check pin before u2f command (#111)

* feat:cache se status

* feat:return to the upper menu after setting the brightness

* feat:u2f command enables backlight

* feat:check pin before u2f command

Author: lihuanhuan

legacy/atca/se_atca.c

@@ -14,6 +14,7 @@ typedef struct {
 } PINCache;
 
 static bool se_has_pin = false;
+static bool se_is_init = false;
 
 extern ATCAPairingInfo *pair_info;
 
@@ -83,7 +84,7 @@ bool se_getSeedStrength(uint32_t *strength) {
 
 void pin_updateCounter(void) { atca_update_counter(); }
 
-bool se_hasPin(void) {
+void se_get_status(void) {
   ATCAUserState state = {0};
 
   atca_pair_unlock();
@@ -92,6 +93,17 @@ bool se_hasPin(void) {
   if (state.pin_set) {
     se_has_pin = true;
   } else {
+    se_has_pin = false;
+    pin_cacheSave(pair_info->init_pin);
+  }
+
+  if (state.initialized) {
+    se_is_init = true;
+  }
+}
+
+bool se_hasPin(void) {
+  if (!se_has_pin) {
     pin_cacheSave(pair_info->init_pin);
   }
   return se_has_pin;
@@ -184,13 +196,14 @@ bool se_changePin(const char *old_pin, const char *new_pin) {
 }
 
 bool se_isInitialized(void) {
-  ATCAUserState state = {0};
+  // ATCAUserState state = {0};
 
-  atca_pair_unlock();
+  // atca_pair_unlock();
 
-  atca_read_slot_data(SLOT_USER_SATATE, (uint8_t *)&state);
+  // atca_read_slot_data(SLOT_USER_SATATE, (uint8_t *)&state);
 
-  return state.initialized;
+  // return state.initialized;
+  return se_is_init;
 }
 
 bool se_importSeed(uint8_t *seed) {
@@ -206,6 +219,7 @@ bool se_importSeed(uint8_t *seed) {
                                        SLOT_IO_PROTECT_KEY)) {
       if (!state.initialized) {
         state.initialized = true;
+        se_is_init = true;
         atca_pair_unlock();
         if (ATCA_SUCCESS ==
             atca_write_enc(SLOT_USER_SATATE, 0, (uint8_t *)&state,
@@ -262,6 +276,8 @@ void se_reset_state(void) {
   atca_pair_unlock();
   atca_write_enc(SLOT_USER_SATATE, 0, (uint8_t *)&zeros, pair_info->protect_key,
                  SLOT_IO_PROTECT_KEY);
+  se_has_pin = false;
+  se_is_init = false;
 }
 
 void se_reset_storage(void) {

legacy/atca/se_atca.h

@@ -14,6 +14,7 @@ bool se_setSeedStrength(uint32_t strength);
 bool se_getSeedStrength(uint32_t *strength);
 bool se_importSeed(uint8_t *seed);
 bool se_export_seed(uint8_t *seed);
+void se_get_status(void);
 bool se_hasPin(void);
 bool se_verifyPin(const char *pin);
 bool se_changePin(const char *old_pin, const char *new_pin);

legacy/firmware/config.c

@@ -496,6 +496,8 @@ void config_init(void) {
   if (se_is_wiping()) {
     config_wipe();
   }
+
+  se_get_status();
 #endif
 
   // imported xprv is not supported anymore so we set initialized to false
@@ -1069,7 +1071,9 @@ bool config_unlock(const char *pin) {
 #endif
     {
       if (!storage_is_unlocked()) {
+        register_timer("usbpoll", timer1s / 30, usbPoll);
         storage_unlock(PIN_EMPTY, PIN_EMPTY_LEN, NULL);
+        unregister_timer("usbpoll");
       }
 
       se_unlocked = sectrue;

legacy/firmware/layout2.c

@@ -2608,6 +2608,8 @@ void layoutInputPin(uint8_t pos, const char *text, int index,
   char buf[2] = {0};
   int x = 6;
 
+  layoutLast = layoutInputPin;
+
   for (uint8_t i = 0; i < pos; i++) {
     pin_show[i] = '*';
   }

legacy/firmware/menu_list.c

@@ -564,9 +564,9 @@ static struct menu shutdown_set_menu = {
 
 #if ONEKEY_MINI
 static struct menu_item brightness_set_menu_items[] = {
-    {"High", NULL, true, menu_para_set_brightness, NULL, false},
-    {"Medium", NULL, true, menu_para_set_brightness, NULL, false},
-    {"Low", NULL, true, menu_para_set_brightness, NULL, false}};
+    {"High", NULL, true, menu_para_set_brightness, NULL, true},
+    {"Medium", NULL, true, menu_para_set_brightness, NULL, true},
+    {"Low", NULL, true, menu_para_set_brightness, NULL, true}};
 
 static struct menu brightness_set_menu = {
     .start = 0,

legacy/firmware/protect.c

@@ -766,6 +766,8 @@ uint8_t blindsignWaitKey(void) {
   return key;
 }
 
+extern bool u2f_init_command;
+
 uint8_t protectWaitKey(uint32_t time_out, uint8_t mode) {
   uint8_t key = KEY_NULL;
 
