summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore3
-rw-r--r--.gitmodules6
-rw-r--r--Makefile36
-rw-r--r--command_id.cc146
-rw-r--r--crc32.cc37
-rw-r--r--device.cc97
-rw-r--r--include/command.h23
-rw-r--r--include/command_id.h85
-rw-r--r--include/crc32.h32
-rw-r--r--include/cxx_semantics.h6
-rw-r--r--include/device.h80
-rw-r--r--include/device_proto.h1170
-rw-r--r--include/dissect.h82
-rw-r--r--include/inttypes.h522
-rw-r--r--include/log.h50
-rw-r--r--include/misc.h14
-rw-r--r--include/stick10_commands.h588
-rw-r--r--include/stick20_commands.h233
-rw-r--r--log.cc42
-rw-r--r--misc.cc49
-rw-r--r--test.cc35
m---------unittest/Catch0
-rw-r--r--unittest/Makefile33
l---------unittest/build/libnitrokey.so1
-rw-r--r--unittest/test.cc80
-rw-r--r--unittest/test_HOTP.cc101
26 files changed, 2368 insertions, 1183 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1a8accf
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+*.sw*
+*.log
+*.o
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..c811cb7
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,6 @@
+[submodule "Catch"]
+ path = Catch
+ url = https://github.com/philsquared/Catch.git
+[submodule "unittest/Catch"]
+ path = unittest/Catch
+ url = https://github.com/philsquared/Catch.git
diff --git a/Makefile b/Makefile
index e98e631..a338f4d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,31 +1,43 @@
CC = $(PREFIX)-gcc
-CXX = $(PREFIX)-g++
+#CXX = $(PREFIX)-g++
+CXX = clang++-3.6
LD = $(CXX)
INCLUDE = -Iinclude/
LIB = -lhidapi-libusb
BUILD = build
-CXXFLAGS = -std=c++14
+CXXFLAGS = -std=c++14 -fPIC
+SOFLAGS = -shared
CXXSOURCES = $(wildcard *.cc)
-OBJ = $(CXXSOURCES:%.cc:$(BUILD)/%.o)
+OBJ = $(CXXSOURCES:%.cc=$(BUILD)/%.o)
+DEPENDS = $(CXXSOURCES:%.cc=$(BUILD)/%.d)
-$(BUILD)/libnitrokey.so: $(OBJ)
- $(CXX) -shared $(OBJ) -o $@
+all: $(OBJ) $(BUILD)/libnitrokey.so unittest
-$(BUILD)/%.o: %.cc
- $(CXX) -c $< -o $@ $(INCLUDE) $(CXXFLAGS)
+$(BUILD)/libnitrokey.so: $(OBJ) $(DEPENDS)
+ $(CXX) $(SOFLAGS) $(OBJ) $(LIB) -o $@
+
+$(BUILD)/%.d: %.cc
+ $(CXX) -M $< -o $@ $(INCLUDE) $(CXXFLAGS)
-all: $(OBJ) $(BUILD)/libnitrokey.so
+$(BUILD)/%.o: %.cc $(DEPENDS)
+ $(CXX) -c $< -o $@ $(INCLUDE) $(CXXFLAGS)
clean:
- rm $(OBJ)
- rm $(BUILD)/libnitrokey.so
+ rm -f $(OBJ)
+ rm -f $(BUILD)/libnitrokey.so
+ make -C unittest clean
mrproper: clean
- rm $(BUILD)/*.d
+ rm -f $(BUILD)/*.d
+ make -C unittest mrproper
+
+unittest: $(BUILD)/libnitrokey.so
+ make -C unittest
+ cd unittest/build && ln -fs ../../build/libnitrokey.so .
