Compare commits

..

6 Commits

Author SHA1 Message Date
Conor Patrick
01b8503495 return SW_WRONG_LENGTH for incorrect lc 2019-08-30 14:34:57 +08:00
merlokk
5d3914bc5e remove delays 2019-08-23 22:25:22 +08:00
Conor Patrick
abe306a649 Merge branch 'master' of github.com:solokeys/solo 2019-08-23 14:53:22 +08:00
Conor Patrick
41ceb78f6c add user presence to flags 2019-08-23 14:48:21 +08:00
Conor Patrick
8e192f2363 do not delay bootloader 2019-08-23 14:41:26 +08:00
Conor Patrick
affc256ca2 add delay to cap button improve reliability 2019-08-23 14:41:26 +08:00
4 changed files with 21 additions and 8 deletions

View File

@@ -9,7 +9,7 @@
#include "apdu.h" #include "apdu.h"
int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu) uint16_t apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu)
{ {
EXT_APDU_HEADER *hapdu = (EXT_APDU_HEADER *)data; EXT_APDU_HEADER *hapdu = (EXT_APDU_HEADER *)data;
@@ -63,6 +63,11 @@ int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu)
{ {
uint16_t extlen = (hapdu->lc[1] << 8) + hapdu->lc[2]; uint16_t extlen = (hapdu->lc[1] << 8) + hapdu->lc[2];
if (len - 7 < extlen)
{
return SW_WRONG_LENGTH;
}
// case 2E (Le) - extended // case 2E (Le) - extended
if (len == 7) if (len == 7)
{ {
@@ -103,9 +108,18 @@ int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu)
apdu->le = 0x10000; apdu->le = 0x10000;
} }
} }
else
{
if ((len > 5) && (len - 5 < hapdu->lc[0]))
{
return SW_WRONG_LENGTH;
}
}
if (!apdu->case_type) if (!apdu->case_type)
return 1; {
return SW_COND_USE_NOT_SATISFIED;
}
if (apdu->lc) if (apdu->lc)
{ {

View File

@@ -36,7 +36,7 @@ typedef struct
uint8_t case_type; uint8_t case_type;
} __attribute__((packed)) APDU_STRUCT; } __attribute__((packed)) APDU_STRUCT;
extern int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu); extern uint16_t apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu);
#define APDU_FIDO_U2F_REGISTER 0x01 #define APDU_FIDO_U2F_REGISTER 0x01
#define APDU_FIDO_U2F_AUTHENTICATE 0x02 #define APDU_FIDO_U2F_AUTHENTICATE 0x02

View File

@@ -486,7 +486,7 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
device_set_status(CTAPHID_STATUS_PROCESSING); device_set_status(CTAPHID_STATUS_PROCESSING);
authData->head.flags = (but << 0); authData->head.flags = (1 << 0); // User presence
authData->head.flags |= (ctap_is_pin_set() << 2); authData->head.flags |= (ctap_is_pin_set() << 2);

View File

@@ -784,9 +784,10 @@ void nfc_process_iblock(uint8_t * buf, int len)
} }
APDU_STRUCT apdu; APDU_STRUCT apdu;
if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) { uint16_t ret = apdu_decode(buf + block_offset, len - block_offset, &apdu);
if (ret != 0) {
printf1(TAG_NFC,"apdu decode error\r\n"); printf1(TAG_NFC,"apdu decode error\r\n");
nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED); nfc_write_response(buf[0], ret);
return; return;
} }
printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n", printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n",
@@ -802,7 +803,6 @@ void nfc_process_iblock(uint8_t * buf, int len)
memmove(&chain_buffer[chain_buffer_len], apdu.data, apdu.lc); memmove(&chain_buffer[chain_buffer_len], apdu.data, apdu.lc);
chain_buffer_len += apdu.lc; chain_buffer_len += apdu.lc;
delay(1);
nfc_write_response(buf[0], SW_SUCCESS); nfc_write_response(buf[0], SW_SUCCESS);
printf1(TAG_NFC, "APDU chaining ok. %d/%d\r\n", apdu.lc, chain_buffer_len); printf1(TAG_NFC, "APDU chaining ok. %d/%d\r\n", apdu.lc, chain_buffer_len);
return; return;
@@ -810,7 +810,6 @@ void nfc_process_iblock(uint8_t * buf, int len)
// if we have ISO 7816 APDU chain - move there all the data // if we have ISO 7816 APDU chain - move there all the data
if (!chain_buffer_tx && chain_buffer_len > 0) { if (!chain_buffer_tx && chain_buffer_len > 0) {
delay(1);
memmove(&apdu.data[chain_buffer_len], apdu.data, apdu.lc); memmove(&apdu.data[chain_buffer_len], apdu.data, apdu.lc);
memmove(apdu.data, chain_buffer, chain_buffer_len); memmove(apdu.data, chain_buffer, chain_buffer_len);
apdu.lc += chain_buffer_len; // here apdu struct does not match with memory! apdu.lc += chain_buffer_len; // here apdu struct does not match with memory!