Merge branch 'build/1.12.0'

Author: jdmoreira

Authenticator.xcodeproj/project.pbxproj

@@ -1082,7 +1082,7 @@
 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
 				CODE_SIGN_ENTITLEMENTS = Authenticator/Authenticator.entitlements;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 181;
+				CURRENT_PROJECT_VERSION = 187;
 				DEVELOPMENT_TEAM = LQA3CS5MM7;
 				HEADER_SEARCH_PATHS = "../Submodules/YubiKit/**";
 				INFOPLIST_FILE = Authenticator/Info.plist;
@@ -1092,7 +1092,7 @@
 					"@executable_path/Frameworks",
 				);
 				LIBRARY_SEARCH_PATHS = "";
-				MARKETING_VERSION = 1.11.1;
+				MARKETING_VERSION = 1.12;
 				OTHER_LDFLAGS = "-ObjC";
 				PRODUCT_BUNDLE_IDENTIFIER = com.yubico.Authenticator;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -1113,7 +1113,7 @@
 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
 				CODE_SIGN_ENTITLEMENTS = Authenticator/Authenticator.entitlements;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 181;
+				CURRENT_PROJECT_VERSION = 187;
 				DEVELOPMENT_TEAM = LQA3CS5MM7;
 				HEADER_SEARCH_PATHS = "../Submodules/YubiKit/**";
 				INFOPLIST_FILE = Authenticator/Info.plist;
@@ -1123,7 +1123,7 @@
 					"@executable_path/Frameworks",
 				);
 				LIBRARY_SEARCH_PATHS = "";
-				MARKETING_VERSION = 1.11.1;
+				MARKETING_VERSION = 1.12;
 				OTHER_LDFLAGS = "-ObjC";
 				PRODUCT_BUNDLE_IDENTIFIER = com.yubico.Authenticator;
 				PRODUCT_NAME = "$(TARGET_NAME)";

Authenticator.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved

@@ -131,7 +131,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "%1$@ (construire %2$@)"
+            "value" : "%1$@ (build %2$@)"
           }
         },
         "ja" : {
@@ -272,7 +272,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Infos"
+            "value" : "A propos"
           }
         },
         "ja" : {
@@ -475,7 +475,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Ajouter compte"
+            "value" : "Ajouter un compte"
           }
         },
         "ja" : {
@@ -1411,9 +1411,6 @@
         }
       }
     },
-    "Decryption failed" : {
-      "comment" : "PIV extension decryption failed error message"
-    },
     "Delete" : {
       "comment" : "Menu",
       "localizations" : {
@@ -2396,7 +2393,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Comment cela fonctionne-t-il ?"
+            "value" : "Comment ça fonctionne ?"
           }
         },
         "ja" : {
@@ -2424,7 +2421,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Comment cela fonctionne-t-il"
+            "value" : "Comment ça fonctionne"
           }
         },
         "ja" : {
@@ -2593,7 +2590,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Insérez YubiKey"
+            "value" : "Insérez la YubiKey"
           }
         },
         "ja" : {
@@ -2638,9 +2635,6 @@
         }
       }
     },
-    "Invalid decryption" : {
-      "comment" : "PIV extension NFC invalid decryption"
-    },
     "Invalid device info received from YubiKey" : {
       "comment" : "Internal error message not to be displayed to the user.",
       "localizations" : {
@@ -4148,7 +4142,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "暗証番号が設定されています"
+            "value" : "PIN が設定されています"
           }
         },
         "sk" : {
@@ -5672,9 +5666,6 @@
         }
       }
     },
-    "Successfully decrypted cipher data" : {
-      "comment" : "PIV extension NFC successfully decrypted cipher data"
-    },
     "Successfully read" : {
       "comment" : "iOS NFC alert successfully read",
       "localizations" : {
@@ -5864,7 +5855,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "キーは別の操作で忙しい。"
+            "value" : "キーは別の操作を実行中です。"
           }
         },
         "sk" : {
@@ -5906,7 +5897,7 @@
       }
     },
     "The private key on the YubiKey does not match the certificate or there is no private key stored on the YubiKey." : {
-      "comment" : "PIV extension NFC invalid decryption no private key\nPIV extension NFC invalid signature no private key",
+      "comment" : "PIV extension NFC invalid signature no private key",
       "localizations" : {
         "de" : {
           "stringUnit" : {
@@ -6436,13 +6427,13 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "FIPS鍵にアカウントを追加するには、まずOATHアプリケーションにパスワードを設定する必要がある。"
+            "value" : "FIPS キーにアカウントを追加する場合、先に OATH アプリケーションにパスワードを設定してください。"
           }
         },
         "sk" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Ak chcete pridať účet do kľúča FIPS, musíte najprv nastaviť heslo pre aplikáciu OATH."
+            "value" : "Ak chcete pridať účet do FIPS kľúča, musíte najprv nastaviť heslo pre aplikáciu OATH."
           }
         }
       }
@@ -6664,7 +6655,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "NFC YubiKeyをスキャンする際、Safariを開いてワンタイムパスワードをコピーするかどうかを設定します。"
+            "value" : "NFC YubiKey をスキャンしたときに、Safari を開いてワンタイムパスワードをコピーするかどうかを設定します。"
           }
         },
         "sk" : {
@@ -6693,7 +6684,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "YubiKeyタッチ時のOTPコード出力ON/OFF。"
+            "value" : "YubiKey をタッチしたときに OTP コードを出力するかどうかを設定します。"
           }
         },
         "sk" : {
@@ -7522,7 +7513,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "YubiKey 5Ci認証"
+            "value" : "YubiKey 5Ci 認証"
           }
         },
         "sk" : {
@@ -7550,7 +7541,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "YubiKey 接続が見つかりません。"
+            "value" : "YubiKey との接続を確認できません。"
           }
         },
         "sk" : {
@@ -7578,7 +7569,7 @@
         "ja" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "YubiKeyの接続が切れた。"
+            "value" : "YubiKey との接続が切断されました。"
           }
         },
         "sk" : {

