Cleaned up messages.
This commit is contained in:
@@ -27,7 +27,6 @@ void Channel::handle(const shared_ptr<U2FMessage> uMsg)
|
|||||||
else if (this->lockedState != ChannelLockedState::Unlocked)
|
else if (this->lockedState != ChannelLockedState::Unlocked)
|
||||||
throw runtime_error{ "Channel in incorrect (locked) state to handle request" };
|
throw runtime_error{ "Channel in incorrect (locked) state to handle request" };
|
||||||
|
|
||||||
clog << "Handling uMsg with CMD: " << static_cast<uint32_t>(uMsg->cmd) << endl;
|
|
||||||
return U2F_CMD::get(uMsg)->respond(this->cid);
|
return U2F_CMD::get(uMsg)->respond(this->cid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -18,8 +18,6 @@ void Controller::handleTransaction()
|
|||||||
|
|
||||||
auto opChannel = msg->cid;
|
auto opChannel = msg->cid;
|
||||||
|
|
||||||
clog << "Got msg with cmd of: " << static_cast<uint16_t>(msg->cmd) << endl;
|
|
||||||
|
|
||||||
if (msg->cmd == U2FHID_INIT)
|
if (msg->cmd == U2FHID_INIT)
|
||||||
{
|
{
|
||||||
opChannel = nextChannel();
|
opChannel = nextChannel();
|
||||||
|
|||||||
@@ -90,7 +90,6 @@ shared_ptr<InitPacket> InitPacket::getPacket(const uint32_t rCID, const uint8_t
|
|||||||
"\t\t</table>"
|
"\t\t</table>"
|
||||||
"\t\t<br />");
|
"\t\t<br />");
|
||||||
|
|
||||||
clog << "Fully read init packet" << endl;
|
|
||||||
bytesRead = 0;
|
bytesRead = 0;
|
||||||
return p;
|
return p;
|
||||||
}
|
}
|
||||||
@@ -143,7 +142,6 @@ shared_ptr<ContPacket> ContPacket::getPacket(const uint32_t rCID, const uint8_t
|
|||||||
"\t\t</table>\n"
|
"\t\t</table>\n"
|
||||||
"\t\t<br />");
|
"\t\t<br />");
|
||||||
|
|
||||||
//clog << "Fully read cont packet" << endl;
|
|
||||||
readBytes = 0;
|
readBytes = 0;
|
||||||
return p;
|
return p;
|
||||||
}
|
}
|
||||||
@@ -183,7 +181,6 @@ shared_ptr<Packet> Packet::getPacket()
|
|||||||
if (b & TYPE_MASK)
|
if (b & TYPE_MASK)
|
||||||
{
|
{
|
||||||
//Init packet
|
//Init packet
|
||||||
//clog << "Getting init packet" << endl;
|
|
||||||
packet = InitPacket::getPacket(cid, b);
|
packet = InitPacket::getPacket(cid, b);
|
||||||
|
|
||||||
if (packet)
|
if (packet)
|
||||||
@@ -194,7 +191,6 @@ shared_ptr<Packet> Packet::getPacket()
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
//Cont packet
|
//Cont packet
|
||||||
//clog << "Getting cont packet" << endl;
|
|
||||||
packet = ContPacket::getPacket(cid, b);
|
packet = ContPacket::getPacket(cid, b);
|
||||||
|
|
||||||
if (packet)
|
if (packet)
|
||||||
|
|||||||
@@ -50,13 +50,6 @@ void Storage::init(const string &dirPrefix)
|
|||||||
Storage::PubKey pubKey{};
|
Storage::PubKey pubKey{};
|
||||||
b64decode(pubStr, pubKey);
|
b64decode(pubStr, pubKey);
|
||||||
|
|
||||||
clog << "Loaded key with pubkey: " << hex;
|
|
||||||
|
|
||||||
for (auto b : pubKey)
|
|
||||||
clog << static_cast<uint32_t>(b) << ' ';
|
|
||||||
|
|
||||||
clog << dec << endl;
|
|
||||||
|
|
||||||
Storage::appParams[keyH] = appParam;
|
Storage::appParams[keyH] = appParam;
|
||||||
