From 99ac7ee964bf273708441a3012ba89c7729ceadb Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 11 Dec 2017 18:40:00 +0100 Subject: Add new commands for Storage v0.49 Signed-off-by: Szczepan Zalega --- include/command_id.h | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include') diff --git a/include/command_id.h b/include/command_id.h index 7608201..1092ea9 100644 --- a/include/command_id.h +++ b/include/command_id.h @@ -124,6 +124,13 @@ enum class CommandID : uint8_t { CHANGE_UPDATE_PIN = 0x20 + 26, + //added in v0.48.5 + ENABLE_ADMIN_READONLY_UNCRYPTED_LUN = 0x20 + 28, + ENABLE_ADMIN_READWRITE_UNCRYPTED_LUN = 0x20 + 29, + ENABLE_ADMIN_READONLY_ENCRYPTED_LUN = 0x20 + 30, + ENABLE_ADMIN_READWRITE_ENCRYPTED_LUN = 0x20 + 31, + CHECK_SMARTCARD_USAGE = 0x20 + 32, + GET_PW_SAFE_SLOT_STATUS = 0x60, GET_PW_SAFE_SLOT_NAME = 0x61, GET_PW_SAFE_SLOT_PASSWORD = 0x62, -- cgit v1.2.1 From 0b0898f2b5d88738aa8f49ce6b9ba98db1c775f7 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 14:21:19 +0100 Subject: Support execution of the 0.49 commands Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 8 ++++++++ include/stick20_commands.h | 15 +++++++++++++++ 2 files changed, 23 insertions(+) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 9a1686c..8f47860 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -202,6 +202,14 @@ char * strndup(const char* str, size_t maxlen); void set_loglevel(Loglevel loglevel); void set_loglevel(int loglevel); + + void set_encrypted_volume_read_only(const char *admin_pin); + + void set_encrypted_volume_read_write(const char *admin_pin); + + void set_unencrypted_read_write_admin_pin(const char *admin_pin); + + void set_unencrypted_read_only_admin_pin(const char *admin_pin); }; } diff --git a/include/stick20_commands.h b/include/stick20_commands.h index 34bd547..f45283f 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -52,6 +52,15 @@ namespace nitrokey { class EnableEncryptedPartition : public PasswordCommand {}; class EnableHiddenEncryptedPartition : public PasswordCommand {}; + class SetUnencryptedVolumeReadOnlyAdmin : + public PasswordCommand {}; + class SetUnencryptedVolumeReadWriteAdmin : + public PasswordCommand {}; + class SetEncryptedVolumeReadOnly : + public PasswordCommand {}; + class SetEncryptedVolumeReadWrite : + public PasswordCommand {}; + //FIXME the volume disabling commands do not need password class DisableEncryptedPartition : public PasswordCommand {}; class DisableHiddenEncryptedPartition : public PasswordCommand {}; @@ -265,6 +274,12 @@ namespace nitrokey { CommandTransaction; }; + class CheckSmartcardUsage : Command { + public: + typedef Transaction + CommandTransaction; + }; + class GetSDCardOccupancy : Command { public: struct ResponsePayload { -- cgit v1.2.1 From 809b618d4d064cedc7070cac5ccc8797e5d89f54 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 16:58:24 +0100 Subject: Correct getting minor and major from firmware version Add get_minor_firmware_version Correct get_major_firmware version (was returning minor instead) Name 3rd version field for test builds Use minor firmware version in tests Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 2 ++ include/stick10_commands.h | 8 +++++++- include/stick20_commands.h | 9 +++++---- 3 files changed, 14 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 8f47860..f6e02cc 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -210,6 +210,8 @@ char * strndup(const char* str, size_t maxlen); void set_unencrypted_read_write_admin_pin(const char *admin_pin); void set_unencrypted_read_only_admin_pin(const char *admin_pin); + + int get_major_firmware_version(); }; } diff --git a/include/stick10_commands.h b/include/stick10_commands.h index c9a5e5b..893b98f 100644 --- a/include/stick10_commands.h +++ b/include/stick10_commands.h @@ -367,7 +367,13 @@ class ReadSlot : Command { class GetStatus : Command { public: struct ResponsePayload { - uint16_t firmware_version; + union { + uint16_t firmware_version; + struct { + uint8_t minor; + uint8_t major; + } firmware_version_st; + }; union{ uint8_t card_serial[4]; uint32_t card_serial_u32; diff --git a/include/stick20_commands.h b/include/stick20_commands.h index f45283f..4b75e6a 100644 --- a/include/stick20_commands.h +++ b/include/stick20_commands.h @@ -168,10 +168,10 @@ namespace nitrokey { union{ uint8_t VersionInfo_au8[4]; struct { - uint8_t _reserved; + uint8_t major; uint8_t minor; uint8_t _reserved2; - uint8_t major; + uint8_t build_iteration; } __packed versionInfo; } __packed; @@ -215,8 +215,9 @@ namespace nitrokey { print_to_ss((int) ReadWriteFlagUncryptedVolume_u8 ); print_to_ss((int) ReadWriteFlagCryptedVolume_u8 ); print_to_ss((int) ReadWriteFlagHiddenVolume_u8 ); - print_to_ss((int) VersionInfo_au8[1] ); - print_to_ss((int) VersionInfo_au8[3] ); + print_to_ss((int) versionInfo.major ); + print_to_ss((int) versionInfo.minor ); + print_to_ss((int) versionInfo.build_iteration ); print_to_ss((int) FirmwareLocked_u8 ); print_to_ss((int) NewSDCardFound_u8 ); print_to_ss((int) NewSDCardFound_st.NewCard ); -- cgit v1.2.1 From 1411b1bd795bcf4a382dd8ed2aa09f94e352f848 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:24:55 +0100 Subject: Unify unencrypted volume ro/rw switching For 0.49 run new command, which needs Admin PIN For 0.48 and lower run old command Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 4 ---- 1 file changed, 4 deletions(-) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index f6e02cc..e0aa59f 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -207,10 +207,6 @@ char * strndup(const char* str, size_t maxlen); void set_encrypted_volume_read_write(const char *admin_pin); - void set_unencrypted_read_write_admin_pin(const char *admin_pin); - - void set_unencrypted_read_only_admin_pin(const char *admin_pin); - int get_major_firmware_version(); }; } -- cgit v1.2.1 From 08e0a45a8f10ae4fbe294a903b3a6264aa3c4333 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 12 Dec 2017 17:45:35 +0100 Subject: Correct variable name for unencrypted ro/rw switch Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index e0aa59f..67dd128 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -126,9 +126,9 @@ char * strndup(const char* str, size_t maxlen); void unlock_hidden_volume(const char *hidden_volume_password); void lock_hidden_volume(); - void set_unencrypted_read_only(const char *user_pin); + void set_unencrypted_read_only(const char *user_admin_pin); - void set_unencrypted_read_write(const char *user_pin); + void set_unencrypted_read_write(const char *user_admin_pin); void export_firmware(const char *admin_pin); void enable_firmware_update(const char *firmware_pin); -- cgit v1.2.1 From c93fdb6625ee952e5cf17e4caaeddf2975276f90 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Wed, 20 Dec 2017 20:00:44 +0100 Subject: Implement command for testing smartcard status Signed-off-by: Szczepan Zalega --- include/CommandFailedException.h | 5 +++++ include/NitrokeyManager.h | 2 ++ 2 files changed, 7 insertions(+) (limited to 'include') diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 42fad73..32bd6b7 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -28,6 +28,7 @@ #include "command_id.h" using cs = nitrokey::proto::stick10::command_status; +using cs2 = nitrokey::proto::stick20::device_status; class CommandFailedException : public std::exception { public: @@ -65,6 +66,10 @@ public: return last_command_status == static_cast(cs::wrong_password); } + bool reason_smartcard_busy() const throw(){ + return last_command_status == static_cast(cs2::smartcard_error); + } + }; diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 67dd128..12aae0d 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -208,6 +208,8 @@ char * strndup(const char* str, size_t maxlen); void set_encrypted_volume_read_write(const char *admin_pin); int get_major_firmware_version(); + + bool is_smartcard_in_use(); }; } -- cgit v1.2.1 From caa4a0246d9ebe956d725feaa773eca2c8bd8f11 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 22 Dec 2017 13:50:00 +0100 Subject: Extend busy status description Signed-off-by: Szczepan Zalega --- include/device_proto.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/device_proto.h b/include/device_proto.h index 7873a0a..50aea38 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -351,12 +351,14 @@ namespace nitrokey { LOG("Status busy, decreasing receiving_retry_counter counter: " + std::to_string(receiving_retry_counter) + ", current delay:" + std::to_string(retry_timeout.count()), Loglevel::DEBUG); - LOG(std::string("Busy retry ") + LOG(std::string("Busy retry: status ") + std::to_string(resp.storage_status.device_status) - + " " + + ", " + std::to_string(retry_timeout.count()) - + " " + + "ms, counter " + std::to_string(receiving_retry_counter) + + ", progress: " + + std::to_string(resp.storage_status.progress_bar_value) , Loglevel::DEBUG_L1); } } -- cgit v1.2.1 From 9b37634dd5c0783cc73e0317979968d0c454155e Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 22 Dec 2017 13:52:41 +0100 Subject: Add device status in logged CommandFailed throw Signed-off-by: Szczepan Zalega --- include/device_proto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/device_proto.h b/include/device_proto.h index 50aea38..ebdcdbd 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -456,7 +456,7 @@ namespace nitrokey { if (resp.last_command_status != static_cast(stick10::command_status::ok)){ dev->m_counters.command_result_not_equal_0_recv++; - LOG(std::string("Throw: CommandFailedException"), Loglevel::DEBUG_L1); + LOG(std::string("Throw: CommandFailedException ") + std::to_string(resp.last_command_status), Loglevel::DEBUG_L1); throw CommandFailedException(resp.command_id, resp.last_command_status); } -- cgit v1.2.1 From 4e6d39e9aae54658eb68a739d9eff55ab797c204 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 09:37:31 +0100 Subject: Divide unencrypted volume ro/rw commands for backward compatibility Unencrypted volume ro/rw: rename user_admin_pin -> admin_pin to be consistent with latest API. Update description. Document PIN requirements in C++ API Extract pin type function Add C API for separate unencrypted volume read write handling Use correct commands to set ro/rw mode of unencrypted volume Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 55 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 50 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 12aae0d..08da8ba 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -126,9 +126,37 @@ char * strndup(const char* str, size_t maxlen); void unlock_hidden_volume(const char *hidden_volume_password); void lock_hidden_volume(); - void set_unencrypted_read_only(const char *user_admin_pin); - - void set_unencrypted_read_write(const char *user_admin_pin); + /** + * Sets unencrypted volume read-only. + * Works until v0.48 (incl. v0.50), where User PIN was sufficient + * Does nothing otherwise. + * @param user_pin User PIN + */ + void set_unencrypted_read_only(const char *user_pin); + + /** + * Sets unencrypted volume read-only. + * Works from v0.49 (except v0.50) accepts Admin PIN + * Does nothing otherwise. + * @param admin_pin Admin PIN + */ + void set_unencrypted_read_only_admin(const char *admin_pin); + + /** + * Sets unencrypted volume read-write. + * Works until v0.48 (incl. v0.50), where User PIN was sufficient + * Does nothing otherwise. + * @param user_pin User PIN + */ + void set_unencrypted_read_write(const char *user_pin); + + /** + * Sets unencrypted volume read-write. + * Works from v0.49 (except v0.50) accepts Admin PIN + * Does nothing otherwise. + * @param admin_pin Admin PIN + */ + void set_unencrypted_read_write_admin(const char *admin_pin); void export_firmware(const char *admin_pin); void enable_firmware_update(const char *firmware_pin); @@ -203,13 +231,30 @@ char * strndup(const char* str, size_t maxlen); void set_loglevel(int loglevel); - void set_encrypted_volume_read_only(const char *admin_pin); + /** + * Sets encrypted volume read-only. + * Supported from future versions of Storage. + * @param admin_pin Admin PIN + */ + void set_encrypted_volume_read_only(const char *admin_pin); - void set_encrypted_volume_read_write(const char *admin_pin); + /** + * Sets encrypted volume read-write. + * Supported from future versions of Storage. + * @param admin_pin Admin PIN + */ + void set_encrypted_volume_read_write(const char *admin_pin); int get_major_firmware_version(); bool is_smartcard_in_use(); + + /** + * Function to determine unencrypted volume PIN type + * @param minor_firmware_version + * @return Returns true, if set unencrypted volume ro/rw pin type is User, false otherwise. + */ + bool set_unencrypted_volume_rorw_pin_type_user(int minor_firmware_version) const; }; } -- cgit v1.2.1 From a262472826830ea0a98a4da2fa8f665d359b8789 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 23 Feb 2018 14:02:06 +0100 Subject: Handle getting firmware version internally Signed-off-by: Szczepan Zalega --- include/NitrokeyManager.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/NitrokeyManager.h b/include/NitrokeyManager.h index 08da8ba..0db0856 100644 --- a/include/NitrokeyManager.h +++ b/include/NitrokeyManager.h @@ -254,7 +254,7 @@ char * strndup(const char* str, size_t maxlen); * @param minor_firmware_version * @return Returns true, if set unencrypted volume ro/rw pin type is User, false otherwise. */ - bool set_unencrypted_volume_rorw_pin_type_user(int minor_firmware_version) const; + bool set_unencrypted_volume_rorw_pin_type_user(); }; } -- cgit v1.2.1