionKey, (byte) 0x00); @@ -126,9 +122,8 @@ public byte[] getRsaOperationPayload(byte[] encryptedSessionKeyMpi) throws IOExc return psoDecipherPayload; } - private byte[] decryptSessionKeyEcdh(byte[] encryptedSessionKeyMpi, ECKeyFormat eckf, - int securityKeySymmetricKeySize, byte[] userKeyingMaterial) - throws IOException { + private byte[] decryptSessionKeyEcdh(byte[] encryptedSessionKeyMpi, EcKeyFormat eckf, + int securityKeySymmetricKeySize, byte[] userKeyingMaterial) throws IOException { int mpiLength = getMpiLength(encryptedSessionKeyMpi); byte[] encryptedPoint = Arrays.copyOfRange(encryptedSessionKeyMpi, 2, mpiLength + 2); @@ -175,6 +170,16 @@ The shared secret obtained is a KEK (Key Encryption Key) that is used to wrap th */ byte[] keyEncryptionKey = response.getData(); + int xLen; + boolean isCurve25519 = eckf.isX25519(); + if (eckf.isX25519()) { + xLen = keyEncryptionKey.length; + } else { + xLen = (keyEncryptionKey.length - 1) / 2; + } + final byte[] kekX = new byte[xLen]; + System.arraycopy(keyEncryptionKey, isCurve25519 ? 0 : 1, kekX, 0, xLen); + final byte[] keyEnc = new byte[encryptedSessionKeyMpi[mpiLength + 2]]; System.arraycopy(encryptedSessionKeyMpi, 2 + mpiLength + 1, keyEnc, 0, keyEnc.length); @@ -183,7 +188,7 @@ The shared secret obtained is a KEK (Key Encryption Key) that is used to wrap th final MessageDigest kdf = MessageDigest.getInstance("SHA-256"); kdf.update(new byte[]{(byte) 0, (byte) 0, (byte) 0, (byte) 1}); - kdf.update(keyEncryptionKey); + kdf.update(kekX); kdf.update(userKeyingMaterial); byte[] kek = kdf.digest(); @@ -221,8 +226,8 @@ private static byte[] unpadSessionData(byte[] encoded) throws IOException { return taggedKey; } - private byte[] getEcDecipherPayload(ECKeyFormat eckf, byte[] encryptedPoint) throws IOException { - if (CV25519.equals(eckf.curveOid())) { + private byte[] getEcDecipherPayload(EcKeyFormat eckf, byte[] encryptedPoint) throws IOException { + if (eckf.isX25519()) { return Arrays.copyOfRange(encryptedPoint, 1, 33); } else { X9ECParameters x9Params = ECNamedCurveTable.getByOID(eckf.curveOid()); diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ResetAndWipeOp.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ResetAndWipeOp.java index 92c771e..0ca076a 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ResetAndWipeOp.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/operations/ResetAndWipeOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SCP11bSecureMessaging.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/Scp11bSecureMessaging.java similarity index 89% rename from hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SCP11bSecureMessaging.java rename to hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/Scp11bSecureMessaging.java index 6157d82..d1d208f 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SCP11bSecureMessaging.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/Scp11bSecureMessaging.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -66,14 +66,15 @@ import androidx.annotation.RestrictTo; import androidx.annotation.RestrictTo.Scope; -import de.cotech.hw.openpgp.internal.openpgp.ECKeyFormat; +import de.cotech.hw.openpgp.internal.openpgp.EcKeyFormat; import de.cotech.hw.openpgp.internal.openpgp.KeyFormat; import de.cotech.hw.openpgp.internal.OpenPgpAppletConnection; -import de.cotech.hw.openpgp.OpenPgpCardUtils; +import de.cotech.hw.openpgp.internal.OpenPgpCardUtils; import de.cotech.hw.openpgp.internal.OpenPgpCommandApduFactory; import de.cotech.hw.internal.iso7816.CommandApdu; import de.cotech.hw.internal.iso7816.Iso7816TLV; import de.cotech.hw.internal.iso7816.ResponseApdu; + import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; @@ -83,6 +84,7 @@ import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; + import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X9ECParameters; @@ -91,10 +93,10 @@ import org.bouncycastle.util.Arrays; @RestrictTo(Scope.LIBRARY_GROUP) -public class SCP11bSecureMessaging implements SecureMessaging { +public class Scp11bSecureMessaging implements SecureMessaging { - private static final byte OPENPGP_SECURE_MESSAGING_CLA_MASK = (byte)0x04; - private static final byte OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG = (byte)0xD4; + private static final byte OPENPGP_SECURE_MESSAGING_CLA_MASK = (byte) 0x04; + private static final byte OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG = (byte) 0xD4; private static final int AES_BLOCK_SIZE = 128 / 8; @@ -125,7 +127,7 @@ public class SCP11bSecureMessaging implements SecureMessaging { private byte[] mMacChaining; - private SCP11bSecureMessaging() { + private Scp11bSecureMessaging() { } private void setKeys(@NonNull final byte[] sEnc, @@ -164,7 +166,7 @@ public boolean isEstablished() { && (mMacChaining != null); } - private static ECParameterSpec getAlgorithmParameterSpec(final ECKeyFormat kf) + private static ECParameterSpec getAlgorithmParameterSpec(final EcKeyFormat kf) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidParameterSpecException { final AlgorithmParameters algoParams = AlgorithmParameters.getInstance(SCP11B_KEY_AGREEMENT_KEY_ALGO, PROVIDER); @@ -174,9 +176,9 @@ private static ECParameterSpec getAlgorithmParameterSpec(final ECKeyFormat kf) } - private static ECPublicKey newECDHPublicKey(final ECKeyFormat kf, byte[] data) + private static ECPublicKey newECDHPublicKey(final EcKeyFormat kf, byte[] data) throws InvalidKeySpecException, NoSuchAlgorithmException, - InvalidParameterSpecException, NoSuchProviderException { + InvalidParameterSpecException, NoSuchProviderException { if (ecdhFactory == null) { ecdhFactory = KeyFactory.getInstance(SCP11B_KEY_AGREEMENT_KEY_TYPE, PROVIDER); } @@ -196,12 +198,12 @@ private static ECPublicKey newECDHPublicKey(final ECKeyFormat kf, byte[] data) new java.security.spec.ECPoint(p.getAffineXCoord().toBigInteger(), p.getAffineYCoord().toBigInteger()), getAlgorithmParameterSpec(kf)); - return (ECPublicKey)(ecdhFactory.generatePublic(pk)); + return (ECPublicKey) (ecdhFactory.generatePublic(pk)); } - private static KeyPair generateECDHKeyPair(final ECKeyFormat kf) + private static KeyPair generateECDHKeyPair(final EcKeyFormat kf) throws NoSuchProviderException, NoSuchAlgorithmException, - InvalidParameterSpecException, InvalidAlgorithmParameterException { + InvalidParameterSpecException, InvalidAlgorithmParameterException { final KeyPairGenerator gen = KeyPairGenerator.getInstance(SCP11B_KEY_AGREEMENT_KEY_ALGO, PROVIDER); if (srand == null) { @@ -214,7 +216,7 @@ private static KeyPair generateECDHKeyPair(final ECKeyFormat kf) } private static ECPublicKey verifyCertificate(KeyStore ks, - final ECKeyFormat kf, + final EcKeyFormat kf, final byte[] data) throws IOException { try { @@ -287,7 +289,7 @@ private static ECPublicKey verifyCertificate(KeyStore ks, @CheckResult public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpCommandApduFactory commandFactory, - KeyStore smKeyStore) + KeyStore smKeyStore) throws SecureMessagingException, IOException { CommandApdu cmd; @@ -304,18 +306,18 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman } tlvs = Iso7816TLV.readList(resp.getData(), true); if ((tlvs == null) - || (tlvs.length != 1) - || ((byte)tlvs[0].mT != OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG)) { + || (tlvs.length != 1) + || ((byte) tlvs[0].mT != OPENPGP_SECURE_MESSAGING_KEY_ATTRIBUTES_TAG)) { throw new SecureMessagingException("unsupported secure messaging key attributes format"); } final KeyFormat kf = KeyFormat.fromBytes(tlvs[0].mV); - if (kf.keyFormatType() != KeyFormat.KeyFormatType.ECKeyFormatType) { + if (!