diff --git a/pico-keys-sdk b/pico-keys-sdk index 151ae5f..88071e1 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit 151ae5fae4c5815042fce5d5cbcc06d76561dc9c +Subproject commit 88071e117222bbc3ab018bc45f6d691a4fcf78f3 diff --git a/src/fido/cbor_client_pin.c b/src/fido/cbor_client_pin.c index c7c13d8..0e3d6e9 100644 --- a/src/fido/cbor_client_pin.c +++ b/src/fido/cbor_client_pin.c @@ -169,7 +169,7 @@ int ecdh(uint8_t protocol, const mbedtls_ecp_point *Q, uint8_t *sharedSecret) { int resetPinUvAuthToken() { uint8_t t[32]; random_gen(NULL, t, sizeof(t)); - flash_write_data_to_file(ef_authtoken, t, sizeof(t)); + file_put_data(ef_authtoken, t, sizeof(t)); paut.permissions = 0; paut.data = file_get_data(ef_authtoken); paut.len = file_get_size(ef_authtoken); @@ -417,7 +417,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) { hsh[0] = MAX_PIN_RETRIES; hsh[1] = pin_len; mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), paddedNewPin, pin_len, hsh + 2); - flash_write_data_to_file(ef_pin, hsh, 2 + 16); + file_put_data(ef_pin, hsh, 2 + 16); low_flash_available(); goto err; //No return } @@ -464,7 +464,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) { uint8_t pin_data[18]; memcpy(pin_data, file_get_data(ef_pin), 18); pin_data[0] -= 1; - flash_write_data_to_file(ef_pin, pin_data, sizeof(pin_data)); + file_put_data(ef_pin, pin_data, sizeof(pin_data)); low_flash_available(); uint8_t retries = pin_data[0]; uint8_t paddedNewPin[64]; @@ -489,7 +489,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) { } } pin_data[0] = MAX_PIN_RETRIES; - flash_write_data_to_file(ef_pin, pin_data, sizeof(pin_data)); + file_put_data(ef_pin, pin_data, sizeof(pin_data)); low_flash_available(); new_pin_mismatches = 0; ret = decrypt(pinUvAuthProtocol, sharedSecret, newPinEnc.data, newPinEnc.len, paddedNewPin); @@ -520,12 +520,12 @@ int cbor_client_pin(const uint8_t *data, size_t len) { memcmp(hsh + 2, file_get_data(ef_pin) + 2, 16) == 0) { CBOR_ERROR(CTAP2_ERR_PIN_POLICY_VIOLATION); } - flash_write_data_to_file(ef_pin, hsh, 2 + 16); + file_put_data(ef_pin, hsh, 2 + 16); if (file_has_data(ef_minpin) && file_get_data(ef_minpin)[1] == 1) { uint8_t *tmp = (uint8_t *) calloc(1, file_get_size(ef_minpin)); memcpy(tmp, file_get_data(ef_minpin), file_get_size(ef_minpin)); tmp[1] = 0; - flash_write_data_to_file(ef_minpin, tmp, file_get_size(ef_minpin)); + file_put_data(ef_minpin, tmp, file_get_size(ef_minpin)); free(tmp); } low_flash_available(); @@ -573,7 +573,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) { uint8_t pin_data[18]; memcpy(pin_data, file_get_data(ef_pin), 18); pin_data[0] -= 1; - flash_write_data_to_file(ef_pin, pin_data, sizeof(pin_data)); + file_put_data(ef_pin, pin_data, sizeof(pin_data)); low_flash_available(); uint8_t retries = pin_data[0]; uint8_t paddedNewPin[64], poff = (pinUvAuthProtocol - 1) * IV_SIZE; @@ -599,7 +599,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) { } pin_data[0] = MAX_PIN_RETRIES; new_pin_mismatches = 0; - flash_write_data_to_file(ef_pin, pin_data, sizeof(pin_data)); + file_put_data(ef_pin, pin_data, sizeof(pin_data)); low_flash_available(); file_t *ef_minpin = search_by_fid(EF_MINPINLEN, NULL, SPECIFY_EF); if (file_has_data(ef_minpin) && file_get_data(ef_minpin)[1] == 1) { diff --git a/src/fido/cbor_config.c b/src/fido/cbor_config.c index 4026cc7..b8cb73f 100644 --- a/src/fido/cbor_config.c +++ b/src/fido/cbor_config.c @@ -142,9 +142,9 @@ int cbor_config(const uint8_t *data, size_t len) { if (has_keydev_dec == false) { CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID); } - flash_write_data_to_file(ef_keydev, keydev_dec, sizeof(keydev_dec)); + file_put_data(ef_keydev, keydev_dec, sizeof(keydev_dec)); mbedtls_platform_zeroize(keydev_dec, sizeof(keydev_dec)); - flash_write_data_to_file(ef_keydev_enc, NULL, 0); // Set ef to 0 bytes + file_put_data(ef_keydev_enc, NULL, 0); // Set ef to 0 bytes low_flash_available(); } else if (vendorCommandId == CTAP_CONFIG_AUT_ENABLE) { @@ -178,10 +178,10 @@ int cbor_config(const uint8_t *data, size_t len) { CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER); } - flash_write_data_to_file(ef_keydev_enc, key_dev_enc, sizeof(key_dev_enc)); + file_put_data(ef_keydev_enc, key_dev_enc, sizeof(key_dev_enc)); mbedtls_platform_zeroize(key_dev_enc, sizeof(key_dev_enc)); - flash_write_data_to_file(ef_keydev, key_dev_enc, file_get_size(ef_keydev)); // Overwrite ef with 0 - flash_write_data_to_file(ef_keydev, NULL, 0); // Set ef to 0 bytes + file_put_data(ef_keydev, key_dev_enc, file_get_size(ef_keydev)); // Overwrite ef with 0 + file_put_data(ef_keydev, NULL, 0); // Set ef to 0 bytes low_flash_available(); } else { @@ -216,7 +216,7 @@ int cbor_config(const uint8_t *data, size_t len) { data + 2 + m * 32, 0); } - flash_write_data_to_file(ef_minpin, data, 2 + minPinLengthRPIDs_len * 32); + file_put_data(ef_minpin, data, 2 + minPinLengthRPIDs_len * 32); low_flash_available(); goto err; //No return } diff --git a/src/fido/cbor_cred_mgmt.c b/src/fido/cbor_cred_mgmt.c index 68e95a8..f5b9fdd 100644 --- a/src/fido/cbor_cred_mgmt.c +++ b/src/fido/cbor_cred_mgmt.c @@ -380,7 +380,7 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) { delete_file(rp_ef); } else { - flash_write_data_to_file(rp_ef, rp_data, file_get_size(rp_ef)); + file_put_data(rp_ef, rp_data, file_get_size(rp_ef)); } free(rp_data); break; diff --git a/src/fido/cbor_get_assertion.c b/src/fido/cbor_get_assertion.c index f3a2516..87c6363 100644 --- a/src/fido/cbor_get_assertion.c +++ b/src/fido/cbor_get_assertion.c @@ -640,7 +640,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder)); resp_size = cbor_encoder_get_buffer_size(&encoder, ctap_resp->init.data + 1); ctr++; - flash_write_data_to_file(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); + file_put_data(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); low_flash_available(); err: CBOR_FREE_BYTE_STRING(clientDataHash); diff --git a/src/fido/cbor_large_blobs.c b/src/fido/cbor_large_blobs.c index c3ebd70..432464d 100644 --- a/src/fido/cbor_large_blobs.c +++ b/src/fido/cbor_large_blobs.c @@ -155,7 +155,7 @@ int cbor_large_blobs(const uint8_t *data, size_t len) { if (expectedLength > 17 && memcmp(sha, temp_lba + expectedLength - 16, 16) != 0) { CBOR_ERROR(CTAP2_ERR_INTEGRITY_FAILURE); } - flash_write_data_to_file(ef_largeblob, temp_lba, expectedLength); + file_put_data(ef_largeblob, temp_lba, expectedLength); low_flash_available(); } goto err; diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 44a488f..614ae5a 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -518,7 +518,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) { } } ctr++; - flash_write_data_to_file(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); + file_put_data(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); low_flash_available(); err: CBOR_FREE_BYTE_STRING(clientDataHash); diff --git a/src/fido/cbor_vendor.c b/src/fido/cbor_vendor.c index afe939b..d1b6f54 100644 --- a/src/fido/cbor_vendor.c +++ b/src/fido/cbor_vendor.c @@ -121,9 +121,9 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) { } uint8_t zeros[32]; memset(zeros, 0, sizeof(zeros)); - flash_write_data_to_file(ef_keydev_enc, vendorParam.data, vendorParam.len); - flash_write_data_to_file(ef_keydev, zeros, file_get_size(ef_keydev)); // Overwrite ef with 0 - flash_write_data_to_file(ef_keydev, NULL, 0); // Set ef to 0 bytes + file_put_data(ef_keydev_enc, vendorParam.data, vendorParam.len); + file_put_data(ef_keydev, zeros, file_get_size(ef_keydev)); // Overwrite ef with 0 + file_put_data(ef_keydev, NULL, 0); // Set ef to 0 bytes low_flash_available(); goto err; } @@ -306,7 +306,7 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) { } file_t *ef_ee_ea = search_by_fid(EF_EE_DEV_EA, NULL, SPECIFY_EF); if (ef_ee_ea) { - flash_write_data_to_file(ef_ee_ea, vendorParam.data, vendorParam.len); + file_put_data(ef_ee_ea, vendorParam.data, vendorParam.len); } low_flash_available(); goto err; diff --git a/src/fido/cmd_authenticate.c b/src/fido/cmd_authenticate.c index 6f458d6..b3c7f9d 100644 --- a/src/fido/cmd_authenticate.c +++ b/src/fido/cmd_authenticate.c @@ -97,7 +97,7 @@ int cmd_authenticate() { res_APDU_size = 1 + 4 + olen; ctr++; - flash_write_data_to_file(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); + file_put_data(ef_counter, (uint8_t *) &ctr, sizeof(ctr)); low_flash_available(); return SW_OK(); } diff --git a/src/fido/credential.c b/src/fido/credential.c index b43388b..ea44ebb 100644 --- a/src/fido/credential.c +++ b/src/fido/credential.c @@ -306,7 +306,7 @@ int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t * memcpy(data, rp_id_hash, 32); memcpy(data + 32, cred_id, cred_id_len); file_t *ef = file_new(EF_CRED + sloti); - flash_write_data_to_file(ef, data, cred_id_len + 32); + file_put_data(ef, data, cred_id_len + 32); free(data); if (new_record == true) { //increase rps @@ -332,7 +332,7 @@ int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t * data = (uint8_t *) calloc(1, file_get_size(ef)); memcpy(data, file_get_data(ef), file_get_size(ef)); data[0] += 1; - flash_write_data_to_file(ef, data, file_get_size(ef)); + file_put_data(ef, data, file_get_size(ef)); free(data); } else { @@ -341,7 +341,7 @@ int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t * data[0] = 1; memcpy(data + 1, rp_id_hash, 32); memcpy(data + 1 + 32, cred.rpId.data, cred.rpId.len); - flash_write_data_to_file(ef, data, 1 + 32 + cred.rpId.len); + file_put_data(ef, data, 1 + 32 + cred.rpId.len); free(data); } } diff --git a/src/fido/fido.c b/src/fido/fido.c index 79a935d..e1ffbdb 100644 --- a/src/fido/fido.c +++ b/src/fido/fido.c @@ -317,7 +317,7 @@ int scan_files() { uint8_t kdata[32]; int key_size = mbedtls_mpi_size(&ecdsa.d); mbedtls_mpi_write_binary(&ecdsa.d, kdata, key_size); - ret = flash_write_data_to_file(ef_keydev, kdata, key_size); + ret = file_put_data(ef_keydev, kdata, key_size); mbedtls_platform_zeroize(kdata, sizeof(kdata)); mbedtls_ecdsa_free(&ecdsa); if (ret != CCID_OK) { @@ -353,7 +353,7 @@ int scan_files() { if (ret <= 0) { return ret; } - flash_write_data_to_file(ef_certdev, cert + sizeof(cert) - ret, ret); + file_put_data(ef_certdev, cert + sizeof(cert) - ret, ret); } } else { @@ -363,7 +363,7 @@ int scan_files() { if (ef_counter) { if (!file_has_data(ef_counter)) { uint32_t v = 0; - flash_write_data_to_file(ef_counter, (uint8_t *) &v, sizeof(v)); + file_put_data(ef_counter, (uint8_t *) &v, sizeof(v)); } } else { @@ -375,7 +375,7 @@ int scan_files() { if (!file_has_data(ef_authtoken)) { uint8_t t[32]; random_gen(NULL, t, sizeof(t)); - flash_write_data_to_file(ef_authtoken, t, sizeof(t)); + file_put_data(ef_authtoken, t, sizeof(t)); } paut.data = file_get_data(ef_authtoken); paut.len = file_get_size(ef_authtoken); @@ -385,7 +385,7 @@ int scan_files() { } ef_largeblob = search_by_fid(EF_LARGEBLOB, NULL, SPECIFY_EF); if (!file_has_data(ef_largeblob)) { - flash_write_data_to_file(ef_largeblob, + file_put_data(ef_largeblob, (const uint8_t *) "\x80\x76\xbe\x8b\x52\x8d\x00\x75\xf7\xaa\xe9\x8d\x6f\xa5\x7a\x6d\x3c", 17); } @@ -447,7 +447,7 @@ uint8_t get_opts() { void set_opts(uint8_t opts) { file_t *ef = search_by_fid(EF_OPTS, NULL, SPECIFY_EF); - flash_write_data_to_file(ef, &opts, sizeof(uint8_t)); + file_put_data(ef, &opts, sizeof(uint8_t)); low_flash_available(); } diff --git a/src/fido/management.c b/src/fido/management.c index fb305c8..f7590d0 100644 --- a/src/fido/management.c +++ b/src/fido/management.c @@ -130,7 +130,7 @@ int cmd_write_config() { return SW_WRONG_DATA(); } file_t *ef = file_new(EF_DEV_CONF); - flash_write_data_to_file(ef, apdu.data + 1, apdu.nc - 1); + file_put_data(ef, apdu.data + 1, apdu.nc - 1); low_flash_available(); return SW_OK(); } diff --git a/src/fido/oath.c b/src/fido/oath.c index 75c1ae7..03ee790 100644 --- a/src/fido/oath.c +++ b/src/fido/oath.c @@ -158,7 +158,7 @@ int cmd_put() { } file_t *ef = find_oath_cred(name.data, name.len); if (file_has_data(ef)) { - flash_write_data_to_file(ef, apdu.data, apdu.nc); + file_put_data(ef, apdu.data, apdu.nc); low_flash_available(); } else { @@ -166,7 +166,7 @@ int cmd_put() { file_t *ef = search_dynamic_file(EF_OATH_CRED + i); if (!file_has_data(ef)) { ef = file_new(EF_OATH_CRED + i); - flash_write_data_to_file(ef, apdu.data, apdu.nc); + file_put_data(ef, apdu.data, apdu.nc); low_flash_available(); return SW_OK(); } @@ -247,7 +247,7 @@ int cmd_set_code() { } random_gen(NULL, challenge, sizeof(challenge)); file_t *ef = file_new(EF_OATH_CODE); - flash_write_data_to_file(ef, key.data, key.len); + file_put_data(ef, key.data, key.len); low_flash_available(); validated = false; return SW_OK(); @@ -429,7 +429,7 @@ int cmd_calculate() { chal.data[5] = v >> 16; chal.data[6] = v >> 8; chal.data[7] = v & 0xff; - flash_write_data_to_file(ef, tmp, ef_size); + file_put_data(ef, tmp, ef_size); low_flash_available(); free(tmp); } @@ -504,7 +504,7 @@ int cmd_set_otp_pin() { } hsh[0] = MAX_OTP_COUNTER; double_hash_pin(pw.data, pw.len, hsh + 1); - flash_write_data_to_file(ef_otp_pin, hsh, sizeof(hsh)); + file_put_data(ef_otp_pin, hsh, sizeof(hsh)); low_flash_available(); return SW_OK(); } @@ -529,7 +529,7 @@ int cmd_change_otp_pin() { } hsh[0] = MAX_OTP_COUNTER; double_hash_pin(new_pw.data, new_pw.len, hsh + 1); - flash_write_data_to_file(ef_otp_pin, hsh, sizeof(hsh)); + file_put_data(ef_otp_pin, hsh, sizeof(hsh)); low_flash_available(); return SW_OK(); } @@ -551,13 +551,13 @@ int cmd_verify_otp_pin() { if (data_hsh[0] > 0) { data_hsh[0] -= 1; } - flash_write_data_to_file(ef_otp_pin, data_hsh, sizeof(data_hsh)); + file_put_data(ef_otp_pin, data_hsh, sizeof(data_hsh)); low_flash_available(); validated = false; return SW_SECURITY_STATUS_NOT_SATISFIED(); } data_hsh[0] = MAX_OTP_COUNTER; - flash_write_data_to_file(ef_otp_pin, data_hsh, sizeof(data_hsh)); + file_put_data(ef_otp_pin, data_hsh, sizeof(data_hsh)); low_flash_available(); validated = true; return SW_OK(); diff --git a/src/fido/otp.c b/src/fido/otp.c index e37e779..7d5be77 100644 --- a/src/fido/otp.c +++ b/src/fido/otp.c @@ -169,7 +169,7 @@ void init_otp() { memcpy(new_data, data, sizeof(new_data)); new_data[otp_config_size] = counter >> 8; new_data[otp_config_size + 1] = counter & 0xff; - flash_write_data_to_file(ef, new_data, sizeof(new_data)); + file_put_data(ef, new_data, sizeof(new_data)); } } } @@ -258,7 +258,7 @@ int otp_button_pressed(uint8_t slot) { uint8_t new_otp_config[otp_config_size + sizeof(new_chal)]; memcpy(new_otp_config, otp_config, otp_config_size); memcpy(new_otp_config + otp_config_size, new_chal, sizeof(new_chal)); - flash_write_data_to_file(ef, new_otp_config, sizeof(new_otp_config)); + file_put_data(ef, new_otp_config, sizeof(new_otp_config)); low_flash_available(); } if (otp_config->tkt_flags & APPEND_CR) { @@ -322,7 +322,7 @@ int otp_button_pressed(uint8_t slot) { memcpy(new_data, data, sizeof(new_data)); new_data[otp_config_size] = counter >> 8; new_data[otp_config_size + 1] = counter & 0xff; - flash_write_data_to_file(ef, new_data, sizeof(new_data)); + file_put_data(ef, new_data, sizeof(new_data)); low_flash_available(); } } @@ -387,7 +387,7 @@ int cmd_otp() { return SW_WRONG_DATA(); } memset(apdu.data + otp_config_size, 0, 8); // Add 8 bytes extra - flash_write_data_to_file(ef, apdu.data, otp_config_size + 8); + file_put_data(ef, apdu.data, otp_config_size + 8); low_flash_available(); config_seq++; return otp_status(); @@ -420,7 +420,7 @@ int cmd_otp() { (odata->tkt_flags & TKTFLAG_UPDATE_MASK); odata->cfg_flags = (otpc->cfg_flags & ~CFGFLAG_UPDATE_MASK) | (odata->cfg_flags & CFGFLAG_UPDATE_MASK); - flash_write_data_to_file(ef, apdu.data, otp_config_size); + file_put_data(ef, apdu.data, otp_config_size); low_flash_available(); } } @@ -434,13 +434,13 @@ int cmd_otp() { ef1_data = true; } if (file_has_data(ef2)) { - flash_write_data_to_file(ef1, file_get_data(ef2), file_get_size(ef2)); + file_put_data(ef1, file_get_data(ef2), file_get_size(ef2)); } else { delete_file(ef1); } if (ef1_data) { - flash_write_data_to_file(ef2, tmp, sizeof(tmp)); + file_put_data(ef2, tmp, sizeof(tmp)); } else { delete_file(ef2);