do not delay bootloader

Update udev docs

.all-contributorsrc

@@ -168,6 +168,16 @@
         "infra",
         "tool"
       ]
+    },
+    {
+      "login": "kimusan",
+      "name": "Kim Schulz",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1150049?v=4",
+      "profile": "http://www.schulz.dk",
+      "contributions": [
+        "business",
+        "ideas"
+      ]
     }
   ],
   "contributorsPerLine": 7,

README.md

@@ -1,24 +1,18 @@
-[![License](https://img.shields.io/github/license/solokeys/solo.svg)](https://github.com/solokeys/solo/blob/master/LICENSE)
-[![All Contributors](https://img.shields.io/badge/all_contributors-17-orange.svg?style=flat-square)](#contributors)
-[![Build Status](https://travis-ci.com/solokeys/solo.svg?branch=master)](https://travis-ci.com/solokeys/solo)
-[![Discourse Users](https://img.shields.io/discourse/https/discourse.solokeys.com/users.svg)](https://discourse.solokeys.com)
+**NEW!** We launched a new tiny security key called Somu, it's live on Crowd Supply and you can [pre-order it now](https://solokeys.com/somu)!
+
+[<img src="https://miro.medium.com/max/1400/1*PnzCPLqq_5nt1gjgSEY2LQ.png" width="600">](https://solokeys.com/somu)
+
+Somu is the micro version of Solo. We were inspired to make a secure Tomu, so we took its tiny form factor, we added the secure microcontroller and firmware of Solo, et voilà! Here we have Somu.
+
+[![latest release](https://img.shields.io/github/release/solokeys/solo.svg)](https://update.solokeys.com/)
 [![Keybase Chat](https://img.shields.io/badge/chat-on%20keybase-brightgreen.svg)](https://keybase.io/team/solokeys.public)
-[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_shield)
-
-[![latest release](https://img.shields.io/github/release/solokeys/solo.svg)](https://github.com/solokeys/solo/releases)
-[![commits since last release](https://img.shields.io/github/commits-since/solokeys/solo/latest.svg)](https://github.com/solokeys/solo/commits/master)
-[![last commit](https://img.shields.io/github/last-commit/solokeys/solo.svg)](https://github.com/solokeys/solo/commits/master)
-[![commit activity](https://img.shields.io/github/commit-activity/m/solokeys/solo.svg)](https://github.com/solokeys/solo/commits/master)
-[![contributors](https://img.shields.io/github/contributors/solokeys/solo.svg)](https://github.com/solokeys/solo/graphs/contributors)
-
-
-# Solo
+[![Build Status](https://travis-ci.com/solokeys/solo.svg?style=flat-square&branch=master)](https://travis-ci.com/solokeys/solo)
 
 Solo is an open source security key, and you can get one at [solokeys.com](https://solokeys.com).
 
-Solo supports FIDO2 and U2F standards for strong two-factor authentication and password-less login, and it will protect you against phishing and other online attacks. With colored cases and multilingual guides we want to make secure login more personable and accessible to everyone around the globe.
+[<img src="https://static.solokeys.com/images/photos/hero-on-white-cropped.png" width="600">](https://solokeys.com)
 
-<img src="https://static.solokeys.com/images/photos/hero-on-white-cropped.png" width="600">
+Solo supports FIDO2 and U2F standards for strong two-factor authentication and password-less login, and it will protect you against phishing and other online attacks. With colored cases and multilingual guides we want to make secure login more personable and accessible to everyone around the globe.
 
 This repo contains the Solo firmware, including implementations of FIDO2 and U2F (CTAP2 and CTAP) over USB and NFC. The main implementation is for STM32L432, but it is easily portable.
 
@@ -42,7 +36,7 @@ Solo for Hacker is a special version of Solo that let you customize its firmware
 
 Check out [solokeys.com](https://solokeys.com), for options on where to buy Solo.  Solo Hacker can be converted to a secure version, but normal Solo cannot be converted to a Hacker version.
 
-If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://docs.solokeys.io/solo/building/). We only support Python3.
+If you have a Solo for Hacker, here's how you can load your own code on it. You can find more details, including how to permanently lock it, in our [documentation](https://docs.solokeys.io/solo/building/). We support Python3.
 
 ```bash
 git clone --recurse-submodules https://github.com/solokeys/solo
@@ -140,6 +134,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
     <td align="center"><a href="http://1bitsquared.com"><img src="https://avatars3.githubusercontent.com/u/17334?v=4" width="100px;" alt="Piotr Esden-Tempski"/><br /><sub><b>Piotr Esden-Tempski</b></sub></a><br /><a href="#business-esden" title="Business development">💼</a></td>
     <td align="center"><a href="https://github.com/m3hm00d"><img src="https://avatars1.githubusercontent.com/u/42179593?v=4" width="100px;" alt="f.m3hm00d"/><br /><sub><b>f.m3hm00d</b></sub></a><br /><a href="https://github.com/solokeys/solo/commits?author=m3hm00d" title="Documentation">📖</a></td>
     <td align="center"><a href="http://blogs.gnome.org/hughsie/"><img src="https://avatars0.githubusercontent.com/u/151380?v=4" width="100px;" alt="Richard Hughes"/><br /><sub><b>Richard Hughes</b></sub></a><br /><a href="#ideas-hughsie" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/solokeys/solo/commits?author=hughsie" title="Code">💻</a> <a href="#infra-hughsie" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#tool-hughsie" title="Tools">🔧</a></td>
+    <td align="center"><a href="http://www.schulz.dk"><img src="https://avatars1.githubusercontent.com/u/1150049?v=4" width="100px;" alt="Kim Schulz"/><br /><sub><b>Kim Schulz</b></sub></a><br /><a href="#business-kimusan" title="Business development">💼</a> <a href="#ideas-kimusan" title="Ideas, Planning, & Feedback">🤔</a></td>
   </tr>
 </table>
 
@@ -168,3 +163,19 @@ You may use Solo documentation under the terms of the CC-BY-SA 4.0 license
 
 You can buy Solo, Solo Tap, and Solo for Hackers at [solokeys.com](https://solokeys.com).