(kf instanceof EcKeyFormat)) { throw new SecureMessagingException("unsupported secure messaging key format"); } - final ECKeyFormat eckf = (ECKeyFormat)kf; + final EcKeyFormat eckf = (EcKeyFormat) kf; if (eckf.curveOid() == null) { throw new SecureMessagingException("unsupported secure messaging curve"); @@ -348,13 +350,13 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman tlvs = Iso7816TLV.readList(resp.getData(), true); if ((tlvs == null) || (tlvs.length != 1) - || ((short)tlvs[0].mT != (short)0x7f49)) { + || ((short) tlvs[0].mT != (short) 0x7f49)) { throw new SecureMessagingException("invalid format of secure messaging key"); } tlvs = Iso7816TLV.readList(tlvs[0].mV, true); if ((tlvs == null) || (tlvs.length != 1) - || ((byte)tlvs[0].mT != (byte)0x86)) { + || ((byte) tlvs[0].mT != (byte) 0x86)) { throw new SecureMessagingException("invalid format of secure messaging key"); } @@ -369,29 +371,29 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman final int fieldSize = curve.getField().getFieldSize(); int keySize; - if(fieldSize < 512) { + if (fieldSize < 512) { keySize = 16; } else { keySize = 32; } final KeyPair ekoce = generateECDHKeyPair(eckf); - final ECPublicKey epkoce = (ECPublicKey)ekoce.getPublic(); - final ECPrivateKey eskoce = (ECPrivateKey)ekoce.getPrivate(); + final ECPublicKey epkoce = (ECPublicKey) ekoce.getPublic(); + final ECPrivateKey eskoce = (ECPrivateKey) ekoce.getPrivate(); - final byte[] crt_template = new byte[] { - (byte)0xA6, (byte)0x0D, - (byte)0x90, (byte)0x02, (byte)0x11, (byte)0x00, - (byte)0x95, (byte)0x01, (byte)0x3C, - (byte)0x80, (byte)0x01, (byte)0x88, - (byte)0x81, (byte)0x01, (byte)keySize, - (byte)0x5F, (byte)0x49 }; + final byte[] crt_template = new byte[]{ + (byte) 0xA6, (byte) 0x0D, + (byte) 0x90, (byte) 0x02, (byte) 0x11, (byte) 0x00, + (byte) 0x95, (byte) 0x01, (byte) 0x3C, + (byte) 0x80, (byte) 0x01, (byte) 0x88, + (byte) 0x81, (byte) 0x01, (byte) keySize, + (byte) 0x5F, (byte) 0x49}; - int csize = (int)Math.ceil(epkoce.getParams().getCurve().getField().getFieldSize() / 8.0); + int csize = (int) Math.ceil(epkoce.getParams().getCurve().getField().getFieldSize() / 8.0); ByteArrayOutputStream pkout = new ByteArrayOutputStream(), bout = new ByteArrayOutputStream(); - pkout.write((byte)0x04); + pkout.write((byte) 0x04); OpenPgpCardUtils.writeBits(pkout, epkoce.getW().getAffineX(), csize); OpenPgpCardUtils.writeBits(pkout, epkoce.getW().getAffineY(), csize); @@ -449,12 +451,12 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman csize = bout.size() + 3; - bout.write(new byte[] { - (byte)0, (byte)0, (byte)0, (byte)0, - crt_template[8], crt_template[11], - (byte)keySize }); + bout.write(new byte[]{ + (byte) 0, (byte) 0, (byte) 0, (byte) 0, + crt_template[8], crt_template[11], + (byte) keySize}); - byte[] shs = bout.toByteArray(); + byte[] shs = bout.toByteArray(); //key derivation final MessageDigest h = MessageDigest.getInstance(SCP11B_KEY_DERIVATION_ALGO, PROVIDER); @@ -465,7 +467,7 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman bout.write(h.digest(shs)); } - shs = bout.toByteArray(); + shs = bout.toByteArray(); final byte[] rkey = Arrays.copyOfRange(shs, 0, keySize); final byte[] sEnc = Arrays.copyOfRange(shs, keySize, 2 * keySize); @@ -482,13 +484,13 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman mac.update(shs, 0, shs.length - 2 - AES_BLOCK_SIZE); shs = mac.doFinal(); - for(int i = 0; i < AES_BLOCK_SIZE; ++i) { + for (int i = 0; i < AES_BLOCK_SIZE; ++i) { if (shs[i] != receipt[i]) { throw new SecureMessagingException("corrupted receipt!"); } } - final SCP11bSecureMessaging sm = new SCP11bSecureMessaging(); + final Scp11bSecureMessaging sm = new Scp11bSecureMessaging(); sm.setKeys(sEnc, sMac, sRmac, receipt); return sm; @@ -500,18 +502,17 @@ public static SecureMessaging establish(OpenPgpAppletConnection t, OpenPgpComman } catch (InvalidParameterSpecException e) { throw new SecureMessagingException("invalid ECDH parameters : " + e.getMessage()); } catch (NoSuchProviderException e) { - throw new SecureMessagingException("unknown provider " + PROVIDER); + throw new SecureMessagingException("unknown provider " + PROVIDER); } catch (InvalidAlgorithmParameterException e) { - throw new SecureMessagingException("invalid algorithm parameters : " + e.getMessage()); + throw new SecureMessagingException("invalid algorithm parameters : " + e.getMessage()); } catch (InvalidKeyException e) { - throw new SecureMessagingException("invalid key : " + e.getMessage()); + throw new SecureMessagingException("invalid key : " + e.getMessage()); } catch (IllegalArgumentException e) { throw new SecureMessagingException("illegal argument (" + e.getMessage() + ")"); } } - @Override public CommandApdu encryptAndSign(CommandApdu apdu) throws SecureMessagingException { @@ -521,7 +522,7 @@ public CommandApdu encryptAndSign(CommandApdu apdu) } ++mEncryptionCounter; - if(mEncryptionCounter <= 0) { + if (mEncryptionCounter <= 0) { throw new SecureMessagingException("exhausted encryption counter"); } @@ -533,11 +534,11 @@ public CommandApdu encryptAndSign(CommandApdu apdu) final Cipher cipher = Cipher.getInstance(SCP11_CIPHER_ALGO); byte[] iv = new byte[AES_BLOCK_SIZE]; - Arrays.fill(iv, (byte)0); + Arrays.fill(iv, (byte) 0); cipher.init(Cipher.ENCRYPT_MODE, mSEnc, new IvParameterSpec(iv)); - iv[AES_BLOCK_SIZE - 2] = (byte)((mEncryptionCounter >> 8) & 0xff); - iv[AES_BLOCK_SIZE - 1] = (byte)(mEncryptionCounter & 0xff); + iv[AES_BLOCK_SIZE - 2] = (byte) ((mEncryptionCounter >> 8) & 0xff); + iv[AES_BLOCK_SIZE - 1] = (byte) (mEncryptionCounter & 0xff); iv = cipher.doFinal(iv); @@ -545,14 +546,14 @@ public CommandApdu encryptAndSign(CommandApdu apdu) final byte[] pdata = new byte[data.length + AES_BLOCK_SIZE - (data.length % AES_BLOCK_SIZE)]; System.arraycopy(data, 0, pdata, 0, data.length); - pdata[data.length] = (byte)0x80; + pdata[data.length] = (byte) 0x80; - Arrays.fill(data, (byte)0); + Arrays.fill(data, (byte) 0); data = cipher.doFinal(pdata); - Arrays.fill(pdata, (byte)0); - Arrays.fill(iv, (byte)0); + Arrays.fill(pdata, (byte) 0); + Arrays.fill(iv, (byte) 0); } @@ -575,7 +576,7 @@ public CommandApdu encryptAndSign(CommandApdu apdu) System.arraycopy(data, 0, odata, ooff, data.length); ooff += data.length; - Arrays.fill(data, (byte)0); + Arrays.fill(data, (byte) 0); final Mac mac = Mac.getInstance(SCP11_MAC_ALGO, PROVIDER); mac.init(mSMac); @@ -597,7 +598,7 @@ public CommandApdu encryptAndSign(CommandApdu apdu) throw new SecureMessagingException("Failed to parsing APDU: " + e.getMessage()); } - Arrays.fill(odata, (byte)0); + Arrays.fill(odata, (byte) 0); return apdu; @@ -668,7 +669,7 @@ public ResponseApdu verifyAndDecrypt(ResponseApdu apdu) final Cipher cipher = Cipher.getInstance(SCP11_CIPHER_ALGO); byte[] iv = new byte[AES_BLOCK_SIZE]; - Arrays.fill(iv,(byte)0); + Arrays.fill(iv, (byte) 0); cipher.init(Cipher.ENCRYPT_MODE, mSEnc, new IvParameterSpec(iv)); iv[0] = (byte) 0x80; diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessaging.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessaging.java index 4ce1c85..a43c1d7 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessaging.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessaging.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessagingException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessagingException.java index eb826a6..a94b492 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessagingException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/securemessaging/SecureMessagingException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedDecryptor.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedDecryptor.java index 563eef4..5f62bce 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedDecryptor.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedDecryptor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedEncryptor.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedEncryptor.java index 2239697..43ebc23 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedEncryptor.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedEncryptor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKey.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKey.java index 8e8e098..195e877 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKey.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeyException.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeyException.java index 9e28394..34b0338 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeyException.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeyException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializer.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializer.java index 928c6d0..9879d96 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializer.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -25,9 +25,6 @@ package de.cotech.hw.openpgp.pairedkey; -import de.cotech.hw.openpgp.pairedkey.PairedSecurityKey; - - public interface PairedSecurityKeySerializer { PairedSecurityKey deserialize(String serializedPairedSecurityKey); String serialize(PairedSecurityKey pairedSecurityKey); diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializerImpl.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializerImpl.java index b57bdf3..c319cdb 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializerImpl.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/pairedkey/PairedSecurityKeySerializerImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/secrets/OpenPgpByteSecretGenerator.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/secrets/OpenPgpByteSecretGenerator.java index fe88640..83d08a7 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/secrets/OpenPgpByteSecretGenerator.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/secrets/OpenPgpByteSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencePairedSecurityKeyStorage.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencePairedSecurityKeyStorage.java index 8da4da6..42eb4cf 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencePairedSecurityKeyStorage.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencePairedSecurityKeyStorage.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencesEncryptedSessionStorage.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencesEncryptedSessionStorage.java index 099c22c..5bca6db 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencesEncryptedSessionStorage.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/AndroidPreferencesEncryptedSessionStorage.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/EncryptedSessionStorage.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/EncryptedSessionStorage.java index 6e0d5fc..00c655b 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/EncryptedSessionStorage.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/EncryptedSessionStorage.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/PairedSecurityKeyStorage.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/PairedSecurityKeyStorage.java index 61398e8..99e0518 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/PairedSecurityKeyStorage.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/storage/PairedSecurityKeyStorage.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/Bouncy25519KeyConverter.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/Bouncy25519KeyConverter.java new file mode 100644 index 0000000..2ad3c54 --- /dev/null +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/Bouncy25519KeyConverter.java @@ -0,0 +1,90 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.util; + +import org.bouncycastle.asn1.edec.EdECObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import java.io.IOException; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; + +import de.cotech.hw.util.Arrays; +import de.cotech.hw.util.HwTimber; +import de.cotech.hw.util.Hwsecurity25519PublicKey; + +public class Bouncy25519KeyConverter { + + public static PublicKey hwsecurityToBouncy(PublicKey publicKey) throws IOException { + if ("X25519".equals(publicKey.getAlgorithm()) && "hwsecurity".equals(publicKey.getFormat())) { + try { + SubjectPublicKeyInfo pubKeyInfo = new SubjectPublicKeyInfo( + new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), publicKey.getEncoded()); + X509EncodedKeySpec keySpec = new X509EncodedKeySpec(pubKeyInfo.getEncoded()); + KeyFactory keyFactory = KeyFactory.getInstance("X25519", BouncyCastleProvider.PROVIDER_NAME); + PublicKey bcPublicKey = keyFactory.generatePublic(keySpec); + + HwTimber.d("Raw public key converted to Bouncy Castle BCXDHPublicKey"); + return bcPublicKey; + } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) { + throw new IOException(e); + } + } else if ("Ed25519".equals(publicKey.getAlgorithm()) && "hwsecurity".equals(publicKey.getFormat())) { + try { + SubjectPublicKeyInfo pubKeyInfo = new SubjectPublicKeyInfo( + new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), publicKey.getEncoded()); + X509EncodedKeySpec keySpec = new X509EncodedKeySpec(pubKeyInfo.getEncoded()); + KeyFactory keyFactory = KeyFactory.getInstance("Ed25519", BouncyCastleProvider.PROVIDER_NAME); + PublicKey bcPublicKey = keyFactory.generatePublic(keySpec); + + HwTimber.d("Raw public key converted to Bouncy Castle BCEdDSAPublicKey"); + return bcPublicKey; + } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) { + throw new IOException(e); + } + } else { + HwTimber.d("Already in compatible format. Returning PublicKey object."); + return publicKey; + } + } + + public static Hwsecurity25519PublicKey bouncyToHwsecurity(PublicKey publicKey) { + if (!"Ed25519".equals(publicKey.getAlgorithm()) + && !"X25519".equals(publicKey.getAlgorithm())) { + throw new IllegalStateException("Unsupported algorithm"); + } + // remove BC prefix from BCEdDSAPublicKey + // see https://github.com/bcgit/bc-java/blob/master/prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyFactorySpi.java + byte[] encodedBcKey = publicKey.getEncoded(); + byte[] withoutPrefix = Arrays.copyOfRange(encodedBcKey, 12, encodedBcKey.length); + return new Hwsecurity25519PublicKey(withoutPrefix, publicKey.getAlgorithm()); + } +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/DecryptingFileInputStream.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/DecryptingFileInputStream.java index 28a4690..d5d8af7 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/DecryptingFileInputStream.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/DecryptingFileInputStream.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EncryptingFileOutputStream.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EncryptingFileOutputStream.java index 3567a8a..17ddb1c 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EncryptingFileOutputStream.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EncryptingFileOutputStream.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EphemeralFilePfdUtil.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EphemeralFilePfdUtil.java index fb6ae0e..ff94370 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EphemeralFilePfdUtil.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/EphemeralFilePfdUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/MemoryFilePfdUtil.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/MemoryFilePfdUtil.java index e067751..f323e90 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/MemoryFilePfdUtil.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/MemoryFilePfdUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/ParcelFileDescriptorUtil.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/ParcelFileDescriptorUtil.java index e4a9958..a1b4653 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/ParcelFileDescriptorUtil.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/ParcelFileDescriptorUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/RsaEncryptionUtil.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/RsaEncryptionUtil.java index 88cfef3..af320e4 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/RsaEncryptionUtil.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/RsaEncryptionUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/package-info.java b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/package-info.java index d8ce2b9..9451615 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/package-info.java +++ b/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/util/package-info.