Authenticator/Localizable.xcstrings

@@ -41,8 +41,6 @@ struct TokenCertificateStorage {
         tokenKeychainKey.label = label
         tokenKeychainKey.canSign = true
         tokenKeychainKey.isSuitableForLogin = true
-        tokenKeychainKey.canDecrypt = true
-        tokenKeychainKey.canPerformKeyExchange = true
 
         // TODO: figure out when there might be multiple driverConfigurations and how to handle it
         guard let tokenDriverConfiguration = TKTokenDriver.Configuration.driverConfigurations.first?.value else {

Authenticator/Model/CryptoTokenKit/TokenCertificateStorage.swift

@@ -101,7 +101,6 @@ class TokenRequestViewModel: NSObject {
         connection.startConnection { connection in
             connection.pivSession { session, error in
                 guard let session = session else { Logger.ctk.error("No session: \(error!)"); return }
-                guard let operationType = userInfo.operationType() else { Logger.ctk.error("No OperationType defined"); return }
                 guard let type = userInfo.keyType(),
                       let objectId = userInfo.objectId(),
                       let algorithm = userInfo.algorithm(),
@@ -128,72 +127,35 @@ class TokenRequestViewModel: NSObject {
                                 return
                             }
                         }
-                        
-                        switch operationType {
-                        case .signData:
-                            session.signWithKey(in: slot, type: type, algorithm: algorithm, message: message) { signature, error in
-                                // Handle any errors
-                                if let error = error, (error as NSError).code == 0x6a80 {
-                                    YubiKitManager.shared.stopNFCConnection(withErrorMessage: String(localized: "Invalid signature", comment: "PIV extension NFC invalid signature"))
-                                    completion(.communicationError(ErrorMessage(title: String(localized: "Invalid signature", comment: "PIV extension NFC invalid signature"),
-                                                                                text: String(localized: "The private key on the YubiKey does not match the certificate or there is no private key stored on the YubiKey.", comment: "PIV extension NFC invalid signature no private key"))))
-                                    return
-                                }
-                                if let error = error {
-                                        completion(.communicationError(ErrorMessage(title: String(localized: "Signing failed", comment: "PIV extension signing failed error message"), text: error.localizedDescription)))
-                                    return
-                                }
-                                guard let signature = signature else { fatalError() }
-                                // Verify signature
-                                let signatureError = self.verifySignature(signature, data: message, objectId: objectId, algorithm: algorithm)
-                                if signatureError != nil {
-                                    YubiKitManager.shared.stopNFCConnection(withErrorMessage: String(localized: "Invalid signature", comment: "PIV extension invalid signature"))
-                                    completion(.communicationError(ErrorMessage(title: String(localized: "Invalid signature", comment: "PIV extension invalid signature"),
-                                                                                text: String(localized: "The private key on the YubiKey does not match the certificate.", comment: "PIV extension invalid signature message"))))
-                                    return
-                                }
-                                
-                                YubiKitManager.shared.stopNFCConnection(withMessage: String(localized: "Successfully signed data", comment: "PIV extension NFC successfully signed data"))
-                                
-                                if let userDefaults = UserDefaults(suiteName: "group.com.yubico.Authenticator") {
-                                    Logger.ctk.debug("Save data to userDefaults...")
-                                    userDefaults.setValue(signature, forKey: "signedData")
-                                    completion(nil)
-                                }
-                            } // End signWithKey Session
-                        case .decryptData:
-                            // Begin Decryption Session
-                            session.decryptWithKey(in: slot, algorithm: algorithm, encrypted: message) { plainText, error in
-                                // Handle any errors
-                                if let error = error, (error as NSError).code == 0x6a80 {
-                                    YubiKitManager.shared.stopNFCConnection(withErrorMessage: String(localized: "Invalid decryption", comment: "PIV extension NFC invalid decryption"))
-                                    completion(.communicationError(ErrorMessage(title: String(localized: "Invalid decryption", comment: "PIV extension NFC invalid decryption"),
-                                                                                text: String(localized: "The private key on the YubiKey does not match the certificate or there is no private key stored on the YubiKey.", comment: "PIV extension NFC invalid decryption no private key"))))
-                                    return
-                                }
-                                if let error = error {
