diff --git a/Makefile b/Makefile index 44531f3..0cf4f9c 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ ecc_platform=2 -src = pc/device.c # pc/main.c +src = pc/device.c pc/main.c obj = $(src:.c=.o) @@ -21,20 +21,20 @@ ifeq ($(shell uname -s),Darwin) else export LDFLAGS = -Wl,--gc-sections endif -LDFLAGS += $(LIBCBOR) $(LIBSOLO) +LDFLAGS += $(LIBSOLO) $(LIBCBOR) CFLAGS = -O2 -fdata-sections -ffunction-sections -g ECC_CFLAGS = -O2 -fdata-sections -ffunction-sections -DuECC_PLATFORM=$(ecc_platform) -INCLUDES = -I./fido2/ -I./pc -I../pc -I./tinycbor/src +INCLUDES = -I../ -I./fido2/ -I./pc -I../pc -I./tinycbor/src CFLAGS += $(INCLUDES) CFLAGS += -DAES256=1 -DSOLO_EXPERIMENTAL=1 -DDEBUG_LEVEL=1 name = main -.PHONY: all $(LIBCBOR) black blackcheck cppcheck wink fido2-test clean full-clean travis test clean version +.PHONY: all $(LIBCBOR) $(LIBSOLO) black blackcheck cppcheck wink fido2-test clean full-clean travis test clean version all: main tinycbor/Makefile crypto/tiny-AES-c/aes.c: diff --git a/fido2/Makefile b/fido2/Makefile index e0df118..93958cc 100644 --- a/fido2/Makefile +++ b/fido2/Makefile @@ -15,7 +15,7 @@ INT_CFLAGS += $(SOLO_VERSION_FLAGS) SRC = apdu.c util.c u2f.c test_power.c SRC += stubs.c log.c ctaphid.c ctap.c -SRC += ctap_parse.c crypto.c main.c +SRC += ctap_parse.c crypto.c SRC += device.c SRC += version.c SRC += data_migration.c diff --git a/fido2/ctaphid.c b/fido2/ctaphid.c index f1e808c..3d1420f 100644 --- a/fido2/ctaphid.c +++ b/fido2/ctaphid.c @@ -275,7 +275,7 @@ static void ctaphid_write(CTAPHID_WRITE_BUFFER * wb, void * _data, int len) if (wb->offset > 0) { memset(wb->buf + wb->offset, 0, HID_MESSAGE_SIZE - wb->offset); - ctaphid_write_block(wb->buf); + usbhid_send(wb->buf); } return; } @@ -304,7 +304,7 @@ static void ctaphid_write(CTAPHID_WRITE_BUFFER * wb, void * _data, int len) wb->bytes_written += 1; if (wb->offset == HID_MESSAGE_SIZE) { - ctaphid_write_block(wb->buf); + usbhid_send(wb->buf); wb->offset = 0; } } diff --git a/fido2/device.c b/fido2/device.c index 3ebe677..2e33e1d 100644 --- a/fido2/device.c +++ b/fido2/device.c @@ -13,11 +13,14 @@ * with some other platform specific implementation. * */ - #include +#include #include +#include "ctaphid.h" +#include "log.h" #include APP_CONFIG +static bool _up_disabled = false; static uint8_t _attestation_cert_der[] = "\x30\x82\x01\xfb\x30\x82\x01\xa1\xa0\x03\x02\x01\x02\x02\x01\x00\x30\x0a\x06\x08" @@ -47,9 +50,9 @@ static uint8_t _attestation_cert_der[] = "\x06\xf1\xe3\xab\x16\x21\x8e\xd8\xc0\x14\xaf\x09\x4f\x5b\x73\xef\x5e\x9e\x4b\xe7" "\x35\xeb\xdd\x9b\x6d\x8f\x7d\xf3\xc4\x3a\xd7"; -uint8_t * attestation_cert_der = _attestation_cert_der; +__attribute__((weak)) const uint8_t * attestation_cert_der = _attestation_cert_der; -uint8_t * device_get_attestation_key(){ +__attribute__((weak)) uint8_t * device_get_attestation_key(){ static uint8_t attestation_key[] = "\xcd\x67\xaa\x31\x0d\x09\x1e\xd1\x6e\x7e\x98\x92\xaa" "\x07\x0e\x19\x94\xfc\xd7\x14\xae\x7c\x40\x8f\xb9\x46" @@ -57,7 +60,76 @@ uint8_t * device_get_attestation_key(){ return attestation_key; } -uint16_t device_attestation_cert_der_get_size(){ +__attribute__((weak)) uint16_t device_attestation_cert_der_get_size(){ return sizeof(_attestation_cert_der)-1; } +__attribute__((weak)) void device_reboot() +{ + printf1(TAG_RED, "REBOOT command recieved!\r\n"); + exit(100); +} + +__attribute__((weak)) void device_set_status(uint32_t status) +{ + static uint32_t __device_status = 0; + if (status != CTAPHID_STATUS_IDLE && __device_status != status) + { + ctaphid_update_status(status); + } + __device_status = status; +} + + +__attribute__((weak)) void usbhid_close(){/**/} + + +__attribute__((weak)) void device_init(int argc, char *argv[]){/**/} + +__attribute__((weak)) void device_disable_up(bool disable) +{ + _up_disabled = disable; +} + +__attribute__((weak)) int ctap_user_presence_test(uint32_t d) +{ + if (_up_disabled) + { + return 2; + } + return 1; +} + +__attribute__((weak)) int ctap_user_verification(uint8_t arg) +{ + return 1; +} + +__attribute__((weak)) uint32_t ctap_atomic_count(uint32_t amount) +{ + static uint32_t counter1 = 25; + counter1 += (amount + 1); + return counter1; +} + + +__attribute__((weak)) int ctap_generate_rng(uint8_t * dst, size_t num) +{ + int i; + printf1(TAG_ERR, "Insecure RNG being used.