shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Merge branch 'master' into bootloader-downgrade-protection

Browse Source
This commit is contained in:
Conor Patrick
2019-10-08 13:44:20 -04:00
committed by GitHub
parent a5e1dc2a0c 49d79fa5da
commit 08658eb11e
49 changed files with 1433 additions and 861 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
targets/stm32l432/src/ams.c
View File

@@ -8,21 +8,25 @@
#include "device.h"
#include "nfc.h"
static void flush_rx()
static void flush_rx(void)
{
while(LL_SPI_IsActiveFlag_RXNE(SPI1) != 0)
{
LL_SPI_ReceiveData8(SPI1);
}
}
static void wait_for_tx()
static void wait_for_tx(void)
{
// while (LL_SPI_IsActiveFlag_BSY(SPI1) == 1)
// ;
while(LL_SPI_GetTxFIFOLevel(SPI1) != LL_SPI_TX_FIFO_EMPTY)
;
}
static void wait_for_rx()
static void wait_for_rx(void)
{
while(LL_SPI_IsActiveFlag_RXNE(SPI1) == 0)
;
@@ -270,7 +274,7 @@ void ams_print_int1(uint8_t int0)
#endif
}
int ams_init()
int ams_init(void)
{
LL_GPIO_SetPinMode(SOLO_AMS_CS_PORT,SOLO_AMS_CS_PIN,LL_GPIO_MODE_OUTPUT);
LL_GPIO_SetOutputPin(SOLO_AMS_CS_PORT,SOLO_AMS_CS_PIN);
@@ -292,7 +296,7 @@ int ams_init()
return 0;
}
void ams_configure()
void ams_configure(void)
{
// Should not be used during passive operation.
uint8_t block[4];

4
targets/stm32l432/src/ams.h
View File

@@ -39,8 +39,8 @@ typedef union
#define SELECT() LL_GPIO_ResetOutputPin(SOLO_AMS_CS_PORT,SOLO_AMS_CS_PIN)
#define UNSELECT() LL_GPIO_SetOutputPin(SOLO_AMS_CS_PORT,SOLO_AMS_CS_PIN)
int ams_init();
void ams_configure();
int ams_init(void);
void ams_configure(void);
void ams_read_buffer(uint8_t * data, int len);
void ams_write_buffer(uint8_t * data, int len);

4
targets/stm32l432/src/app.h
View File

@@ -12,9 +12,13 @@
#define DEBUG_UART USART1
#ifndef DEBUG_LEVEL
// Enable the CDC ACM USB interface & debug logs (DEBUG_LEVEL > 0)
#define DEBUG_LEVEL 0
#endif
// Enable the CCID USB interface
// #define ENABLE_CCID
#define NON_BLOCK_PRINTING 0

19
targets/stm32l432/src/crypto.c
View File

@@ -61,12 +61,13 @@ static uint8_t master_secret[64];
static uint8_t transport_secret[32];
void crypto_sha256_init()
void crypto_sha256_init(void)
{
sha256_init(&sha256_ctx);
}
void crypto_sha512_init() {
void crypto_sha512_init(void)
{
cf_sha512_init(&sha512_ctx);
}
@@ -79,7 +80,7 @@ void crypto_load_master_secret(uint8_t * key)
memmove(transport_secret, key+64, 32);
}
void crypto_reset_master_secret()
void crypto_reset_master_secret(void)
{
memset(master_secret, 0, 64);
memset(transport_secret, 0, 32);
@@ -107,7 +108,8 @@ void crypto_sha256_final(uint8_t * hash)
sha256_final(&sha256_ctx, hash);
}
void crypto_sha512_final(uint8_t * hash) {
void crypto_sha512_final(uint8_t * hash)
{
// NB: there is also cf_sha512_digest
cf_sha512_digest_final(&sha512_ctx, hash);
}
@@ -183,14 +185,14 @@ void crypto_sha256_hmac_final(uint8_t * key, uint32_t klen, uint8_t * hmac)
}
void crypto_ecc256_init()
void crypto_ecc256_init(void)
{
uECC_set_rng((uECC_RNG_Function)ctap_generate_rng);
_es256_curve = uECC_secp256r1();
}
void crypto_ecc256_load_attestation_key()
void crypto_ecc256_load_attestation_key(void)
{
static uint8_t _key [32];
memmove(_key, (uint8_t*)ATTESTATION_KEY_ADDR, 32);
@@ -282,6 +284,11 @@ void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8
memmove(x,pubkey,32);
memmove(y,pubkey+32,32);
}
void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey)
{
uECC_compute_public_key(privkey, pubkey, _es256_curve);
}
void crypto_load_external_key(uint8_t * key, int len)
{

