Added SCP support to all YKFConnections and YKFSessions types.

Author: jensutbult

YubiKit/YubiKit/Connections/AccessoryConnection/YKFAccessoryConnection.m

@@ -158,6 +158,16 @@ - (void)u2fSession:(YKFU2FSessionCompletionBlock _Nonnull)callback {
     }];
 }
 
+- (void)u2fSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFU2FSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFU2FSession sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFU2FSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)fido2Session:(YKFFIDO2SessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFFIDO2Session sessionWithConnectionController:self.connectionController
@@ -167,6 +177,17 @@ - (void)fido2Session:(YKFFIDO2SessionCompletionBlock _Nonnull)callback {
     }];
 }
 
+- (void)fido2Session:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFFIDO2SessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFFIDO2Session sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFFIDO2Session *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
+
 - (void)pivSession:(YKFPIVSessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFPIVSession sessionWithConnectionController:self.connectionController
@@ -176,6 +197,16 @@ - (void)pivSession:(YKFPIVSessionCompletionBlock _Nonnull)callback {
     }];
 }
 
+- (void)pivSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFPIVSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFPIVSession sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFPIVSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)challengeResponseSession:(YKFChallengeResponseSessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFChallengeResponseSession sessionWithConnectionController:self.connectionController
@@ -185,6 +216,16 @@ - (void)challengeResponseSession:(YKFChallengeResponseSessionCompletionBlock _No
     }];
 }
 
+- (void)challengeResponseSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFChallengeResponseSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFChallengeResponseSession sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFChallengeResponseSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)managementSession:(YKFManagementSessionCompletion _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFManagementSession sessionWithConnectionController:self.connectionController
@@ -194,6 +235,16 @@ - (void)managementSession:(YKFManagementSessionCompletion _Nonnull)callback {
     }];
 }
 
+- (void)managementSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFManagementSessionCompletion _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFManagementSession sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFManagementSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)securityDomainSession:(YKFSecurityDomainSessionCompletion _Nonnull)completion {
     [self.currentSession clearSessionState];
     [YKFSecurityDomainSession sessionWithConnectionController:self.connectionController
@@ -203,6 +254,16 @@ - (void)securityDomainSession:(YKFSecurityDomainSessionCompletion _Nonnull)compl
     }];
 }
 
+- (void)securityDomainSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFSecurityDomainSessionCompletion _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFSecurityDomainSession sessionWithConnectionController:self.connectionController
+                                       scpKeyParams:scpKeyParams
+                                         completion:^(YKFSecurityDomainSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)executeRawCommand:(NSData *)data completion:(YKFRawComandCompletion)completion {
     YKFAPDU *apdu = [[YKFAPDU alloc] initWithData:data];
     [self.connectionController execute:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error, NSTimeInterval executionTime) {

YubiKit/YubiKit/Connections/NFCConnection/YKFNFCConnection.m

@@ -113,6 +113,16 @@ - (void)u2fSession:(YKFU2FSessionCompletionBlock _Nonnull)callback {
     }
 }
 
+- (void)u2fSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFU2FSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFU2FSession sessionWithConnectionController:self.connectionController
+                                      scpKeyParams:scpKeyParams
+                                        completion:^(YKFU2FSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)fido2Session:(YKFFIDO2SessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFFIDO2Session sessionWithConnectionController:self.connectionController
@@ -122,6 +132,16 @@ - (void)fido2Session:(YKFFIDO2SessionCompletionBlock _Nonnull)callback {
     }];
 }
 
+- (void)fido2Session:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFFIDO2SessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFFIDO2Session sessionWithConnectionController:self.connectionController
+                                        scpKeyParams:scpKeyParams
+                                          completion:^(YKFFIDO2Session *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)pivSession:(YKFPIVSessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFPIVSession sessionWithConnectionController:self.connectionController
@@ -131,6 +151,16 @@ - (void)pivSession:(YKFPIVSessionCompletionBlock _Nonnull)callback {
     }];
 }
 
