Compare commits
6 Commits
cap_button
...
documentat
| Author | SHA1 | Date | |
|---|---|---|---|
| a7cda74741 | |||
| a8baba422f | |||
| abd2eca3ca | |||
| 038c594e37 | |||
| f09900a391 | |||
| bd822dd95f |
@ -168,16 +168,6 @@
|
||||
"infra",
|
||||
"tool"
|
||||
]
|
||||
},
|
||||
{
|
||||
"login": "kimusan",
|
||||
"name": "Kim Schulz",
|
||||
"avatar_url": "https://avatars1.githubusercontent.com/u/1150049?v=4",
|
||||
"profile": "http://www.schulz.dk",
|
||||
"contributions": [
|
||||
"business",
|
||||
"ideas"
|
||||
]
|
||||
}
|
||||
],
|
||||
"contributorsPerLine": 7,
|
||||
|
||||
45
README.md
45
README.md
@ -1,19 +1,25 @@
|
||||
**NEW!** We launched a new tiny security key called Somu, it's live on Crowd Supply and you can [pre-order it now](https://solokeys.com/somu)!
|
||||
|
||||
[<img src="https://miro.medium.com/max/1400/1*PnzCPLqq_5nt1gjgSEY2LQ.png" width="600">](https://solokeys.com/somu)
|
||||
|
||||
Somu is the micro version of Solo. We were inspired to make a secure Tomu, so we took its tiny form factor, we added the secure microcontroller and firmware of Solo, et voilà! Here we have Somu.
|
||||
|
||||
[](https://update.solokeys.com/)
|
||||
[](https://github.com/solokeys/solo/blob/master/LICENSE)
|
||||
[](#contributors)
|
||||
[](https://travis-ci.com/solokeys/solo)
|
||||
[](https://discourse.solokeys.com)
|
||||
[](https://keybase.io/team/solokeys.public)
|
||||
[](https://travis-ci.com/solokeys/solo)
|
||||
[](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_shield)
|
||||
|
||||
[](https://github.com/solokeys/solo/releases)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/graphs/contributors)
|
||||
|
||||
|
||||
# Solo
|
||||
|
||||
Solo is an open source security key, and you can get one at [solokeys.com](https://solokeys.com).
|
||||
|
||||
[<img src="https://static.solokeys.com/images/photos/hero-on-white-cropped.png" width="600">](https://solokeys.com)
|
||||
|
||||
Solo supports FIDO2 and U2F standards for strong two-factor authentication and password-less login, and it will protect you against phishing and other online attacks. With colored cases and multilingual guides we want to make secure login more personable and accessible to everyone around the globe.
|
||||
|
||||
<img src="https://static.solokeys.com/images/photos/hero-on-white-cropped.png" width="600">
|
||||
|
||||
This repo contains the Solo firmware, including implementations of FIDO2 and U2F (CTAP2 and CTAP) over USB and NFC. The main implementation is for STM32L432, but it is easily portable.
|
||||
|
||||
For development no hardware is needed, Solo also runs as a standalone application for Windows, Linux, and Mac OSX. If you like (or want to learn) hardware instead, you can run Solo on the NUCLEO-L432KC development board, or we make Solo for Hacker, an unlocked version of Solo that lets you customize its firmware.
|
||||
@ -36,7 +42,7 @@ Solo for Hacker is a special version of Solo that let you customize its firmware
|
||||
|
||||
Check out [solokeys.com](https://solokeys.com), for options on where to buy Solo. Solo Hacker can be converted to a secure version, but normal Solo cannot be converted to a Hacker version.
|
||||
|
||||
If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://docs.solokeys.io/solo/building/). We support Python3.
|
||||
If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://docs.solokeys.io/solo/building/). We only support Python3.
|
||||
|
||||
```bash
|
||||
git clone --recurse-submodules https://github.com/solokeys/solo
|
||||
@ -134,7 +140,6 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
|
||||
<td align="center"><a href="http://1bitsquared.com"><img src="https://avatars3.githubusercontent.com/u/17334?v=4" width="100px;" alt="Piotr Esden-Tempski"/><br /><sub><b>Piotr Esden-Tempski</b></sub></a><br /><a href="#business-esden" title="Business development">💼</a></td>
|
||||
<td align="center"><a href="https://github.com/m3hm00d"><img src="https://avatars1.githubusercontent.com/u/42179593?v=4" width="100px;" alt="f.m3hm00d"/><br /><sub><b>f.m3hm00d</b></sub></a><br /><a href="https://github.com/solokeys/solo/commits?author=m3hm00d" title="Documentation">📖</a></td>
|
||||
<td align="center"><a href="http://blogs.gnome.org/hughsie/"><img src="https://avatars0.githubusercontent.com/u/151380?v=4" width="100px;" alt="Richard Hughes"/><br /><sub><b>Richard Hughes</b></sub></a><br /><a href="#ideas-hughsie" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/solokeys/solo/commits?author=hughsie" title="Code">💻</a> <a href="#infra-hughsie" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#tool-hughsie" title="Tools">🔧</a></td>
|
||||
<td align="center"><a href="http://www.schulz.dk"><img src="https://avatars1.githubusercontent.com/u/1150049?v=4" width="100px;" alt="Kim Schulz"/><br /><sub><b>Kim Schulz</b></sub></a><br /><a href="#business-kimusan" title="Business development">💼</a> <a href="#ideas-kimusan" title="Ideas, Planning, & Feedback">🤔</a></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
@ -163,19 +168,3 @@ You may use Solo documentation under the terms of the CC-BY-SA 4.0 license
|
||||
|
||||
You can buy Solo, Solo Tap, and Solo for Hackers at [solokeys.com](https://solokeys.com).
