limit possible recursions in tinycbor

STABLE_VERSION

@@ -1 +1 @@
-3.0.1
+3.1.1

docs/solo/customization.md

@@ -45,7 +45,7 @@ email=example@example.com
 openssl ecparam -genkey -name "$curve" -out root_key.pem -rand seed.bin
 
 # generate a "signing request"
-openssl req -new -key root_key.pem -out root_key.pem.csr  -subj "/C=$country/ST=$state/O=$organization/OU=$unit/CN=example.com/emailAddress=$email"
+openssl req -new -key root_key.pem -out root_key.pem.csr  -subj "/C=$country/ST=$state/O=$organization/OU=$unit/CN=$CN/emailAddress=$email"
 
 # self sign the request
 openssl x509 -trustout -req -days 18250  -in root_key.pem.csr -signkey root_key.pem -out root_cert.pem -sha256
@@ -82,7 +82,7 @@ email=example@example.com
 openssl ecparam -genkey -name "$curve" -out device_key.pem -rand seed.bin
 
 # generate a "signing request"
-openssl req -new -key device_key.pem -out device_key.pem.csr -subj "/C=$country/ST=$state/O=$organization/OU=$unit/CN=example.com/emailAddress=$email"
+openssl req -new -key device_key.pem -out device_key.pem.csr -subj "/C=$country/ST=$state/O=$organization/OU=$unit/CN=$CN/emailAddress=$email"
 
 # sign the request
 openssl x509 -req -days 18250  -in device_key.pem.csr -extfile v3.ext -CA root_cert.pem -CAkey root_key.pem -set_serial 01 -out device_cert.pem -sha256
@@ -119,7 +119,7 @@ First, [Build your solo application and bootloader](/solo/building).
 Print your attestation key in a hex string format.  Using our utility script:
 
 ```
-python tools/print_x_y.py device_key.pem
+python3 tools/gencert/print_x_y.py device_key.pem
 ```
 
 Merge the `bootloader.hex`, `solo.hex`, attestion key, and certificate into one firmware file.

fido2/ctap_parse.c

@@ -666,8 +666,8 @@ uint8_t ctap_parse_extensions(CborValue * val, CTAP_extensions * ext)
         if (ret == CborErrorOutOfMemory)
         {
             printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n");
-            cbor_value_advance(&map);
-            cbor_value_advance(&map);
+            check_ret( cbor_value_advance(&map) );
+            check_ret( cbor_value_advance(&map) );
             continue;
         }
         check_ret(ret);
@@ -1353,11 +1353,21 @@ uint8_t ctap_parse_client_pin(CTAP_clientPin * CP, uint8_t * request, int length
                 break;
             case CP_getKeyAgreement:
                 printf1(TAG_CP,"CP_getKeyAgreement\n");
+                if (cbor_value_get_type(&map) != CborBooleanType)
+                {
+                    printf2(TAG_ERR,"Error, expecting cbor boolean\n");
+                    return CTAP2_ERR_INVALID_CBOR_TYPE;
+                }
                 ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement);
                 check_ret(ret);
                 break;
             case CP_getRetries:
                 printf1(TAG_CP,"CP_getRetries\n");
+                if (cbor_value_get_type(&map) != CborBooleanType)
+                {
+                    printf2(TAG_ERR,"Error, expecting cbor boolean\n");
+                    return CTAP2_ERR_INVALID_CBOR_TYPE;
+                }
                 ret = cbor_value_get_boolean(&map, &CP->getRetries);
                 check_ret(ret);
                 break;

fido2/ctaphid.c

@@ -542,6 +542,9 @@ extern void _check_ret(CborError ret, int line, const char * filename);
 
 uint8_t ctaphid_custom_command(int len, CTAP_RESPONSE * ctap_resp, CTAPHID_WRITE_BUFFER * wb);
 
+
+extern void solo_lock_if_not_already();
+
 uint8_t ctaphid_handle_packet(uint8_t * pkt_raw)
 {
     uint8_t cmd = 0;
@@ -762,6 +765,16 @@ uint8_t ctaphid_custom_command(int len, CTAP_RESPONSE * ctap_resp, CTAPHID_WRITE
             return 1;
         break;
 