Storage::privKeys[keyH] = privKey;
|
Storage::privKeys[keyH] = privKey;
|
||||||
Storage::pubKeys[keyH] = pubKey;
|
Storage::pubKeys[keyH] = pubKey;
|
||||||
|
|||||||
@@ -85,8 +85,6 @@ shared_ptr<U2FMessage> U2FMessage::readNonBlock()
|
|||||||
message->data.assign(dataBytes.begin(), dataBytes.end());
|
message->data.assign(dataBytes.begin(), dataBytes.end());
|
||||||
currSeq = -1u;
|
currSeq = -1u;
|
||||||
|
|
||||||
std::clog << "Read all of message" << std::endl;
|
|
||||||
|
|
||||||
return message;
|
return message;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -128,8 +126,6 @@ void U2FMessage::write()
|
|||||||
bytesWritten += newByteCount;
|
bytesWritten += newByteCount;
|
||||||
}
|
}
|
||||||
|
|
||||||
//auto stream = *getHostStream();
|
|
||||||
|
|
||||||
if (cmd == U2FHID_MSG)
|
if (cmd == U2FHID_MSG)
|
||||||
{
|
{
|
||||||
auto dAS = getDevAPDUStream().get();
|
auto dAS = getDevAPDUStream().get();
|
||||||
|
|||||||
@@ -23,8 +23,6 @@ U2F_Authenticate_APDU::U2F_Authenticate_APDU(const U2F_Msg_CMD &msg, const vecto
|
|||||||
uint8_t keyHLen = data[64];
|
uint8_t keyHLen = data[64];
|
||||||
|
|
||||||
copy(data.begin() + 65, data.begin() + 65 + keyHLen, back_inserter(keyH));
|
copy(data.begin() + 65, data.begin() + 65 + keyHLen, back_inserter(keyH));
|
||||||
|
|
||||||
clog << "Got U2F_Auth request" << endl;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void U2F_Authenticate_APDU::respond(const uint32_t channelID) const
|
void U2F_Authenticate_APDU::respond(const uint32_t channelID) const
|
||||||
@@ -39,7 +37,7 @@ void U2F_Authenticate_APDU::respond(const uint32_t channelID) const
|
|||||||
if (keyH.size() != sizeof(Storage::KeyHandle))
|
if (keyH.size() != sizeof(Storage::KeyHandle))
|
||||||
{
|
{
|
||||||
//Respond with error code - key handle is of wrong size
|
//Respond with error code - key handle is of wrong size
|
||||||
clog << "Invalid key handle length" << endl;
|
cerr << "Invalid key handle length" << endl;
|
||||||
statusCode = APDU_STATUS::SW_WRONG_DATA;
|
statusCode = APDU_STATUS::SW_WRONG_DATA;
|
||||||
response.insert(response.end(), FIELD_BE(statusCode));
|
response.insert(response.end(), FIELD_BE(statusCode));
|
||||||
msg.write();
|
msg.write();
|
||||||
@@ -51,7 +49,7 @@ void U2F_Authenticate_APDU::respond(const uint32_t channelID) const
|
|||||||
if (Storage::appParams.find(keyHB) == Storage::appParams.end())
|
if (Storage::appParams.find(keyHB) == Storage::appParams.end())
|
||||||
{
|
{
|
||||||
//Respond with error code - key handle doesn't exist in storage
|
//Respond with error code - key handle doesn't exist in storage
|
||||||
clog << "Invalid key handle" << endl;
|
cerr << "Invalid key handle" << endl;
|
||||||
statusCode = APDU_STATUS::SW_WRONG_DATA;
|
statusCode = APDU_STATUS::SW_WRONG_DATA;
|
||||||
response.insert(response.end(), FIELD_BE(statusCode));
|
response.insert(response.end(), FIELD_BE(statusCode));
|
||||||
msg.write();
|
msg.write();
|
||||||
|
|||||||
