From 705ee2886097c7a6a1d9978a54a7bceea98416d5 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Thu, 25 Oct 2018 21:25:49 -0400 Subject: [PATCH] initial fido2 port --- fido2/device.h | 2 + fido2/main.c | 4 +- pc/device.c | 8 +- targets/stm32l442/Makefile | 44 ++-- targets/stm32l442/lib/usbd_hid.c | 109 +++++----- targets/stm32l442/src/app.h | 22 ++ targets/stm32l442/src/crypto.c | 355 +++++++++++++++++++++++++++++++ targets/stm32l442/src/device.c | 180 +++++++++++++++- targets/stm32l442/src/device.h | 12 -- targets/stm32l442/src/fifo.c | 2 +- targets/stm32l442/src/fifo.h | 2 + targets/stm32l442/src/flash.c | 5 +- targets/stm32l442/src/init.c | 1 + targets/stm32l442/src/main.c | 2 + targets/stm32l442/src/redirect.c | 30 +-- targets/stm32l442/src/rng.c | 5 +- 16 files changed, 659 insertions(+), 124 deletions(-) create mode 100644 targets/stm32l442/src/crypto.c delete mode 100644 targets/stm32l442/src/device.h diff --git a/fido2/device.h b/fido2/device.h index 5f030bb..a49391c 100644 --- a/fido2/device.h +++ b/fido2/device.h @@ -53,6 +53,8 @@ int authenticator_is_backup_initialized(); void authenticator_write_state(AuthenticatorState *, int backup); +// Called each main loop. Doesn't need to do anything. +void device_manage(); // Test for user presence // Return 1 for user is present, 0 user not present diff --git a/fido2/main.c b/fido2/main.c index d39147b..a2cca61 100644 --- a/fido2/main.c +++ b/fido2/main.c @@ -85,6 +85,8 @@ int main(int argc, char * argv[]) t1 = millis(); } + device_manage(); + if (usbhid_recv(hidmsg) > 0) { printf1(TAG_DUMP,"%d>> ",count++); dump_hex1(TAG_DUMP, hidmsg,sizeof(hidmsg)); @@ -110,5 +112,3 @@ int main(int argc, char * argv[]) } #endif - - diff --git a/pc/device.c b/pc/device.c index 43ad521..348e6e4 100644 --- a/pc/device.c +++ b/pc/device.c @@ -398,7 +398,7 @@ void authenticator_initialize() } } - - - - +void manage_device() +{ + +} diff --git a/targets/stm32l442/Makefile b/targets/stm32l442/Makefile index a3675b2..f4f59d3 100644 --- a/targets/stm32l442/Makefile +++ b/targets/stm32l442/Makefile @@ -1,16 +1,32 @@ CC=arm-none-eabi-gcc CP=arm-none-eabi-objcopy SZ=arm-none-eabi-size +AR=arm-none-eabi-ar +# ST related SRC = src/main.c src/init.c src/redirect.c src/flash.c src/rng.c src/led.c src/device.c -SRC += src/fifo.c -SRC += ../../fido2/util.c +SRC += src/fifo.c src/crypto.c SRC += src/startup_stm32l432xx.s src/system_stm32l4xx.c SRC += $(wildcard lib/*.c) $(wildcard lib/usbd/*.c) +# FIDO2 lib +SRC += ../../fido2/util.c ../../fido2/u2f.c ../../fido2/test_power.c ../../fido2/test_power.c +SRC += ../../fido2/stubs.c ../../fido2/log.c ../../fido2/ctaphid.c ../../fido2/ctap.c +SRC += ../../fido2/ctap_parse.c ../../fido2/main.c + +# Crypto libs +SRC += ../../crypto/sha256/sha256.c ../../crypto/micro-ecc/uECC.c ../../crypto/tiny-AES-c/aes.c + + OBJ1=$(SRC:.c=.o) OBJ=$(OBJ1:.s=.o) -INC=-Isrc/ -Isrc/cmsis/ -Ilib/ -Ilib/usbd/ -I../../fido2/ + +INC = -Isrc/ -Isrc/cmsis/ -Ilib/ -Ilib/usbd/ -I../../fido2/ -I../../fido2/extensions +INC += -I../../tinycbor/src -I../../crypto/sha256 -I../../crypto/micro-ecc +INC += -I../../crypto/tiny-AES-c + +SEARCH=-L../../tinycbor/lib + LDSCRIPT=stm32l432xx.ld CFLAGS= $(INC) @@ -23,8 +39,12 @@ HW=-mcpu=cortex-m4 -mfpu=fpv4-sp-d16 -mfloat-abi=hard -mthumb # Solo CHIP=STM32L442xx -CFLAGS=$(INC) -c -D$(CHIP) -DUSE_FULL_LL_DRIVER -Os -Wall -fdata-sections -ffunction-sections -LDFLAGS=$(HW) -specs=nano.specs -specs=nosys.specs -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -Wl,--gc-sections -u _printf_float +DEFINES = -D$(CHIP) -DAES256=1 -DUSE_FULL_LL_DRIVER + +CFLAGS=$(INC) -c $(DEFINES) -Os -Wall -fdata-sections -ffunction-sections $(HW) +LDFLAGS_LIB=$(HW) $(SEARCH) -specs=nano.specs -specs=nosys.specs -Wl,--gc-sections -u _printf_float -lnosys +LDFLAGS=$(HW) $(LDFLAGS_LIB) -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -ltinycbor + .PRECIOUS: %.o @@ -52,12 +72,8 @@ flash: $(TARGET).hex sleep 0.5 python dfuse-tool/dfuse-tool.py --leave -test: - STM32_Programmer_CLI -c port=SWD -halt -d ../../../cube_stm32l442/build/cube_stm32l442.hex -rst - sleep 0.5 - python dfuse-tool/dfuse-tool.py --leave - -test2: - STM32_Programmer_CLI -c port=SWD -halt -d ../../../stmusb2/build/stmusb2.hex -rst - sleep 0.5 - python dfuse-tool/dfuse-tool.py --leave +cbor: + cd ../../tinycbor/ && make clean + cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \ +LDFLAGS="$(LDFLAGS_LIB)" \ +CFLAGS="$(CFLAGS)" diff --git a/targets/stm32l442/lib/usbd_hid.c b/targets/stm32l442/lib/usbd_hid.c index c28d013..0cc9512 100644 --- a/targets/stm32l442/lib/usbd_hid.c +++ b/targets/stm32l442/lib/usbd_hid.c @@ -95,6 +95,9 @@ static uint8_t *USBD_HID_GetDeviceQualifierDesc (uint16_t *length); static uint8_t USBD_HID_DataIn (USBD_HandleTypeDef *pdev, uint8_t epnum); +static uint8_t USBD_HID_DataOut (USBD_HandleTypeDef *pdev, + uint8_t epnum); + USBD_ClassTypeDef USBD_HID = { @@ -104,7 +107,7 @@ USBD_ClassTypeDef USBD_HID = NULL, /*EP0_TxSent*/ NULL, /*EP0_RxReady*/ USBD_HID_DataIn, /*DataIn*/ - NULL, /*DataOut*/ + USBD_HID_DataOut, /*DataOut*/ NULL, /*SOF */ NULL, NULL, @@ -223,8 +226,7 @@ __ALIGN_BEGIN static uint8_t HID_MOUSE_ReportDesc[HID_FIDO_REPORT_DESC_SIZE] __ 0x95, HID_PACKET_SIZE, // REPORT_COUNT (64) 0x91, 0x02, // OUTPUT (Data,Var,Abs) - - 0xc0,// END_COLLECTION + 0xc0,// END_COLLECTION }; @@ -233,12 +235,46 @@ static uint8_t hidmsg_buf[64]; void usb_hid_recieve_callback(uint8_t ep) { fifo_hidmsg_add(hidmsg_buf); + memset(hidmsg_buf,0,64); USBD_LL_PrepareReceive(&Solo_USBD_Device, HID_ENDPOINT, hidmsg_buf, HID_PACKET_SIZE); } +static void dump_pma() +{ + + register uint32_t _wRegBase = (uint32_t)USB; + _wRegBase += (uint32_t)(USB)->BTABLE + 0x400; + + uint16_t * pma_ptr = (uint16_t *)_wRegBase; + uint16_t val; + uint32_t offset = (uint32_t)(USB)->BTABLE; + + printf("btable: %02lx\r\n",offset); + + for (int i = 0; i < 2; i++) + { + uint16_t addr_tx = pma_ptr[i * 4 + 0]; + uint16_t cnt_tx = pma_ptr[i * 4 + 1]; + uint16_t addr_rx = pma_ptr[i * 4 + 2]; + uint16_t cnt_rx = pma_ptr[i * 4 + 3]; + + printf("EP%d addr_tx == %02x, count_tx == %02x\r\n", i, addr_tx,cnt_tx ); + printf("EP%d addr_rx == %02x, count_rx == %02x\r\n", i, addr_rx,cnt_rx ); + } + + uint16_t ep1_tx = pma_ptr[1 * 4 + 0]; + + for (int i = 0; i < 32; i++) + { + val = pma_ptr[ep1_tx + i]; + printf("%04x ",val); + } + printf("\r\n"); +} + /** * @brief USBD_HID_Init * Initialize the HID interface @@ -252,17 +288,12 @@ static uint8_t USBD_HID_Init (USBD_HandleTypeDef *pdev, uint8_t cfgidx) /* Open EP IN */ USBD_LL_OpenEP(pdev, HID_EPIN_ADDR, USBD_EP_TYPE_INTR, HID_EPIN_SIZE); USBD_LL_OpenEP(pdev, HID_EPOUT_ADDR, USBD_EP_TYPE_INTR, HID_EPOUT_SIZE); - static