2017-03-07 11:10:22 +03:00
|
|
|
import QtQuick 2.5
|
|
|
|
|
import io.thp.pyotherside 1.4
|
2017-01-27 15:55:38 +03:00
|
|
|
|
2017-03-17 16:06:34 +03:00
|
|
|
|
2017-01-27 15:55:38 +03:00
|
|
|
// @disable-check M300
|
|
|
|
|
Python {
|
|
|
|
|
id: py
|
|
|
|
|
|
|
|
|
|
property int nDevices
|
|
|
|
|
property bool hasDevice
|
|
|
|
|
property string name
|
|
|
|
|
property string version
|
2017-03-01 13:57:40 +03:00
|
|
|
property string oathId
|
2017-01-27 15:55:38 +03:00
|
|
|
property var features: []
|
|
|
|
|
property var connections: []
|
2017-08-02 15:54:54 +03:00
|
|
|
property var credentials: []
|
2017-01-31 18:17:10 +03:00
|
|
|
property int nextRefresh: 0
|
2017-01-27 15:55:38 +03:00
|
|
|
property var enabled: []
|
|
|
|
|
property bool ready: false
|
|
|
|
|
property var queue: []
|
2017-02-28 12:04:46 +03:00
|
|
|
property bool hasOTP: enabled.indexOf('OTP') !== -1
|
|
|
|
|
property bool hasCCID: enabled.indexOf('CCID') !== -1
|
2017-02-07 16:17:54 +03:00
|
|
|
property bool validated
|
2017-03-08 18:07:12 +03:00
|
|
|
property bool slot1inUse
|
|
|
|
|
property bool slot2inUse
|
2017-02-08 13:55:53 +03:00
|
|
|
property var passwordKey
|
2017-02-28 15:20:44 +03:00
|
|
|
property int expiration: 0
|
2017-02-08 18:47:28 +03:00
|
|
|
signal wrongPassword
|
2017-03-29 13:08:19 +03:00
|
|
|
signal credentialsRefreshed
|
2017-01-27 15:55:38 +03:00
|
|
|
|
|
|
|
|
Component.onCompleted: {
|
2017-01-30 16:59:58 +03:00
|
|
|
importModule('site', function () {
|
|
|
|
|
call('site.addsitedir', [appDir + '/pymodules'], function () {
|
2017-01-27 15:55:38 +03:00
|
|
|
addImportPath(urlPrefix + '/py')
|
2017-03-03 15:03:25 +03:00
|
|
|
importModule('yubikey', function () {
|
|
|
|
|
ready = true
|
|
|
|
|
do_call('yubikey.controller.get_features', [],
|
|
|
|
|
function (res) {
|
|
|
|
|
features = res
|
|
|
|
|
for (var i in queue) {
|
|
|
|
|
do_call(queue[i][0], queue[i][1],
|
|
|
|
|
queue[i][2])
|
|
|
|
|
}
|
|
|
|
|
queue = []
|
|
|
|
|
})
|
2017-01-27 15:55:38 +03:00
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-09 14:45:04 +03:00
|
|
|
onHasDeviceChanged: {
|
2017-02-16 16:14:14 +03:00
|
|
|
device.passwordKey = null
|
|
|
|
|
device.validated = false
|
2017-02-09 14:45:04 +03:00
|
|
|
}
|
|
|
|
|
|
2017-01-27 15:55:38 +03:00
|
|
|
function do_call(func, args, cb) {
|
|
|
|
|
if (!ready) {
|
|
|
|
|
queue.push([func, args, cb])
|
|
|
|
|
} else {
|
2017-02-01 18:51:02 +03:00
|
|
|
call(func, args.map(JSON.stringify), function (json) {
|
2017-01-27 15:55:38 +03:00
|
|
|
if (cb) {
|
|
|
|
|
cb(json ? JSON.parse(json) : undefined)
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-23 12:40:24 +03:00
|
|
|
function refresh(refreshCredentialsOnMode) {
|
2017-01-27 15:55:38 +03:00
|
|
|
do_call('yubikey.controller.count_devices', [], function (n) {
|
|
|
|
|
nDevices = n
|
|
|
|
|
if (nDevices == 1) {
|
|
|
|
|
do_call('yubikey.controller.refresh', [], function (dev) {
|
|
|
|
|
name = dev ? dev.name : ''
|
|
|
|
|
version = dev ? dev.version : ''
|
|
|
|
|
enabled = dev ? dev.enabled : []
|
|
|
|
|
connections = dev ? dev.connections : []
