Merge branch 'update-salt-fix'

Correct update salt generation
Correct GET_CHALLENGE execution
Do not reset update password on factory reset
Do not extend smart card timeout on internal calls
Update stack protector configuration
Remove some standard library implementations

build/gcc/Makefile

@@ -238,7 +238,7 @@ endif
 CFLAGS = -g$(DEBUG)
 CFLAGS += $(CDEFS) $(CINCS)
 CFLAGS += -O$(OPT)
-CFLAGS_OUR_SRC += -Werror
+#CFLAGS_OUR_SRC += -Werror
 # CFLAGS_OUR_SRC += -Wextra
 CFLAGS += -Wall -Wcast-align -Wimplicit
 CFLAGS += -Wpointer-arith -Wswitch
@@ -306,17 +306,19 @@ MATH_LIB = -lm
 #  -Wl,...:     tell GCC to pass this to linker.
 #    -Map:      create map file
 #    --cref:    add cross reference to  map file
+LDFLAGS += -specs=nosys.specs
 LDFLAGS = -nostartfiles -Wl,-Map=$(TARGET).map,--cref
-LDFLAGS += -lc
+#LDFLAGS += -lc
 LDFLAGS += $(NEWLIBLPC) $(MATH_LIB)
-LDFLAGS += -lc -lgcc 
-LDFLAGS += -lrdimon
+#LDFLAGS += -lc -lgcc
+#LDFLAGS += -lrdimon
 LDFLAGS += $(CPLUSPLUS_LIB)
 LDFLAGS += $(patsubst %,-L%,$(EXTRA_LIBDIRS))
 LDFLAGS += $(patsubst %,-l%,$(EXTRA_LIBS))
 LDFLAGS += -Wl,--print-memory-usage
-LDFLAGS += -Wl,--print-gc-sections
+#LDFLAGS += -Wl,--print-gc-sections
 LDFLAGS += -Wl,-nostdlib
+#LDFLAGS += -Wl,-nodefaultlibs
 
 ifeq ($(BUILD_DEBUG), 1)
 LDFLAGS += -Wl,--gc-sections
@@ -527,13 +529,15 @@ endif
 	@echo
 	@echo $(MSG_LINKING) $@
 	$(CC) $(THUMB) $(ALL_CFLAGS) $(AOBJARM) $(AOBJ) $(COBJARM) $(COBJ) $(CPPOBJ) $(CPPOBJARM) --output $@ $(LDFLAGS)
+	pwd
+	-ls -lh $@
 	ln -sf $@ last.elf
 
 #	$(CPP) $(THUMB) $(ALL_CFLAGS) $(AOBJARM) $(AOBJ) $(COBJARM) $(COBJ) $(CPPOBJ) $(CPPOBJARM) --output $@ $(LDFLAGS)
 
 $(TARGET).buildinfo:
 	date > $@
-	$(CC) --version >> $@
+	$(CC) --version | tee -a $@
 	-git describe --long >> $@
 	-git describe --long --all >> $@
 	@echo CC=$(CC) >> $@

src/ccid/CcidLocalAccess.c

@@ -23,6 +23,7 @@
 
 #include <FlashStorage.h>
 #include <sys/param.h>
+#include <delays.h>
 #include "stm32f10x.h"
 #include "platform_config.h"
 #include "hw_config.h"
@@ -52,14 +53,23 @@ static typeSmartcardTransfer tSCT;
 
 *******************************************************************************/
 
-void InitSCTStruct (typeSmartcardTransfer * _tSCT)
+
+void ClearSCTStruct (typeSmartcardTransfer * _tSCT)
 {
+    memset(_tSCT->cAPDU, 0, sizeof _tSCT->cAPDU);
+    memset(_tSCT->cTPDU, 0, sizeof _tSCT->cTPDU);
     _tSCT->cAPDULength = 0;
     _tSCT->cAPDUAnswerLength = 0;
     _tSCT->cAPDUAnswerStatus = 0;
+}
+
+void InitSCTStruct (typeSmartcardTransfer * _tSCT)
+{
     _tSCT->cTPDUSequence = 0;
+    ClearSCTStruct(_tSCT);
 }
 
+
 /*******************************************************************************
 