uint8_t mem[4]; + static uint8_t mem[sizeof (USBD_HID_HandleTypeDef)]; pdev->ep_in[HID_EPIN_ADDR & 0xFU].is_used = 1U; pdev->ep_out[HID_EPOUT_ADDR & 0xFU].is_used = 1U; pdev->pClassData = mem; - if (pdev->pClassData == NULL) - { - return USBD_FAIL; - } - ((USBD_HID_HandleTypeDef *)pdev->pClassData)->state = HID_IDLE; @@ -411,60 +442,8 @@ static uint8_t USBD_HID_Setup (USBD_HandleTypeDef *pdev, return ret; } -/** - * @brief USBD_HID_SendReport - * Send HID Report - * @param pdev: device instance - * @param buff: pointer to report - * @retval status - */ -uint8_t USBD_HID_SendReport (USBD_HandleTypeDef *pdev, - uint8_t *report, - uint16_t len) -{ - USBD_HID_HandleTypeDef *hhid = (USBD_HID_HandleTypeDef*)pdev->pClassData; - if (pdev->dev_state == USBD_STATE_CONFIGURED ) - { - if(hhid->state == HID_IDLE) - { - hhid->state = HID_BUSY; - USBD_LL_Transmit (pdev, - HID_EPIN_ADDR, - report, - len); - } - } - return USBD_OK; -} -/** - * @brief USBD_HID_GetPollingInterval - * return polling interval from endpoint descriptor - * @param pdev: device instance - * @retval polling interval - */ -uint32_t USBD_HID_GetPollingInterval (USBD_HandleTypeDef *pdev) -{ - uint32_t polling_interval = 0U; - - /* HIGH-speed endpoints */ - if(pdev->dev_speed == USBD_SPEED_HIGH) - { - /* Sets the data transfer polling interval for high speed transfers. - Values between 1..16 are allowed. Values correspond to interval - of 2 ^ (bInterval-1). This option (8 ms, corresponds to HID_HS_BINTERVAL */ - polling_interval = (((1U <<(HID_BINTERVAL - 1U))) / 8U); - } - else /* LOW and FULL-speed endpoints */ - { - /* Sets the data transfer polling interval for low and full - speed transfers */ - polling_interval = HID_BINTERVAL; - } - - return ((uint32_t)(polling_interval)); -} /** * @brief USBD_HID_GetCfgFSDesc @@ -495,6 +474,14 @@ static uint8_t USBD_HID_DataIn (USBD_HandleTypeDef *pdev, return USBD_OK; } +static uint8_t USBD_HID_DataOut (USBD_HandleTypeDef *pdev, + uint8_t epnum) +{ + /* Ensure that the FIFO is empty before a new transfer, this condition could + be caused by a new transfer before the end of the previous transfer */ + ((USBD_HID_HandleTypeDef *)pdev->pClassData)->state = HID_IDLE; + return USBD_OK; +} /** * @brief DeviceQualifierDescriptor diff --git a/targets/stm32l442/src/app.h b/targets/stm32l442/src/app.h index 6254f66..f17c5b3 100644 --- a/targets/stm32l442/src/app.h +++ b/targets/stm32l442/src/app.h @@ -5,8 +5,30 @@ #define DEBUG_UART USART1 + + +#define DEBUG_LEVEL 1 + +#define NON_BLOCK_PRINTING 1 + +//#define PRINTING_USE_VCOM + +//#define USING_DEV_BOARD + +//#define ENABLE_U2F_EXTENSIONS + +#define ENABLE_U2F + +//#define DISABLE_CTAPHID_PING +//#define DISABLE_CTAPHID_WINK +//#define DISABLE_CTAPHID_CBOR + +void printing_init(); void hw_init(void); +//#define TEST +//#define TEST_POWER +#define LED_INIT_VALUE 0x001000 #endif diff --git a/targets/stm32l442/src/crypto.c b/targets/stm32l442/src/crypto.c new file mode 100644 index 0000000..1a4af35 --- /dev/null +++ b/targets/stm32l442/src/crypto.c @@ -0,0 +1,355 @@ +/* + * Wrapper for crypto implementation on device + * + * */ +#include +#include +#include + + + +#include "util.h" +#include "crypto.h" + +#ifdef USE_SOFTWARE_IMPLEMENTATION + +#include "sha256.h" +#include "uECC.h" +#include "aes.h" +#include "ctap.h" +#include "device.h" +#include "app.h" + + +typedef enum +{ + MBEDTLS_ECP_DP_NONE = 0, + MBEDTLS_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */ + MBEDTLS_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */ + MBEDTLS_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */ + MBEDTLS_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */ + MBEDTLS_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */ + MBEDTLS_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */ + MBEDTLS_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */ + MBEDTLS_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */ + MBEDTLS_ECP_DP_CURVE25519, /*!< Curve25519 */ + MBEDTLS_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */ + MBEDTLS_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */ + MBEDTLS_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */ +} mbedtls_ecp_group_id; + + + +const uint8_t attestation_cert_der[]; +const uint16_t attestation_cert_der_size; +const uint8_t attestation_key[]; +const uint16_t attestation_key_size; + + + +static SHA256_CTX sha256_ctx; +static const struct uECC_Curve_t * _es256_curve = NULL; +static const uint8_t * _signing_key = NULL; +static int _key_len = 0; + +// Secrets for testing only +static uint8_t master_secret[32] = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff" + "\xff\xee\xdd\xcc\xbb\xaa\x99\x88\x77\x66\x55\x44\x33\x22\x11\x00"; + +static uint8_t transport_secret[32] = "\x10\x01\x22\x33\x44\x55\x66\x77\x87\x90\x0a\xbb\x3c\xd8\xee\xff" + "\xff\xee\x8d\x1c\x3b\xfa\x99\x88\x77\x86\x55\x44\xd3\xff\x33\x00"; + + + +void crypto_sha256_init() +{ + sha256_init(&sha256_ctx); +} + +void crypto_reset_master_secret() +{ + ctap_generate_rng(master_secret, 32); +} + + +void crypto_sha256_update(uint8_t * data, size_t len) +{ + sha256_update(&sha256_ctx, data, len); +} + +void crypto_sha256_update_secret() +{ + sha256_update(&sha256_ctx, master_secret, 32); +} + +void crypto_sha256_final(uint8_t * hash) +{ + sha256_final(&sha256_ctx, hash); +} + +void crypto_sha256_hmac_init(uint8_t * key, uint32_t klen, uint8_t * hmac) +{ + uint8_t buf[64]; + int i; + memset(buf, 0, sizeof(buf)); + + if (key == CRYPTO_MASTER_KEY) + { + key = master_secret; + klen = sizeof(master_secret); + } + + if(klen > 64) + { + printf("Error, key size must be <= 64\n"); + exit(1); + } + + memmove(buf, key, klen); + + for (i = 0; i < sizeof(buf); i++) + { + buf[i] = buf[i] ^ 0x36; + } + + crypto_sha256_init(); + crypto_sha256_update(buf, 64); +} + +void crypto_sha256_hmac_final(uint8_t * key, uint32_t klen, uint8_t * hmac) +{ + uint8_t buf[64]; + int i; + crypto_sha256_final(hmac); + memset(buf, 0, sizeof(buf)); + if (key == CRYPTO_MASTER_KEY) + { + key = master_secret; + klen = sizeof(master_secret); + } + + + if(klen > 64) + { + printf("Error, key size must be <= 64\n"); + exit(1); + } + memmove(buf, key, klen); + + for (i = 0; i < sizeof(buf); i++) + { + buf[i] = buf[i] ^ 0x5c; + } + + crypto_sha256_init(); + crypto_sha256_update(buf, 64); + crypto_sha256_update(hmac, 32); + crypto_sha256_final(hmac); +} + + +void crypto_ecc256_init() +{ + uECC_set_rng((uECC_RNG_Function)ctap_generate_rng); + _es256_curve = uECC_secp256r1(); +} + + +void crypto_ecc256_load_attestation_key() +{ + _signing_key = attestation_key; + _key_len = 32; +} + +void