From c6ba90ba1ca606b63373caaba16cb4fcc65d00f9 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 9 Jan 2017 18:30:29 +0100 Subject: Remove unused inttypes Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index ddec600..c49a449 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -84,7 +84,7 @@ namespace nitrokey{ shared_ptr NitrokeyManager::instance() { if (_instance == nullptr){ - _instance = shared_ptr(new NitrokeyManager()); + _instance = make_shared(); } return _instance; } -- cgit v1.2.3 From c2d3de8820cc2ad3f394b6672853af257d32e6f6 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 11 Jan 2017 16:04:52 +0100 Subject: Helper functions for getting device state get status for Pro and Storage check is device connected use make_shared for keeping instance reference fixed accessing active volume flag Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 2 +- NitrokeyManager.cc | 22 ++++++++++++++++++++-- include/NitrokeyManager.h | 11 +++++++---- include/stick20_commands.h | 9 ++++++++- 4 files changed, 36 insertions(+), 8 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NK_C_API.cc b/NK_C_API.cc index e513a3b..224a3a8 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -168,7 +168,7 @@ void clear_string(std::string &s){ extern const char * NK_status() { auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ - string && s = m->get_status(); + string && s = m->get_status_as_string(); char * rs = strdup(s.c_str()); clear_string(s); return rs; diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index c49a449..f71c362 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -90,7 +90,7 @@ namespace nitrokey{ } bool NitrokeyManager::disconnect() { - if (device == nullptr){ + if (!is_connected()){ return false; } const auto res = device->disconnect(); @@ -98,6 +98,10 @@ namespace nitrokey{ return res; } + bool NitrokeyManager::is_connected(){ + return device != nullptr; + } + void NitrokeyManager::set_debug(bool state) { if (state){ Log::instance().set_loglevel(Loglevel::DEBUG); @@ -111,7 +115,12 @@ namespace nitrokey{ return response.data().get_card_serial_hex(); } - string NitrokeyManager::get_status() { + stick10::GetStatus::ResponsePayload NitrokeyManager::get_status(){ + auto response = GetStatus::CommandTransaction::run(*device); + return response.data(); + } + + string NitrokeyManager::get_status_as_string() { auto response = GetStatus::CommandTransaction::run(*device); return response.data().dissect(); } @@ -597,6 +606,10 @@ namespace nitrokey{ return get_major_firmware_version() <= m[device->get_device_model()]; } + DeviceModel NitrokeyManager::get_connected_device_model(){ + return device->get_device_model(); + } + int NitrokeyManager::get_major_firmware_version(){ switch(device->get_device_model()){ case DeviceModel::PRO:{ @@ -682,6 +695,11 @@ namespace nitrokey{ return strdup(p.data().dissect().c_str()); } + stick20::DeviceConfigurationResponsePacket::ResponsePayload NitrokeyManager::get_status_storage(){ + auto p = stick20::GetDeviceStatus::CommandTransaction::run(*device); + return p.data(); + } + const char * NitrokeyManager::get_SD_usage_data_as_string(){ auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(*device); return strdup(p.data().dissect().c_str()); diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index fd39445..d6b70a4 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -39,8 +39,11 @@ namespace nitrokey { bool connect(const char *device_model); bool connect(); bool disconnect(); - void set_debug(bool state); - string get_status(); + bool is_connected(); + DeviceModel get_connected_device_model(); + void set_debug(bool state); + stick10::GetStatus::ResponsePayload get_status(); + string get_status_as_string(); string get_serial_number(); const char * get_totp_slot_name(uint8_t slot_number); @@ -105,6 +108,7 @@ namespace nitrokey { void send_startup(uint64_t seconds_from_epoch); const char * get_status_storage_as_string(); + stick20::DeviceConfigurationResponsePacket::ResponsePayload get_status_storage(); const char *get_SD_usage_data_as_string(); @@ -117,11 +121,10 @@ namespace nitrokey { void authorize_packet(T &package, const char *admin_temporary_password, shared_ptr device); int get_major_firmware_version(); + explicit NitrokeyManager(); private: - NitrokeyManager(); static shared_ptr _instance; - bool connected; std::shared_ptr device; bool is_valid_hotp_slot_number(uint8_t slot_number) const; diff --git a/include/stick20_commands.h b/include/stick20_commands.h index 386cbda..8080117 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -141,7 +141,14 @@ namespace nitrokey { uint8_t NewSDCardFound_u8; uint8_t SDFillWithRandomChars_u8; uint32_t ActiveSD_CardID_u32; - uint8_t VolumeActiceFlag_u8; + union{ + uint8_t VolumeActiceFlag_u8; + struct { + bool unencrypted :1; + bool encrypted :1; + bool hidden :1; + } __packed VolumeActiceFlag_st; + } __packed; uint8_t NewSmartCardFound_u8; uint8_t UserPwRetryCount; uint8_t AdminPwRetryCount; -- cgit v1.2.3 From 55745fccf0c4233c536d8bacead3443a8e431b8d Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 11 Jan 2017 16:40:05 +0100 Subject: Use nullptr instead of NULL Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 3 ++- device.cc | 14 +++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index f71c362..73a704a 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -49,7 +49,8 @@ namespace nitrokey{ shared_ptr NitrokeyManager::_instance = nullptr; - NitrokeyManager::NitrokeyManager() { + NitrokeyManager::NitrokeyManager() : device(nullptr) + { set_debug(true); } NitrokeyManager::~NitrokeyManager() { diff --git a/device.cc b/device.cc index 7bdbe9a..6ff370f 100644 --- a/device.cc +++ b/device.cc @@ -22,7 +22,7 @@ Device::Device(const uint16_t vid, const uint16_t pid, const DeviceModel model, m_retry_sending_count(3), m_retry_receiving_count(retry_receiving_count), m_retry_timeout(retry_timeout), - mp_devhandle(NULL), + mp_devhandle(nullptr), last_command_status(0), m_model(model), m_send_receive_delay(send_receive_delay) @@ -34,7 +34,7 @@ bool Device::disconnect() { if(mp_devhandle == nullptr) return false; hid_close(mp_devhandle); - mp_devhandle = NULL; + mp_devhandle = nullptr; hid_exit(); return true; } @@ -43,15 +43,15 @@ bool Device::connect() { Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); // hid_init(); // done automatically on hid_open - mp_devhandle = hid_open(m_vid, m_pid, NULL); - return mp_devhandle != NULL; + mp_devhandle = hid_open(m_vid, m_pid, nullptr); + return mp_devhandle != nullptr; } int Device::send(const void *packet) { std::lock_guard lock(mex_dev_com); Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); - if (mp_devhandle == NULL) + if (mp_devhandle == nullptr) throw std::runtime_error("Attempted HID send on an invalid descriptor."); //TODO migrate except to library_error return (hid_send_feature_report( @@ -65,7 +65,7 @@ int Device::recv(void *packet) { Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); - if (mp_devhandle == NULL) + if (mp_devhandle == nullptr) throw std::runtime_error("Attempted HID receive on an invalid descriptor."); //TODO migrate except to library_error // FIXME extract error handling and repeating to parent function in @@ -76,7 +76,7 @@ int Device::recv(void *packet) { // FIXME handle getting libhid error message somewhere else auto pwherr = hid_error(mp_devhandle); - std::wstring wherr = (pwherr != NULL) ? pwherr : L"No error message"; + std::wstring wherr = (pwherr != nullptr) ? pwherr : L"No error message"; std::string herr(wherr.begin(), wherr.end()); Log::instance()(std::string("libhid error message: ") + herr, Loglevel::DEBUG_L2); -- cgit v1.2.3 From 73eac5050abad1b8f0ddbc7e94a11170a640e130 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 11 Jan 2017 20:11:01 +0100 Subject: Protect concurrent use with lock guard Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 11 ++++++++++- include/NitrokeyManager.h | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 73a704a..b270eb3 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -6,9 +6,13 @@ #include #include #include "include/misc.h" +#include namespace nitrokey{ + std::mutex mex_dev_com; + + template void strcpyT(T& dest, const char* src){ @@ -58,6 +62,7 @@ namespace nitrokey{ bool NitrokeyManager::connect() { this->disconnect(); + std::lock_guard lock(mex_dev_com); vector< shared_ptr > devices = { make_shared(), make_shared() }; for( auto & d : devices ){ if (d->connect()){ @@ -70,6 +75,7 @@ namespace nitrokey{ bool NitrokeyManager::connect(const char *device_model) { this->disconnect(); + std::lock_guard lock(mex_dev_com); switch (device_model[0]){ case 'P': device = make_shared(); @@ -90,7 +96,10 @@ namespace nitrokey{ return _instance; } + + bool NitrokeyManager::disconnect() { + std::lock_guard lock(mex_dev_com); if (!is_connected()){ return false; } @@ -99,7 +108,7 @@ namespace nitrokey{ return res; } - bool NitrokeyManager::is_connected(){ + bool NitrokeyManager::is_connected() const throw(){ return device != nullptr; } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index d6b70a4..6551c1a 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -39,7 +39,7 @@ namespace nitrokey { bool connect(const char *device_model); bool connect(); bool disconnect(); - bool is_connected(); + bool is_connected() const throw() ; DeviceModel get_connected_device_model(); void set_debug(bool state); stick10::GetStatus::ResponsePayload get_status(); -- cgit v1.2.3 From 8f2e6ad0673e2fe2e3407c895eecbd478885f2c5 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 13 Jan 2017 10:48:18 +0100 Subject: Do not call disconnect on connect device will be disconnected automatically in its destructor Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 -- 1 file changed, 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index b270eb3..833e916 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -61,7 +61,6 @@ namespace nitrokey{ } bool NitrokeyManager::connect() { - this->disconnect(); std::lock_guard lock(mex_dev_com); vector< shared_ptr > devices = { make_shared(), make_shared() }; for( auto & d : devices ){ @@ -74,7 +73,6 @@ namespace nitrokey{ bool NitrokeyManager::connect(const char *device_model) { - this->disconnect(); std::lock_guard lock(mex_dev_com); switch (device_model[0]){ case 'P': -- cgit v1.2.3 From daf51e7e6a6f6569472f2a5fae5a376f105f858a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 13 Jan 2017 10:51:14 +0100 Subject: Add const qualifier to functions Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 3 ++- include/NitrokeyManager.h | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 833e916..1753a73 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -614,7 +614,8 @@ namespace nitrokey{ return get_major_firmware_version() <= m[device->get_device_model()]; } - DeviceModel NitrokeyManager::get_connected_device_model(){ + DeviceModel NitrokeyManager::get_connected_device_model() const{ + //FIXME throw if no device is connected or return unknown/unconnected value return device->get_device_model(); } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 6551c1a..e96ac22 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -40,7 +40,7 @@ namespace nitrokey { bool connect(); bool disconnect(); bool is_connected() const throw() ; - DeviceModel get_connected_device_model(); + DeviceModel get_connected_device_model() const; void set_debug(bool state); stick10::GetStatus::ResponsePayload get_status(); string get_status_as_string(); -- cgit v1.2.3 From 87252d46294515cc5fcf49eb08c8b1c19b49d27a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 13 Jan 2017 10:51:32 +0100 Subject: Comments - fixme Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 1 + 1 file changed, 1 insertion(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 1753a73..f92f5f7 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -88,6 +88,7 @@ namespace nitrokey{ } shared_ptr NitrokeyManager::instance() { + //FIXME check thread safety - add atomic for instance, add lock guard if (_instance == nullptr){ _instance = make_shared(); } -- cgit v1.2.3 From ffcb53e4cb3419ea31bf7b22e5f0c42fd54041da Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 13 Jan 2017 12:11:18 +0100 Subject: Name fix for firmware version getter Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 2 +- NitrokeyManager.cc | 4 ++-- include/NitrokeyManager.h | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NK_C_API.cc b/NK_C_API.cc index 224a3a8..f396fcb 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -474,7 +474,7 @@ extern int NK_get_progress_bar_value() { extern int NK_get_major_firmware_version(){ auto m = NitrokeyManager::instance(); return get_with_result([&](){ - return m->get_major_firmware_version(); + return m->get_minor_firmware_version(); }); } diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index f92f5f7..37e35e5 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -612,7 +612,7 @@ namespace nitrokey{ {DeviceModel::PRO, 7}, {DeviceModel::STORAGE, 43}, }); - return get_major_firmware_version() <= m[device->get_device_model()]; + return get_minor_firmware_version() <= m[device->get_device_model()]; } DeviceModel NitrokeyManager::get_connected_device_model() const{ @@ -620,7 +620,7 @@ namespace nitrokey{ return device->get_device_model(); } - int NitrokeyManager::get_major_firmware_version(){ + int NitrokeyManager::get_minor_firmware_version(){ switch(device->get_device_model()){ case DeviceModel::PRO:{ auto status_p = GetStatus::CommandTransaction::run(*device); diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index e96ac22..c7d7704 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -119,7 +119,7 @@ namespace nitrokey { template void authorize_packet(T &package, const char *admin_temporary_password, shared_ptr device); - int get_major_firmware_version(); + int get_minor_firmware_version(); explicit NitrokeyManager(); private: -- cgit v1.2.3 From 185b318b9134da163bbfb160d2d737c835927f30 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 13 Jan 2017 12:55:08 +0100 Subject: Fix firmware version in device status Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- include/stick20_commands.