From 4019675bfdcd30e3f91603923e8785f1f9aac9d1 Mon Sep 17 00:00:00 2001 From: Adam Velebil Date: Mon, 2 Sep 2024 14:52:04 +0200 Subject: [PATCH] Update device info after setPin and reset --- .../yubico/authenticator/fido/FidoConnectionHelper.kt | 10 +++++++++- .../com/yubico/authenticator/fido/FidoManager.kt | 11 ++++++++++- .../com/yubico/authenticator/fido/FidoResetHelper.kt | 6 ++++-- 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoConnectionHelper.kt b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoConnectionHelper.kt index 2feffe09..88ab6853 100644 --- a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoConnectionHelper.kt +++ b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoConnectionHelper.kt @@ -21,6 +21,7 @@ import com.yubico.authenticator.DialogManager import com.yubico.authenticator.DialogTitle import com.yubico.authenticator.device.DeviceManager import com.yubico.authenticator.fido.data.YubiKitFidoSession +import com.yubico.authenticator.yubikit.DeviceInfoHelper.Companion.getDeviceInfo import com.yubico.authenticator.yubikit.withConnection import com.yubico.yubikit.android.transport.usb.UsbYubiKeyDevice import com.yubico.yubikit.core.fido.FidoConnection @@ -51,18 +52,25 @@ class FidoConnectionHelper( suspend fun useSession( actionDescription: FidoActionDescription, + updateDeviceInfo: Boolean = false, action: (YubiKitFidoSession) -> T ): T { + FidoManager.updateDeviceInfo.set(updateDeviceInfo) return deviceManager.withKey( onNfc = { useSessionNfc(actionDescription,action) }, - onUsb = { useSessionUsb(it, action) }) + onUsb = { useSessionUsb(it, updateDeviceInfo, action) }) } suspend fun useSessionUsb( device: UsbYubiKeyDevice, + updateDeviceInfo: Boolean = false, block: (YubiKitFidoSession) -> T ): T = device.withConnection { block(YubiKitFidoSession(it)) + }.also { + if (updateDeviceInfo) { + deviceManager.setDeviceInfo(getDeviceInfo(device)) + } } suspend fun useSessionNfc( diff --git a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoManager.kt b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoManager.kt index 6919c2cb..0b49f307 100644 --- a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoManager.kt +++ b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoManager.kt @@ -30,6 +30,7 @@ import com.yubico.authenticator.fido.data.Session import com.yubico.authenticator.fido.data.SessionInfo import com.yubico.authenticator.fido.data.YubiKitFidoSession import com.yubico.authenticator.setHandler +import com.yubico.authenticator.yubikit.DeviceInfoHelper.Companion.getDeviceInfo import com.yubico.authenticator.yubikit.withConnection import com.yubico.yubikit.android.transport.nfc.NfcYubiKeyDevice import com.yubico.yubikit.core.YubiKeyConnection @@ -61,6 +62,7 @@ import org.slf4j.LoggerFactory import java.io.IOException import java.util.Arrays import java.util.concurrent.Executors +import java.util.concurrent.atomic.AtomicBoolean typealias FidoAction = (Result) -> Unit @@ -80,6 +82,7 @@ class FidoManager( } companion object { + val updateDeviceInfo = AtomicBoolean(false) fun getPreferredPinUvAuthProtocol(infoData: InfoData): PinUvAuthProtocol { val pinUvAuthProtocols = infoData.pinUvAuthProtocols val pinSupported = infoData.options["clientPin"] != null @@ -120,6 +123,8 @@ class FidoManager( pinStore ) + + init { pinRetries = null @@ -187,6 +192,10 @@ class FidoManager( processYubiKey(connection, device) } } + + if (updateDeviceInfo.getAndSet(false)) { + deviceManager.setDeviceInfo(getDeviceInfo(device)) + } } catch (e: Exception) { // something went wrong, try to get DeviceInfo from any available connection type logger.error("Failure when processing YubiKey: ", e) @@ -380,7 +389,7 @@ class FidoManager( } private suspend fun setPin(pin: CharArray?, newPin: CharArray): String = - connectionHelper.useSession(FidoActionDescription.SetPin) { fidoSession -> + connectionHelper.useSession(FidoActionDescription.SetPin, updateDeviceInfo = true) { fidoSession -> try { val clientPin = ClientPin(fidoSession, getPreferredPinUvAuthProtocol(fidoSession.cachedInfo)) diff --git a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoResetHelper.kt b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoResetHelper.kt index a89a8526..33d54f92 100644 --- a/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoResetHelper.kt +++ b/android/app/src/main/kotlin/com/yubico/authenticator/fido/FidoResetHelper.kt @@ -162,8 +162,9 @@ class FidoResetHelper( coroutineScope.launch(Dispatchers.Main) { fidoViewModel.updateResetState(FidoResetState.Touch) logger.debug("Waiting for touch") - deviceManager.withKey { usbYubiKeyDevice -> - connectionHelper.useSessionUsb(usbYubiKeyDevice) { fidoSession -> + deviceManager.withKey { + usbYubiKeyDevice -> + connectionHelper.useSessionUsb(usbYubiKeyDevice, updateDeviceInfo = true) { fidoSession -> resetCommandState = CommandState() try { if (cancelReset) { @@ -211,6 +212,7 @@ class FidoResetHelper( coroutineScope.launch { fidoViewModel.updateResetState(FidoResetState.Touch) try { + FidoManager.updateDeviceInfo.set(true) connectionHelper.useSessionNfc(FidoActionDescription.Reset) { fidoSession -> doReset(fidoSession) continuation.resume(Unit)