crypto_ecc256_sign(uint8_t * data, int len, uint8_t * sig) +{ + if ( uECC_sign(_signing_key, data, len, sig, _es256_curve) == 0) + { + printf("error, uECC failed\n"); + exit(1); + } +} + +void crypto_ecc256_load_key(uint8_t * data, int len, uint8_t * data2, int len2) +{ + static uint8_t privkey[32]; + generate_private_key(data,len,data2,len2,privkey); + _signing_key = privkey; + _key_len = 32; +} + +void crypto_ecdsa_sign(uint8_t * data, int len, uint8_t * sig, int MBEDTLS_ECP_ID) +{ + + const struct uECC_Curve_t * curve = NULL; + + switch(MBEDTLS_ECP_ID) + { + case MBEDTLS_ECP_DP_SECP192R1: + curve = uECC_secp192r1(); + if (_key_len != 24) goto fail; + break; + case MBEDTLS_ECP_DP_SECP224R1: + curve = uECC_secp224r1(); + if (_key_len != 28) goto fail; + break; + case MBEDTLS_ECP_DP_SECP256R1: + curve = uECC_secp256r1(); + if (_key_len != 32) goto fail; + break; + case MBEDTLS_ECP_DP_SECP256K1: + curve = uECC_secp256k1(); + if (_key_len != 32) goto fail; + break; + default: + printf("error, invalid ECDSA alg specifier\n"); + exit(1); + } + + if ( uECC_sign(_signing_key, data, len, sig, curve) == 0) + { + printf("error, uECC failed\n"); + exit(1); + } + return; + +fail: + printf("error, invalid key length\n"); + exit(1); + +} + +void generate_private_key(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey) +{ + crypto_sha256_hmac_init(CRYPTO_MASTER_KEY, 0, privkey); + crypto_sha256_update(data, len); + crypto_sha256_update(data2, len2); + crypto_sha256_update(master_secret, 32); + crypto_sha256_hmac_final(CRYPTO_MASTER_KEY, 0, privkey); +} + + +/*int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key, uECC_Curve curve);*/ +void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8_t * y) +{ + uint8_t privkey[32]; + uint8_t pubkey[64]; + + generate_private_key(data,len,NULL,0,privkey); + + memset(pubkey,0,sizeof(pubkey)); + uECC_compute_public_key(privkey, pubkey, _es256_curve); + memmove(x,pubkey,32); + memmove(y,pubkey+32,32); +} + +void crypto_load_external_key(uint8_t * key, int len) +{ + _signing_key = key; + _key_len = len; +} + + +void crypto_ecc256_make_key_pair(uint8_t * pubkey, uint8_t * privkey) +{ + if (uECC_make_key(pubkey, privkey, _es256_curve) != 1) + { + printf("Error, uECC_make_key failed\n"); + exit(1); + } +} + +void crypto_ecc256_shared_secret(const uint8_t * pubkey, const uint8_t * privkey, uint8_t * shared_secret) +{ + if (uECC_shared_secret(pubkey, privkey, shared_secret, _es256_curve) != 1) + { + printf("Error, uECC_shared_secret failed\n"); + exit(1); + } + +} + +struct AES_ctx aes_ctx; +void crypto_aes256_init(uint8_t * key, uint8_t * nonce) +{ + if (key == CRYPTO_TRANSPORT_KEY) + { + AES_init_ctx(&aes_ctx, transport_secret); + } + else + { + AES_init_ctx(&aes_ctx, key); + } + if (nonce == NULL) + { + memset(aes_ctx.Iv, 0, 16); + } + else + { + memmove(aes_ctx.Iv, nonce, 16); + } +} + +// prevent round key recomputation +void crypto_aes256_reset_iv(uint8_t * nonce) +{ + if (nonce == NULL) + { + memset(aes_ctx.Iv, 0, 16); + } + else + { + memmove(aes_ctx.Iv, nonce, 16); + } +} + +void crypto_aes256_decrypt(uint8_t * buf, int length) +{ + AES_CBC_decrypt_buffer(&aes_ctx, buf, length); +} + +void crypto_aes256_encrypt(uint8_t * buf, int length) +{ + AES_CBC_encrypt_buffer(&aes_ctx, buf, length); +} + + +const uint8_t