Present smart card related information in the About window (Improvement Request)

Nitrokey / nitrokey-app

Nitrokey's Application (Win, Linux, Mac)

https://www.nitrokey.com/

288 stars 55 forks source link

Present smart card related information in the About window (Improvement Request) #407

Open Peacekeeper2000 opened 5 years ago

Peacekeeper2000 commented 5 years ago

Currently it is difficult to identfy, which Version of a key is pluged in or in scope of the App. Would be nice to have more information about the Token.

Application version: [1.3.2]
Operating system: [macOS, 10.14.4, 64 bits ]
Device model and firmware version: [Pro v0.7/ v0.9 ]
Connected USB port type: [3.0]
Issue occurrency: [always]

Expected behaviour

More information like :

Produkt Name and Version
Application ID from SM
Name of card holder
... more from gpg --card-status

Current behaviour

While gpg --card-status is throwing a lot of information about the Token, only the FW and Card S/N are shown in the About-Window.

Also with gpg --card-status it is not clear, which version of NK Pro is püluged in. There is no clear alignment e.g. Version 2.1 ==> Version 1 of NK Pro Version 3.3 ==> Version 2 of NK Pro

szszszsz commented 5 years ago

Confirmed - application is not showing the smart card version, and thus one needs to use gpg to check the model of the connected device (is it Pro v1 or v2). There is a plan to communicate with the smart card directly, but it needs to change the underlying App's USB driver to libusb. Added proper label.

Peacekeeper2000 commented 5 years ago

I understand your idea of communicating directly, but would it not be possible to use the current information you get ( like you get FW and SN) to just show some of the data. You anyhow need to translate a "SM Version 2.1" to "NK Pro Version 1" So you could build an intzerim solution that might already fit the needs ?

szszszsz commented 5 years ago

Since the last mass update of the Nitrokey Pro, there is now no direct dependency between the firmware version and the supplied OpenPGP smart card I am afraid. Other solution is to ask the device itself, but this would require firmware update, which would again cut off some of the actual Nitrokey Pro v2 in the field. I am pretty sure SN counter is independent for both OpenPGP smart card versions, but I have not checked that - do you have other experience?

szszszsz commented 5 years ago

Another possibility is to parse GnuPG output, or talk via the gpg-agent - that should be faster to achieve actually.

Peacekeeper2000 commented 5 years ago

Hmm, I wonder why you not call the USB reader diffrent - currently it is in both versions called

Reader ...........: Nitrokey Nitrokey Pro So this might be a independent fix from the firmware version number.

Peacekeeper2000 commented 5 years ago

Yepp, that was also my idea to parse the output, but then you would be sure that gpg is installed, what is not the case from a macOS point of view

szszszsz commented 5 years ago

Exactly my concern. It could be optional though for the time being, until it would be moved to libusb.

Peacekeeper2000 commented 5 years ago

Yes, you might test if gpg is available ( or cmd failed ) and then either parse or "say sorry no gpg available "