|
||||
|
||||
<br/>
|
||||
<hr/>
|
||||
<br/>
|
||||
|
||||
[](https://github.com/solokeys/solo/blob/master/LICENSE)
|
||||
[](#contributors)
|
||||
[](https://travis-ci.com/solokeys/solo)
|
||||
[](https://discourse.solokeys.com)
|
||||
[](https://keybase.io/team/solokeys.public)
|
||||
[](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_shield)
|
||||
|
||||
[](https://github.com/solokeys/solo/releases)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/commits/master)
|
||||
[](https://github.com/solokeys/solo/graphs/contributors)
|
||||
|
||||
@ -1 +1 @@
|
||||
2.4.3
|
||||
2.4.2
|
||||
|
||||
@ -1,21 +1,20 @@
|
||||
# Summary
|
||||
|
||||
On Linux, by default USB dongles can't be accessed by users, for security reasons. To allow user access, so-called "udev rules" must be installed.
|
||||
On Linux, by default USB dongles can't be accessed by users, for security reasons. To allow user access, so-called "udev rules" must be installed. (Under Fedora, your key may work without such a rule.)
|
||||
|
||||
For some users, things will work automatically:
|
||||
Create a file like [`70-solokeys-access.rules`](https://github.com/solokeys/solo/blob/master/udev/70-solokeys-access.rules) in your `/etc/udev/rules.d` directory, for instance the following rule should cover normal access (it has to be on one line):
|
||||
|
||||
- Fedora seems to use a ["universal" udev rule for FIDO devices](https://github.com/amluto/u2f-hidraw-policy)
|
||||
- Our udev rule made it into [libu2f-host](https://github.com/Yubico/libu2f-host/) v1.1.10
|
||||
- Arch Linux [has this package](https://www.archlinux.org/packages/community/x86_64/libu2f-host/)
|
||||
- [Debian sid](https://packages.debian.org/sid/libu2f-udev) and [Ubuntu Eon](https://packages.ubuntu.com/eoan/libu2f-udev) can use the `libu2f-udev` package
|
||||
- Debian Buster and Ubuntu Disco still distribute v1.1.10, so need the manual rule
|
||||
- FreeBSD has support in [u2f-devd](https://github.com/solokeys/solo/issues/144#issuecomment-500216020)
|
||||
```
|
||||
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess", MODE="0660", GROUP="plugdev"
|
||||
```
|
||||
|
||||
There is hope that `udev` itself will adopt the Fedora approach (which is to check for HID usage page `F1D0`, and avoids manually whitelisting each U2F/FIDO2 key): <https://github.com/systemd/systemd/issues/11996>.
|
||||
Additionally, run the following command after you create this file (it is not necessary to do this again in the future):
|
||||
|
||||
Further progress is tracked in: <https://github.com/solokeys/solo/issues/144>.
|
||||
```
|
||||
sudo udevadm control --reload-rules && sudo udevadm trigger
|
||||
```
|
||||
|
||||
If you still need to setup a rule, a simple way to do it is:
|
||||
A simple way to setup both the udev rule and the udevadm reload is:
|
||||
|
||||
```
|
||||
git clone git@github.com:solokeys/solo.git
|
||||
@ -23,11 +22,9 @@ cd solo/udev
|
||||
make setup
|
||||
```
|
||||
|
||||
Or, manually, create a file like [`70-solokeys-access.rules`](https://github.com/solokeys/solo/blob/master/udev/70-solokeys-access.rules) in your `/etc/udev/rules.d` directory.
|
||||
Additionally, run the following command after you create this file (it is not necessary to do this again in the future):
|
||||
```
|
||||
sudo udevadm control --reload-rules && sudo udevadm trigger
|
||||
```
|
||||
We are working on getting user access to Solo keys enabled automatically in common Linux distributions: <https://github.com/solokeys/solo/issues/144>.
|
||||
|
||||
|
||||
|
||||
# How do udev rules work and why are they needed
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu)
|
||||
{
|
||||
EXT_APDU_HEADER *hapdu = (EXT_APDU_HEADER *)data;
|
||||
|
||||
apdu->cla = hapdu->cla & 0xef; // mask chaining bit if any
|
||||
apdu->cla = hapdu->cla;
|
||||
apdu->ins = hapdu->ins;
|
||||
apdu->p1 = hapdu->p1;
|
||||
apdu->p2 = hapdu->p2;
|
||||
|
||||
@ -42,20 +42,14 @@ extern int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu);
|
||||
#define APDU_FIDO_U2F_AUTHENTICATE 0x02
|
||||
#define APDU_FIDO_U2F_VERSION 0x03
|
||||
#define APDU_FIDO_NFCCTAP_MSG 0x10
|
||||
#define APDU_FIDO_U2F_VENDOR_FIRST 0xc0 // First vendor defined command
|
||||
#define APDU_FIDO_U2F_VENDOR_LAST 0xff // Last vendor defined command
|
||||
#define APDU_SOLO_RESET 0xee
|
||||
|
||||
#define APDU_INS_SELECT 0xA4
|
||||
#define APDU_INS_READ_BINARY 0xB0
|
||||
#define APDU_GET_RESPONSE 0xC0
|
||||
|
||||
#define SW_SUCCESS 0x9000
|
||||
#define SW_GET_RESPONSE 0x6100 // Command successfully executed; 'XX' bytes of data are available and can be requested using GET RESPONSE.