|
2017-02-28 12:57:10 +03:00
|
|
|
hasDevice = dev !== undefined && dev !== null
|
2017-01-27 15:55:38 +03:00
|
|
|
})
|
|
|
|
|
} else if (hasDevice) {
|
|
|
|
|
hasDevice = false
|
2017-01-31 18:17:10 +03:00
|
|
|
credentials = null
|
|
|
|
|
nextRefresh = 0
|
2017-01-27 15:55:38 +03:00
|
|
|
}
|
2017-02-23 12:40:24 +03:00
|
|
|
refreshCredentialsOnMode()
|
2017-01-27 15:55:38 +03:00
|
|
|
})
|
2017-01-30 16:59:58 +03:00
|
|
|
}
|
2017-01-27 15:55:38 +03:00
|
|
|
|
2017-02-23 14:18:20 +03:00
|
|
|
function refreshCCIDCredentials(force) {
|
2017-02-23 12:40:24 +03:00
|
|
|
var now = Math.floor(Date.now() / 1000)
|
2017-04-06 05:55:36 +03:00
|
|
|
if (force || (validated && nextRefresh <= now)) {
|
2017-03-01 13:57:40 +03:00
|
|
|
do_call('yubikey.controller.refresh_credentials',
|
2017-03-30 11:00:07 +03:00
|
|
|
[now, passwordKey], updateAllCredentials)
|
2017-02-23 12:40:24 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-23 14:18:20 +03:00
|
|
|
function refreshSlotCredentials(slots, digits, force) {
|
2017-02-23 12:40:24 +03:00
|
|
|
var now = Math.floor(Date.now() / 1000)
|
2017-04-06 05:55:36 +03:00
|
|
|
if (force || (nextRefresh <= now)) {
|
2017-03-01 13:57:40 +03:00
|
|
|
do_call('yubikey.controller.refresh_slot_credentials',
|
2017-03-30 11:00:07 +03:00
|
|
|
[slots, digits, now], updateAllCredentials)
|
2017-02-23 12:40:24 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-01 13:57:40 +03:00
|
|
|
function validate(providedPassword, cb) {
|
|
|
|
|
do_call('yubikey.controller.derive_key', [providedPassword],
|
|
|
|
|
function (key) {
|
|
|
|
|
validateFromKey(key, cb)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function validateFromKey(key, cb) {
|
|
|
|
|
do_call('yubikey.controller.validate', [key], function (res) {
|
|
|
|
|
if (res !== false) {
|
|
|
|
|
passwordKey = key
|
|
|
|
|
validated = true
|
|
|
|
|
if (cb != null) {
|
|
|
|
|
cb()
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
wrongPassword()
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-10 10:17:27 +03:00
|
|
|
function promptOrSkip(prompt) {
|
2017-02-23 12:40:24 +03:00
|
|
|
|
2017-03-01 13:57:40 +03:00
|
|
|
do_call('yubikey.controller.get_oath_id', [], function (res) {
|
|
|
|
|
|
|
|
|
|
oathId = res
|
|
|
|
|
|
|
|
|
|
// Check if device id can be found in saved passwords
|
|
|
|
|
// and validate with that key if found.
|
2017-04-10 10:17:27 +03:00
|
|
|
var savedKey = getSavedKey(oathId)
|
|
|
|
|
if (savedKey != null) {
|
2017-05-10 10:50:22 +03:00
|
|
|
validateFromKey(savedKey, null)
|
2017-03-01 13:57:40 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
do_call('yubikey.controller.needs_validation', [], function (res) {
|
|
|
|
|
if (res === true) {
|
|
|
|
|
prompt.open()
|
|
|
|
|
}
|
|
|
|
|
if (res === false) {
|
2017-02-28 17:07:43 +03:00
|
|
|
validated = true
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
})
|
2017-02-01 18:27:45 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-10 10:17:27 +03:00
|
|
|
function getSavedKey(id) {
|
|
|
|
|
// Read a saved password key, else return null.
