Permalink
Browse files

u2f: replace U2F header with newer ones

Fix U2F constants, add more checks.
  • Loading branch information...
prusnak committed Dec 15, 2018
1 parent 6d6e5a1 commit 0b26c529ec49daf584f322f3ef959c79694c8cf5
Showing with 176 additions and 206 deletions.
  1. +14 −4 firmware/u2f.c
  2. +73 −103 firmware/u2f/u2f.h
  3. +89 −99 firmware/u2f/u2f_hid.h
@@ -42,7 +42,7 @@

// About 1/2 Second according to values used in protect.c
#define U2F_TIMEOUT (800000/2)
#define U2F_OUT_PKT_BUFFER_LEN 128
#define U2F_OUT_PKT_BUFFER_LEN 130

// Initialise without a cid
static uint32_t cid = 0;
@@ -100,8 +100,13 @@ uint32_t next_cid(void)
return cid;
}

// https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-hid-protocol-v1.2-ps-20170411.html#message--and-packet-structure
// states the following:
// With a packet size of 64 bytes (max for full-speed devices), this means that
// the maximum message payload length is 64 - 7 + 128 * (64 - 5) = 7609 bytes.
#define U2F_MAXIMUM_PAYLOAD_LENGTH 7609
typedef struct {
uint8_t buf[57+127*59];
uint8_t buf[U2F_MAXIMUM_PAYLOAD_LENGTH];
uint8_t *buf_ptr;
uint32_t len;
uint8_t seq;
@@ -282,7 +287,7 @@ void u2fhid_init(const U2FHID_FRAME *in)
{
const U2FHID_INIT_REQ *init_req = (const U2FHID_INIT_REQ *)&in->init.data;
U2FHID_FRAME f;
U2FHID_INIT_RESP resp;
U2FHID_INIT_RESP resp = {0};

debugLog(0, "", "u2fhid_init");

@@ -295,7 +300,7 @@ void u2fhid_init(const U2FHID_FRAME *in)
f.cid = in->cid;
f.init.cmd = U2FHID_INIT;
f.init.bcnth = 0;
f.init.bcntl = U2FHID_INIT_RESP_SIZE;
f.init.bcntl = sizeof(resp);

memcpy(resp.nonce, init_req->nonce, sizeof(init_req->nonce));
resp.cid = in->cid == CID_BROADCAST ? next_cid() : in->cid;
@@ -363,6 +368,11 @@ void u2fhid_msg(const APDU *a, uint32_t len)

void send_u2fhid_msg(const uint8_t cmd, const uint8_t *data, const uint32_t len)
{
if (len > U2F_MAXIMUM_PAYLOAD_LENGTH) {
debugLog(0, "", "send_u2fhid_msg failed");
return;
}

U2FHID_FRAME f;
uint8_t *p = (uint8_t *)data;
uint32_t l = len;
@@ -1,143 +1,113 @@
/*
Copyright (C) 2013-2015 Yubico AB
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1, or (at your option) any
later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>.
*/

// Common U2F raw message format header.
// 2014-08-14 J Ehrensvard, Yubico, Inc.
/**
* Copyright FIDO Alliance, 2017
*
* Licensed under CC-BY:
* https://creativecommons.org/licenses/by/4.0/legalcode
*
* Editor: Jakob Ehrensvard, Yubico, jakob@yubico.com
*/

#ifndef __U2F_H_INCLUDED__
#define __U2F_H_INCLUDED__

#ifdef _MSC_VER // Windows
typedef unsigned char uint8_t;
typedef unsigned short uint16_t;
typedef unsigned int uint32_t;
#ifdef _MSC_VER // Windows
typedef unsigned char uint8_t;
typedef unsigned short uint16_t;
typedef unsigned int uint32_t;
typedef unsigned long int uint64_t;
#else
#include <stdint.h>
#endif