 
+<br/>
+<hr/>
+<br/>
+
+[![License](https://img.shields.io/github/license/solokeys/solo.svg)](https://github.com/solokeys/solo/blob/master/LICENSE)
+[![All Contributors](https://img.shields.io/badge/all_contributors-18-orange.svg?style=flat-square)](#contributors)
+[![Build Status](https://travis-ci.com/solokeys/solo.svg?branch=master)](https://travis-ci.com/solokeys/solo)
+[![Discourse Users](https://img.shields.io/discourse/https/discourse.solokeys.com/users.svg)](https://discourse.solokeys.com)
+[![Keybase Chat](https://img.shields.io/badge/chat-on%20keybase-brightgreen.svg)](https://keybase.io/team/solokeys.public)
+[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fsolokeys%2Fsolo?ref=badge_shield)
+
+[![latest release](https://img.shields.io/github/release/solokeys/solo.svg)](https://github.com/solokeys/solo/releases)
+[![commits since last release](https://img.shields.io/github/commits-since/solokeys/solo/latest.svg)](https://github.com/solokeys/solo/commits/master)
+[![last commit](https://img.shields.io/github/last-commit/solokeys/solo.svg)](https://github.com/solokeys/solo/commits/master)
+[![commit activity](https://img.shields.io/github/commit-activity/m/solokeys/solo.svg)](https://github.com/solokeys/solo/commits/master)
+[![contributors](https://img.shields.io/github/contributors/solokeys/solo.svg)](https://github.com/solokeys/solo/graphs/contributors)

STABLE_VERSION

@@ -1 +1 @@
-2.4.2
+2.4.3

docs/solo/udev.md

@@ -1,20 +1,21 @@
 # Summary
 
-On Linux, by default USB dongles can't be accessed by users, for security reasons. To allow user access, so-called "udev rules" must be installed. (Under Fedora, your key may work without such a rule.)
+On Linux, by default USB dongles can't be accessed by users, for security reasons. To allow user access, so-called "udev rules" must be installed.
 
-Create a file like [`70-solokeys-access.rules`](https://github.com/solokeys/solo/blob/master/udev/70-solokeys-access.rules) in your `/etc/udev/rules.d` directory, for instance the following rule should cover normal access (it has to be on one line):
+For some users, things will work automatically:
 
-```
-SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess", MODE="0660", GROUP="plugdev"
-```
+  - Fedora seems to use a ["universal" udev rule for FIDO devices](https://github.com/amluto/u2f-hidraw-policy)
+  - Our udev rule made it into [libu2f-host](https://github.com/Yubico/libu2f-host/) v1.1.10
+  - Arch Linux [has this package](https://www.archlinux.org/packages/community/x86_64/libu2f-host/)
+  - [Debian sid](https://packages.debian.org/sid/libu2f-udev) and [Ubuntu Eon](https://packages.ubuntu.com/eoan/libu2f-udev) can use the `libu2f-udev` package
+  - Debian Buster and Ubuntu Disco still distribute v1.1.10, so need the manual rule
+  - FreeBSD has support in [u2f-devd](https://github.com/solokeys/solo/issues/144#issuecomment-500216020)
 
-Additionally, run the following command after you create this file (it is not necessary to do this again in the future):
+There is hope that `udev` itself will adopt the Fedora approach (which is to check for HID usage page `F1D0`, and avoids manually whitelisting each U2F/FIDO2 key): <https://github.com/systemd/systemd/issues/11996>.
 
-```
-sudo udevadm control --reload-rules && sudo udevadm trigger
-```
+Further progress is tracked in: <https://github.com/solokeys/solo/issues/144>.
 
-A simple way to setup both the udev rule and the udevadm reload is:
+If you still need to setup a rule, a simple way to do it is:
 
 ```
 git clone git@github.com:solokeys/solo.git
@@ -22,9 +23,11 @@ cd solo/udev
 make setup
 ```
 
-We are working on getting user access to Solo keys enabled automatically in common Linux distributions: <https://github.com/solokeys/solo/issues/144>.
-
-
+Or, manually, create a file like [`70-solokeys-access.rules`](https://github.com/solokeys/solo/blob/master/udev/70-solokeys-access.rules) in your `/etc/udev/rules.d` directory.