+        // Remove on next release
+#if !defined(IS_BOOTLOADER) && defined(SOLO)
+        case 0x99:
+            solo_lock_if_not_already();
+            wb->bcnt = 0;
+            ctaphid_write(wb, NULL, 0);
+            return 1;
+        break;
+#endif
+
 #if !defined(IS_BOOTLOADER) && (defined(SOLO_EXPERIMENTAL))
         case CTAPHID_LOADKEY:
             /**

fido2/version.c

@@ -1,12 +1,16 @@
 #include "version.h"
 
+const version_t firmware_version 
+#ifdef SOLO
+__attribute__ ((section (".flag"))) __attribute__ ((__used__)) 
+#endif
+    =  {
+      .major = SOLO_VERSION_MAJ,
+      .minor = SOLO_VERSION_MIN,
+      .patch = SOLO_VERSION_PATCH,
+      .reserved = 0
+    };
 
-const version_t firmware_version __attribute__ ((section (".flag"))) __attribute__ ((__used__)) =  {
-  .major = SOLO_VERSION_MAJ,
-  .minor = SOLO_VERSION_MIN,
-  .patch = SOLO_VERSION_PATCH,
-  .reserved = 0
-};
 
 // from tinycbor, for a quick static_assert
 #include <compilersupport_p.h>

targets/stm32l432/bootloader/bootloader.c

@@ -50,7 +50,7 @@ typedef struct {
     uint8_t payload[255 - 10];
 } __attribute__((packed)) BootloaderReq;
 
-uint8_t * last_written_app_address;
+uint8_t * last_written_app_address = 0;
 
 /**
  * Erase all application pages. **APPLICATION_END_PAGE excluded**.
@@ -58,7 +58,7 @@ uint8_t * last_written_app_address;
 static void erase_application()
 {
     int page;
-    last_written_app_address = (uint8_t*) APPLICATION_START_ADDR;
+    last_written_app_address = (uint8_t*) 0;
     for(page = APPLICATION_START_PAGE; page < APPLICATION_END_PAGE; page++)
     {
         flash_erase_page(page);
@@ -114,6 +114,10 @@ int is_bootloader_disabled()
 bool is_firmware_version_newer_or_equal()
 {
 
+    if (last_written_app_address == 0) {
+        return false;
+    }
+
     printf1(TAG_BOOT,"Current firmware version: %u.%u.%u.%u (%02x.%02x.%02x.%02x)\r\n",
           current_firmware_version.major, current_firmware_version.minor, current_firmware_version.patch, current_firmware_version.reserved,
           current_firmware_version.major, current_firmware_version.minor, current_firmware_version.patch, current_firmware_version.reserved

targets/stm32l432/build/application.mk

@@ -84,4 +84,5 @@ cbor:
 	cd ../../tinycbor/ && make clean
 	cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \
 LDFLAGS="$(LDFLAGS_LIB)" \
-CFLAGS="$(CFLAGS) -Os"
+CFLAGS="$(CFLAGS) -Os  -DCBOR_PARSER_MAX_RECURSIONS=3"
+

targets/stm32l432/src/device.c

@@ -199,6 +199,20 @@ int solo_is_locked(){
     return tag == ATTESTATION_CONFIGURED_TAG && (device_settings & SOLO_FLAG_LOCKED) != 0;
 }
 
+// Locks solo flash from debugging.  Locks on next reboot.
+// This should be removed in next Solo release.
+void solo_lock_if_not_already() {
+    uint8_t buf[2048];
+
+    memmove(buf, (uint8_t*)ATTESTATION_PAGE_ADDR, 2048);
+
+    ((flash_attestation_page *)buf)->device_settings |= SOLO_FLAG_LOCKED;
+
+    flash_erase_page(ATTESTATION_PAGE);
+
+    flash_write(ATTESTATION_PAGE_ADDR, buf, 2048);
+}
+
 /** device_migrate
  * Depending on version of device, migrates:
  * * Moves attestation certificate to data segment. 

targets/stm32l432/src/init.c

@@ -146,12 +146,14 @@ void device_set_clock_rate(DEVICE_CLOCK_RATE param)
         case DEVICE_LOW_POWER_IDLE:
             SET_CLOCK_RATE0();
         break;
+#if !defined(IS_BOOTLOADER)
         case DEVICE_LOW_POWER_FAST:
             SET_CLOCK_RATE1();
         break;
         case DEVICE_FAST:
             SET_CLOCK_RATE2();
         break;
+#endif
     }
 }