From f784e53409466e97a72cf1a9c22b8ecf77845207 Mon Sep 17 00:00:00 2001 From: limpkin Date: Tue, 14 Apr 2015 20:23:34 +0200 Subject: [PATCH] no need to remove card after adding an unknown card --- source_code/Mooltipass.atsuo | Bin 115712 -> 116224 bytes source_code/src/LOGIC/logic_eeprom.c | 13 +++++++------ source_code/src/LOGIC/logic_eeprom.h | 4 ++-- source_code/src/USB/usb_cmd_parser.c | 16 ++++++++++------ source_code/src/changelog.txt | 1 + 5 files changed, 20 insertions(+), 14 deletions(-) diff --git a/source_code/Mooltipass.atsuo b/source_code/Mooltipass.atsuo index 77a44f88c81ee96d210a099141b83c733ae091c8..080851ba7af91ff9413d3c83e37ed5ab56e50d90 100644 GIT binary patch delta 937 zcmZvaUr19?9LMi(yZdiCn=MTX%?Pcjn;8`nxbz`kbXJc&Xkci~Kk3!n*26LoA12I> zc8EaGoPV;m^5(9Vqp5`w!Hg2D7ZZB0h^#TAC+&A~bI;G&sc^a! zkF9Jx^YiKEO6wv>8HNe=5j*>u)nQ1A#tp=o!18UfhrnK!FbtoiNR`R}qo~Pq>X1wY zTR2oGQOgs^;yEoVl@zOayRKBJf(+F6#XOCe6^PYX|MrcJ-<@WXsTdYhCGxjEV@(bn zq-r&jcV;cHY-Y?MTuwQeV@-S{$HFT0C?AelJeQw)OY2NC=hcUftEJgrUGk;dHT?KQ z_?Y<$?spZjB6UbT(ttD~*N`Tp8R3u?q!ro38@1urhS>T3FR7C8Z*6;bt>AvEh-hzi zS2_GFB()^2oq9D44%_95l7W%h$&c$ycZH6gw7~=IY+w0r?dP>IcVVt{v?0U`VH-3` z5`%}rg1frQCaEr6rsroPX;?svXSC#p{)iB~0i6l#VC-g;b3sVO^kaTMrU_gZgybq1 zKw&5*QmzLskh2B@jr4#;=|O#X$LmE&e5R3@Bt&|lOe#OEX7Kk@YXBa>Gg=n_2Q{`s z98E6*4ZY-nZ19U}8T65xDK^1=4?2{@Y|kOa_X^^4$I&WWBW&CS4bX-eD4^d1a1@lZ zau5u}G@ndfG$#wjA2?*brhVJdNI{rBuJrD%F-Yd3PbmRr6 zFiyv~zY?}EXlF)!qu?ZA3zl2>hk#eo>9p)L}0k+-jH^7=eCF9K$+z-+aaEIB^w)ka9$ zqC*ZlUtm(>auKQ2%Y&Lus^cy>RqDfnjd{guX%%IctHdM2@D$o**CJymC4-L=tp00=yy@W2#OrB(H%i} zV13ej`}nu_q|nq99XeMR=agg+{9Ja=(g9=5*1G!uNP4-Bl7W$xQ>@;H7g>C|6S5 za9C$Z>(!YK(}e_FB-JlPx@`uW%Bemu0o);Nn}bTI2d)TY&(*5c5a{W-?rF;Nvf(Yt7?q{k>QSg#k?53$G_=F+G53j{ytPxKP+)642S^S_h2{17M z9*)c^6-wX{cmWSGwfaU%>M>+-RGNYaoln3s`!N>K)@cS>nC<)b5(jhlGcsROokwM; z0hy6;m7sl7P!eAb13fVf+tt6BSsNKDWcJ^2yX~DB2|^ZzJ*sF-8=Ri@&Okn`o`F*H RUqWOip{f#P>r?mue*kMT{B{5U diff --git a/source_code/src/LOGIC/logic_eeprom.c b/source_code/src/LOGIC/logic_eeprom.c index 0b940f7e1..b8b67983d 100644 --- a/source_code/src/LOGIC/logic_eeprom.c +++ b/source_code/src/LOGIC/logic_eeprom.c @@ -315,30 +315,31 @@ RET_TYPE writeSmartCardCPZForUserId(uint8_t* buffer, uint8_t* nonce, uint8_t use /*! \fn addNewUserForExistingCard(uint8_t* nonce) * \brief Add a new user for an already unlocked card +* \param nonce User nonce +* \param user_id Pointer to where to store the user id * \return success or not */ -RET_TYPE addNewUserForExistingCard(uint8_t* nonce) +RET_TYPE addNewUserForExistingCard(uint8_t* nonce, uint8_t* user_id) { uint8_t temp_buffer[SMARTCARD_CPZ_LENGTH]; - uint8_t new_user_id; // Get new user id if possible - if (findAvailableUserId(&new_user_id) == RETURN_NOK) + if (findAvailableUserId(user_id) == RETURN_NOK) { return RETURN_NOK; } // Create user profile in flash, CTR is set to 0 by the library - formatUserProfileMemory(new_user_id); + formatUserProfileMemory(*user_id); // Initialize user flash context, that inits the node mgmt handle and the ctr value - initUserFlashContext(new_user_id); + initUserFlashContext(*user_id); // Read smartcard CPZ value readCodeProtectedZone(temp_buffer); // Store User ID <> SMC CPZ & AES CTR <> user id - if (writeSmartCardCPZForUserId(temp_buffer, nonce, new_user_id) != RETURN_OK) + if (writeSmartCardCPZForUserId(temp_buffer, nonce, *user_id) != RETURN_OK) { return RETURN_NOK; } diff --git a/source_code/src/LOGIC/logic_eeprom.h b/source_code/src/LOGIC/logic_eeprom.h index 52920ef18..da0dac591 100644 --- a/source_code/src/LOGIC/logic_eeprom.h +++ b/source_code/src/LOGIC/logic_eeprom.h @@ -39,7 +39,7 @@ // Total number of LUT entries. LUT is located near the end of the eeprom with reserved bytes at the end #define NB_MAX_SMCID_UID_MATCH_ENTRIES ((EEPROM_SIZE - EEP_SMC_IC_USER_MATCH_START_ADDR - EEPROM_END_RESERVED)/SMCID_UID_MATCH_ENTRY_LENGTH) // Correct key to prevent mooltipass settings reinit -#define USER_PARAM_CORRECT_INIT_KEY 0xC5 +#define USER_PARAM_CORRECT_INIT_KEY 0x77 // Mooltipass eeprom parameters define #define USER_PARAM_INIT_KEY_PARAM 0 #define KEYBOARD_LAYOUT_PARAM 1 @@ -60,10 +60,10 @@ RET_TYPE getUserIdFromSmartCardCPZ(uint8_t* buffer, uint8_t* nonce, uint8_t* userid); RET_TYPE writeSmartCardCPZForUserId(uint8_t* buffer, uint8_t* nonce, uint8_t userid); uint8_t controlEepromParameter(uint8_t val, uint8_t lowerBound, uint8_t upperBound); +RET_TYPE addNewUserForExistingCard(uint8_t* nonce, uint8_t* user_id); void setMooltipassParameterInEeprom(uint8_t param, uint8_t val); RET_TYPE addNewUserAndNewSmartCard(volatile uint16_t* pin_code); uint8_t getMooltipassParameterInEeprom(uint8_t param); -RET_TYPE addNewUserForExistingCard(uint8_t* nonce); void outputLUTEntriesForGivenUser(uint8_t userID); void deleteUserIdFromSMCUIDLUT(uint8_t userid); void firstTimeUserHandlingInit(void); diff --git a/source_code/src/USB/usb_cmd_parser.c b/source_code/src/USB/usb_cmd_parser.c index 428bb59bf..4fd386536 100644 --- a/source_code/src/USB/usb_cmd_parser.c +++ b/source_code/src/USB/usb_cmd_parser.c @@ -1212,18 +1212,22 @@ void usbProcessIncoming(uint8_t caller_id) // Check the args, check we're not authenticated, check that the user could unlock the card if ((datalen == SMARTCARD_CPZ_LENGTH + AES256_CTR_LENGTH) && (getCurrentScreen() == SCREEN_DEFAULT_INSERTED_UNKNOWN)) { - uint8_t temp_buffer[SMARTCARD_CPZ_LENGTH]; + uint8_t temp_buffer[AES_KEY_LENGTH/8]; + uint8_t new_user_id; // Read code protected zone readCodeProtectedZone(temp_buffer); - // Check that the provided CPZ is the current one, ask the user to unlock the card - if ((memcmp(temp_buffer, msg->body.data, SMARTCARD_CPZ_LENGTH) == 0) && (guiCardUnlockingProcess() == RETURN_OK)) + // Check that the provided CPZ is the current one, ask the user to unlock the card and check that we can add the user + if ((memcmp(temp_buffer, msg->body.data, SMARTCARD_CPZ_LENGTH) == 0) && (guiCardUnlockingProcess() == RETURN_OK) && (addNewUserForExistingCard(&msg->body.data[SMARTCARD_CPZ_LENGTH], &new_user_id) == RETURN_OK)) { + // Success, jump to the main menu + readAES256BitsKey(temp_buffer); + initUserFlashContext(new_user_id); + initEncryptionHandling(temp_buffer, &msg->body.data[SMARTCARD_CPZ_LENGTH]); + setSmartCardInsertedUnlocked(); plugin_return_value = PLUGIN_BYTE_OK; - addNewUserForExistingCard(&msg->body.data[SMARTCARD_CPZ_LENGTH]); - // Success, ask the user to remove the card - guiSetCurrentScreen(SCREEN_DEFAULT_INSERTED_INVALID); + guiSetCurrentScreen(SCREEN_DEFAULT_INSERTED_NLCK); } else { diff --git a/source_code/src/changelog.txt b/source_code/src/changelog.txt index c23fb9482..141b75b66 100644 --- a/source_code/src/changelog.txt +++ b/source_code/src/changelog.txt @@ -2,6 +2,7 @@ RC3: - more information on the cloning process - new bundle required! - card cpz needs to be presented to allow unknown card adding - pin handling functions only use pointers to pin variable +- no need to remove card when adding an unknown card - different messages for pin entering - offer user to not erase card