+Additionally, run the following command after you create this file (it is not necessary to do this again in the future):
+```
+sudo udevadm control --reload-rules && sudo udevadm trigger
+```
 
 # How do udev rules work and why are they needed
 

fido2/apdu.c

@@ -13,7 +13,7 @@ int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu)
 {
     EXT_APDU_HEADER *hapdu = (EXT_APDU_HEADER *)data;
     
-    apdu->cla = hapdu->cla;
+    apdu->cla = hapdu->cla & 0xef; // mask chaining bit if any
     apdu->ins = hapdu->ins;
     apdu->p1 = hapdu->p1;
     apdu->p2 = hapdu->p2;

fido2/apdu.h

@@ -42,14 +42,20 @@ extern int apdu_decode(uint8_t *data, size_t len, APDU_STRUCT *apdu);
 #define APDU_FIDO_U2F_AUTHENTICATE    0x02
 #define APDU_FIDO_U2F_VERSION         0x03
 #define APDU_FIDO_NFCCTAP_MSG         0x10
+#define APDU_FIDO_U2F_VENDOR_FIRST    0xc0    // First vendor defined command
+#define APDU_FIDO_U2F_VENDOR_LAST     0xff    // Last vendor defined command
+#define APDU_SOLO_RESET               0xee
+
 #define APDU_INS_SELECT               0xA4
 #define APDU_INS_READ_BINARY          0xB0
+#define APDU_GET_RESPONSE             0xC0
 
 #define SW_SUCCESS                    0x9000
 #define SW_GET_RESPONSE               0x6100  // Command successfully executed; 'XX' bytes of data are available and can be requested using GET RESPONSE.
 #define SW_WRONG_LENGTH               0x6700
 #define SW_COND_USE_NOT_SATISFIED     0x6985
 #define SW_FILE_NOT_FOUND             0x6a82
+#define SW_INCORRECT_P1P2             0x6a86
 #define SW_INS_INVALID                0x6d00  // Instruction code not supported or invalid
 #define SW_CLA_INVALID                0x6e00  
 #define SW_INTERNAL_EXCEPTION         0x6f00

fido2/crypto.c

@@ -262,6 +262,11 @@ void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8
     memmove(y,pubkey+32,32);
 }
 
+void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey)
+{
+    uECC_compute_public_key(privkey, pubkey, _es256_curve);
+}
+
 void crypto_load_external_key(uint8_t * key, int len)
 {
     _signing_key = key;

fido2/crypto.h

@@ -26,6 +26,7 @@ void crypto_sha512_final(uint8_t * hash);
 
 void crypto_ecc256_init();
 void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8_t * y);
+void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey);
 
 void crypto_ecc256_load_key(uint8_t * data, int len, uint8_t * data2, int len2);
 void crypto_ecc256_load_attestation_key();

fido2/ctap.c

@@ -256,7 +256,9 @@ static int ctap_generate_cose_key(CborEncoder * cose_key, uint8_t * hmac_input,
     switch(algtype)
     {
         case COSE_ALG_ES256:
+            if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
             crypto_ecc256_derive_public_key(hmac_input, len, x, y);
+            if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
             break;
         default:
             printf2(TAG_ERR,"Error, COSE alg %d not supported\n", algtype);
@@ -435,7 +437,19 @@ static unsigned int get_credential_id_size(CTAP_credentialDescriptor * cred)
 static int ctap2_user_presence_test()
 {
     device_set_status(CTAPHID_STATUS_UPNEEDED);
-    return ctap_user_presence_test(CTAP2_UP_DELAY_MS);
+    int ret = ctap_user_presence_test(CTAP2_UP_DELAY_MS);
+    if ( ret > 0 )
+    {
+        return CTAP1_ERR_SUCCESS;
+    }
+    else if (ret < 0)
+    {
+        return CTAP2_ERR_KEEPALIVE_CANCEL;
+    }
+    else
+    {
+        return CTAP2_ERR_ACTION_TIMEOUT;
+    }
 }
 
 static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * auth_data_buf, uint32_t * len, CTAP_credInfo * credInfo)
@@ -468,15 +482,7 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
     int but;
 
     but = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
-
-    if (!but)
-    {
-        return CTAP2_ERR_OPERATION_DENIED;
-    }
-    else if (but < 0)   // Cancel
-    {
-        return CTAP2_ERR_KEEPALIVE_CANCEL;
-    }
+    check_retr(but);
     
     device_set_status(CTAPHID_STATUS_PROCESSING);
 
@@ -705,10 +711,7 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
     }
     if (MC.pinAuthEmpty)
     {
-        if (!ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
-        {
-                return CTAP2_ERR_OPERATION_DENIED;
-        }
+        check_retr( ctap2_user_presence_test(CTAP2_UP_DELAY_MS) );
         return ctap_is_pin_set() == 1 ? CTAP2_ERR_PIN_AUTH_INVALID : CTAP2_ERR_PIN_NOT_SET;
     }
     if ((MC.paramsParsed & MC_requiredMask) != MC_requiredMask)