123
targets/stm32l432/src/device.c
View File

@@ -34,7 +34,7 @@
#define LOW_FREQUENCY 1
#define HIGH_FREQUENCY 0
void wait_for_usb_tether();
void wait_for_usb_tether(void);
uint32_t __90_ms = 0;
@@ -45,27 +45,60 @@ uint32_t __last_update = 0;
extern PCD_HandleTypeDef hpcd;
static int _NFC_status = 0;
static bool isLowFreq = 0;
static bool _RequestComeFromNFC = false;
static bool _up_disabled = false;
// #define IS_BUTTON_PRESSED() (0 == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN))
static int is_physical_button_pressed()
static int is_physical_button_pressed(void)
{
return (0 == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN));
}
static int is_touch_button_pressed()
static int is_touch_button_pressed(void)
{
return tsc_read_button(0) || tsc_read_button(1);
int is_pressed = (tsc_read_button(0) || tsc_read_button(1));
#ifndef IS_BOOTLOADER
if (is_pressed)
{
// delay for debounce, and longer than polling timer period.
delay(95);
return (tsc_read_button(0) || tsc_read_button(1));
}
#endif
return is_pressed;
}
int (*IS_BUTTON_PRESSED)() = is_physical_button_pressed;
void request_from_nfc(bool request_active) {
_RequestComeFromNFC = request_active;
static void edge_detect_touch_button(void)
{
static uint8_t last_touch = 0;
uint8_t current_touch = 0;
if (is_touch_button_pressed == IS_BUTTON_PRESSED)
{
current_touch = (tsc_read_button(0) || tsc_read_button(1));
// 1 sample per 25 ms
if ((millis() - __last_button_bounce_time) > 25)
{
// Detect "touch / rising edge"
if (!last_touch && current_touch)
{
__last_button_press_time = millis();
}
__last_button_bounce_time = millis();
last_touch = current_touch;
}
}
}
void device_disable_up(bool disable)
{
_up_disabled = disable;
}
// Timer6 overflow handler. happens every ~90ms.
void TIM6_DAC_IRQHandler()
void TIM6_DAC_IRQHandler(void)
{
// timer is only 16 bits, so roll it over here
TIM6->SR = 0;
@@ -78,19 +111,7 @@ void TIM6_DAC_IRQHandler()
}
}
if (is_touch_button_pressed == IS_BUTTON_PRESSED)
{
if (IS_BUTTON_PRESSED())
{
// Only allow 1 press per 25 ms.
if ((millis() - __last_button_bounce_time) > 25)
{
__last_button_press_time = millis();
}
__last_button_bounce_time = millis();
}
}
edge_detect_touch_button();
#ifndef IS_BOOTLOADER
// NFC sending WTX if needs
@@ -122,7 +143,7 @@ void USB_IRQHandler(void)
HAL_PCD_IRQHandler(&hpcd);
}
uint32_t millis()
uint32_t millis(void)
{
return (((uint32_t)TIM6->CNT) + (__90_ms * 90));
}
@@ -140,9 +161,8 @@ void device_set_status(uint32_t status)
__device_status = status;
}
int device_is_button_pressed()
int device_is_button_pressed(void)
{
return IS_BUTTON_PRESSED();
}
@@ -152,12 +172,13 @@ void delay(uint32_t ms)
while ((millis() - time) < ms)
;
}
void device_reboot()
void device_reboot(void)
{
NVIC_SystemReset();
}
void device_init_button()
void device_init_button(void)
{
if (tsc_sensor_exists())
{
@@ -207,12 +228,12 @@ void device_init(int argc, char *argv[])
}
int device_is_nfc()
int device_is_nfc(void)
{
return _NFC_status;
}
void wait_for_usb_tether()
void wait_for_usb_tether(void)
{
while (USBD_OK != CDC_Transmit_FS((uint8_t*)"tethered\r\n", 10) )
;
@@ -223,7 +244,7 @@ void wait_for_usb_tether()
;
}
void usbhid_init()
void usbhid_init(void)
{
if (!isLowFreq)
{
@@ -273,12 +294,12 @@ void ctaphid_write_block(uint8_t * data)
}
void usbhid_close()
void usbhid_close(void)
{
}
void main_loop_delay()
void main_loop_delay(void)
{
}
@@ -288,13 +309,14 @@ static uint32_t winkt1 = 0;
#ifdef LED_WINK_VALUE
static uint32_t winkt2 = 0;
#endif
void device_wink()
void device_wink(void)
{
wink_time = 10;
winkt1 = 0;
}
void heartbeat()
void heartbeat(void)
{
static int state = 0;
static uint32_t val = (LED_MAX_SCALER - LED_MIN_SCALER)/2;
@@ -363,7 +385,7 @@ void authenticator_read_backup_state(AuthenticatorState * a)
}
// Return 1 yes backup is init'd, else 0
int authenticator_is_backup_initialized()
int authenticator_is_backup_initialized(void)
{
uint8_t header[16];
uint32_t * ptr = (uint32_t *)flash_addr(STATE2_PAGE);
@@ -388,7 +410,7 @@ void authenticator_write_state(AuthenticatorState * a, int backup)
}
}
uint32_t ctap_atomic_count(int sel)
uint32_t ctap_atomic_count(uint32_t amount)
{
int offset = 0;
uint32_t * ptr = (uint32_t *)flash_addr(COUNTER1_PAGE);
@@ -403,10 +425,12 @@ uint32_t ctap_atomic_count(int sel)
uint32_t lastc = 0;
if (sel != 0)
if (amount == 0)
{
printf2(TAG_ERR,"counter2 not imple\n");
exit(1);
// Use a random count [1-16].
uint8_t rng[1];
ctap_generate_rng(rng, 1);
amount = (rng[0] & 0x0f) + 1;
}
for (offset = 0; offset < PAGE_SIZE/4; offset += 2) // wear-level the flash
@@ -439,7 +463,7 @@ uint32_t ctap_atomic_count(int sel)
return lastc;
}
lastc++;
lastc += amount;
if (lastc/256 > erases)
{
@@ -480,7 +504,7 @@ uint32_t ctap_atomic_count(int sel)
void device_manage()
void device_manage(void)
{
#if NON_BLOCK_PRINTING
int i = 10;
@@ -506,7 +530,7 @@ void device_manage()
#endif
}
static int handle_packets()
static int handle_packets(void)
{
static uint8_t hidmsg[HID_PACKET_SIZE];
memset(hidmsg,0, sizeof(hidmsg));
@@ -542,6 +566,7 @@ static int wait_for_button_activate(uint32_t wait)
} while (!IS_BUTTON_PRESSED());
return 0;
}
static int wait_for_button_release(uint32_t wait)
{
int ret;
@@ -563,11 +588,17 @@ static int wait_for_button_release(uint32_t wait)
int ctap_user_presence_test(uint32_t up_delay)
{
int ret;
if (device_is_nfc() == NFC_IS_ACTIVE || _RequestComeFromNFC)
if (device_is_nfc() == NFC_IS_ACTIVE)
{
return 1;
}
if (_up_disabled)
{
return 2;
}
#if SKIP_BUTTON_CHECK_WITH_DELAY
int i=500;
while(i--)
@@ -629,7 +660,7 @@ int ctap_user_verification(uint8_t arg)
return 1;
}
void ctap_reset_rk()
void ctap_reset_rk(void)
{
int i;
printf1(TAG_GREEN, "resetting RK \r\n");
@@ -639,7 +670,7 @@ void ctap_reset_rk()
}
}
uint32_t ctap_rk_size()
uint32_t ctap_rk_size(void)
{
return RK_NUM_PAGES * (PAGE_SIZE / sizeof(CTAP_residentKey));
}
@@ -701,7 +732,7 @@ void ctap_overwrite_rk(int index,CTAP_residentKey * rk)
}
}
void boot_st_bootloader()
void boot_st_bootloader(void)
{
__disable_irq();
@@ -713,7 +744,7 @@ void boot_st_bootloader()
;
}
void boot_solo_bootloader()
void boot_solo_bootloader(void)
{
LL_IWDG_Enable(IWDG);