#ifdef __cplusplus
extern "C"
{
extern "C" {
#endif

// General constants

#define U2F_EC_KEY_SIZE 32 // EC key size in bytes
#define U2F_EC_POINT_SIZE ((U2F_EC_KEY_SIZE * 2) + 1) // Size of EC point
#define U2F_MAX_KH_SIZE 128 // Max size of key handle
#define U2F_MAX_ATT_CERT_SIZE 1024 // Max size of attestation certificate
#define U2F_MAX_EC_SIG_SIZE 72 // Max size of DER coded EC signature
#define U2F_CTR_SIZE 4 // Size of counter field
#define U2F_APPID_SIZE 32 // Size of application id
#define U2F_CHAL_SIZE 32 // Size of challenge
#define U2F_EC_KEY_SIZE 32 // EC key size in bytes
#define U2F_EC_POINT_SIZE ((U2F_EC_KEY_SIZE * 2) + 1) // Size of EC point
#define U2F_MAX_KH_SIZE 128 // Max size of key handle
#define U2F_MAX_ATT_CERT_SIZE 2048 // Max size of attestation certificate
#define U2F_MAX_EC_SIG_SIZE 72 // Max size of DER coded EC signature
#define U2F_CTR_SIZE 4 // Size of counter field
#define U2F_APPID_SIZE 32 // Size of application id
#define U2F_CHAL_SIZE 32 // Size of challenge

#define ENC_SIZE(x) ((x + 7) & 0xfff8)

// EC (uncompressed) point

#define U2F_POINT_UNCOMPRESSED 0x04 // Uncompressed point format
#define U2F_POINT_UNCOMPRESSED 0x04 // Uncompressed point format

typedef struct
{
uint8_t pointFormat; // Point type
uint8_t x[U2F_EC_KEY_SIZE]; // X-value
uint8_t y[U2F_EC_KEY_SIZE]; // Y-value
} U2F_EC_POINT;
typedef struct __attribute__((packed)) {
uint8_t pointFormat; // Point type
uint8_t x[U2F_EC_KEY_SIZE]; // X-value
uint8_t y[U2F_EC_KEY_SIZE]; // Y-value
} U2F_EC_POINT;

// U2F native commands

#define U2F_REGISTER 0x01 // Registration command
#define U2F_AUTHENTICATE 0x02 // Authenticate/sign command
#define U2F_VERSION 0x03 // Read version string command
#define U2F_REGISTER 0x01 // Registration command
#define U2F_AUTHENTICATE 0x02 // Authenticate/sign command
#define U2F_VERSION 0x03 // Read version string command

#define U2F_VENDOR_FIRST 0x40 // First vendor defined command
#define U2F_VENDOR_LAST 0x7f // Last vendor defined command
#define U2F_VENDOR_FIRST 0x40 // First vendor defined command
#define U2F_VENDOR_LAST 0xbf // Last vendor defined command

// U2F_CMD_REGISTER command defines

#define U2F_REGISTER_ID 0x05 // Version 2 registration identifier
#define U2F_REGISTER_HASH_ID 0x00 // Version 2 hash identintifier

typedef struct
{
uint8_t chal[U2F_CHAL_SIZE]; // Challenge
uint8_t appId[U2F_APPID_SIZE]; // Application id
} U2F_REGISTER_REQ;

typedef struct
{
uint8_t registerId; // Registration identifier (U2F_REGISTER_ID_V2)
U2F_EC_POINT pubKey; // Generated public key
uint8_t keyHandleLen; // Length of key handle
uint8_t keyHandleCertSig[U2F_MAX_KH_SIZE + // Key handle
U2F_MAX_ATT_CERT_SIZE + // Attestation certificate
U2F_MAX_EC_SIG_SIZE]; // Registration signature
} U2F_REGISTER_RESP;
#define U2F_REGISTER_ID 0x05 // Version 2 registration identifier
#define U2F_REGISTER_HASH_ID 0x00 // Version 2 hash identintifier

typedef struct __attribute__((packed)) {
uint8_t chal[U2F_CHAL_SIZE]; // Challenge
uint8_t appId[U2F_APPID_SIZE]; // Application id
} U2F_REGISTER_REQ;

typedef struct __attribute__((packed)) {
uint8_t registerId; // Registration identifier (U2F_REGISTER_ID_V2)
U2F_EC_POINT pubKey; // Generated public key
uint8_t keyHandleLen; // Length of key handle
uint8_t keyHandleCertSig[
U2F_MAX_KH_SIZE + // Key handle
U2F_MAX_ATT_CERT_SIZE + // Attestation certificate
U2F_MAX_EC_SIG_SIZE]; // Registration signature
} U2F_REGISTER_RESP;

