refactor fromNFC

2019-02-26 14:07:27 -05:00 · 2019-02-26 14:07:27 -05:00 · 347d0942b1
commit 347d0942b1
parent ff0d42c8d5
7 changed files with 40 additions and 30 deletions
--- a/fido2/ctap.c
+++ b/fido2/ctap.c
@ -310,7 +310,7 @@ static int is_matching_rk(CTAP_residentKey * rk, CTAP_residentKey * rk2)
 }


-static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * auth_data_buf, unsigned int len, CTAP_userEntity * user, uint8_t credtype, int32_t algtype, int32_t * sz, int store, bool fromNFC)
+static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * auth_data_buf, unsigned int len, CTAP_userEntity * user, uint8_t credtype, int32_t algtype, int32_t * sz, int store)
 {
    CborEncoder cose_key;
    int auth_data_sz, ret;
@ -338,7 +338,7 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
    device_set_status(CTAPHID_STATUS_UPNEEDED);
 	// if NFC - not need to click a button
    int but = 1;
-	if(!fromNFC)
+	if(!device_is_nfc())
 	{
 		but = ctap_user_presence_test();
 	}
@ -552,7 +552,7 @@ int ctap_authenticate_credential(struct rpId * rp, CTAP_credentialDescriptor * d



-uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int length, bool fromNFC)
+uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int length)
 {
    CTAP_makeCredential MC;
    int ret;
@ -623,7 +623,7 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
    int32_t auth_data_sz;

    ret = ctap_make_auth_data(&MC.rp, &map, auth_data_buf, sizeof(auth_data_buf),
-            &MC.user, MC.publicKeyCredentialType, MC.COSEAlgorithmIdentifier, &auth_data_sz, MC.rk, fromNFC);
+            &MC.user, MC.publicKeyCredentialType, MC.COSEAlgorithmIdentifier, &auth_data_sz, MC.rk);

    check_retr(ret);

@ -963,7 +963,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
    return 0;
 }

-uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length, bool fromNFC)
+uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
 {
    CTAP_getAssertion GA;
    uint8_t auth_data_buf[sizeof(CTAP_authDataHeader)];
@ -1027,7 +1027,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length,
    else
 #endif
    {
-        ret = ctap_make_auth_data(&GA.rp, &map, auth_data_buf, sizeof(auth_data_buf), NULL, 0,0,NULL, 0, fromNFC);
+        ret = ctap_make_auth_data(&GA.rp, &map, auth_data_buf, sizeof(auth_data_buf), NULL, 0,0,NULL, 0);
        check_retr(ret);
    }

@ -1394,7 +1394,7 @@ void ctap_response_init(CTAP_RESPONSE * resp)
 }


-uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp, bool fromNFC)
+uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
 {
    CborEncoder encoder;
    uint8_t status = 0;
@ -1432,7 +1432,7 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp, bool f
            device_set_status(CTAPHID_STATUS_PROCESSING);
            printf1(TAG_CTAP,"CTAP_MAKE_CREDENTIAL\n");
            timestamp();
-            status = ctap_make_credential(&encoder, pkt_raw, length, fromNFC);
+            status = ctap_make_credential(&encoder, pkt_raw, length);
            printf1(TAG_TIME,"make_credential time: %d ms\n", timestamp());

            resp->length = cbor_encoder_get_buffer_size(&encoder, buf);
@ -1443,7 +1443,7 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp, bool f
            device_set_status(CTAPHID_STATUS_PROCESSING);
            printf1(TAG_CTAP,"CTAP_GET_ASSERTION\n");
            timestamp();
-            status = ctap_get_assertion(&encoder, pkt_raw, length, fromNFC);
+            status = ctap_get_assertion(&encoder, pkt_raw, length);
            printf1(TAG_TIME,"get_assertion time: %d ms\n", timestamp());

            resp->length = cbor_encoder_get_buffer_size(&encoder, buf);
--- a/fido2/ctap.h
+++ b/fido2/ctap.h
@ -260,7 +260,7 @@ typedef struct

 void ctap_response_init(CTAP_RESPONSE * resp);

-uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp, bool fromNFC);
+uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp);

 // Encodes R,S signature to 2 der sequence of two integers.  Sigder must be at least 72 bytes.
 // @return length of der signature
--- a/fido2/ctaphid.c
+++ b/fido2/ctaphid.c
@ -621,7 +621,7 @@ uint8_t ctaphid_handle_packet(uint8_t * pkt_raw)
            }
            is_busy = 1;
            ctap_response_init(&ctap_resp);
-            status = ctap_request(ctap_buffer, len, &ctap_resp, 0);
+            status = ctap_request(ctap_buffer, len, &ctap_resp);

            ctaphid_write_buffer_init(&wb);
            wb.cid = cid;
--- a/fido2/device.h
+++ b/fido2/device.h
@ -99,4 +99,9 @@ typedef enum {
 // 2: fastest clock rate.  Generally for USB interface.
 void device_set_clock_rate(DEVICE_CLOCK_RATE param);

+// Returns 1 if operating in NFC mode.
+// 0 otherwise.
+bool device_is_nfc();
+
+
 #endif
--- a/fido2/u2f.c
+++ b/fido2/u2f.c
@ -19,8 +19,8 @@

 // void u2f_response_writeback(uint8_t * buf, uint8_t len);
 #ifdef ENABLE_U2F
-static int16_t u2f_register(struct u2f_register_request * req, bool fromNFC);
-static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t control, bool fromNFC);
+static int16_t u2f_register(struct u2f_register_request * req);
+static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t control);
 #endif
 int8_t u2f_response_writeback(const uint8_t * buf, uint16_t len);
 void u2f_reset_response();
@ -28,7 +28,7 @@ void u2f_reset_response();

 static CTAP_RESPONSE * _u2f_resp = NULL;

-void u2f_request_ex(APDU_HEADER *req, uint8_t *payload, uint32_t len, CTAP_RESPONSE * resp, bool fromNFC)
+void u2f_request_ex(APDU_HEADER *req, uint8_t *payload, uint32_t len, CTAP_RESPONSE * resp)
 {
    uint16_t rcode = 0;
    uint8_t byte;
@ -60,7 +60,7 @@ void u2f_request_ex(APDU_HEADER *req, uint8_t *payload, uint32_t len, CTAP_RESPO
                {

                    timestamp();
-                    rcode = u2f_register((struct u2f_register_request*)payload, fromNFC);
+                    rcode = u2f_register((struct u2f_register_request*)payload);
                    printf1(TAG_TIME,"u2f_register time: %d ms\n", timestamp());

                }
@ -68,7 +68,7 @@ void u2f_request_ex(APDU_HEADER *req, uint8_t *payload, uint32_t len, CTAP_RESPO
            case U2F_AUTHENTICATE:
                printf1(TAG_U2F, "U2F_AUTHENTICATE\n");
                timestamp();
-                rcode = u2f_authenticate((struct u2f_authenticate_request*)payload, req->p1, fromNFC);
+                rcode = u2f_authenticate((struct u2f_authenticate_request*)payload, req->p1);
                printf1(TAG_TIME,"u2f_authenticate time: %d ms\n", timestamp());
                break;
            case U2F_VERSION:
@ -117,14 +117,14 @@ void u2f_request_nfc(uint8_t * req, int len, CTAP_RESPONSE * resp)

    uint32_t alen = req[4];

-	u2f_request_ex((APDU_HEADER *)req, &req[5], alen, resp, true);
+	u2f_request_ex((APDU_HEADER *)req, &req[5], alen, resp);
 }

 void u2f_request(struct u2f_request_apdu* req, CTAP_RESPONSE * resp)
 {
    uint32_t len = ((req->LC3) | ((uint32_t)req->LC2 << 8) | ((uint32_t)req->LC1 << 16));

-	u2f_request_ex((APDU_HEADER *)req, req->payload, len, resp, false);
+	u2f_request_ex((APDU_HEADER *)req, req->payload, len, resp);
 }

 int8_t u2f_response_writeback(const uint8_t * buf, uint16_t len)
@ -203,7 +203,7 @@ static int8_t u2f_appid_eq(struct u2f_key_handle * kh, uint8_t * appid)