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 37e35e5..d85af91 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -628,7 +628,7 @@ namespace nitrokey{ } case DeviceModel::STORAGE:{ auto status = stick20::GetDeviceStatus::CommandTransaction::run(*device); - return status.data().versionInfo.major; + return status.data().versionInfo.minor; } } return 0; diff --git a/include/stick20_commands.h b/include/stick20_commands.h index 8080117..fd72f1e 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -130,9 +130,9 @@ namespace nitrokey { uint8_t VersionInfo_au8[4]; struct { uint8_t __unused; - uint8_t major; - uint8_t __unused2; uint8_t minor; + uint8_t __unused2; + uint8_t major; } __packed versionInfo; }; -- cgit v1.2.3 From 4f0ae6f59bc086f5ac9a1af14195b54c397641b2 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 23 Jan 2017 18:40:10 +0100 Subject: Throw on not connected device when requesting model Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 3 +++ 1 file changed, 3 insertions(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index d85af91..e0e6ae3 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -617,6 +617,9 @@ namespace nitrokey{ DeviceModel NitrokeyManager::get_connected_device_model() const{ //FIXME throw if no device is connected or return unknown/unconnected value + if (device == nullptr){ + throw std::runtime_error("device not connected"); + } return device->get_device_model(); } -- cgit v1.2.3 From 02ac032b7493749bfd64533fe0c7f1e8ff46fe75 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 24 Jan 2017 15:17:22 +0100 Subject: Remove support for new authorization protocol for storage Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index e0e6ae3..09a0def 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -610,7 +610,7 @@ namespace nitrokey{ //authorization command is supported for versions equal or below: auto m = std::unordered_map({ {DeviceModel::PRO, 7}, - {DeviceModel::STORAGE, 43}, + {DeviceModel::STORAGE, 99}, }); return get_minor_firmware_version() <= m[device->get_device_model()]; } -- cgit v1.2.3 From 2543e09fa25fa8ed54920c519de32d4b4da074d4 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 24 Jan 2017 17:33:49 +0100 Subject: Read slot command support Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 22 +++++++++++++++++++++- include/NitrokeyManager.h | 7 ++++++- include/stick10_commands.h | 38 ++++++++++++++++++++++++++++++++------ 3 files changed, 59 insertions(+), 8 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 09a0def..b12895d 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -468,6 +468,7 @@ namespace nitrokey{ auto response = GetUserPasswordRetryCount::CommandTransaction::run(*device); return response.data().password_retry_count; } + uint8_t NitrokeyManager::get_admin_retry_count() { if(device->get_device_model() == DeviceModel::STORAGE){ stick20::GetDeviceStatus::CommandTransaction::run(*device); @@ -728,4 +729,23 @@ namespace nitrokey{ } } - } + uint32_t NitrokeyManager::get_TOTP_code(uint8_t slot_number, const char *user_temporary_password) { + return get_TOTP_code(slot_number, 0, 0, 0, user_temporary_password); + } + + stick10::ReadSlot::ResponsePayload NitrokeyManager::get_OTP_slot_data(const uint8_t slot_number) { + auto p = get_payload(); + p.slot_number = slot_number; + auto data = stick10::ReadSlot::CommandTransaction::run(*device, p); + return data.data(); + } + + stick10::ReadSlot::ResponsePayload NitrokeyManager::get_TOTP_slot_data(const uint8_t slot_number) { + return get_OTP_slot_data(get_internal_slot_number_for_totp(slot_number)); + } + + stick10::ReadSlot::ResponsePayload NitrokeyManager::get_HOTP_slot_data(const uint8_t slot_number) { + return get_OTP_slot_data(get_internal_slot_number_for_hotp(slot_number)); + } + +} diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index c7d7704..03f1a86 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -32,6 +32,10 @@ namespace nitrokey { uint32_t get_HOTP_code(uint8_t slot_number, const char *user_temporary_password); uint32_t get_TOTP_code(uint8_t slot_number, uint64_t challenge, uint64_t last_totp_time, uint8_t last_interval, const char *user_temporary_password); + uint32_t get_TOTP_code(uint8_t slot_number, const char *user_temporary_password); + stick10::ReadSlot::ResponsePayload get_TOTP_slot_data(const uint8_t slot_number); + stick10::ReadSlot::ResponsePayload get_HOTP_slot_data(const uint8_t slot_number); + bool set_time(uint64_t time); bool get_time(); bool erase_totp_slot(uint8_t slot_number, const char *temporary_password); @@ -127,7 +131,8 @@ namespace nitrokey { static shared_ptr _instance; std::shared_ptr device; - bool is_valid_hotp_slot_number(uint8_t slot_number) const; + stick10::ReadSlot::ResponsePayload get_OTP_slot_data(const uint8_t slot_number); + bool is_valid_hotp_slot_number(uint8_t slot_number) const; bool is_valid_totp_slot_number(uint8_t slot_number) const; bool is_valid_password_safe_slot_number(uint8_t slot_number) const; uint8_t get_internal_slot_number_for_hotp(uint8_t slot_number) const; diff --git a/include/stick10_commands.h b/include/stick10_commands.h index fb362fb..b66a9b4 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -293,18 +293,44 @@ class ReadSlot : Command { struct ResponsePayload { uint8_t slot_name[15]; - uint8_t config; - uint8_t token_id[13]; - uint64_t counter; + union{ + uint8_t _slot_config; + struct{ + bool use_8_digits : 1; + bool use_enter : 1; + bool use_tokenID : 1; + }; + }; + union{ + uint8_t slot_token_id[13]; /** OATH Token Identifier */ + struct{ /** @see https://openauthentication.org/token-specs/ */ + uint8_t omp[2]; + uint8_t tt[2]; + uint8_t mui[8]; + uint8_t keyboard_layout; //disabled feature in nitroapp as of 20160805 + } slot_token_fields; + }; + union{ + uint64_t slot_counter; + uint8_t slot_counter_s[8]; + } __packed; bool isValid() const { return true; } std::string dissect() const { std::stringstream ss; ss << "slot_name:\t" << slot_name << std::endl; - ss << "config:\t" << config << std::endl; - ss << "token_id:\t" << token_id << std::endl; - ss << "counter:\t" << counter << std::endl; + ss << "slot_config:\t" << std::bitset<8>((int)_slot_config) << std::endl; + ss << "\tuse_8_digits(0):\t" << use_8_digits << std::endl; + ss << "\tuse_enter(1):\t" << use_enter << std::endl; + ss << "\tuse_tokenID(2):\t" << use_tokenID << std::endl; + + ss << "slot_token_id:\t"; + for (auto i : slot_token_id) + ss << std::hex << std::setw(2) << std::setfill('0')<< (int) i << " " ; + ss << std::endl; + ss << "slot_counter:\t[" << (int)slot_counter << "]\t" + << ::nitrokey::misc::hexdump((const char *)(&slot_counter), sizeof slot_counter, false); return ss.str(); } } __packed; -- cgit v1.2.3 From a721ca6391d1f6494d5493fb0e56c868bcd2b60c Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 26 Jan 2017 10:28:12 +0100 Subject: Use const char pointers for C strings Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 6 +++--- include/NitrokeyManager.h | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index b12895d..c5259d2 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -406,16 +406,16 @@ namespace nitrokey{ return false; } - void NitrokeyManager::change_user_PIN(char *current_PIN, char *new_PIN) { + void NitrokeyManager::change_user_PIN(const char *current_PIN, const char *new_PIN) { change_PIN_general(current_PIN, new_PIN); } - void NitrokeyManager::change_admin_PIN(char *current_PIN, char *new_PIN) { + void NitrokeyManager::change_admin_PIN(const char *current_PIN, const char *new_PIN) { change_PIN_general(current_PIN, new_PIN); } template - void NitrokeyManager::change_PIN_general(char *current_PIN, char *new_PIN) { + void NitrokeyManager::change_PIN_general(const char *current_PIN, const char *new_PIN) { switch (device->get_device_model()){ case DeviceModel::PRO: { diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 03f1a86..f0cab68 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -53,8 +53,8 @@ namespace nitrokey { const char * get_totp_slot_name(uint8_t slot_number); const char * get_hotp_slot_name(uint8_t slot_number); - void change_user_PIN(char *current_PIN, char *new_PIN); - void change_admin_PIN(char *current_PIN, char *new_PIN); + void change_user_PIN(const char *current_PIN, const char *new_PIN); + void change_admin_PIN(const char *current_PIN, const char *new_PIN); void enable_password_safe(const char *user_pin); @@ -141,7 +141,7 @@ namespace nitrokey { const char * get_slot_name(uint8_t slot_number); template - void change_PIN_general(char *current_PIN, char *new_PIN); + void change_PIN_general(const char *current_PIN, const char *new_PIN); void write_HOTP_slot_authorize(uint8_t slot_number, const char *slot_name, const char *secret, uint64_t hotp_counter, bool use_8_digits, bool use_enter, bool use_tokenID, const char *token_ID, -- cgit v1.2.3 From 84a98c04c6c79455b04ba300ebfa5ec752abb721 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 30 Jan 2017 17:29:53 +0100 Subject: Send current time when checking time synchronization Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 2 +- NitrokeyManager.cc | 5 +++-- include/NitrokeyManager.h | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NK_C_API.cc b/NK_C_API.cc index f396fcb..6d18e52 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -273,7 +273,7 @@ extern int NK_totp_set_time(uint64_t time){ extern int NK_totp_get_time(){ auto m = NitrokeyManager::instance(); return get_without_result([&](){ - m->get_time(); // FIXME check how that should work + m->get_time(0); // FIXME check how that should work }); } diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index c5259d2..dc58e4d 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -399,11 +399,12 @@ namespace nitrokey{ return false; } - bool NitrokeyManager::get_time() { + bool NitrokeyManager::get_time(uint64_t time) { auto p = get_payload(); p.reset = 0; + p.time = time; SetTime::CommandTransaction::run(*device, p); - return false; + return true; } void NitrokeyManager::change_user_PIN(const char *current_PIN, const char *new_PIN) { diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index f0cab68..3e38cc3 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -37,7 +37,7 @@ namespace nitrokey { stick10::ReadSlot::ResponsePayload get_HOTP_slot_data(const uint8_t slot_number); bool set_time(uint64_t time); - bool get_time(); + bool get_time(uint64_t time = 0); bool erase_totp_slot(uint8_t slot_number, const char *temporary_password); bool erase_hotp_slot(uint8_t slot_number, const char *temporary_password); bool connect(const char *device_model); -- cgit v1.2.3 From aa668f74e95617fd0544327a2b57bf654a6f9a2d Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 