\r\n"); + for (i = 0; i < num; i++){ + dst[i] = (uint8_t)rand(); + } +} + +__attribute__((weak)) int device_is_nfc() +{ + return 0; +} + +__attribute__((weak)) void device_wink() +{ + printf1(TAG_GREEN,"*WINK*\n"); +} + +__attribute__((weak)) void device_set_clock_rate(DEVICE_CLOCK_RATE param){/**/} \ No newline at end of file diff --git a/pc/device.c b/pc/device.c index 78f5f2c..19c4d78 100644 --- a/pc/device.c +++ b/pc/device.c @@ -11,7 +11,6 @@ #include #include #include -#include #include #include #include @@ -25,8 +24,7 @@ #define RK_NUM 50 -bool use_udp = true; -static bool _up_disabled = false; +static bool use_udp = true; struct ResidentKeyStore { CTAP_residentKey rks[RK_NUM]; @@ -34,21 +32,6 @@ struct ResidentKeyStore { void authenticator_initialize(); -uint32_t __device_status = 0; -void device_set_status(uint32_t status) -{ - if (status != CTAPHID_STATUS_IDLE && __device_status != status) - { - ctaphid_update_status(status); - } - __device_status = status; -} - -void device_reboot() -{ - printf1(TAG_RED, "REBOOT command recieved!\r\n"); - exit(100); -} int udp_server() { @@ -193,7 +176,7 @@ int usbhid_recv(uint8_t * msg) } // Send 64 byte USB HID message -void usbhid_send(uint8_t * msg) +static void _usbhid_send(uint8_t * msg) { if (use_udp) { @@ -208,6 +191,12 @@ void usbhid_send(uint8_t * msg) } } } +void usbhid_send(uint8_t * msg) +{ + _usbhid_send(msg); +} + + void usbhid_close() { @@ -272,14 +261,6 @@ void device_init(int argc, char *argv[]) } -void main_loop_delay() -{ - struct timespec ts; - ts.tv_sec = 0; - ts.tv_nsec = 1000*1000*100; - nanosleep(&ts,NULL); -} - void delay(uint32_t ms) { struct timespec ts; @@ -289,40 +270,6 @@ void delay(uint32_t ms) } -void heartbeat() -{ - -} - -void ctaphid_write_block(uint8_t * data) -{ - /*printf("<< "); dump_hex(data, 64);*/ - usbhid_send(data); -} - - -int ctap_user_presence_test(uint32_t d) -{ - if (_up_disabled) - { - return 2; - } - return 1; -} - -int ctap_user_verification(uint8_t arg) -{ - return 1; -} - - -uint32_t ctap_atomic_count(uint32_t amount) -{ - static uint32_t counter1 = 25; - counter1 += (amount + 1); - return counter1; -} - int ctap_generate_rng(uint8_t * dst, size_t num) { int ret; @@ -458,12 +405,6 @@ int authenticator_is_backup_initialized() } -// Return 1 yes backup is init'd, else 0 -/*int authenticator_is_initialized()*/ -/*{*/ - - -/*}*/ static void sync_rk() { @@ -569,18 +510,11 @@ void authenticator_initialize() } } -void device_manage() -{ - -} - - void ctap_reset_rk() { memset(&RK_STORE,0xff,sizeof(RK_STORE)); sync_rk(); - } uint32_t ctap_rk_size() @@ -622,22 +556,9 @@ void ctap_overwrite_rk(int index, CTAP_residentKey * rk) } } -void device_wink() -{ - printf("*WINK*\n"); -} -int device_is_nfc() -{ - return 0; -} -void device_disable_up(bool disable) -{ - _up_disabled = disable; -} -void device_set_clock_rate(DEVICE_CLOCK_RATE param) -{ -} + + diff --git a/fido2/main.c b/pc/main.c similarity index 89% rename from fido2/main.c rename to pc/main.c index 34ad664..fafc960 100644 --- a/fido2/main.c +++ b/pc/main.c @@ -9,6 +9,7 @@ #include #include #include +#include #include "cbor.h" #include "device.h" @@ -17,7 +18,7 @@ #include "util.h" #include "log.h" #include "ctap.h" -#include APP_CONFIG +#include "app.h" #if !defined(TEST) @@ -58,13 +59,6 @@ int main(int argc, char *argv[]) while(1) { - if (millis() - t1 > HEARTBEAT_PERIOD) - { - heartbeat(); - t1 = millis(); - } - - device_manage(); if (usbhid_recv(hidmsg) > 0) { @@ -74,8 +68,13 @@ int main(int argc, char *argv[]) else { } + ctaphid_check_timeouts(); + struct timespec ts; + ts.tv_sec = 0; + ts.tv_nsec = 1000*1000*10; + nanosleep(&ts,NULL); } // Should never get here