4
targets/stm32l432/src/flash.c
View File

@@ -14,12 +14,12 @@
#include "log.h"
#include "device.h"
static void flash_lock()
static void flash_lock(void)
{
FLASH->CR |= (1U<<31);
}
static void flash_unlock()
static void flash_unlock(void)
{
if (FLASH->CR & FLASH_CR_LOCK)
{

21
targets/stm32l432/src/init.c
View File

@@ -28,6 +28,7 @@
#include "usbd_desc.h"
#include "usbd_hid.h"
#include "usbd_cdc.h"
#include "usbd_ccid.h"
#include "usbd_composite.h"
#include "usbd_cdc_if.h"
#include "device.h"
@@ -698,33 +699,33 @@ void SystemClock_Config_LF20(void)
SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_PWREN);
}
void init_usb()
void init_usb(void)
{
// enable USB power
SET_BIT(PWR->CR2, PWR_CR2_USV);
// Enable USB Clock
SET_BIT(RCC->APB1ENR1, RCC_APB1ENR1_USBFSEN);
#if DEBUG_LEVEL > 0
USBD_Composite_Set_Classes(&USBD_HID, &USBD_CDC);
#ifndef IS_BOOTLOADER
USBD_Composite_Set_Classes(&USBD_HID, &USBD_CCID, &USBD_CDC);
in_endpoint_to_class[HID_EPIN_ADDR & 0x7F] = 0;
out_endpoint_to_class[HID_EPOUT_ADDR & 0x7F] = 0;
in_endpoint_to_class[CDC_IN_EP & 0x7F] = 1;
out_endpoint_to_class[CDC_OUT_EP & 0x7F] = 1;
in_endpoint_to_class[CCID_IN_EP & 0x7F] = 1;
out_endpoint_to_class[CCID_OUT_EP & 0x7F] = 1;
in_endpoint_to_class[CDC_IN_EP & 0x7F] = 2;
out_endpoint_to_class[CDC_OUT_EP & 0x7F] = 2;
USBD_Init(&Solo_USBD_Device, &Solo_Desc, 0);
USBD_RegisterClass(&Solo_USBD_Device, &USBD_Composite);
// USBD_RegisterClass(&Solo_USBD_Device, &USBD_HID);
//
// USBD_RegisterClass(&Solo_USBD_Device, &USBD_CDC);
#if DEBUG_LEVEL > 0
USBD_CDC_RegisterInterface(&Solo_USBD_Device, &USBD_Interface_fops_FS);
#endif
#else
USBD_Init(&Solo_USBD_Device, &Solo_Desc, 0);
USBD_RegisterClass(&Solo_USBD_Device, &USBD_HID);
#endif
USBD_Start(&Solo_USBD_Device);
}

2
targets/stm32l432/src/init.h
View File

@@ -22,7 +22,7 @@
#ifndef _INIT_H_
#define _INIT_H_
void init_usb();
void init_usb(void);
void init_gpio(void);
void init_debug_uart(void);
void init_pwm(void);

3
targets/stm32l432/src/main.c
View File

@@ -57,10 +57,11 @@ void TIM6_DAC_IRQHandler()
__90_ms += 1;
}
uint32_t millis()
uint32_t millis(void)
{
return (((uint32_t)TIM6->CNT) + (__90_ms * 90));
}
void _Error_Handler(char *file, int line)
{
while(1)

