Merge 'main' into adamve/nfc_activity_widget

2024-11-22 00:12:09 +03:00 · 2024-08-30 11:38:04 +02:00 · 2024-08-30 11:38:04 +02:00 · 7c9becaf30
commit 7c9becaf30
parent 7924a3cac3 344820dd98
14 changed files with 59 additions and 20 deletions
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@ -91,13 +91,13 @@ dependencies {
    api "com.yubico.yubikit:fido:$project.yubiKitVersion"
    api "com.yubico.yubikit:support:$project.yubiKitVersion"

-    implementation 'org.jetbrains.kotlinx:kotlinx-serialization-json:1.6.3'
+    implementation 'org.jetbrains.kotlinx:kotlinx-serialization-json:1.7.1'

    // Lifecycle
-    implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.8.3'
+    implementation 'androidx.lifecycle:lifecycle-viewmodel-ktx:2.8.4'

    implementation "androidx.core:core-ktx:1.13.1"
-    implementation 'androidx.fragment:fragment-ktx:1.8.1'
+    implementation 'androidx.fragment:fragment-ktx:1.8.2'
    implementation 'androidx.preference:preference-ktx:1.2.1'

    implementation 'com.google.android.material:material:1.12.0'
--- a/android/app/src/main/kotlin/com/yubico/authenticator/yubikit/DeviceInfoHelper.kt
+++ b/android/app/src/main/kotlin/com/yubico/authenticator/yubikit/DeviceInfoHelper.kt
@ -24,8 +24,10 @@ import com.yubico.authenticator.device.unknownFido2DeviceInfo
 import com.yubico.authenticator.device.unknownOathDeviceInfo
 import com.yubico.yubikit.android.transport.nfc.NfcYubiKeyDevice
 import com.yubico.yubikit.android.transport.usb.UsbYubiKeyDevice
+import com.yubico.yubikit.core.Version
 import com.yubico.yubikit.core.YubiKeyDevice
 import com.yubico.yubikit.core.application.ApplicationNotAvailableException
+import com.yubico.yubikit.core.application.SessionVersionOverride
 import com.yubico.yubikit.core.fido.FidoConnection
 import com.yubico.yubikit.core.otp.OtpConnection
 import com.yubico.yubikit.core.smartcard.Apdu
@ -46,8 +48,17 @@ class DeviceInfoHelper {
            byteArrayOf(0x00, 0x1F, 0xD1.toByte(), 0x01, 0x1b, 0x55, 0x04) + uri

        suspend fun getDeviceInfo(device: YubiKeyDevice): Info? {
-            val pid = (device as? UsbYubiKeyDevice)?.pid
+            SessionVersionOverride.set(null)
+            var deviceInfo = readDeviceInfo(device)
+            if (deviceInfo?.version?.major == 0.toByte()) {
+                SessionVersionOverride.set(Version(5, 7, 2))
+                deviceInfo = readDeviceInfo(device)
+            }
+            return deviceInfo
+        }

+        private suspend fun readDeviceInfo(device: YubiKeyDevice): Info? {
+            val pid = (device as? UsbYubiKeyDevice)?.pid

            val deviceInfo = runCatching {
                device.withConnection<SmartCardConnection, DeviceInfo> {
--- a/android/build.gradle
+++ b/android/build.gradle
@ -9,7 +9,7 @@ allprojects {
        targetSdkVersion = 34
        compileSdkVersion = 34

-        yubiKitVersion = "2.7.0-alpha01"
+        yubiKitVersion = "2.7.0"
        junitVersion = "4.13.2"
        mockitoVersion = "5.12.0"
    }
--- a/android/flutter_plugins/qrscanner_zxing/android/build.gradle
+++ b/android/flutter_plugins/qrscanner_zxing/android/build.gradle
@ -2,14 +2,14 @@ group 'com.yubico.authenticator.flutter_plugins.qrscanner_zxing'
 version '1.0'

 buildscript {
-    ext.kotlin_version = '2.0.0'
+    ext.kotlin_version = '2.0.20'
    repositories {
        google()
        mavenCentral()
    }

    dependencies {
-        classpath 'com.android.tools.build:gradle:8.5.0'
+        classpath 'com.android.tools.build:gradle:8.5.2'
        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
    }
 }
--- a/android/settings.gradle
+++ b/android/settings.gradle
@ -26,9 +26,9 @@ pluginManagement {

 plugins {
    id "dev.flutter.flutter-plugin-loader" version "1.0.0"
-    id "com.android.application" version '8.5.2' apply false
-    id "org.jetbrains.kotlin.android" version "2.0.0" apply false
-    id "org.jetbrains.kotlin.plugin.serialization" version "2.0.0" apply false
+    id "com.android.application" version "8.5.2" apply false
+    id "org.jetbrains.kotlin.android" version "2.0.20" apply false
+    id "org.jetbrains.kotlin.plugin.serialization" version "2.0.20" apply false
    id "com.google.android.gms.oss-licenses-plugin" version "0.10.6" apply false
 }

