WIP Update credential

Nitrokey · Aug 10, 2023 · 7ba8678 · 7ba8678
1 parent 2fcf1df
commit 7ba8678
Showing 1 changed file with 43 additions and 9 deletions.
diff --git a/pynitrokey/nk3/secrets_app.py b/pynitrokey/nk3/secrets_app.py
@@ -217,6 +217,7 @@ class Instruction(Enum):
     SetPIN = 0xB4
     GetCredential = 0xB5
     RenameCredential = 0xB6
+    UpdateCredential = 0xB7
 
 
 class Tag(Enum):
@@ -490,11 +491,37 @@ def get_credential(self, cred_id: bytes) -> PasswordSafeEntry:
         return p
 
     def rename_credential(self, cred_id: bytes, cred_new_id: bytes) -> None:
+        # structure = [
+        #     tlv8.Entry(Tag.CredentialId.value, cred_id),
+        #     tlv8.Entry(Tag.CredentialId.value, cred_new_id),
+        # ]
+        # self._send_receive(Instruction.RenameCredential, structure=structure)
+        return self.update_credential(cred_id, cred_new_id)
+
+    def update_credential(
+        self,
+        cred_id: bytes,
+        cred_new_id: Optional[bytes] = None,
+        login: Optional[bytes] = None,
+        password: Optional[bytes] = None,
+        metadata: Optional[bytes] = None,
+        touch_button: Optional[bool] = None,
+    ) -> None:
         structure = [
             tlv8.Entry(Tag.CredentialId.value, cred_id),
-            tlv8.Entry(Tag.CredentialId.value, cred_new_id),
+            tlv8.Entry(Tag.CredentialId.value, cred_new_id) if cred_new_id else None,
+            tlv8.Entry(Tag.Properties.value, b"\x01")
+            if touch_button is not None
+            else None,
+            tlv8.Entry(Tag.PwsLogin.value, login) if login is not None else None,
+            tlv8.Entry(Tag.PwsPassword.value, password)
+            if password is not None
+            else None,
+            tlv8.Entry(Tag.PwsMetadata.value, metadata)
+            if metadata is not None
+            else None,
         ]
-        self._send_receive(Instruction.RenameCredential, structure=structure)
+        self._send_receive(Instruction.UpdateCredential, structure=structure)
 
     def delete(self, cred_id: bytes) -> None:
         """
@@ -566,13 +593,7 @@ def register(
             tlv8.Entry(
                 Tag.Key.value, bytes([kind.value | algo.value, digits]) + secret
             ),
-            RawBytes(
-                [
-                    Tag.Properties.value,
-                    (0x02 if touch_button_required else 0x00)
-                    | (0x04 if pin_based_encryption else 0x00),
-                ]
-            ),
+            self.encode_properties_to_send(touch_button_required, pin_based_encryption),
             tlv8.Entry(
                 Tag.InitialCounter.value, initial_counter_value.to_bytes(4, "big")
             )
@@ -585,6 +606,19 @@ def register(
         structure = list(filter(lambda x: x is not None, structure))
         self._send_receive(Instruction.Put, structure)
 
+    @classmethod
+    def encode_properties_to_send(
+        cls, touch_button_required: bool, pin_based_encryption: bool
+    ) -> bytes:
+        r = RawBytes(
+            [
+                Tag.Properties.value,
+                (0x02 if touch_button_required else 0x00)
+                | (0x04 if pin_based_encryption else 0x00),
+            ]
+        )
+        return r
+
     def calculate(self, cred_id: bytes, challenge: Optional[int] = None) -> bytes:
         """
         Calculate the OTP code for the credential named `cred_id`, and with challenge `challenge`.