305
targets/stm32l432/src/nfc.c
View File

@@ -14,6 +14,23 @@
#define IS_IRQ_ACTIVE() (1 == (LL_GPIO_ReadInputPort(SOLO_AMS_IRQ_PORT) & SOLO_AMS_IRQ_PIN))
// chain buffer for 61XX responses
static uint8_t chain_buffer[2048] = {0};
static size_t chain_buffer_len = 0;
static bool chain_buffer_tx = false;
static uint8_t current_cid = 0;
// forward declarations
void rblock_acknowledge(uint8_t req0, bool ack);
uint8_t p14443_have_cid(uint8_t pcb) {
// CID
if (pcb & 0x08)
return true;
else
return false;
}
uint8_t p14443_block_offset(uint8_t pcb) {
uint8_t offset = 1;
// NAD following
@@ -186,7 +203,7 @@ bool nfc_write_response_ex(uint8_t req0, uint8_t * data, uint8_t len, uint16_t r
return false;
res[0] = NFC_CMD_IBLOCK | (req0 & 0x0f);
res[1] = 0;
res[1] = current_cid;
res[2] = 0;
uint8_t block_offset = p14443_block_offset(req0);
@@ -213,7 +230,7 @@ bool nfc_write_response(uint8_t req0, uint16_t resp)
return nfc_write_response_ex(req0, NULL, 0, resp);
}
void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
void nfc_write_response_chaining_plain(uint8_t req0, uint8_t * data, int len)
{
uint8_t res[32 + 2];
uint8_t iBlock = NFC_CMD_IBLOCK | (req0 & 0x0f);
@@ -223,6 +240,8 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
{
uint8_t res[32] = {0};
res[0] = iBlock;
res[1] = current_cid;
res[2] = 0;
if (len && data)
memcpy(&res[block_offset], data, len);
nfc_write_frame(res, len + block_offset);
@@ -232,7 +251,7 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
// transmit I block
int vlen = MIN(32 - block_offset, len - sendlen);
res[0] = iBlock;
res[1] = 0;
res[1] = current_cid;
res[2] = 0;
memcpy(&res[block_offset], &data[sendlen], vlen);
@@ -263,6 +282,20 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
printf1(TAG_NFC, "R block RX timeout %d/%d.\r\n",sendlen,len);
break;
}
if (!IS_RBLOCK(recbuf[0]))
{
printf1(TAG_NFC, "R block RX error. Not a R block(0x%02x) %d/%d.\r\n", recbuf[0], sendlen, len);
break;
}
// NAK check
if (recbuf[0] & NFC_CMD_RBLOCK_ACK)
{
rblock_acknowledge(recbuf[0], true);
printf1(TAG_NFC, "R block RX error. NAK received. %d/%d.\r\n", recbuf[0], sendlen, len);
break;
}
uint8_t rblock_offset = p14443_block_offset(recbuf[0]);
if (reclen != rblock_offset)
@@ -284,6 +317,38 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
}
}
void append_get_response(uint8_t *data, size_t rest_len)
{
data[0] = 0x61;
data[1] = 0x00;
if (rest_len <= 0xff)
data[1] = rest_len & 0xff;
}
void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len, bool extapdu)
{
chain_buffer_len = 0;
chain_buffer_tx = true;
// if we dont need to break data to parts that need to exchange via GET RESPONSE command (ISO 7816-4 7.1.3)
if (len <= 255 || extapdu)
{
nfc_write_response_chaining_plain(req0, data, len);
} else {
size_t pcklen = MIN(253, len);
chain_buffer_len = len - pcklen;
printf1(TAG_NFC, "61XX chaining %d/%d.\r\n", pcklen, chain_buffer_len);
memmove(chain_buffer, data, pcklen);
append_get_response(&chain_buffer[pcklen], chain_buffer_len);
nfc_write_response_chaining_plain(req0, chain_buffer, pcklen + 2); // 2 for 61XX
// put the rest data into chain buffer
memmove(chain_buffer, &data[pcklen], chain_buffer_len);
}
}
// WTX on/off:
// sends/receives WTX frame to reader every `WTX_time` time in ms
// works via timer interrupts
@@ -294,7 +359,7 @@ static uint32_t WTX_timer;
bool WTX_process(int read_timeout);
void WTX_clear()
void WTX_clear(void)
{
WTX_sent = false;
WTX_fail = false;
@@ -309,7 +374,7 @@ bool WTX_on(int WTX_time)
return true;
}
bool WTX_off()
bool WTX_off(void)
{
WTX_timer = 0;
@@ -333,7 +398,7 @@ bool WTX_off()
return true;
}
void WTX_timer_exec()
void WTX_timer_exec(void)
{
// condition: (timer on) or (not expired[300ms])
if ((WTX_timer == 0) || WTX_timer + 300 > millis())
@@ -429,7 +494,9 @@ void rblock_acknowledge(uint8_t req0, bool ack)
NFC_STATE.block_num = !NFC_STATE.block_num;
buf[0] = NFC_CMD_RBLOCK | (req0 & 0x0f);