@@ -782,6 +784,13 @@ uint8_t protectWaitKey(uint32_t time_out, uint8_t mode) {
       msg_tiny_id = 0xFFFF;
       break;
     }
+    if (layoutLast == layoutScreensaver) {
+      if (u2f_init_command) {
+        u2f_init_command = false;
+        break;
+      }
+    }
+
     key = keyScan();
     if (key != KEY_NULL) {
       if (device_sleep_state) device_sleep_state = SLEEP_CANCEL_BY_BUTTON;

legacy/firmware/u2f.c

@@ -30,6 +30,7 @@
 #include "hmac.h"
 #include "layout2.h"
 #include "memzero.h"
+#include "protect.h"
 #if !EMULATOR
 #include "mi2c.h"
 #endif
@@ -89,6 +90,11 @@ typedef enum {
 
 static U2F_STATE last_req_state = INIT;
 
+static bool input_pin = false;
+static bool first_package = true;
+static uint32_t package_len = 0, rec_len = 0;
+bool u2f_init_command = false;
+
 typedef struct {
   uint8_t reserved;
   uint8_t appId[U2F_APPID_SIZE];
@@ -132,6 +138,7 @@ U2F_ReadBuffer *reader;
 void u2fhid_read(char tiny, const U2FHID_FRAME *f) {
   // Always handle init packets directly
   if (f->init.cmd == U2FHID_INIT) {
+    u2f_init_command = true;
     u2fhid_init(f);
     if (tiny && reader && f->cid == cid) {
       // abort current channel
@@ -142,6 +149,24 @@ void u2fhid_read(char tiny, const U2FHID_FRAME *f) {
     return;
   }
 
+  if (layoutLast == layoutInputPin) {
+    if (first_package) {
+      first_package = false;
+      package_len = MSG_LEN(*f);
+      rec_len = sizeof(f->cont.data);
+      while (rec_len < package_len) {
+        usbPoll();
+      }
+      send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
+      first_package = true;
+      return;
+    } else {
+      rec_len += sizeof(f->cont.data);
+      return;
+    }
+    return;
+  }
+
   if (tiny) {
     // read continue packet
     if (reader == 0 || cid != f->cid) {
@@ -259,6 +284,10 @@ void u2fhid_read_start(const U2FHID_FRAME *f) {
         // standard requires to remember button press for 10 seconds.
         dialog_timeout = 10 * U2F_TIMEOUT;
       }
+      if (reader == 0) {
+        layoutHome();
+        return;
+      }
     }
 
     if (reader->cmd == 0) {
@@ -632,6 +661,20 @@ void u2f_register(const APDU *a) {
     return;
   }
 
+  if (!session_isUnlocked()) {
+    input_pin = true;
+    send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
+  }
+
+  protectPinOnDevice(true, true);
+
+  if (input_pin) {
+    input_pin = false;
+    last_req_state = REG;
+    dialog_timeout = U2F_TIMEOUT;
+    return;
+  }
+
   // Validate basic request parameters
   debugLog(0, "", "u2f register");
   if (APDU_LEN(*a) != sizeof(U2F_REGISTER_REQ)) {
@@ -775,6 +818,20 @@ void u2f_authenticate(const APDU *a) {
     return;
   }
 
+  if (!session_isUnlocked()) {
+    input_pin = true;
+    send_u2f_error(U2F_SW_CONDITIONS_NOT_SATISFIED);
+  }
+
+  protectPinOnDevice(true, true);
+
+  if (input_pin) {
+    input_pin = false;
+    last_req_state = AUTH;
+    dialog_timeout = U2F_TIMEOUT;
+    return;
+  }
+
   if (a->p1 == U2F_AUTH_CHECK_ONLY) {
     debugLog(0, "", "u2f authenticate check");
     // This is a success for a good keyhandle

legacy/firmware/usb.c

@@ -44,6 +44,10 @@
 #include "webusb.h"
 #include "winusb.h"
 
+#if ONEKEY_MINI
+#include <libopencm3/stm32/timer.h>
+#endif
+
 #define USB_INTERFACE_INDEX_MAIN 0
 #if DEBUG_LINK
 #define USB_INTERFACE_INDEX_DEBUG 1
@@ -320,6 +324,11 @@ static void u2f_rx_callback(usbd_device *dev, uint8_t ep) {
   if (usbd_ep_read_packet(dev, ENDPOINT_ADDRESS_U2F_OUT, buf, sizeof(buf)) !=
       USB_PACKET_SIZE)
     return;
+  timer_sleep_start_reset();
+#if ONEKEY_MINI
+  // open back light
+  timer_enable_oc_output(TIM3, TIM_OC2);
+#endif
   u2fhid_read(tiny, (const U2FHID_FRAME *)(void *)buf);
 }
 
@@ -338,6 +347,10 @@ static void main_rx_callback(usbd_device *dev, uint8_t ep) {
     host_channel = CHANNEL_SLAVE;
   }
   timer_sleep_start_reset();
+#if ONEKEY_MINI
+  // open back light
+  timer_enable_oc_output(TIM3, TIM_OC2);
+#endif
   debugLog(0, "", "main_rx_callback");
   if (!tiny) {
     msg_read(buf, sizeof(buf));