release of hwsecurity-openpgp, hwsecurity-provider, hwsecurity-ui

Author: dschuermann

hwsecurity-openpgp/build.gradle

@@ -0,0 +1,107 @@
+apply plugin: 'com.android.library'
+apply plugin: 'digital.wup.android-maven-publish'
+apply plugin: 'org.jetbrains.dokka-android'
+
+dependencies {
+    if (rootProject.ext.has("hwSdkIncludeAsSubmodule") && rootProject.hwSdkIncludeAsSubmodule) {
+        api project(':hwsecurity:hwsecurity')
+        implementation project(':hwsecurity:hwsecurity-provider')
+    } else {
+        api project(':hwsecurity')
+        implementation project(':hwsecurity-provider')
+    }
+
+    implementation 'org.bouncycastle:bcprov-jdk15on:1.62'
+
+    compileOnly 'androidx.annotation:annotation:1.0.0'
+
+    api 'com.google.auto.value:auto-value-annotations:1.6.2'
+    annotationProcessor 'com.google.auto.value:auto-value:1.6.2'
+    annotationProcessor 'com.ryanharter.auto.value:auto-value-parcel:0.2.6'
+
+    testImplementation 'junit:junit:4.12'
+    testImplementation 'org.robolectric:robolectric:3.2.2'
+    testImplementation 'org.mockito:mockito-core:2.18.0'
+}
+
+android {
+    compileSdkVersion rootProject.ext.compileSdkVersion
+
+    defaultConfig {
+        minSdkVersion 14
+        versionName rootProject.ext.hwSdkVersionName
+        vectorDrawables.useSupportLibrary = true
+        consumerProguardFiles 'hwsecurity-openpgp.pro'
+    }
+
+    compileOptions {
+        sourceCompatibility JavaVersion.VERSION_1_8
+        targetCompatibility JavaVersion.VERSION_1_8
+    }
+
+    // Do not abort build if lint finds errors
+    lintOptions {
+        abortOnError false
+    }
+}
+
+publishing {
+    publications {
+        mavenAar(MavenPublication) {
+            groupId = 'de.cotech'
+            artifactId = 'hwsecurity-openpgp'
+            version = android.defaultConfig.versionName
+
+            from components.android
+
+            pom {
+                url = 'https://hwsecurity.dev'
+                licenses {
+                    license {
+                        name = 'Commercial'
+                        url = 'https://hwsecurity.dev/sales/'
+                        distribution = 'repo'
+                    }
+                    license {
+                        name = 'GNU General Public License, version 3'
+                        url = 'https://www.gnu.org/licenses/gpl-3.0.txt'
+                    }
+                }
+                organization {
+                    name = 'Confidential Technologies GmbH'
+                    url = 'https://www.cotech.de'
+                }
+            }
+        }
+    }
+    /*
+     * To upload release, create file gradle.properties in ~/.gradle/ with this content:
+     *
+     * cotechMavenName=xxx
+     * cotechMavenPassword=xxx
+     */
+    if (project.hasProperty('cotechMavenName') && project.hasProperty('cotechMavenPassword')) {
+        println "Found cotechMavenName, cotechMavenPassword in gradle.properties!"
+
+        repositories {
+            maven {
+                credentials {
+                    username cotechMavenName
+                    password cotechMavenPassword
+                }
+                url = "https://maven.cotech.de"
+            }
+        }
+    }
+}
+
+dokka {
+    outputFormat = "hugo"
+    outputDirectory = "$buildDir/dokka/reference"
+    sourceDirs = files('src/main/java')
+
+    packageOptions {
+        prefix = "de.cotech.hw.openpgp.internal"
+        suppress = true
+    }
+}

hwsecurity-openpgp/hwsecurity-openpgp.pro

@@ -0,0 +1,3 @@
+# keep BC provider
+-keep class org.bouncycastle.jcajce.provider.** { *; }
+-keep class org.bouncycastle.jce.provider.** { *; }

