From b1fbfa8eede1f2f9d003e49c027d5e4cb8a56bfe Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 2 Aug 2016 13:38:22 +0200 Subject: Support for command: is_aes_supported Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 8 ++++++++ NK_C_API.h | 6 ++++++ NitrokeyManager.cc | 15 +++++++++++++++ include/NitrokeyManager.h | 2 ++ include/device.h | 2 +- include/stick10_commands.h | 8 ++++++-- unittest/test_bindings.py | 6 ++++++ 7 files changed, 44 insertions(+), 3 deletions(-) diff --git a/NK_C_API.cc b/NK_C_API.cc index 81a18b5..0e3a642 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -415,5 +415,13 @@ extern int NK_erase_password_safe_slot(uint8_t slot_number) { }); } +extern int NK_is_AES_supported(const char *user_password) { + auto m = NitrokeyManager::instance(); + return get_with_result([&](){ + return (uint8_t) m->is_AES_supported(user_password); + }); +} + + } diff --git a/NK_C_API.h b/NK_C_API.h index 1882545..af226ac 100644 --- a/NK_C_API.h +++ b/NK_C_API.h @@ -292,6 +292,12 @@ extern int NK_write_password_safe_slot(uint8_t slot_number, const char *slot_nam * @return command processing error code */ extern int NK_erase_password_safe_slot(uint8_t slot_number); + +/** + * Check whether AES is supported by the device + * @return 0 for no and 1 for yes + */ +extern int NK_is_AES_supported(const char *user_password); } diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index fc1daa5..ef7358f 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -270,6 +270,11 @@ namespace nitrokey{ } void NitrokeyManager::enable_password_safe(const char *user_pin) { + //The following command will cancel enabling PWS if it is not supported + auto a = get_payload(); + strcpyT(a.user_password, user_pin); + IsAESSupported::CommandTransaction::run(*device, a); + auto p = get_payload(); strcpyT(p.user_password, user_pin); EnablePasswordSafe::CommandTransaction::run(*device, p); @@ -390,4 +395,14 @@ namespace nitrokey{ return v; } + bool NitrokeyManager::is_AES_supported(const char *user_password) { + try { + auto a = get_payload(); + strcpyT(a.user_password, user_password); + IsAESSupported::CommandTransaction::run(*device, a); + } + catch (CommandFailedException &ex) {}; + return device->get_last_command_status() == 0; + } + } \ No newline at end of file diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 4f1dcfa..e9b3be2 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -75,6 +75,8 @@ namespace nitrokey { vector read_config(); + bool is_AES_supported(const char *user_password); + private: NitrokeyManager(); ~NitrokeyManager(); diff --git a/include/device.h b/include/device.h index ffc38e5..a27c019 100644 --- a/include/device.h +++ b/include/device.h @@ -50,7 +50,7 @@ public: std::chrono::milliseconds get_retry_timeout() const { return m_retry_timeout; }; std::chrono::milliseconds get_send_receive_delay() const {return m_send_receive_delay;} - int get_last_command_status() const; + int get_last_command_status() const {return last_command_status;}; void set_last_command_status(uint8_t _err) { last_command_status = _err;} ; bool last_command_sucessfull() const {return last_command_status == 0;}; DeviceModel get_device_model() const {return m_model;} diff --git a/include/stick10_commands.h b/include/stick10_commands.h index 6df8727..e49e2a4 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -714,11 +714,15 @@ class ChangeUserPin : Command { CommandTransaction; }; -// TODO why is it needed? class IsAESSupported : Command { public: struct CommandPayload { - uint8_t password[20]; + uint8_t user_password[20]; + std::string dissect() const { + std::stringstream ss; + ss << " user_password:\t" << user_password<< std::endl; + return ss.str(); + } } __packed; typedef Transaction diff --git a/unittest/test_bindings.py b/unittest/test_bindings.py index ddae6e7..d65eeaf 100644 --- a/unittest/test_bindings.py +++ b/unittest/test_bindings.py @@ -121,6 +121,7 @@ def test_issue_device_locks_on_second_key_generation_in_sequence(C): def test_regenerate_aes_key(C): C.NK_set_debug(True) + assert C.NK_first_authenticate(DefaultPasswords.ADMIN, DefaultPasswords.ADMIN_TEMP) == DeviceErrorCode.STATUS_OK assert C.NK_build_aes_key(DefaultPasswords.ADMIN) == DeviceErrorCode.STATUS_OK assert C.NK_enable_password_safe(DefaultPasswords.USER) == DeviceErrorCode.STATUS_OK @@ -157,6 +158,11 @@ def test_destroy_password_safe(C): assert is_slot_programmed[0] == 0 +def test_is_AES_supported(C): + aes_supported = C.NK_is_AES_supported(DefaultPasswords.USER) + assert aes_supported == 1 + assert C.NK_get_last_command_status() == DeviceErrorCode.STATUS_OK + def test_admin_PIN_change(C): new_password = '123123123' -- cgit v1.2.3