Skip to content

Commit e3e5f02

Browse files
committed
Merge pull request #290
76b64b5 travis: fix packages (Niklas Claesson) b2850cd test_api: increase buffer size so that formatted string fits (Niklas Claesson) b0ed98d u2f: Fix u2f on windows (Niklas Claesson) 560a82c Docker, travis, vagrant: update GCC (Niklas Claesson)
2 parents 9c7ede8 + 76b64b5 commit e3e5f02

File tree

10 files changed

+36
-20
lines changed

10 files changed

+36
-20
lines changed

.travis.yml

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,7 @@ matrix:
2626

2727
addons:
2828
apt_packages:
29-
- lib32bz2-1.0
30-
- lib32ncurses5
31-
- lib32z1
29+
- libbz2-1.0
3230
- valgrind
3331

3432
install:
@@ -40,9 +38,9 @@ install:
4038
export PATH=$PATH:$PWD/bin/;
4139
cd ../../..;
4240
- if [ "$TEST" = "no" ]; then
43-
wget https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2;
44-
tar -xf gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2;
45-
export PATH=$PATH:$PWD/gcc-arm-none-eabi-8-2018-q4-major/bin;
41+
wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2019q3/RC1.1/gcc-arm-none-eabi-8-2019-q3-update-linux.tar.bz2;
42+
tar -xf gcc.tar.bz2;
43+
export PATH=$PATH:$PWD/gcc-arm-none-eabi-8-2019-q3-update/bin;
4644
fi;
4745
- if [ "$TEST" = "yes" ]; then
4846
sudo apt-get update;

Dockerfile.dev

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,9 +27,9 @@
2727
FROM debian:stretch
2828

2929
RUN apt update && apt-get install -y cmake git wget locales python python-pip
30-
RUN mkdir ~/Downloads && cd ~/Downloads && wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2
30+
RUN mkdir ~/Downloads && cd ~/Downloads && wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2019q3/RC1.1/gcc-arm-none-eabi-8-2019-q3-update-linux.tar.bz2
3131
RUN cd ~/Downloads && tar -xjvf gcc.tar.bz2
32-
RUN cd ~/Downloads && rsync -a gcc-arm-none-eabi-7-2018-q2-update/ /usr/local/
32+
RUN cd ~/Downloads && rsync -a gcc-arm-none-eabi-8-2019-q3-update/ /usr/local/
3333
RUN apt install -y libbz2-1.0 libncurses5 libz1 valgrind astyle clang libudev-dev python-urllib3 libssl1.0-dev
3434
RUN apt install -y libbz2-dev libbz2-dev libbz2-1.0 libncurses5 libz1 valgrind astyle clang libudev-dev python-urllib3
3535
RUN pip install --prefix /usr/local cpp-coveralls

Vagrantfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,9 @@ Vagrant.configure(2) do |config|
77
config.vm.provision "shell", privileged: false, inline: <<-SHELL
88
sudo locale-gen UTF-8
99
sudo apt update && sudo apt-get install -y cmake git
10-
wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2;
10+
wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2019q3/RC1.1/gcc-arm-none-eabi-8-2019-q3-update-linux.tar.bz2
1111
tar -xf gcc.tar.bz2
12-
sudo rsync -a gcc-arm-none-eabi-8-2018-q4-major/ /usr/local/
12+
sudo rsync -a gcc-arm-none-eabi-8-2019-q3-update/ /usr/local/
1313
SHELL
1414

1515
config.vm.provision "shell", run: "always", privileged: false, inline: <<-SHELL

dockerdev.sh

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ dockerdev () {
3535

3636
# If already running, enter the container.
3737
if docker ps | grep -q $container_name; then
38-
docker exec -it $container_name bash
38+
docker exec --user=dockeruser --workdir=/app -it $container_name bash
3939
return
4040
fi
4141

@@ -52,6 +52,11 @@ dockerdev () {
5252
-v $repo_path:/app \
5353
$container_image bash
5454