if (ack)
buf[1] = current_cid;
// iso14443-4:2001 page 16. ACK, if bit is set to 0, NAK, if bit is set to 1
if (!ack)
buf[0] |= NFC_CMD_RBLOCK_ACK;
nfc_write_frame(buf, block_offset);
@@ -483,37 +550,70 @@ int select_applet(uint8_t * aid, int len)
return APP_NOTHING;
}
void nfc_process_iblock(uint8_t * buf, int len)
void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
{
int selected;
CTAP_RESPONSE ctap_resp;
int status;
uint16_t reslen;
printf1(TAG_NFC,"Iblock: ");
dump_hex1(TAG_NFC, buf, len);
uint8_t block_offset = p14443_block_offset(buf[0]);
APDU_STRUCT apdu;
if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) {
printf1(TAG_NFC,"apdu decode error\r\n");
nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
return;
}
printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n",
apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
// check CLA
if (apdu.cla != 0x00 && apdu.cla != 0x80) {
printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu.cla);
nfc_write_response(buf[0], SW_CLA_INVALID);
if (apdu->cla != 0x00 && apdu->cla != 0x80) {
printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu->cla);
nfc_write_response(buf0, SW_CLA_INVALID);
return;
}
// TODO this needs to be organized better
switch(apdu.ins)
switch(apdu->ins)
{
// ISO 7816. 7.1 GET RESPONSE command
case APDU_GET_RESPONSE:
if (apdu->p1 != 0x00 || apdu->p2 != 0x00)
{
nfc_write_response(buf0, SW_INCORRECT_P1P2);
printf1(TAG_NFC, "P1 or P2 error\r\n");
return;
}
// too many bytes needs. 0x00 and 0x100 - any length
if (apdu->le != 0 && apdu->le != 0x100 && apdu->le > chain_buffer_len)
{
uint16_t wlresp = SW_WRONG_LENGTH; // here can be 6700, 6C00, 6FXX. but the most standard way - 67XX or 6700
if (chain_buffer_len <= 0xff)
wlresp += chain_buffer_len & 0xff;
nfc_write_response(buf0, wlresp);
printf1(TAG_NFC, "buffer length less than requesteds\r\n");
return;
}
// create temporary packet
uint8_t pck[255] = {0};
size_t pcklen = 253;
if (apdu->le)
pcklen = apdu->le;
if (pcklen > chain_buffer_len)
pcklen = chain_buffer_len;
printf1(TAG_NFC, "GET RESPONSE. pck len: %d buffer len: %d\r\n", pcklen, chain_buffer_len);
// create packet and add 61XX there if we have another portion(s) of data
memmove(pck, chain_buffer, pcklen);
size_t dlen = 0;
if (chain_buffer_len - pcklen)
{
append_get_response(&pck[pcklen], chain_buffer_len - pcklen);
dlen = 2;
}
// send
nfc_write_response_chaining_plain(buf0, pck, pcklen + dlen); // dlen for 61XX
// shift the buffer
chain_buffer_len -= pcklen;
memmove(chain_buffer, &chain_buffer[pcklen], chain_buffer_len);
break;
case APDU_INS_SELECT:
// if (apdu->p1 == 0 && apdu->p2 == 0x0c)
// {
@@ -529,49 +629,49 @@ void nfc_process_iblock(uint8_t * buf, int len)
// }
// else
{
selected = select_applet(apdu.data, apdu.lc);
selected = select_applet(apdu->data, apdu->lc);
if (selected == APP_FIDO)
{
nfc_write_response_ex(buf[0], (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
nfc_write_response_ex(buf0, (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
printf1(TAG_NFC, "FIDO applet selected.\r\n");
}
else if (selected != APP_NOTHING)
{
nfc_write_response(buf[0], SW_SUCCESS);
nfc_write_response(buf0, SW_SUCCESS);
printf1(TAG_NFC, "SELECTED %d\r\n", selected);
}
else
{
nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu.data, apdu.lc);
nfc_write_response(buf0, SW_FILE_NOT_FOUND);
printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu->data, apdu->lc);
}
}
break;
case APDU_FIDO_U2F_VERSION:
if (NFC_STATE.selected_applet != APP_FIDO) {
nfc_write_response(buf[0], SW_INS_INVALID);
nfc_write_response(buf0, SW_INS_INVALID);
break;
}
printf1(TAG_NFC, "U2F GetVersion command.\r\n");
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
break;
case APDU_FIDO_U2F_REGISTER:
if (NFC_STATE.selected_applet != APP_FIDO) {
nfc_write_response(buf[0], SW_INS_INVALID);
nfc_write_response(buf0, SW_INS_INVALID);
break;