-static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t control, bool fromNFC)
+static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t control)
 {

    uint8_t up = 1;
@ -237,7 +237,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
 	if (control == U2F_AUTHENTICATE_SIGN_NO_USER)
 		up = 0;

-	if(!fromNFC && up)
+	if(!device_is_nfc() && up)
 	{
 		if (ctap_user_presence_test() == 0)
 		{
@ -273,7 +273,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
    return U2F_SW_NO_ERROR;
 }

-static int16_t u2f_register(struct u2f_register_request * req, bool fromNFC)
+static int16_t u2f_register(struct u2f_register_request * req)
 {
    uint8_t i[] = {0x0,U2F_EC_FMT_UNCOMPRESSED};

@ -285,7 +285,7 @@ static int16_t u2f_register(struct u2f_register_request * req, bool fromNFC)

    const uint16_t attest_size = attestation_cert_der_size;

-	if(!fromNFC)
+	if(!device_is_nfc())
 	{
 		if ( ! ctap_user_presence_test())
 		{
--- a/targets/stm32l432/src/device.c
+++ b/targets/stm32l432/src/device.c
@ -40,8 +40,8 @@ uint32_t __90_ms = 0;
 uint32_t __device_status = 0;
 uint32_t __last_update = 0;
 extern PCD_HandleTypeDef hpcd;
-bool haveNFC = false;
-bool isLowFreq = 0;
+static bool haveNFC = 0;
+static bool isLowFreq = 0;

 #define IS_BUTTON_PRESSED()         (0  == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN))

@ -136,6 +136,11 @@ void device_init()

 }

+bool device_is_nfc()
+{
+    return haveNFC;
+}
+
 void wait_for_usb_tether()
 {
    while (USBD_OK != CDC_Transmit_FS((uint8_t*)"tethered\r\n", 10) )
--- a/targets/stm32l432/src/nfc.c
+++ b/targets/stm32l432/src/nfc.c
@ -157,7 +157,7 @@ bool nfc_write_response(uint8_t req0, uint16_t resp)
 	return nfc_write_response_ex(req0, NULL, 0, resp);
 }

-void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len, int keepgoing)
+void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
 {
    uint8_t res[32 + 2];
 	int sendlen = 0;
@ -178,7 +178,7 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len, int keep
 			memcpy(&res[1], &data[sendlen], vlen);

 			// if not a last block
-			if ((vlen + sendlen < len) || keepgoing)
+			if (vlen + sendlen < len)
 			{
 				res[0] |= 0x10;
 			}
@ -488,7 +488,7 @@ void nfc_process_iblock(uint8_t * buf, int len)
 			// 	return;

            printf1(TAG_NFC,"U2F Register P2 took %d\r\n", timestamp());
-            nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length, 0 );
+            nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);

 			// printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);

@ -522,7 +522,7 @@ void nfc_process_iblock(uint8_t * buf, int len)

 			printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
            printf1(TAG_NFC,"U2F Authenticate processing %d (took %d)\r\n", millis(), timestamp());
-			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length, 0);
+			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
            printf1(TAG_NFC,"U2F Authenticate answered %d (took %d)\r\n", millis(), timestamp);
        break;

@ -537,7 +537,7 @@ void nfc_process_iblock(uint8_t * buf, int len)

 			WTX_on(WTX_TIME_DEFAULT);
            ctap_response_init(&ctap_resp);
-            status = ctap_request(payload, plen, &ctap_resp, true);
+            status = ctap_request(payload, plen, &ctap_resp);
 			if (!WTX_off())
 				return;

@ -555,7 +555,7 @@ void nfc_process_iblock(uint8_t * buf, int len)
 			ctap_resp.data[ctap_resp.length - 1] = SW_SUCCESS & 0xff;

            printf1(TAG_NFC,"CTAP processing %d (took %d)\r\n", millis(), timestamp());
-			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length, 0);
+			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
            printf1(TAG_NFC,"CTAP answered %d (took %d)\r\n", millis(), timestamp());
        break;