55+
# Use same user/group id as on the host, so that files are not created as root in the mounted
56+
# volume.
57+
docker exec -it $container_name groupadd -g `id -g` dockergroup
58+
docker exec -it $container_name useradd -u `id -u` -m -g dockergroup dockeruser
59+
5560
# Call a second time to enter the container.
5661
dockerdev
5762
}

src/flags.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -167,6 +167,7 @@ X(LONG_PAIR) \
167167
X(REQUIRE_LONG_TOUCH) /* placeholder - do not move */\
168168
X(TIMEOUT) /* any touch 'accept'; 3s timeout 'reject' */\
169169
X(SHORT) /* brief touch 'accept'; hold 3s 'reject' */\
170+
X(U2F) /* any touch 'accept'; 1.9s timeout 'reject'*/\
170171
X(REQUIRE_TOUCH) /* placeholder - do not move */
171172

172173
// Status and error flags

src/touch.c

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,10 @@ uint8_t touch_button_press(uint8_t touch_type)
102102
break;
103103
}
104104

105+
if (touch_type == TOUCH_U2F && systick_current_time_ms > QTOUCH_TOUCH_TIMEOUT_U2F) {
106+
break;
107+
}
108+
105109
// Send an intermittent blink indicator for each touch type.
106110
if (touch_type < TOUCH_REQUIRE_LONG_TOUCH && systick_current_time_ms > qt_led_toggle_ms) {
107111
if (systick_current_time_ms > qt_led_toggle_ms + QTOUCH_TOUCH_BLINK_OFF) {
@@ -164,7 +168,7 @@ uint8_t touch_button_press(uint8_t touch_type)
164168
pushed = DBB_TOUCHED;
165169
} else if (touch_type == TOUCH_SHORT) {
166170
pushed = DBB_TOUCHED_ABORT;
167-
} else if (touch_type == TOUCH_TIMEOUT) {
171+
} else if (touch_type == TOUCH_TIMEOUT || touch_type == TOUCH_U2F) {
168172
// If touched before exit_time_ms for:
169173
// - TOUCH_TIMEOUT, answer is 'accept'
170174
pushed = DBB_TOUCHED;

src/touch.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
#include <stdint.h>
3232

3333
#define QTOUCH_TOUCH_TIMEOUT 3000// msec
34+
#define QTOUCH_TOUCH_TIMEOUT_U2F 1900// msec
3435
#define QTOUCH_TOUCH_TIMEOUT_HARD 30000
3536
#define QTOUCH_TOUCH_BLINK_ON 4000
3637
#define QTOUCH_TOUCH_BLINK_OFF 300

src/u2f_device.c

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -199,7 +199,7 @@ static void _register(const USB_APDU *a)
199199
return;
200200
}
201201

202-
if (touch_button_press(TOUCH_TIMEOUT) != DBB_TOUCHED) {
202+
if (touch_button_press(TOUCH_U2F) != DBB_TOUCHED) {
203203
_queue_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
204204
return;
205205

@@ -289,7 +289,7 @@ static void _hijack(const U2F_AUTHENTICATE_REQ *req)
289289
static char hijack_io_buffer[COMMANDER_REPORT_SIZE] = {0};
290290
char byte_report[U2F_FRAME_SIZE + 1] = {0};
291291
uint16_t report_len;
292-
int kh_len = MIN(U2F_MAX_KH_SIZE - 2, strlens((const char *)req->keyHandle + 2));
292+
int kh_len = MIN(U2F_MAX_KH_SIZE - 2, req->keyHandleLen - 2);
293293
uint8_t tot = req->keyHandle[0];
294294
uint8_t cnt = req->keyHandle[1];
295295
size_t idx = cnt * (U2F_MAX_KH_SIZE - 2);
@@ -362,6 +362,12 @@ static void _authenticate(const USB_APDU *a)
362362
// As an alternative interface, hijack the U2F AUTH key handle data field.
363363
// Slower but works in browsers for specified sites without requiring an extension.
364364
if (MEMEQ(req->appId, U2F_HIJACK_CODE[i], U2F_APPID_SIZE)) {
365+
if(a->p1 == U2F_AUTH_CHECK_ONLY) {
366+
// Windows first sends a "check-only" command which we must confirm
367+
// The error message here indicates that our device is valid for this keyhandle
368+
_queue_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
369+
return;
370+
}
365371
if (!(memory_report_ext_flags() & MEM_EXT_MASK_U2F_HIJACK)) {
366372
// Abort U2F hijack commands if the U2F_hijack bit is not set (== disabled).
367373
u2f_queue_error_hid(_cid, U2FHID_ERR_CHANNEL_BUSY);
@@ -396,7 +402,7 @@ static void _authenticate(const USB_APDU *a)
396402
return;
397403
}
398404

