add PIV

canokeys · May 7, 2024 · 7e0f72a · 7e0f72a
1 parent 2c45899
commit 7e0f72a
Show file tree

Hide file tree

Showing 9 changed files with 416 additions and 16 deletions.
diff --git a/lib/controller/applets/piv.dart b/lib/controller/applets/piv.dart
@@ -0,0 +1,67 @@
+import 'package:canokey_console/controller/base_controller.dart';
+import 'package:canokey_console/generated/l10n.dart';
+import 'package:canokey_console/helper/theme/admin_theme.dart';
+import 'package:canokey_console/helper/utils/prompts.dart';
+import 'package:canokey_console/helper/utils/smartcard.dart';
+import 'package:flutter/material.dart';
+import 'package:get/get.dart';
+import 'package:logging/logging.dart';
+
+final log = Logger('Console:PIV:Controller');
+
+class PivController extends Controller {
+  bool polled = true;
+
+  @override
+  void onClose() {
+    try {
+      ScaffoldMessenger.of(Get.context!).hideCurrentSnackBar();
+      ScaffoldMessenger.of(Get.context!).hideCurrentMaterialBanner();
+      // ignore: empty_catches
+    } catch (e) {}
+  }
+
+  Future<void> refreshData(String pin) async {
+    SmartCard.process(() async {
+      SmartCard.assertOK(await SmartCard.transceive('00A4040005F000000000'));
+    });
+  }
+
+  changePin(String oldPin, String newPin) {
+    SmartCard.process(() async {
+      SmartCard.assertOK(await SmartCard.transceive('00A4040005A000000308'));
+      String oldPinHex = _padPin(oldPin);
+      String newPinHex = _padPin(newPin);
+      String resp = await SmartCard.transceive('0024008010$oldPinHex$newPinHex');
+      if (SmartCard.isOK(resp)) {
+        Navigator.pop(Get.context!);
+        Prompts.showPrompt(S.of(Get.context!).successfullyChanged, ContentThemeColor.success);
+      } else {
+        Prompts.promptPinFailureResult(resp);
+      }
+    });
+  }
+
+  changePUK(String oldPin, String newPin) {
+    SmartCard.process(() async {
+      SmartCard.assertOK(await SmartCard.transceive('00A4040005A000000308'));
+      String oldPinHex = _padPin(oldPin);
+      String newPinHex = _padPin(newPin);
+      String resp = await SmartCard.transceive('0024008110$oldPinHex$newPinHex');
+      if (SmartCard.isOK(resp)) {
+        Navigator.pop(Get.context!);
+        Prompts.showPrompt(S.of(Get.context!).successfullyChanged, ContentThemeColor.success);
+      } else {
+        Prompts.promptPinFailureResult(resp);
+      }
+    });
+  }
+
+  String _padPin(String pin) {
+    String pinHex = pin.codeUnits.map((e) => e.toRadixString(16)).join();
+    if (pinHex.length < 16) {
+      pinHex = pinHex.padRight(16, 'F');
+    }
+    return pinHex;
+  }
+}
diff --git a/lib/generated/intl/messages_en.dart b/lib/generated/intl/messages_en.dart
@@ -33,10 +33,13 @@ class MessageLookup extends MessageLookupByLibrary {
 
   static String m4(retries) => "Incorrect PIN. ${retries} retries left.";
 
-  static String m5(applet) =>
+  static String m5(min, max) =>
+      "New PUK should be at least ${min} characters long. The maximum length is ${max}.";
+
+  static String m6(applet) =>
       "This operation will RESET all data of ${applet}!";
 
-  static String m6(name) =>
+  static String m7(name) =>
       "This action will delete the account ${name} from your CanoKey. Make sure you have other ways to log in.";
 
   final messages = _notInlinedMessages(_notInlinedMessages);
@@ -186,6 +189,11 @@ class MessageLookup extends MessageLookupByLibrary {
             "The provided PIN is too short or too long."),
         "pinRetries": m4,
         "pivChangePUK": MessageLookupByLibrary.simpleMessage("Change PUK"),
+        "pivChangePUKPrompt": m5,
+        "pivNewPUK": MessageLookupByLibrary.simpleMessage("New PUK"),
+        "pivOldPUK": MessageLookupByLibrary.simpleMessage("Old PUK"),
+        "pivPinManagement":
+            MessageLookupByLibrary.simpleMessage("PIN Management"),
         "pollCanceled":
             MessageLookupByLibrary.simpleMessage("No CanoKey is selected."),
         "pollCanoKey": MessageLookupByLibrary.simpleMessage(
@@ -223,7 +231,7 @@ class MessageLookup extends MessageLookupByLibrary {
             MessageLookupByLibrary.simpleMessage("Reset CanoKey"),
         "settingsResetAllPrompt": MessageLookupByLibrary.simpleMessage(
             "All data is about to be erased. When you confirm, the CanoKey will blink repeatedly. Touch while it is blinking until success."),
-        "settingsResetApplet": m5,
+        "settingsResetApplet": m6,
         "settingsResetConditionNotSatisfying":
             MessageLookupByLibrary.simpleMessage("PIN has not been locked yet"),
         "settingsResetNDEF": MessageLookupByLibrary.simpleMessage("Reset NDEF"),
@@ -250,7 +258,7 @@ class MessageLookup extends MessageLookupByLibrary {
         "warning": MessageLookupByLibrary.simpleMessage("Warning"),
         "webauthnClientPinNotSupported": MessageLookupByLibrary.simpleMessage(
             "This key does not support WebAuthn PIN."),
-        "webauthnDelete": m6,
+        "webauthnDelete": m7,
         "webauthnInputPinPrompt": MessageLookupByLibrary.simpleMessage(
             "Please input your WebAuthn PIN."),
         "webauthnInputPinTitle":

diff --git a/lib/generated/intl/messages_zh_Hans.dart b/lib/generated/intl/messages_zh_Hans.dart
@@ -30,9 +30,9 @@ class MessageLookup extends MessageLookupByLibrary {
 
   static String m4(retries) => "PIN 输入错误，剩余重试次数：${retries}";
 
-  static String m5(applet) => "该操作将抹除 ${applet} 的全部数据！";
+  static String m6(applet) => "该操作将抹除 ${applet} 的全部数据！";
 
-  static String m6(name) => "您正在删除${name}，删除该项目后无法恢复！请确认您有其他方式登录该服务。";
+  static String m7(name) => "您正在删除${name}，删除该项目后无法恢复！请确认您有其他方式登录该服务。";
 
   final messages = _notInlinedMessages(_notInlinedMessages);
   static Map<String, Function> _notInlinedMessages(_) => <String, Function>{
@@ -156,6 +156,9 @@ class MessageLookup extends MessageLookupByLibrary {
         "pinLength": MessageLookupByLibrary.simpleMessage("输入的 PIN 长度错误"),
         "pinRetries": m4,
         "pivChangePUK": MessageLookupByLibrary.simpleMessage("修改 PUK"),
+        "pivNewPUK": MessageLookupByLibrary.simpleMessage("新 PUK"),
+        "pivOldPUK": MessageLookupByLibrary.simpleMessage("旧 PUK"),
+        "pivPinManagement": MessageLookupByLibrary.simpleMessage("管理 PIN"),
         "pollCanceled": MessageLookupByLibrary.simpleMessage("您没有选择任何 CanoKey"),
         "pollCanoKey":
             MessageLookupByLibrary.simpleMessage("请点击右上角刷新按钮读取 CanoKey"),
@@ -185,7 +188,7 @@ class MessageLookup extends MessageLookupByLibrary {
         "settingsResetAll": MessageLookupByLibrary.simpleMessage("重置 CanoKey"),
         "settingsResetAllPrompt": MessageLookupByLibrary.simpleMessage(
             "即将抹除全部数据。当您确认后，CanoKey 将会反复闪烁，请在闪烁时触摸，直到提示成功。"),
-        "settingsResetApplet": m5,
+        "settingsResetApplet": m6,
         "settingsResetConditionNotSatisfying":
             MessageLookupByLibrary.simpleMessage("PIN 尚未锁定"),
         "settingsResetNDEF": MessageLookupByLibrary.simpleMessage("重置 NDEF"),
@@ -209,7 +212,7 @@ class MessageLookup extends MessageLookupByLibrary {
         "warning": MessageLookupByLibrary.simpleMessage("警告"),
         "webauthnClientPinNotSupported":
             MessageLookupByLibrary.simpleMessage("该密钥不支持 WebAuthn PIN。"),
-        "webauthnDelete": m6,
+        "webauthnDelete": m7,
         "webauthnInputPinPrompt":
             MessageLookupByLibrary.simpleMessage("请输入您的 WebAuthn PIN。"),
         "webauthnInputPinTitle":

diff --git a/lib/generated/l10n.dart b/lib/generated/l10n.dart
diff --git a/lib/l10n/intl_en.arb b/lib/l10n/intl_en.arb
@@ -150,5 +150,9 @@
   "webauthnDelete": "This action will delete the account {name} from your CanoKey. Make sure you have other ways to log in.",
   "webauthnPinAuthBlocked": "PIN authentication is blocked. Please reinsert you CanoKey to retry.",
   "webauthnPinBlocked": "PIN authentication is blocked. Please reset WebAuthn.",
-  "pivChangePUK": "Change PUK"
+  "pivPinManagement": "PIN Management",
+  "pivChangePUK": "Change PUK",
+  "pivOldPUK": "Old PUK",
+  "pivNewPUK": "New PUK",
+  "pivChangePUKPrompt": "New PUK should be at least {min} characters long. The maximum length is {max}."
 }
diff --git a/lib/l10n/intl_zh_Hans.arb b/lib/l10n/intl_zh_Hans.arb
@@ -150,5 +150,9 @@
   "webauthnDelete": "您正在删除{name}，删除该项目后无法恢复！请确认您有其他方式登录该服务。",
   "webauthnPinAuthBlocked": "PIN 被锁定，请重新插拔 CanoKey。",
   "webauthnPinBlocked": "PIN 被锁定，请重置 WebAuthn。",
-  "pivChangePUK": "修改 PUK"
+  "pivPinManagement": "管理 PIN",
+  "pivChangePUK": "修改 PUK",
+  "pivOldPUK": "旧 PUK",
+  "pivNewPUK": "新 PUK",
+  "pivChangePinPrompt": "新 PUK 的长度应当为 {min} - {max} 个字符。"
 }
diff --git a/lib/routes.dart b/lib/routes.dart
@@ -1,5 +1,6 @@
 import 'package:canokey_console/views/applets/oath.dart';
 import 'package:canokey_console/views/applets/pass.dart';
+import 'package:canokey_console/views/applets/piv.dart';
 import 'package:canokey_console/views/applets/webauthn.dart';
 import 'package:canokey_console/views/settings.dart';
 import 'package:canokey_console/views/starter_screen.dart';
@@ -13,6 +14,7 @@ getPageRoute() {
     GetPage(name: '/applets/webauthn', page: () => const WebAuthnPage()),
     GetPage(name: '/applets/oath', page: () => const OathPage()),
     GetPage(name: '/applets/pass', page: () => const PassPage()),
+    GetPage(name: '/applets/piv', page: () => const PivPage()),
 
     GetPage(name: '/settings', page: () => const SettingsPage()),
   ];