31 Jan 2017 18:07:55 +0100 Subject: Be tread-safe on initializing instance Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 3 ++- include/DeviceCommunicationExceptions.h | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 include/DeviceCommunicationExceptions.h (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index dc58e4d..ee7ca92 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -88,7 +88,8 @@ namespace nitrokey{ } shared_ptr NitrokeyManager::instance() { - //FIXME check thread safety - add atomic for instance, add lock guard + static std::mutex mutex; + std::lock_guard lock(mutex); if (_instance == nullptr){ _instance = make_shared(); } diff --git a/include/DeviceCommunicationExceptions.h b/include/DeviceCommunicationExceptions.h new file mode 100644 index 0000000..78fc625 --- /dev/null +++ b/include/DeviceCommunicationExceptions.h @@ -0,0 +1,31 @@ +#ifndef LIBNITROKEY_DEVICECOMMUNICATIONEXCEPTIONS_H +#define LIBNITROKEY_DEVICECOMMUNICATIONEXCEPTIONS_H + +#include +#include +//class DeviceCommunicationException: public std::exception { +class DeviceCommunicationException: public std::runtime_error{ + std::string message; +public: + DeviceCommunicationException(std::string _msg): runtime_error(_msg), message(_msg){} +// virtual const char* what() const throw() override { +// return message.c_str(); +// } +}; + +class DeviceNotConnected: public DeviceCommunicationException { +public: + DeviceNotConnected(std::string msg) : DeviceCommunicationException(msg){} +}; + +class DeviceSendingFailure: public DeviceCommunicationException { +public: + DeviceSendingFailure(std::string msg) : DeviceCommunicationException(msg){} +}; + +class DeviceReceivingFailure: public DeviceCommunicationException { +public: + DeviceReceivingFailure(std::string msg) : DeviceCommunicationException(msg){} +}; + +#endif //LIBNITROKEY_DEVICECOMMUNICATIONEXCEPTIONS_H -- cgit v1.2.3 From cb6b2dd65e1f0132353159b83ae05c944d8e62f0 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 31 Jan 2017 18:10:59 +0100 Subject: Make disconnect thread safe. Check is device actually connected by invoking its checking method Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 32 ++++++++++++++++++++++++-------- include/NitrokeyManager.h | 3 ++- 2 files changed, 26 insertions(+), 9 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index ee7ca92..3213417 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -100,16 +100,32 @@ namespace nitrokey{ bool NitrokeyManager::disconnect() { std::lock_guard lock(mex_dev_com); - if (!is_connected()){ - return false; - } - const auto res = device->disconnect(); - device = nullptr; - return res; + return _disconnect_no_lock(); } - bool NitrokeyManager::is_connected() const throw(){ - return device != nullptr; + bool NitrokeyManager::_disconnect_no_lock() { + //do not use directly without locked mutex, + //used by is_connected, disconnect + if (device == nullptr){ + return false; + } + const auto res = device->disconnect(); + device = nullptr; + return res; + } + + bool NitrokeyManager::is_connected() throw(){ + std::lock_guard lock(mex_dev_com); + if(device != nullptr){ + auto connected = device->is_connected(); + if(connected){ + return true; + } else { + _disconnect_no_lock(); + return false; + } + } + return false; } void NitrokeyManager::set_debug(bool state) { diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 3e38cc3..4a98e94 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -43,7 +43,7 @@ namespace nitrokey { bool connect(const char *device_model); bool connect(); bool disconnect(); - bool is_connected() const throw() ; + bool is_connected() throw() ; DeviceModel get_connected_device_model() const; void set_debug(bool state); stick10::GetStatus::ResponsePayload get_status(); @@ -156,6 +156,7 @@ namespace nitrokey { bool use_8_digits, bool use_enter, bool use_tokenID, const char *token_ID, const char *temporary_password) const; + bool _disconnect_no_lock(); }; } -- cgit v1.2.3 From 0503db5b47f247568b78504fa781e083e108eab9 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 31 Jan 2017 18:12:31 +0100 Subject: Pass devices shared pointer to methods instead of ref Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 126 ++++++++++++++++++++++++------------------------- include/device_proto.h | 22 ++++----- 2 files changed, 74 insertions(+), 74 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 3213417..65b3c68 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -48,7 +48,7 @@ namespace nitrokey{ auto auth = get_payload(); strcpyT(auth.temporary_password, admin_temporary_password); auth.crc_to_authorize = S::CommandTransaction::getCRC(package); - A::CommandTransaction::run(*device, auth); + A::CommandTransaction::run(device, auth); } shared_ptr NitrokeyManager::_instance = nullptr; @@ -137,17 +137,17 @@ namespace nitrokey{ } string NitrokeyManager::get_serial_number() { - auto response = GetStatus::CommandTransaction::run(*device); + auto response = GetStatus::CommandTransaction::run(device); return response.data().get_card_serial_hex(); } stick10::GetStatus::ResponsePayload NitrokeyManager::get_status(){ - auto response = GetStatus::CommandTransaction::run(*device); + auto response = GetStatus::CommandTransaction::run(device); return response.data(); } string NitrokeyManager::get_status_as_string() { - auto response = GetStatus::CommandTransaction::run(*device); + auto response = GetStatus::CommandTransaction::run(device); return response.data().dissect(); } @@ -160,7 +160,7 @@ namespace nitrokey{ if(user_temporary_password != nullptr && strlen(user_temporary_password)!=0){ //FIXME use string instead of strlen authorize_packet(gh, user_temporary_password, device); } - auto resp = GetHOTP::CommandTransaction::run(*device, gh); + auto resp = GetHOTP::CommandTransaction::run(device, gh); return resp.data().code; } else { auto gh = get_payload(); @@ -168,7 +168,7 @@ namespace nitrokey{ if(user_temporary_password != nullptr && strlen(user_temporary_password)!=0) { strcpyT(gh.temporary_user_password, user_temporary_password); } - auto resp = stick10_08::GetHOTP::CommandTransaction::run(*device, gh); + auto resp = stick10_08::GetHOTP::CommandTransaction::run(device, gh); return resp.data().code; } } @@ -195,13 +195,13 @@ namespace nitrokey{ if(user_temporary_password != nullptr && strlen(user_temporary_password)!=0){ //FIXME use string instead of strlen authorize_packet(gt, user_temporary_password, device); } - auto resp = GetTOTP::CommandTransaction::run(*device, gt); + auto resp = GetTOTP::CommandTransaction::run(device, gt); return resp.data().code; } else { auto gt = get_payload(); strcpyT(gt.temporary_user_password, user_temporary_password); gt.slot_number = slot_number; - auto resp = stick10_08::GetTOTP::CommandTransaction::run(*device, gt); + auto resp = stick10_08::GetTOTP::CommandTransaction::run(device, gt); return resp.data().code; } @@ -212,12 +212,12 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; authorize_packet(p, temporary_password, device); - auto resp = EraseSlot::CommandTransaction::run(*device,p); + auto resp = EraseSlot::CommandTransaction::run(device,p); } else { auto p = get_payload(); p.slot_number = slot_number; strcpyT(p.temporary_admin_password, temporary_password); - auto resp = stick10_08::EraseSlot::CommandTransaction::run(*device,p); + auto resp = stick10_08::EraseSlot::CommandTransaction::run(device,p); } return true; } @@ -301,7 +301,7 @@ namespace nitrokey{ authorize_packet(payload, temporary_password, device); - auto resp = WriteToHOTPSlot::CommandTransaction::run(*device, payload); + auto resp = WriteToHOTPSlot::CommandTransaction::run(device, payload); } bool NitrokeyManager::write_TOTP_slot(uint8_t slot_number, const char *slot_name, const char *secret, uint16_t time_window, @@ -331,7 +331,7 @@ namespace nitrokey{ strcpyT(payload2.temporary_admin_password, temporary_password); strcpyT(payload2.data, slot_name); payload2.setTypeName(); - stick10_08::SendOTPData::CommandTransaction::run(*device, payload2); + stick10_08::SendOTPData::CommandTransaction::run(device, payload2); payload2.setTypeSecret(); payload2.id = 0; @@ -347,7 +347,7 @@ namespace nitrokey{ const auto start = secret_bin.size() - remaining_secret_length; memset(payload2.data, 0, sizeof(payload2.data)); vector_copy_ranged(payload2.data, secret_bin, start, bytesToCopy); - stick10_08::SendOTPData::CommandTransaction::run(*device, payload2); + stick10_08::SendOTPData::CommandTransaction::run(device, payload2); remaining_secret_length -= bytesToCopy; payload2.id++; } @@ -360,7 +360,7 @@ namespace nitrokey{ payload.use_tokenID = use_tokenID; payload.slot_counter_or_interval = counter_or_interval; payload.slot_number = internal_slot_number; - stick10_08::WriteToOTPSlot::CommandTransaction::run(*device, payload); + stick10_08::WriteToOTPSlot::CommandTransaction::run(device, payload); } void NitrokeyManager::write_TOTP_slot_authorize(uint8_t slot_number, const char *slot_name, const char *secret, @@ -379,7 +379,7 @@ namespace nitrokey{ authorize_packet(payload, temporary_password, device); - auto resp = WriteToTOTPSlot::CommandTransaction::run(*device, payload); + auto resp = WriteToTOTPSlot::CommandTransaction::run(device, payload); } const char * NitrokeyManager::get_totp_slot_name(uint8_t slot_number) { @@ -396,7 +396,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_slot_name(uint8_t slot_number) { auto payload = get_payload(); payload.slot_number = slot_number; - auto resp = GetSlotName::CommandTransaction::run(*device, payload); + auto resp = GetSlotName::CommandTransaction::run(device, payload); return strdup((const char *) resp.data().slot_name); } @@ -404,7 +404,7 @@ namespace nitrokey{ auto authreq = get_payload(); strcpyT(authreq.card_password, pin); strcpyT(authreq.temporary_password, temporary_password); - FirstAuthenticate::CommandTransaction::run(*device, authreq); + FirstAuthenticate::CommandTransaction::run(device, authreq); return true; } @@ -412,7 +412,7 @@ namespace nitrokey{ auto p = get_payload(); p.reset = 1; p.time = time; - SetTime::CommandTransaction::run(*device, p); + SetTime::CommandTransaction::run(device, p); return false; } @@ -420,7 +420,7 @@ namespace nitrokey{ auto p = get_payload(); p.reset = 0; p.time = time; - SetTime::CommandTransaction::run(*device, p); + SetTime::CommandTransaction::run(device, p); return true; } @@ -440,7 +440,7 @@ namespace nitrokey{ auto p = get_payload(); strcpyT(p.old_pin, current_PIN); strcpyT(p.new_pin, new_PIN); - ProCommand::CommandTransaction::run(*device, p); + ProCommand::CommandTransaction::run(device, p); } break; //in Storage change admin/user pin is divided to two commands with 20 chars field len @@ -452,8 +452,8 @@ namespace nitrokey{ auto p2 = get_payload(); strcpyT(p2.password, new_PIN); p2.set_kind(StoKind); - ChangeAdminUserPin20Current::CommandTransaction::run(*device, p); - ChangeAdminUserPin20New::CommandTransaction::run(*device, p2); + ChangeAdminUserPin20Current::CommandTransaction::run(device, p); + ChangeAdminUserPin20New::CommandTransaction::run(device, p2); } break; } @@ -464,15 +464,15 @@ namespace nitrokey{ //The following command will cancel enabling PWS if it is not supported auto a = get_payload(); strcpyT(a.user_password, user_pin); - IsAESSupported::CommandTransaction::run(*device, a); + IsAESSupported::CommandTransaction::run(device, a); auto p = get_payload(); strcpyT(p.user_password, user_pin); - EnablePasswordSafe::CommandTransaction::run(*device, p); + EnablePasswordSafe::CommandTransaction::run(device, p); } vector NitrokeyManager::get_password_safe_slot_status() { - auto responsePayload = GetPasswordSafeSlotStatus::CommandTransaction::run(*device); + auto responsePayload = GetPasswordSafeSlotStatus::CommandTransaction::run(device); vector v = vector(responsePayload.data().password_safe_status, responsePayload.data().password_safe_status + sizeof(responsePayload.data().password_safe_status)); @@ -481,29 +481,29 @@ namespace nitrokey{ uint8_t NitrokeyManager::get_user_retry_count() { if(device->get_device_model() == DeviceModel::STORAGE){ - stick20::GetDeviceStatus::CommandTransaction::run(*device); + stick20::GetDeviceStatus::CommandTransaction::run(device); } - auto response = GetUserPasswordRetryCount::CommandTransaction::run(*device); + auto response = GetUserPasswordRetryCount::CommandTransaction::run(device); return response.data().password_retry_count; } uint8_t