@@ -1141,10 +1144,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
 
     if (GA.pinAuthEmpty)
     {
-        if (!ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
-        {
-                return CTAP2_ERR_OPERATION_DENIED;
-        }
+        check_retr( ctap2_user_presence_test(CTAP2_UP_DELAY_MS) );
         return ctap_is_pin_set() == 1 ? CTAP2_ERR_PIN_AUTH_INVALID : CTAP2_ERR_PIN_NOT_SET;
     }
     if (GA.pinAuthPresent)
@@ -1479,6 +1479,11 @@ uint8_t ctap_client_pin(CborEncoder * encoder, uint8_t * request, int length)
 
             ret = cbor_encode_int(&map, RESP_keyAgreement);
             check_ret(ret);
+
+            if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
+            crypto_ecc256_compute_public_key(KEY_AGREEMENT_PRIV, KEY_AGREEMENT_PUB);
+            if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
+
             ret = ctap_add_cose_key(&map, KEY_AGREEMENT_PUB, KEY_AGREEMENT_PUB+32, PUB_KEY_CRED_PUB_KEY, COSE_ALG_ECDH_ES_HKDF_256);
             check_retr(ret);
 
@@ -1649,14 +1654,11 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
             break;
         case CTAP_RESET:
             printf1(TAG_CTAP,"CTAP_RESET\n");
-            if (ctap2_user_presence_test(CTAP2_UP_DELAY_MS))
+            status = ctap2_user_presence_test(CTAP2_UP_DELAY_MS);
+            if (status == CTAP1_ERR_SUCCESS)
             {
                 ctap_reset();
             }
-            else
-            {
-                status = CTAP2_ERR_OPERATION_DENIED;
-            }
             break;
         case GET_NEXT_ASSERTION:
             printf1(TAG_CTAP,"CTAP_NEXT_ASSERTION\n");
@@ -1678,7 +1680,7 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
             break;
         default:
             status = CTAP1_ERR_INVALID_COMMAND;
-            printf2(TAG_ERR,"error, invalid cmd\n");
+            printf2(TAG_ERR,"error, invalid cmd: 0x%02x\n", cmd);
     }
 
 done:
@@ -1767,10 +1769,7 @@ void ctap_init()
         exit(1);
     }
 
-    if (device_is_nfc() != NFC_IS_ACTIVE)
-    {
-        ctap_reset_key_agreement();
-    }
+    ctap_reset_key_agreement();
 
 #ifdef BRIDGE_TO_WALLET
     wallet_init();
@@ -1969,7 +1968,7 @@ int8_t ctap_load_key(uint8_t index, uint8_t * key)
 
 static void ctap_reset_key_agreement()
 {
-    crypto_ecc256_make_key_pair(KEY_AGREEMENT_PUB, KEY_AGREEMENT_PRIV);
+    ctap_generate_rng(KEY_AGREEMENT_PRIV, sizeof(KEY_AGREEMENT_PRIV));
 }
 
 void ctap_reset()

fido2/ctap.h

@@ -131,7 +131,7 @@
 #define PIN_LOCKOUT_ATTEMPTS        8       // Number of attempts total
 #define PIN_BOOT_ATTEMPTS           3       // number of attempts per boot
 
-#define CTAP2_UP_DELAY_MS           5000
+#define CTAP2_UP_DELAY_MS           29000
 
 typedef struct
 {

fido2/ctap_errors.h

@@ -49,6 +49,7 @@
 #define CTAP2_ERR_PIN_POLICY_VIOLATION      0x37
 #define CTAP2_ERR_PIN_TOKEN_EXPIRED         0x38
 #define CTAP2_ERR_REQUEST_TOO_LARGE         0x39
+#define CTAP2_ERR_ACTION_TIMEOUT            0x3A
 #define CTAP1_ERR_OTHER                     0x7F
 #define CTAP2_ERR_SPEC_LAST                 0xDF
 #define CTAP2_ERR_EXTENSION_FIRST           0xE0

fido2/device.h

@@ -30,6 +30,7 @@ void main_loop_delay();
 
 void heartbeat();
 
+void device_reboot();
 
 void authenticator_read_state(AuthenticatorState * );
 

pc/device.c

@@ -43,7 +43,11 @@ void device_set_status(uint32_t status)
     __device_status = status;
 }
 
-
+void device_reboot() 
+{
+    printf1(TAG_RED, "REBOOT command recieved!\r\n");
+    exit(100);
+}
 
 int udp_server()
 {
@@ -628,3 +632,8 @@ int device_is_nfc()
 {
     return 0;
 }
+
+void device_set_clock_rate(DEVICE_CLOCK_RATE param)
+{
+
+}

targets/stm32l432/src/crypto.c

@@ -282,6 +282,11 @@ void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8
     memmove(x,pubkey,32);
     memmove(y,pubkey+32,32);
 }
+void crypto_ecc256_compute_public_key(uint8_t * privkey, uint8_t * pubkey)
+{
+    uECC_compute_public_key(privkey, pubkey, _es256_curve);
+}
+
 
 void crypto_load_external_key(uint8_t * key, int len)
 {

targets/stm32l432/src/device.c

@@ -55,11 +55,43 @@ static int is_physical_button_pressed()
 
 static int is_touch_button_pressed()
 {
-    return tsc_read_button(0) || tsc_read_button(1);
+    int is_pressed = (tsc_read_button(0) || tsc_read_button(1));
+#ifndef IS_BOOTLOADER
+    if (is_pressed)
+    {
+        // delay for debounce, and longer than polling timer period.