   GenerateCRC
@@ -89,23 +99,15 @@ unsigned char GenerateCRC (unsigned char* pData, unsigned char cLength)
 void GenerateTPDU (typeSmartcardTransfer * _tSCT)
 {
     _tSCT->cTPDU[CCID_TPDU_NAD] = 0; // Node Address (NAD)
-    _tSCT->cTPDU[CCID_TPDU_PCD] = (_tSCT->cTPDUSequence & 1) << 6;    // Protocol
-    // Control
-    // Byte
+    _tSCT->cTPDU[CCID_TPDU_PCD] = (_tSCT->cTPDUSequence & 1) << 6;    // Protocol Control Byte
     _tSCT->cTPDU[CCID_TPDU_LENGTH] = _tSCT->cAPDULength;
 
-    _tSCT->cTPDULength = _tSCT->cAPDULength + CCID_TPDU_OVERHEAD; // the length
-    // of the
-    // TPDU
+    _tSCT->cTPDULength = _tSCT->cAPDULength + CCID_TPDU_OVERHEAD; // the length of the TPDU
     _tSCT->cTPDUSequence++;  // switch sequence
 
-    memcpy (&_tSCT->cTPDU[CCID_TPDU_DATASTART], _tSCT->cAPDU, _tSCT->cAPDULength); // copy
-    // APDU
-    // data
+    memcpy (&_tSCT->cTPDU[CCID_TPDU_DATASTART], _tSCT->cAPDU, _tSCT->cAPDULength); // copy APDU data
 
-    _tSCT->cTPDU[_tSCT->cAPDULength + CCID_TPDU_OVERHEAD - 1] =   // set CRC at
-        // end of
-        // data
+    _tSCT->cTPDU[_tSCT->cAPDULength + CCID_TPDU_OVERHEAD - 1] =   // set CRC at end of data
         GenerateCRC ((unsigned char *) &_tSCT->cTPDU, _tSCT->cAPDULength + CCID_TPDU_PROLOG);
 }
 
@@ -118,9 +120,7 @@ void GenerateTPDU (typeSmartcardTransfer * _tSCT)
 void GenerateChainedTPDU (typeSmartcardTransfer * _tSCT)
 {
     _tSCT->cTPDU[CCID_TPDU_NAD] = 0; // Node Address (NAD)
-    _tSCT->cTPDU[CCID_TPDU_PCD] = ((_tSCT->cTPDUSequence & 1) << 4) + CCID_TPDU_R_BLOCK_FLAG; // Protocol
-    // Control
-    // Byte
+    _tSCT->cTPDU[CCID_TPDU_PCD] = ((_tSCT->cTPDUSequence & 1) << 4) + CCID_TPDU_R_BLOCK_FLAG; // Protocol Control Byte
     _tSCT->cTPDU[CCID_TPDU_LENGTH] = 0;
 
     _tSCT->cTPDULength = CCID_TPDU_OVERHEAD; // the length of the TPDU
@@ -147,37 +147,30 @@ unsigned char nOverhead = 0;
     CRD_SendCommand ((unsigned char *) _tSCT->cTPDU, _tSCT->cTPDULength, CCID_TRANSFER_BUFFER_MAX, (unsigned int *) &nAnswerLength);
 
 
-    if (CCID_TPDU_ANSWER_OVERHEAD > nAnswerLength)  // answer length
-        // incorrect
+    if (CCID_TPDU_ANSWER_OVERHEAD > nAnswerLength)  // answer length incorrect
     {
         _tSCT->cAPDUAnswerStatus = APDU_ANSWER_RECEIVE_INCORRECT;
         return (_tSCT->cAPDUAnswerStatus);
     }
 
-    if (0 != (_tSCT->cTPDU[CCID_TPDU_PCD] & CCID_TPDU_CHAINING_FLAG))    // chained
-        // data
+    if (0 != (_tSCT->cTPDU[CCID_TPDU_PCD] & CCID_TPDU_CHAINING_FLAG))    // chained data
     {
         nOverhead = CCID_TPDU_ANSWER_OVERHEAD - 2;  // no status data
         _tSCT->cAPDUAnswerStatus = APDU_ANSWER_CHAINED_DATA;
     }
     else
     {
         nOverhead = CCID_TPDU_ANSWER_OVERHEAD;
-        _tSCT->cAPDUAnswerStatus = _tSCT->cTPDU[nAnswerLength - 3] << 8;  // Statusbyte
-        // SW1
-        _tSCT->cAPDUAnswerStatus += _tSCT->cTPDU[nAnswerLength - 2];  // Statusbyte
-        // SW2
+        _tSCT->cAPDUAnswerStatus = _tSCT->cTPDU[nAnswerLength - 3] << 8;  // Statusbyte SW1
+        _tSCT->cAPDUAnswerStatus += _tSCT->cTPDU[nAnswerLength - 2];  // Statusbyte SW2
     }
 