// U2F_CMD_AUTHENTICATE command defines

// Authentication control byte

#define U2F_AUTH_ENFORCE 0x03 // Enforce user presence and sign
#define U2F_AUTH_CHECK_ONLY 0x07 // Check only
#define U2F_AUTH_FLAG_TUP 0x01 // Test of user presence set

typedef struct
{
uint8_t chal[U2F_CHAL_SIZE]; // Challenge
uint8_t appId[U2F_APPID_SIZE]; // Application id
uint8_t keyHandleLen; // Length of key handle
uint8_t keyHandle[U2F_MAX_KH_SIZE]; // Key handle
} U2F_AUTHENTICATE_REQ;

typedef struct
{
uint8_t flags; // U2F_AUTH_FLAG_ values
uint8_t ctr[U2F_CTR_SIZE]; // Counter field (big-endian)
uint8_t sig[U2F_MAX_EC_SIG_SIZE]; // Signature
} U2F_AUTHENTICATE_RESP;

// Common raw message format (ISO7816-4:2005 mapping)

typedef struct
{
uint8_t cla; // Class - reserved
uint8_t ins; // U2F instruction
uint8_t p1; // U2F parameter 1
uint8_t p2; // U2F parameter 2
uint8_t lc1; // Length field, set to zero
uint8_t lc2; // Length field, MSB
uint8_t lc3; // Length field, LSB
uint8_t data[1]; // Data field
} U2F_MSG;
#define U2F_AUTH_ENFORCE 0x03 // Enforce user presence and sign
#define U2F_AUTH_CHECK_ONLY 0x07 // Check only
#define U2F_AUTH_FLAG_TUP 0x01 // Test of user presence set

typedef struct __attribute__((packed)) {
uint8_t chal[U2F_CHAL_SIZE]; // Challenge
uint8_t appId[U2F_APPID_SIZE]; // Application id
uint8_t keyHandleLen; // Length of key handle
uint8_t keyHandle[U2F_MAX_KH_SIZE]; // Key handle
} U2F_AUTHENTICATE_REQ;

typedef struct __attribute__((packed)) {
uint8_t flags; // U2F_AUTH_FLAG_ values
uint8_t ctr[U2F_CTR_SIZE]; // Counter field (big-endian)
uint8_t sig[U2F_MAX_EC_SIG_SIZE]; // Signature
} U2F_AUTHENTICATE_RESP;

// Command status responses

#define U2F_SW_NO_ERROR 0x9000 // SW_NO_ERROR
#define U2F_SW_WRONG_LENGTH 0x6700 // SW_WRONG_LENGTH
#define U2F_SW_DATA_INVALID 0x6984 // SW_WRONG_DATA
#define U2F_SW_CONDITIONS_NOT_SATISFIED 0x6985 // SW_CONDITIONS_NOT_SATISFIED
#define U2F_SW_WRONG_DATA 0x6a80 // SW_WRONG_DATA
#define U2F_SW_INS_NOT_SUPPORTED 0x6d00 // SW_INS_NOT_SUPPORTED
#define U2F_SW_CLA_NOT_SUPPORTED 0x6e00 // SW_CLA_NOT_SUPPORTED
#define U2F_SW_NO_ERROR 0x9000 // SW_NO_ERROR
#define U2F_SW_WRONG_LENGTH 0x6700 // SW_WRONG_LENGTH
#define U2F_SW_WRONG_DATA 0x6A80 // SW_WRONG_DATA
#define U2F_SW_CONDITIONS_NOT_SATISFIED 0x6985 // SW_CONDITIONS_NOT_SATISFIED
#define U2F_SW_COMMAND_NOT_ALLOWED 0x6986 // SW_COMMAND_NOT_ALLOWED
#define U2F_SW_INS_NOT_SUPPORTED 0x6D00 // SW_INS_NOT_SUPPORTED
#define U2F_SW_CLA_NOT_SUPPORTED 0x6E00 // SW_CLA_NOT_SUPPORTED

#ifdef __cplusplus
}
#endif

#endif // __U2F_H_INCLUDED__
#endif // __U2F_H_INCLUDED__
Oops, something went wrong.

0 comments on commit 0b26c52

Please sign in to comment.