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/openpgp/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java b/hwsecurity/openpgp/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java new file mode 100644 index 0000000..9cc5f0e --- /dev/null +++ b/hwsecurity/openpgp/src/test/java/de/cotech/hw/internal/transport/FakeTransport.java @@ -0,0 +1,135 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.internal.transport; + + +import androidx.annotation.Nullable; + +import org.junit.Assert; + +import java.io.IOException; +import java.util.LinkedList; + +import de.cotech.hw.internal.iso7816.CommandApdu; +import de.cotech.hw.internal.iso7816.ResponseApdu; +import de.cotech.hw.internal.transport.SecurityKeyInfo.SecurityKeyType; +import de.cotech.hw.internal.transport.SecurityKeyInfo.TransportType; +import de.cotech.hw.util.Hex; + +import static org.junit.Assert.assertEquals; + + +@SuppressWarnings("WeakerAccess") +public class FakeTransport implements Transport { + LinkedList expectCommands = new LinkedList<>(); + LinkedList expectResponses = new LinkedList<>(); + LinkedList expectExceptions = new LinkedList<>(); + boolean extendedLengthSupported = false; + + @Override + public ResponseApdu transceive(CommandApdu data) throws IOException { + CommandApdu expected = expectCommands.poll(); + assertEquals(expected, data); + + if (!expectExceptions.isEmpty()) { + throw expectExceptions.poll(); + } + + return expectResponses.poll(); + } + + @Override + public void release() { + + } + + @Override + public boolean isConnected() { + return true; + } + + @Override + public boolean isReleased() { + return false; + } + + @Override + public boolean isPersistentConnectionAllowed() { + return false; + } + + @Override + public void connect() throws IOException { + + } + + @Override + public boolean ping() { + return true; + } + + @Override + public TransportType getTransportType() { + return TransportType.USB_CTAPHID; + } + + @Nullable + @Override + public SecurityKeyType getSecurityKeyTypeIfAvailable() { + return null; + } + + @Override + public boolean isExtendedLengthSupported() { + return extendedLengthSupported; + } + + public void setExtendedLengthSupported(boolean extendedLengthSupported) { + this.extendedLengthSupported = extendedLengthSupported; + } + + public void expect(String commandBytesHex, String responseBytesHex) throws IOException { + CommandApdu commandApdu = CommandApdu.fromBytes(Hex.decodeHexOrFail(commandBytesHex)); + commandApdu = commandApdu.withExtendedApduNe(); + expectCommands.add(commandApdu); + expectResponses.add(ResponseApdu.fromBytes(Hex.decodeHexOrFail(responseBytesHex))); + } + + public void expect(CommandApdu commandApdu, ResponseApdu responseApdu) { + expectCommands.add(commandApdu); + expectResponses.add(responseApdu); + } + + public void expect(CommandApdu commandApdu, IOException exception) { + expectCommands.add(commandApdu); + expectExceptions.add(exception); + } + + public void verify() { + Assert.assertEquals(0, expectCommands.size()); + Assert.assertEquals(0, expectResponses.size()); + Assert.assertEquals(0, expectExceptions.size()); + } +} diff --git a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EdDSAKeyFormat.java b/hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/JcaTestUtils.java similarity index 54% rename from hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EdDSAKeyFormat.java rename to hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/JcaTestUtils.java index 532f502..0475362 100644 --- a/hwsecurity/openpgp/src/main/java/de/cotech/hw/openpgp/internal/openpgp/EdDSAKeyFormat.java +++ b/hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/JcaTestUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -25,26 +25,23 @@ package de.cotech.hw.openpgp.internal.openpgp; -import androidx.annotation.RestrictTo; -import androidx.annotation.RestrictTo.Scope; +import java.security.KeyFactory; +import java.security.interfaces.ECPublicKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; -// 4.3.3.6 Algorithm Attributes -@RestrictTo(Scope.LIBRARY_GROUP) -public class EdDSAKeyFormat extends KeyFormat { - - public EdDSAKeyFormat() { - super(KeyFormatType.EdDSAKeyFormatType); - } - - @Override - public byte[] toBytes(KeyType slot) { - return new byte[] { PublicKeyAlgorithmTags.EDDSA }; +public class JcaTestUtils { + public static ECPublicKey parseEcPublicKey(byte[] ecdsaPublic) throws Exception { + KeyFactory generator = KeyFactory.getInstance("EC"); + EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(ecdsaPublic); + return (ECPublicKey) generator.generatePublic(publicKeySpec); } - @Override - public KeyFormatParser getKeyFormatParser() { - throw new UnsupportedOperationException(); + public static RSAPublicKey parseRsaPublicKey(byte[] rsaPublic) throws Exception { + KeyFactory generator = KeyFactory.getInstance("RSA"); + EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(rsaPublic); + return (RSAPublicKey) generator.generatePublic(publicKeySpec); } - } diff --git a/hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculatorTest.java b/hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculatorTest.java new file mode 100644 index 0000000..65e1489 --- /dev/null +++ b/hwsecurity/openpgp/src/test/java/de/cotech/hw/openpgp/internal/openpgp/Rfc4880FingerprintCalculatorTest.java @@ -0,0 +1,109 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.openpgp.internal.openpgp; + + +import org.junit.Test; + +import java.security.interfaces.ECPublicKey; +import java.security.interfaces.RSAPublicKey; +import java.util.Date; + +import de.cotech.hw.util.Hex; +import de.cotech.hw.util.Hwsecurity25519PublicKey; + +import static org.junit.Assert.assertArrayEquals; + +public class Rfc4880FingerprintCalculatorTest { + + private final static byte[] RSA_PUBLIC = Hex.decodeHexOrFail( + "30820122300d06092a864886f70d01010105000382010f003082010a0282010100b0536771ab357106e33d68599d" + + "73f004793b9c0efd693a219136869da721a84d41f813734ee4b7e34bd52757e36b289636f6b1b77096867e7bbd" + + "5100b0e9c8c5e4842bae1915694f753be3f8d5f7bf97c3189faa6e5febecd8c5dc06e73f442046b05d831d27e3" + + "3bab874ec5cabc8fa0ae5b5a700b493a0a5498d0efc46283c6f09a02fa4cd23a5cdd120d16f8da94b1e24f1cc4" + + "3c39c412100687a00dd79fec1454faf5834d0caa9d74bdec08fe746e6f63127008822de32672fde3b6992e179d" + + "860b050b12a58293597d4330b6e5eb80383f819c39dd11cc9565eda9bf74c3d635c38850b50e9d18d70281fd59" + + "4a4dc6c99dced5a57e9d5a214680b75d36590203010001"); + + private final static byte[] RSA_FINGERPRINT = Hex.decodeHexOrFail("61af1d55181bd81e7170a27b57082c2e6a682373"); + + private final static byte[] ECC_P256_PUBLIC = Hex.decodeHexOrFail( + "3059301306072a8648ce3d020106082a8648ce3d03010703420004aa0d448dd43f1cae67af7a497cff4aab13ac7" + + "9dc32c31881f92911ed8a60c1cb349e9ebe4758910a6f7244c7a25bcc7cc726e168506ceaf69ea26a7c6468a46e" + ); + + private final static byte[] ECDSA_FINGERPRINT = Hex.decodeHexOrFail("b9c2c4e3c51ac1e72242192fdd7c22ea2ae42bf8"); + + private final static byte[] ECDH_FINGERPRINT = Hex.decodeHexOrFail("9e382b08d0e6b108d3bebdf8bea2457a7fe6acd8"); + + private final static byte[] ED_25519_PUBLIC = Hex.decodeHexOrFail( + "b7a3c12dc0c8c748ab07525b701122b88bd78f600c76342d27f25e5f92444cde" + ); + + private final static byte[] ED_25519_FINGERPRINT = Hex.decodeHexOrFail("3d63e471725725a831f8768b4f6f6325deb07294"); + + private final static byte[] X_25519_FINGERPRINT = Hex.decodeHexOrFail("78c2f872581742e1ae5db925cc5a3a513510e1f1"); + + private final static Date FIXED_TIMESTAMP = new Date(946731661000L); + + @Test + public void rsaFingerprint() throws Exception { + RSAPublicKey rsaPublicKey = JcaTestUtils.parseRsaPublicKey(RSA_PUBLIC); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateRsaFingerprint(rsaPublicKey, FIXED_TIMESTAMP); + assertArrayEquals(fingerprint, RSA_FINGERPRINT); + } + + @Test + public void ecdsaFingerprint() throws Exception { + ECPublicKey ecPublicKey = JcaTestUtils.parseEcPublicKey(ECC_P256_PUBLIC); + EcKeyFormat ecKeyFormat = EcKeyFormat.getInstance(PublicKeyAlgorithmTags.ECDSA, EcObjectIdentifiers.NIST_P_256, true); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateEccFingerprint(ecPublicKey, ecKeyFormat, FIXED_TIMESTAMP); + assertArrayEquals(fingerprint, ECDSA_FINGERPRINT); + } + + @Test + public void ecdhFingerprint() throws Exception { + ECPublicKey ecPublicKey = JcaTestUtils.parseEcPublicKey(ECC_P256_PUBLIC); + EcKeyFormat ecKeyFormat = EcKeyFormat.getInstance(PublicKeyAlgorithmTags.ECDH, EcObjectIdentifiers.NIST_P_256, true); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateEccFingerprint(ecPublicKey, ecKeyFormat, FIXED_TIMESTAMP); + assertArrayEquals(fingerprint, ECDH_FINGERPRINT); + } + + @Test + public void ed25519Fingerprint() { + Hwsecurity25519PublicKey publicKey = new Hwsecurity25519PublicKey(ED_25519_PUBLIC, "Ed25519"); + EcKeyFormat ecKeyFormat = EcKeyFormat.getInstance(PublicKeyAlgorithmTags.EDDSA, EcObjectIdentifiers.ED25519, true); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateEccFingerprint(publicKey, ecKeyFormat, FIXED_TIMESTAMP); + assertArrayEquals(fingerprint, ED_25519_FINGERPRINT); + } + + @Test + public void x25519Fingerprint() { + Hwsecurity25519PublicKey publicKey = new Hwsecurity25519PublicKey(ED_25519_PUBLIC, "X25519"); + EcKeyFormat ecKeyFormat = EcKeyFormat.getInstance(PublicKeyAlgorithmTags.ECDH, EcObjectIdentifiers.X25519, true); + byte[] fingerprint = Rfc4880FingerprintCalculator.calculateEccFingerprint(publicKey, ecKeyFormat, FIXED_TIMESTAMP); + assertArrayEquals(fingerprint, X_25519_FINGERPRINT); + } +} \ No newline at end of file diff --git a/hwsecurity/piv/build.gradle b/hwsecurity/piv/build.gradle index f13f385..5571de9 100644 --- a/hwsecurity/piv/build.gradle +++ b/hwsecurity/piv/build.gradle @@ -7,7 +7,7 @@ dependencies { api project(':hwsecurity:provider') compileOnly project(':hwsecurity:ui') - compileOnly 'com.google.android.material:material:1.1.0' + compileOnly 'com.google.android.material:material:1.3.0' compileOnly 'androidx.annotation:annotation:1.1.0' @@ -93,24 +93,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-piv") + moduleName.set("hwsecurity-piv") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.piv.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivKeyReference.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivKeyReference.java index 86fcf79..11e539f 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivKeyReference.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivKeyReference.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKey.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKey.java index 336e17e..f01ef35 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKey.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyAuthenticator.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyAuthenticator.java index 2cf2b57..6facbf4 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyAuthenticator.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyConnectionMode.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyConnectionMode.java index f50d197..4e9b0d1 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyConnectionMode.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyConnectionMode.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyDialogFragment.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyDialogFragment.java index 6b0726d..05dc772 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyDialogFragment.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/PivSecurityKeyDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/exceptions/PivWrongPinException.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/exceptions/PivWrongPinException.java index 9290921..6edd4fa 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/exceptions/PivWrongPinException.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/exceptions/PivWrongPinException.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivAppletConnection.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivAppletConnection.java index 2cf3a52..215bb7d 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivAppletConnection.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivAppletConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduDescriber.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduDescriber.java index b8c3d1a..70bc9de 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduDescriber.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduDescriber.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduFactory.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduFactory.java index 6fe4fbc..d3ea659 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduFactory.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivCommandApduFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivPinFormatter.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivPinFormatter.java index 46aad31..9a29855 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivPinFormatter.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivPinFormatter.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivSecurityKeyDialogPresenter.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivSecurityKeyDialogPresenter.java index 5de0d01..377cc04 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivSecurityKeyDialogPresenter.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/PivSecurityKeyDialogPresenter.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/GeneralAuthenticateOp.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/GeneralAuthenticateOp.java index 658228b..a1dc8ba 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/GeneralAuthenticateOp.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/GeneralAuthenticateOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/PivSignatureUtils.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/PivSignatureUtils.java index 0c1e95a..473618b 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/PivSignatureUtils.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/PivSignatureUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/ResetRetryCounterOp.java b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/ResetRetryCounterOp.java index 5bb05e0..90e7d02 100644 --- a/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/ResetRetryCounterOp.java +++ b/hwsecurity/piv/src/main/java/de/cotech/hw/piv/internal/operations/ResetRetryCounterOp.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/provider/build.gradle b/hwsecurity/provider/build.gradle index 338cd9d..a1f6793 100644 --- a/hwsecurity/provider/build.gradle +++ b/hwsecurity/provider/build.gradle @@ -7,7 +7,7 @@ dependencies { compileOnly 'androidx.annotation:annotation:1.1.0' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' } @@ -85,24 +85,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-provider") + moduleName.set("hwsecurity-provider") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.provider.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/CotechSecurityKeyProvider.java b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/CotechSecurityKeyProvider.java index b8fdb72..9ef6db7 100644 --- a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/CotechSecurityKeyProvider.java +++ b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/CotechSecurityKeyProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeyPrivateKey.java b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeyPrivateKey.java index 5a96e83..f6ff651 100644 --- a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeyPrivateKey.java +++ b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeyPrivateKey.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeySignature.java b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeySignature.java index 3c5e7e9..626ff20 100644 --- a/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeySignature.java +++ b/hwsecurity/provider/src/main/java/de/cotech/hw/provider/SecurityKeySignature.