hwsecurity-openpgp/libs/bcprov-jdk15on-1.61-modified.jar

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    package="de.cotech.hw.openpgp">
+
+    <application />
+</manifest>

hwsecurity-openpgp/src/main/AndroidManifest.xml

@@ -0,0 +1,110 @@
+/*
+ * Copyright (C) 2018-2019 Confidential Technologies GmbH
+ *
+ * You can purchase a commercial license at https://hwsecurity.dev.
+ * Buying such a license is mandatory as soon as you develop commercial
+ * activities involving this program without disclosing the source code
+ * of your own applications.
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.cotech.hw.openpgp;
+
+import de.cotech.hw.internal.transport.usb.UsbTransportException;
+
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+
+import androidx.annotation.RestrictTo;
+import androidx.annotation.RestrictTo.Scope;
+
+
+@RestrictTo(Scope.LIBRARY_GROUP)
+@SuppressWarnings("WeakerAccess")
+public class CardCapabilities {
+    private static final int MASK_CHAINING = 1 << 7;
+    private static final int MASK_EXTENDED = 1 << 6;
+
+    private static final int STATUS_INDICATOR_NO_INFORMATION = 0x00;
+    private static final int STATUS_INDICATOR_INITIALISATION_STATE = 0x03;
+    private static final int STATUS_INDICATOR_OPERATIONAL_STATE = 0x05;
+
+    private static final byte[] EXPECTED_PROCESSING_STATUS_BYTES = {(byte) 0x90, (byte) 0x00};
+
+    private byte[] historicalBytes;
+    private byte[] capabilityBytes;
+
+    public CardCapabilities(byte[] historicalBytes) throws UsbTransportException {
+        if ((historicalBytes == null) || (historicalBytes[0] != 0x00)) {
+            throw new UsbTransportException("Invalid historical bytes category indicator byte");
+        }
+        this.historicalBytes = historicalBytes;
+        capabilityBytes = getCapabilitiesBytes(historicalBytes);
+    }
+
+    public CardCapabilities() {
+        capabilityBytes = null;
+    }
+
+    private static byte[] getCapabilitiesBytes(byte[] historicalBytes) {
+        // Compact TLV
+        ByteBuffer byteBuffer = ByteBuffer.wrap(historicalBytes, 1, historicalBytes.length - 2);
+        while (byteBuffer.hasRemaining()) {
+            byte tl = byteBuffer.get();
+            if (tl == 0x73) { // Capabilities TL
+                byte[] val = new byte[3];
+                byteBuffer.get(val);
+                return val;
+            }
+            byteBuffer.position(byteBuffer.position() + (tl & 0xF));
+        }
+
+        return null;
+    }
+
+    public boolean hasChaining() {
+        return capabilityBytes != null && (capabilityBytes[2] & MASK_CHAINING) != 0;
+    }
+
+    public boolean hasExtended() {
+        return capabilityBytes != null && (capabilityBytes[2] & MASK_EXTENDED) != 0;
+    }
+
+    public boolean hasLifeCycleManagement() throws UsbTransportException {
+        byte[] lastBytes = Arrays.copyOfRange(historicalBytes, historicalBytes.length - 2, historicalBytes.length);
+        boolean hasExpectedLastBytes = Arrays.equals(lastBytes, EXPECTED_PROCESSING_STATUS_BYTES);
+
+        // Yk neo simply ends with 0x0000
+        if (!hasExpectedLastBytes) {
+            return true;
+        }
+
+        int statusIndicatorByte = historicalBytes[historicalBytes.length - 3];
+        switch (statusIndicatorByte) {
+            case STATUS_INDICATOR_NO_INFORMATION: {
+                return false;
+            }
+            case STATUS_INDICATOR_INITIALISATION_STATE:
+            case STATUS_INDICATOR_OPERATIONAL_STATE: {
+                return true;
+            }
+            default: {
+                throw new UsbTransportException("Status indicator byte not specified in OpenPGP specification");
+            }
+        }
+    }
+}