bootloader compiles

fido2/crypto.c

@@ -18,7 +18,7 @@
 #include "aes.h"
 #include "ctap.h"
 #include "device.h"
-#include "app.h"
+#include APP_CONFIG
 
 #ifdef USING_PC
 typedef enum

fido2/ctap.c

@@ -34,7 +34,7 @@
 #include "util.h"
 #include "log.h"
 #include "device.h"
-#include "app.h"
+#include APP_CONFIG
 #include "wallet.h"
 
 #include "device.h"

fido2/ctaphid.c

@@ -30,7 +30,7 @@
 #include "time.h"
 #include "util.h"
 #include "log.h"
-#include "app.h"
+#include APP_CONFIG
 
 typedef enum
 {
@@ -616,6 +616,7 @@ uint8_t ctaphid_handle_packet(uint8_t * pkt_raw)
             break;
 #endif
 #ifndef DISABLE_CTAPHID_CBOR
+#error rere
         case CTAPHID_CBOR:
             printf1(TAG_HID,"CTAPHID_CBOR\n");
 

fido2/device.h

@@ -90,4 +90,7 @@ void ctap_store_rk(int index,CTAP_residentKey * rk);
 void ctap_load_rk(int index,CTAP_residentKey * rk);
 void ctap_overwrite_rk(int index,CTAP_residentKey * rk);
 
+// Boot laoder application
+int bootloader_bridge(uint8_t klen, uint8_t * keyh);
+
 #endif

fido2/extensions/extensions.c

@@ -23,9 +23,66 @@
 #include "extensions.h"
 #include "u2f.h"
 #include "wallet.h"
+#include "device.h"
 
 #include "log.h"
 
+
+int is_extension_request(uint8_t * kh, int len)
+{
+    wallet_request * req = (wallet_request *) kh;
+
+    if (len < WALLET_MIN_LENGTH)
+        return 0;
+
+    return memcmp(req->tag, WALLET_TAG, sizeof(WALLET_TAG)-1) == 0;
+}
+
+
+int extension_needs_atomic_count(uint8_t klen, uint8_t * keyh)
+{
+    return ((wallet_request *) keyh)->operation == WalletRegister
+            || ((wallet_request *) keyh)->operation == WalletSign;
+}
+
+int16_t bridge_u2f_to_extensions(uint8_t * _chal, uint8_t * _appid, uint8_t klen, uint8_t * keyh)
+{
+    int8_t ret = 0;
+    uint32_t count;
+    uint8_t up = 1;
+    uint8_t sig[72];
+    if (extension_needs_atomic_count(klen, keyh))
+    {
+        count = ctap_atomic_count(0);
+    }
+    else
+    {
+        count = 10;
+    }
+
+    u2f_response_writeback(&up,1);
+    u2f_response_writeback((uint8_t *)&count,4);
+    u2f_response_writeback((uint8_t *)&ret,1);
+#ifdef IS_BOOTLOADER
+    ret = bootloader_bridge(klen, keyh);
+#else
+    ret = bridge_u2f_to_wallet(_chal, _appid, klen, keyh);
+#endif
+
+    if (ret != 0)
+    {
+        u2f_reset_response();
+        u2f_response_writeback(&up,1);
+        u2f_response_writeback((uint8_t *)&count,4);
+
+        memset(sig,0,sizeof(sig));
+        sig[0] = ret;
+        u2f_response_writeback(sig,72);
+    }
+
+    return U2F_SW_NO_ERROR;
+}
+
 int16_t extend_u2f(struct u2f_request_apdu* req, uint32_t len)
 {
 
@@ -37,7 +94,7 @@ int16_t extend_u2f(struct u2f_request_apdu* req, uint32_t len)
         if (req->p1 == U2F_AUTHENTICATE_CHECK)
         {
 
-            if (is_wallet_device((uint8_t *) &auth->kh, auth->khl))     // Pin requests
+            if (is_extension_request((uint8_t *) &auth->kh, auth->khl))     // Pin requests
             {
                 rcode =  U2F_SW_CONDITIONS_NOT_SATISFIED;
             }
@@ -50,13 +107,13 @@ int16_t extend_u2f(struct u2f_request_apdu* req, uint32_t len)
         }
         else
         {
-            if ( ! is_wallet_device((uint8_t *) &auth->kh, auth->khl))     // Pin requests
+            if ( ! is_extension_request((uint8_t *) &auth->kh, auth->khl))     // Pin requests
             {
                 rcode = U2F_SW_WRONG_PAYLOAD;
                 printf1(TAG_WALLET,"Ignoring U2F request\n");
                 goto end;
             }
-            rcode = bridge_u2f_to_wallet(auth->chal, auth->app, auth->khl, (uint8_t*)&auth->kh);
+            rcode = bridge_u2f_to_extensions(auth->chal, auth->app, auth->khl, (uint8_t*)&auth->kh);
         }
     }
     else if (req->ins == U2F_VERSION)

fido2/extensions/wallet.c

@@ -20,7 +20,7 @@
    SOFTWARE.
 */
 #include "wallet.h"
-#include "app.h"
+#include APP_CONFIG
 #include "ctap.h"
 #include "ctap_errors.h"
 #include "crypto.h"
@@ -52,26 +52,6 @@ typedef enum
 #endif
 