}
printf1(TAG_NFC, "U2F Register command.\r\n");
if (apdu.lc != 64)
if (apdu->lc != 64)
{
printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu.lc);
nfc_write_response(buf[0], SW_WRONG_LENGTH);
printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu->lc);
nfc_write_response(buf0, SW_WRONG_LENGTH);
return;
}
@@ -582,61 +682,61 @@ void nfc_process_iblock(uint8_t * buf, int len)
// SystemClock_Config_LF32();
// delay(300);
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
// if (!WTX_off())
// return;
printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
printf1(TAG_NFC,"U2F Register P2 took %d\r\n", timestamp());
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
printf1(TAG_NFC,"U2F Register answered %d (took %d)\r\n", millis(), timestamp());
break;
case APDU_FIDO_U2F_AUTHENTICATE:
if (NFC_STATE.selected_applet != APP_FIDO) {
nfc_write_response(buf[0], SW_INS_INVALID);
nfc_write_response(buf0, SW_INS_INVALID);
break;
}
printf1(TAG_NFC, "U2F Authenticate command.\r\n");
if (apdu.lc != 64 + 1 + apdu.data[64])
if (apdu->lc != 64 + 1 + apdu->data[64])
{
delay(5);
printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu.lc, apdu.data[64]);
nfc_write_response(buf[0], SW_WRONG_LENGTH);
printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu->lc, apdu->data[64]);
nfc_write_response(buf0, SW_WRONG_LENGTH);
return;
}
timestamp();
// WTX_on(WTX_TIME_DEFAULT);
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
// if (!WTX_off())
// return;
printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
printf1(TAG_NFC,"U2F Authenticate processing %d (took %d)\r\n", millis(), timestamp());
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
printf1(TAG_NFC,"U2F Authenticate answered %d (took %d)\r\n", millis(), timestamp);
break;
case APDU_FIDO_NFCCTAP_MSG:
if (NFC_STATE.selected_applet != APP_FIDO) {
nfc_write_response(buf[0], SW_INS_INVALID);
nfc_write_response(buf0, SW_INS_INVALID);
return;
}
printf1(TAG_NFC, "FIDO2 CTAP message. %d\r\n", timestamp());
WTX_on(WTX_TIME_DEFAULT);
request_from_nfc(true);
// WTX_on(WTX_TIME_DEFAULT);
device_disable_up(true);
ctap_response_init(&ctap_resp);
status = ctap_request(apdu.data, apdu.lc, &ctap_resp);
request_from_nfc(false);
if (!WTX_off())
return;
status = ctap_request(apdu->data, apdu->lc, &ctap_resp);
device_disable_up(false);
// if (!WTX_off())
// return;
printf1(TAG_NFC, "CTAP resp: 0x%02x len: %d\r\n", status, ctap_resp.length);
@@ -652,48 +752,111 @@ void nfc_process_iblock(uint8_t * buf, int len)
ctap_resp.data[ctap_resp.length - 1] = SW_SUCCESS & 0xff;
printf1(TAG_NFC,"CTAP processing %d (took %d)\r\n", millis(), timestamp());
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
printf1(TAG_NFC,"CTAP answered %d (took %d)\r\n", millis(), timestamp());
break;
case APDU_INS_READ_BINARY:
// response length
reslen = apdu.le & 0xffff;
reslen = apdu->le & 0xffff;
switch(NFC_STATE.selected_applet)
{
case APP_CAPABILITY_CONTAINER:
printf1(TAG_NFC,"APP_CAPABILITY_CONTAINER\r\n");
if (reslen == 0 || reslen > sizeof(NFC_CC))
reslen = sizeof(NFC_CC);
nfc_write_response_ex(buf[0], (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
nfc_write_response_ex(buf0, (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
ams_wait_for_tx(10);
break;
case APP_NDEF_TAG:
printf1(TAG_NFC,"APP_NDEF_TAG\r\n");
if (reslen == 0 || reslen > sizeof(NDEF_SAMPLE) - 1)
reslen = sizeof(NDEF_SAMPLE) - 1;
nfc_write_response_ex(buf[0], NDEF_SAMPLE, reslen, SW_SUCCESS);
nfc_write_response_ex(buf0, NDEF_SAMPLE, reslen, SW_SUCCESS);
ams_wait_for_tx(10);
break;
default:
nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
nfc_write_response(buf0, SW_FILE_NOT_FOUND);
printf1(TAG_ERR, "No binary applet selected!\r\n");
return;
break;
}
break;
case APDU_SOLO_RESET:
if (apdu->lc == 4 && !memcmp(apdu->data, "\x12\x56\xab\xf0", 4)) {
printf1(TAG_NFC, "Reset...\r\n");
nfc_write_response(buf0, SW_SUCCESS);