|
||||
#define SW_WRONG_LENGTH 0x6700
|
||||
#define SW_COND_USE_NOT_SATISFIED 0x6985
|
||||
#define SW_FILE_NOT_FOUND 0x6a82
|
||||
#define SW_INCORRECT_P1P2 0x6a86
|
||||
#define SW_INS_INVALID 0x6d00 // Instruction code not supported or invalid
|
||||
#define SW_CLA_INVALID 0x6e00
|
||||
#define SW_INTERNAL_EXCEPTION 0x6f00
|
||||
|
||||
@ -262,11 +262,6 @@ void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8
|
||||
memmove(y,pubkey+32,32);
|
||||
}
|
||||
|
||||
void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey)
|
||||
{
|
||||
uECC_compute_public_key(privkey, pubkey, _es256_curve);
|
||||
}
|
||||
|
||||
void crypto_load_external_key(uint8_t * key, int len)
|
||||
{
|
||||
_signing_key = key;
|
||||
|
||||
@ -26,7 +26,6 @@ void crypto_sha512_final(uint8_t * hash);
|
||||
|
||||
void crypto_ecc256_init();
|
||||
void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8_t * y);
|
||||
void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey);
|
||||
|
||||
void crypto_ecc256_load_key(uint8_t * data, int len, uint8_t * data2, int len2);
|
||||
void crypto_ecc256_load_attestation_key();
|
||||
|
||||
55
fido2/ctap.c
55
fido2/ctap.c
@ -256,9 +256,7 @@ static int ctap_generate_cose_key(CborEncoder * cose_key, uint8_t * hmac_input,
|
||||
switch(algtype)
|
||||
{
|
||||
case COSE_ALG_ES256:
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
|
||||
crypto_ecc256_derive_public_key(hmac_input, len, x, y);
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
|
||||
break;
|
||||
default:
|
||||
printf2(TAG_ERR,"Error, COSE alg %d not supported\n", algtype);
|
||||
@ -437,19 +435,7 @@ static unsigned int get_credential_id_size(CTAP_credentialDescriptor * cred)
|
||||
static int ctap2_user_presence_test()
|
||||
{
|
||||
device_set_status(CTAPHID_STATUS_UPNEEDED);
|
||||
int ret = ctap_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||
if ( ret > 0 )
|
||||
{
|
||||
return CTAP1_ERR_SUCCESS;
|
||||
}
|
||||
else if (ret < 0)
|
||||
{
|
||||
return CTAP2_ERR_KEEPALIVE_CANCEL;
|
||||
}
|
||||
else
|
||||
{
|
||||
return CTAP2_ERR_ACTION_TIMEOUT;
|
||||
}
|
||||
return ctap_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||
}
|
||||
|
||||
static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * auth_data_buf, uint32_t * len, CTAP_credInfo * credInfo)
|
||||
@ -482,7 +468,15 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
|
||||
int but;
|
||||
|
||||
but = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||
check_retr(but);
|
||||
|
||||
if (!but)
|
||||
{
|
||||
return CTAP2_ERR_OPERATION_DENIED;
|
||||
}
|
||||
else if (but < 0) // Cancel
|
||||
{
|
||||
return CTAP2_ERR_KEEPALIVE_CANCEL;
|
||||
}
|
||||
|
||||
device_set_status(CTAPHID_STATUS_PROCESSING);
|
||||
|
||||
@ -711,7 +705,10 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
|
||||
}
|
||||
if (MC.pinAuthEmpty)
|
||||
{
|
||||
check_retr( ctap2_user_presence_test(CTAP2_UP_DELAY_MS) );
|
||||
if (!ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
|
||||
{
|
||||
return CTAP2_ERR_OPERATION_DENIED;
|
||||
}
|
||||
return ctap_is_pin_set() == 1 ? CTAP2_ERR_PIN_AUTH_INVALID : CTAP2_ERR_PIN_NOT_SET;
|
||||
}
|
||||
if ((MC.paramsParsed & MC_requiredMask) != MC_requiredMask)
|
||||
@ -1144,7 +1141,10 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
|
||||
|
||||
if (GA.pinAuthEmpty)
|
||||
{
|
||||
check_retr( ctap2_user_presence_test(CTAP2_UP_DELAY_MS) );
|
||||
if (!ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
|
||||
{
|
||||
return CTAP2_ERR_OPERATION_DENIED;
|
||||
}
|
||||
return ctap_is_pin_set() == 1 ? CTAP2_ERR_PIN_AUTH_INVALID : CTAP2_ERR_PIN_NOT_SET;
|
||||
}
|
||||
if (GA.pinAuthPresent)
|
||||
@ -1479,11 +1479,6 @@ uint8_t ctap_client_pin(CborEncoder * encoder, uint8_t * request, int length)
|
||||
|
||||
ret = cbor_encode_int(&map, RESP_keyAgreement);
|
||||