attestation_cert_der[] = +"\x30\x82\x01\xfb\x30\x82\x01\xa1\xa0\x03\x02\x01\x02\x02\x01\x00\x30\x0a\x06\x08" +"\x2a\x86\x48\xce\x3d\x04\x03\x02\x30\x2c\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13" +"\x02\x55\x53\x31\x0b\x30\x09\x06\x03\x55\x04\x08\x0c\x02\x4d\x44\x31\x10\x30\x0e" +"\x06\x03\x55\x04\x0a\x0c\x07\x54\x45\x53\x54\x20\x43\x41\x30\x20\x17\x0d\x31\x38" +"\x30\x35\x31\x30\x30\x33\x30\x36\x32\x30\x5a\x18\x0f\x32\x30\x36\x38\x30\x34\x32" +"\x37\x30\x33\x30\x36\x32\x30\x5a\x30\x7c\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13" +"\x02\x55\x53\x31\x0b\x30\x09\x06\x03\x55\x04\x08\x0c\x02\x4d\x44\x31\x0f\x30\x0d" +"\x06\x03\x55\x04\x07\x0c\x06\x4c\x61\x75\x72\x65\x6c\x31\x15\x30\x13\x06\x03\x55" +"\x04\x0a\x0c\x0c\x54\x45\x53\x54\x20\x43\x4f\x4d\x50\x41\x4e\x59\x31\x22\x30\x20" +"\x06\x03\x55\x04\x0b\x0c\x19\x41\x75\x74\x68\x65\x6e\x74\x69\x63\x61\x74\x6f\x72" +"\x20\x41\x74\x74\x65\x73\x74\x61\x74\x69\x6f\x6e\x31\x14\x30\x12\x06\x03\x55\x04" +"\x03\x0c\x0b\x63\x6f\x6e\x6f\x72\x70\x70\x2e\x63\x6f\x6d\x30\x59\x30\x13\x06\x07" +"\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07\x03\x42\x00" +"\x04\x45\xa9\x02\xc1\x2e\x9c\x0a\x33\xfa\x3e\x84\x50\x4a\xb8\x02\xdc\x4d\xb9\xaf" +"\x15\xb1\xb6\x3a\xea\x8d\x3f\x03\x03\x55\x65\x7d\x70\x3f\xb4\x02\xa4\x97\xf4\x83" +"\xb8\xa6\xf9\x3c\xd0\x18\xad\x92\x0c\xb7\x8a\x5a\x3e\x14\x48\x92\xef\x08\xf8\xca" +"\xea\xfb\x32\xab\x20\xa3\x62\x30\x60\x30\x46\x06\x03\x55\x1d\x23\x04\x3f\x30\x3d" +"\xa1\x30\xa4\x2e\x30\x2c\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31" +"\x0b\x30\x09\x06\x03\x55\x04\x08\x0c\x02\x4d\x44\x31\x10\x30\x0e\x06\x03\x55\x04" +"\x0a\x0c\x07\x54\x45\x53\x54\x20\x43\x41\x82\x09\x00\xf7\xc9\xec\x89\xf2\x63\x94" +"\xd9\x30\x09\x06\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x0b\x06\x03\x55\x1d\x0f\x04" +"\x04\x03\x02\x04\xf0\x30\x0a\x06\x08\x2a\x86\x48\xce\x3d\x04\x03\x02\x03\x48\x00" +"\x30\x45\x02\x20\x18\x38\xb0\x45\x03\x69\xaa\xa7\xb7\x38\x62\x01\xaf\x24\x97\x5e" +"\x7e\x74\x64\x1b\xa3\x7b\xf7\xe6\xd3\xaf\x79\x28\xdb\xdc\xa5\x88\x02\x21\x00\xcd" +"\x06\xf1\xe3\xab\x16\x21\x8e\xd8\xc0\x14\xaf\x09\x4f\x5b\x73\xef\x5e\x9e\x4b\xe7" +"\x35\xeb\xdd\x9b\x6d\x8f\x7d\xf3\xc4\x3a\xd7"; + + +const uint16_t attestation_cert_der_size = sizeof(attestation_cert_der)-1; + + +const uint8_t attestation_key[] = "\xcd\x67\xaa\x31\x0d\x09\x1e\xd1\x6e\x7e\x98\x92\xaa\x07\x0e\x19\x94\xfc\xd7\x14\xae\x7c\x40\x8f\xb9\x46\xb7\x2e\x5f\xe7\x5d\x30"; +const uint16_t attestation_key_size = sizeof(attestation_key)-1; + + +#else +#error "No crypto implementation defined" +#endif diff --git a/targets/stm32l442/src/device.c b/targets/stm32l442/src/device.c index 6074230..7afc23f 100644 --- a/targets/stm32l442/src/device.c +++ b/targets/stm32l442/src/device.c @@ -1,25 +1,201 @@ #include "device.h" #include "usbd_def.h" +#include "stm32l4xx.h" +#include "stm32l4xx_ll_tim.h" +#include "stm32l4xx_ll_usart.h" +#include "usbd_hid.h" + +#include "app.h" +#include "flash.h" +#include "rng.h" +#include "led.h" +#include "device.h" +#include "util.h" +#include "fifo.h" +#include "log.h" uint32_t __65_seconds = 0; +extern PCD_HandleTypeDef hpcd; + +// Timer6 overflow handler void TIM6_DAC_IRQHandler() { // timer is only 16 bits, so roll it over here TIM6->SR = 0; __65_seconds += 1; } - -extern PCD_HandleTypeDef hpcd; // Global USB interrupt handler