From 2d496fd8fca2b40da49f8ef1fd93f4a29ab56a3a Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Thu, 22 Sep 2022 20:18:05 +0200 Subject: [PATCH] Random functions shall be called for each core, otherwise it will hung. Signed-off-by: Pol Henarejos --- src/fido/cbor_get_assertion.c | 2 +- src/fido/cbor_make_credential.c | 2 +- src/fido/cbor_reset.c | 2 +- src/fido/cmd_authenticate.c | 2 +- src/fido/cmd_register.c | 2 +- src/fido/fido.c | 36 ++++++++++++++++++++------------- src/fido/fido.h | 5 +++-- 7 files changed, 30 insertions(+), 21 deletions(-) diff --git a/src/fido/cbor_get_assertion.c b/src/fido/cbor_get_assertion.c index 653e9a4..183d46c 100644 --- a/src/fido/cbor_get_assertion.c +++ b/src/fido/cbor_get_assertion.c @@ -420,7 +420,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { flags |= FIDO2_AUT_FLAG_ED; } - uint32_t ctr = *(uint32_t *)file_get_data(ef_counter); + uint32_t ctr = get_sign_counter(); size_t aut_data_len = 32 + 1 + 4 + ext_len; aut_data = (uint8_t *)calloc(1, aut_data_len + clientDataHash.len); diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 9dda767..4ce3f24 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -285,7 +285,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) { if (cinfo == NULL) CBOR_ERROR(CTAP1_ERR_OTHER); size_t olen = 0, pkey_len = ceil((float)cinfo->bit_size/8); - uint32_t ctr = *(uint32_t *)file_get_data(ef_counter); + uint32_t ctr = get_sign_counter(); uint8_t cbor_buf[1024]; cbor_encoder_init(&encoder, cbor_buf, sizeof(cbor_buf), 0); CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 5)); diff --git a/src/fido/cbor_reset.c b/src/fido/cbor_reset.c index 46e9624..e92179a 100644 --- a/src/fido/cbor_reset.c +++ b/src/fido/cbor_reset.c @@ -31,6 +31,6 @@ int cbor_reset() { if (check_user_presence() == false) return CTAP2_ERR_USER_ACTION_TIMEOUT; initialize_flash(true); - scan_all(); + init_fido(true); return 0; } diff --git a/src/fido/cmd_authenticate.c b/src/fido/cmd_authenticate.c index 46a54d9..a691502 100644 --- a/src/fido/cmd_authenticate.c +++ b/src/fido/cmd_authenticate.c @@ -26,7 +26,7 @@ int cmd_authenticate() { CTAP_AUTHENTICATE_REQ *req = (CTAP_AUTHENTICATE_REQ *)apdu.data; CTAP_AUTHENTICATE_RESP *resp = (CTAP_AUTHENTICATE_RESP *)res_APDU; - if (scan_files() != CCID_OK) + if (scan_files(true) != CCID_OK) return SW_EXEC_ERROR(); if (req->keyHandleLen != KEY_HANDLE_LEN) return SW_WRONG_DATA(); diff --git a/src/fido/cmd_register.c b/src/fido/cmd_register.c index 8a40760..b5532a4 100644 --- a/src/fido/cmd_register.c +++ b/src/fido/cmd_register.c @@ -28,7 +28,7 @@ int cmd_register() { CTAP_REGISTER_RESP *resp = (CTAP_REGISTER_RESP *)res_APDU; resp->registerId = CTAP_REGISTER_ID; resp->keyHandleLen = KEY_HANDLE_LEN; - if (scan_files() != CCID_OK) + if (scan_files(true) != CCID_OK) return SW_EXEC_ERROR(); if (apdu.nc != CTAP_APPID_SIZE + CTAP_CHAL_SIZE) return SW_WRONG_LENGTH(); diff --git a/src/fido/fido.c b/src/fido/fido.c index e9b547c..d162341 100644 --- a/src/fido/fido.c +++ b/src/fido/fido.c @@ -33,7 +33,7 @@ #include #include -void init_fido(); +void init_fido(bool); int fido_process_apdu(); int fido_unload(); @@ -49,7 +49,7 @@ app_t *fido_select(app_t *a) { a->process_apdu = fido_process_apdu; a->unload = fido_unload; current_app = a; - init_fido(); + init_fido(false); return a; } @@ -90,7 +90,7 @@ int fido_load_key(int curve, const uint8_t *cred_id, mbedtls_ecdsa_context *key) return derive_key(NULL, false, key_path, mbedtls_curve, key); } -int x509_create_cert(mbedtls_ecdsa_context *ecdsa, uint8_t *buffer, size_t buffer_size) { +int x509_create_cert(mbedtls_ecdsa_context *ecdsa, uint8_t *buffer, size_t buffer_size, bool core1) { mbedtls_x509write_cert ctx; mbedtls_x509write_crt_init(&ctx); mbedtls_x509write_crt_set_version(&ctx, MBEDTLS_X509_CRT_VERSION_3); @@ -99,7 +99,7 @@ int x509_create_cert(mbedtls_ecdsa_context *ecdsa, uint8_t *buffer, size_t buffe mbedtls_x509write_crt_set_subject_name(&ctx, "C=ES,O=Pico