check_ret(ret);
|
||||
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
|
||||
crypto_ecc256_compute_public_key(KEY_AGREEMENT_PRIV, KEY_AGREEMENT_PUB);
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
|
||||
|
||||
ret = ctap_add_cose_key(&map, KEY_AGREEMENT_PUB, KEY_AGREEMENT_PUB+32, PUB_KEY_CRED_PUB_KEY, COSE_ALG_ECDH_ES_HKDF_256);
|
||||
check_retr(ret);
|
||||
|
||||
@ -1654,11 +1649,14 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
|
||||
break;
|
||||
case CTAP_RESET:
|
||||
printf1(TAG_CTAP,"CTAP_RESET\n");
|
||||
status = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
|
||||
if (status == CTAP1_ERR_SUCCESS)
|
||||
if (ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
|
||||
{
|
||||
ctap_reset();
|
||||
}
|
||||
else
|
||||
{
|
||||
status = CTAP2_ERR_OPERATION_DENIED;
|
||||
}
|
||||
break;
|
||||
case GET_NEXT_ASSERTION:
|
||||
printf1(TAG_CTAP,"CTAP_NEXT_ASSERTION\n");
|
||||
@ -1680,7 +1678,7 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
|
||||
break;
|
||||
default:
|
||||
status = CTAP1_ERR_INVALID_COMMAND;
|
||||
printf2(TAG_ERR,"error, invalid cmd: 0x%02x\n", cmd);
|
||||
printf2(TAG_ERR,"error, invalid cmd\n");
|
||||
}
|
||||
|
||||
done:
|
||||
@ -1769,7 +1767,10 @@ void ctap_init()
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (device_is_nfc() != NFC_IS_ACTIVE)
|
||||
{
|
||||
ctap_reset_key_agreement();
|
||||
}
|
||||
|
||||
#ifdef BRIDGE_TO_WALLET
|
||||
wallet_init();
|
||||
@ -1968,7 +1969,7 @@ int8_t ctap_load_key(uint8_t index, uint8_t * key)
|
||||
|
||||
static void ctap_reset_key_agreement()
|
||||
{
|
||||
ctap_generate_rng(KEY_AGREEMENT_PRIV, sizeof(KEY_AGREEMENT_PRIV));
|
||||
crypto_ecc256_make_key_pair(KEY_AGREEMENT_PUB, KEY_AGREEMENT_PRIV);
|
||||
}
|
||||
|
||||
void ctap_reset()
|
||||
|
||||
@ -131,7 +131,7 @@
|
||||
#define PIN_LOCKOUT_ATTEMPTS 8 // Number of attempts total
|
||||
#define PIN_BOOT_ATTEMPTS 3 // number of attempts per boot
|
||||
|
||||
#define CTAP2_UP_DELAY_MS 29000
|
||||
#define CTAP2_UP_DELAY_MS 5000
|
||||
|
||||
typedef struct
|
||||
{
|
||||
|
||||
@ -49,7 +49,6 @@
|
||||
#define CTAP2_ERR_PIN_POLICY_VIOLATION 0x37
|
||||
#define CTAP2_ERR_PIN_TOKEN_EXPIRED 0x38
|
||||
#define CTAP2_ERR_REQUEST_TOO_LARGE 0x39
|
||||
#define CTAP2_ERR_ACTION_TIMEOUT 0x3A
|
||||
#define CTAP1_ERR_OTHER 0x7F
|
||||
#define CTAP2_ERR_SPEC_LAST 0xDF
|
||||
#define CTAP2_ERR_EXTENSION_FIRST 0xE0
|
||||
|
||||
@ -30,7 +30,6 @@ void main_loop_delay();
|
||||
|
||||
void heartbeat();
|
||||
|
||||
void device_reboot();
|
||||
|
||||
void authenticator_read_state(AuthenticatorState * );
|
||||
|
||||
|
||||
11
pc/device.c
11
pc/device.c
@ -43,11 +43,7 @@ void device_set_status(uint32_t status)
|
||||
__device_status = status;
|
||||
}
|
||||
|
||||
void device_reboot()
|
||||
{
|
||||
printf1(TAG_RED, "REBOOT command recieved!\r\n");
|
||||
exit(100);
|
||||
}
|
||||
|
||||
|
||||
int udp_server()
|
||||
{
|
||||
@ -632,8 +628,3 @@ int device_is_nfc()
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
void device_set_clock_rate(DEVICE_CLOCK_RATE param)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
@ -282,11 +282,6 @@ void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8
|
||||
memmove(x,pubkey,32);
|
||||
memmove(y,pubkey+32,32);
|
||||
}
|
||||
void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey)
|
||||
{
|
||||
uECC_compute_public_key(privkey, pubkey, _es256_curve);
|
||||
}
|
||||
|
||||
|
||||
void crypto_load_external_key(uint8_t * key, int len)
|
||||
{
|
||||
|
||||
@ -55,43 +55,11 @@ static int is_physical_button_pressed()
|
||||
|
||||
static int is_touch_button_pressed()
|
||||
{
|
||||
int is_pressed = (tsc_read_button(0) || tsc_read_button(1));
|
||||
#ifndef IS_BOOTLOADER
|
||||
if (is_pressed)
|
||||
{
|
||||
// delay for debounce, and longer than polling timer period.