NitrokeyManager::get_admin_retry_count() { if(device->get_device_model() == DeviceModel::STORAGE){ - stick20::GetDeviceStatus::CommandTransaction::run(*device); + stick20::GetDeviceStatus::CommandTransaction::run(device); } - auto response = GetPasswordRetryCount::CommandTransaction::run(*device); + auto response = GetPasswordRetryCount::CommandTransaction::run(device); return response.data().password_retry_count; } void NitrokeyManager::lock_device() { - LockDevice::CommandTransaction::run(*device); + LockDevice::CommandTransaction::run(device); } const char *NitrokeyManager::get_password_safe_slot_name(uint8_t slot_number) { if (!is_valid_password_safe_slot_number(slot_number)) throw InvalidSlotException(slot_number); auto p = get_payload(); p.slot_number = slot_number; - auto response = GetPasswordSafeSlotName::CommandTransaction::run(*device, p); + auto response = GetPasswordSafeSlotName::CommandTransaction::run(device, p); return strdup((const char *) response.data().slot_name); } @@ -513,7 +513,7 @@ namespace nitrokey{ if (!is_valid_password_safe_slot_number(slot_number)) throw InvalidSlotException(slot_number); auto p = get_payload(); p.slot_number = slot_number; - auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(*device, p); + auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(device, p); return strdup((const char *) response.data().slot_login); } @@ -521,7 +521,7 @@ namespace nitrokey{ if (!is_valid_password_safe_slot_number(slot_number)) throw InvalidSlotException(slot_number); auto p = get_payload(); p.slot_number = slot_number; - auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(*device, p); + auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(device, p); return strdup((const char *) response.data().slot_password); } @@ -532,26 +532,26 @@ namespace nitrokey{ p.slot_number = slot_number; strcpyT(p.slot_name, slot_name); strcpyT(p.slot_password, slot_password); - SetPasswordSafeSlotData::CommandTransaction::run(*device, p); + SetPasswordSafeSlotData::CommandTransaction::run(device, p); auto p2 = get_payload(); p2.slot_number = slot_number; strcpyT(p2.slot_login_name, slot_login); - SetPasswordSafeSlotData2::CommandTransaction::run(*device, p2); + SetPasswordSafeSlotData2::CommandTransaction::run(device, p2); } void NitrokeyManager::erase_password_safe_slot(uint8_t slot_number) { if (!is_valid_password_safe_slot_number(slot_number)) throw InvalidSlotException(slot_number); auto p = get_payload(); p.slot_number = slot_number; - ErasePasswordSafeSlot::CommandTransaction::run(*device, p); + ErasePasswordSafeSlot::CommandTransaction::run(device, p); } void NitrokeyManager::user_authenticate(const char *user_password, const char *temporary_password) { auto p = get_payload(); strcpyT(p.card_password, user_password); strcpyT(p.temporary_password, temporary_password); - UserAuthenticate::CommandTransaction::run(*device, p); + UserAuthenticate::CommandTransaction::run(device, p); } void NitrokeyManager::build_aes_key(const char *admin_password) { @@ -559,14 +559,14 @@ namespace nitrokey{ case DeviceModel::PRO: { auto p = get_payload(); strcpyT(p.admin_password, admin_password); - BuildAESKey::CommandTransaction::run(*device, p); + BuildAESKey::CommandTransaction::run(device, p); break; } case DeviceModel::STORAGE : { auto p = get_payload(); strcpyT(p.password, admin_password); p.set_defaults(); - stick20::CreateNewKeys::CommandTransaction::run(*device, p); + stick20::CreateNewKeys::CommandTransaction::run(device, p); break; } } @@ -575,7 +575,7 @@ namespace nitrokey{ void NitrokeyManager::factory_reset(const char *admin_password) { auto p = get_payload(); strcpyT(p.admin_password, admin_password); - FactoryReset::CommandTransaction::run(*device, p); + FactoryReset::CommandTransaction::run(device, p); } void NitrokeyManager::unlock_user_password(const char *admin_password, const char *new_user_password) { @@ -584,18 +584,18 @@ namespace nitrokey{ auto p = get_payload(); strcpyT(p.admin_password, admin_password); strcpyT(p.user_new_password, new_user_password); - stick10::UnlockUserPassword::CommandTransaction::run(*device, p); + stick10::UnlockUserPassword::CommandTransaction::run(device, p); break; } case DeviceModel::STORAGE : { auto p2 = get_payload(); p2.set_defaults(); strcpyT(p2.password, admin_password); - ChangeAdminUserPin20Current::CommandTransaction::run(*device, p2); + ChangeAdminUserPin20Current::CommandTransaction::run(device, p2); auto p3 = get_payload(); p3.set_defaults(); strcpyT(p3.password, new_user_password); - stick20::UnlockUserPin::CommandTransaction::run(*device, p3); + stick20::UnlockUserPin::CommandTransaction::run(device, p3); break; } } @@ -615,11 +615,11 @@ namespace nitrokey{ } else { strcpyT(p.temporary_admin_password, admin_temporary_password); } - stick10_08::WriteGeneralConfig::CommandTransaction::run(*device, p); + stick10_08::WriteGeneralConfig::CommandTransaction::run(device, p); } vector NitrokeyManager::read_config() { - auto responsePayload = GetStatus::CommandTransaction::run(*device); + auto responsePayload = GetStatus::CommandTransaction::run(device); vector v = vector(responsePayload.data().general_config, responsePayload.data().general_config+sizeof(responsePayload.data().general_config)); return v; @@ -645,11 +645,11 @@ namespace nitrokey{ int NitrokeyManager::get_minor_firmware_version(){ switch(device->get_device_model()){ case DeviceModel::PRO:{ - auto status_p = GetStatus::CommandTransaction::run(*device); + auto status_p = GetStatus::CommandTransaction::run(device); return status_p.data().firmware_version; //7 or 8 } case DeviceModel::STORAGE:{ - auto status = stick20::GetDeviceStatus::CommandTransaction::run(*device); + auto status = stick20::GetDeviceStatus::CommandTransaction::run(device); return status.data().versionInfo.minor; } } @@ -659,7 +659,7 @@ namespace nitrokey{ bool NitrokeyManager::is_AES_supported(const char *user_password) { auto a = get_payload(); strcpyT(a.user_password, user_password); - IsAESSupported::CommandTransaction::run(*device, a); + IsAESSupported::CommandTransaction::run(device, a); return true; } @@ -669,15 +669,15 @@ namespace nitrokey{ auto p = get_payload(); // p.set_defaults(); //set current time p.localtime = seconds_from_epoch; - stick20::SendStartup::CommandTransaction::run(*device, p); + stick20::SendStartup::CommandTransaction::run(device, p); } void NitrokeyManager::unlock_encrypted_volume(const char* user_pin){ - misc::execute_password_command(*device, user_pin); + misc::execute_password_command(device, user_pin); } void NitrokeyManager::unlock_hidden_volume(const char* hidden_volume_password) { - misc::execute_password_command(*device, hidden_volume_password); + misc::execute_password_command(device, hidden_volume_password); } //TODO check is encrypted volume unlocked before execution @@ -689,57 +689,57 @@ namespace nitrokey{ p.StartBlockPercent_u8 = start_percent; p.EndBlockPercent_u8 = end_percent; strcpyT(p.HiddenVolumePassword_au8, hidden_volume_password); - stick20::SetupHiddenVolume::CommandTransaction::run(*device, p); + stick20::SetupHiddenVolume::CommandTransaction::run(device, p); } void NitrokeyManager::set_unencrypted_read_only(const char* user_pin) { - misc::execute_password_command(*device, user_pin); + misc::execute_password_command(device, user_pin); } void NitrokeyManager::set_unencrypted_read_write(const char* user_pin) { - misc::execute_password_command(*device, user_pin); + misc::execute_password_command(device, user_pin); } void NitrokeyManager::export_firmware(const char* admin_pin) { - misc::execute_password_command(*device, admin_pin); + misc::execute_password_command(device, admin_pin); } void NitrokeyManager::clear_new_sd_card_warning(const char* admin_pin) { - misc::execute_password_command(*device, admin_pin); + misc::execute_password_command(device, admin_pin); } void NitrokeyManager::fill_SD_card_with_random_data(const char* admin_pin) { auto p = get_payload(); p.set_defaults(); strcpyT(p.admin_pin, admin_pin); - stick20::FillSDCardWithRandomChars::CommandTransaction::run(*device, p); + stick20::FillSDCardWithRandomChars::CommandTransaction::run(device, p); } void NitrokeyManager::change_update_password(const char* current_update_password, const char* new_update_password) { auto p = get_payload(); strcpyT(p.current_update_password, current_update_password); strcpyT(p.new_update_password, new_update_password); - stick20::ChangeUpdatePassword::CommandTransaction::run(*device, p); + stick20::ChangeUpdatePassword::CommandTransaction::run(device, p); } const char * NitrokeyManager::get_status_storage_as_string(){ - auto p = stick20::GetDeviceStatus::CommandTransaction::run(*device); + auto p = stick20::GetDeviceStatus::CommandTransaction::run(device); return strdup(p.data().dissect().c_str()); } stick20::DeviceConfigurationResponsePacket::ResponsePayload NitrokeyManager::get_status_storage(){ - auto p = stick20::GetDeviceStatus::CommandTransaction::run(*device); + auto p = stick20::GetDeviceStatus::CommandTransaction::run(device); return p.data(); } const char * NitrokeyManager::get_SD_usage_data_as_string(){ - auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(*device); + auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(device); return strdup(p.data().dissect().c_str()); } int NitrokeyManager::get_progress_bar_value(){ try{ - stick20::GetDeviceStatus::CommandTransaction::run(*device); + stick20::GetDeviceStatus::CommandTransaction::run(device); return -1; } catch (LongOperationInProgressException &e){ @@ -754,7 +754,7 @@ namespace nitrokey{ stick10::ReadSlot::ResponsePayload NitrokeyManager::get_OTP_slot_data(const uint8_t slot_number) { auto p = get_payload(); p.slot_number = slot_number; - auto data = stick10::ReadSlot::CommandTransaction::run(*device, p); + auto data = stick10::ReadSlot::CommandTransaction::run(device, p); return data.data(); } diff --git a/include/device_proto.h b/include/device_proto.h index 2105f30..ba314f4 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -206,7 +206,7 @@ namespace nitrokey { bzero(&st, sizeof(st)); } - static ClearingProxy run(device::Device &dev, + static ClearingProxy run(std::shared_ptr dev, const command_payload &payload) { using namespace ::nitrokey::device; using namespace ::nitrokey::log; @@ -235,22 +235,22 @@ namespace nitrokey { bool successful_communication = false; int receiving_retry_counter = 0; - int sending_retry_counter = dev.get_retry_sending_count(); + int sending_retry_counter = dev->get_retry_sending_count(); while (sending_retry_counter-- > 0) { - status = dev.send(&outp); + status = dev->send(&outp); if (status <= 0) - throw std::runtime_error( + throw DeviceSendingFailure( std::string("Device error while sending command ") + std::to_string(status)); - std::this_thread::sleep_for(dev.get_send_receive_delay()); + std::this_thread::sleep_for(dev->get_send_receive_delay()); // FIXME make checks done in device:recv here - receiving_retry_counter = dev.get_retry_receiving_count(); + receiving_retry_counter = dev->get_retry_receiving_count(); while (receiving_retry_counter-- > 0) { - status = dev.recv(&resp); + status = dev->recv(&resp); - if (dev.get_device_model() == DeviceModel::STORAGE && + if (dev->get_device_model() == DeviceModel::STORAGE && resp.command_id >= stick20::CMD_START_VALUE && resp.command_id < stick20::CMD_END_VALUE ) { Log::instance()(std::string("Detected storage device cmd, status: ") + @@ -306,7 +306,7 @@ namespace nitrokey { Loglevel::DEBUG); Log::instance()("Invalid incoming HID packet:", Loglevel::DEBUG_L2); Log::instance()(static_cast(resp), Loglevel::DEBUG_L2); - std::this_thread::sleep_for(dev.get_retry_timeout()); + std::this_thread::sleep_for(dev->get_retry_timeout()); continue; } if (successful_communication) break; @@ -315,7 +315,7 @@ namespace nitrokey { Loglevel::DEBUG); } - dev.set_last_command_status(resp.last_command_status); // FIXME should be handled on device.recv + dev->set_last_command_status(resp.last_command_status); // FIXME should be handled on device.recv clear_packet(outp); @@ -348,7 +348,7 @@ namespace nitrokey { return resp; } - static ClearingProxy run(device::Device &dev) { + static ClearingProxy run(std::shared_ptr dev) { command_payload empty_payload; return run(dev, empty_payload); } -- cgit v1.2.3 From db76ae5299f3650385f66e4c596b18fd54250d38 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 3 Feb 2017 17:23:44 +0100 Subject: Allow users to lock encrypted volumes specifically Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 8 ++++++++ include/NitrokeyManager.h | 2 ++ include/stick20_commands.h | 5 ++++- 3 files changed, 14 insertions(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 65b3c68..74a6ecf 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -766,4 +766,12 @@ namespace nitrokey{ return get_OTP_slot_data(get_internal_slot_number_for_hotp(slot_number)); } + void NitrokeyManager::lock_encrypted_volume() { + misc::execute_password_command(device, ""); + } + + void NitrokeyManager::lock_hidden_volume() { + misc::execute_password_command(device, ""); + } + } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 4a98e94..b89db63 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -91,8 +91,10 @@ namespace nitrokey { bool is_AES_supported(const char *user_password); void unlock_encrypted_volume(const char *user_password); + void lock_encrypted_volume(); void unlock_hidden_volume(const char *hidden_volume_password); + void lock_hidden_volume(); void set_unencrypted_read_only(const char *user_pin); diff --git a/include/stick20_commands.h b/include/stick20_commands.h index a3f1609..b887636 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -26,9 +26,12 @@ namespace nitrokey { public PasswordCommand {}; class EnableEncryptedPartition : public PasswordCommand {}; - class DisableEncryptedPartition : public PasswordCommand {}; class EnableHiddenEncryptedPartition : public PasswordCommand {}; + + //FIXME the volume disabling commands do not need password + class DisableEncryptedPartition : public PasswordCommand {}; class DisableHiddenEncryptedPartition : public PasswordCommand {}; + class EnableFirmwareUpdate : public PasswordCommand {}; class ChangeUpdatePassword : Command { -- cgit v1.2.3 From 1792b8d6a843a79f5b333163bd74b99ac2cfdb30 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 6 Feb 2017 14:06:02 +0100 Subject: Mark issues with FIXME Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 74a6ecf..6ce9910 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -522,7 +522,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_password); + return strdup((const char *) response.data().slot_password); //FIXME use secure way } void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login, -- cgit v1.2.3 From adbc664125142c434294bfa795666c90c7608429 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 9 Mar 2017 18:49:24 +0100 Subject: Adjust for compilation on Visual Studio 2017 Building works however tests are not. Possibly linking with original hidapi solution would work. --- .gitignore | 1 + CMakeLists.txt | 4 ++-- CMakeSettings.json | 37 +++++++++++++++++++++++++++++++++++++ NK_C_API.cc | 4 ++-- NitrokeyManager.cc | 12 ++++++------ device.cc | 12 ++++++------ include/LibraryException.h | 2 +- include/command.h | 7 +++++-- include/cxx_semantics.h | 4 ++++ include/device_proto.h | 8 +++++--- include/misc.h | 2 +- include/stick10_commands.h | 8 ++++++++ include/stick20_commands.h | 5 +++++ misc.cc | 11 ++++++----- 14 files changed, 89 insertions(+), 28 deletions(-) create mode 100644 CMakeSettings.json (limited to 'NitrokeyManager.cc') diff --git a/.gitignore b/.gitignore index 47b7703..c98c3a9 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ core .cache/ .idea/ CMakeFiles/ +/.vs diff --git a/CMakeLists.txt b/CMakeLists.txt index 2b9f580..e77de6e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -65,7 +65,7 @@ set(SOURCE_FILES # add_library(hidapi-libusb STATIC hidapi/libusb/hid.c ) #ELSE() include_directories(hidapi/hidapi) - add_library(hidapi-libusb STATIC hidapi/windows/hid.c ) + add_library(hidapi-libusb SHARED hidapi/windows/hid.c ) target_link_libraries(hidapi-libusb setupapi setupapi kernel32 user32 gdi32 winspool comdlg32 advapi32 shell32 ole32 oleaut32 uuid odbc32 odbccp32) #ENDIF() @@ -85,7 +85,7 @@ install (FILES ${LIB_INCLUDES} DESTINATION "include") IF (COMPILE_TESTS) include_directories(unittest/Catch/include) - add_library(catch STATIC unittest/catch_main.cpp ) + add_library(catch SHARED unittest/catch_main.cpp ) add_executable (test_C_API unittest/test_C_API.cpp) target_link_libraries (test_C_API ${EXTRA_LIBS} ${LIBNAME} catch) diff --git a/CMakeSettings.json b/CMakeSettings.json new file mode 100644 index 0000000..e8c1f1d --- /dev/null +++ b/CMakeSettings.json @@ -0,0 +1,37 @@ +{ + // See https://go.microsoft.com//fwlink//?linkid=834763 for more information about this file. + "configurations": [ + { + "name": "x86-Debug", + "generator": "Visual Studio 15 2017", + "configurationType" : "Debug", + "buildRoot": "${env.LOCALAPPDATA}\\CMakeBuild\\${workspaceHash}\\build\\${name}", + "cmakeCommandArgs": "", + "buildCommandArgs": "-m -v:minimal" + }, + { + "name": "x86-Release", + "generator": "Visual Studio 15 2017", + "configurationType" : "Release", + "buildRoot": "${env.LOCALAPPDATA}\\CMakeBuild\\${workspaceHash}\\build\\${name}", + "cmakeCommandArgs": "", + "buildCommandArgs": "-m -v:minimal" + }, + { + "name": "x64-Debug", + "generator": "Visual Studio 15 2017 Win64", + "configurationType" : "Debug", + "buildRoot": "${env.LOCALAPPDATA}\\CMakeBuild\\${workspaceHash}\\build\\${name}", + "cmakeCommandArgs": "", + "buildCommandArgs": "-m -v:minimal" + }, + { + "name": "x64-Release", + "generator": "Visual Studio 15 2017 Win64", + "configurationType" : "Release", + "buildRoot": "${env.LOCALAPPDATA}\\CMakeBuild\\${workspaceHash}\\build\\${name}", + "cmakeCommandArgs": "", + "buildCommandArgs": "-m -v:minimal" + } + ] +} \ No newline at end of file diff --git a/NK_C_API.cc b/NK_C_API.cc index 6d18e52..4e53cd1 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -169,7 +169,7 @@ extern const char * NK_status() { auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_status_as_string(); - char * rs = strdup(s.c_str()); + char * rs = _strdup(s.c_str()); clear_string(s); return rs; }); @@ -179,7 +179,7 @@ extern const char * NK_device_serial_number(){ auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_serial_number(); - char * rs = strdup(s.c_str()); + char * rs = _strdup(s.c_str()); clear_string(s); return rs; }); diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 6ce9910..a120085 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -397,7 +397,7 @@ namespace nitrokey{ auto payload = get_payload(); payload.slot_number = slot_number; auto resp = GetSlotName::CommandTransaction::run(device, payload); - return strdup((const char *) resp.data().slot_name); + return _strdup((const char *) resp.data().slot_name); } bool NitrokeyManager::first_authenticate(const char *pin, const char *temporary_password) { @@ -504,7 +504,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotName::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_name); + return _strdup((const char *) response.data().slot_name); } bool NitrokeyManager::is_valid_password_safe_slot_number(uint8_t slot_number) const { return slot_number < 16; } @@ -514,7 +514,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_login); + return _strdup((const char *) response.data().slot_login); } const char *NitrokeyManager::get_password_safe_slot_password(uint8_t slot_number) { @@ -522,7 +522,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_password); //FIXME use secure way + return _strdup((const char *) response.data().slot_password); //FIXME use secure way } void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login, @@ -724,7 +724,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_status_storage_as_string(){ auto p = stick20::GetDeviceStatus::CommandTransaction::run(device); - return strdup(p.data().dissect().c_str()); + return _strdup(p.data().dissect().c_str()); } stick20::DeviceConfigurationResponsePacket::ResponsePayload NitrokeyManager::get_status_storage(){ @@ -734,7 +734,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_SD_usage_data_as_string(){ auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(device); - return strdup(p.data().dissect().c_str()); + return _strdup(p.data().dissect().c_str()); } int NitrokeyManager::get_progress_bar_value(){ diff --git a/device.cc b/device.cc index d904fd9..0111572 100644 --- a/device.cc +++ b/device.cc @@ -2,7 +2,7 @@ #include #include #include -#include +#include "hidapi/hidapi.h" #include "include/misc.h" #include "include/device.h" #include "include/log.h" @@ -31,7 +31,7 @@ Device::Device(const uint16_t vid, const uint16_t pid, const DeviceModel model, bool Device::disconnect() { //called in object's destructor - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); Log::instance()(std::string(__FUNCTION__) + std::string(m_model==DeviceModel::PRO?"PRO":"STORAGE"), Loglevel::DEBUG_L2); Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); @@ -45,7 +45,7 @@ bool Device::disconnect() { return true; } bool Device::connect() { - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); @@ -57,7 +57,7 @@ bool Device::connect() { } int Device::send(const void *packet) { - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); @@ -71,7 +71,7 @@ int Device::send(const void *packet) { } int Device::recv(void *packet) { - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); int status; @@ -115,7 +115,7 @@ int Device::recv(void *packet) { } bool Device::is_connected() { - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); if (mp_devhandle==nullptr){ return false; diff --git a/include/LibraryException.h b/include/LibraryException.h index e62788d..daf0155 100644 --- a/include/LibraryException.h +++ b/include/LibraryException.h @@ -27,7 +27,7 @@ public: virtual const char *what() const throw() override { std::string s = " "; - auto ts = [](int x){ return std::to_string(x); }; + auto ts = [](size_t x){ return std::to_string(x); }; std::string msg = std::string("Target buffer size is smaller than source: [source size, buffer size]") +s+ ts(source_size) +s+ ts(target_size); return msg.c_str(); diff --git a/include/command.h b/include/command.h index 0a875e4..fc374f7 100644 --- a/include/command.h +++ b/include/command.h @@ -28,6 +28,7 @@ namespace stick20{ template class PasswordCommand : public Command { + constexpr static CommandID _command_id() { return cmd_id; } public: struct CommandPayload { uint8_t kind; @@ -69,8 +70,10 @@ namespace stick20{ } __packed; - typedef Transaction::command_id(), struct CommandPayload, struct EmptyPayload> - CommandTransaction; + //typedef Transaction::command_id(), struct CommandPayload, struct EmptyPayload> + // CommandTransaction; + using CommandTransaction = Transaction; + //using CommandTransaction = Transaction<_command_id(), CommandPayload, EmptyPayload>; }; } diff --git a/include/cxx_semantics.h b/include/cxx_semantics.h index b846317..29e51c3 100644 --- a/include/cxx_semantics.h +++ b/include/cxx_semantics.h @@ -1,7 +1,11 @@ #ifndef CXX_SEMANTICS_H #define CXX_SEMANTICS_H +#ifndef _WINDOWS #define __packed __attribute__((__packed__)) +#else +#define __packed +#endif /* * There's no need to include Boost for a simple subset this project needs. diff --git a/include/device_proto.h b/include/device_proto.h index cbb74fb..1e381dd 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -6,7 +6,6 @@ #include #include #include -#include // a local version for compatibility with Windows #include #include "cxx_semantics.h" @@ -34,6 +33,7 @@ #include #include "DeviceCommunicationExceptions.h" +#define bzero(b,len) (memset((b), '\0', (len)), (void) 0) namespace nitrokey { namespace proto { @@ -43,7 +43,7 @@ namespace nitrokey { * * TODO (future) support for Big Endian */ - +#pragma pack (push,1) /* * Every packet is a USB HID report (check USB spec) */ @@ -181,8 +181,10 @@ namespace nitrokey { typedef command_payload CommandPayload; typedef response_payload ResponsePayload; + typedef struct HIDReport OutgoingPacket; typedef struct DeviceResponse ResponsePacket; +#pragma pack (pop) static_assert(std::is_pod::value, "outgoingpacket must be a pod type"); @@ -216,7 +218,7 @@ namespace nitrokey { static std::mutex send_receive_mtx; std::lock_guard guard(send_receive_mtx); - Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); + Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); if (dev == nullptr){ throw DeviceNotConnected("Device not initialized"); diff --git a/include/misc.h b/include/misc.h index 9e4659d..330654a 100644 --- a/include/misc.h +++ b/include/misc.h @@ -27,7 +27,7 @@ namespace misc { strncpy((char*) &dest, src, s_dest); } - +#define bzero(b,len) (memset((b), '\0', (len)), (void) 0) template typename T::CommandPayload get_payload(){ //Create, initialize and return by value command payload diff --git a/include/stick10_commands.h b/include/stick10_commands.h index 8d37dbd..3d9e234 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -1,5 +1,6 @@ #ifndef STICK10_COMMANDS_H #define STICK10_COMMANDS_H + #include #include #include @@ -8,9 +9,13 @@ #include "command.h" #include "device_proto.h" +#pragma pack (push,1) + namespace nitrokey { namespace proto { + + /* * Stick10 protocol definition */ @@ -844,8 +849,11 @@ class BuildAESKey : Command { typedef Transaction CommandTransaction; + }; + } } } +#pragma pack (pop) #endif diff --git a/include/stick20_commands.h b/include/stick20_commands.h index b887636..e3bea3f 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -1,12 +1,15 @@ #ifndef STICK20_COMMANDS_H #define STICK20_COMMANDS_H + + #include #include "command.h" #include #include #include "device_proto.h" +#pragma pack (push,1) namespace nitrokey { namespace proto { @@ -332,10 +335,12 @@ namespace nitrokey { typedef Transaction CommandTransaction; }; + } } } #undef print_to_ss +#pragma pack (pop) #endif diff --git a/misc.cc b/misc.cc index a76bfb6..f85d486 100644 --- a/misc.cc +++ b/misc.cc @@ -5,18 +5,19 @@ #include #include #include "LibraryException.h" +#include namespace nitrokey { namespace misc { -std::vector hex_string_to_byte(const char* hexString){ +::std::vector hex_string_to_byte(const char* hexString){ const size_t big_string_size = 256; //arbitrary 'big' number const size_t s_size = strlen(hexString); const size_t d_size = s_size/2; if (s_size%2!