HSM,CN=Pico FIDO"); mbedtls_mpi serial; mbedtls_mpi_init(&serial); - mbedtls_mpi_fill_random(&serial, 32, random_gen_core0, NULL); + mbedtls_mpi_fill_random(&serial, 32, core1 ? random_gen : random_gen_core0, NULL); mbedtls_x509write_crt_set_serial(&ctx, &serial); mbedtls_pk_context key; mbedtls_pk_init(&key); @@ -112,7 +112,7 @@ int x509_create_cert(mbedtls_ecdsa_context *ecdsa, uint8_t *buffer, size_t buffe mbedtls_x509write_crt_set_subject_key_identifier(&ctx); mbedtls_x509write_crt_set_authority_key_identifier(&ctx); mbedtls_x509write_crt_set_key_usage(&ctx, MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN); - int ret = mbedtls_x509write_crt_der(&ctx, buffer, buffer_size, random_gen_core0, NULL); + int ret = mbedtls_x509write_crt_der(&ctx, buffer, buffer_size, core1 ? random_gen : random_gen_core0, NULL); return ret; } @@ -171,7 +171,7 @@ int derive_key(const uint8_t *app_id, bool new_key, uint8_t *key_handle, int cur return r; } -int scan_files() { +int scan_files(bool core1) { ef_keydev = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF); if (ef_keydev) { if (!file_has_data(ef_keydev)) { @@ -179,7 +179,7 @@ int scan_files() { mbedtls_ecdsa_context ecdsa; mbedtls_ecdsa_init(&ecdsa); uint8_t index = 0; - int ret = mbedtls_ecdsa_genkey(&ecdsa, MBEDTLS_ECP_DP_SECP256R1, random_gen_core0, &index); + int ret = mbedtls_ecdsa_genkey(&ecdsa, MBEDTLS_ECP_DP_SECP256R1, core1 ? random_gen : random_gen_core0, &index); if (ret != 0) { mbedtls_ecdsa_free(&ecdsa); return ret; @@ -208,12 +208,12 @@ int scan_files() { int ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, file_get_data(ef_keydev), 32); if (ret != 0) return ret; - ret = x509_create_cert(&key, cert, sizeof(cert)); + ret = x509_create_cert(&key, cert, sizeof(cert), core1); mbedtls_ecdsa_free(&key); if (ret <= 0) return ret; flash_write_data_to_file(ef_certdev, cert + sizeof(cert) - ret, ret); - DEBUG_PAYLOAD(cert + sizeof(cert) - ret, ret); +// DEBUG_PAYLOAD(cert + sizeof(cert) - ret, ret); } } else { @@ -234,7 +234,10 @@ int scan_files() { if (ef_authtoken) { if (!file_has_data(ef_authtoken)) { uint8_t t[32]; - random_gen_core0(NULL, t, sizeof(t)); + if (core1) + random_gen(NULL, t, sizeof(t)); + else + random_gen_core0(NULL, t, sizeof(t)); flash_write_data_to_file(ef_authtoken, t, sizeof(t)); } paut.data = file_get_data(ef_authtoken); @@ -247,13 +250,13 @@ int scan_files() { return CCID_OK; } -void scan_all() { +void scan_all(bool core1) { scan_flash(); - scan_files(); + scan_files(core1); } -void init_fido() { - scan_all(); +void init_fido(bool core1) { + scan_all(core1); } bool wait_button_pressed() { @@ -276,6 +279,11 @@ bool check_user_presence() { return true; } +uint32_t get_sign_counter() { + uint8_t *caddr = file_get_data(ef_counter); + return (*caddr) | (*(caddr + 1) << 8) | (*(caddr + 2) << 16) | (*(caddr + 3) << 24); +} + typedef struct cmd { uint8_t ins; diff --git a/src/fido/fido.h b/src/fido/fido.h index ecb34a8..d069179 100644 --- a/src/fido/fido.h +++ b/src/fido/fido.h @@ -30,11 +30,11 @@ #define SHA256_DIGEST_LENGTH (32) #define KEY_HANDLE_LEN (KEY_PATH_LEN + SHA256_DIGEST_LENGTH) -extern int scan_files(); +extern int scan_files(bool); extern int derive_key(const uint8_t *app_id, bool new_key, uint8_t *key_handle, int, mbedtls_ecdsa_context *key); extern bool wait_button_pressed(); extern CTAPHID_FRAME *ctap_req, *ctap_resp; -extern void init_fido(); +extern void init_fido(bool); extern mbedtls_ecp_group_id fido_curve_to_mbedtls(int curve); extern int fido_load_key(int curve, const uint8_t *cred_id, mbedtls_ecdsa_context *key); extern int load_keydev(uint8_t *key); @@ -76,6 +76,7 @@ extern void clearUserPresentFlag(); extern void clearUserVerifiedFlag(); extern void clearPinUvAuthTokenPermissionsExceptLbw(); extern void send_keepalive(); +extern uint32_t get_sign_counter(); #define MAX_CREDENTIAL_COUNT_IN_LIST 16 #define MAX_CRED_ID_LENGTH 1024 #define MAX_RESIDENT_CREDENTIALS 256