Arduino/pico-fido
1
0
Fork 1
mirror of https://github.com/polhenarejos/pico-fido.git synced 2025-12-19 02:48:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Adding MKEK generation on first scan.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2022-09-02 18:36:14 +02:00
parent 6de753447e
commit 65b14960ce
5 changed files with 97 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@@ -30,6 +30,7 @@ add_executable(pico_fido)
target_sources(pico_fido PUBLIC target_sources(pico_fido PUBLIC
${CMAKE_CURRENT_LIST_DIR}/src/fido/fido.c ${CMAKE_CURRENT_LIST_DIR}/src/fido/fido.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/files.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cmd_register.c ${CMAKE_CURRENT_LIST_DIR}/src/fido/cmd_register.c
) )
set(HSM_DRIVER "hid") set(HSM_DRIVER "hid")

33
src/fido/fido.c
View File

@@ -19,6 +19,9 @@
#include "hsm.h" #include "hsm.h"
#include "apdu.h" #include "apdu.h"
#include "u2f.h" #include "u2f.h"
#include "files.h"
#include "file.h"
#include "random.h"
#include <stdio.h> #include <stdio.h>
void init_fido(); void init_fido();
@@ -39,9 +42,6 @@ app_t *fido_select(app_t *a) {
return a; return a;
} }
void init_fido() {
}
void __attribute__ ((constructor)) fido_ctor() { void __attribute__ ((constructor)) fido_ctor() {
register_app(fido_select); register_app(fido_select);
fido_select(&apps[0]); fido_select(&apps[0]);
@@ -51,6 +51,33 @@ int fido_unload() {
return CCID_OK; return CCID_OK;
} }
void scan_files() {
ef_mkek = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
if (ef_mkek) {
if (!ef_mkek->data) {
printf("MKEK is empty. Initializing with default password\r\n");
uint8_t tmp_mkek[MKEK_SIZE];
const uint8_t *rd = random_bytes_get(MKEK_IV_SIZE+MKEK_KEY_SIZE);
memcpy(tmp_mkek, rd, MKEK_IV_SIZE+MKEK_KEY_SIZE);
flash_write_data_to_file(ef_mkek, tmp_mkek, MKEK_SIZE);
}
}
else {
printf("FATAL ERROR: PIN1 not found in memory!\r\n");
}
low_flash_available();
}
void scan_all() {
scan_flash();
scan_files();
}
void init_fido() {
scan_all();
}
typedef struct cmd typedef struct cmd
{ {
uint8_t ins; uint8_t ins;

4
src/fido/fido.h
View File

@@ -22,4 +22,8 @@
#define KEY_PATH_LEN 32 #define KEY_PATH_LEN 32
#define KEY_HANDLE_LEN (KEY_PATH_LEN + SHA256_DIGEST_LENGTH) #define KEY_HANDLE_LEN (KEY_PATH_LEN + SHA256_DIGEST_LENGTH)
#define MKEK_IV_SIZE 16
#define MKEK_KEY_SIZE 32
#define MKEK_SIZE (MKEK_IV_SIZE+MKEK_KEY_SIZE)
#endif //_FIDO_H #endif //_FIDO_H

31
src/fido/files.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* This file is part of the Pico FIDO distribution (https://github.com/polhenarejos/pico-fido).
* Copyright (c) 2022 Pol Henarejos.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "file.h"
#include "files.h"
file_t file_entries[] = {
{.fid = 0x3f00, .parent = 0xff, .name = NULL, .type = FILE_TYPE_DF, .data = NULL, .ef_structure = 0, .acl = {0}}, // MF
{.fid = EF_KEY_DEV, .parent = 5, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH | FILE_PERSISTENT, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // Device Key
{.fid = EF_PRKD_DEV, .parent = 5, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH | FILE_PERSISTENT, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // PrKD Device
{.fid = EF_EE_DEV, .parent = 5, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH | FILE_PERSISTENT, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // End Entity Certificate Device
{.fid = EF_MKEK, .parent = 5, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH | FILE_PERSISTENT, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // MKEK
};
const file_t *MF = &file_entries[0];
const file_t *file_last = &file_entries[sizeof(file_entries)/sizeof(file_t)-1];
file_t *ef_mkek = NULL;

31
src/fido/files.h Normal file
View File

@@ -0,0 +1,31 @@
/*
* This file is part of the Pico FIDO distribution (https://github.com/polhenarejos/pico-fido).
* Copyright (c) 2022 Pol Henarejos.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _FILES_H_
#define _FILES_H_
#include "file.h"
#define EF_MKEK 0x100A
#define EF_KEY_DEV 0xCC00
#define EF_PRKD_DEV 0xC400
#define EF_EE_DEV 0xCE00
extern file_t *ef_mkek;
#endif //_FILES_H_