|
||||
delay(95);
|
||||
return (tsc_read_button(0) || tsc_read_button(1));
|
||||
}
|
||||
#endif
|
||||
return is_pressed;
|
||||
return tsc_read_button(0) || tsc_read_button(1);
|
||||
}
|
||||
|
||||
int (*IS_BUTTON_PRESSED)() = is_physical_button_pressed;
|
||||
|
||||
static void edge_detect_touch_button()
|
||||
{
|
||||
static uint8_t last_touch = 0;
|
||||
uint8_t current_touch = 0;
|
||||
if (is_touch_button_pressed == IS_BUTTON_PRESSED)
|
||||
{
|
||||
current_touch = (tsc_read_button(0) || tsc_read_button(1));
|
||||
|
||||
// 1 sample per 25 ms
|
||||
if ((millis() - __last_button_bounce_time) > 25)
|
||||
{
|
||||
// Detect "touch / rising edge"
|
||||
if (!last_touch && current_touch)
|
||||
{
|
||||
__last_button_press_time = millis();
|
||||
}
|
||||
__last_button_bounce_time = millis();
|
||||
last_touch = current_touch;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
void request_from_nfc(bool request_active) {
|
||||
_RequestComeFromNFC = request_active;
|
||||
}
|
||||
@ -110,7 +78,19 @@ void TIM6_DAC_IRQHandler()
|
||||
}
|
||||
}
|
||||
|
||||
edge_detect_touch_button();
|
||||
|
||||
if (is_touch_button_pressed == IS_BUTTON_PRESSED)
|
||||
{
|
||||
if (IS_BUTTON_PRESSED())
|
||||
{
|
||||
// Only allow 1 press per 25 ms.
|
||||
if ((millis() - __last_button_bounce_time) > 25)
|
||||
{
|
||||
__last_button_press_time = millis();
|
||||
}
|
||||
__last_button_bounce_time = millis();
|
||||
}
|
||||
}
|
||||
|
||||
#ifndef IS_BOOTLOADER
|
||||
// NFC sending WTX if needs
|
||||
@ -162,6 +142,7 @@ void device_set_status(uint32_t status)
|
||||
|
||||
int device_is_button_pressed()
|
||||
{
|
||||
|
||||
return IS_BUTTON_PRESSED();
|
||||
}
|
||||
|
||||
|
||||
@ -14,11 +14,6 @@
|
||||
|
||||
#define IS_IRQ_ACTIVE() (1 == (LL_GPIO_ReadInputPort(SOLO_AMS_IRQ_PORT) & SOLO_AMS_IRQ_PIN))
|
||||
|
||||
// chain buffer for 61XX responses
|
||||
static uint8_t chain_buffer[2048] = {0};
|
||||
static size_t chain_buffer_len = 0;
|
||||
static bool chain_buffer_tx = false;
|
||||
|
||||
uint8_t p14443_block_offset(uint8_t pcb) {
|
||||
uint8_t offset = 1;
|
||||
// NAD following
|
||||
@ -201,15 +196,8 @@ bool nfc_write_response_ex(uint8_t req0, uint8_t * data, uint8_t len, uint16_t r
|
||||
|
||||
res[len + block_offset + 0] = resp >> 8;
|
||||
res[len + block_offset + 1] = resp & 0xff;
|
||||
|
||||
nfc_write_frame(res, block_offset + len + 2);
|
||||
|
||||
if (!ams_wait_for_tx(1))
|
||||
{
|
||||
printf1(TAG_NFC, "TX resp timeout. len: %d \r\n", len);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -218,7 +206,7 @@ bool nfc_write_response(uint8_t req0, uint16_t resp)
|
||||
return nfc_write_response_ex(req0, NULL, 0, resp);
|
||||
}
|
||||
|
||||
void nfc_write_response_chaining_plain(uint8_t req0, uint8_t * data, int len)
|
||||
void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
|
||||
{
|
||||
uint8_t res[32 + 2];
|
||||
uint8_t iBlock = NFC_CMD_IBLOCK | (req0 & 0x0f);
|
||||
@ -289,38 +277,6 @@ void nfc_write_response_chaining_plain(uint8_t req0, uint8_t * data, int len)
|
||||
}
|
||||
}
|
||||
|
||||
void append_get_response(uint8_t *data, size_t rest_len)
|
||||
{
|
||||
data[0] = 0x61;
|
||||
data[1] = 0x00;
|
||||
if (rest_len <= 0xff)
|
||||
data[1] = rest_len & 0xff;
|
||||
}
|
||||
|
||||
void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len, bool extapdu)
|
||||
{
|
||||
chain_buffer_len = 0;
|
||||
chain_buffer_tx = true;
|
||||
|
||||
// if we dont need to break data to parts that need to exchange via GET RESPONSE command (ISO 7816-4 7.1.3)
|
||||
if (len <= 255 || extapdu)
|
||||
{
|
||||
nfc_write_response_chaining_plain(req0, data, len);
|
||||
} else {
|
||||
size_t pcklen = MIN(253, len);
|
||||
chain_buffer_len = len - pcklen;
|
||||
printf1(TAG_NFC, "61XX chaining %d/%d.\r\n", pcklen, chain_buffer_len);
|
||||
|
||||
memmove(chain_buffer, data, pcklen);
|
||||
append_get_response(&chain_buffer[pcklen], chain_buffer_len);
|
||||
|
||||
nfc_write_response_chaining_plain(req0, chain_buffer, pcklen + 2); // 2 for 61XX
|
||||
|
||||
// put the rest data into chain buffer
|
||||
memmove(chain_buffer, &data[pcklen], chain_buffer_len);
|
||||
}
|
||||
}
|
||||
|
||||
// WTX on/off:
|
||||
// sends/receives WTX frame to reader every `WTX_time` time in ms
|
||||
// works via timer interrupts
|
||||
@ -520,70 +476,37 @@ int select_applet(uint8_t * aid, int len)
|
||||
return APP_NOTHING;
|
||||
}
|
||||
|
||||
void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
|
||||
void nfc_process_iblock(uint8_t * buf, int len)
|
||||
{
|
||||
