diff --git a/fido2/device.h b/fido2/device.h index ea46123..4692323 100644 --- a/fido2/device.h +++ b/fido2/device.h @@ -61,8 +61,8 @@ int ctap_user_presence_test(uint32_t delay); int ctap_generate_rng(uint8_t * dst, size_t num); // Increment atomic counter and return it. -// Must support two counters, @sel selects counter0 or counter1. -uint32_t ctap_atomic_count(int sel); +// @param amount the amount to increase the counter by. +uint32_t ctap_atomic_count(uint32_t amount); // Verify the user // return 1 if user is verified, 0 if not diff --git a/pc/device.c b/pc/device.c index ee6bae7..791f8c9 100644 --- a/pc/device.c +++ b/pc/device.c @@ -313,20 +313,11 @@ int ctap_user_verification(uint8_t arg) } -uint32_t ctap_atomic_count(int sel) +uint32_t ctap_atomic_count(uint32_t amount) { static uint32_t counter1 = 25; - /*return 713;*/ - if (sel == 0) - { - printf1(TAG_RED,"counter1: %d\n", counter1); - return counter1++; - } - else - { - printf2(TAG_ERR,"counter2 not imple\n"); - exit(1); - } + counter1 += amount; + return counter1; } int ctap_generate_rng(uint8_t * dst, size_t num) diff --git a/targets/stm32l432/src/device.c b/targets/stm32l432/src/device.c index 532c407..2a23cbe 100644 --- a/targets/stm32l432/src/device.c +++ b/targets/stm32l432/src/device.c @@ -407,7 +407,7 @@ void authenticator_write_state(AuthenticatorState * a, int backup) } } -uint32_t ctap_atomic_count(int sel) +uint32_t ctap_atomic_count(uint32_t amount) { int offset = 0; uint32_t * ptr = (uint32_t *)flash_addr(COUNTER1_PAGE); @@ -422,10 +422,12 @@ uint32_t ctap_atomic_count(int sel) uint32_t lastc = 0; - if (sel != 0) + if (amount == 0) { - printf2(TAG_ERR,"counter2 not imple\n"); - exit(1); + // Use a random count [1-16]. + uint8_t rng[1]; + ctap_generate_rng(rng, 1); + amount = (rng[1] & 0x0f) + 1; } for (offset = 0; offset < PAGE_SIZE/4; offset += 2) // wear-level the flash @@ -458,7 +460,7 @@ uint32_t ctap_atomic_count(int sel) return lastc; } - lastc++; + lastc += amount; if (lastc/256 > erases) {