static void hid_u2f_parse(struct u2f_hid_msg* req)
{
uint16_t len = 0;
uint8_t secs;
struct u2f_hid_init_response * init_res = appdata.tmp;
switch(hid_layer.current_cmd)
{
case U2FHID_INIT:
if (U2FHID_LEN(req) != 8)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
goto fail;
}
u2f_hid_set_len(17);
if (hid_layer.current_cid == 0)
{
u2f_prints("out of cid's\r\n");
set_app_error(ERROR_OUT_OF_CIDS);
goto fail;
}
init_res->cid = get_new_cid();
init_res->version_id = 1;
init_res->version_major = 1;
init_res->version_minor = 0;
init_res->version_build = 0;
init_res->cflags = 0;
// write back the same data nonce
u2f_hid_writeback(req->pkt.init.payload, 8);
u2f_hid_writeback((uint8_t *)init_res, 9);
u2f_hid_flush();
hid_layer.current_cid = init_res->cid;
break;
case U2FHID_MSG:
if (U2FHID_LEN(req) < 4)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
u2f_prints("invalid len msg\r\n");
goto fail;
}
// buffer 2 payloads (120 bytes) to get full U2F message
// assuming key handle is < 45 bytes
// 7 bytes for apdu header
// 7 + 66 bytes + key handle for authenticate message
// 7 + 64 for register message
if (hid_layer.bytes_buffered == 0)
{
start_buffering(req);
if (hid_layer.bytes_buffered >= U2FHID_LEN(req))
{
u2f_request((struct u2f_request_apdu *)hid_layer.buffer);
}
}
else
{
buffer_request(req);
if (hid_layer.bytes_buffered >= hid_layer.req_len)
{
u2f_request((struct u2f_request_apdu *)hid_layer.buffer);
}
}
break;
case U2FHID_PING:
//u2f_prints("U2F PING\r\n");
if (!u2f_hid_busy())
{
u2f_hid_set_len(U2FHID_LEN(req));
u2f_hid_writeback(req->pkt.init.payload, MIN(hid_layer.res_len, U2FHID_INIT_PAYLOAD_SIZE));
}
else
{
u2f_hid_writeback(req->pkt.cont.payload, MIN(hid_layer.res_len - hid_layer.bytes_written, U2FHID_CONT_PAYLOAD_SIZE));
}
if (hid_layer.res_len == hid_layer.bytes_written) u2f_hid_flush();
break;
case U2FHID_WINK:
if (U2FHID_LEN(req) != 0)
{
// this one is safe
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
}
u2f_hid_set_len(0);
u2f_hid_writeback(NULL, 0);
u2f_hid_flush();
app_wink(U2F_COLOR_WINK);
break;
case U2FHID_LOCK:
secs = req->pkt.init.payload[0];
if (secs > 10)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_PAR);
}
else
{
_hid_lock_cid = hid_layer.current_cid;
_hid_lockt = get_ms() + 1000 * secs;
u2f_hid_set_len(0);
u2f_hid_writeback(NULL, 0);
u2f_hid_flush();
}
break;
default:
set_app_error(ERROR_HID_INVALID_CMD);
stamp_error(hid_layer.current_cid, ERR_INVALID_CMD);
}
return;
fail:
u2f_prints("U2F HID FAIL\r\n");
return;
}
void u2f_hid_request(struct u2f_hid_msg* req)
{
uint8_t* payload = req->pkt.init.payload;
static int8_t last_seq = -1;
struct CID* cid = get_cid(req->cid);
if (cid != NULL)
{
refresh_cid(cid);
}
else if (req->cid == U2FHID_BROADCAST)
{
}
else
{
// Ignore CID's we did not allocate.