-.PHONY: all clean mrproper
+.PHONY: all clean mrproper unittest
include $(wildcard build/*.d)
diff --git a/command_id.cc b/command_id.cc
new file mode 100644
index 0000000..9512b7d
--- /dev/null
+++ b/command_id.cc
@@ -0,0 +1,146 @@
+#include <assert.h>
+#include "command_id.h"
+
+namespace nitrokey {
+namespace proto {
+
+const char *commandid_to_string(CommandID id) {
+ switch (id) {
+ case CommandID::GET_STATUS:
+ return "GET_STATUS";
+ case CommandID::WRITE_TO_SLOT:
+ return "WRITE_TO_SLOT";
+ case CommandID::READ_SLOT_NAME:
+ return "READ_SLOT_NAME";
+ case CommandID::READ_SLOT:
+ return "READ_SLOT";
+ case CommandID::GET_CODE:
+ return "GET_CODE";
+ case CommandID::WRITE_CONFIG:
+ return "WRITE_CONFIG";
+ case CommandID::ERASE_SLOT:
+ return "ERASE_SLOT";
+ case CommandID::FIRST_AUTHENTICATE:
+ return "FIRST_AUTHENTICATE";
+ case CommandID::AUTHORIZE:
+ return "AUTHORIZE";
+ case CommandID::GET_PASSWORD_RETRY_COUNT:
+ return "GET_PASSWORD_RETRY_COUNT";
+ case CommandID::CLEAR_WARNING:
+ return "CLEAR_WARNING";
+ case CommandID::SET_TIME:
+ return "SET_TIME";
+ case CommandID::TEST_COUNTER:
+ return "TEST_COUNTER";
+ case CommandID::TEST_TIME:
+ return "TEST_TIME";
+ case CommandID::USER_AUTHENTICATE:
+ return "USER_AUTHENTICATE";
+ case CommandID::GET_USER_PASSWORD_RETRY_COUNT:
+ return "GET_USER_PASSWORD_RETRY_COUNT";
+ case CommandID::USER_AUTHORIZE:
+ return "USER_AUTHORIZE";
+ case CommandID::UNLOCK_USER_PASSWORD:
+ return "UNLOCK_USER_PASSWORD";
+ case CommandID::LOCK_DEVICE:
+ return "LOCK_DEVICE";
+ case CommandID::FACTORY_RESET:
+ return "FACTORY_RESET";
+ case CommandID::CHANGE_USER_PIN:
+ return "CHANGE_USER_PIN";
+ case CommandID::CHANGE_ADMIN_PIN:
+ return "CHANGE_ADMIN_PIN";
+
+ case CommandID::ENABLE_CRYPTED_PARI:
+ return "ENABLE_CRYPTED_PARI";
+ case CommandID::DISABLE_CRYPTED_PARI:
+ return "DISABLE_CRYPTED_PARI";
+ case CommandID::ENABLE_HIDDEN_CRYPTED_PARI:
+ return "ENABLE_HIDDEN_CRYPTED_PARI";
+ case CommandID::DISABLE_HIDDEN_CRYPTED_PARI:
+ return "DISABLE_HIDDEN_CRYPTED_PARI";
+ case CommandID::ENABLE_FIRMWARE_UPDATE:
+ return "ENABLE_FIRMWARE_UPDATE";
+ case CommandID::EXPORT_FIRMWARE_TO_FILE:
+ return "EXPORT_FIRMWARE_TO_FILE";
+ case CommandID::GENERATE_NEW_KEYS:
+ return "GENERATE_NEW_KEYS";
+ case CommandID::FILL_SD_CARD_WITH_RANDOM_CHARS:
+ return "FILL_SD_CARD_WITH_RANDOM_CHARS";
+
+ case CommandID::WRITE_STATUS_DATA:
+ return "WRITE_STATUS_DATA";
+ case CommandID::ENABLE_READONLY_UNCRYPTED_LUN:
+ return "ENABLE_READONLY_UNCRYPTED_LUN";
+ case CommandID::ENABLE_READWRITE_UNCRYPTED_LUN:
+ return "ENABLE_READWRITE_UNCRYPTED_LUN";
+
+ case CommandID::SEND_PASSWORD_MATRIX:
+ return "SEND_PASSWORD_MATRIX";
+ case CommandID::SEND_PASSWORD_MATRIX_PINDATA:
+ return "SEND_PASSWORD_MATRIX_PINDATA";
+ case CommandID::SEND_PASSWORD_MATRIX_SETUP:
+ return "SEND_PASSWORD_MATRIX_SETUP";
+
+ case CommandID::GET_DEVICE_STATUS:
+ return "GET_DEVICE_STATUS";
+ case CommandID::SEND_DEVICE_STATUS:
+ return "SEND_DEVICE_STATUS";
+
+ case CommandID::SEND_HIDDEN_VOLUME_PASSWORD:
+ return "SEND_HIDDEN_VOLUME_PASSWORD";
+ case CommandID::SEND_HIDDEN_VOLUME_SETUP:
+ return "SEND_HIDDEN_VOLUME_SETUP";
+ case CommandID::SEND_PASSWORD:
+ return "SEND_PASSWORD";
+ case CommandID::SEND_NEW_PASSWORD:
+ return "SEND_NEW_PASSWORD";
+ case CommandID::CLEAR_NEW_SD_CARD_FOUND:
+ return "CLEAR_NEW_SD_CARD_FOUND";
+
+ case CommandID::SEND_STARTUP:
+ return "SEND_STARTUP";
+ case CommandID::SEND_CLEAR_STICK_KEYS_NOT_INITIATED:
+ return "SEND_CLEAR_STICK_KEYS_NOT_INITIATED";
+ case CommandID::SEND_LOCK_STICK_HARDWARE:
+ return "SEND_LOCK_STICK_HARDWARE";
+
+ case CommandID::PRODUCTION_TEST:
+ return "PRODUCTION_TEST";
+ case CommandID::SEND_DEBUG_DATA:
+ return "SEND_DEBUG_DATA";
+
+ case CommandID::CHANGE_UPDATE_PIN:
+ return "CHANGE_UPDATE_PIN";
+
+ case CommandID::GET_PW_SAFE_SLOT_STATUS:
+ return "GET_PW_SAFE_SLOT_STATUS";
+ case CommandID::GET_PW_SAFE_SLOT_NAME:
+ return "GET_PW_SAFE_SLOT_NAME";
+ case CommandID::GET_PW_SAFE_SLOT_PASSWORD:
+ return "GET_PW_SAFE_SLOT_PASSWORD";
+ case CommandID::GET_PW_SAFE_SLOT_LOGINNAME:
+ return "GET_PW_SAFE_SLOT_LOGINNAME";
+ case CommandID::SET_PW_SAFE_SLOT_DATA_1:
+ return "SET_PW_SAFE_SLOT_DATA_1";
+ case CommandID::SET_PW_SAFE_SLOT_DATA_2:
+ return "SET_PW_SAFE_SLOT_DATA_2";
+ case CommandID::PW_SAFE_ERASE_SLOT:
+ return "PW_SAFE_ERASE_SLOT";
+ case CommandID::PW_SAFE_ENABLE:
+ return "PW_SAFE_ENABLE";
+ case CommandID::PW_SAFE_INIT_KEY:
+ return "PW_SAFE_INIT_KEY";
+ case CommandID::PW_SAFE_SEND_DATA:
+ return "PW_SAFE_SEND_DATA";
+ case CommandID::SD_CARD_HIGH_WATERMARK:
+ return "SD_CARD_HIGH_WATERMARK";
+ case CommandID::DETECT_SC_AES:
+ return "DETECT_SC_AES";
+ case CommandID::NEW_AES_KEY:
+ return "NEW_AES_KEY";
+ }
+ return "UNKNOWN";
+}
+}
+}
diff --git a/crc32.cc b/crc32.cc
deleted file mode 100644
index 558d4ef..0000000
--- a/crc32.cc
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Author: Copyright (C) Andrzej Surowiec 2012
- *
- *
- * This file is part of Nitrokey.
- *
- * Nitrokey is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * any later version.