-                                    completion(.communicationError(ErrorMessage(title: String(localized: "Decryption failed", comment: "PIV extension decryption failed error message"), text: error.localizedDescription)))
-                                    return
-                                }
-                                
-                                guard let plainText = plainText else { fatalError() }
-                                
-                                YubiKitManager.shared.stopNFCConnection(withMessage: String(localized: "Successfully decrypted cipher data", comment: "PIV extension NFC successfully decrypted cipher data"))
-                                
-                                if let userDefaults = UserDefaults(suiteName: "group.com.yubico.Authenticator") {
-                                    Logger.ctk.debug("Save decrypted data to userDefaults...")
-                                    
-                                    if let decryptedRawString = String(data: plainText, encoding: .utf8) {
-                                        // Injecting Yubico Authenticator watermark message for testing to confirm the decrypted message came via YA app
-                                        //let decryptedYAString = "[Decrypted using YA] " + decryptedRawString
-                                        
-                                        if let decryptedYAStringAsData = decryptedRawString.data(using: .utf8) {
-                                            userDefaults.setValue(decryptedYAStringAsData, forKey: "decryptedData")
-                                        }
-                                    }
-                                    completion(nil)
-                                }
-                            } // End Decryption Session
+                        session.signWithKey(in: slot, type: type, algorithm: algorithm, message: message) { signature, error in
+                            // Handle any errors
+                            if let error = error, (error as NSError).code == 0x6a80 {
+                                YubiKitManager.shared.stopNFCConnection(withErrorMessage: String(localized: "Invalid signature", comment: "PIV extension NFC invalid signature"))
+                                completion(.communicationError(ErrorMessage(title: String(localized: "Invalid signature", comment: "PIV extension NFC invalid signature"),
+                                                                            text: String(localized: "The private key on the YubiKey does not match the certificate or there is no private key stored on the YubiKey.", comment: "PIV extension NFC invalid signature no private key"))))
+                                return
+                            }
+                            if let error = error {
+                                    completion(.communicationError(ErrorMessage(title: String(localized: "Signing failed", comment: "PIV extension signing failed error message"), text: error.localizedDescription)))
+                                return
+                            }
+                            guard let signature = signature else { fatalError() }
+                            // Verify signature
+                            let signatureError = self.verifySignature(signature, data: message, objectId: objectId, algorithm: algorithm)
+                            if signatureError != nil {
+                                YubiKitManager.shared.stopNFCConnection(withErrorMessage: String(localized: "Invalid signature", comment: "PIV extension invalid signature"))
+                                completion(.communicationError(ErrorMessage(title: String(localized: "Invalid signature", comment: "PIV extension invalid signature"),
+                                                                            text: String(localized: "The private key on the YubiKey does not match the certificate.", comment: "PIV extension invalid signature message"))))
+                                return
+                            }
+                            
+                            YubiKitManager.shared.stopNFCConnection(withMessage: String(localized: "Successfully signed data", comment: "PIV extension NFC successfully signed data"))
+                            
+                            if let userDefaults = UserDefaults(suiteName: "group.com.yubico.Authenticator") {
+                                Logger.ctk.debug("Save data to userDefaults...")
+                                userDefaults.setValue(signature, forKey: "signedData")
+                                completion(nil)
+                            }
                         }
                     }
                 }
@@ -224,11 +186,6 @@ class TokenRequestViewModel: NSObject {
     }
 }
 
-enum OperationType: String {
-    case signData = "signData"
-    case decryptData = "decryptData"
-}
-
 
 extension TokenRequestViewModel {
 
@@ -343,11 +300,6 @@ private extension Dictionary where Key == AnyHashable, Value: Any {
         guard let rawValue = self["algorithm"] as? String else { return nil }
         return SecKeyAlgorithm(rawValue: rawValue as CFString)
     }
-    
-    func operationType() -> OperationType? {
-        guard let rawValue = self["operationType"] as? String else { return nil }
-        return OperationType.init(rawValue: rawValue)
-    }
 }
 
 extension String: Error {}

Authenticator/Model/TokenRequestViewModel.swift

@@ -164,7 +164,7 @@
         "fr" : {
           "stringUnit" : {
             "state" : "translated",
-            "value" : "Ajouter compte"
+            "value" : "Ajouter un compte"
           }
         },
         "ja" : {