arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-16 17:42:02 +00:00
Code Issues Releases Wiki Activity

apps.fido_u2f: unify reg/auth state

Browse Source
This commit is contained in:
Jan Pochyla 2017-06-06 13:14:58 +02:00
parent c4c27de0d5
commit ed8cfe0399
1 changed files with 32 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/apps/fido_u2f/__init__.py
View File

@ -447,11 +447,13 @@ class ConfirmState:
self.confirmed = await dialog self.confirmed = await dialog
_reg_state = None _state = None # state for msg_register and msg_authenticate, None or ConfirmState
_lastreq = None # last received register/authenticate request, None or Req
async def msg_register(req: Msg) -> Cmd: async def msg_register(req: Msg) -> Cmd:
global _reg_state global _state
global _lastreq
from apps.common import storage from apps.common import storage
@ -459,21 +461,30 @@ async def msg_register(req: Msg) -> Cmd:
log.warning(__name__, 'not initialized') log.warning(__name__, 'not initialized')
return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED) return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED)
# check input data # check length of input data
if len(req.data) != 64: if len(req.data) != 64:
log.warning(__name__, '_SW_WRONG_LENGTH req.data') log.warning(__name__, '_SW_WRONG_LENGTH req.data')
return msg_error(req, _SW_WRONG_LENGTH) return msg_error(req, _SW_WRONG_LENGTH)
# parse challenge and app_id
chal = req.data[:32] chal = req.data[:32]
app_id = req.data[32:] app_id = req.data[32:]
if _reg_state is None: # check equality with last request
_reg_state = ConfirmState(_CONFIRM_REGISTER, app_id) if _lastreq is None or _lastreq.__dict__ != req.__dict__:
_reg_state.fork() if _state is not None:
if _reg_state.confirmed is None: _state.kill()
_state = None
_lastreq = req
# wait for a button or continue
if _state is None:
_state = ConfirmState(_CONFIRM_REGISTER, app_id)
_state.fork()
if _state.confirmed is None:
log.info(__name__, 'waiting for button') log.info(__name__, 'waiting for button')
return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED) return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED)
_reg_state = None _state = None
buf = msg_register_sign(chal, app_id) buf = msg_register_sign(chal, app_id)
@ -530,14 +541,10 @@ def msg_register_sign(challenge: bytes, app_id: bytes) -> bytes:
return buf return buf
_auth_state = None
_auth_lastreq = None
async def msg_authenticate(req: Msg) -> Cmd: async def msg_authenticate(req: Msg) -> Cmd:
global _auth_state global _state
global _auth_lastreq global _lastreq
from apps.common import storage from apps.common import storage
@ -575,19 +582,20 @@ async def msg_authenticate(req: Msg) -> Cmd:
return msg_error(req, _SW_WRONG_DATA) return msg_error(req, _SW_WRONG_DATA)
# check equality with last request # check equality with last request
if _auth_lastreq is None or _auth_lastreq.__dict__ != req.__dict__: if _lastreq is None or _lastreq.__dict__ != req.__dict__:
if _auth_state is not None: if _state is not None:
_auth_state.kill() _state.kill()
_auth_state = None _state = None
_auth_lastreq = req _lastreq = req
if _auth_state is None: # wait for a button or continue
_auth_state = ConfirmState(_CONFIRM_AUTHENTICATE, auth.appId) if _state is None:
_auth_state.fork() _state = ConfirmState(_CONFIRM_AUTHENTICATE, auth.appId)
if _auth_state.confirmed is None: _state.fork()
if _state.confirmed is None:
log.info(__name__, 'waiting for button') log.info(__name__, 'waiting for button')
return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED) return msg_error(req, _SW_CONDITIONS_NOT_SATISFIED)
_auth_state = None _state = None
buf = msg_authenticate_sign(auth.chal, auth.appId, node.private_key()) buf = msg_authenticate_sign(auth.chal, auth.appId, node.private_key())