From 41901a8056908a1aa15ef7eaccc42e8c5ff316ab Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 4 Sep 2017 17:09:34 +0200 Subject: [PATCH] firmware: rework protectChangePin bootloader: wait for flash operation to finish --- bootloader/usb.c | 2 ++ firmware/protect.c | 29 ++++++++++++++++------------- firmware/u2f.c | 14 ++++++-------- memory.ld | 2 +- memory_app_1.0.0.ld | 2 +- memory_app_fastflash.ld | 2 +- 6 files changed, 27 insertions(+), 24 deletions(-) diff --git a/bootloader/usb.c b/bootloader/usb.c index a15ce61c0b..ee007c665c 100644 --- a/bootloader/usb.c +++ b/bootloader/usb.c @@ -439,6 +439,7 @@ static void hid_rx_callback(usbd_device *dev, uint8_t ep) if (brand_new_firmware || button.YesUp) { // backup metadata backup_metadata(meta_backup); + flash_wait_for_last_operation(); flash_clear_status_flags(); flash_unlock(); // erase metadata area @@ -452,6 +453,7 @@ static void hid_rx_callback(usbd_device *dev, uint8_t ep) flash_erase_sector(i, FLASH_CR_PROGRAM_X32); } layoutProgress("INSTALLING ... Please wait", 0); + flash_wait_for_last_operation(); flash_lock(); // check that metadata was succesfully erased diff --git a/firmware/protect.c b/firmware/protect.c index 82a1989170..f270d08351 100644 --- a/firmware/protect.c +++ b/firmware/protect.c @@ -212,24 +212,27 @@ bool protectPin(bool use_cached) bool protectChangePin(void) { - const char *pin; - char pin1[17], pin2[17]; - pin = requestPin(PinMatrixRequestType_PinMatrixRequestType_NewFirst, _("Please enter new PIN:")); + static CONFIDENTIAL char pin_compare[17]; + + const char *pin = requestPin(PinMatrixRequestType_PinMatrixRequestType_NewFirst, _("Please enter new PIN:")); + if (!pin) { return false; } - strlcpy(pin1, pin, sizeof(pin1)); + + strlcpy(pin_compare, pin, sizeof(pin_compare)); + pin = requestPin(PinMatrixRequestType_PinMatrixRequestType_NewSecond, _("Please re-enter new PIN:")); - if (!pin) { - return false; - } - strlcpy(pin2, pin, sizeof(pin2)); - if (strcmp(pin1, pin2) == 0) { - storage_setPin(pin1); - return true; - } else { - return false; + + const bool result = pin && (strncmp(pin_compare, pin, sizeof(pin_compare)) == 0); + + if (result) { + storage_setPin(pin_compare); } + + memset(pin_compare, 0, sizeof(pin_compare)); + + return result; } bool protectPassphrase(void) diff --git a/firmware/u2f.c b/firmware/u2f.c index 23902183a2..2c084da40b 100644 --- a/firmware/u2f.c +++ b/firmware/u2f.c @@ -32,7 +32,6 @@ #include "rng.h" #include "hmac.h" #include "util.h" -#include "macros.h" #include "gettext.h" #include "u2f/u2f.h" @@ -274,7 +273,7 @@ void u2fhid_wink(const uint8_t *buf, uint32_t len) dialog_timeout = U2F_TIMEOUT; U2FHID_FRAME f; - MEMSET_BZERO(&f, sizeof(f)); + memset(&f, 0, sizeof(f)); f.cid = cid; f.init.cmd = U2FHID_WINK; f.init.bcntl = 0; @@ -294,7 +293,7 @@ void u2fhid_init(const U2FHID_FRAME *in) return; } - MEMSET_BZERO(&f, sizeof(f)); + memset(&f, 0, sizeof(f)); f.cid = in->cid; f.init.cmd = U2FHID_INIT; f.init.bcnth = 0; @@ -374,7 +373,7 @@ void send_u2fhid_msg(const uint8_t cmd, const uint8_t *data, const uint32_t len) // debugLog(0, "", "send_u2fhid_msg"); - MEMSET_BZERO(&f, sizeof(f)); + memset(&f, 0, sizeof(f)); f.cid = cid; f.init.cmd = cmd; f.init.bcnth = len >> 8; @@ -390,7 +389,7 @@ void send_u2fhid_msg(const uint8_t cmd, const uint8_t *data, const uint32_t len) // Cont packet(s) for (; l > 0; l -= psz, p += psz) { // debugLog(0, "", "send_u2fhid_msg con"); - MEMSET_BZERO(&f.cont.data, sizeof(f.cont.data)); + memset(&f.cont.data, 0, sizeof(f.cont.data)); f.cont.seq = seq++; psz = MIN(sizeof(f.cont.data), l); memcpy(f.cont.data, p, psz); @@ -407,7 +406,7 @@ void send_u2fhid_error(uint32_t fcid, uint8_t err) { U2FHID_FRAME f; - MEMSET_BZERO(&f, sizeof(f)); + memset(&f, 0, sizeof(f)); f.cid = fcid; f.init.cmd = U2FHID_ERROR; f.init.bcntl = 1; @@ -585,8 +584,7 @@ void u2f_register(const APDU *a) if (last_req_state == REG_PASS) { uint8_t data[sizeof(U2F_REGISTER_RESP) + 2]; U2F_REGISTER_RESP *resp = (U2F_REGISTER_RESP *)&data; - MEMSET_BZERO(data, sizeof(data)); - + memset(data, 0, sizeof(data)); resp->registerId = U2F_REGISTER_ID; resp->keyHandleLen = KEY_HANDLE_LEN; diff --git a/memory.ld b/memory.ld index 94667b42d0..b147a90997 100644 --- a/memory.ld +++ b/memory.ld @@ -10,7 +10,7 @@ SECTIONS { .confidential (NOLOAD) : { *(confidential) - ASSERT ((SIZEOF(.confidential) <= 32K), "Error: Confidential section too big!"); + ASSERT ((SIZEOF(.confidential) <= 33K), "Error: Confidential section too big!"); } >ram } diff --git a/memory_app_1.0.0.ld b/memory_app_1.0.0.ld index 7a09b7899f..291bfd3120 100644 --- a/memory_app_1.0.0.ld +++ b/memory_app_1.0.0.ld @@ -10,7 +10,7 @@ SECTIONS { .confidential (NOLOAD) : { *(confidential) - ASSERT ((SIZEOF(.confidential) <= 32K), "Error: Confidential section too big!"); + ASSERT ((SIZEOF(.confidential) <= 33K), "Error: Confidential section too big!"); } >ram } diff --git a/memory_app_fastflash.ld b/memory_app_fastflash.ld index 55b0fb65c0..fc17e75f25 100644 --- a/memory_app_fastflash.ld +++ b/memory_app_fastflash.ld @@ -10,7 +10,7 @@ SECTIONS { .confidential (NOLOAD) : { *(confidential) - ASSERT ((SIZEOF(.confidential) <= 32K), "Error: Confidential section too big!"); + ASSERT ((SIZEOF(.confidential) <= 33K), "Error: Confidential section too big!"); } >ram }