399-
if (touch_button_press(TOUCH_TIMEOUT) != DBB_TOUCHED) {
405+
if (touch_button_press(TOUCH_U2F) != DBB_TOUCHED) {
400406
_queue_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
401407
return;
402408

tests/api.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -346,6 +346,7 @@ static void api_hid_send_len(const char *cmd, int cmdlen)
346346
a->lc1 = 0;
347347
a->lc2 = (sizeof(U2F_AUTHENTICATE_REQ) >> 8) & 255;
348348
a->lc3 = (sizeof(U2F_AUTHENTICATE_REQ) & 255);
349+
auth_req->keyHandleLen = MIN(U2F_MAX_KH_SIZE, cmdlen - idx * kh_max_len + 2);
349350
auth_req->keyHandle[0] = total;
350351
auth_req->keyHandle[1] = idx;
351352
memcpy(auth_req->keyHandle + 2, cmd + idx * kh_max_len, MIN(kh_max_len, MAX(0,

tests/tests_api.c

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -256,15 +256,15 @@ static void tests_seed_xpub_backup(void)
256256
api_format_send_cmd(cmd_str(CMD_backup), erase_cmd, KEY_STANDARD);
257257

258258
// test sd list overflow
259-
char long_backup_name[SD_FILEBUF_LEN_MAX / 8];
259+
char long_backup_name[SD_FILEBUF_LEN_MAX / 8 - 1]; // 1 character number prefix
260260
char lbn[SD_FILEBUF_LEN_MAX / 8];
261261
size_t i;
262262

263263
memset(long_backup_name, '-', sizeof(long_backup_name) - 1);
264-
long_backup_name[(SD_FILEBUF_LEN_MAX / 8) - 1] = 0;
264+
long_backup_name[sizeof(long_backup_name) - 1] = 0;
265265

266266
for (i = 0; i < SD_FILEBUF_LEN_MAX / sizeof(long_backup_name); i++) {
267-
snprintf(lbn, sizeof(lbn), "%lu%s", (unsigned long)i, long_backup_name);
267+
snprintf(lbn, sizeof(lbn), "%.1lu%s", (unsigned long)i, long_backup_name);
268268

269269
snprintf(erase_file, sizeof(erase_file), "{\"%s\":\"%s\"}", attr_str(ATTR_erase),
270270
lbn);
@@ -278,7 +278,7 @@ static void tests_seed_xpub_backup(void)
278278
ASSERT_REPORT_HAS_NOT(cmd_str(CMD_warning));
279279
}
280280

281-
snprintf(lbn, sizeof(lbn), "%lu%s", (unsigned long)i, long_backup_name);
281+
snprintf(lbn, sizeof(lbn), "%.1lu%s", (unsigned long)i, long_backup_name);
282282
snprintf(back, sizeof(back), "{\"filename\":\"%s\", \"key\":\"password\"}", lbn);
283283
api_format_send_cmd(cmd_str(CMD_backup), back, KEY_STANDARD);
284284
ASSERT_SUCCESS;
@@ -287,7 +287,7 @@ static void tests_seed_xpub_backup(void)
287287
ASSERT_REPORT_HAS(cmd_str(CMD_warning));
288288

289289
for (i = 0; i < SD_FILEBUF_LEN_MAX / sizeof(long_backup_name) + 1; i++) {
290-
snprintf(lbn, sizeof(lbn), "%lu%s", (unsigned long)i, long_backup_name);
290+
snprintf(lbn, sizeof(lbn), "%.1lu%s", (unsigned long)i, long_backup_name);
291291
snprintf(back, sizeof(back), "{\"filename\":\"%s\", \"key\":\"password\"}", lbn);
292292

293293
snprintf(erase_file, sizeof(erase_file), "{\"%s\":\"%s\"}", attr_str(ATTR_erase),

0 commit comments

Comments
 (0)