- *
- * Nitrokey is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with Nitrokey. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "crc32.h"
-
-
-uint32_t Crc32 (uint32_t Crc, uint32_t Data)
-{
-int i;
-
- Crc = Crc ^ Data;
-
- for (i = 0; i < 32; i++)
- if (Crc & 0x80000000)
- Crc = (Crc << 1) ^ 0x04C11DB7; // Polynomial used in STM32
- else
- Crc = (Crc << 1);
-
- return (Crc);
-}
diff --git a/device.cc b/device.cc
index c954cb7..08cba49 100644
--- a/device.cc
+++ b/device.cc
@@ -1,52 +1,93 @@
#include <chrono>
#include <thread>
#include <cstddef>
+#include <stdexcept>
#include <hidapi/hidapi.h>
#include "device.h"
+#include "log.h"
+#include "misc.h"
-using namespace device;
+using namespace nitrokey::device;
+using namespace nitrokey::log;
Device::Device()
-: m_vid(0), m_pid(0),
- m_retry_count(4),
- m_retry_timeout(50),
- mp_devhandle(NULL) {}
+ : m_vid(0),
+ m_pid(0),
+ m_retry_count(40),
+ m_retry_timeout(50),
+ mp_devhandle(NULL) {}
+bool Device::disconnect() {
+ Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
+
+ hid_exit();
+ mp_devhandle = NULL;
+ return true;
+}
bool Device::connect() {
- hid_init();
+ Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
- mp_devhandle = hid_open(m_vid, m_pid, NULL);
- return mp_devhandle != NULL;
+ // hid_init();
+ mp_devhandle = hid_open(m_vid, m_pid, NULL);
+ // hid_init();
+ return mp_devhandle != NULL;
}
CommError Device::send(const void *packet) {
- return (CommError)(
- hid_send_feature_report(mp_devhandle, (const unsigned char *)(packet),
- HID_REPORT_SIZE));
+ Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
+
+ if (mp_devhandle == NULL)
+ throw std::runtime_error("Attempted HID send on an invalid descriptor.");
+
+ return (CommError)(hid_send_feature_report(
+ mp_devhandle, (const unsigned char *)(packet), HID_REPORT_SIZE));
}
CommError Device::recv(void *packet) {
- CommError status;
- int retry_count = 0;
-
- for(;;) {
- status = (CommError)(
- hid_get_feature_report(mp_devhandle, (unsigned char *)(packet),
- HID_REPORT_SIZE));
- if (status == CommError::ERR_NO_ERROR || retry_count++ >= m_retry_count)
- break;
- std::this_thread::sleep_for(m_retry_timeout);
- }
-
- return status;
+ // FIXME change CommError return value to int (return value of
+ // hid_get_feature_report)
+ int status;
+ int retry_count = 0;
+
+ Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
+
+ if (mp_devhandle == NULL)
+ throw std::runtime_error("Attempted HID receive on an invalid descriptor.");
+
+ // FIXME extract error handling and repeating to parent function in
+ // device_proto:192
+ for (;;) {
+ status = (hid_get_feature_report(mp_devhandle, (unsigned char *)(packet),
+ HID_REPORT_SIZE));
+
+ // FIXME handle getting libhid error message somewhere else
+ auto pwherr = hid_error(mp_devhandle);
+ std::wstring wherr = (pwherr != NULL) ? pwherr : L"No error message";
+ std::string herr(wherr.begin(), wherr.end());
+ Log::instance()(std::string("libhid error message: ") + herr,
+ Loglevel::DEBUG_L2);
+
+ if (status > 0) break; // success
+ if (retry_count++ >= m_retry_count) {
+ Log::instance()(
+ "Maximum retry count reached" + std::to_string(retry_count),
+ Loglevel::WARNING);
+ break;
+ }
