no need to remove card after adding an unknown card

limpkin · Apr 14, 2015 · f784e53 · f784e53
1 parent eb9cada
commit f784e53
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 14 deletions.
diff --git a/source_code/Mooltipass.atsuo b/source_code/Mooltipass.atsuo
diff --git a/source_code/src/LOGIC/logic_eeprom.c b/source_code/src/LOGIC/logic_eeprom.c
@@ -315,30 +315,31 @@ RET_TYPE writeSmartCardCPZForUserId(uint8_t* buffer, uint8_t* nonce, uint8_t use
 
 /*! \fn     addNewUserForExistingCard(uint8_t* nonce)
 *   \brief  Add a new user for an already unlocked card
+*   \param  nonce   User nonce
+*   \param  user_id Pointer to where to store the user id
 *   \return success or not
 */
-RET_TYPE addNewUserForExistingCard(uint8_t* nonce)
+RET_TYPE addNewUserForExistingCard(uint8_t* nonce, uint8_t* user_id)
 {
     uint8_t temp_buffer[SMARTCARD_CPZ_LENGTH];
-    uint8_t new_user_id;
 
     // Get new user id if possible
-    if (findAvailableUserId(&new_user_id) == RETURN_NOK)
+    if (findAvailableUserId(user_id) == RETURN_NOK)
     {
         return RETURN_NOK;
     }
 
     // Create user profile in flash, CTR is set to 0 by the library
-    formatUserProfileMemory(new_user_id);
+    formatUserProfileMemory(*user_id);
 
     // Initialize user flash context, that inits the node mgmt handle and the ctr value
-    initUserFlashContext(new_user_id);
+    initUserFlashContext(*user_id);
 
     // Read smartcard CPZ value
     readCodeProtectedZone(temp_buffer);
 
     // Store User ID <> SMC CPZ & AES CTR <> user id
-    if (writeSmartCardCPZForUserId(temp_buffer, nonce, new_user_id) != RETURN_OK)
+    if (writeSmartCardCPZForUserId(temp_buffer, nonce, *user_id) != RETURN_OK)
     {
         return RETURN_NOK;
     }

diff --git a/source_code/src/LOGIC/logic_eeprom.h b/source_code/src/LOGIC/logic_eeprom.h
@@ -39,7 +39,7 @@
 // Total number of LUT entries. LUT is located near the end of the eeprom with reserved bytes at the end
 #define NB_MAX_SMCID_UID_MATCH_ENTRIES  ((EEPROM_SIZE - EEP_SMC_IC_USER_MATCH_START_ADDR - EEPROM_END_RESERVED)/SMCID_UID_MATCH_ENTRY_LENGTH)
 // Correct key to prevent mooltipass settings reinit
-#define USER_PARAM_CORRECT_INIT_KEY         0xC5
+#define USER_PARAM_CORRECT_INIT_KEY         0x77
 // Mooltipass eeprom parameters define
 #define USER_PARAM_INIT_KEY_PARAM           0
 #define KEYBOARD_LAYOUT_PARAM               1
@@ -60,10 +60,10 @@
 RET_TYPE getUserIdFromSmartCardCPZ(uint8_t* buffer, uint8_t* nonce, uint8_t* userid);
 RET_TYPE writeSmartCardCPZForUserId(uint8_t* buffer, uint8_t* nonce, uint8_t userid);
 uint8_t controlEepromParameter(uint8_t val, uint8_t lowerBound, uint8_t upperBound);
+RET_TYPE addNewUserForExistingCard(uint8_t* nonce, uint8_t* user_id);
 void setMooltipassParameterInEeprom(uint8_t param, uint8_t val);
 RET_TYPE addNewUserAndNewSmartCard(volatile uint16_t* pin_code);
 uint8_t getMooltipassParameterInEeprom(uint8_t param);
-RET_TYPE addNewUserForExistingCard(uint8_t* nonce);
 void outputLUTEntriesForGivenUser(uint8_t userID);
 void deleteUserIdFromSMCUIDLUT(uint8_t userid);
 void firstTimeUserHandlingInit(void);

diff --git a/source_code/src/USB/usb_cmd_parser.c b/source_code/src/USB/usb_cmd_parser.c
@@ -1212,18 +1212,22 @@ void usbProcessIncoming(uint8_t caller_id)
             // Check the args, check we're not authenticated, check that the user could unlock the card
             if ((datalen == SMARTCARD_CPZ_LENGTH + AES256_CTR_LENGTH) && (getCurrentScreen() == SCREEN_DEFAULT_INSERTED_UNKNOWN))
             {
-                uint8_t temp_buffer[SMARTCARD_CPZ_LENGTH];
+                uint8_t temp_buffer[AES_KEY_LENGTH/8];
+                uint8_t new_user_id;
 
                 // Read code protected zone
                 readCodeProtectedZone(temp_buffer);
 
-                // Check that the provided CPZ is the current one, ask the user to unlock the card
-                if ((memcmp(temp_buffer, msg->body.data, SMARTCARD_CPZ_LENGTH) == 0) && (guiCardUnlockingProcess() == RETURN_OK))
+                // Check that the provided CPZ is the current one, ask the user to unlock the card and check that we can add the user
+                if ((memcmp(temp_buffer, msg->body.data, SMARTCARD_CPZ_LENGTH) == 0) && (guiCardUnlockingProcess() == RETURN_OK) && (addNewUserForExistingCard(&msg->body.data[SMARTCARD_CPZ_LENGTH], &new_user_id) == RETURN_OK))
                 {
+                    // Success, jump to the main menu
+                    readAES256BitsKey(temp_buffer);
+                    initUserFlashContext(new_user_id);
+                    initEncryptionHandling(temp_buffer, &msg->body.data[SMARTCARD_CPZ_LENGTH]);
+                    setSmartCardInsertedUnlocked();
                     plugin_return_value = PLUGIN_BYTE_OK;
-                    addNewUserForExistingCard(&msg->body.data[SMARTCARD_CPZ_LENGTH]);
-                    // Success, ask the user to remove the card
-                    guiSetCurrentScreen(SCREEN_DEFAULT_INSERTED_INVALID);
+                    guiSetCurrentScreen(SCREEN_DEFAULT_INSERTED_NLCK);
                 }
                 else
                 {

diff --git a/source_code/src/changelog.txt b/source_code/src/changelog.txt
@@ -2,6 +2,7 @@ RC3:
 - more information on the cloning process - new bundle required!
 - card cpz needs to be presented to allow unknown card adding
 - pin handling functions only use pointers to pin variable
+- no need to remove card when adding an unknown card
 - different messages for pin entering
 - offer user to not erase card