1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-29 19:08:12 +00:00

show different dialog when U2F client uses bogus appid

This commit is contained in:
Pavol Rusnak 2016-10-31 11:56:11 +01:00
parent ae37ea8a9a
commit 4471c6e0e6
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
2 changed files with 13 additions and 5 deletions

View File

@ -389,5 +389,5 @@ void layoutU2FDialog(const char *verb, const char *appname, const BITMAP *appico
if (!appicon) {
appicon = &bmp_icon_question;
}
layoutDialog(appicon, NULL, verb, NULL, verb, "U2F security key?", "", appname, "", NULL);
layoutDialog(appicon, NULL, verb, NULL, verb, "U2F security key?", NULL, appname, NULL, NULL);
}

View File

@ -62,6 +62,10 @@ static uint8_t u2f_out_packets[U2F_OUT_PKT_BUFFER_LEN][HID_RPT_SIZE];
// Derivation path is m/U2F'/r'/r'/r'/r'/r'/r'/r'/r'
#define KEY_PATH_ENTRIES (1 + KEY_PATH_LEN / sizeof(uint32_t))
// Defined as UsbSignHandler.BOGUS_APP_ID_HASH
// in https://github.com/google/u2f-ref-code/blob/master/u2f-chrome-extension/usbsignhandler.js#L118
#define BOGUS_APPID "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
// Auth/Register request state machine
typedef enum {
INIT = 0,
@ -569,10 +573,14 @@ void u2f_register(const APDU *a)
getDerivedNode(NULL, 0);
// error: testof-user-presence is required
buttonUpdate(); // Clear button state
if (0 == memcmp(req->appId, BOGUS_APPID, U2F_APPID_SIZE)) {
layoutDialog(&bmp_icon_warning, NULL, "OK", NULL, "Another U2F device", "was used to register", "in this application.", NULL, NULL, NULL);
} else {
const char *appname;
const BITMAP *appicon;
getReadableAppId(req->appId, &appname, &appicon);
layoutU2FDialog("Register", appname, appicon);
}
last_req_state = REG;
}