+- (void)pivSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFPIVSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFPIVSession sessionWithConnectionController:self.connectionController
+                                      scpKeyParams:scpKeyParams
+                                        completion:^(YKFPIVSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)securityDomainSession:(YKFSecurityDomainSessionCompletion _Nonnull)completion {
     [self.currentSession clearSessionState];
     [YKFSecurityDomainSession sessionWithConnectionController:self.connectionController
@@ -140,6 +170,16 @@ - (void)securityDomainSession:(YKFSecurityDomainSessionCompletion _Nonnull)compl
     }];
 }
 
+- (void)securityDomainSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFSecurityDomainSessionCompletion _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFSecurityDomainSession sessionWithConnectionController:self.connectionController
+                                                 scpKeyParams:scpKeyParams
+                                                   completion:^(YKFSecurityDomainSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)challengeResponseSession:(YKFChallengeResponseSessionCompletionBlock _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFChallengeResponseSession sessionWithConnectionController:self.connectionController
@@ -149,6 +189,16 @@ - (void)challengeResponseSession:(YKFChallengeResponseSessionCompletionBlock _No
     }];
 }
 
+- (void)challengeResponseSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFChallengeResponseSessionCompletionBlock _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFChallengeResponseSession sessionWithConnectionController:self.connectionController
+                                                    scpKeyParams:scpKeyParams
+                                                      completion:^(YKFChallengeResponseSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)managementSession:(YKFManagementSessionCompletion _Nonnull)callback {
     [self.currentSession clearSessionState];
     [YKFManagementSession sessionWithConnectionController:self.connectionController
@@ -158,6 +208,16 @@ - (void)managementSession:(YKFManagementSessionCompletion _Nonnull)callback {
     }];
 }
 
+- (void)managementSession:(id<YKFSCPKeyParamsProtocol> _Nonnull)scpKeyParams completion:(YKFManagementSessionCompletion _Nonnull)completion {
+    [self.currentSession clearSessionState];
+    [YKFManagementSession sessionWithConnectionController:self.connectionController
+                                             scpKeyParams:scpKeyParams
+                                               completion:^(YKFManagementSession *_Nullable session, NSError * _Nullable error) {
+        self.currentSession = session;
+        completion(session, error);
+    }];
+}
+
 - (void)executeRawCommand:(NSData *)data completion:(YKFRawComandCompletion)completion {
     YKFAPDU *apdu = [[YKFAPDU alloc] initWithData:data];
     [self.connectionController execute:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error, NSTimeInterval executionTime) {

YubiKit/YubiKit/Connections/SCP/YKFSCPSecurityDomainSession+Private.h

@@ -30,11 +30,9 @@ typedef void (^YKFSecurityDomainSessionCompletion)(YKFSecurityDomainSession *_Nu
 + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
                              completion:(YKFSecurityDomainSessionCompletion _Nonnull)completion;
 
-//+ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
-//                           scpKeyParams:(nonnull id<YKFSCPKeyParamsProtocol>)scpKeyParams
-//                             completion:(YKFOATHSessionCompletion _Nonnull)completion;
-//
-
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(nonnull id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFSecurityDomainSessionCompletion _Nonnull)completion;
 
 @end
 

YubiKit/YubiKit/Connections/SCP/YKFSCPSecurityDomainSession.m

@@ -21,6 +21,9 @@
 #import "YKFSCPKeyRef.h"
 #import "YKFNSDataAdditions.h"
 #import "YKFNSDataAdditions+Private.h"
+#import "YKFSCPProcessor.h"
+#import "YKFSCPKeyParamsProtocol.h"
+
 @implementation YKFSecurityDomainSession
 
 + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
@@ -38,6 +41,33 @@ + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProto
     }];
 }
 