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ssh/build.gradle b/hwsecurity/ssh/build.gradle index 1d679f8..fc63422 100644 --- a/hwsecurity/ssh/build.gradle +++ b/hwsecurity/ssh/build.gradle @@ -9,7 +9,7 @@ dependencies { compileOnly 'androidx.annotation:annotation:1.1.0' - testImplementation 'junit:junit:4.12' + testImplementation 'junit:junit:4.13' testImplementation 'org.mockito:mockito-core:2.18.0' } @@ -87,20 +87,18 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-ssh") + moduleName.set("hwsecurity-ssh") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation - } + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation } } } \ No newline at end of file diff --git a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SecurityKeySshAuthenticator.java b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SecurityKeySshAuthenticator.java index fbfa23b..1181ef6 100644 --- a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SecurityKeySshAuthenticator.java +++ b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SecurityKeySshAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -129,9 +129,7 @@ public static SecurityKeySshAuthenticator fromOpenSshCertificate(SecurityKeyAuth public byte[] authenticateSshChallenge(byte[] challenge) throws IOException, NoSuchAlgorithmException { String signatureAlgorithmName = getSshSignatureAlgorithmName(); String signatureHashAlgorithmName = SshUtil.getSignatureHashAlgorithmName(signatureAlgorithmName); - byte[] signedChallenge = securityKeyAuthenticator.authenticateWithDigest(challenge, signatureHashAlgorithmName); - return SshUtil.encodeSshSignature(signatureAlgorithmName, signedChallenge); } diff --git a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshEncodedData.java b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshEncodedData.java index e3c1ba4..6e95776 100644 --- a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshEncodedData.java +++ b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshEncodedData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshUtil.java b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshUtil.java index 2241540..9830423 100644 --- a/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshUtil.java +++ b/hwsecurity/ssh/src/main/java/de/cotech/hw/ssh/SshUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -27,6 +27,7 @@ import androidx.annotation.AnyThread; import androidx.annotation.NonNull; + import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; @@ -44,6 +45,8 @@ import java.security.spec.EllipticCurve; import java.util.Arrays; +import de.cotech.hw.util.Hwsecurity25519PublicKey; + class SshUtil { private static final String OPENSSH_CERT_SUFFIX = "-cert-v01@openssh.com"; @@ -62,6 +65,13 @@ static String stripAlgorithmCertSuffix(@NonNull String algorithmName) { return algorithmName; } + static byte[] encodeEd25519PublicKey(Hwsecurity25519PublicKey publicKey) { + SshEncodedData sshEncodedData = new SshEncodedData(); + sshEncodedData.putString("ssh-ed25519"); + sshEncodedData.putString(publicKey.getEncoded()); + return sshEncodedData.toByteArray(); + } + static byte[] encodeEcPublicKey(ASN1ObjectIdentifier oid, ECPublicKey publicKey) throws NoSuchAlgorithmException { return encodeEcPublicKey(getCurveName(oid), encodeEcQ(publicKey)); @@ -187,7 +197,7 @@ static String getSignatureHashAlgorithmName(String sshAlgorithmName) throws NoSu case "rsa-sha256": return "SHA-256"; case "rsa-sha512": - return "SHA-256"; + return "SHA-512"; case "ecdsa-sha2-nistp256": return "SHA-256"; case "ecdsa-sha2-nistp384": @@ -195,7 +205,7 @@ static String getSignatureHashAlgorithmName(String sshAlgorithmName) throws NoSu case "ecdsa-sha2-nistp521": return "SHA-512"; case "ssh-ed25519": - return "SHA-256"; + return "SHA-512"; default: throw new NoSuchAlgorithmException("Unknown ssh algorithm " + sshAlgorithmName); } @@ -243,29 +253,35 @@ private static String getCurveName(String curveOid) throws NoSuchAlgorithmExcept @AnyThread static String retrieveSshAlgorithmName(PublicKey publicKey) throws NoSuchAlgorithmException { - if (publicKey instanceof ECPublicKey) { + if ("EC".equalsIgnoreCase(publicKey.getAlgorithm())) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; ASN1ObjectIdentifier curveOid = magicPublicKeyToCurveOid(ecPublicKey); String sshCurveName = SshUtil.getCurveName(curveOid); return "ecdsa-sha2-" + sshCurveName; } - if (publicKey instanceof RSAPublicKey) { + if ("RSA".equalsIgnoreCase(publicKey.getAlgorithm())) { // "rsa-sha2-512" // "rsa-sha2-256" return "ssh-rsa"; } + if ("Ed25519".equalsIgnoreCase(publicKey.getAlgorithm())) { + return "ssh-ed25519"; + } throw new NoSuchAlgorithmException("Unknown key type for SSH auth: " + publicKey.getClass().getSimpleName()); } @AnyThread static byte[] getSshPublicKeyBlob(PublicKey publicKey) throws NoSuchAlgorithmException { - if (publicKey instanceof ECPublicKey) { + if ("EC".equalsIgnoreCase(publicKey.getAlgorithm())) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; ASN1ObjectIdentifier curveOid = magicPublicKeyToCurveOid(ecPublicKey); - return SshUtil.encodeEcPublicKey(curveOid, ecPublicKey); + return encodeEcPublicKey(curveOid, ecPublicKey); + } + if ("RSA".equalsIgnoreCase(publicKey.getAlgorithm())) { + return encodeRsaPublicKey((RSAPublicKey) publicKey); } - if (publicKey instanceof RSAPublicKey) { - return SshUtil.encodeRsaPublicKey((RSAPublicKey) publicKey); + if ("Ed25519".equalsIgnoreCase(publicKey.getAlgorithm())) { + return encodeEd25519PublicKey((Hwsecurity25519PublicKey) publicKey); } throw new NoSuchAlgorithmException("Unknown key type for SSH auth: " + publicKey.getClass().getSimpleName()); } diff --git a/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/JcaTestUtils.java b/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/JcaTestUtils.java index 483930b..790b68f 100644 --- a/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/JcaTestUtils.java +++ b/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/JcaTestUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/SshUtilTest.java b/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/SshUtilTest.java index 77c103e..a590d37 100644 --- a/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/SshUtilTest.java +++ b/hwsecurity/ssh/src/test/java/de/cotech/hw/ssh/SshUtilTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/sshj/build.gradle b/hwsecurity/sshj/build.gradle new file mode 100644 index 0000000..ed1f5dd --- /dev/null +++ b/hwsecurity/sshj/build.gradle @@ -0,0 +1,110 @@ +apply plugin: 'com.android.library' +apply plugin: 'maven-publish' +apply plugin: 'org.jetbrains.dokka' + +dependencies { + api project(':hwsecurity:core') + + implementation 'com.hierynomus:sshj:0.31.0' + implementation 'org.bouncycastle:bcprov-jdk15on:1.65' + implementation "net.i2p.crypto:eddsa:0.3.0" // exposed transitive dependency in SSHJ + + // enable logging for debug build with /assets/logback.xml configuration + debugImplementation 'org.slf4j:slf4j-api:1.7.30' + debugImplementation 'com.github.tony19:logback-android:2.0.0' + + compileOnly 'androidx.annotation:annotation:1.1.0' + + testImplementation 'junit:junit:4.13' + testImplementation 'org.mockito:mockito-core:2.18.0' +} + +android { + compileSdkVersion rootProject.ext.compileSdkVersion + + defaultConfig { + minSdkVersion 14 + versionName rootProject.ext.hwSdkVersionName + consumerProguardFiles 'hwsecurity-sshj.pro' + } + + compileOptions { + sourceCompatibility JavaVersion.VERSION_1_8 + targetCompatibility JavaVersion.VERSION_1_8 + } + + // Do not abort build if lint finds errors + lintOptions { + abortOnError false + } +} + +// https://developer.android.com/studio/build/maven-publish-plugin +afterEvaluate { + publishing { + publications { + release(MavenPublication) { + from components.release + + groupId = 'de.cotech' + artifactId = 'hwsecurity-sshj' + version = android.defaultConfig.versionName + + pom { + url = 'https://hwsecurity.dev' + licenses { + license { + name = 'Commercial' + url = 'https://hwsecurity.dev/sales/' + distribution = 'repo' + } + license { + name = 'GNU General Public License, version 3' + url = 'https://www.gnu.org/licenses/gpl-3.0.txt' + } + } + organization { + name = 'Confidential Technologies GmbH' + url = 'https://www.cotech.de' + } + } + } + } + /* + * To upload release, create file gradle.properties in ~/.gradle/ with this content: + * + * cotechMavenName=xxx + * cotechMavenPassword=xxx + */ + if (project.hasProperty('cotechMavenName') && project.hasProperty('cotechMavenPassword')) { + println "Found cotechMavenName, cotechMavenPassword in gradle.properties!" + + repositories { + maven { + credentials { + username cotechMavenName + password cotechMavenPassword + } + url = "https://maven.cotech.de" + } + } + } + } +} + +dokkaHugo { + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + + moduleName.set("hwsecurity-sshj") + + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) + + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation + } + } +} diff --git a/hwsecurity/sshj/hwsecurity-sshj.pro b/hwsecurity/sshj/hwsecurity-sshj.pro new file mode 100644 index 0000000..1238091 --- /dev/null +++ b/hwsecurity/sshj/hwsecurity-sshj.pro @@ -0,0 +1,3 @@ +# keep BC provider +-keep class org.bouncycastle.jcajce.provider.