arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-11 07:50:57 +00:00
Code Issues Releases Wiki Activity

Tweaked timeouts, handle null nodes.

Browse Source
This commit is contained in:
Jochen Hoenicke 2016-06-12 21:25:35 +02:00
parent da067913c2
commit caafefc0fb
1 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
firmware/u2f.c
View File

@ -216,12 +216,13 @@ void u2fhid_read_start(const U2FHID_FRAME *f) {
cid = 0; cid = 0;
reader = 0; reader = 0;
usbTiny(0); usbTiny(0);
layoutHome();
return; return;
} }
usbPoll(); usbPoll();
} }
} }
// We have all the data // We have all the data
switch (reader->cmd) { switch (reader->cmd) {
case 0: case 0:
@ -244,21 +245,20 @@ void u2fhid_read_start(const U2FHID_FRAME *f) {
// wait for next commmand/ button press // wait for next commmand/ button press
reader->cmd = 0; reader->cmd = 0;
reader->seq = 255; reader->seq = 255;
uint8_t bs = 0; while (dialog_timeout > 0 && reader->cmd == 0) {
while (dialog_timeout && bs == 0 && reader->cmd == 0) {
dialog_timeout--; dialog_timeout--;
usbPoll(); // may trigger new request usbPoll(); // may trigger new request
buttonUpdate(); buttonUpdate();
if (button.YesUp && if (button.YesUp &&
(last_req_state == AUTH || last_req_state == REG)) { (last_req_state == AUTH || last_req_state == REG)) {
last_req_state++; last_req_state++;
// standard requires to remember button press for 10 seconds.
dialog_timeout = 10 * U2F_TIMEOUT;
} }
} }
if (reader->cmd == 0) { if (reader->cmd == 0) {
if (dialog_timeout == 0) { last_req_state = INIT;
last_req_state = INIT;
}
cid = 0; cid = 0;
reader = 0; reader = 0;
usbTiny(0); usbTiny(0);
@ -283,7 +283,7 @@ void u2fhid_wink(const uint8_t *buf, uint32_t len)
return send_u2fhid_error(cid, ERR_INVALID_LEN); return send_u2fhid_error(cid, ERR_INVALID_LEN);
if (dialog_timeout > 0) if (dialog_timeout > 0)
dialog_timeout = 10*U2F_TIMEOUT; dialog_timeout = U2F_TIMEOUT;
U2FHID_FRAME f; U2FHID_FRAME f;
MEMSET_BZERO(&f, sizeof(f)); MEMSET_BZERO(&f, sizeof(f));
@ -496,6 +496,8 @@ const HDNode *generateKeyHandle(const uint8_t app_id[], uint8_t key_handle[])
// prepare keypair from /random data // prepare keypair from /random data
const HDNode *node = getDerivedNode(key_path, KEY_PATH_ENTRIES); const HDNode *node = getDerivedNode(key_path, KEY_PATH_ENTRIES);
if (!node)
return NULL;
// For second half of keyhandle // For second half of keyhandle
// Signature of app_id and random data // Signature of app_id and random data
@ -516,6 +518,8 @@ const HDNode *validateKeyHandle(const uint8_t app_id[], const uint8_t key_handle
memcpy(&key_path[1], key_handle, KEY_PATH_LEN); memcpy(&key_path[1], key_handle, KEY_PATH_LEN);
const HDNode *node = getDerivedNode(key_path, KEY_PATH_ENTRIES); const HDNode *node = getDerivedNode(key_path, KEY_PATH_ENTRIES);
if (!node)
return NULL;
uint8_t keybase[U2F_APPID_SIZE + KEY_PATH_LEN]; uint8_t keybase[U2F_APPID_SIZE + KEY_PATH_LEN];
memcpy(&keybase[0], app_id, U2F_APPID_SIZE); memcpy(&keybase[0], app_id, U2F_APPID_SIZE);
@ -539,6 +543,11 @@ void u2f_register(const APDU *a)
static U2F_REGISTER_REQ last_req; static U2F_REGISTER_REQ last_req;
const U2F_REGISTER_REQ *req = (U2F_REGISTER_REQ *)a->data; const U2F_REGISTER_REQ *req = (U2F_REGISTER_REQ *)a->data;
if (!storage_isInitialized()) {
send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
return;
}
// Validate basic request parameters // Validate basic request parameters
debugLog(0, "", "u2f register"); debugLog(0, "", "u2f register");
if (APDU_LEN(*a) != sizeof(U2F_REGISTER_REQ)) { if (APDU_LEN(*a) != sizeof(U2F_REGISTER_REQ)) {
@ -570,7 +579,7 @@ void u2f_register(const APDU *a)
if (last_req_state == REG) { if (last_req_state == REG) {
// error: testof-user-presence is required // error: testof-user-presence is required
send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED); send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
dialog_timeout = 10*U2F_TIMEOUT; dialog_timeout = U2F_TIMEOUT;
return; return;
} }
@ -639,6 +648,11 @@ void u2f_authenticate(const APDU *a)
const U2F_AUTHENTICATE_REQ *req = (U2F_AUTHENTICATE_REQ *)a->data; const U2F_AUTHENTICATE_REQ *req = (U2F_AUTHENTICATE_REQ *)a->data;
static U2F_AUTHENTICATE_REQ last_req; static U2F_AUTHENTICATE_REQ last_req;
if (!storage_isInitialized()) {
send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
return;
}
if (APDU_LEN(*a) < 64) { /// FIXME: decent value if (APDU_LEN(*a) < 64) { /// FIXME: decent value
debugLog(0, "", "u2f authenticate - badlen"); debugLog(0, "", "u2f authenticate - badlen");
send_u2f_error(U2F_SW_WRONG_LENGTH); send_u2f_error(U2F_SW_WRONG_LENGTH);
@ -697,7 +711,7 @@ void u2f_authenticate(const APDU *a)
if (last_req_state == AUTH) { if (last_req_state == AUTH) {
// error: testof-user-presence is required // error: testof-user-presence is required
send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED); send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
dialog_timeout = 10*U2F_TIMEOUT; dialog_timeout = U2F_TIMEOUT;
return; return;
} }