//u2f_printlx("ignoring pkt ",1,req->cid);
return;
}
// ignore if we locked to a different cid
if(hid_is_locked())
{
if (!hid_is_lock_cid(cid))
{
stamp_error(hid_layer.current_cid, ERR_CHANNEL_BUSY);
return;
}
}
hid_layer.state = (u2f_hid_busy()) ? HID_BUSY : HID_READY;
switch(hid_layer.state)
{
case HID_READY:
if (req->pkt.init.cmd & TYPE_INIT)
{
if (U2FHID_LEN(req) > U2FHID_MAX_PAYLOAD_SIZE)
{
//u2f_prints("length too big\r\n");
stamp_error(req->cid, ERR_INVALID_LEN);
return;
}
u2f_hid_reset_packet();
hid_layer.current_cid = req->cid;
hid_layer.current_cmd = req->pkt.init.cmd;
hid_layer.last_buffered = get_ms();
last_seq = -1;
}
else
{
stamp_error(req->cid, ERR_INVALID_CMD);
u2f_prints("ERR_INVALID_CMD\r\n");
return;
}
break;
case HID_BUSY:
// buffer long requests
if (req->cid == hid_layer.current_cid)
{
if (req->pkt.init.cmd & TYPE_INIT)
{
u2f_hid_reset_packet();
u2f_hid_request(req);
return;
}
hid_layer.last_buffered = get_ms();
// verify packets arrive in ascending order
if (last_seq + 1 != req->pkt.cont.seq)
{
u2f_hid_reset_packet();
stamp_error(hid_layer.current_cid, ERR_INVALID_SEQ);
return;
}
last_seq = req->pkt.cont.seq;
}
else if (U2FHID_TIMEOUT(&hid_layer))
{
// return timeout error for old channel and run again for new channel
//u2f_prints("timeout, switching\r\n");
hid_layer.state = HID_READY;
u2f_hid_reset_packet();
stamp_error(hid_layer.current_cid, ERR_MSG_TIMEOUT);
u2f_hid_request(req);
return;
}
else
{
// Current application may not be interrupted
stamp_error(req->cid, ERR_CHANNEL_BUSY);
return;
}
break;
}
hid_u2f_parse(req);
return;
}
// return 0 if finished
// return 1 if expecting more cont packets
static uint8_t hid_u2f_parse(struct u2f_hid_msg* req)
{
uint16_t len = 0;
uint8_t secs;
struct u2f_hid_init_response * init_res = appdata.tmp;
switch(hid_layer.current_cmd)
{
case U2FHID_INIT:
if (U2FHID_LEN(req) != 8)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
goto fail;
}
u2f_hid_set_len(17);
if (hid_layer.current_cid == U2FHID_BROADCAST)
{
if (hid_layer.current_cid == 0)
{
set_app_error(ERROR_OUT_OF_CIDS);
goto fail;
}
init_res->cid = get_new_cid();
}
else
{
init_res->cid = hid_layer.current_cid;
}
init_res->version_id = 2;
init_res->version_major = 2;
init_res->version_minor = 0;
init_res->version_build = 0;
#ifdef U2F_SUPPORT_WINK && CAPABILITY_LOCK
init_res->cflags = CAPABILITY_WINK | CAPABILITY_LOCK;
#elif U2F_SUPPORT_WINK
init_res->cflags = CAPABILITY_WINK;
#elif CAPABILITY_LOCK
init_res->cflags = CAPABILITY_LOCK;
#else
init_res->cflags = 0;
#endif
// write back the same data nonce
u2f_hid_writeback(req->pkt.init.payload, 8);
u2f_hid_writeback((uint8_t *)init_res, 9);
u2f_hid_flush();
hid_layer.current_cid = init_res->cid;
break;
case U2FHID_MSG:
if (U2FHID_LEN(req) < 4)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
goto fail;
}
// buffer 2 payloads (120 bytes) to get full U2F message
// assuming key handle is < 45 bytes
// 7 bytes for apdu header
// 7 + 66 bytes + key handle for authenticate message
// 7 + 64 for register message
if (hid_layer.bytes_buffered == 0)
{
start_buffering(req);
if (hid_layer.bytes_buffered >= U2FHID_LEN(req))
{
u2f_request((struct u2f_request_apdu *)hid_layer.buffer);
}
}
else
{
buffer_request(req);
if (hid_layer.bytes_buffered >= hid_layer.req_len)
{
u2f_request((struct u2f_request_apdu *)hid_layer.buffer);
}
}
break;
case U2FHID_PING:
if (hid_layer.bytes_buffered == 0)
{
start_buffering(req);
u2f_hid_set_len(U2FHID_LEN(req));
if (hid_layer.bytes_buffered >= U2FHID_LEN(req))
{
u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered);
u2f_hid_flush();
}
else
{
return 1;
}
}
else
{
if (hid_layer.bytes_buffered + U2FHID_CONT_PAYLOAD_SIZE > BUFFER_SIZE)
{
u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered);
hid_layer.bytes_buffered = 0;
}
buffer_request(req);
if (hid_layer.bytes_buffered + hid_layer.bytes_written >= hid_layer.req_len)
{
u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered);
u2f_hid_flush();
}
else
{
return 1;
}
}
break;
#ifdef U2F_SUPPORT_WINK
case U2FHID_WINK:
if (U2FHID_LEN(req) != 0)
{
// this one is safe
stamp_error(hid_layer.current_cid, ERR_INVALID_LEN);
}
u2f_hid_set_len(0);
u2f_hid_writeback(NULL, 0);
u2f_hid_flush();
app_wink(U2F_COLOR_WINK);
break;
#endif
#ifdef U2F_SUPPORT_HID_LOCK
case U2FHID_LOCK:
secs = req->pkt.init.payload[0];
if (secs > 10)
{
stamp_error(hid_layer.current_cid, ERR_INVALID_PAR);
}
else
{
if (secs)
{
_hid_lock_cid = hid_layer.current_cid;
_hid_lockt = get_ms() + 1000 * secs;
}
else
{
_hid_lockt = get_ms();
_hid_lock_cid = 0;
}
hid_layer.current_cmd = U2FHID_LOCK;
u2f_hid_set_len(0);
u2f_hid_writeback(NULL, 0);
u2f_hid_flush();
}
break;
#endif
default:
set_app_error(ERROR_HID_INVALID_CMD);
stamp_error(hid_layer.current_cid, ERR_INVALID_CMD);
u2f_printb("invalid cmd: ",1,hid_layer.current_cmd);
}
return u2f_hid_busy();
fail:
u2f_prints("U2F HID FAIL\r\n");
return 0;
}