@@ -17,9 +17,7 @@ uint32_t U2F_Msg_CMD::getLe(const uint32_t byteCount, vector<uint8_t> bytes)
|
|||||||
if (byteCount != 0)
|
if (byteCount != 0)
|
||||||
{
|
{
|
||||||
//Le must be length of data in bytes
|
//Le must be length of data in bytes
|
||||||
clog << "Le must be length of data in bytes" << endl;
|
|
||||||
clog << "Le has a size of " << byteCount << " bytes" << endl;
|
|
||||||
|
|
||||||
switch (byteCount)
|
switch (byteCount)
|
||||||
{
|
{
|
||||||
case 1:
|
case 1:
|
||||||
@@ -59,14 +57,10 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const shared_ptr<U2FMessage> uMsg)
|
|||||||
cmd.p1 = dat[2];
|
cmd.p1 = dat[2];
|
||||||
cmd.p2 = dat[3];
|
cmd.p2 = dat[3];
|
||||||
|
|
||||||
clog << "Loaded U2F_Msg_CMD parameters" << endl;
|
|
||||||
|
|
||||||
vector<uint8_t> data{ dat.begin() + 4, dat.end() };
|
vector<uint8_t> data{ dat.begin() + 4, dat.end() };
|
||||||
const uint32_t cBCount = data.size();
|
const uint32_t cBCount = data.size();
|
||||||
auto startPtr = data.begin(), endPtr = data.end();
|
auto startPtr = data.begin(), endPtr = data.end();
|
||||||
|
|
||||||
clog << "Loaded iters" << endl;
|
|
||||||
|
|
||||||
if (usesData.at(cmd.ins) || data.size() > 3)
|
if (usesData.at(cmd.ins) || data.size() > 3)
|
||||||
{
|
{
|
||||||
if (cBCount == 0)
|
if (cBCount == 0)
|
||||||
@@ -85,7 +79,6 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const shared_ptr<U2FMessage> uMsg)
|
|||||||
|
|
||||||
endPtr = startPtr + cmd.lc;
|
endPtr = startPtr + cmd.lc;
|
||||||
|
|
||||||
clog << "Getting Le" << endl;
|
|
||||||
cmd.le = getLe(data.end() - endPtr, vector<uint8_t>(endPtr, data.end()));
|
cmd.le = getLe(data.end() - endPtr, vector<uint8_t>(endPtr, data.end()));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@@ -93,14 +86,11 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const shared_ptr<U2FMessage> uMsg)
|
|||||||
cmd.lc = 0;
|
cmd.lc = 0;
|
||||||
endPtr = startPtr;
|
endPtr = startPtr;
|
||||||
|
|
||||||
clog << "Getting Le" << endl;
|
|
||||||
cmd.le = getLe(cBCount, data);
|
cmd.le = getLe(cBCount, data);
|
||||||
}
|
}
|
||||||
|
|
||||||
const auto dBytes = vector<uint8_t>(startPtr, endPtr);
|
const auto dBytes = vector<uint8_t>(startPtr, endPtr);
|
||||||
|
|
||||||
clog << "Determined message format" << endl;
|
|
||||||
|
|
||||||
auto hAS = getHostAPDUStream().get();
|
auto hAS = getHostAPDUStream().get();
|
||||||
|
|
||||||
fprintf(hAS, "<table>\n"
|
fprintf(hAS, "<table>\n"
|
||||||
@@ -134,8 +124,6 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const shared_ptr<U2FMessage> uMsg)
|
|||||||
"\t\t</table>\n"
|
"\t\t</table>\n"
|
||||||
"\t\t<br />", cmd.le);
|
"\t\t<br />", cmd.le);
|
||||||
|
|
||||||
clog << "Constructing message specialisation" << endl;
|
|
||||||
|
|
||||||
switch (cmd.ins)
|
switch (cmd.ins)
|
||||||
{
|
{
|
||||||
case APDU::U2F_REG:
|
case APDU::U2F_REG:
|
||||||
@@ -149,6 +137,15 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const shared_ptr<U2FMessage> uMsg)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void U2F_Msg_CMD::error(const uint32_t channelID, const uint16_t errCode)