void USB_IRQHandler(void) { HAL_PCD_IRQHandler(&hpcd); } + +uint32_t millis() +{ + return (((uint32_t)TIM6->CNT) | (__65_seconds<<16)); +} + + + + void delay(uint32_t ms) { uint32_t time = millis(); while ((millis() - time) < ms) ; } + +void device_init() +{ + hw_init(); + printf1(TAG_GEN,"hello solo\r\n"); +} + +void usbhid_init() +{ + printf1(TAG_GEN,"hello solo\r\n"); +} +int usbhid_recv(uint8_t * msg) +{ + if (fifo_hidmsg_size()) + { + + fifo_hidmsg_take(msg); + printf1(TAG_DUMP,">> "); + dump_hex1(TAG_DUMP,msg, HID_PACKET_SIZE); + return HID_PACKET_SIZE; + } + return 0; +} + +void usbhid_send(uint8_t * msg) +{ + printf1(TAG_DUMP,"<< "); + dump_hex1(TAG_DUMP, msg, HID_PACKET_SIZE); + // USBD_HID_HandleTypeDef *hhid = (USBD_HID_HandleTypeDef*)&Solo_USBD_Device.pClassData; + + USBD_LL_Transmit(&Solo_USBD_Device, HID_EPIN_ADDR, msg, HID_PACKET_SIZE); + +} + +void ctaphid_write_block(uint8_t * data) +{ + usbhid_send(data); +} + + +void usbhid_close() +{ + +} + +void main_loop_delay() +{ + +} + +void heartbeat() +{ + static int state = 0; + static uint32_t val = (LED_INIT_VALUE >> 8) & 0xff; + // int but = IS_BUTTON_PRESSED(); + int but = 0; + + if (state) + { + val--; + } + else + { + val++; + } + + if (val > 30 || val < 1) + { + state = !state; + } + // int c = PCD_GET_EP_TX_CNT(USB,1); + // int c = PCD_GET_EP_TX_STATUS(USB,1); + // printf("tx counter: %x\r\n",PCD_GET_EP_TX_CNT(USB,1)); + + // if (but) RGB(val * 2); + // else + led_rgb((val << 16) | (val*2 << 8)); +} + +void authenticator_read_state(AuthenticatorState * a) +{ + +} + +void authenticator_read_backup_state(AuthenticatorState * a) +{ + +} + +// Return 1 yes backup is init'd, else 0 +//void authenticator_initialize() +int authenticator_is_backup_initialized() +{ + return 0; +} + +void authenticator_write_state(AuthenticatorState * a, int backup) +{ + +} + +void device_manage() +{ +#if NON_BLOCK_PRINTING + int i = 10; + uint8_t c; + while (i--) + { + if (fifo_debug_size()) + { + fifo_debug_take(&c); + while (! LL_USART_IsActiveFlag_TXE(DEBUG_UART)) + ; + LL_USART_TransmitData8(DEBUG_UART,c); + } + else + { + break; + } + } +#endif +} + +int ctap_user_presence_test() +{ + return 1; +} + +int ctap_generate_rng(uint8_t * dst, size_t num) +{ + rng_get_bytes(dst, num); + return 1; +} + +uint32_t ctap_atomic_count(int sel) +{ + static uint32_t c = 4; + return c++; +} + +int ctap_user_verification(uint8_t arg) +{ + return 1; +} + + +void _Error_Handler(char *file, int line) +{ + printf2(TAG_ERR,"Error: %s: %d\r\n", file, line); + while(1) + { + } +} diff --git a/targets/stm32l442/src/device.h b/targets/stm32l442/src/device.h deleted file mode 100644 index ee9219a..0000000 --- a/targets/stm32l442/src/device.h +++ /dev/null @@ -1,12 +0,0 @@ -#ifndef _DEVICE_H_ -#define _DEVICE_H_ - -#include -#include "stm32l4xx_ll_tim.h" - -void delay(uint32_t ms); - -#define millis() (((uint32_t)TIM6->CNT) | (__65_seconds<<16)) -extern uint32_t __65_seconds; - -#endif diff --git a/targets/stm32l442/src/fifo.c b/targets/stm32l442/src/fifo.c index 8f1526e..c8f621e 100644 --- a/targets/stm32l442/src/fifo.c +++ b/targets/stm32l442/src/fifo.c @@ -4,7 +4,7 @@ #include "fifo.h" - +FIFO_CREATE(debug,1024,1) FIFO_CREATE(hidmsg,100,100) diff --git a/targets/stm32l442/src/fifo.h b/targets/stm32l442/src/fifo.h index f4c5a6c..31efa95 100644 --- a/targets/stm32l442/src/fifo.h +++ b/targets/stm32l442/src/fifo.h @@ -51,6 +51,8 @@ uint32_t fifo_##NAME##_size();\ FIFO_CREATE_H(hidmsg,10,64) +FIFO_CREATE_H(debug,1024,1) + FIFO_CREATE_H(test,100,100) void fifo_test(); diff --git a/targets/stm32l442/src/flash.c b/targets/stm32l442/src/flash.c index 500d6ad..b86ef87 100644 --- a/targets/stm32l442/src/flash.c +++ b/targets/stm32l442/src/flash.c @@ -5,6 +5,7 @@ #include "app.h" #include "flash.h" +#include "log.h" static void flash_unlock() { @@ -33,7 +34,7 @@ void flash_erase_page(uint8_t page) if(FLASH->SR & (1<<1)) { - printf("erase NOT successful %lx\r\n", FLASH->SR); + printf2(TAG_ERR,"erase NOT successful %lx\r\n", FLASH->SR); } FLASH->CR &= ~(0x7); @@ -58,7 +59,7 @@ void flash_write_dword(uint32_t addr, uint64_t data) if(FLASH->SR & (1<<1)) { - printf("program NOT successful %lx\r\n", FLASH->SR); + printf2(TAG_ERR,"program NOT successful %lx\r\n", FLASH->SR); } FLASH->SR = (1<<0); diff --git a/targets/stm32l442/src/init.c b/targets/stm32l442/src/init.c index e669e91..62d5a19 100644 --- a/targets/stm32l442/src/init.c +++ b/targets/stm32l442/src/init.c @@ -20,6 +20,7 @@ #include "usbd_core.h" #include "usbd_desc.h" #include "usbd_hid.h" +#include "device.h" /* USER CODE BEGIN Includes */ diff --git a/targets/stm32l442/src/main.c b/targets/stm32l442/src/main.c index f6ff5d8..1aef4a3 100644 --- a/targets/stm32l442/src/main.c +++ b/targets/stm32l442/src/main.c @@ -28,6 +28,7 @@ #include "util.h" #include "fifo.h" +#ifdef TEST_SOLO_STM32 #define Error_Handler() _Error_Handler(__FILE__,__LINE__) int main(void) @@ -101,3 +102,4 @@ void _Error_Handler(char *file, int line) { } } +#endif diff --git a/targets/stm32l442/src/redirect.c b/targets/stm32l442/src/redirect.c index 63fe851..0f997d6 100644 --- a/targets/stm32l442/src/redirect.c +++ b/targets/stm32l442/src/redirect.c @@ -1,38 +1,19 @@ #include "stm32l4xx_ll_usart.h" #include "app.h" +#include "fifo.h" -int WRITE_PTR = 0; -int READ_PTR = 0; -#define BUF_SIZE 20000 -static uint8_t WRITE_BUF[BUF_SIZE]; -void add2buf(uint8_t c) -{ - WRITE_BUF[WRITE_PTR++] = c; - if (WRITE_PTR >= BUF_SIZE) - WRITE_PTR = 0; -} -uint8_t takebuf() -{ - uint8_t c; - c = WRITE_BUF[READ_PTR++]; - if (READ_PTR >= BUF_SIZE) - READ_PTR = 0; - return c; -} - -uint8_t bufavail() -{ - return (READ_PTR < WRITE_PTR); -} void _putchar(char c) { - // add2buf(c); +#if NON_BLOCK_PRINTING + fifo_debug_add(&c); +#else while (! LL_USART_IsActiveFlag_TXE(DEBUG_UART)) ; LL_USART_TransmitData8(DEBUG_UART,c); +#endif } int _write (int fd, const void *buf, long int len) @@ -43,4 +24,5 @@ int _write (int fd, const void *buf, long int len) _putchar(*data++); } return 0; + } diff --git a/targets/stm32l442/src/rng.c b/targets/stm32l442/src/rng.c index 526a387..f1027d2 100644 --- a/targets/stm32l442/src/rng.c +++ b/targets/stm32l442/src/rng.c @@ -5,6 +5,7 @@ #include "stm32l4xx_ll_rng.h" #include "rng.h" +#include "log.h" int __errno = 0; @@ -20,7 +21,7 @@ void rng_get_bytes(uint8_t * dst, size_t sz) if (RNG->SR & 0x66) { - printf("Error RNG: %02lx\r\n", RNG->SR); + printf2(TAG_ERR,"Error RNG: %02lx\r\n", RNG->SR); exit(1); } @@ -54,7 +55,7 @@ float shannon_entropy(float * p, size_t sz) return entropy; } -// Measure shannon entropy of RNG +// Measure shannon entropy of RNG float rng_test(size_t n) { unsigned int i;