From 0b0898f2b5d88738aa8f49ce6b9ba98db1c775f7 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 14:21:19 +0100 Subject: Support execution of the 0.49 commands Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 814c4a6..14e3952 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -789,6 +789,14 @@ using nitrokey::misc::strcpyT; misc::execute_password_command(device, hidden_volume_password); } + void NitrokeyManager::set_encrypted_volume_read_only(const char* admin_pin) { + misc::execute_password_command(device, admin_pin); + } + + void NitrokeyManager::set_encrypted_volume_read_write(const char* admin_pin) { + misc::execute_password_command(device, admin_pin); + } + //TODO check is encrypted volume unlocked before execution //if not return library exception void NitrokeyManager::create_hidden_volume(uint8_t slot_nr, uint8_t start_percent, uint8_t end_percent, @@ -802,13 +810,25 @@ using nitrokey::misc::strcpyT; } void NitrokeyManager::set_unencrypted_read_only(const char* user_pin) { + //available until 0.48 misc::execute_password_command(device, user_pin); } void NitrokeyManager::set_unencrypted_read_write(const char* user_pin) { + //available until 0.48 misc::execute_password_command(device, user_pin); } + void NitrokeyManager::set_unencrypted_read_only_admin_pin(const char* admin_pin) { + //available from 0.49 + misc::execute_password_command(device, admin_pin); + } + + void NitrokeyManager::set_unencrypted_read_write_admin_pin(const char* admin_pin) { + //available from 0.49 + misc::execute_password_command(device, admin_pin); + } + void NitrokeyManager::export_firmware(const char* admin_pin) { misc::execute_password_command(device, admin_pin); } -- cgit v1.2.1 From 809b618d4d064cedc7070cac5ccc8797e5d89f54 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 16:58:24 +0100 Subject: Correct getting minor and major from firmware version Add get_minor_firmware_version Correct get_major_firmware version (was returning minor instead) Name 3rd version field for test builds Use minor firmware version in tests Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 14e3952..d12bf54 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -755,11 +755,25 @@ using nitrokey::misc::strcpyT; switch(device->get_device_model()){ case DeviceModel::PRO:{ auto status_p = GetStatus::CommandTransaction::run(device); - return status_p.data().firmware_version; //7 or 8 + return status_p.data().firmware_version_st.minor; //7 or 8 } case DeviceModel::STORAGE:{ auto status = stick20::GetDeviceStatus::CommandTransaction::run(device); - return status.data().versionInfo.minor; + auto test_firmware = status.data().versionInfo.build_iteration != 0; + return status.data().versionInfo.minor + (test_firmware? 1 : 0); + } + } + return 0; + } + int NitrokeyManager::get_major_firmware_version(){ + switch(device->get_device_model()){ + case DeviceModel::PRO:{ + auto status_p = GetStatus::CommandTransaction::run(device); + return status_p.data().firmware_version_st.major; //0 + } + case DeviceModel::STORAGE:{ + auto status = stick20::GetDeviceStatus::CommandTransaction::run(device); + return status.data().versionInfo.major; } } return 0; -- cgit v1.2.1 From 1411b1bd795bcf4a382dd8ed2aa09f94e352f848 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:24:55 +0100 Subject: Unify unencrypted volume ro/rw switching For 0.49 run new command, which needs Admin PIN For 0.48 and lower run old command Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index d12bf54..eb52eee 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -824,23 +824,19 @@ using nitrokey::misc::strcpyT; } void NitrokeyManager::set_unencrypted_read_only(const char* user_pin) { - //available until 0.48 - misc::execute_password_command(device, user_pin); + //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN + if (get_minor_firmware_version()<=48) + misc::execute_password_command(device, user_pin); + else + misc::execute_password_command(device, user_pin); } void NitrokeyManager::set_unencrypted_read_write(const char* user_pin) { - //available until 0.48 - misc::execute_password_command(device, user_pin); - } - - void NitrokeyManager::set_unencrypted_read_only_admin_pin(const char* admin_pin) { - //available from 0.49 - misc::execute_password_command(device, admin_pin); - } - - void NitrokeyManager::set_unencrypted_read_write_admin_pin(const char* admin_pin) { - //available from 0.49 - misc::execute_password_command(device, admin_pin); + //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN + if (get_minor_firmware_version()<=48) + misc::execute_password_command(device, user_pin); + else + misc::execute_password_command(device, user_pin); } void NitrokeyManager::export_firmware(const char* admin_pin) { -- cgit v1.2.1 From 025774fc3759683a8ec0f6b1598b1e34b550e6d5 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:31:36 +0100 Subject: Tests: set debug level from environment variable, show connected device model and version Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 1 + 1 file changed, 1 insertion(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index eb52eee..de52e25 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -30,6 +30,7 @@ #include #include "include/cxx_semantics.h" #include +#include std::mutex nitrokey::proto::send_receive_mtx; -- cgit v1.2.1 From 08e0a45a8f10ae4fbe294a903b3a6264aa3c4333 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:45:35 +0100 Subject: Correct variable name for unencrypted ro/rw switch Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index de52e25..d4a13d1 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -824,20 +824,20 @@ using nitrokey::misc::strcpyT; stick20::SetupHiddenVolume::CommandTransaction::run(device, p); } - void NitrokeyManager::set_unencrypted_read_only(const char* user_pin) { + void NitrokeyManager::set_unencrypted_read_only(const char* user_admin_pin) { //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN if (get_minor_firmware_version()<=48) - misc::execute_password_command(device, user_pin); + misc::execute_password_command(device, user_admin_pin); else - misc::execute_password_command(device, user_pin); + misc::execute_password_command(device, user_admin_pin); } - void NitrokeyManager::set_unencrypted_read_write(const char* user_pin) { + void NitrokeyManager::set_unencrypted_read_write(const char* user_admin_pin) { //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN if (get_minor_firmware_version()<=48) - misc::execute_password_command(device, user_pin); + misc::execute_password_command(device, user_admin_pin); else - misc::execute_password_command(device, user_pin); + misc::execute_password_command(device, user_admin_pin); } void NitrokeyManager::export_firmware(const char* admin_pin) { -- cgit v1.2.1 From c93fdb6625ee952e5cf17e4caaeddf2975276f90 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 20 Dec 2017 20:00:44 +0100 Subject: Implement command for testing smartcard status Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index d4a13d1..fff5d64 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -752,6 +752,16 @@ using nitrokey::misc::strcpyT; return device->get_device_model(); } + bool NitrokeyManager::is_smartcard_in_use(){ + try{ + stick20::CheckSmartcardUsage::CommandTransaction::run(device); + } + catch(const CommandFailedException & e){ + return e.reason_smartcard_busy(); + } + return false; + } + int NitrokeyManager::get_minor_firmware_version(){ switch(device->get_device_model()){ case DeviceModel::PRO:{ -- cgit v1.2.1 From 4e6d39e9aae54658eb68a739d9eff55ab797c204 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 09:37:31 +0100 Subject: Divide unencrypted volume ro/rw commands for backward compatibility Unencrypted volume ro/rw: rename user_admin_pin -> admin_pin to be consistent with latest API. Update description. Document PIN requirements in C++ API Extract pin type function Add C API for separate unencrypted volume read write handling Use correct commands to set ro/rw mode of unencrypted volume Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 60 ++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 47 insertions(+), 13 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index fff5d64..f912c7c 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -771,6 +771,8 @@ using nitrokey::misc::strcpyT; case DeviceModel::STORAGE:{ auto status = stick20::GetDeviceStatus::CommandTransaction::run(device); auto test_firmware = status.data().versionInfo.build_iteration != 0; + if (test_firmware) + LOG("Development firmware detected. Increasing minor version number.", nitrokey::log::Loglevel::WARNING); return status.data().versionInfo.minor + (test_firmware? 1 : 0); } } @@ -834,23 +836,55 @@ using nitrokey::misc::strcpyT; stick20::SetupHiddenVolume::CommandTransaction::run(device, p); } - void NitrokeyManager::set_unencrypted_read_only(const char* user_admin_pin) { - //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN - if (get_minor_firmware_version()<=48) - misc::execute_password_command(device, user_admin_pin); - else - misc::execute_password_command(device, user_admin_pin); + void NitrokeyManager::set_unencrypted_read_only_admin(const char* admin_pin) { + //from v0.49, v0.51+ it needs Admin PIN + if (set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + LOG("set_unencrypted_read_only_admin is not supported for this version of Storage device. " + "Please update firmware to v0.51+", nitrokey::log::Loglevel::WARNING); + return; + } + misc::execute_password_command(device, admin_pin); + } + + void NitrokeyManager::set_unencrypted_read_only(const char *user_pin) { + //until v0.48 (incl. v0.50) User PIN was sufficient + LOG("set_unencrypted_read_only is deprecated. Use set_unencrypted_read_only_admin instead.", + nitrokey::log::Loglevel::WARNING); + if (!set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + LOG("set_unencrypted_read_only is not supported for this version of Storage device. Doing nothing.", + nitrokey::log::Loglevel::WARNING); + return; + } + misc::execute_password_command(device, user_pin); + } + + void NitrokeyManager::set_unencrypted_read_write_admin(const char* admin_pin) { + //from v0.49, v0.51+ it needs Admin PIN + if (set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + LOG("set_unencrypted_read_write_admin is not supported for this version of Storage device. " + "Please update firmware to v0.51+.", nitrokey::log::Loglevel::WARNING); + return; + } + misc::execute_password_command(device, admin_pin); + } + + void NitrokeyManager::set_unencrypted_read_write(const char *user_pin) { + //until v0.48 (incl. v0.50) User PIN was sufficient + LOG("set_unencrypted_read_write is deprecated. Use set_unencrypted_read_write_admin instead.", + nitrokey::log::Loglevel::WARNING); + if (!set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + LOG("set_unencrypted_read_write is not supported for this version of Storage device. Doing nothing.", + nitrokey::log::Loglevel::WARNING); + return; + } + misc::execute_password_command(device, user_pin); } - void NitrokeyManager::set_unencrypted_read_write(const char* user_admin_pin) { - //until 0.48 User PIN was sufficient, from 0.49 it needs Admin PIN - if (get_minor_firmware_version()<=48) - misc::execute_password_command(device, user_admin_pin); - else - misc::execute_password_command(device, user_admin_pin); + bool NitrokeyManager::set_unencrypted_volume_rorw_pin_type_user(const int minor_firmware_version) const { + return minor_firmware_version <= 48 || minor_firmware_version == 50; } - void NitrokeyManager::export_firmware(const char* admin_pin) { + void NitrokeyManager::export_firmware(const char* admin_pin) { misc::execute_password_command(device, admin_pin); } -- cgit v1.2.1 From a262472826830ea0a98a4da2fa8f665d359b8789 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 14:02:06 +0100 Subject: Handle getting firmware version internally Signed-off-by: Szczepan Zalega --- NitrokeyManager.cc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'NitrokeyManager.cc') diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index f912c7c..d563b26 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -838,7 +838,7 @@ using nitrokey::misc::strcpyT; void NitrokeyManager::set_unencrypted_read_only_admin(const char* admin_pin) { //from v0.49, v0.51+ it needs Admin PIN - if (set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + if (set_unencrypted_volume_rorw_pin_type_user()){ LOG("set_unencrypted_read_only_admin is not supported for this version of Storage device. " "Please update firmware to v0.51+", nitrokey::log::Loglevel::WARNING); return; @@ -850,7 +850,7 @@ using nitrokey::misc::strcpyT; //until v0.48 (incl. v0.50) User PIN was sufficient LOG("set_unencrypted_read_only is deprecated. Use set_unencrypted_read_only_admin instead.", nitrokey::log::Loglevel::WARNING); - if (!set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + if (!set_unencrypted_volume_rorw_pin_type_user()){ LOG("set_unencrypted_read_only is not supported for this version of Storage device. Doing nothing.", nitrokey::log::Loglevel::WARNING); return; @@ -860,7 +860,7 @@ using nitrokey::misc::strcpyT; void NitrokeyManager::set_unencrypted_read_write_admin(const char* admin_pin) { //from v0.49, v0.51+ it needs Admin PIN - if (set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + if (set_unencrypted_volume_rorw_pin_type_user()){ LOG("set_unencrypted_read_write_admin is not supported for this version of Storage device. " "Please update firmware to v0.51+.", nitrokey::log::Loglevel::WARNING); return; @@ -872,7 +872,7 @@ using nitrokey::misc::strcpyT; //until v0.48 (incl. v0.50) User PIN was sufficient LOG("set_unencrypted_read_write is deprecated. Use set_unencrypted_read_write_admin instead.", nitrokey::log::Loglevel::WARNING); - if (!set_unencrypted_volume_rorw_pin_type_user(get_minor_firmware_version())){ + if (!set_unencrypted_volume_rorw_pin_type_user()){ LOG("set_unencrypted_read_write is not supported for this version of Storage device. Doing nothing.", nitrokey::log::Loglevel::WARNING); return; @@ -880,7 +880,8 @@ using nitrokey::misc::strcpyT; misc::execute_password_command(device, user_pin); } - bool NitrokeyManager::set_unencrypted_volume_rorw_pin_type_user(const int minor_firmware_version) const { + bool NitrokeyManager::set_unencrypted_volume_rorw_pin_type_user(){ + auto minor_firmware_version = get_minor_firmware_version(); return minor_firmware_version <= 48 || minor_firmware_version == 50; } -- cgit v1.2.1