** { *; } +-keep class org.bouncycastle.jce.provider.** { *; } diff --git a/hwsecurity/sshj/src/debug/assets/logback.xml b/hwsecurity/sshj/src/debug/assets/logback.xml new file mode 100644 index 0000000..efb685a --- /dev/null +++ b/hwsecurity/sshj/src/debug/assets/logback.xml @@ -0,0 +1,14 @@ + + + + %logger{12} + + + [%-20thread] %msg + + + + + + + diff --git a/hwsecurity/sshj/src/main/AndroidManifest.xml b/hwsecurity/sshj/src/main/AndroidManifest.xml new file mode 100644 index 0000000..e1c0d65 --- /dev/null +++ b/hwsecurity/sshj/src/main/AndroidManifest.xml @@ -0,0 +1,6 @@ + + + + + diff --git a/hwsecurity/sshj/src/main/java/de/cotech/hw/sshj/SecurityKeySshjAuthMethod.java b/hwsecurity/sshj/src/main/java/de/cotech/hw/sshj/SecurityKeySshjAuthMethod.java new file mode 100644 index 0000000..eaac89e --- /dev/null +++ b/hwsecurity/sshj/src/main/java/de/cotech/hw/sshj/SecurityKeySshjAuthMethod.java @@ -0,0 +1,193 @@ +/* + * Copyright (C) 2018-2021 Confidential Technologies GmbH + * + * You can purchase a commercial license at https://hwsecurity.dev. + * Buying such a license is mandatory as soon as you develop commercial + * activities involving this program without disclosing the source code + * of your own applications. + * + * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package de.cotech.hw.sshj; + + +import com.hierynomus.sshj.key.KeyAlgorithm; +import com.hierynomus.sshj.signature.Ed25519PublicKey; + +import net.i2p.crypto.eddsa.spec.EdDSANamedCurveSpec; +import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable; +import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec; +import net.schmizz.sshj.common.Buffer; +import net.schmizz.sshj.common.KeyType; +import net.schmizz.sshj.common.Message; +import net.schmizz.sshj.common.SSHPacket; +import net.schmizz.sshj.signature.Signature; +import net.schmizz.sshj.transport.TransportException; +import net.schmizz.sshj.userauth.UserAuthException; +import net.schmizz.sshj.userauth.method.AbstractAuthMethod; + +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; + +import de.cotech.hw.SecurityKeyAuthenticator; +import de.cotech.hw.util.HwTimber; +import de.cotech.hw.util.Hwsecurity25519PublicKey; + +/** + * Based on AuthPublickey and KeyedAuthMethod in SSHJ + * https://github.com/hierynomus/sshj/tree/master/src/main/java/net/schmizz/sshj/userauth/method + */ +public class SecurityKeySshjAuthMethod extends AbstractAuthMethod { + + SecurityKeyAuthenticator securityKeyAuthenticator; + PublicKey key; + + /** + * Initialize this method with the provider for public and private key. + */ + public SecurityKeySshjAuthMethod(SecurityKeyAuthenticator securityKeyAuthenticator) { + super("publickey"); + this.securityKeyAuthenticator = securityKeyAuthenticator; + } + + /** + * Builds a feeler request (sans signature). + */ + @Override + protected SSHPacket buildReq() throws UserAuthException { + return buildReq(false); + } + + /** + * Internal use. + */ + @Override + public void handle(Message cmd, SSHPacket buf) throws UserAuthException, TransportException { + if (cmd == Message.USERAUTH_60) + sendSignedReq(); + else + super.handle(cmd, buf); + } + + /** + * Send SSH_MSG_USERAUTH_REQUEST containing the signature. + * + * @throws UserAuthException + * @throws TransportException + */ + private void sendSignedReq() throws UserAuthException, TransportException { + HwTimber.d("Key acceptable, sending signed request"); + params.getTransport().write(putSig(buildReq(true))); + } + + /** + * Builds SSH_MSG_USERAUTH_REQUEST packet. + * + * @param signed whether the request packet will contain signature + * @return the {@link SSHPacket} containing the request packet + * @throws UserAuthException + */ + private SSHPacket buildReq(boolean signed) throws UserAuthException { + HwTimber.d("buildReq"); + return putPubKey(super.buildReq().putBoolean(signed)); + } + + protected SSHPacket putPubKey(SSHPacket reqBuf) throws UserAuthException { + PublicKey key = retrievePublicKey(); + KeyType keyType = KeyType.fromKey(key); + try { + KeyAlgorithm ka = params.getTransport().getClientKeyAlgorithm(keyType); + reqBuf.putString(ka.getKeyAlgorithm()) + .putString(new Buffer.PlainBuffer().putPublicKey(key).getCompactData()); + return reqBuf; + } catch (IOException ioe) { + throw new UserAuthException("No KeyAlgorithm configured for key " + keyType); + } + } + + protected SSHPacket putSig(SSHPacket reqBuf) throws UserAuthException { + PublicKey key = retrievePublicKey(); + final KeyType kt = KeyType.fromKey(key); + Signature signature; + try { + signature = params.getTransport().getClientKeyAlgorithm(kt).newSignature(); + } catch (TransportException e) { + throw new UserAuthException("No KeyAlgorithm configured for key " + kt); + } + + byte[] challenge = new Buffer.PlainBuffer() + .putString(params.getTransport().getSessionID()) + .putBuffer(reqBuf) // & rest of the data for sig + .getCompactData(); + + String hashAlgo = getSignatureHashAlgorithmName(signature.getSignatureName()); + + try { + byte[] signedChallenge = securityKeyAuthenticator.authenticateWithDigest(challenge, hashAlgo); + reqBuf.putSignature(signature.getSignatureName(), signature.encode(signedChallenge)); + + return reqBuf; + } catch (IOException | NoSuchAlgorithmException e) { + throw new UserAuthException(e); + } + } + + private static String getSignatureHashAlgorithmName(String signatureName) throws UserAuthException { + switch (signatureName) { + // see net.schmizz.sshj.signature.SignatureRSA + case "ssh-rsa": + return "SHA-1"; + case "rsa-sha2-256": + return "SHA-256"; + case "rsa-sha2-512": + return "SHA-512"; + // see net.schmizz.sshj.signature.SignatureECDSA + case "ecdsa-sha2-nistp256": + return "SHA-256"; + case "ecdsa-sha2-nistp384": + return "SHA-384"; + case "ecdsa-sha2-nistp521": + return "SHA-512"; + // see com.hierynomus.sshj.signature.SignatureEdDSA + case "ssh-ed25519": + return "SHA-512"; + default: + throw new UserAuthException("Unknown ssh algorithm " + signatureName); + } + } + + private PublicKey retrievePublicKey() throws UserAuthException { + if (key != null) { + return key; + } + try { + key = securityKeyAuthenticator.retrievePublicKey(); + } catch (IOException ioe) { + throw new UserAuthException("Problem getting public key"); + } + if (key instanceof Hwsecurity25519PublicKey) { + HwTimber.d("Converting raw Ed25519 key to SSHJ's Ed25519PublicKey class."); + EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName("Ed25519"); + EdDSAPublicKeySpec publicSpec = new EdDSAPublicKeySpec(key.getEncoded(), ed25519); + key = new Ed25519PublicKey(publicSpec); + } + + return key; + } + +} diff --git a/hwsecurity/ui/build.gradle b/hwsecurity/ui/build.gradle index 445d821..c4ab3b1 100644 --- a/hwsecurity/ui/build.gradle +++ b/hwsecurity/ui/build.gradle @@ -5,11 +5,11 @@ apply plugin: 'org.jetbrains.dokka' dependencies { api project(':hwsecurity:core') - implementation 'androidx.appcompat:appcompat:1.1.0' - implementation 'com.google.android.material:material:1.1.0' - implementation 'androidx.constraintlayout:constraintlayout:1.1.3' + implementation 'androidx.appcompat:appcompat:1.2.0' + implementation 'com.google.android.material:material:1.3.0' + implementation 'androidx.constraintlayout:constraintlayout:2.0.4' - api 