mirror
/
solo1
kopia lustrzana https://github.com/solokeys/solo1
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

store all info in same page, dont use authenticator state

simplify_build
Conor Patrick 2019-10-27 09:27:56 -04:00
rodzic d33749fc16
commit 9ac2aa90c3
3 zmienionych plików z 17 dodań i 14 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
fido2/storage.h
Wyświetl plik

@ -53,7 +53,6 @@ typedef struct
uint16_t key_lens[MAX_KEYS];
uint8_t key_space[KEY_SPACE_BYTES];
uint8_t data_version;
uint8_t flags;
} AuthenticatorState_0x01;
typedef AuthenticatorState_0x01 AuthenticatorState;

25
targets/stm32l432/src/device.c
Wyświetl plik

@ -192,8 +192,8 @@ void device_init_button(void)
}
int solo_is_locked(){
uint8_t flags = ((AuthenticatorState *) STATE1_PAGE_ADDR)->flags;
return (flags & SOLO_FLAG_LOCKED) != 0;
uint64_t device_settings = ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings;
return (device_settings & SOLO_FLAG_LOCKED) != 0;
}
/** device_migrate
@ -211,18 +211,20 @@ static void device_migrate(){
extern uint8_t attestation_solo_cert_der[];
extern uint8_t attestation_hacker_cert_der[];
AuthenticatorState state;
authenticator_read_state(&state);
if (state.flags == 0xFF)
uint64_t device_settings = ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings;
uint32_t configure_tag = (uint32_t)(device_settings >> 32);
if (configure_tag != ATTESTATION_CONFIGURED_TAG)
{
printf1(TAG_RED,"Migrating certificate and lock information to data segment.\r\n");
// do migrate.
state.flags = 0;
device_settings = ATTESTATION_CONFIGURED_TAG;
device_settings <<= 32;
// Read current device lock level.
uint32_t optr = FLASH->OPTR;
if ((optr & 0xff) != 0xAA){
state.flags |= SOLO_FLAG_LOCKED;
device_settings |= SOLO_FLAG_LOCKED;
}
uint8_t tmp_attestation_key[32];
@ -273,9 +275,10 @@ static void device_migrate(){
);
}
// Save.
authenticator_write_state(&state,0);
authenticator_write_state(&state,1);
// Save / done.
flash_write_dword(
(uint32_t) & ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings,
(uint64_t)device_settings);
}
}

5
targets/stm32l432/src/memory_layout.h
Wyświetl plik

@ -67,13 +67,14 @@ typedef struct flash_memory_st flash_memory_st;
#include <assert.h>
static_assert(sizeof(flash_memory_st) == 256*1024, "Data structure doesn't match flash size");
#define ATTESTATION_FORMAT 0x5A01
#define ATTESTATION_CONFIGURED_TAG 0xaa551e78
struct flash_attestation_page{
uint8_t attestation_key[32];
// DWORD padded.
uint64_t device_settings;
uint64_t attestation_cert_size;
uint8_t attestation_cert[2048 - 32 - 8];
uint8_t attestation_cert[2048 - 32 - 8 - 8];
} __attribute__((packed));
typedef struct flash_attestation_page flash_attestation_page;