+        delay(95);
+        return (tsc_read_button(0) || tsc_read_button(1));
+    }
+#endif
+    return is_pressed;
 }
 
 int (*IS_BUTTON_PRESSED)() = is_physical_button_pressed;
 
+static void edge_detect_touch_button()
+{
+    static uint8_t last_touch = 0;
+    uint8_t current_touch = 0;
+    if (is_touch_button_pressed == IS_BUTTON_PRESSED)
+    {
+        current_touch = (tsc_read_button(0) || tsc_read_button(1));
+
+        // 1 sample per 25 ms
+        if ((millis() - __last_button_bounce_time) > 25)
+        {
+            // Detect "touch / rising edge"
+            if (!last_touch && current_touch)
+            {
+                __last_button_press_time = millis();
+            }
+            __last_button_bounce_time = millis();
+            last_touch = current_touch;
+        }
+    }
+
+}
+
 void request_from_nfc(bool request_active) {
     _RequestComeFromNFC = request_active;
 }
@@ -78,19 +110,7 @@ void TIM6_DAC_IRQHandler()
         }
     }
 
-
-    if (is_touch_button_pressed == IS_BUTTON_PRESSED)
-    {
-        if (IS_BUTTON_PRESSED())
-        {
-            // Only allow 1 press per 25 ms.
-            if ((millis() - __last_button_bounce_time) > 25)
-            {
-                __last_button_press_time = millis();
-            }
-            __last_button_bounce_time = millis();
-        }
-    }
+    edge_detect_touch_button();
 
 #ifndef IS_BOOTLOADER
 	// NFC sending WTX if needs
@@ -142,7 +162,6 @@ void device_set_status(uint32_t status)
 
 int device_is_button_pressed()
 {
-
     return IS_BUTTON_PRESSED();
 }
 

targets/stm32l432/src/nfc.c

@@ -14,6 +14,11 @@
 
 #define IS_IRQ_ACTIVE()         (1  == (LL_GPIO_ReadInputPort(SOLO_AMS_IRQ_PORT) & SOLO_AMS_IRQ_PIN))
 
+// chain buffer for 61XX responses
+static uint8_t chain_buffer[2048] = {0};
+static size_t chain_buffer_len = 0;
+static bool chain_buffer_tx = false;
+
 uint8_t p14443_block_offset(uint8_t pcb) {
     uint8_t offset = 1;
     // NAD following
@@ -196,8 +201,15 @@ bool nfc_write_response_ex(uint8_t req0, uint8_t * data, uint8_t len, uint16_t r
 
 	res[len + block_offset + 0] = resp >> 8;
 	res[len + block_offset + 1] = resp & 0xff;
+    
 	nfc_write_frame(res, block_offset + len + 2);
     
+    if (!ams_wait_for_tx(1))
+    {
+        printf1(TAG_NFC, "TX resp timeout. len: %d \r\n", len);
+        return false;
+    }
+
 	return true;
 }
 
@@ -206,7 +218,7 @@ bool nfc_write_response(uint8_t req0, uint16_t resp)
 	return nfc_write_response_ex(req0, NULL, 0, resp);
 }
 
-void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
+void nfc_write_response_chaining_plain(uint8_t req0, uint8_t * data, int len)
 {
     uint8_t res[32 + 2];
 	uint8_t iBlock = NFC_CMD_IBLOCK | (req0 & 0x0f);
@@ -277,6 +289,38 @@ void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len)
 	}
 }
 
+void append_get_response(uint8_t *data, size_t rest_len)
+{
+    data[0] = 0x61;
+    data[1] = 0x00;
+    if (rest_len <= 0xff)
+        data[1] = rest_len & 0xff;
+}
+
+void nfc_write_response_chaining(uint8_t req0, uint8_t * data, int len, bool extapdu)
+{
+    chain_buffer_len = 0;
+    chain_buffer_tx = true;
+    
+    // if we dont need to break data to parts that need to exchange via GET RESPONSE command (ISO 7816-4 7.1.3)
+	if (len <= 255 || extapdu)
+    {
+        nfc_write_response_chaining_plain(req0, data, len);
+    } else {
+        size_t pcklen = MIN(253, len);
+        chain_buffer_len = len - pcklen;
+        printf1(TAG_NFC, "61XX chaining %d/%d.\r\n", pcklen, chain_buffer_len);
+        
+        memmove(chain_buffer, data, pcklen);
+        append_get_response(&chain_buffer[pcklen], chain_buffer_len);
+       
+        nfc_write_response_chaining_plain(req0, chain_buffer, pcklen + 2); // 2 for 61XX 
+    
+        // put the rest data into chain buffer
+        memmove(chain_buffer, &data[pcklen], chain_buffer_len);        
+    }    
+}
+
 // WTX on/off:
 // sends/receives WTX frame to reader every `WTX_time` time in ms
 // works via timer interrupts
@@ -476,37 +520,70 @@ int select_applet(uint8_t * aid, int len)
     return APP_NOTHING;
 }
 
-void nfc_process_iblock(uint8_t * buf, int len)
+void apdu_process(uint8_t buf0, uint8_t *apduptr, APDU_STRUCT *apdu)
 {
     int selected;
     CTAP_RESPONSE ctap_resp;
     int status;
     uint16_t reslen;
 
-    printf1(TAG_NFC,"Iblock: ");
-	dump_hex1(TAG_NFC, buf, len);
-
-    uint8_t block_offset = p14443_block_offset(buf[0]);
-
-    APDU_STRUCT apdu;
-    if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) {
-        printf1(TAG_NFC,"apdu decode error\r\n");
-        nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
-        return;
-    }