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFSecurityDomainSessionCompletion _Nonnull)completion {
+    YKFSecurityDomainSession *session = [YKFSecurityDomainSession new];
+    session.smartCardInterface = [[YKFSmartCardInterface alloc] initWithConnectionController:connectionController];
+    
+    YKFSelectApplicationAPDU *apdu = [[YKFSelectApplicationAPDU alloc] initWithApplicationName:YKFSelectApplicationAPDUNameSecurityDomain];
+    [session.smartCardInterface selectApplication:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error) {
+        if (error) {
+            completion(nil, error);
+        } else {
+            if (scpKeyParams) {
+                [YKFSCPProcessor processorWithSCPKeyParams:scpKeyParams sendRemainingIns:YKFSmartCardInterfaceSendRemainingInsNormal usingSmartCardInterface:session.smartCardInterface completion:^(YKFSCPProcessor * _Nullable processor, NSError * _Nullable error) {
+                    if (error) {
+                        completion(nil, error);
+                    } else {
+                        session.smartCardInterface.scpProcessor = processor;
+                        completion(session, nil);
+                    }
+                }];
+            } else {
+                completion(session, nil);
+            }
+        }
+    }];
+}
+
 - (void)getDataWithTag:(UInt16)tag data:(NSData * _Nullable)data  completion:(YKFSecurityDomainSessionDataCompletionBlock)completion {
     YKFAPDU *apdu = [[YKFAPDU alloc] initWithCla:0 ins:0xca p1:(uint8_t)(tag >> 8) p2:(uint8_t)(tag & 0xff) data:data type:YKFAPDUTypeExtended];
     [self.smartCardInterface executeCommand:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error) {

YubiKit/YubiKit/Connections/Shared/APDU/YKFAPDU.m

@@ -16,6 +16,7 @@
 #import "YKFAccessoryConnectionController.h"
 #import "YKFNSMutableDataAdditions.h"
 #import "YKFAssert.h"
+#import "YKFNSDataAdditions+Private.h"
 
 @interface YKFAPDU()
 

YubiKit/YubiKit/Connections/Shared/Sessions/ChalResp/YKFChallengeResponseSession+Private.h

@@ -16,7 +16,7 @@
 #import "YKFSessionProtocol+Private.h"
 #import "YKFChallengeResponseSession.h"
 
-@protocol YKFConnectionControllerProtocol;
+@protocol YKFConnectionControllerProtocol, YKFSCPKeyParamsProtocol;
 
 NS_ASSUME_NONNULL_BEGIN
 
@@ -26,6 +26,10 @@ typedef void (^YKFChallengeResponseSessionCompletion)(YKFChallengeResponseSessio
 + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
                                completion:(YKFChallengeResponseSessionCompletion _Nonnull)completion;
 
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(nonnull id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFChallengeResponseSessionCompletion _Nonnull)completion;
+
 @end
 
 NS_ASSUME_NONNULL_END

YubiKit/YubiKit/Connections/Shared/Sessions/ChalResp/YKFChallengeResponseSession.m

@@ -17,6 +17,8 @@
 #import "YKFChallengeResponseError.h"
 #import "YKFSessionError+Private.h"
 #import "YKFSelectApplicationAPDU.h"
+#import "YKFSCPProcessor.h"
+#import "YKFSCPKeyParamsProtocol.h"
 
 @implementation YKFChallengeResponseSession
 
@@ -36,6 +38,33 @@ + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProto
     }];
 }
 
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFChallengeResponseSessionCompletion _Nonnull)completion {
+    YKFChallengeResponseSession *session = [YKFChallengeResponseSession new];
+    session.smartCardInterface = [[YKFSmartCardInterface alloc] initWithConnectionController:connectionController];
+    
+    YKFSelectApplicationAPDU *apdu = [[YKFSelectApplicationAPDU alloc] initWithApplicationName:YKFSelectApplicationAPDUNameChalResp];
+    [session.smartCardInterface selectApplication:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error) {
+        if (error) {
+            completion(nil, error);
+        } else {
+            if (scpKeyParams) {
+                [YKFSCPProcessor processorWithSCPKeyParams:scpKeyParams sendRemainingIns:YKFSmartCardInterfaceSendRemainingInsNormal usingSmartCardInterface:session.smartCardInterface completion:^(YKFSCPProcessor * _Nullable processor, NSError * _Nullable error) {
+                    if (error) {
+                        completion(nil, error);
+                    } else {
+                        session.smartCardInterface.scpProcessor = processor;
+                        completion(session, nil);
+                    }
+                }];
+            } else {
+                completion(session, nil);
+            }
+        }
+    }];
+}
+
 - (void)sendChallenge:(nonnull NSData *)challenge slot:(YKFSlot)slot completion:(nonnull YKFChallengeResponseSessionResponseBlock)completion {
     YKFChalRespSendRequest *request = [[YKFChalRespSendRequest alloc] initWithChallenge:challenge slot: slot];
     [self.smartCardInterface executeCommand:request.apdu completion:^(NSData * _Nullable data, NSError * _Nullable error) {

