From abaeec920ea2cd0bfda4a4820b76f89edea43bfb Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Sat, 15 Jun 2019 11:08:17 +0200 Subject: [PATCH 1/4] Add backward compatibility for older Nitrokey Apps Signed-off-by: Szczepan Zalega --- src/OTP/report_protocol.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/OTP/report_protocol.c b/src/OTP/report_protocol.c index 5446206a..49a73758 100644 --- a/src/OTP/report_protocol.c +++ b/src/OTP/report_protocol.c @@ -791,7 +791,7 @@ u8 text[10]; case CMD_AUTHORIZE: CI_StringOut ("Get CMD_AUTHORIZE\r\n"); - output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_UNKNOWN_COMMAND; + output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; break; case CMD_UNLOCK_USER_PASSWORD: @@ -806,7 +806,7 @@ u8 text[10]; case CMD_USER_AUTHORIZE: CI_StringOut ("Get CMD_USER_AUTHORIZE\r\n"); - output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_UNKNOWN_COMMAND; + output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; break; case CMD_GET_PASSWORD_RETRY_COUNT: @@ -930,7 +930,7 @@ u8 text[10]; if (not_authorized) { CI_StringOut ("*** NOT AUTHORIZED ***\r\n"); - output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_NOT_AUTHORIZED; + output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; } } else From acfc51678763f3374dcf4a47c206341dc279439a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Sat, 15 Jun 2019 15:35:40 +0200 Subject: [PATCH 2/4] Silence auth errors only, when old-auth commands were used Signed-off-by: Szczepan Zalega --- src/OTP/report_protocol.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/OTP/report_protocol.c b/src/OTP/report_protocol.c index 49a73758..08339a3c 100644 --- a/src/OTP/report_protocol.c +++ b/src/OTP/report_protocol.c @@ -605,6 +605,7 @@ u32 received_crc32; u32 calculated_crc32; u8 i; u8 not_authorized = 0; +static u8 silence_auth_errors = 0; static u8 oldStatus; static u8 initOldStatus = FALSE; @@ -792,6 +793,7 @@ u8 text[10]; case CMD_AUTHORIZE: CI_StringOut ("Get CMD_AUTHORIZE\r\n"); output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; + silence_auth_errors = 1; break; case CMD_UNLOCK_USER_PASSWORD: @@ -807,6 +809,7 @@ u8 text[10]; case CMD_USER_AUTHORIZE: CI_StringOut ("Get CMD_USER_AUTHORIZE\r\n"); output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; + silence_auth_errors = 1; break; case CMD_GET_PASSWORD_RETRY_COUNT: @@ -930,7 +933,10 @@ u8 text[10]; if (not_authorized) { CI_StringOut ("*** NOT AUTHORIZED ***\r\n"); - output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; + if (silence_auth_errors == 1) + output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_OK; + else + output[OUTPUT_CMD_STATUS_OFFSET] = CMD_STATUS_NOT_AUTHORIZED; } } else From 52625ec1de683b011aba1da55489db710c8a7049 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Sat, 15 Jun 2019 16:20:59 +0200 Subject: [PATCH 3/4] Return counter in text for backward compatibility. Allow to request new format. Signed-off-by: Szczepan Zalega --- src/OTP/report_protocol.c | 15 ++++++++++++--- src/OTP/report_protocol.h | 1 + 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/OTP/report_protocol.c b/src/OTP/report_protocol.c index 08339a3c..9c97aa28 100644 --- a/src/OTP/report_protocol.c +++ b/src/OTP/report_protocol.c @@ -1574,7 +1574,9 @@ u8 slot_no = report[1]; u8 cmd_read_slot (u8 * report, u8 * output) { u8 slot_no = report[CMD_RS_SLOT_NUMBER_OFFSET]; +u8 format_version = report[CMD_RS_VERSION_OFFSET]; u64 counter; +char buf[20] = {}; if (is_HOTP_slot_number(slot_no)) // HOTP slot { @@ -1587,9 +1589,16 @@ u64 counter; memcpy (output + OUTPUT_CMD_RESULT_OFFSET + 16, slot->token_id, 13); output[OUTPUT_CMD_RESULT_OFFSET +15] = slot->config; - counter = get_counter_value (hotp_slot_counters[slot_no]); - counter = endian_swap(counter); - memcpy (output + OUTPUT_CMD_RESULT_OFFSET + 29, &counter, sizeof(u64)); + counter = get_counter_value(hotp_slot_counters[slot_no]); + if (format_version == 1) { + counter = endian_swap(counter); + memcpy (output + OUTPUT_CMD_RESULT_OFFSET + 29, &counter, sizeof(u64)); + } else { + itoa(counter, buf); + buf[7] = 0; + memcpy (output + OUTPUT_CMD_RESULT_OFFSET + 29, buf, 8); + } + { u8 text[20]; diff --git a/src/OTP/report_protocol.h b/src/OTP/report_protocol.h index 277c914b..f5a6b594 100644 --- a/src/OTP/report_protocol.h +++ b/src/OTP/report_protocol.h @@ -307,6 +307,7 @@ typedef struct { */ #define CMD_RS_SLOT_NUMBER_OFFSET 1 +#define CMD_RS_VERSION_OFFSET 2 #define CMD_RS_OUTPUT_COUNTER_OFFSET 34 /* From 79ac7701c82351113065b70369bcfa1dd6d13fb5 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 18 Jun 2019 17:08:40 +0200 Subject: [PATCH 4/4] Flashing Makefile additions Signed-off-by: Szczepan Zalega --- Debug/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Debug/Makefile b/Debug/Makefile index bd4990b8..f70e29be 100644 --- a/Debug/Makefile +++ b/Debug/Makefile @@ -3,6 +3,7 @@ all: @grep "^[\.\w]*:" -P Makefile --color=yes firmware.hex: USB_MASS.elf + ls -l $< avr-objcopy -R .eeprom -O ihex $< $@ cp $@ storage-firmware-`git describe --long`.hex ls -l $@ storage-firmware-`git describe --long`.hex @@ -16,4 +17,5 @@ flash: firmware.hex -sudo dfu-programmer at32uc3a3256s launch sleep 1 lsusb | grep 20a0: + date