--- a/helper/helper/device.py
+++ b/helper/helper/device.py
@ -274,9 +274,6 @@ class AbstractDeviceNode(RpcNode):
                # Clear DeviceInfo cache
                self._info = None
                self._data = None
-                # Make sure any child node is re-opened after this,
-                # as enabled applications may have changed
-                super().close()

            return response

@ -465,7 +462,20 @@ class ConnectionNode(RpcNode):

    def __call__(self, *args, **kwargs):
        try:
-            return super().__call__(*args, **kwargs)
+            response = super().__call__(*args, **kwargs)
+            if "device_info" in response.flags:
+                # Refresh DeviceInfo
+                info = read_info(self._connection, self._device.pid)
+                if self._info != info:
+                    self._info = info
+                    # Make sure any child node is re-opened after this,
+                    # as enabled applications may have changed
+                    self.close()
+                else:
+                    # No change to DeviceInfo, further propagation not needed.
+                    response.flags.remove("device_info")
+
+            return response
        except (SmartcardException, OSError) as e:
            logger.exception("Connection error")
            raise ChildResetException(f"{e}")
--- a/helper/helper/fido.py
+++ b/helper/helper/fido.py
@ -333,6 +333,7 @@ class CredentialNode(RpcNode):
    def delete(self, params, event, signal):
        self.credman.delete_cred(self.data["credential_id"])
        self.refresh_rps()
+        return dict()


 class FingerprintsNode(RpcNode):
--- a/helper/helper/piv.py
+++ b/helper/helper/piv.py
@ -502,7 +502,7 @@ class SlotNode(RpcNode):

        self._refresh()

-        return dict(
+        response = dict(
            metadata=_metadata_dict(metadata),
            public_key=(
                private_key.public_key()
@ -519,6 +519,7 @@ class SlotNode(RpcNode):
                else None
            ),
        )
+        return RpcResponse(response, ["device_info"])

    @action
    def generate(self, params, event, signal):
@ -570,4 +571,5 @@ class SlotNode(RpcNode):

        self._refresh()

-        return dict(public_key=public_key_pem, result=result)
+        response = dict(public_key=public_key_pem, result=result)
+        return RpcResponse(response, ["device_info"])
--- a/lib/l10n/app_de.arb
+++ b/lib/l10n/app_de.arb
@ -588,6 +588,7 @@
    "l_delete_certificate_or_key_desc": "Entfernen Sie das Zertifikat oder den Schlüssel von Ihrem YubiKey",
    "l_move_key": "Schlüssel verschieben",
    "l_move_key_desc": "Verschieben Sie einen Schlüssel von einem PIV-Slot in einen anderen",
+    "l_change_defaults": null,
    "s_issuer": "Aussteller",
    "s_serial": "Serial",
    "s_certificate_fingerprint": "Fingerprint",
--- a/lib/l10n/app_en.arb
+++ b/lib/l10n/app_en.arb
@ -588,6 +588,7 @@
    "l_delete_certificate_or_key_desc": "Remove the certificate or key from your YubiKey",
    "l_move_key": "Move key",
    "l_move_key_desc": "Move a key from one PIV slot into another",
+    "l_change_defaults": "Change default access codes",
    "s_issuer": "Issuer",
    "s_serial": "Serial",
    "s_certificate_fingerprint": "Fingerprint",
--- a/lib/l10n/app_fr.arb
+++ b/lib/l10n/app_fr.arb
@ -588,6 +588,7 @@
    "l_delete_certificate_or_key_desc": "Supprimer le certificat ou la clé de votre YubiKey",
    "l_move_key": "Déplacer la clé",
    "l_move_key_desc": "Déplacer une clé d'un emplacement PIV vers un autre",
+    "l_change_defaults": null,
    "s_issuer": "Émetteur",
    "s_serial": "Série",
    "s_certificate_fingerprint": "Empreinte digitale",
--- a/lib/l10n/app_ja.arb
+++ b/lib/l10n/app_ja.arb
@ -588,6 +588,7 @@
    "l_delete_certificate_or_key_desc": "YubiKey から証明書または鍵を削除する",
    "l_move_key": "キーを移動",
    "l_move_key_desc": "あるPIVスロットから別のスロットにキーを移動する",
+    "l_change_defaults": null,
    "s_issuer": "発行者",
    "s_serial": "シリアル",
    "s_certificate_fingerprint": "フィンガープリント",
--- a/lib/l10n/app_pl.arb
+++ b/lib/l10n/app_pl.arb
@ -588,6 +588,7 @@
    "l_delete_certificate_or_key_desc": null,
    "l_move_key": null,
    "l_move_key_desc": null,
+    "l_change_defaults": null,
    "s_issuer": "Wydawca",
    "s_serial": "Nr. seryjny",
    "s_certificate_fingerprint": "Odcisk palca",
--- a/lib/piv/views/actions.dart
+++ b/lib/piv/views/actions.dart
@ -312,12 +312,22 @@ class PivActions extends ConsumerWidget {
 List<ActionItem> buildSlotActions(
    PivState pivState, PivSlot slot, bool fipsUnready, AppLocalizations l10n) {
  if (fipsUnready) {
-    // TODO: Decide on final look and move strings to .arb file.
    return [
      ActionItem(
-          icon: const Icon(Symbols.add),
-          title: 'Provision slot',
-          subtitle: 'Change from default PIN/PUK/Management key first'),
+        key: keys.generateAction,
+        feature: features.slotsGenerate,
+        icon: const Icon(Symbols.add),
+        actionStyle: ActionStyle.primary,
+        title: l10n.s_generate_key,
+        subtitle: l10n.l_change_defaults,
+      ),
+      ActionItem(
+        key: keys.importAction,
+        feature: features.slotsImport,
+        icon: const Icon(Symbols.file_download),
+        title: l10n.l_import_file,
+        subtitle: l10n.l_change_defaults,
+      ),
    ];
  }
  final hasCert = slot.certInfo != null;