YubiKit/YubiKit/Connections/Shared/Sessions/FIDO2/YKFFIDO2Session+Private.h

@@ -16,7 +16,7 @@
 #import "YKFSessionProtocol+Private.h"
 #import "YKFFIDO2Session.h"
 
-@protocol YKFConnectionControllerProtocol;
+@protocol YKFConnectionControllerProtocol, YKFSCPKeyParamsProtocol;
 
 NS_ASSUME_NONNULL_BEGIN
 
@@ -26,6 +26,10 @@ typedef void (^YKFFIDO2SessionCompletion)(YKFFIDO2Session *_Nullable, NSError* _
 + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
                                completion:(YKFFIDO2SessionCompletion _Nonnull)completion;
 
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(nonnull id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFFIDO2SessionCompletion _Nonnull)completion;
+
 @end
 
 NS_ASSUME_NONNULL_END

YubiKit/YubiKit/Connections/Shared/Sessions/FIDO2/YKFFIDO2Session.m

@@ -49,6 +49,9 @@
 #import "YKFSmartCardInterface.h"
 #import "YKFSelectApplicationAPDU.h"
 
+#import "YKFSCPProcessor.h"
+#import "YKFSCPKeyParamsProtocol.h"
+
 static const int YKFFIDO2RequestMaxRetries = 30; // times
 static const NSTimeInterval YKFFIDO2RequestRetryTimeInterval = 0.5; // seconds
 NSString* const YKFFIDO2OptionRK = @"rk";
@@ -100,6 +103,34 @@ + (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProto
     }];
 }
 
++ (void)sessionWithConnectionController:(nonnull id<YKFConnectionControllerProtocol>)connectionController
+                           scpKeyParams:(id<YKFSCPKeyParamsProtocol>)scpKeyParams
+                             completion:(YKFFIDO2SessionCompletion _Nonnull)completion {
+    YKFFIDO2Session *session = [YKFFIDO2Session new];
+    session.smartCardInterface = [[YKFSmartCardInterface alloc] initWithConnectionController:connectionController];
+    
+    YKFSelectApplicationAPDU *apdu = [[YKFSelectApplicationAPDU alloc] initWithApplicationName:YKFSelectApplicationAPDUNameFIDO2];
+    [session.smartCardInterface selectApplication:apdu completion:^(NSData * _Nullable data, NSError * _Nullable error) {
+        if (error) {
+            completion(nil, error);
+        } else {
+            if (scpKeyParams) {
+                [YKFSCPProcessor processorWithSCPKeyParams:scpKeyParams sendRemainingIns:YKFSmartCardInterfaceSendRemainingInsNormal usingSmartCardInterface:session.smartCardInterface completion:^(YKFSCPProcessor * _Nullable processor, NSError * _Nullable error) {
+                    if (error) {
+                        completion(nil, error);
+                    } else {
+                        session.smartCardInterface.scpProcessor = processor;
+                        completion(session, nil);
+                    }
+                }];
+            } else {
+                completion(session, nil);
+            }
+            [session updateKeyState:YKFFIDO2SessionKeyStateIdle];
+        }
+    }];
+}
+
 - (void)clearSessionState {
     [self clearUserVerification];
 }