int selected;
|
||||
CTAP_RESPONSE ctap_resp;
|
||||
int status;
|
||||
uint16_t reslen;
|
||||
|
||||
printf1(TAG_NFC,"Iblock: ");
|
||||
dump_hex1(TAG_NFC, buf, len);
|
||||
|
||||
uint8_t block_offset = p14443_block_offset(buf[0]);
|
||||
|
||||
APDU_STRUCT apdu;
|
||||
if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) {
|
||||
printf1(TAG_NFC,"apdu decode error\r\n");
|
||||
nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
|
||||
return;
|
||||
}
|
||||
printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n",
|
||||
apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
|
||||
|
||||
// check CLA
|
||||
if (apdu->cla != 0x00 && apdu->cla != 0x80) {
|
||||
printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu->cla);
|
||||
nfc_write_response(buf0, SW_CLA_INVALID);
|
||||
if (apdu.cla != 0x00 && apdu.cla != 0x80) {
|
||||
printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu.cla);
|
||||
nfc_write_response(buf[0], SW_CLA_INVALID);
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO this needs to be organized better
|
||||
switch(apdu->ins)
|
||||
switch(apdu.ins)
|
||||
{
|
||||
// ISO 7816. 7.1 GET RESPONSE command
|
||||
case APDU_GET_RESPONSE:
|
||||
if (apdu->p1 != 0x00 || apdu->p2 != 0x00)
|
||||
{
|
||||
nfc_write_response(buf0, SW_INCORRECT_P1P2);
|
||||
printf1(TAG_NFC, "P1 or P2 error\r\n");
|
||||
return;
|
||||
}
|
||||
|
||||
// too many bytes needs. 0x00 and 0x100 - any length
|
||||
if (apdu->le != 0 && apdu->le != 0x100 && apdu->le > chain_buffer_len)
|
||||
{
|
||||
uint16_t wlresp = SW_WRONG_LENGTH; // here can be 6700, 6C00, 6FXX. but the most standard way - 67XX or 6700
|
||||
if (chain_buffer_len <= 0xff)
|
||||
wlresp += chain_buffer_len & 0xff;
|
||||
nfc_write_response(buf0, wlresp);
|
||||
printf1(TAG_NFC, "buffer length less than requesteds\r\n");
|
||||
return;
|
||||
}
|
||||
|
||||
// create temporary packet
|
||||
uint8_t pck[255] = {0};
|
||||
size_t pcklen = 253;
|
||||
if (apdu->le)
|
||||
pcklen = apdu->le;
|
||||
if (pcklen > chain_buffer_len)
|
||||
pcklen = chain_buffer_len;
|
||||
|
||||
printf1(TAG_NFC, "GET RESPONSE. pck len: %d buffer len: %d\r\n", pcklen, chain_buffer_len);
|
||||
|
||||
// create packet and add 61XX there if we have another portion(s) of data
|
||||
memmove(pck, chain_buffer, pcklen);
|
||||
size_t dlen = 0;
|
||||
if (chain_buffer_len - pcklen)
|
||||
{
|
||||
append_get_response(&pck[pcklen], chain_buffer_len - pcklen);
|
||||
dlen = 2;
|
||||
}
|
||||
|
||||
// send
|
||||
nfc_write_response_chaining_plain(buf0, pck, pcklen + dlen); // dlen for 61XX
|
||||
|
||||
// shift the buffer
|
||||
chain_buffer_len -= pcklen;
|
||||
memmove(chain_buffer, &chain_buffer[pcklen], chain_buffer_len);
|
||||
break;
|
||||
|
||||
case APDU_INS_SELECT:
|
||||
// if (apdu->p1 == 0 && apdu->p2 == 0x0c)
|
||||
// {
|
||||
@ -599,49 +522,49 @@ void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
|
||||
// }
|
||||
// else
|
||||
{
|
||||
selected = select_applet(apdu->data, apdu->lc);
|
||||
selected = select_applet(apdu.data, apdu.lc);
|
||||
if (selected == APP_FIDO)
|
||||
{
|
||||
nfc_write_response_ex(buf0, (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
|
||||
nfc_write_response_ex(buf[0], (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
|
||||
printf1(TAG_NFC, "FIDO applet selected.\r\n");
|
||||
}
|
||||
else if (selected != APP_NOTHING)
|
||||
{
|
||||
nfc_write_response(buf0, SW_SUCCESS);
|
||||
nfc_write_response(buf[0], SW_SUCCESS);
|
||||
printf1(TAG_NFC, "SELECTED %d\r\n", selected);
|
||||
}
|
||||
else
|
||||
{
|
||||
nfc_write_response(buf0, SW_FILE_NOT_FOUND);
|
||||
printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu->data, apdu->lc);
|
||||
nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
|
||||
printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu.data, apdu.lc);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case APDU_FIDO_U2F_VERSION:
|
||||
if (NFC_STATE.selected_applet != APP_FIDO) {
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
nfc_write_response(buf[0], SW_INS_INVALID);
|
||||
break;
|
||||
}
|
||||
|
||||
printf1(TAG_NFC, "U2F GetVersion command.\r\n");
|
||||
|
||||
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
|
||||
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
|
||||
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
|
||||
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
|
||||
break;
|
||||
|
||||
case APDU_FIDO_U2F_REGISTER:
|
||||
if (NFC_STATE.selected_applet != APP_FIDO) {
