static void hid_u2f_parse(struct u2f_hid_msg* req) { uint16_t len = 0; uint8_t secs; struct u2f_hid_init_response * init_res = appdata.tmp; switch(hid_layer.current_cmd) { case U2FHID_INIT: if (U2FHID_LEN(req) != 8) { stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); goto fail; } u2f_hid_set_len(17); if (hid_layer.current_cid == 0) { u2f_prints("out of cid's\r\n"); set_app_error(ERROR_OUT_OF_CIDS); goto fail; } init_res->cid = get_new_cid(); init_res->version_id = 1; init_res->version_major = 1; init_res->version_minor = 0; init_res->version_build = 0; init_res->cflags = 0; // write back the same data nonce u2f_hid_writeback(req->pkt.init.payload, 8); u2f_hid_writeback((uint8_t *)init_res, 9); u2f_hid_flush(); hid_layer.current_cid = init_res->cid; break; case U2FHID_MSG: if (U2FHID_LEN(req) < 4) { stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); u2f_prints("invalid len msg\r\n"); goto fail; } // buffer 2 payloads (120 bytes) to get full U2F message // assuming key handle is < 45 bytes // 7 bytes for apdu header // 7 + 66 bytes + key handle for authenticate message // 7 + 64 for register message if (hid_layer.bytes_buffered == 0) { start_buffering(req); if (hid_layer.bytes_buffered >= U2FHID_LEN(req)) { u2f_request((struct u2f_request_apdu *)hid_layer.buffer); } } else { buffer_request(req); if (hid_layer.bytes_buffered >= hid_layer.req_len) { u2f_request((struct u2f_request_apdu *)hid_layer.buffer); } } break; case U2FHID_PING: //u2f_prints("U2F PING\r\n"); if (!u2f_hid_busy()) { u2f_hid_set_len(U2FHID_LEN(req)); u2f_hid_writeback(req->pkt.init.payload, MIN(hid_layer.res_len, U2FHID_INIT_PAYLOAD_SIZE)); } else { u2f_hid_writeback(req->pkt.cont.payload, MIN(hid_layer.res_len - hid_layer.bytes_written, U2FHID_CONT_PAYLOAD_SIZE)); } if (hid_layer.res_len == hid_layer.bytes_written) u2f_hid_flush(); break; case U2FHID_WINK: if (U2FHID_LEN(req) != 0) { // this one is safe stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); } u2f_hid_set_len(0); u2f_hid_writeback(NULL, 0); u2f_hid_flush(); app_wink(U2F_COLOR_WINK); break; case U2FHID_LOCK: secs = req->pkt.init.payload[0]; if (secs > 10) { stamp_error(hid_layer.current_cid, ERR_INVALID_PAR); } else { _hid_lock_cid = hid_layer.current_cid; _hid_lockt = get_ms() + 1000 * secs; u2f_hid_set_len(0); u2f_hid_writeback(NULL, 0); u2f_hid_flush(); } break; default: set_app_error(ERROR_HID_INVALID_CMD); stamp_error(hid_layer.current_cid, ERR_INVALID_CMD); } return; fail: u2f_prints("U2F HID FAIL\r\n"); return; }
// return 0 if finished // return 1 if expecting more cont packets static uint8_t hid_u2f_parse(struct u2f_hid_msg* req) { uint16_t len = 0; uint8_t secs; struct u2f_hid_init_response * init_res = appdata.tmp; switch(hid_layer.current_cmd) { case U2FHID_INIT: if (U2FHID_LEN(req) != 8) { stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); goto fail; } u2f_hid_set_len(17); if (hid_layer.current_cid == U2FHID_BROADCAST) { if (hid_layer.current_cid == 0) { set_app_error(ERROR_OUT_OF_CIDS); goto fail; } init_res->cid = get_new_cid(); } else { init_res->cid = hid_layer.current_cid; } init_res->version_id = 2; init_res->version_major = 2; init_res->version_minor = 0; init_res->version_build = 0; #ifdef U2F_SUPPORT_WINK && CAPABILITY_LOCK init_res->cflags = CAPABILITY_WINK | CAPABILITY_LOCK; #elif U2F_SUPPORT_WINK init_res->cflags = CAPABILITY_WINK; #elif CAPABILITY_LOCK init_res->cflags = CAPABILITY_LOCK; #else init_res->cflags = 0; #endif // write back the same data nonce u2f_hid_writeback(req->pkt.init.payload, 8); u2f_hid_writeback((uint8_t *)init_res, 9); u2f_hid_flush(); hid_layer.current_cid = init_res->cid; break; case U2FHID_MSG: if (U2FHID_LEN(req) < 4) { stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); goto fail; } // buffer 2 payloads (120 bytes) to get full U2F message // assuming key handle is < 45 bytes // 7 bytes for apdu header // 7 + 66 bytes + key handle for authenticate message // 7 + 64 for register message if (hid_layer.bytes_buffered == 0) { start_buffering(req); if (hid_layer.bytes_buffered >= U2FHID_LEN(req)) { u2f_request((struct u2f_request_apdu *)hid_layer.buffer); } } else { buffer_request(req); if (hid_layer.bytes_buffered >= hid_layer.req_len) { u2f_request((struct u2f_request_apdu *)hid_layer.buffer); } } break; case U2FHID_PING: if (hid_layer.bytes_buffered == 0) { start_buffering(req); u2f_hid_set_len(U2FHID_LEN(req)); if (hid_layer.bytes_buffered >= U2FHID_LEN(req)) { u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered); u2f_hid_flush(); } else { return 1; } } else { if (hid_layer.bytes_buffered + U2FHID_CONT_PAYLOAD_SIZE > BUFFER_SIZE) { u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered); hid_layer.bytes_buffered = 0; } buffer_request(req); if (hid_layer.bytes_buffered + hid_layer.bytes_written >= hid_layer.req_len) { u2f_hid_writeback(hid_layer.buffer,hid_layer.bytes_buffered); u2f_hid_flush(); } else { return 1; } } break; #ifdef U2F_SUPPORT_WINK case U2FHID_WINK: if (U2FHID_LEN(req) != 0) { // this one is safe stamp_error(hid_layer.current_cid, ERR_INVALID_LEN); } u2f_hid_set_len(0); u2f_hid_writeback(NULL, 0); u2f_hid_flush(); app_wink(U2F_COLOR_WINK); break; #endif #ifdef U2F_SUPPORT_HID_LOCK case U2FHID_LOCK: secs = req->pkt.init.payload[0]; if (secs > 10) { stamp_error(hid_layer.current_cid, ERR_INVALID_PAR); } else { if (secs) { _hid_lock_cid = hid_layer.current_cid; _hid_lockt = get_ms() + 1000 * secs; } else { _hid_lockt = get_ms(); _hid_lock_cid = 0; } hid_layer.current_cmd = U2FHID_LOCK; u2f_hid_set_len(0); u2f_hid_writeback(NULL, 0); u2f_hid_flush(); } break; #endif default: set_app_error(ERROR_HID_INVALID_CMD); stamp_error(hid_layer.current_cid, ERR_INVALID_CMD); u2f_printb("invalid cmd: ",1,hid_layer.current_cmd); } return u2f_hid_busy(); fail: u2f_prints("U2F HID FAIL\r\n"); return 0; }