=0 || s_size>big_string_size){ throw InvalidHexString(0); } - auto data = std::vector(); + auto data = ::std::vector(); data.reserve(d_size); char buf[2]; @@ -36,9 +37,9 @@ std::vector hex_string_to_byte(const char* hexString){ }; #include -std::string hexdump(const char *p, size_t size, bool print_header, +::std::string hexdump(const char *p, size_t size, bool print_header, bool print_ascii, bool print_empty) { - std::stringstream out; + ::std::stringstream out; char formatbuf[128]; const char *pstart = p; @@ -68,7 +69,7 @@ std::string hexdump(const char *p, size_t size, bool print_header, out << '.'; } } - out << std::endl; + out << ::std::endl; } return out.str(); } -- cgit v1.2.3 From 6ee68fa294d1d9ab8fa8e61a009845dc31a9b771 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 14 Feb 2017 11:53:25 +0100 Subject: Compiles on MXE, but not working on Windows Signed-off-by: Szczepan Zalega --- CMakeLists.txt | 10 +++++----- NK_C_API.cc | 4 ++-- NitrokeyManager.cc | 12 ++++++------ hidapi | 2 +- include/device.h | 2 +- include/log.h | 4 ++++ 6 files changed, 19 insertions(+), 15 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/CMakeLists.txt b/CMakeLists.txt index e77de6e..89ab66d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -61,13 +61,13 @@ set(SOURCE_FILES NK_C_API.cc ) -#IF(UNIX) +IF(UNIX) # add_library(hidapi-libusb STATIC hidapi/libusb/hid.c ) -#ELSE() +ELSEIF(WIN32) include_directories(hidapi/hidapi) - add_library(hidapi-libusb SHARED hidapi/windows/hid.c ) - target_link_libraries(hidapi-libusb setupapi setupapi kernel32 user32 gdi32 winspool comdlg32 advapi32 shell32 ole32 oleaut32 uuid odbc32 odbccp32) -#ENDIF() + add_library(hidapi-libusb STATIC hidapi/windows/hid.c ) + target_link_libraries(hidapi-libusb setupapi) +ENDIF() IF (NOT LIBNITROKEY_STATIC) add_library(nitrokey SHARED ${SOURCE_FILES}) diff --git a/NK_C_API.cc b/NK_C_API.cc index 4e53cd1..6d18e52 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -169,7 +169,7 @@ extern const char * NK_status() { auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_status_as_string(); - char * rs = _strdup(s.c_str()); + char * rs = strdup(s.c_str()); clear_string(s); return rs; }); @@ -179,7 +179,7 @@ extern const char * NK_device_serial_number(){ auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_serial_number(); - char * rs = _strdup(s.c_str()); + char * rs = strdup(s.c_str()); clear_string(s); return rs; }); diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index a120085..6ce9910 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -397,7 +397,7 @@ namespace nitrokey{ auto payload = get_payload(); payload.slot_number = slot_number; auto resp = GetSlotName::CommandTransaction::run(device, payload); - return _strdup((const char *) resp.data().slot_name); + return strdup((const char *) resp.data().slot_name); } bool NitrokeyManager::first_authenticate(const char *pin, const char *temporary_password) { @@ -504,7 +504,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotName::CommandTransaction::run(device, p); - return _strdup((const char *) response.data().slot_name); + return strdup((const char *) response.data().slot_name); } bool NitrokeyManager::is_valid_password_safe_slot_number(uint8_t slot_number) const { return slot_number < 16; } @@ -514,7 +514,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(device, p); - return _strdup((const char *) response.data().slot_login); + return strdup((const char *) response.data().slot_login); } const char *NitrokeyManager::get_password_safe_slot_password(uint8_t slot_number) { @@ -522,7 +522,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(device, p); - return _strdup((const char *) response.data().slot_password); //FIXME use secure way + return strdup((const char *) response.data().slot_password); //FIXME use secure way } void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login, @@ -724,7 +724,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_status_storage_as_string(){ auto p = stick20::GetDeviceStatus::CommandTransaction::run(device); - return _strdup(p.data().dissect().c_str()); + return strdup(p.data().dissect().c_str()); } stick20::DeviceConfigurationResponsePacket::ResponsePayload NitrokeyManager::get_status_storage(){ @@ -734,7 +734,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_SD_usage_data_as_string(){ auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(device); - return _strdup(p.data().dissect().c_str()); + return strdup(p.data().dissect().c_str()); } int NitrokeyManager::get_progress_bar_value(){ diff --git a/hidapi b/hidapi index a6a622f..69c45b0 160000 --- a/hidapi +++ b/hidapi @@ -1 +1 @@ -Subproject commit a6a622ffb680c55da0de787ff93b80280498330f +Subproject commit 69c45b083821037667a9409b952282f9cb4dcca2 diff --git a/include/device.h b/include/device.h index a23e1b3..281c4d9 100644 --- a/include/device.h +++ b/include/device.h @@ -1,7 +1,7 @@ #ifndef DEVICE_H #define DEVICE_H #include -#include +#include "hidapi/hidapi.h" #include #include diff --git a/include/log.h b/include/log.h index 8eda4fb..0b0df8c 100644 --- a/include/log.h +++ b/include/log.h @@ -6,6 +6,10 @@ namespace nitrokey { namespace log { +#ifdef ERROR +#undef ERROR +#endif + enum class Loglevel : int { DEBUG_L2, DEBUG, INFO, WARNING, ERROR }; class LogHandler { -- cgit v1.2.3 From a0df25c10bfc21574d474547bf2f25372bdbb417 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 16 Feb 2017 12:29:28 +0100 Subject: Rename strdup to _strdup under MSVC Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 1 + NitrokeyManager.cc | 2 ++ include/cxx_semantics.h | 6 +++++- 3 files changed, 8 insertions(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NK_C_API.cc b/NK_C_API.cc index 6d18e52..0fde829 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -1,6 +1,7 @@ #include #include "NK_C_API.h" #include "include/LibraryException.h" +#include "include/cxx_semantics.h" using namespace nitrokey; diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 6ce9910..fa32557 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -7,6 +7,8 @@ #include #include "include/misc.h" #include +#include "include/cxx_semantics.h" + namespace nitrokey{ diff --git a/include/cxx_semantics.h b/include/cxx_semantics.h index 29e51c3..f358e8f 100644 --- a/include/cxx_semantics.h +++ b/include/cxx_semantics.h @@ -1,12 +1,16 @@ #ifndef CXX_SEMANTICS_H #define CXX_SEMANTICS_H -#ifndef _WINDOWS +#ifndef _MSC_VER #define __packed __attribute__((__packed__)) #else #define __packed #endif +#ifdef _MSC_VER +#define strdup _strdup +#endif + /* * There's no need to include Boost for a simple subset this project needs. */ -- cgit v1.2.3 From c8ac8481134aaf8d04e4e8ece266d43472034157 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 16 Feb 2017 21:46:49 +0100 Subject: Handle disconnection while requesting device's status Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index fa32557..57ef878 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -144,8 +144,14 @@ namespace nitrokey{ } stick10::GetStatus::ResponsePayload NitrokeyManager::get_status(){ - auto response = GetStatus::CommandTransaction::run(device); - return response.data(); + try{ + auto response = GetStatus::CommandTransaction::run(device); + return response.data(); + } + catch (DeviceSendingFailure &e){ + disconnect(); + throw; + } } string NitrokeyManager::get_status_as_string() { -- cgit v1.2.3 From 8617a13371d087b1eb67bd066926038d289ab331 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 17 Feb 2017 09:27:38 +0100 Subject: Handle SD card related functions Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 10 ++++++++++ include/NitrokeyManager.h | 7 ++++++- 2 files changed, 16 insertions(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 57ef878..176f516 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -745,6 +745,11 @@ namespace nitrokey{ return strdup(p.data().dissect().c_str()); } + std::pair NitrokeyManager::get_SD_usage_data(){ + auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(device); + return std::make_pair(p.data().WriteLevelMin, p.data().WriteLevelMax); + } + int NitrokeyManager::get_progress_bar_value(){ try{ stick20::GetDeviceStatus::CommandTransaction::run(device); @@ -782,4 +787,9 @@ namespace nitrokey{ misc::execute_password_command(device, ""); } + int NitrokeyManager::get_SD_card_size() { + auto data = stick20::ProductionTest::CommandTransaction::run(device); + return data.data().SD_Card_Size_u8; + } + } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index b89db63..2200955 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -106,6 +106,8 @@ namespace nitrokey { void fill_SD_card_with_random_data(const char *admin_pin); + int get_SD_card_size(); + void change_update_password(const char *current_update_password, const char *new_update_password); void create_hidden_volume(uint8_t slot_nr, uint8_t start_percent, uint8_t end_percent, @@ -117,8 +119,10 @@ namespace nitrokey { stick20::DeviceConfigurationResponsePacket::ResponsePayload get_status_storage(); const char *get_SD_usage_data_as_string(); + std::pair get_SD_usage_data(); + - int get_progress_bar_value(); + int get_progress_bar_value(); ~NitrokeyManager(); bool is_authorization_command_supported(); @@ -159,6 +163,7 @@ namespace nitrokey { const char *temporary_password) const; bool _disconnect_no_lock(); + }; } -- cgit v1.2.3 From 4e26fdee0c1435016d6642cf8c1f88c3dd5495fa Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 17 Feb 2017 11:16:48 +0100 Subject: Return SD card size as get from the device Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- include/NitrokeyManager.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 176f516..20d1a98 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -787,7 +787,7 @@ namespace nitrokey{ misc::execute_password_command(device, ""); } - int NitrokeyManager::get_SD_card_size() { + uint8_t NitrokeyManager::get_SD_card_size() { auto data = stick20::ProductionTest::CommandTransaction::run(device); return data.data().SD_Card_Size_u8; } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 2200955..7cf55c7 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -106,7 +106,7 @@ namespace nitrokey { void fill_SD_card_with_random_data(const char *admin_pin); - int get_SD_card_size(); + uint8_t get_SD_card_size(); void change_update_password(const char *current_update_password, const char *new_update_password); -- cgit v1.2.3 From 5650e48b114529075d89dbdde0330901351b8460 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 17 Feb 2017 16:29:21 +0100 Subject: Get proper card serial for Storage. Get serial as one number. Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 17 +++++++++++++++-- include/misc.h | 11 +++++++++++ include/stick10_commands.h | 19 ++++++++----------- misc.cc | 2 ++ 4 files changed, 36 insertions(+), 13 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 20d1a98..ac1074b 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -138,9 +138,22 @@ namespace nitrokey{ } } + string NitrokeyManager::get_serial_number() { - auto response = GetStatus::CommandTransaction::run(device); - return response.data().get_card_serial_hex(); + switch (device->get_device_model()) { + case DeviceModel::PRO: { + auto response = GetStatus::CommandTransaction::run(device); + return nitrokey::misc::toHex(response.data().card_serial_i); + } + break; + + case DeviceModel::STORAGE: + { + auto response = stick20::GetDeviceStatus::CommandTransaction::run(device); + return nitrokey::misc::toHex(response.data().ActiveSmartCardID_u32); + } + break; + } } stick10::GetStatus::ResponsePayload NitrokeyManager::get_status(){ diff --git a/include/misc.h b/include/misc.h index 330654a..c39c741 100644 --- a/include/misc.h +++ b/include/misc.h @@ -6,10 +6,21 @@ #include #include "log.h" #include "LibraryException.h" +#include +#include + namespace nitrokey { namespace misc { + template + std::string toHex(T value){ + using namespace std; + std::ostringstream oss; + oss << std::hex << std::setw(sizeof(value)*2) << std::setfill('0') << value; + return oss.str(); + } + template void strcpyT(T& dest, const char* src){ diff --git a/include/stick10_commands.h b/include/stick10_commands.h index 3d9e234..843d8bd 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -348,7 +348,10 @@ class GetStatus : Command { public: struct ResponsePayload { uint16_t firmware_version; - uint8_t card_serial[4]; + union{ + uint8_t card_serial[4]; + uint32_t card_serial_i; + } __packed; union { uint8_t general_config[5]; struct{ @@ -357,19 +360,12 @@ class GetStatus : Command { uint8_t scrolllock; /** same as numlock */ uint8_t enable_user_password; uint8_t delete_user_password; - }; - }; + } __packed; + } __packed; bool isValid() const { return enable_user_password!=delete_user_password; } std::string get_card_serial_hex() const { -// return ::nitrokey::misc::hexdump((const char *)(card_serial), -// sizeof card_serial, false, false, false); - std::stringstream ss; - ss << std::hex << std::setfill('0'); - for (int i = 0; i < sizeof(card_serial); ++i) { - ss << std::setw(2) << static_cast(card_serial[i]); - } - return ss.str(); + return nitrokey::misc::toHex(card_serial_i); } std::string dissect() const { @@ -378,6 +374,7 @@ class GetStatus : Command { << "[" << firmware_version << "]" << "\t" << ::nitrokey::misc::hexdump( (const char *)(&firmware_version), sizeof firmware_version, false); + ss << "card_serial_i:\t" << std::hex << card_serial_i << std::endl; ss << "card_serial:\t" << ::nitrokey::misc::hexdump((const char *)(card_serial), sizeof card_serial, false); diff --git a/misc.cc b/misc.cc index f85d486..5eb81b5 100644 --- a/misc.cc +++ b/misc.cc @@ -10,6 +10,8 @@ namespace nitrokey { namespace misc { + + ::std::vector hex_string_to_byte(const char* hexString){ const size_t big_string_size = 256; //arbitrary 'big' number const size_t s_size = strlen(hexString); -- cgit v1.2.3 From 6061ee1af573147e41a0834d1c6628eda2fa2f7c Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 17 Feb 2017 17:49:20 +0100 Subject: Rename is_connected to be more specific Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 4 ++-- device.cc | 2 +- include/device.h | 7 ++++++- 3 files changed, 9 insertions(+), 4 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index ac1074b..4fed0a6 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -107,7 +107,7 @@ namespace nitrokey{ bool NitrokeyManager::_disconnect_no_lock() { //do not use directly without locked mutex, - //used by is_connected, disconnect + //used by could_be_enumerated, disconnect if (device == nullptr){ return false; } @@ -119,7 +119,7 @@ namespace nitrokey{ bool NitrokeyManager::is_connected() throw(){ std::lock_guard lock(mex_dev_com); if(device != nullptr){ - auto connected = device->is_connected(); + auto connected = device->could_be_enumerated(); if(connected){ return true; } else { diff --git a/device.cc b/device.cc index 8fdf99a..fcc3ba7 100644 --- a/device.cc +++ b/device.cc @@ -115,7 +115,7 @@ int Device::recv(void *packet) { return status; } -bool Device::is_connected() { +bool Device::could_be_enumerated() { Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); if (mp_devhandle==nullptr){ diff --git a/include/device.h b/include/device.h index 40eb376..5d7ee12 100644 --- a/include/device.h +++ b/include/device.h @@ -77,7 +77,12 @@ public: */ virtual int recv(void *packet); - bool is_connected(); + /*** + * Returns true if some device is visible by OS with given VID and PID + * whether the device is connected through HID API or not. + * @return true if visible by OS + */ + bool could_be_enumerated(); void show_stats(); // ErrorCounters get_stats(){ return m_counters; } -- cgit v1.2.3 From 0fb8c08704a338bb9f1b7d3ead4b488bf65cf51e Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 17 Feb 2017 17:52:54 +0100 Subject: Make names more consistent Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 2 +- include/stick10_commands.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 4fed0a6..2858a18 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -143,7 +143,7 @@ namespace nitrokey{ switch (device->get_device_model()) { case DeviceModel::PRO: { auto response = GetStatus::CommandTransaction::run(device); - return nitrokey::misc::toHex(response.data().card_serial_i); + return nitrokey::misc::toHex(response.data().card_serial_u32); } break; diff --git a/include/stick10_commands.h b/include/stick10_commands.h index 843d8bd..676aabc 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -350,7 +350,7 @@ class GetStatus : Command { uint16_t firmware_version; union{ uint8_t card_serial[4]; - uint32_t card_serial_i; + uint32_t card_serial_u32; } __packed; union { uint8_t general_config[5]; @@ -365,7 +365,7 @@ class GetStatus : Command { bool isValid() const { return enable_user_password!=delete_user_password; } std::string get_card_serial_hex() const { - return nitrokey::misc::toHex(card_serial_i); + return nitrokey::misc::toHex(card_serial_u32); } std::string dissect() const { @@ -374,7 +374,7 @@ class GetStatus : Command { << "[" << firmware_version << "]" << "\t" << ::nitrokey::misc::hexdump( (const char *)(&firmware_version), sizeof firmware_version, false); - ss << "card_serial_i:\t" << std::hex << card_serial_i << std::endl; + ss << "card_serial_u32:\t" << std::hex << card_serial_u32 << std::endl; ss << "card_serial:\t" << ::nitrokey::misc::hexdump((const char *)(card_serial), sizeof card_serial, false); -- cgit v1.2.3 From ad286a23ba8a542afe0095b97caf52320778c5e6 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 21 Feb 2017 13:12:12 +0100 Subject: Feature check for 320 bits OTP secret Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 11 ++++++++++- include/NitrokeyManager.h | 6 ++++-- include/log.h | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 2858a18..62687b3 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -650,11 +650,20 @@ namespace nitrokey{ //authorization command is supported for versions equal or below: auto m = std::unordered_map({ {DeviceModel::PRO, 7}, - {DeviceModel::STORAGE, 99}, + {DeviceModel::STORAGE, 999}, }); return get_minor_firmware_version() <= m[device->get_device_model()]; } + bool NitrokeyManager::is_320_OTP_secret_supported(){ + //authorization command is supported for versions equal or below: + auto m = std::unordered_map({ + {DeviceModel::PRO, 8}, + {DeviceModel::STORAGE, 999}, + }); + return get_minor_firmware_version() >= m[device->get_device_model()]; + } + DeviceModel NitrokeyManager::get_connected_device_model() const{ //FIXME throw if no device is connected or return unknown/unconnected value if (device == nullptr){ diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 7cf55c7..d49941e 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -122,12 +122,14 @@ namespace nitrokey { std::pair get_SD_usage_data(); - int get_progress_bar_value(); + int get_progress_bar_value(); ~NitrokeyManager(); bool is_authorization_command_supported(); + bool is_320_OTP_secret_supported(); - template + + template void authorize_packet(T &package, const char *admin_temporary_password, shared_ptr device); int get_minor_firmware_version(); diff --git a/include/log.h b/include/log.h index 0b0df8c..30fc7fa 100644 --- a/include/log.h +++ b/include/log.h @@ -5,7 +5,7 @@ namespace nitrokey { namespace log { - + #ifdef ERROR #undef ERROR #endif -- cgit v1.2.3 From 29fc4839b7aaf76c3587cf0d268546fd1d1390c4 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 21 Feb 2017 14:56:07 +0100 Subject: Build debug-log-free library for increased security Signed-off-by: Szczepan Zalega --- CMakeLists.txt | 6 +++++ NitrokeyManager.cc | 6 ++--- device.cc | 38 +++++++++++++++--------------- include/CommandFailedException.h | 2 +- include/LibraryException.h | 2 +- include/LongOperationInProgressException.h | 2 +- include/device_proto.h | 34 +++++++++++++------------- include/log.h | 7 ++++++ include/misc.h | 2 +- 9 files changed, 56 insertions(+), 43 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/CMakeLists.txt b/CMakeLists.txt index 89ab66d..0ed907b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -71,13 +71,19 @@ ENDIF() IF (NOT LIBNITROKEY_STATIC) add_library(nitrokey SHARED ${SOURCE_FILES}) + add_library(nitrokey-log SHARED ${SOURCE_FILES}) install (TARGETS nitrokey DESTINATION "lib") SET(LIBNAME nitrokey) ELSE() add_library(nitrokey-static STATIC ${SOURCE_FILES}) + add_library(nitrokey-static-log STATIC ${SOURCE_FILES}) SET(LIBNAME nitrokey-static) ENDIF() target_link_libraries(${LIBNAME} hidapi-libusb) +target_link_libraries(${LIBNAME}-log hidapi-libusb) + +SET_TARGET_PROPERTIES(${LIBNAME} PROPERTIES COMPILE_DEFINITIONS "NO_LOG") + file(GLOB LIB_INCLUDES "include/libnitrokey/*.h") install (FILES ${LIB_INCLUDES} DESTINATION "include") diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 62687b3..1e5c14e 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -22,7 +22,7 @@ namespace nitrokey{ // throw EmptySourceStringException(slot_number); return; const size_t s_dest = sizeof dest; - nitrokey::log::Log::instance()(std::string("strcpyT sizes dest src ") + LOG(std::string("strcpyT sizes dest src ") +std::to_string(s_dest)+ " " +std::to_string(strlen(src))+ " " ,nitrokey::log::Loglevel::DEBUG_L2); @@ -45,7 +45,7 @@ namespace nitrokey{ template void NitrokeyManager::authorize_packet(T &package, const char *admin_temporary_password, shared_ptr device){ if (!is_authorization_command_supported()){ - Log::instance()("Authorization command not supported, skipping", Loglevel::WARNING); + LOG("Authorization command not supported, skipping", Loglevel::WARNING); } auto auth = get_payload(); strcpyT(auth.temporary_password, admin_temporary_password); @@ -311,7 +311,7 @@ namespace nitrokey{ break; } default: - Log::instance()(string(__FILE__) + to_string(__LINE__) + + LOG(string(__FILE__) + to_string(__LINE__) + string(__FUNCTION__) + string(" Unhandled device model for HOTP") , Loglevel::DEBUG); break; diff --git a/device.cc b/device.cc index fcc3ba7..7201087 100644 --- a/device.cc +++ b/device.cc @@ -31,12 +31,12 @@ Device::Device(const uint16_t vid, const uint16_t pid, const DeviceModel model, bool Device::disconnect() { //called in object's destructor - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(m_model==DeviceModel::PRO?"PRO":"STORAGE"), Loglevel::DEBUG_L2); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(m_model==DeviceModel::PRO?"PRO":"STORAGE"), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); - Log::instance()(std::string("Disconnection success: ") + std::to_string(mp_devhandle == nullptr), Loglevel::DEBUG_L2); + LOG(std::string("Disconnection success: ") + std::to_string(mp_devhandle == nullptr), Loglevel::DEBUG_L2); if(mp_devhandle == nullptr) return false; hid_close(mp_devhandle); @@ -46,24 +46,24 @@ bool Device::disconnect() { return true; } bool Device::connect() { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); // hid_init(); // done automatically on hid_open mp_devhandle = hid_open(m_vid, m_pid, nullptr); const auto success = mp_devhandle != nullptr; - Log::instance()(std::string("Connection success: ") + std::to_string(success), Loglevel::DEBUG_L2); + LOG(std::string("Connection