+ Log::instance()("Retrying... " + std::to_string(retry_count),
+ Loglevel::DEBUG);
+ std::this_thread::sleep_for(m_retry_timeout);
+ }
+
+ return (CommError)status;
}
Stick10::Stick10() {
- m_vid = 0x20a0;
- m_pid = 0x4108;
+ m_vid = 0x20a0;
+ m_pid = 0x4108;
}
Stick20::Stick20() {
- m_vid = 0x20a0;
- m_pid = 0x4109;
+ m_vid = 0x20a0;
+ m_pid = 0x4109;
}
diff --git a/include/command.h b/include/command.h
new file mode 100644
index 0000000..715902d
--- /dev/null
+++ b/include/command.h
@@ -0,0 +1,23 @@
+#ifndef COMMAND_H
+#define COMMAND_H
+#include <string>
+#include "command_id.h"
+#include "cxx_semantics.h"
+
+namespace nitrokey {
+namespace proto {
+
+template <CommandID cmd_id>
+class Command : semantics::non_constructible {
+ public:
+ constexpr static CommandID command_id() { return cmd_id; }
+
+ template <typename T>
+ static std::string dissect(const T &) {
+ return std::string("Payload dissection is unavailable");
+ }
+};
+}
+}
+
+#endif
diff --git a/include/command_id.h b/include/command_id.h
new file mode 100644
index 0000000..37aa5d2
--- /dev/null
+++ b/include/command_id.h
@@ -0,0 +1,85 @@
+#ifndef COMMAND_ID_H
+#define COMMAND_ID_H
+#include "inttypes.h"
+
+namespace nitrokey {
+namespace proto {
+
+enum class CommandID : uint8_t {
+ GET_STATUS = 0x00,
+ WRITE_TO_SLOT = 0x01,
+ READ_SLOT_NAME = 0x02,
+ READ_SLOT = 0x03,
+ GET_CODE = 0x04,
+ WRITE_CONFIG = 0x05,
+ ERASE_SLOT = 0x06,
+ FIRST_AUTHENTICATE = 0x07,
+ AUTHORIZE = 0x08,
+ GET_PASSWORD_RETRY_COUNT = 0x09,
+ CLEAR_WARNING = 0x0A,
+ SET_TIME = 0x0B,
+ TEST_COUNTER = 0x0C,
+ TEST_TIME = 0x0D,
+ USER_AUTHENTICATE = 0x0E,
+ GET_USER_PASSWORD_RETRY_COUNT = 0x0F,
+ USER_AUTHORIZE = 0x10,
+ UNLOCK_USER_PASSWORD = 0x11,
+ LOCK_DEVICE = 0x12,
+ FACTORY_RESET = 0x13,
+ CHANGE_USER_PIN = 0x14,
+ CHANGE_ADMIN_PIN = 0x15,
+
+ ENABLE_CRYPTED_PARI = 0x20,
+ DISABLE_CRYPTED_PARI,
+ ENABLE_HIDDEN_CRYPTED_PARI,
+ DISABLE_HIDDEN_CRYPTED_PARI,
+ ENABLE_FIRMWARE_UPDATE,
+ EXPORT_FIRMWARE_TO_FILE,
+ GENERATE_NEW_KEYS,
+ FILL_SD_CARD_WITH_RANDOM_CHARS,
+
+ WRITE_STATUS_DATA,
+ ENABLE_READONLY_UNCRYPTED_LUN,
+ ENABLE_READWRITE_UNCRYPTED_LUN,
+
+ SEND_PASSWORD_MATRIX,
+ SEND_PASSWORD_MATRIX_PINDATA,
+ SEND_PASSWORD_MATRIX_SETUP,
+
+ GET_DEVICE_STATUS,
+ SEND_DEVICE_STATUS,
+
+ SEND_HIDDEN_VOLUME_PASSWORD,
+ SEND_HIDDEN_VOLUME_SETUP,
+ SEND_PASSWORD,
+ SEND_NEW_PASSWORD,
+ CLEAR_NEW_SD_CARD_FOUND,
+
+ SEND_STARTUP,
+ SEND_CLEAR_STICK_KEYS_NOT_INITIATED,
+ SEND_LOCK_STICK_HARDWARE,
+
+ PRODUCTION_TEST,
+ SEND_DEBUG_DATA,
+
+ CHANGE_UPDATE_PIN,
+
+ GET_PW_SAFE_SLOT_STATUS = 0x60,
+ GET_PW_SAFE_SLOT_NAME = 0x61,
+ GET_PW_SAFE_SLOT_PASSWORD = 0x62,
+ GET_PW_SAFE_SLOT_LOGINNAME = 0x63,
+ SET_PW_SAFE_SLOT_DATA_1 = 0x64,
+ SET_PW_SAFE_SLOT_DATA_2 = 0x65,
+ PW_SAFE_ERASE_SLOT = 0x66,
+ PW_SAFE_ENABLE = 0x67,
+ PW_SAFE_INIT_KEY = 0x68,
+ PW_SAFE_SEND_DATA = 0x69,
+ SD_CARD_HIGH_WATERMARK = 0x70,
+ DETECT_SC_AES = 0x6a,
+ NEW_AES_KEY = 0x6b
+};
+
+const char *commandid_to_string(CommandID id);
+}
+}
+#endif
diff --git a/include/crc32.h b/include/crc32.h
deleted file mode 100644
index b0e16ff..0000000
--- a/include/crc32.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Author: Copyright (C) Andrzej Surowiec 2012
- *
- *
- * This file is part of Nitrokey.