 
-typedef enum
-{
-    WalletSign = 0x10,
-    WalletRegister = 0x11,
-    WalletPin = 0x12,
-    WalletReset= 0x13,
-    WalletVersion= 0x14,
-    WalletRng = 0x15,
-} WalletOperation;
-
-int is_wallet_device(uint8_t * kh, int len)
-{
-    wallet_request * req = (wallet_request *) kh;
-
-    if (len < WALLET_MIN_LENGTH)
-        return 0;
-
-    return memcmp(req->tag, WALLET_TAG, sizeof(WALLET_TAG)-1) == 0;
-}
-
 // return 1 if hash is valid, 0 otherwise
 int check_pinhash(uint8_t * pinAuth, uint8_t * msg, uint8_t len)
 {
@@ -200,8 +180,7 @@ int16_t bridge_u2f_to_wallet(uint8_t * _chal, uint8_t * _appid, uint8_t klen, ui
     int reqlen = klen;
     int i;
     int8_t ret = 0;
-    uint32_t count;
-    uint8_t up = 1;
+
     uint8_t sig[200];
 
     uint8_t * args[5] = {NULL,NULL,NULL,NULL,NULL};
@@ -222,21 +201,6 @@ int16_t bridge_u2f_to_wallet(uint8_t * _chal, uint8_t * _appid, uint8_t klen, ui
 
     printf1(TAG_WALLET, "u2f2wallet [%d]: ",reqlen); dump_hex1(TAG_WALLET, msg_buf,reqlen);
 
-    if (req->operation == WalletRegister || req->operation == WalletSign)
-    {
-        count = ctap_atomic_count(0);
-    }
-    else
-    {
-        count = 10;
-    }
-
-    u2f_response_writeback(&up,1);
-    u2f_response_writeback((uint8_t *)&count,4);
-    u2f_response_writeback((uint8_t *)&ret,1);
-
-#ifndef IS_BOOTLOADER
-
     int offset = 0;
     for (i = 0; i < MIN(5,req->numArgs); i++)
     {
@@ -466,24 +430,8 @@ int16_t bridge_u2f_to_wallet(uint8_t * _chal, uint8_t * _appid, uint8_t klen, ui
             ret = CTAP1_ERR_INVALID_COMMAND;
             break;
     }
-#else
-    ret = bootloader_bridge(klen, keyh);
-#endif
 
 cleanup:
-    if (ret != 0)
-    {
-        u2f_reset_response();
-        u2f_response_writeback(&up,1);
-        u2f_response_writeback((uint8_t *)&count,4);
 
-        memset(sig,0,sizeof(sig));
-        sig[0] = ret;
-        u2f_response_writeback(sig,72);
-    }
-    else
-    {
-        /*u2f_response_writeback(sig,sizeof(sig));*/
-    }
-    return U2F_SW_NO_ERROR;
+    return ret;
 }

fido2/extensions/wallet.h

@@ -92,10 +92,21 @@ typedef struct
 }__attribute__((packed)) wallet_request;
 
 
-int16_t bridge_u2f_to_wallet(uint8_t * chal, uint8_t * appid, uint8_t klen, uint8_t * keyh);
+typedef enum
+{
+    WalletSign = 0x10,
+    WalletRegister = 0x11,
+    WalletPin = 0x12,
+    WalletReset= 0x13,
+    WalletVersion= 0x14,
+    WalletRng = 0x15,
+} WalletOperation;
+
+
+int16_t bridge_u2f_to_extensions(uint8_t * chal, uint8_t * appid, uint8_t klen, uint8_t * keyh);
 
 // return 1 if request is a wallet request
-int is_wallet_device(uint8_t * req, int len);
+int is_extension_request(uint8_t * req, int len);
 
 void wallet_init();
 

fido2/log.h

@@ -22,7 +22,7 @@
 #ifndef _LOG_H
 #define _LOG_H
 
-#include "app.h"
+#include APP_CONFIG 
 #include <stdint.h>
 
 #ifndef DEBUG_LEVEL

fido2/main.c

@@ -30,7 +30,7 @@
 #include "util.h"
 #include "log.h"
 #include "ctap.h"
-#include "app.h"
+#include APP_CONFIG
 
 #if !defined(TEST)
 

fido2/test_power.c

@@ -19,7 +19,7 @@
    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
    SOFTWARE.
 */
-#include "app.h"
+#include APP_CONFIG 
 #ifdef TEST_POWER
 
 /*

fido2/u2f.c

@@ -26,7 +26,7 @@
 #include "log.h"
 #include "device.h"
 #include "wallet.h"
-#include "app.h"
+#include APP_CONFIG
 
 // void u2f_response_writeback(uint8_t * buf, uint8_t len);
 static int16_t u2f_register(struct u2f_register_request * req);
@@ -284,8 +284,6 @@ static int16_t u2f_register(struct u2f_register_request * req)
 
     crypto_ecc256_load_attestation_key();
 
-    /*printf("check key handle size: %d vs %d\n", U2F_KEY_HANDLE_SIZE, sizeof(struct u2f_key_handle));*/
-
     printf1(TAG_U2F, "sha256: "); dump_hex1(TAG_U2F,hash,32);
     crypto_ecc256_sign(hash, 32, sig);