-    printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n", 
-        apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
-
     // check CLA
-    if (apdu.cla != 0x00 && apdu.cla != 0x80) {
-        printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu.cla);
-        nfc_write_response(buf[0], SW_CLA_INVALID);
+    if (apdu->cla != 0x00 && apdu->cla != 0x80) {
+        printf1(TAG_NFC, "Unknown CLA %02x\r\n", apdu->cla);
+        nfc_write_response(buf0, SW_CLA_INVALID);
         return;
     }
     
     // TODO this needs to be organized better
-    switch(apdu.ins)
+    switch(apdu->ins)
     {
+        // ISO 7816. 7.1 GET RESPONSE command
+        case APDU_GET_RESPONSE:
+            if (apdu->p1 != 0x00 || apdu->p2 != 0x00)
+            {
+                nfc_write_response(buf0, SW_INCORRECT_P1P2);
+                printf1(TAG_NFC, "P1 or P2 error\r\n");
+                return;
+            }
+            
+            // too many bytes needs. 0x00 and 0x100 - any length
+            if (apdu->le != 0 && apdu->le != 0x100 && apdu->le > chain_buffer_len)
+            {
+                uint16_t wlresp = SW_WRONG_LENGTH;  // here can be 6700, 6C00, 6FXX. but the most standard way - 67XX or 6700
+                if (chain_buffer_len <= 0xff)
+                    wlresp += chain_buffer_len & 0xff;
+                nfc_write_response(buf0, wlresp);
+                printf1(TAG_NFC, "buffer length less than requesteds\r\n");
+                return;
+            }
+            
+            // create temporary packet
+            uint8_t pck[255] = {0};
+            size_t pcklen = 253;
+            if (apdu->le)
+                pcklen = apdu->le;
+            if (pcklen > chain_buffer_len)
+                pcklen = chain_buffer_len;
+
+            printf1(TAG_NFC, "GET RESPONSE. pck len: %d buffer len: %d\r\n", pcklen, chain_buffer_len); 
+            
+            // create packet and add 61XX there if we have another portion(s) of data
+            memmove(pck, chain_buffer, pcklen);
+            size_t dlen = 0;
+            if (chain_buffer_len - pcklen)
+            {
+                append_get_response(&pck[pcklen], chain_buffer_len - pcklen);
+                dlen = 2;
+            }
+
+            // send
+            nfc_write_response_chaining_plain(buf0, pck, pcklen + dlen); // dlen for 61XX
+            
+            // shift the buffer
+            chain_buffer_len -= pcklen;
+            memmove(chain_buffer, &chain_buffer[pcklen], chain_buffer_len);
+        break;
+        
         case APDU_INS_SELECT:
             // if (apdu->p1 == 0 && apdu->p2 == 0x0c)
             // {
@@ -522,49 +599,49 @@ void nfc_process_iblock(uint8_t * buf, int len)
             // }
             // else
             {
-                selected = select_applet(apdu.data, apdu.lc);
+                selected = select_applet(apdu->data, apdu->lc);
                 if (selected == APP_FIDO)
                 {
-					nfc_write_response_ex(buf[0], (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
+					nfc_write_response_ex(buf0, (uint8_t *)"U2F_V2", 6, SW_SUCCESS);
 					printf1(TAG_NFC, "FIDO applet selected.\r\n");
                }
                else if (selected != APP_NOTHING)
                {
-                   nfc_write_response(buf[0], SW_SUCCESS);
+                   nfc_write_response(buf0, SW_SUCCESS);
                    printf1(TAG_NFC, "SELECTED %d\r\n", selected);
                }
                 else
                 {
-					nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
-                    printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu.data, apdu.lc);
+					nfc_write_response(buf0, SW_FILE_NOT_FOUND);
+                    printf1(TAG_NFC, "NOT selected "); dump_hex1(TAG_NFC, apdu->data, apdu->lc);
                 }
             }
         break;
 
         case APDU_FIDO_U2F_VERSION:
 			if (NFC_STATE.selected_applet != APP_FIDO) {
-				nfc_write_response(buf[0], SW_INS_INVALID);
+				nfc_write_response(buf0, SW_INS_INVALID);
 				break;
 			}
 
 			printf1(TAG_NFC, "U2F GetVersion command.\r\n");
 
-			u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
-            nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
+			u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
+            nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
         break;
 
         case APDU_FIDO_U2F_REGISTER:
 			if (NFC_STATE.selected_applet != APP_FIDO) {
-				nfc_write_response(buf[0], SW_INS_INVALID);
+				nfc_write_response(buf0, SW_INS_INVALID);
 				break;
 			}
 
 			printf1(TAG_NFC, "U2F Register command.\r\n");
 
-			if (apdu.lc != 64)
+			if (apdu->lc != 64)
 			{