-    memcpy (&_tSCT->cAPDU[_tSCT->cAPDUAnswerLength], &_tSCT->cTPDU[CCID_TPDU_DATASTART], nAnswerLength - nOverhead);   // add
-    // new
-    // data
-    // to
-    // receive
-    // data
+    // add new data to receive data
+    memcpy (&_tSCT->cAPDU[_tSCT->cAPDUAnswerLength],
+            &_tSCT->cTPDU[CCID_TPDU_DATASTART],
+            nAnswerLength - nOverhead);
 
-    _tSCT->cAPDUAnswerLength += nAnswerLength - nOverhead;   // add length of
-    // recieved data
+    _tSCT->cAPDUAnswerLength += nAnswerLength - nOverhead;   // add length of recieved data
 
     return (_tSCT->cAPDUAnswerStatus);
 }
@@ -192,36 +185,31 @@ unsigned char nOverhead = 0;
 unsigned short SendAPDU (typeSmartcardTransfer * _tSCT)
 {
     _tSCT->cAPDUAnswerLength = 0;
-
     GenerateTPDU (_tSCT);
-
     SendTPDU (_tSCT);
 
-    if (APDU_ANSWER_RECEIVE_INCORRECT == _tSCT->cAPDUAnswerStatus)   // return
-        // on
-        // orror
-        // ??
+    if ((APDU_ANSWER_CHAINED_DATA != _tSCT->cAPDUAnswerStatus) &&
+        (APDU_ANSWER_COMMAND_CORRECT != _tSCT->cAPDUAnswerStatus))
     {
-        return (_tSCT->cAPDUAnswerStatus);
+        // return on error
+        return (_tSCT->cAPDUAnswerStatus); // FAIL
     }
 
-    // Chained answer ?
+    // Chained answer check
     while (0 != (_tSCT->cTPDU[CCID_TPDU_PCD] & CCID_TPDU_CHAINING_FLAG))
     {
         GenerateChainedTPDU (_tSCT);
         SendTPDU (_tSCT);
 
-        if ((APDU_ANSWER_CHAINED_DATA != _tSCT->cAPDUAnswerStatus) &&    // return
-            // on
-            // error
-            // ??
+        if ((APDU_ANSWER_CHAINED_DATA != _tSCT->cAPDUAnswerStatus) &&
             (APDU_ANSWER_COMMAND_CORRECT != _tSCT->cAPDUAnswerStatus))
         {
-            return (_tSCT->cAPDUAnswerStatus);
+            // return on error
+            return (_tSCT->cAPDUAnswerStatus); // FAIL CHAINED
         }
     }
 
-    return (_tSCT->cAPDUAnswerStatus);
+    return (_tSCT->cAPDUAnswerStatus); // SUCCESS
 }
 
 /*******************************************************************************
@@ -432,25 +420,31 @@ unsigned short CcidDecipher (unsigned char* nRetSize)
 
 unsigned short CcidGetChallenge (const size_t dest_size, unsigned char* dest)
 {
+    ClearSCTStruct(&tSCT);
+
     // Command
     tSCT.cAPDU[CCID_CLA] = 0x00;
     tSCT.cAPDU[CCID_INS] = 0x84;
     tSCT.cAPDU[CCID_P1] = 0x00;
     tSCT.cAPDU[CCID_P2] = 0x00;
-
-    tSCT.cAPDU[CCID_LC] = 0;
+    tSCT.cAPDULength = 4;
 
     // Encode Le
     if (dest_size > 255)
     {
+        tSCT.cAPDULength += 2;
         tSCT.cAPDU[CCID_DATA] = 0;
         tSCT.cAPDU[CCID_DATA + 1] = (unsigned char) dest_size >> 8;
         tSCT.cAPDU[CCID_DATA + 2] = (unsigned char) (dest_size & 0xFF);
     }
-    else
+    else {
+        tSCT.cAPDULength += 1;
         tSCT.cAPDU[CCID_DATA] = dest_size;
+    }
 
+    g_scReqSource = REQ_SRC_INTERNAL;
     int cRet = SendAPDU (&tSCT);
+    g_scReqSource = REQ_SRC_NOT_SET;
 
     // clamp to the received data size, and requested length
     // if response is shorter than requested, the bytes in the target buffer are not touched at all
@@ -939,9 +933,20 @@ uint8_t slot_tmp[SLOT_SIZE];
         write_to_slot ((OTP_slot *) slot_tmp, get_TOTP_slot_offset(slot_no), SLOT_SIZE);
     }
 