delay(20);
device_reboot();
while(1);
} else {
printf1(TAG_NFC, "Reset FAIL\r\n");
nfc_write_response(buf0, SW_INS_INVALID);
}
break;
default:
printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu.ins);
nfc_write_response(buf[0], SW_INS_INVALID);
printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu->ins);
nfc_write_response(buf0, SW_INS_INVALID);
break;
}
}
void nfc_process_iblock(uint8_t * buf, int len)
{
uint8_t block_offset = p14443_block_offset(buf[0]);
// clear tx chain buffer if we have some other command than GET RESPONSE
if (chain_buffer_tx && buf[block_offset + 1] != APDU_GET_RESPONSE) {
chain_buffer_len = 0;
chain_buffer_tx = false;
}
APDU_STRUCT apdu;
uint16_t ret = apdu_decode(buf + block_offset, len - block_offset, &apdu);
if (ret != 0) {
printf1(TAG_NFC,"apdu decode error\r\n");
nfc_write_response(buf[0], ret);
return;
}
printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n",
apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
// APDU level chaining. ISO7816-4, 5.1.1. class byte
if (!chain_buffer_tx && buf[block_offset] & 0x10) {
if (chain_buffer_len + len > sizeof(chain_buffer)) {
nfc_write_response(buf[0], SW_WRONG_LENGTH);
return;
}
memmove(&chain_buffer[chain_buffer_len], apdu.data, apdu.lc);
chain_buffer_len += apdu.lc;
nfc_write_response(buf[0], SW_SUCCESS);
printf1(TAG_NFC, "APDU chaining ok. %d/%d\r\n", apdu.lc, chain_buffer_len);
return;
}
// if we have ISO 7816 APDU chain - move there all the data
if (!chain_buffer_tx && chain_buffer_len > 0) {
memmove(&apdu.data[chain_buffer_len], apdu.data, apdu.lc);
memmove(apdu.data, chain_buffer, chain_buffer_len);
apdu.lc += chain_buffer_len; // here apdu struct does not match with memory!
printf1(TAG_NFC, "APDU chaining merge. %d/%d\r\n", chain_buffer_len, apdu.lc);
}
apdu_process(buf[0], &buf[block_offset], &apdu);
printf1(TAG_NFC,"prev.Iblock: ");
dump_hex1(TAG_NFC, buf, len);
}
static uint8_t ibuf[1024];
static int ibuflen = 0;
void clear_ibuf()
void clear_ibuf(void)
{
ibuflen = 0;
memset(ibuf, 0, sizeof(ibuf));
@@ -719,9 +882,11 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
else if (IS_IBLOCK(buf[0]))
{
uint8_t block_offset = p14443_block_offset(buf[0]);
if (p14443_have_cid(buf[0]))
current_cid = buf[1];
if (buf[0] & 0x10)
{
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d\r\n", ibuflen, len);
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d offs=%d\r\n", ibuflen, len, block_offset);
if (ibuflen + len > sizeof(ibuf))
{
printf1(TAG_NFC, "I block memory error! must have %d but have only %d\r\n", ibuflen + len, sizeof(ibuf));
@@ -754,21 +919,24 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
memmove(ibuf, buf, block_offset);
ibuflen += block_offset;
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d\r\n", ibuflen, len);
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d offset=%d\r\n", ibuflen, len, block_offset);
printf1(TAG_NFC_APDU,"i> ");
dump_hex1(TAG_NFC_APDU, buf, len);
nfc_process_iblock(ibuf, ibuflen);
} else {
nfc_process_iblock(buf, len);
memcpy(ibuf, buf, len); // because buf only 32b
nfc_process_iblock(ibuf, len);
}
clear_ibuf();
}
}
else if (IS_RBLOCK(buf[0]))
{
rblock_acknowledge(buf[0], false);
if (p14443_have_cid(buf[0]))
current_cid = buf[1];
rblock_acknowledge(buf[0], true);
printf1(TAG_NFC, "NFC_CMD_RBLOCK\r\n");
}
else if (IS_SBLOCK(buf[0]))
@@ -777,7 +945,10 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
if ((buf[0] & NFC_SBLOCK_DESELECT) == 0)
{
printf1(TAG_NFC, "NFC_CMD_SBLOCK, DESELECTED\r\n");
nfc_write_frame(buf, 1);
uint8_t block_offset = p14443_block_offset(buf[0]);
if (p14443_have_cid(buf[0]))
current_cid = buf[1];
nfc_write_frame(buf, block_offset);
ams_wait_for_tx(2);
ams_write_command(AMS_CMD_SLEEP);
nfc_state_init();
@@ -798,7 +969,7 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
}
}
int nfc_loop()
int nfc_loop(void)
{
uint8_t buf[32];
AMS_DEVICE ams;