|
||||||
|
{
|
||||||
|
U2FMessage msg{};
|
||||||
|
msg.cid = channelID;
|
||||||
|
msg.cmd = U2FHID_MSG;
|
||||||
|
msg.data.insert(msg.data.end(), FIELD_BE(errCode));
|
||||||
|
msg.write();
|
||||||
|
}
|
||||||
|
|
||||||
const map<uint8_t, bool> U2F_Msg_CMD::usesData = {
|
const map<uint8_t, bool> U2F_Msg_CMD::usesData = {
|
||||||
{ U2F_REG, true },
|
{ U2F_REG, true },
|
||||||
{ U2F_AUTH, true },
|
{ U2F_AUTH, true },
|
||||||
@@ -157,10 +154,5 @@ const map<uint8_t, bool> U2F_Msg_CMD::usesData = {
|
|||||||
|
|
||||||
void U2F_Msg_CMD::respond(const uint32_t channelID) const
|
void U2F_Msg_CMD::respond(const uint32_t channelID) const
|
||||||
{
|
{
|
||||||
U2FMessage msg{};
|
U2F_Msg_CMD::error(channelID, static_cast<uint16_t>(APDU_STATUS::SW_INS_NOT_SUPPORTED));
|
||||||
msg.cid = channelID;
|
|
||||||
msg.cmd = U2FHID_MSG;
|
|
||||||
auto errorCode = APDU_STATUS::SW_INS_NOT_SUPPORTED;
|
|
||||||
msg.data.insert(msg.data.end(), FIELD_BE(errorCode));
|
|
||||||
msg.write();
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ struct U2F_Msg_CMD : U2F_CMD
|
|||||||
|
|
||||||
public:
|
public:
|
||||||
static std::shared_ptr<U2F_Msg_CMD> generate(const std::shared_ptr<U2FMessage> uMsg);
|
static std::shared_ptr<U2F_Msg_CMD> generate(const std::shared_ptr<U2FMessage> uMsg);
|
||||||
|
static void error(const uint32_t channelID, const uint16_t errCode);
|
||||||
void respond(const uint32_t channelID) const;
|
void respond(const uint32_t channelID) const;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -19,8 +19,8 @@ U2F_Register_APDU::U2F_Register_APDU(const U2F_Msg_CMD &msg, const vector<uint8_
|
|||||||
throw runtime_error{ "Incorrect registration size" };
|
throw runtime_error{ "Incorrect registration size" };
|
||||||
else if (p1 != 0x00 || p2 != 0x00)
|
else if (p1 != 0x00 || p2 != 0x00)
|
||||||
{
|
{
|
||||||
cerr << "p1: " << static_cast<uint32_t>(p1) << ", p2: " << static_cast<uint32_t>(p2) << endl;
|
cerr << "Ins: " << static_cast<uint32_t>(ins) << ", p1: " << static_cast<uint32_t>(p1) << ", p2: " << static_cast<uint32_t>(p2) << endl;
|
||||||
//throw runtime_error{ "Invalid APDU parameters" };
|
cerr << "Invalid APDU parameters detected" << endl;
|
||||||
}
|
}
|
||||||
|
|
||||||
copy(data.data() + 0, data.data() + 32, challengeP.begin());
|
copy(data.data() + 0, data.data() + 32, challengeP.begin());
|
||||||
@@ -31,7 +31,6 @@ U2F_Register_APDU::U2F_Register_APDU(const U2F_Msg_CMD &msg, const vector<uint8_
|
|||||||
Storage::PubKey pubKey{};
|
Storage::PubKey pubKey{};
|
||||||
|
|
||||||
//Unsure if necessary
|
//Unsure if necessary
|
||||||
//From github.com/pratikd650/Teensy_U2F/blob/master/Teensy_U2F.cpp
|
|
||||||
pubKey[0] = 0x04;
|
pubKey[0] = 0x04;
|
||||||
|
|
||||||
uECC_make_key(pubKey.data() + 1, privKey.data(), uECC_secp256r1());
|
uECC_make_key(pubKey.data() + 1, privKey.data(), uECC_secp256r1());
|
||||||