-				printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu.lc);
-				nfc_write_response(buf[0], SW_WRONG_LENGTH);
+				printf1(TAG_NFC, "U2F Register request length error. len=%d.\r\n", apdu->lc);
+				nfc_write_response(buf0, SW_WRONG_LENGTH);
 				return;
 			}
 
@@ -575,61 +652,61 @@ void nfc_process_iblock(uint8_t * buf, int len)
             // SystemClock_Config_LF32();
             // delay(300);
             if (device_is_nfc() == NFC_IS_ACTIVE) device_set_clock_rate(DEVICE_LOW_POWER_FAST);
-			u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
+			u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
             if (device_is_nfc() == NFC_IS_ACTIVE)  device_set_clock_rate(DEVICE_LOW_POWER_IDLE);
 			// if (!WTX_off())
 			// 	return;
 
 			printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
             printf1(TAG_NFC,"U2F Register P2 took %d\r\n", timestamp());
-            nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
+            nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
 
             printf1(TAG_NFC,"U2F Register answered %d (took %d)\r\n", millis(), timestamp());
        break;
 
         case APDU_FIDO_U2F_AUTHENTICATE:
 			if (NFC_STATE.selected_applet != APP_FIDO) {
-				nfc_write_response(buf[0], SW_INS_INVALID);
+				nfc_write_response(buf0, SW_INS_INVALID);
 				break;
 			}
 
 			printf1(TAG_NFC, "U2F Authenticate command.\r\n");
 
-			if (apdu.lc != 64 + 1 + apdu.data[64])
+			if (apdu->lc != 64 + 1 + apdu->data[64])
 			{
 				delay(5);
-				printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu.lc, apdu.data[64]);
-				nfc_write_response(buf[0], SW_WRONG_LENGTH);
+				printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", apdu->lc, apdu->data[64]);
+				nfc_write_response(buf0, SW_WRONG_LENGTH);
 				return;
 			}
 
 			timestamp();
 			// WTX_on(WTX_TIME_DEFAULT);
-			u2f_request_nfc(&buf[block_offset], apdu.data, apdu.lc, &ctap_resp);
+			u2f_request_nfc(apduptr, apdu->data, apdu->lc, &ctap_resp);
 			// if (!WTX_off())
 			// 	return;
 
 			printf1(TAG_NFC, "U2F resp len: %d\r\n", ctap_resp.length);
             printf1(TAG_NFC,"U2F Authenticate processing %d (took %d)\r\n", millis(), timestamp());
-			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
+			nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
             printf1(TAG_NFC,"U2F Authenticate answered %d (took %d)\r\n", millis(), timestamp);
         break;
 
         case APDU_FIDO_NFCCTAP_MSG:
 			if (NFC_STATE.selected_applet != APP_FIDO) {
-				nfc_write_response(buf[0], SW_INS_INVALID);
+				nfc_write_response(buf0, SW_INS_INVALID);
 				return;
 			}
 
 			printf1(TAG_NFC, "FIDO2 CTAP message. %d\r\n", timestamp());
 
-			WTX_on(WTX_TIME_DEFAULT);
+			// WTX_on(WTX_TIME_DEFAULT);
             request_from_nfc(true);
             ctap_response_init(&ctap_resp);
-            status = ctap_request(apdu.data, apdu.lc, &ctap_resp);
+            status = ctap_request(apdu->data, apdu->lc, &ctap_resp);
             request_from_nfc(false);
-			if (!WTX_off())
-				return;
+			// if (!WTX_off())
+			// 	return;
 
 			printf1(TAG_NFC, "CTAP resp: 0x%02x  len: %d\r\n", status, ctap_resp.length);
 
@@ -645,44 +722,108 @@ void nfc_process_iblock(uint8_t * buf, int len)
 			ctap_resp.data[ctap_resp.length - 1] = SW_SUCCESS & 0xff;
 
             printf1(TAG_NFC,"CTAP processing %d (took %d)\r\n", millis(), timestamp());
-			nfc_write_response_chaining(buf[0], ctap_resp.data, ctap_resp.length);
+			nfc_write_response_chaining(buf0, ctap_resp.data, ctap_resp.length, apdu->extended_apdu);
             printf1(TAG_NFC,"CTAP answered %d (took %d)\r\n", millis(), timestamp());
         break;
 
         case APDU_INS_READ_BINARY:
             // response length
-            reslen = apdu.le & 0xffff; 
+            reslen = apdu->le & 0xffff; 
             switch(NFC_STATE.selected_applet)
             {
                 case APP_CAPABILITY_CONTAINER:
                     printf1(TAG_NFC,"APP_CAPABILITY_CONTAINER\r\n");
                     if (reslen == 0 || reslen > sizeof(NFC_CC))
                         reslen = sizeof(NFC_CC);
-                    nfc_write_response_ex(buf[0], (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
+                    nfc_write_response_ex(buf0, (uint8_t *)&NFC_CC, reslen, SW_SUCCESS);
                     ams_wait_for_tx(10);
                 break;
                 case APP_NDEF_TAG:
                     printf1(TAG_NFC,"APP_NDEF_TAG\r\n");
                     if (reslen == 0 || reslen > sizeof(NDEF_SAMPLE) - 1)
                         reslen = sizeof(NDEF_SAMPLE) - 1;
-                    nfc_write_response_ex(buf[0], NDEF_SAMPLE, reslen, SW_SUCCESS);