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
nfc_write_response(buf[0], SW_INS_INVALID);
|
||||
break;
|
||||
}
|
||||
|
||||
printf1(TAG_NFC, "U2F Register command.\r\n");
|
||||
|
||||
if (apdu->lc != 64)
|
||||
if (apdu.lc != 64)
|
||||
{
|
||||
printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu->lc);
|
||||
nfc_write_response(buf0, SW_WRONG_LENGTH);
|
||||
printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu.lc);
|
||||
nfc_write_response(buf[0], SW_WRONG_LENGTH);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -652,61 +575,61 @@ void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
|
||||
// SystemClock_Config_LF32();
|
||||
// delay(300);
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
|
||||
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
|
||||
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
|
||||
if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
|
||||
// if (!WTX_off())
|
||||
// return;
|
||||
|
||||
printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
|
||||
printf1(TAG_NFC,"U2F Register P2 took %d\r\n", timestamp());
|
||||
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
|
||||
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
|
||||
|
||||
printf1(TAG_NFC,"U2F Register answered %d (took %d)\r\n", millis(), timestamp());
|
||||
break;
|
||||
|
||||
case APDU_FIDO_U2F_AUTHENTICATE:
|
||||
if (NFC_STATE.selected_applet != APP_FIDO) {
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
nfc_write_response(buf[0], SW_INS_INVALID);
|
||||
break;
|
||||
}
|
||||
|
||||
printf1(TAG_NFC, "U2F Authenticate command.\r\n");
|
||||
|
||||
if (apdu->lc != 64 + 1 + apdu->data[64])
|
||||
if (apdu.lc != 64 + 1 + apdu.data[64])
|
||||
{
|
||||
delay(5);
|
||||
printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu->lc, apdu->data[64]);
|
||||
nfc_write_response(buf0, SW_WRONG_LENGTH);
|
||||
printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu.lc, apdu.data[64]);
|
||||
nfc_write_response(buf[0], SW_WRONG_LENGTH);
|
||||
return;
|
||||
}
|
||||
|
||||
timestamp();
|
||||
// WTX_on(WTX_TIME_DEFAULT);
|
||||
u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
|
||||
u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
|
||||
// if (!WTX_off())
|
||||
// return;
|
||||
|
||||
printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
|
||||
printf1(TAG_NFC,"U2F Authenticate processing %d (took %d)\r\n", millis(), timestamp());
|
||||
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
|
||||
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
|
||||
printf1(TAG_NFC,"U2F Authenticate answered %d (took %d)\r\n", millis(), timestamp);
|
||||
break;
|
||||
|
||||
case APDU_FIDO_NFCCTAP_MSG:
|
||||
if (NFC_STATE.selected_applet != APP_FIDO) {
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
nfc_write_response(buf[0], SW_INS_INVALID);
|
||||
return;
|
||||
}
|
||||
|
||||
printf1(TAG_NFC, "FIDO2 CTAP message. %d\r\n", timestamp());
|
||||
|
||||
// WTX_on(WTX_TIME_DEFAULT);
|
||||
WTX_on(WTX_TIME_DEFAULT);
|
||||
request_from_nfc(true);
|
||||
ctap_response_init(&ctap_resp);
|
||||
status = ctap_request(apdu->data, apdu->lc, &ctap_resp);
|
||||
status = ctap_request(apdu.data, apdu.lc, &ctap_resp);
|
||||
request_from_nfc(false);
|
||||
// if (!WTX_off())
|
||||
// return;
|
||||
if (!WTX_off())
|
||||
return;
|
||||
|
||||
printf1(TAG_NFC, "CTAP resp: 0x%02x len: %d\r\n", status, ctap_resp.length);
|
||||
|
||||
@ -722,108 +645,44 @@ void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
|
||||
ctap_resp.data[ctap_resp.length - 1] = SW_SUCCESS & 0xff;
|
||||
|
||||
printf1(TAG_NFC,"CTAP processing %d (took %d)\r\n", millis(), timestamp());
|
||||
nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
|
||||
nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
|
||||
printf1(TAG_NFC,"CTAP answered %d (took %d)\r\n", millis(), timestamp());
|
||||
break;
|
||||
|
||||
case APDU_INS_READ_BINARY:
|
||||
// response length
|
||||
reslen = apdu->le & 0xffff;
|
||||
reslen = apdu.le & 0xffff;
|
||||
switch(NFC_STATE.selected_applet)
|
||||
{
|
||||
case APP_CAPABILITY_CONTAINER:
|
||||
printf1(TAG_NFC,"APP_CAPABILITY_CONTAINER\r\n");
|
||||
if (reslen == 0 || reslen > sizeof(NFC_CC))
|
||||
reslen = sizeof(NFC_CC);
|
||||
nfc_write_response_ex(buf0, (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
|
||||
nfc_write_response_ex(buf[0], (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
|
||||
ams_wait_for_tx(10);
|
||||
break;
|
||||
case APP_NDEF_TAG:
|
||||
printf1(TAG_NFC,"APP_NDEF_TAG\r\n");
|
||||