@@ -41,13 +40,6 @@ U2F_Register_APDU::U2F_Register_APDU(const U2F_Msg_CMD &msg, const vector<uint8_
|
|||||||
Storage::privKeys[this->keyH] = privKey;
|
Storage::privKeys[this->keyH] = privKey;
|
||||||
Storage::pubKeys[this->keyH] = pubKey;
|
Storage::pubKeys[this->keyH] = pubKey;
|
||||||
Storage::keyCounts[this->keyH] = 0;
|
Storage::keyCounts[this->keyH] = 0;
|
||||||
|
|
||||||
clog << "Produced pub key: " << hex;
|
|
||||||
|
|
||||||
for (auto b : pubKey)
|
|
||||||
clog << static_cast<uint32_t>(b) << ' ';
|
|
||||||
|
|
||||||
clog << endl << dec << "Got U2F_Reg request" << endl;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void U2F_Register_APDU::respond(const uint32_t channelID) const
|
void U2F_Register_APDU::respond(const uint32_t channelID) const
|
||||||
@@ -59,7 +51,6 @@ void U2F_Register_APDU::respond(const uint32_t channelID) const
|
|||||||
auto& response = m.data;
|
auto& response = m.data;
|
||||||
const auto appParam = Storage::appParams[this->keyH];
|
const auto appParam = Storage::appParams[this->keyH];
|
||||||
const auto pubKey = Storage::pubKeys[this->keyH];
|
const auto pubKey = Storage::pubKeys[this->keyH];
|
||||||
const auto privKey = Storage::privKeys[this->keyH];
|
|
||||||
|
|
||||||
response.push_back(0x05);
|
response.push_back(0x05);
|
||||||
copy(pubKey.begin(), pubKey.end(), back_inserter(response));
|
copy(pubKey.begin(), pubKey.end(), back_inserter(response));
|
||||||
@@ -94,17 +85,13 @@ void U2F_Register_APDU::respond(const uint32_t channelID) const
|
|||||||
}
|
}
|
||||||
|
|
||||||
Signature signature;
|
Signature signature;
|
||||||
std::clog << "Will sign digest with priv key" << std::endl;
|
|
||||||
uECC_sign(attestPrivKey, digest.data(), digest.size(), signature.data(), uECC_secp256r1());
|
uECC_sign(attestPrivKey, digest.data(), digest.size(), signature.data(), uECC_secp256r1());
|
||||||
|
|
||||||
//Append signature as DER
|
//Append signature as DER
|
||||||
std::clog << "Will append sig as DER" << std::endl;
|
|
||||||
appendSignatureAsDER(response, signature);
|
appendSignatureAsDER(response, signature);
|
||||||
|
|
||||||
response.push_back(static_cast<uint16_t>(APDU_STATUS::SW_NO_ERROR) >> 8);
|
response.push_back(static_cast<uint16_t>(APDU_STATUS::SW_NO_ERROR) >> 8);
|
||||||
response.push_back(static_cast<uint16_t>(APDU_STATUS::SW_NO_ERROR) & 0xff);
|
response.push_back(static_cast<uint16_t>(APDU_STATUS::SW_NO_ERROR) & 0xff);
|
||||||
|
|
||||||
std::clog << "Writing out " << response.size() << " bytes in response" << std::endl;
|
|
||||||
|
|
||||||
m.write();
|
m.write();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -9,8 +9,6 @@ using namespace std;
|
|||||||
|
|
||||||
U2F_Version_APDU::U2F_Version_APDU(const U2F_Msg_CMD &msg)
|
U2F_Version_APDU::U2F_Version_APDU(const U2F_Msg_CMD &msg)
|
||||||
{
|
{
|
||||||
clog << "Got U2F_Ver APDU request" << endl;
|
|
||||||
|
|
||||||
//Don't actually respond yet
|
//Don't actually respond yet
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user