Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add temporary passwords to commands instead of AUTHORIZE #25

Merged
merged 25 commits into from
Nov 12, 2016
Merged

Add temporary passwords to commands instead of AUTHORIZE #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
7fb64da
Ignore Authorize commands
szszszsz Nov 7, 2016
19c78c8
Check for user temporary password in GET_CODE
szszszsz Nov 8, 2016
6bc8fa3
Remove authorized user crc
szszszsz Nov 8, 2016
737fcee
Check temporary password in ERASE_SLOT
szszszsz Nov 9, 2016
f7489af
Refactoring - rename temp password validation function
szszszsz Nov 8, 2016
726176f
Refactoring - WRITE_TO_SLOT
szszszsz Nov 8, 2016
6da889c
Check temporary password in CMD_WRITE_SLOT
szszszsz Nov 8, 2016
ae4f100
Check admin temp password for CMD_WRITE_CONFIG
szszszsz Nov 8, 2016
10c39aa
Redefine GET_CODE constants
szszszsz Nov 8, 2016
97669ec
Update write_to_slot payload with TOTPs slot_interval field
szszszsz Nov 9, 2016
d5ba6e7
Refactoring - use method for recognizing OTP type by slot number
szszszsz Nov 9, 2016
6778785
Return UNKNOWN_COMMAND status on calling AUTHORIZE and USER_AUTHORIZE…
szszszsz Nov 9, 2016
13a8422
Remove AUTHORIZE functions
szszszsz Nov 9, 2016
0c62b97
Remove authorized_crc variable
szszszsz Nov 9, 2016
52deeb0
Remove redundant / obsolete code
szszszsz Nov 9, 2016
6e56151
Refactoring - typedef structs
szszszsz Nov 9, 2016
d9b174c
Fix compilation warnings
szszszsz Nov 9, 2016
7e74ec0
Remove commented code
szszszsz Nov 9, 2016
f09b4eb
Add constness to pointers where possible
szszszsz Nov 9, 2016
f9094ee
Refactoring - magic constants
szszszsz Nov 9, 2016
e7f2c08
Correct packet declarations
szszszsz Nov 9, 2016
f7ec19a
Bump version to 08
szszszsz Nov 9, 2016
c7172ed
Move temporary password to the end for GET_CODE
szszszsz Nov 12, 2016
f376c63
Remove obsolete comments/code
szszszsz Nov 12, 2016
48f8960
Add flags for setting temporary passwords
szszszsz Nov 12, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 77 additions & 22 deletions src/inc/report_protocol.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
* along with Nitrokey. If not, see <http://www.gnu.org/licenses/>.
*/

#define FIRMWARE_VERSION 07
#define FIRMWARE_VERSION (0x08)

#define CMD_GET_STATUS 0x00
#define CMD_WRITE_TO_SLOT 0x01
Expand All @@ -41,6 +41,7 @@
#define CMD_FACTORY_RESET 0x13
#define CMD_CHANGE_USER_PIN 0x14
#define CMD_CHANGE_ADMIN_PIN 0x15
#define CMD_WRITE_TO_SLOT_2 0x16

#define CMD_GET_PW_SAFE_SLOT_STATUS 0x60
#define CMD_GET_PW_SAFE_SLOT_NAME 0x61
Expand Down Expand Up @@ -127,8 +128,9 @@

*/

#define CMD_GC_SLOT_NUMBER_OFFSET 1
#define CMD_GC_CHALLENGE_OFFSET 2
#define CMD_GC_SLOT_NUMBER_OFFSET (1)
#define CMD_GC_CHALLENGE_OFFSET (CMD_GC_SLOT_NUMBER_OFFSET + 1)
#define CMD_GC_PASSWORD_OFFSET (CMD_GC_CHALLENGE_OFFSET + 8 + 8 + 1)

/*
* CMD_GET_PASSWORD_RETRY_COUNT
Expand Down Expand Up @@ -157,24 +159,9 @@
*/


/*
CMD_AUTHORIZE

report: 1b command type 4b authorized crc 25b temporary password


*/



__IO extern uint8_t device_status;

extern __IO uint8_t temp_password[25];

extern __IO uint8_t tmp_password_set;

extern __IO uint32_t authorized_crc;

uint8_t parse_report (uint8_t * report, uint8_t * output);

uint8_t cmd_get_status (uint8_t * report, uint8_t * output);
Expand All @@ -193,14 +180,10 @@ uint8_t cmd_erase_slot (uint8_t * report, uint8_t * output);

uint8_t cmd_first_authenticate (uint8_t * report, uint8_t * output);

uint8_t cmd_authorize (uint8_t * report, uint8_t * output);

uint8_t cmd_get_password_retry_count (uint8_t * report, uint8_t * output);

uint8_t cmd_user_authenticate (uint8_t * report, uint8_t * output);

uint8_t cmd_user_authorize (uint8_t * report, uint8_t * output);

uint8_t cmd_factory_reset (uint8_t * report, uint8_t * output);

uint8_t cmd_get_user_password_retry_count (uint8_t * report, uint8_t * output);
Expand Down Expand Up @@ -245,3 +228,75 @@ uint8_t cmd_getProDebug (uint8_t * report, uint8_t * output);
/*
uint8_t cmd_test_counter(uint8_t *report,uint8_t *output); uint8_t cmd_test_time(uint8_t *report,uint8_t *output); */
// END - OTP Test Routine ----------------------------------

#define __packed __attribute__((__packed__))


typedef struct {
uint8_t _command_type;
uint8_t temporary_admin_password[25];
uint8_t slot_secret[20];
union {
uint8_t _slot_config;
struct {
bool use_8_digits : 1;
bool use_enter : 1;
bool use_tokenID : 1;
};
};
union {
uint8_t slot_token_id[13]; /** OATH Token Identifier */
struct { /** @see https://openauthentication.org/token-specs/ */
uint8_t omp[2];
uint8_t tt[2];
uint8_t mui[8];
uint8_t keyboard_layout; //disabled feature in nitroapp as of 20160805
} slot_token_fields;
};
} __packed write_to_slot_1_payload;

typedef struct {
uint8_t _command_type;
uint8_t temporary_admin_password[25];
uint8_t slot_number;
uint8_t slot_name[15];
union {
uint64_t slot_counter;
uint8_t slot_counter_s[8];
struct {
uint16_t slot_interval;
uint16_t __padding[3];
};
} __packed;
} __packed write_to_slot_2_payload;

typedef struct {
uint8_t _command_type;
uint8_t slot_number;
uint8_t slot_name[15];
uint8_t slot_secret[20];
union {
uint8_t _slot_config;
struct {
bool use_8_digits : 1;
bool use_enter : 1;
bool use_tokenID : 1;
};
};
union {
uint8_t slot_token_id[13]; /** OATH Token Identifier */
struct { /** @see https://openauthentication.org/token-specs/ */
uint8_t omp[2];
uint8_t tt[2];
uint8_t mui[8];
uint8_t keyboard_layout; //disabled feature in nitroapp as of 20160805
} slot_token_fields;
};
union {
uint64_t slot_counter;
uint8_t slot_counter_s[8];
} __packed;
} __packed OTP_slot_content;

static const int CMD_WRITE_CONFIG_PASSWORD_OFFSET = 6;
static const int CMD_ERASE_SLOT_PASSWORD_OFFSET = 2;
Loading