- *
- * Nitrokey is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * any later version.
- *
- * Nitrokey is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with Nitrokey. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef CRC32_H
-#define CRC32_H
-
-#ifdef _MSC_VER
-#define uint32_t unsigned long
-#else
-#include "inttypes.h"
-#endif
-
-uint32_t Crc32 (uint32_t Crc, uint32_t Data);
-
-#endif // CRC32_H
diff --git a/include/cxx_semantics.h b/include/cxx_semantics.h
index f5d3dca..b846317 100644
--- a/include/cxx_semantics.h
+++ b/include/cxx_semantics.h
@@ -7,9 +7,9 @@
* There's no need to include Boost for a simple subset this project needs.
*/
namespace semantics {
- class non_constructible {
- non_constructible() {}
- };
+class non_constructible {
+ non_constructible() {}
+};
}
#endif
diff --git a/include/device.h b/include/device.h
index b2d83b5..dc7832d 100644
--- a/include/device.h
+++ b/include/device.h
@@ -8,58 +8,66 @@
// TODO !! SEMAPHORE
+namespace nitrokey {
namespace device {
-enum class CommError
-{
- ERR_NO_ERROR = 0,
- ERR_NOT_CONNECTED = -1,
- ERR_WRONG_RESPONSE_CRC = -2,
- ERR_SENDING = -3,
- ERR_STATUS_NOT_OK = -4
+
+enum class CommError {
+ ERR_NO_ERROR = 0,
+ ERR_NOT_CONNECTED = -1,
+ ERR_WRONG_RESPONSE_CRC = -2,
+ ERR_SENDING = -3,
+ ERR_STATUS_NOT_OK = -4
};
class Device {
-public:
- Device();
+ public:
+ Device();
+
+ // lack of device is not actually an error,
+ // so it doesn't throw
+ virtual bool connect();
+ virtual bool disconnect();
- // lack of device is not actually an error,
- // so it doesn't throw
- virtual bool connect();
+ /*
+ * Sends packet of HID_REPORT_SIZE.
+ */
+ virtual CommError send(const void *packet);
- /*
- * Sends packet of HID_REPORT_SIZE.
- */
- virtual CommError send(const void *packet);
+ /*
+ * Gets packet of HID_REPORT_SIZE.
+ * Can sleep. See below.
+ */
+ virtual CommError recv(void *packet);
- /*
- * Gets packet of HID_REPORT_SIZE.
- * Can sleep. See below.
- */
- virtual CommError recv(void *packet);
+ int get_retry_count() { return m_retry_count; }
+ const;
+ std::chrono::milliseconds get_retry_timeout() { return m_retry_timeout; }
+ const;
-protected:
- uint16_t m_vid;
- uint16_t m_pid;
+ protected:
+ uint16_t m_vid;
+ uint16_t m_pid;
- /*
- * While the project uses Signal11 portable HIDAPI
- * library, there's no way of doing it asynchronously,
- * hence polling.
- */
- int m_retry_count;
- std::chrono::milliseconds m_retry_timeout;
+ /*
+ * While the project uses Signal11 portable HIDAPI
+ * library, there's no way of doing it asynchronously,
+ * hence polling.