+    // Clear USER_PAGE but leave update password intact
+    u8 UpdatePinHash_u8[32];
+    u8 UpdatePinSalt_u8[10];
+    ReadUpdatePinHashFromFlash(UpdatePinHash_u8);
+    ReadUpdatePinSaltFromFlash(UpdatePinSalt_u8);
+
     // Default flash memory
     EraseLocalFlashKeyValues_u32 ();
 
+    WriteUpdatePinHashToFlash (UpdatePinHash_u8);
+    WriteUpdatePinSaltToFlash (UpdatePinSalt_u8);
+    memset(UpdatePinHash_u8, 0, sizeof UpdatePinHash_u8);
+    memset(UpdatePinSalt_u8, 0, sizeof UpdatePinSalt_u8);
+
     return 0;
 }
 

src/ccid/smartcard/smartcard.c

@@ -37,6 +37,8 @@
 /* Global variables definition and initialization ---------------------------- */
 SC_ATR SC_A2R;
 
+volatile SC_REQ_SOURCE g_scReqSource = REQ_SRC_UNKNOWN;
+
 u8 SC_ATR_Table[40];
 
 u8 SC_ATR_Length = 0;
@@ -1356,7 +1358,7 @@ int CRD_SendCommand (unsigned char* pTransmitBuffer, unsigned int nCommandSize,
         // checked)
     {
         nDelayTime = SC_Receive_Timeout;
-        if (0 == i)
+        if (0 == i && g_scReqSource != REQ_SRC_INTERNAL)
         {
             nDelayTime = SC_Receive_Timeout * 10000L;   // Long long wait for
             // first byte, allow

src/hotp/hotp.c

@@ -30,6 +30,8 @@
 
 const int SECRET_LENGTH = SECRET_LENGTH_DEFINE;
 
+uint64_t current_time;
+
 __I uint32_t hotp_slot_counters[NUMBER_OF_HOTP_SLOTS] = { SLOT1_COUNTER_ADDRESS,
     SLOT2_COUNTER_ADDRESS,
     SLOT3_COUNTER_ADDRESS,

src/inc/CcidLocalAccess.h

@@ -129,6 +129,7 @@ typedef struct
 } typeSmartcardTransfer;
 
 void InitSCTStruct (typeSmartcardTransfer * _tSCT);
+void ClearSCTStruct (typeSmartcardTransfer * _tSCT);
 unsigned char GenerateCRC (unsigned char* pData, unsigned char cLength);
 void GenerateTPDU (typeSmartcardTransfer * _tSCT);
 void GenerateChainedTPDU (typeSmartcardTransfer * _tSCT);

src/inc/hotp.h

@@ -19,6 +19,9 @@
  */
 #pragma once
 
+#ifndef HOTP_H
+#define HOTP_H
+
 #include <stdint.h>
 #include <stdbool.h>
 
@@ -92,8 +95,7 @@ typedef struct {
 
 extern __I uint32_t hotp_slot_counters[NUMBER_OF_HOTP_SLOTS];
 
-
-uint64_t current_time;
+extern uint64_t current_time;
 
 uint64_t endian_swap (uint64_t x);
 
@@ -134,3 +136,5 @@ extern uint32_t get_TOTP_slot_offset(int slot_count);
 extern uint32_t get_slot_offset(int slot_count);
 
 uint32_t crc (uint32_t time);
+
+#endif

src/inc/password_safe.h

@@ -172,5 +172,7 @@ u8 PWS_ReadSlot (u8 Slot_u8, typePasswordSafeSlot_st * Slot_st);
 
 u32 IsBufferEmpty_u32(const u8 * buffer, size_t buffer_len);
 
+int memcmp_safe(const u8 *a, size_t a_len, const u8 *b, size_t b_len);
+
 
 #endif /* PASSWORD_SAFE_H_ */

src/inc/smartcard.h

@@ -178,4 +178,13 @@ extern SC_ATR SC_A2R;
 
 void set_hardware_for_smartcard(void);
 
+typedef enum SC_REQ_SOURCE {
+    REQ_SRC_NOT_SET,
+    REQ_SRC_UNKNOWN,
+    REQ_SRC_INTERNAL,
+    REQ_SRC_CCID
+} SC_REQ_SOURCE;
+
+extern volatile SC_REQ_SOURCE g_scReqSource;
+
 #endif /* __SMARTCARD_H */