success: ") + std::to_string(success), Loglevel::DEBUG_L2); return success; } int Device::send(const void *packet) { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); if (mp_devhandle == nullptr) { - Log::instance()(std::string("Connection fail") , Loglevel::DEBUG_L2); + LOG(std::string("Connection fail") , Loglevel::DEBUG_L2); throw DeviceNotConnected("Attempted HID send on an invalid descriptor."); } @@ -72,15 +72,15 @@ int Device::send(const void *packet) { } int Device::recv(void *packet) { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); int status; int retry_count = 0; if (mp_devhandle == nullptr){ - Log::instance()(std::string("Connection fail") , Loglevel::DEBUG_L2); + LOG(std::string("Connection fail") , Loglevel::DEBUG_L2); throw DeviceNotConnected("Attempted HID receive on an invalid descriptor."); } @@ -94,20 +94,20 @@ int Device::recv(void *packet) { auto pwherr = hid_error(mp_devhandle); std::wstring wherr = (pwherr != nullptr) ? pwherr : L"No error message"; std::string herr(wherr.begin(), wherr.end()); - Log::instance()(std::string("libhid error message: ") + herr, + LOG(std::string("libhid error message: ") + herr, Loglevel::DEBUG_L2); if (status > 0) break; // success if (retry_count++ >= m_retry_receiving_count) { - Log::instance()( + LOG( "Maximum retry count reached: " + std::to_string(retry_count), Loglevel::WARNING); - Log::instance()( + LOG( std::string("Counter stats: ") + m_counters.get_as_string(), Loglevel::DEBUG); break; } - Log::instance()("Retrying... " + std::to_string(retry_count), + LOG("Retrying... " + std::to_string(retry_count), Loglevel::DEBUG); std::this_thread::sleep_for(m_retry_timeout); } @@ -116,7 +116,7 @@ int Device::recv(void *packet) { } bool Device::could_be_enumerated() { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); if (mp_devhandle==nullptr){ return false; @@ -135,7 +135,7 @@ bool Device::could_be_enumerated() { void Device::show_stats() { auto s = m_counters.get_as_string(); - Log::instance()(s, Loglevel::DEBUG_L2); + LOG(s, Loglevel::DEBUG_L2); } Stick10::Stick10(): diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 6ff9a2d..417e850 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -20,7 +20,7 @@ public: CommandFailedException(uint8_t last_command_id, uint8_t last_command_status) : last_command_id(last_command_id), last_command_status(last_command_status){ - nitrokey::log::Log::instance()(std::string("CommandFailedException, status: ")+ std::to_string(last_command_status), nitrokey::log::Loglevel::DEBUG); + LOG(std::string("CommandFailedException, status: ")+ std::to_string(last_command_status), nitrokey::log::Loglevel::DEBUG); } virtual const char *what() const throw() { diff --git a/include/LibraryException.h b/include/LibraryException.h index daf0155..b9303ad 100644 --- a/include/LibraryException.h +++ b/include/LibraryException.h @@ -83,7 +83,7 @@ public: TooLongStringException(size_t size_source, size_t size_destination, const std::string &message = "") : size_source( size_source), size_destination(size_destination), message(message) { - nitrokey::log::Log::instance()(std::string("TooLongStringException, size diff: ")+ std::to_string(size_source-size_destination), nitrokey::log::Loglevel::DEBUG); + LOG(std::string("TooLongStringException, size diff: ")+ std::to_string(size_source-size_destination), nitrokey::log::Loglevel::DEBUG); } diff --git a/include/LongOperationInProgressException.h b/include/LongOperationInProgressException.h index 7f182b0..5b441c0 100644 --- a/include/LongOperationInProgressException.h +++ b/include/LongOperationInProgressException.h @@ -15,7 +15,7 @@ public: LongOperationInProgressException( unsigned char _command_id, uint8_t last_command_status, unsigned char _progress_bar_value) : CommandFailedException(_command_id, last_command_status), progress_bar_value(_progress_bar_value){ - nitrokey::log::Log::instance()( + LOG( std::string("LongOperationInProgressException, progress bar status: ")+ std::to_string(progress_bar_value), nitrokey::log::Loglevel::DEBUG); } diff --git a/include/device_proto.h b/include/device_proto.h index 3519123..ea8f136 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -218,7 +218,7 @@ namespace nitrokey { static std::mutex send_receive_mtx; std::lock_guard guard(send_receive_mtx); - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); if (dev == nullptr){ throw DeviceNotConnected("Device not initialized"); @@ -236,8 +236,8 @@ namespace nitrokey { outp.payload = payload; outp.update_CRC(); - Log::instance()("Outgoing HID packet:", Loglevel::DEBUG); - Log::instance()(static_cast(outp), Loglevel::DEBUG); + LOG("Outgoing HID packet:", Loglevel::DEBUG); + LOG(static_cast(outp), Loglevel::DEBUG); if (!outp.isValid()) throw std::runtime_error("Invalid outgoing packet"); @@ -249,7 +249,7 @@ namespace nitrokey { status = dev->send(&outp); if (status <= 0){ //FIXME early disconnection not yet working properly -// Log::instance()("Encountered communication error, disconnecting device", Loglevel::DEBUG_L2); +// LOG("Encountered communication error, disconnecting device", Loglevel::DEBUG_L2); // dev->disconnect(); dev->m_counters.sending_error++; throw DeviceSendingFailure( @@ -268,7 +268,7 @@ namespace nitrokey { if (dev->get_device_model() == DeviceModel::STORAGE && resp.command_id >= stick20::CMD_START_VALUE && resp.command_id < stick20::CMD_END_VALUE ) { - Log::instance()(std::string("Detected storage device cmd, status: ") + + LOG(std::string("Detected storage device cmd, status: ") + std::to_string(resp.storage_status.device_status), Loglevel::DEBUG_L2); resp.last_command_status = static_cast(stick10::command_status::ok); @@ -286,7 +286,7 @@ namespace nitrokey { resp.device_status = static_cast(stick10::device_status::ok); break; default: - Log::instance()(std::string("Unknown storage device status, cannot translate: ") + + LOG(std::string("Unknown storage device status, cannot translate: ") + std::to_string(resp.storage_status.device_status), Loglevel::DEBUG); resp.device_status = resp.storage_status.device_status; break; @@ -306,11 +306,11 @@ namespace nitrokey { dev->m_counters.busy++; if (busy_counter++<10) { receiving_retry_counter++; - Log::instance()("Status busy, not decreasing receiving_retry_counter counter: " + + LOG("Status busy, not decreasing receiving_retry_counter counter: " + std::to_string(receiving_retry_counter), Loglevel::DEBUG_L2); } else { busy_counter = 0; - Log::instance()("Status busy, decreasing receiving_retry_counter counter: " + + LOG("Status busy, decreasing receiving_retry_counter counter: " + std::to_string(receiving_retry_counter), Loglevel::DEBUG); } } @@ -320,7 +320,7 @@ namespace nitrokey { successful_communication = true; break; } - Log::instance()(std::string("Retry status - dev status, awaited cmd crc, correct packet CRC: ") + LOG(std::string("Retry status - dev status, awaited cmd crc, correct packet CRC: ") + std::to_string(resp.device_status) + " " + std::to_string(CRC_equal_awaited) + " " + std::to_string(resp.isCRCcorrect()), Loglevel::DEBUG_L2); @@ -329,18 +329,18 @@ namespace nitrokey { if (!CRC_equal_awaited) dev->m_counters.CRC_other_than_awaited++; - Log::instance()( + LOG( "Device is not ready or received packet's last CRC is not equal to sent CRC packet, retrying...", Loglevel::DEBUG); - Log::instance()("Invalid incoming HID packet:", Loglevel::DEBUG_L2); - Log::instance()(static_cast(resp), Loglevel::DEBUG_L2); + LOG("Invalid incoming HID packet:", Loglevel::DEBUG_L2); + LOG(static_cast(resp), Loglevel::DEBUG_L2); dev->m_counters.total_retries++; std::this_thread::sleep_for(dev->get_retry_timeout()); continue; } if (successful_communication) break; - Log::instance()(std::string("Resending (outer loop) "), Loglevel::DEBUG_L2); - Log::instance()(std::string("sending_retry_counter count: ") + std::to_string(sending_retry_counter), + LOG(std::string("Resending (outer loop) "), Loglevel::DEBUG_L2); + LOG(std::string("sending_retry_counter count: ") + std::to_string(sending_retry_counter), Loglevel::DEBUG); } @@ -355,9 +355,9 @@ namespace nitrokey { std::to_string(status)); } - Log::instance()("Incoming HID packet:", Loglevel::DEBUG); - Log::instance()(static_cast(resp), Loglevel::DEBUG); - Log::instance()(std::string("receiving_retry_counter count: ") + std::to_string(receiving_retry_counter), + LOG("Incoming HID packet:", Loglevel::DEBUG); + LOG(static_cast(resp), Loglevel::DEBUG); + LOG(std::string("receiving_retry_counter count: ") + std::to_string(receiving_retry_counter), Loglevel::DEBUG); if (resp.device_status == static_cast(stick10::device_status::busy) && diff --git a/include/log.h b/include/log.h index 695884b..a3e8281 100644 --- a/include/log.h +++ b/include/log.h @@ -53,4 +53,11 @@ class Log { } } + +#ifdef NO_LOG +#define LOG(string, level) while(false){} +#else +#define LOG(string, level) nitrokey::log::Log::instance()((string), (level)) +#endif + #endif diff --git a/include/misc.h b/include/misc.h index c39c741..111d772 100644 --- a/include/misc.h +++ b/include/misc.h @@ -28,7 +28,7 @@ namespace misc { // throw EmptySourceStringException(slot_number); return; const size_t s_dest = sizeof dest; - nitrokey::log::Log::instance()(std::string("strcpyT sizes dest src ") + LOG(std::string("strcpyT sizes dest src ") +std::to_string(s_dest)+ " " +std::to_string(strlen(src))+ " " ,nitrokey::log::Loglevel::DEBUG); -- cgit v1.2.3 From ee78540d7d9a5d555085b4608ba0ccb4f9ec1801 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 23 Feb 2017 22:50:36 +0100 Subject: Log execution of connect function Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 1 + 1 file changed, 1 insertion(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 1e5c14e..4a4f1d9 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -76,6 +76,7 @@ namespace nitrokey{ bool NitrokeyManager::connect(const char *device_model) { std::lock_guard lock(mex_dev_com); + LOG(__FUNCTION__, nitrokey::log::Loglevel::DEBUG_L2); switch (device_model[0]){ case 'P': device = make_shared(); -- cgit v1.2.3 From 7132b01a499568c21a7ec64b9c58672541bbb7f6 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 7 Mar 2017 16:57:47 +0100 Subject: Handle enabling update mode on Storage device Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 4 ++++ include/NitrokeyManager.h | 1 + 2 files changed, 5 insertions(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 4a4f1d9..630a4e4 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -735,6 +735,10 @@ namespace nitrokey{ misc::execute_password_command(device, admin_pin); } + void NitrokeyManager::enable_firmware_update(const char* firmware_pin) { + misc::execute_password_command(device, firmware_pin); + } + void NitrokeyManager::clear_new_sd_card_warning(const char* admin_pin) { misc::execute_password_command(device, admin_pin); } diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index d49941e..71ac6fa 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -101,6 +101,7 @@ namespace nitrokey { void set_unencrypted_read_write(const char *user_pin); void export_firmware(const char *admin_pin); + void enable_firmware_update(const char *firmware_pin); void clear_new_sd_card_warning(const char *admin_pin); -- cgit v1.2.3 From a9c42dea301329136f663ebc9482a1d38feada29 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Thu, 9 Mar 2017 17:33:56 +0100 Subject: Allow to check is current device visible to the OS Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 8 ++++++++ include/NitrokeyManager.h | 4 +++- 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 630a4e4..140d4d3 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -129,7 +129,15 @@ namespace nitrokey{ } } return false; + } + + bool NitrokeyManager::could_current_device_be_enumerated() { + std::lock_guard lock(mex_dev_com); + if (device != nullptr) { + return device->could_be_enumerated(); } + return false; + } void NitrokeyManager::set_debug(bool state) { if (state){ diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 71ac6fa..4f11314 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -44,7 +44,9 @@ namespace nitrokey { bool connect(); bool disconnect(); bool is_connected() throw() ; - DeviceModel get_connected_device_model() const; + bool could_current_device_be_enumerated(); + + DeviceModel get_connected_device_model() const; void set_debug(bool state); stick10::GetStatus::ResponsePayload get_status(); string get_status_as_string(); -- cgit v1.2.3