allow get_assertion with disabled UP
This commit is contained in:
Conor Patrick
parent
f072561899
commit
c61f15a090
19
fido2/ctap.c
19
fido2/ctap.c
@ -438,7 +438,11 @@ static int ctap2_user_presence_test()
|
|||||||
{
|
{
|
||||||
device_set_status(CTAPHID_STATUS_UPNEEDED);
|
device_set_status(CTAPHID_STATUS_UPNEEDED);
|
||||||
int ret = ctap_user_presence_test(CTAP2_UP_DELAY_MS);
|
int ret = ctap_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||||
if ( ret > 0 )
|
if ( ret > 1 )
|
||||||
|
{
|
||||||
|
return CTAP2_ERR_PROCESSING;
|
||||||
|
}
|
||||||
|
else if ( ret > 0 )
|
||||||
{
|
{
|
||||||
return CTAP1_ERR_SUCCESS;
|
return CTAP1_ERR_SUCCESS;
|
||||||
}
|
}
|
||||||
@ -482,11 +486,19 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
|
|||||||
int but;
|
int but;
|
||||||
|
|
||||||
but = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
|
but = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||||
|
if (CTAP2_ERR_PROCESSING == but)
|
||||||
|
{
|
||||||
|
authData->head.flags = (0 << 0); // User presence disabled
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
check_retr(but);
|
check_retr(but);
|
||||||
|
authData->head.flags = (1 << 0); // User presence
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
device_set_status(CTAPHID_STATUS_PROCESSING);
|
device_set_status(CTAPHID_STATUS_PROCESSING);
|
||||||
|
|
||||||
authData->head.flags = (1 << 0); // User presence
|
|
||||||
authData->head.flags |= (ctap_is_pin_set() << 2);
|
authData->head.flags |= (ctap_is_pin_set() << 2);
|
||||||
|
|
||||||
|
|
||||||
@ -1236,8 +1248,9 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
|
device_disable_up(!GA.up);
|
||||||
ret = ctap_make_auth_data(&GA.rp, &map, auth_data_buf, &auth_data_buf_sz, NULL);
|
ret = ctap_make_auth_data(&GA.rp, &map, auth_data_buf, &auth_data_buf_sz, NULL);
|
||||||
|
device_disable_up(false);
|
||||||
check_retr(ret);
|
check_retr(ret);
|
||||||
|
|
||||||
((CTAP_authDataHeader *)auth_data_buf)->flags &= ~(1 << 2);
|
((CTAP_authDataHeader *)auth_data_buf)->flags &= ~(1 << 2);
|
||||||
|
|||||||
@ -53,7 +53,7 @@ void device_set_status(uint32_t status);
|
|||||||
int device_is_button_pressed();
|
int device_is_button_pressed();
|
||||||
|
|
||||||
// Test for user presence
|
// Test for user presence
|
||||||
// Return 1 for user is present, 0 user not present, -1 if cancel is requested.
|
// Return 2 for disabled, 1 for user is present, 0 user not present, -1 if cancel is requested.
|
||||||
int ctap_user_presence_test(uint32_t delay);
|
int ctap_user_presence_test(uint32_t delay);
|
||||||
|
|
||||||
// Generate @num bytes of random numbers to @dest
|
// Generate @num bytes of random numbers to @dest
|
||||||
@ -106,7 +106,7 @@ void device_set_clock_rate(DEVICE_CLOCK_RATE param);
|
|||||||
#define NFC_IS_AVAILABLE 2
|
#define NFC_IS_AVAILABLE 2
|
||||||
int device_is_nfc();
|
int device_is_nfc();
|
||||||
|
|
||||||
void request_from_nfc(bool request_active);
|
void device_disable_up(bool request_active);
|
||||||
|
|
||||||
void device_init_button();
|
void device_init_button();
|
||||||
|
|
||||||
|
|||||||
@ -118,9 +118,9 @@ void u2f_request_nfc(uint8_t * header, uint8_t * data, int datalen, CTAP_RESPONS
|
|||||||
if (!header)
|
if (!header)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
request_from_nfc(true); // disable presence test
|
device_disable_up(true); // disable presence test
|
||||||
u2f_request_ex((APDU_HEADER *)header, data, datalen, resp);
|
u2f_request_ex((APDU_HEADER *)header, data, datalen, resp);
|
||||||
request_from_nfc(false); // enable presence test
|
device_disable_up(false); // enable presence test
|
||||||
}
|
}
|
||||||
|
|
||||||