12
targets/stm32l432/src/nfc.h
View File

@@ -6,9 +6,9 @@
#include "apdu.h"
// Return number of bytes read if any.
int nfc_loop();
int nfc_loop(void);
int nfc_init();
int nfc_init(void);
typedef struct
{
@@ -34,9 +34,9 @@ typedef struct
#define IS_PPSS_CMD(x) (((x) & 0xf0) == NFC_CMD_PPSS)
#define NFC_CMD_IBLOCK 0x00
#define IS_IBLOCK(x) ( (((x) & 0xc0) == NFC_CMD_IBLOCK) && (((x) & 0x02) == 0x02) )
#define NFC_CMD_RBLOCK 0x80
#define NFC_CMD_RBLOCK_ACK 0x20
#define IS_RBLOCK(x) ( (((x) & 0xc0) == NFC_CMD_RBLOCK) && (((x) & 0x02) == 0x02) )
#define NFC_CMD_RBLOCK 0xa0
#define NFC_CMD_RBLOCK_ACK 0x10
#define IS_RBLOCK(x) ( (((x) & 0xe0) == NFC_CMD_RBLOCK) && (((x) & 0x02) == 0x02) )
#define NFC_CMD_SBLOCK 0xc0
#define IS_SBLOCK(x) ( (((x) & 0xc0) == NFC_CMD_SBLOCK) && (((x) & 0x02) == 0x02) )
@@ -61,6 +61,6 @@ typedef enum
APP_FIDO,
} APPLETS;
void WTX_timer_exec();
void WTX_timer_exec(void);
#endif

8
targets/stm32l432/src/sense.c
View File

@@ -8,7 +8,7 @@
#define ELECTRODE_0 TSC_GROUP2_IO1
#define ELECTRODE_1 TSC_GROUP2_IO2
void tsc_init()
void tsc_init(void)
{
LL_GPIO_InitTypeDef GPIO_InitStruct;
// Enable TSC clock
@@ -74,7 +74,7 @@ void tsc_set_electrode(uint32_t channel_ids)
TSC->IOCCR = (channel_ids);
}
void tsc_start_acq()
void tsc_start_acq(void)
{
TSC->CR &= ~(TSC_CR_START);
@@ -86,7 +86,7 @@ void tsc_start_acq()
TSC->CR |= TSC_CR_START;
}
void tsc_wait_on_acq()
void tsc_wait_on_acq(void)
{
while ( ! (TSC->ISR & TSC_FLAG_EOA) )
;
@@ -117,7 +117,7 @@ uint32_t tsc_read_button(uint32_t index)
return tsc_read(1) < 45;
}
int tsc_sensor_exists()
int tsc_sensor_exists(void)
{
static uint8_t does = 0;
if (does) return 1;

4
targets/stm32l432/src/sense.h
View File

@@ -3,9 +3,9 @@
#include <stdint.h>
void tsc_init();
void tsc_init(void);
int tsc_sensor_exists();
int tsc_sensor_exists(void);
// Read button0 or button1
// Returns 1 if pressed, 0 if not.