shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

reboot and pass tests

Browse Source
This commit is contained in:
Conor Patrick 2018-12-03 00:01:41 -05:00
parent bfa2d2830d
commit eb39e0f2c4
5 changed files with 26 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fido2/extensions/extensions.c
View File

@ -65,7 +65,7 @@ int16_t bridge_u2f_to_extensions(uint8_t * _chal, uint8_t * _appid, uint8_t klen
u2f_response_writeback((uint8_t *)&ret,1);
#ifdef IS_BOOTLOADER
ret = bootloader_bridge(klen, keyh);
#else
#elif defined(WALLET_EXTENSION)
ret = bridge_u2f_to_wallet(_chal, _appid, klen, keyh);
#endif

2
targets/stm32l442/bootloader/bootloader.h
View File

@ -4,7 +4,7 @@
#define DEBUG_UART USART1
#define DEBUG_LEVEL 1
#define DEBUG_LEVEL 0
#define NON_BLOCK_PRINTING 0

1
targets/stm32l442/bootloader/main.c
View File

@ -166,6 +166,7 @@ int main(int argc, char * argv[])
if (REBOOT_FLAG)
{
delay(250);
device_reboot();
}
}

7
targets/stm32l442/src/device.c
View File

@ -102,7 +102,7 @@ void delay(uint32_t ms)
}
void device_reboot()
{
NVIC_SystemReset();
}
void device_init()
{
@ -586,7 +586,8 @@ int bootloader_bridge(uint8_t klen, uint8_t * keyh)
switch(req->op){
case BootWrite:
printf1(TAG_BOOT, "BootWrite: %08lx\r\n",(uint32_t)ptr);
if ((uint32_t)ptr < APPLICATION_START_ADDR || (uint32_t)ptr >= APPLICATION_END_ADDR)
if ((uint32_t)ptr < APPLICATION_START_ADDR || (uint32_t)ptr >= APPLICATION_END_ADDR
|| ((uint32_t)ptr+req->len) > APPLICATION_END_ADDR)
{
printf1(TAG_BOOT,"Bound exceeded [%08lx, %08lx]\r\n",APPLICATION_START_ADDR,APPLICATION_END_ADDR);
return CTAP2_ERR_NOT_ALLOWED;
@ -603,7 +604,7 @@ int bootloader_bridge(uint8_t klen, uint8_t * keyh)
exit(1);
}
flash_write((uint32_t)ptr,payload, req->len + (req->len%4));
flash_write((uint32_t)ptr,payload, req->len);
break;
case BootDone:
printf1(TAG_BOOT, "BootDone: ");

57
web/js/wallet.js
View File

@ -386,9 +386,7 @@ function send_msg_u2f(data, func, timeout) {
appId: appid
};
console.log('sign attempt');
window.u2f.sign(appid,chal,[key], function(res){
console.log('res',res);
var d2 = new Date();
t2 = d2.getTime();
if (!res.signatureData)
@ -1087,7 +1085,6 @@ async function handleFirmware(files)
console.log('addr ',addr.value + i);
p = await dev.bootloader_write(addr.value + i, chunk);
console.log('writing',p);
TEST(p.status == 'CTAP1_SUCCESS', 'Device wrote data');
var progress = (((i/data.length) * 100 * 100) | 0)/100;
document.getElementById('progress').textContent = ''+progress+' %';
@ -1427,7 +1424,8 @@ async function run_tests() {
async function test_bootloader()
{
var addr = 0x4000;
var start = 0x8000;
var size = 186 * 1024 - 8;
var num_pages = 64;
var p = await dev.is_bootloader();
@ -1438,63 +1436,46 @@ async function run_tests() {
p = await dev.bootloader_write(0, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies accessing invalid address');
p = await dev.bootloader_write(addr-4, randdata);
p = await dev.bootloader_write(start-4, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies accessing invalid address');
p = await dev.bootloader_write(2048 * (num_pages-3)-4, randdata);
p = await dev.bootloader_write(start, randdata);
TEST(p.status == 'CTAP1_SUCCESS', 'Allows write to beginning');
p = await dev.bootloader_write(start + size-16, randdata);
TEST(p.status == 'CTAP1_SUCCESS', 'Allows write to end');
p = await dev.bootloader_write(start + size-8, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies overflow');
p = await dev.bootloader_write(start + size, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies accessing invalid address');
p = await dev.bootloader_write(2048 * (num_pages-2), randdata);
p = await dev.bootloader_write(start + size + 1024, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies accessing invalid address');
p = await dev.bootloader_write(2048 * (num_pages+1), randdata);
p = await dev.bootloader_write(start + size + 1024*10, randdata);
TEST(p.status == 'CTAP2_ERR_NOT_ALLOWED', 'Denies accessing invalid address');
p = await get_firmware_http();
var sig = websafe2array(p.signature);
var badsig = websafe2array(p.signature);
var badsig = new Uint8Array(64);
badsig[40] = badsig[40] ^ 1;
var blocks = MemoryMap.fromHex(p.firmware);
var addresses = blocks.keys();
var addr = addresses.next();
var chunk_size = 244;
while(!addr.done) {
var data = blocks.get(addr.value);
var i;
for (i = 0; i < data.length; i += chunk_size) {
var chunk = data.slice(i,i+chunk_size);
p = await dev.bootloader_write(addr.value + i, chunk);
TEST(p.status == 'CTAP1_SUCCESS', 'Device wrote data');
var progress = (((i/data.length) * 100 * 100) | 0)/100;
document.getElementById('progress').textContent = ''+progress+' %';
}
addr = addresses.next();
}
p = await dev.bootloader_finish(badsig);
TEST(p.status == 'CTAP2_ERR_OPERATION_DENIED', 'Device rejected new image with bad signature');
p = await dev.bootloader_finish(sig);
TEST(p.status == 'CTAP1_SUCCESS', 'Device booted new image with correct signature');
document.getElementById('progress').textContent = ''+100+' %';
}
//while(1)
{
await device_start_over();
// await device_start_over();
//await test_pin();
await test_crypto();
// await test_crypto();
//await test_rng();
}
//await benchmark();
//await test_persistence();
//await test_bootloader();
await test_bootloader();
}