void u2f_request(struct u2f_request_apdu* req, CTAP_RESPONSE * resp)
|
void u2f_request(struct u2f_request_apdu* req, CTAP_RESPONSE * resp)
|
||||||
|
|||||||
10
pc/device.c
10
pc/device.c
@ -26,6 +26,7 @@
|
|||||||
#define RK_NUM 50
|
#define RK_NUM 50
|
||||||
|
|
||||||
bool use_udp = true;
|
bool use_udp = true;
|
||||||
|
static bool _up_disabled = false;
|
||||||
|
|
||||||
struct ResidentKeyStore {
|
struct ResidentKeyStore {
|
||||||
CTAP_residentKey rks[RK_NUM];
|
CTAP_residentKey rks[RK_NUM];
|
||||||
@ -299,6 +300,10 @@ void ctaphid_write_block(uint8_t * data)
|
|||||||
|
|
||||||
int ctap_user_presence_test(uint32_t d)
|
int ctap_user_presence_test(uint32_t d)
|
||||||
{
|
{
|
||||||
|
if (_up_disabled)
|
||||||
|
{
|
||||||
|
return 2;
|
||||||
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -633,10 +638,9 @@ int device_is_nfc()
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void device_disable_up(bool disable)
|
||||||
void request_from_nfc(bool request_active)
|
|
||||||
{
|
{
|
||||||
|
_up_disabled = disable;
|
||||||
}
|
}
|
||||||
|
|
||||||
void device_set_clock_rate(DEVICE_CLOCK_RATE param)
|
void device_set_clock_rate(DEVICE_CLOCK_RATE param)
|
||||||
|
|||||||
@ -45,7 +45,7 @@ uint32_t __last_update = 0;
|
|||||||
extern PCD_HandleTypeDef hpcd;
|
extern PCD_HandleTypeDef hpcd;
|
||||||
static int _NFC_status = 0;
|
static int _NFC_status = 0;
|
||||||
static bool isLowFreq = 0;
|
static bool isLowFreq = 0;
|
||||||
static bool _RequestComeFromNFC = false;
|
static bool _up_disabled = false;
|
||||||
|
|
||||||
// #define IS_BUTTON_PRESSED() (0 == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN))
|
// #define IS_BUTTON_PRESSED() (0 == (LL_GPIO_ReadInputPort(SOLO_BUTTON_PORT) & SOLO_BUTTON_PIN))
|
||||||
static int is_physical_button_pressed()
|
static int is_physical_button_pressed()
|
||||||
@ -92,8 +92,8 @@ static void edge_detect_touch_button()
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void request_from_nfc(bool request_active) {
|
void device_disable_up(bool disable) {
|
||||||
_RequestComeFromNFC = request_active;
|
_up_disabled = disable;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Timer6 overflow handler. happens every ~90ms.
|
// Timer6 overflow handler. happens every ~90ms.
|
||||||
@ -582,11 +582,17 @@ static int wait_for_button_release(uint32_t wait)
|
|||||||
int ctap_user_presence_test(uint32_t up_delay)
|
int ctap_user_presence_test(uint32_t up_delay)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
if (device_is_nfc() == NFC_IS_ACTIVE || _RequestComeFromNFC)
|
|
||||||
|
if (device_is_nfc() == NFC_IS_ACTIVE)
|
||||||
{
|
{
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (_up_disabled)
|
||||||
|
{
|
||||||
|
return 2;
|
||||||
|
}
|
||||||
|
|
||||||
#if SKIP_BUTTON_CHECK_WITH_DELAY
|
#if SKIP_BUTTON_CHECK_WITH_DELAY
|
||||||
int i=500;
|
int i=500;
|
||||||
while(i--)
|
while(i--)
|
||||||
|
|||||||
@ -731,10 +731,10 @@ void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
|
|||||||
printf1(TAG_NFC, "FIDO2 CTAP message. %d\r\n", timestamp());
|
printf1(TAG_NFC, "FIDO2 CTAP message. %d\r\n", timestamp());
|
||||||
|
|
||||||
// WTX_on(WTX_TIME_DEFAULT);
|
// WTX_on(WTX_TIME_DEFAULT);
|
||||||
request_from_nfc(true);
|
device_disable_up(true);
|
||||||
ctap_response_init(&ctap_resp);
|
ctap_response_init(&ctap_resp);
|
||||||
status = ctap_request(apdu->data, apdu->lc, &ctap_resp);
|
status = ctap_request(apdu->data, apdu->lc, &ctap_resp);
|
||||||
request_from_nfc(false);
|
device_disable_up(false);
|
||||||
// if (!WTX_off())
|
// if (!WTX_off())
|
||||||
// return;
|
// return;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user