'com.google.auto.value:auto-value-annotations:1.6.2' + api 'com.google.auto.value:auto-value-annotations:1.6.5' annotationProcessor 'com.google.auto.value:auto-value:1.6.2' annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6' } @@ -88,24 +88,22 @@ afterEvaluate { } dokkaHugo { - configure { - outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) + outputDirectory.set(file("$projectDir/../../hwsecurity.dev/content/reference")) - dokkaSourceSets { - register("java") { - moduleDisplayName.set("hwsecurity-ui") + moduleName.set("hwsecurity-ui") - sourceRoots.setFrom(file("src/main/java")) + dokkaSourceSets { + register("java") { + sourceRoots.setFrom(file("src/main/java")) - jdkVersion.set(8) // Used for linking to JDK documentation - noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation - noJdkLink.set(true) // Disable linking to online JDK documentation - noAndroidSdkLink.set(false) // Disable linking to online Android documentation + jdkVersion.set(8) // Used for linking to JDK documentation + noStdlibLink.set(false) // Disable linking to online kotlin-stdlib documentation + noJdkLink.set(true) // Disable linking to online JDK documentation + noAndroidSdkLink.set(false) // Disable linking to online Android documentation - perPackageOption { - prefix.set("de.cotech.hw.ui.internal") - suppress.set(true) - } + perPackageOption { + matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages + suppress.set(true) } } } diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogFragment.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogFragment.java index fb6e285..70a0c60 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogFragment.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -79,10 +79,12 @@ import de.cotech.hw.util.HwTimber; /** + * This abstract class is used by OpenPgpSecurityKeyDialogFragment and + * PivSecurityKeyDialogFragment. + *

+ * * This dialog shows helpful animations and handles all the PIN/PUK input for you. * It still allows you full control over the operations you can execute on the Security Key. - *

- * Use the SecurityKeyDialogFactory to instantiate this. */ public abstract class SecurityKeyDialogFragment extends BottomSheetDialogFragment implements SecurityKeyCallback, PinInput.PinInputCallback, SecurityKeyDialogInterface, diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogInterface.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogInterface.java index 228a150..1d56a5d 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogInterface.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogInterface.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogOptions.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogOptions.java index c30e73a..001aaea 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogOptions.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/SecurityKeyDialogOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/AnimatedVectorDrawableHelper.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/AnimatedVectorDrawableHelper.java index 7ceb8fb..ff5985c 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/AnimatedVectorDrawableHelper.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/AnimatedVectorDrawableHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ErrorView.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ErrorView.java index 367c06a..5779715 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ErrorView.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ErrorView.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPinInput.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPinInput.java index 9eb9d6d..56de12e 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPinInput.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPinInput.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPreferenceRepository.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPreferenceRepository.java index 2102d2d..c73e087 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPreferenceRepository.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeyboardPreferenceRepository.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeypadPinInput.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeypadPinInput.java index e06772b..1c0cfc9 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeypadPinInput.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/KeypadPinInput.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcFullscreenView.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcFullscreenView.java index 427f284..63bc0a8 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcFullscreenView.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcFullscreenView.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcSweetspotData.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcSweetspotData.java index 207bd0e..3ac666b 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcSweetspotData.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/NfcSweetspotData.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/PinInput.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/PinInput.java index 9d2552f..0900e3d 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/PinInput.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/PinInput.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ProgressView.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ProgressView.java index 991de8f..820cc54 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ProgressView.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/ProgressView.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyDialogPresenter.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyDialogPresenter.java index 9d984c0..1a2f783 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyDialogPresenter.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyDialogPresenter.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyFormFactor.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyFormFactor.java index 8985241..f683251 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyFormFactor.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SecurityKeyFormFactor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial @@ -104,7 +104,7 @@ public SecurityKeyFormFactor(@NonNull ViewGroup view, LifecycleOwner lifecycleOw sdkButton.setVisibility(showSdkButton ? View.VISIBLE : View.GONE); sdkButton.setOnClickListener(v -> { String packageName = context.getPackageName(); - String url = "https://hwsecurity.dev/?pk_campaign=sdk&pk_source=" + packageName; + String url = "https://hwsecurity.dev/?utm_campaign=sdk&utm_source=" + packageName; Intent i = new Intent(Intent.ACTION_VIEW); i.setData(Uri.parse(url)); context.startActivity(i); diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SmartcardFormFactor.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SmartcardFormFactor.java index ce0584c..fbbb664 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SmartcardFormFactor.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SmartcardFormFactor.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SuccessView.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SuccessView.java index 4efd5f3..1736197 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SuccessView.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/SuccessView.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial diff --git a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/WipeConfirmView.java b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/WipeConfirmView.java index 78682c1..f8a02b0 100644 --- a/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/WipeConfirmView.java +++ b/hwsecurity/ui/src/main/java/de/cotech/hw/ui/internal/WipeConfirmView.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Confidential Technologies GmbH + * Copyright (C) 2018-2021 Confidential Technologies GmbH * * You can purchase a commercial license at https://hwsecurity.dev. * Buying such a license is mandatory as soon as you develop commercial