+                    nfc_write_response_ex(buf0, NDEF_SAMPLE, reslen, SW_SUCCESS);
                     ams_wait_for_tx(10);
                 break;
                 default:
-                    nfc_write_response(buf[0], SW_FILE_NOT_FOUND);
+                    nfc_write_response(buf0, SW_FILE_NOT_FOUND);
                     printf1(TAG_ERR, "No binary applet selected!\r\n");
                     return;
                 break;
             }
         break;
         
+        case  APDU_SOLO_RESET:
+            if (apdu->lc == 4 && !memcmp(apdu->data, "\x12\x56\xab\xf0", 4)) {
+                printf1(TAG_NFC, "Reset...\r\n");
+                nfc_write_response(buf0, SW_SUCCESS);
+                delay(20);
+                device_reboot();
+                while(1);
+            } else {
+                printf1(TAG_NFC, "Reset FAIL\r\n");
+                nfc_write_response(buf0, SW_INS_INVALID);
+            }
+        break;
+        
         default:
-            printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu.ins);
-			nfc_write_response(buf[0], SW_INS_INVALID);
+            printf1(TAG_NFC, "Unknown INS %02x\r\n", apdu->ins);
+			nfc_write_response(buf0, SW_INS_INVALID);
         break;
     }
 }
 
+void nfc_process_iblock(uint8_t * buf, int len)
+{
+    uint8_t block_offset = p14443_block_offset(buf[0]);
+    
+    // clear tx chain buffer if we have some other command than GET RESPONSE
+    if (chain_buffer_tx && buf[block_offset + 1] != APDU_GET_RESPONSE) {
+        chain_buffer_len = 0;
+        chain_buffer_tx = false;
+    }
+    
+    APDU_STRUCT apdu;
+    if (apdu_decode(buf + block_offset, len - block_offset, &apdu)) {
+        printf1(TAG_NFC,"apdu decode error\r\n");
+        nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
+        return;
+    }
+    printf1(TAG_NFC,"apdu ok. %scase=%02x cla=%02x ins=%02x p1=%02x p2=%02x lc=%d le=%d\r\n", 
+        apdu.extended_apdu ? "[e]":"", apdu.case_type, apdu.cla, apdu.ins, apdu.p1, apdu.p2, apdu.lc, apdu.le);
+
+    // APDU level chaining. ISO7816-4, 5.1.1. class byte
+    if (!chain_buffer_tx && buf[block_offset] & 0x10) {
+        
+        if (chain_buffer_len + len > sizeof(chain_buffer)) {
+            nfc_write_response(buf[0], SW_WRONG_LENGTH);
+            return;
+        }
+        
+        memmove(&chain_buffer[chain_buffer_len], apdu.data, apdu.lc);
+        chain_buffer_len += apdu.lc;
+        delay(1);
+        nfc_write_response(buf[0], SW_SUCCESS);
+        printf1(TAG_NFC, "APDU chaining ok. %d/%d\r\n", apdu.lc, chain_buffer_len);
+        return;
+    }
+    
+    // if we have ISO 7816 APDU chain - move there all the data
+    if (!chain_buffer_tx && chain_buffer_len > 0) {
+        delay(1);
+        memmove(&apdu.data[chain_buffer_len], apdu.data, apdu.lc);
+        memmove(apdu.data, chain_buffer, chain_buffer_len);
+        apdu.lc += chain_buffer_len; // here apdu struct does not match with memory!
+        printf1(TAG_NFC, "APDU chaining merge. %d/%d\r\n", chain_buffer_len, apdu.lc);
+    }
+
+    
+    apdu_process(buf[0], &buf[block_offset], &apdu);
+    
+    printf1(TAG_NFC,"prev.Iblock: ");
+	dump_hex1(TAG_NFC, buf, len);
+}
+
 static uint8_t ibuf[1024];
 static int ibuflen = 0;
 
@@ -714,7 +855,7 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
         uint8_t block_offset = p14443_block_offset(buf[0]);
 		if (buf[0] & 0x10)
 		{
-			printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d\r\n", ibuflen, len);
+			printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining blen=%d len=%d offs=%d\r\n", ibuflen, len, block_offset);
 			if (ibuflen + len > sizeof(ibuf))
 			{
 				printf1(TAG_NFC, "I block memory error! must have %d but have only %d\r\n", ibuflen + len, sizeof(ibuf));
@@ -747,14 +888,15 @@ void nfc_process_block(uint8_t * buf, unsigned int len)
 				memmove(ibuf, buf, block_offset);
 				ibuflen += block_offset;
 
-				printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d\r\n", ibuflen, len);
+				printf1(TAG_NFC_APDU, "NFC_CMD_IBLOCK chaining last block. blen=%d len=%d offset=%d\r\n", ibuflen, len, block_offset);
 
 				printf1(TAG_NFC_APDU,"i> ");
 				dump_hex1(TAG_NFC_APDU, buf, len);
 
 				nfc_process_iblock(ibuf, ibuflen);
 			} else {
-				nfc_process_iblock(buf, len);
+                memcpy(ibuf, buf, len); // because buf only 32b
+				nfc_process_iblock(ibuf, len);
 			}
 			clear_ibuf();
 		}
@@ -852,6 +994,7 @@ int nfc_loop()
                 printf1(TAG_NFC, "NFC_CMD_WUPA\r\n");
             break;
             case NFC_CMD_HLTA:
+                ams_write_command(AMS_CMD_SLEEP);
                 printf1(TAG_NFC, "HLTA/Halt\r\n");
             break;
             case NFC_CMD_RATS: