Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add file forgotten in last commit.

  • Loading branch information...
commit f53227848a5eed3a0baafe460be2e16528a5b177 1 parent 36daa73
Fredrik Thulin authored October 07, 2011
67  src/main/java/org/unitedid/yhsm/internal/HsmUnlockCmd.java
... ...
@@ -0,0 +1,67 @@
  1
+/*
  2
+ * Copyright (c) 2011 United ID. All rights reserved.
  3
+ * Copyright (c) 2011 Yubico AB. All rights reserved.
  4
+ *
  5
+ * Licensed under the Apache License, Version 2.0 (the "License");
  6
+ * you may not use this file except in compliance with the License.
  7
+ * You may obtain a copy of the License at
  8
+ *
  9
+ * http://www.apache.org/licenses/LICENSE-2.0
  10
+ *
  11
+ * Unless required by applicable law or agreed to in writing, software
  12
+ * distributed under the License is distributed on an "AS IS" BASIS,
  13
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14
+ * See the License for the specific language governing permissions and
  15
+ * limitations under the License.
  16
+ *
  17
+ * @author Stefan Wold <stefan.wold@unitedid.org>
  18
+ * @author Fredrik Thulin <fredrik@yubico.com>
  19
+ */
  20
+
  21
+package org.unitedid.yhsm.internal;
  22
+
  23
+import static org.unitedid.yhsm.internal.Defines.*;
  24
+import static org.unitedid.yhsm.utility.Utils.*;
  25
+
  26
+import org.unitedid.yhsm.utility.Utils;
  27
+
  28
+public class HsmUnlockCmd {
  29
+
  30
+    /** Constructor */
  31
+    private HsmUnlockCmd() {}
  32
+
  33
+    /**
  34
+     * Have the YubiHSM unlock the HSM operations (those involving the keystore) with a YubiKey OTP.
  35
+     *
  36
+     * @param device the YubiHSM device
  37
+     * @param publicId the YubiKey public id
  38
+     * @param otp the YubiKey OTP (in hex)
  39
+     * @return true if unlock was successful
  40
+     * @throws YubiHSMErrorException error exceptions
  41
+     * @throws YubiHSMInputException argument exceptions
  42
+     * @throws YubiHSMCommandFailedException command failed exception
  43
+     */
  44
+    public static boolean unlockOtp(DeviceHandler device, String publicId, String otp) throws YubiHSMErrorException, YubiHSMInputException, YubiHSMCommandFailedException {
  45
+        byte[] idBA = validateByteArray("publicId", hexToByteArray(publicId), 0, YSM_AEAD_NONCE_SIZE, YSM_AEAD_NONCE_SIZE);
  46
+        byte[] otpBA = validateByteArray("otp", hexToByteArray(otp), 0, YSM_OTP_SIZE, YSM_OTP_SIZE);
  47
+        byte[] payload = Utils.concatAllArrays(idBA, otpBA);
  48
+        return parseResult(CommandHandler.execute(device, YSM_HSM_UNLOCK, payload, true));
  49
+    }
  50
+
  51
+    /**
  52
+     *  Parse the response from the YubiHSM for a previous command.
  53
+     *
  54
+     * @param result the result from the last command
  55
+     * @return boolean indicating success
  56
+     * @throws YubiHSMCommandFailedException command failed exception
  57
+     */
  58
+    private static boolean parseResult(byte[] result) throws YubiHSMCommandFailedException {
  59
+        if (result[0] == YSM_STATUS_OK) {
  60
+            return true;
  61
+        } else if (result[0] == YSM_OTP_INVALID) {
  62
+            return false;
  63
+        } else {
  64
+            throw new YubiHSMCommandFailedException("Command " + getCommandString(YSM_HSM_UNLOCK) + " failed: " + getCommandStatus(result[0]));
  65
+        }
  66
+    }
  67
+}

0 notes on commit f532278

Please sign in to comment.
Something went wrong with that request. Please try again.