|
|
|
|
|
var entries = getPasswordEntries()
|
|
|
|
|
return (entries[id] != null) ? entries[id] : null
|
2017-02-09 12:57:28 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-10 16:01:49 +03:00
|
|
|
function setPassword(password) {
|
2017-02-16 16:14:14 +03:00
|
|
|
do_call('yubikey.controller.set_password', [password, passwordKey],
|
|
|
|
|
function () {
|
2017-05-11 09:53:48 +03:00
|
|
|
if (password != null) {
|
|
|
|
|
validate(password, null)
|
2017-03-16 18:34:00 +03:00
|
|
|
}
|
2017-02-16 16:14:14 +03:00
|
|
|
})
|
2017-02-10 16:01:49 +03:00
|
|
|
}
|
|
|
|
|
|
2017-03-30 11:00:07 +03:00
|
|
|
function updateAllCredentials(creds) {
|
2017-01-31 11:57:44 +03:00
|
|
|
var result = []
|
2017-01-31 18:17:10 +03:00
|
|
|
var minExpiration = (Date.now() / 1000) + 10000
|
2017-01-31 11:57:44 +03:00
|
|
|
for (var i = 0; i < creds.length; i++) {
|
2017-02-01 18:27:45 +03:00
|
|
|
var cred = creds[i]
|
2017-02-03 15:58:22 +03:00
|
|
|
// Update min expiration
|
2017-01-31 18:17:10 +03:00
|
|
|
if (cred.expiration && cred.expiration < minExpiration) {
|
|
|
|
|
minExpiration = cred.expiration
|
|
|
|
|
}
|
2017-02-03 15:58:22 +03:00
|
|
|
// Touch credentials should only be replaced by user
|
|
|
|
|
if (credentialExists(cred.name) && cred.touch) {
|
|
|
|
|
result.push(getCredential(cred.name))
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
// HOTP credentials should only be replaced by user
|
|
|
|
|
if (credentialExists(cred.name) && cred.oath_type === 'hotp') {
|
|
|
|
|
result.push(getCredential(cred.name))
|
|
|
|
|
continue
|
|
|
|
|
}
|
2017-07-05 11:15:57 +03:00
|
|
|
// The selected credential should still be selected,
|
|
|
|
|
// with an updated code.
|
|
|
|
|
if (selected != null) {
|
|
|
|
|
if (selected.name === cred.name) {
|
|
|
|
|
selected = cred
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-03 15:58:22 +03:00
|
|
|
// TOTP credentials should be updated
|
2017-01-31 11:57:44 +03:00
|
|
|
result.push(cred)
|
|
|
|
|
}
|
2017-01-31 18:17:10 +03:00
|
|
|
nextRefresh = minExpiration
|
2017-03-08 15:58:42 +03:00
|
|
|
// Credentials is cleared so that
|
2017-04-25 11:16:13 +03:00
|
|
|
// the view will refresh even if objects are the same
|
2017-03-08 15:58:42 +03:00
|
|
|
credentials = []
|
2017-01-31 18:17:10 +03:00
|
|
|
credentials = result
|
2017-02-28 15:20:44 +03:00
|
|
|
updateExpiration()
|
2017-03-29 13:08:19 +03:00
|
|
|
credentialsRefreshed()
|
2017-01-31 11:57:44 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-03 15:58:22 +03:00
|
|
|
function getCredential(name) {
|
|
|
|
|
for (var i = 0; i < credentials.length; i++) {
|
|
|
|
|
if (credentials[i].name === name) {
|
|
|
|
|
return credentials[i]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function credentialExists(name) {
|
|
|
|
|
if (credentials != null) {
|
|
|
|
|
for (var i = 0; i < credentials.length; i++) {
|
|
|
|
|
if (credentials[i].name === name) {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-13 16:51:14 +03:00
|
|
|
function hasAnyCredentials() {
|
|
|
|
|
return credentials != null && credentials.length > 0
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-28 15:20:44 +03:00
|
|
|
function updateExpiration() {
|
2017-03-01 13:57:40 +03:00
|
|
|
var maxExpiration = 0
|
|
|
|
|
if (credentials !== null) {
|
|
|
|
|
for (var i = 0; i < credentials.length; i++) {
|
|
|
|
|
var exp = credentials[i].expiration
|
|
|
|
|
if (exp !== null && exp > maxExpiration) {
|
|
|
|
|
maxExpiration = exp
|
2017-02-28 15:20:44 +03:00
|
|
|
}
|
|
|
|
|
}
|
2017-03-01 13:57:40 +03:00
|
|
|
expiration = maxExpiration
|
2017-02-28 15:20:44 +03:00
|
|
|
}
|
2017-03-01 13:57:40 +03:00
|
|
|
}
|
2017-02-28 15:20:44 +03:00
|
|
|
|
2017-07-31 14:52:06 +03:00
|
|
|
function calculate(credential, copyAfterUpdate) {
|
2017-02-07 16:17:54 +03:00
|
|
|
var now = Math.floor(Date.now() / 1000)
|
2017-02-16 16:14:14 +03:00
|
|
|
do_call('yubikey.controller.calculate', [credential, now, passwordKey],
|
2017-07-31 14:52:06 +03:00
|
|
|
function(cred) {
|
|
|
|
|
updateSingleCredential(cred, copyAfterUpdate)
|
|
|
|
|
})
|
2017-02-07 16:17:54 +03:00
|
|
|
}
|
|
|
|
|
|
2017-07-31 14:52:06 +03:00
|
|
|
function calculateSlotMode(slot, digits, copyAfterUpdate) {
|
2017-02-23 15:51:44 +03:00
|
|
|
var now = Math.floor(Date.now() / 1000)
|
|
|
|
|
do_call('yubikey.controller.calculate_slot_mode', [slot, digits, now],
|
2017-07-31 14:52:06 +03:00
|
|
|
function(cred) {
|
|
|
|
|
updateSingleCredential(cred, copyAfterUpdate)
|
|
|
|
|
})
|
2017-02-23 15:51:44 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-25 11:16:58 +03:00
|
|
|
/**
|
|
|
|
|
Put a credential coming from the YubiKey in the
|
|
|
|
|
right position in the credential list.