if (reslen == 0 || reslen > sizeof(NDEF_SAMPLE) - 1)
|
||||
reslen = sizeof(NDEF_SAMPLE) - 1;
|
||||
nfc_write_response_ex(buf0, NDEF_SAMPLE, reslen, SW_SUCCESS);
|
||||
nfc_write_response_ex(buf[0], NDEF_SAMPLE, reslen, SW_SUCCESS);
|
||||
ams_wait_for_tx(10);
|
||||
break;
|
||||
default:
|
||||
nfc_write_response(buf0, SW_FILE_NOT_FOUND);
|
||||
nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
|
||||
printf1(TAG_ERR, "No binary applet selected!\r\n");
|
||||
return;
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
||||
case APDU_SOLO_RESET:
|
||||
if (apdu->lc == 4 && !memcmp(apdu->data, "\x12\x56\xab\xf0", 4)) {
|
||||
printf1(TAG_NFC, "Reset...\r\n");
|
||||
nfc_write_response(buf0, SW_SUCCESS);
|
||||
delay(20);
|
||||
device_reboot();
|
||||
while(1);
|
||||
} else {
|
||||
printf1(TAG_NFC, "Reset FAIL\r\n");
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu->ins);
|
||||
nfc_write_response(buf0, SW_INS_INVALID);
|
||||
printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu.ins);
|
||||
nfc_write_response(buf[0], SW_INS_INVALID);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
void nfc_process_iblock(uint8_t * buf, int len)
|
||||
{
|
||||
uint8_t block_offset = p14443_block_offset(buf[0]);
|
||||
|
||||
// clear tx chain buffer if we have some other command than GET RESPONSE
|
||||
if (chain_buffer_tx && buf[block_offset + 1] != APDU_GET_RESPONSE) {
|
||||
chain_buffer_len = 0;
|
||||
chain_buffer_tx = false;
|
||||
}
|
||||
|
||||
APDU_STRUCT apdu;
|
||||
if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) {
|
||||
printf1(TAG_NFC,"apdu decode error\r\n");
|
||||
nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
|
||||
return;
|
||||
}
|
||||
printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n",
|
||||
apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
|
||||
|
||||
// APDU level chaining. ISO7816-4, 5.1.1. class byte
|
||||
if (!chain_buffer_tx && buf[block_offset] & 0x10) {
|
||||
|
||||
if (chain_buffer_len + len > sizeof(chain_buffer)) {
|
||||
nfc_write_response(buf[0], SW_WRONG_LENGTH);
|
||||
return;
|
||||
}
|
||||
|
||||
memmove(&chain_buffer[chain_buffer_len], apdu.data, apdu.lc);
|
||||
chain_buffer_len += apdu.lc;
|
||||
delay(1);
|
||||
nfc_write_response(buf[0], SW_SUCCESS);
|
||||
printf1(TAG_NFC, "APDU chaining ok. %d/%d\r\n", apdu.lc, chain_buffer_len);
|
||||
return;
|
||||
}
|
||||
|
||||
// if we have ISO 7816 APDU chain - move there all the data
|
||||
if (!chain_buffer_tx && chain_buffer_len > 0) {
|
||||
delay(1);
|
||||
memmove(&apdu.data[chain_buffer_len], apdu.data, apdu.lc);
|
||||
memmove(apdu.data, chain_buffer, chain_buffer_len);
|
||||
apdu.lc += chain_buffer_len; // here apdu struct does not match with memory!
|
||||
printf1(TAG_NFC, "APDU chaining merge. %d/%d\r\n", chain_buffer_len, apdu.lc);
|
||||
}
|
||||
|
||||
|
||||
apdu_process(buf[0], &buf[block_offset], &apdu);
|
||||
|
||||
printf1(TAG_NFC,"prev.Iblock: ");
|
||||
dump_hex1(TAG_NFC, buf, len);
|
||||
}
|
||||
|
||||
static uint8_t ibuf[1024];
|
||||
static int ibuflen = 0;
|
||||
|
||||
@ -855,7 +714,7 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
|
||||
uint8_t block_offset = p14443_block_offset(buf[0]);
|
||||
if (buf[0] & 0x10)
|
||||
{
|
||||
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d offs=%d\r\n", ibuflen, len, block_offset);
|
||||
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d\r\n", ibuflen, len);
|
||||
if (ibuflen + len > sizeof(ibuf))
|
||||
{
|
||||
printf1(TAG_NFC, "I block memory error! must have %d but have only %d\r\n", ibuflen + len, sizeof(ibuf));
|
||||
@ -888,15 +747,14 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
|
||||
memmove(ibuf, buf, block_offset);
|
||||
ibuflen += block_offset;
|
||||
|
||||
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d offset=%d\r\n", ibuflen, len, block_offset);
|
||||
printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d\r\n", ibuflen, len);
|
||||
|
||||
printf1(TAG_NFC_APDU,"i> ");
|
||||
dump_hex1(TAG_NFC_APDU, buf, len);
|
||||
|
||||
nfc_process_iblock(ibuf, ibuflen);
|
||||
} else {
|
||||
memcpy(ibuf, buf, len); // because buf only 32b
|
||||
nfc_process_iblock(ibuf, len);
|
||||
nfc_process_iblock(buf, len);
|
||||
}
|
||||
clear_ibuf();
|
||||
}
|
||||
@ -994,7 +852,6 @@ int nfc_loop()
|
||||
printf1(TAG_NFC, "NFC_CMD_WUPA\r\n");
|
||||
break;
|
||||
case NFC_CMD_HLTA:
|
||||
ams_write_command(AMS_CMD_SLEEP);
|
||||
printf1(TAG_NFC, "HLTA/Halt\r\n");
|
||||
break;
|
||||
case NFC_CMD_RATS:
|
||||
|
||||
Reference in New Issue
Block a user