|
|
|
|
|
*/
|
2017-07-31 14:52:06 +03:00
|
|
|
function updateSingleCredential(cred, copyAfterUpdate) {
|
2017-02-07 16:17:54 +03:00
|
|
|
var result = []
|
|
|
|
|
for (var i = 0; i < credentials.length; i++) {
|
|
|
|
|
if (credentials[i].name === cred.name) {
|
|
|
|
|
result.push(cred)
|
|
|
|
|
} else {
|
|
|
|
|
result.push(credentials[i])
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
credentials = result
|
2017-03-08 10:56:40 +03:00
|
|
|
updateExpiration()
|
2017-03-30 10:48:59 +03:00
|
|
|
credentialsRefreshed()
|
2017-04-25 11:16:58 +03:00
|
|
|
// Update the selected credential
|
|
|
|
|
// after update, since the code now
|
|
|
|
|
// might be available.
|
|
|
|
|
selected = cred
|
2017-07-31 14:52:06 +03:00
|
|
|
if (copyAfterUpdate) {
|
|
|
|
|
copy()
|
|
|
|
|
}
|
2017-02-07 16:17:54 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-16 16:14:14 +03:00
|
|
|
function addCredential(name, key, oathType, digits, algorithm, touch, cb) {
|
2017-02-03 14:24:41 +03:00
|
|
|
do_call('yubikey.controller.add_credential',
|
2017-02-16 16:14:14 +03:00
|
|
|
[name, key, oathType, digits, algorithm, touch, passwordKey],
|
|
|
|
|
cb)
|
2017-02-03 14:24:41 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-27 16:13:54 +03:00
|
|
|
function addSlotCredential(slot, key, touch, cb) {
|
2017-03-01 13:57:40 +03:00
|
|
|
do_call('yubikey.controller.add_slot_credential',
|
|
|
|
|
[slot, key, touch], cb)
|
2017-02-27 16:13:54 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-03 18:23:28 +03:00
|
|
|
function deleteCredential(credential) {
|
2017-02-16 16:14:14 +03:00
|
|
|
do_call('yubikey.controller.delete_credential',
|
|
|
|
|
[credential, passwordKey])
|
2017-01-27 15:55:38 +03:00
|
|
|
}
|
2017-02-14 15:12:24 +03:00
|
|
|
|
2017-02-23 18:00:17 +03:00
|
|
|
function deleteSlotCredential(slot) {
|
2017-03-01 13:57:40 +03:00
|
|
|
do_call('yubikey.controller.delete_slot_credential', [slot])
|
2017-02-23 18:00:17 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-16 16:14:14 +03:00
|
|
|
function parseQr(screenShots, cb) {
|
2017-02-15 17:00:30 +03:00
|
|
|
do_call('yubikey.controller.parse_qr', [screenShots], cb)
|
2017-02-14 15:12:24 +03:00
|
|
|
}
|
2017-02-17 10:52:34 +03:00
|
|
|
|
|
|
|
|
function reset() {
|
|
|
|
|
do_call('yubikey.controller.reset', [])
|
|
|
|
|
}
|
2017-03-08 18:07:12 +03:00
|
|
|
|
|
|
|
|
function getSlotStatus(cb) {
|
|
|
|
|
do_call('yubikey.controller.slot_status', [], function (res) {
|
|
|
|
|
slot1inUse = res[0]
|
|
|
|
|
slot2inUse = res[1]
|
|
|
|
|
cb()
|
|
|
|
|
})
|
|
|
|
|
}
|
2017-01-27 15:55:38 +03:00
|
|
|
}
|