+ */
+ int m_retry_count;
+ std::chrono::milliseconds m_retry_timeout;
- hid_device *mp_devhandle;
+ hid_device *mp_devhandle;
};
class Stick10 : public Device {
-public:
- Stick10();
+ public:
+ Stick10();
};
class Stick20 : public Device {
-public:
- Stick20();
+ public:
+ Stick20();
};
}
+}
#endif
diff --git a/include/device_proto.h b/include/device_proto.h
index fb1dd4e..e05a303 100644
--- a/include/device_proto.h
+++ b/include/device_proto.h
@@ -1,6 +1,7 @@
#ifndef DEVICE_PROTO_H
#define DEVICE_PROTO_H
#include <utility>
+#include <thread>
#include <type_traits>
#include <stdexcept>
#include <string>
@@ -9,7 +10,10 @@
#include "inttypes.h"
#include "cxx_semantics.h"
#include "device.h"
-#include "utils/crc32.h"
+#include "misc.h"
+#include "log.h"
+#include "command_id.h"
+#include "dissect.h"
#define STICK20_UPDATE_MODE_VID 0x03EB
#define STICK20_UPDATE_MODE_PID 0x2FF1
@@ -20,99 +24,13 @@
#define PWS_PASSWORD_LENGTH 20
#define PWS_LOGINNAME_LENGTH 32
-#define PWS_SEND_PASSWORD 0
-#define PWS_SEND_LOGINNAME 1
-#define PWS_SEND_TAB 2
-#define PWS_SEND_CR 3
-
-namespace device {
- class Device;
- enum class CommError;
-}
-
-static inline uint32_t crc(const uint8_t *data, size_t size) {
- uint32_t crc = 0xffffffff;
- const uint32_t *pend = (const uint32_t *)(data + size);
- for (const uint32_t *p = (const uint32_t *)(data); p < pend; p++)
- crc = Crc32 (crc, *p);
- return crc;
-}
+#define PWS_SEND_PASSWORD 0
+#define PWS_SEND_LOGINNAME 1
+#define PWS_SEND_TAB 2
+#define PWS_SEND_CR 3
+namespace nitrokey {
namespace proto {
-enum class CommandID : uint8_t {
- GET_STATUS = 0x00,
- WRITE_TO_SLOT = 0x01,
- READ_SLOT_NAME = 0x02,
- READ_SLOT = 0x03,
- GET_CODE = 0x04,
- WRITE_CONFIG = 0x05,
- ERASE_SLOT = 0x06,
- FIRST_AUTHENTICATE = 0x07,
- AUTHORIZE = 0x08,
- GET_PASSWORD_RETRY_COUNT = 0x09,
- CLEAR_WARNING = 0x0A,
- SET_TIME = 0x0B,
- TEST_COUNTER = 0x0C,
- TEST_TIME = 0x0D,
- USER_AUTHENTICATE = 0x0E,
- GET_USER_PASSWORD_RETRY_COUNT = 0x0F,
- USER_AUTHORIZE = 0x10,
- UNLOCK_USER_PASSWORD = 0x11,
- LOCK_DEVICE = 0x12,
- FACTORY_RESET = 0x13,
- CHANGE_USER_PIN = 0x14,
- CHANGE_ADMIN_PIN = 0x15,
-
- ENABLE_CRYPTED_PARI = 0x20,
- DISABLE_CRYPTED_PARI,
- ENABLE_HIDDEN_CRYPTED_PARI,
- DISABLE_HIDDEN_CRYPTED_PARI,
- ENABLE_FIRMWARE_UPDATE,
- EXPORT_FIRMWARE_TO_FILE,
- GENERATE_NEW_KEYS,
- FILL_SD_CARD_WITH_RANDOM_CHARS,
-
- WRITE_STATUS_DATA,
- ENABLE_READONLY_UNCRYPTED_LUN,
- ENABLE_READWRITE_UNCRYPTED_LUN,
-
- SEND_PASSWORD_MATRIX,
- SEND_PASSWORD_MATRIX_PINDATA,
- SEND_PASSWORD_MATRIX_SETUP,
-
- GET_DEVICE_STATUS,
- SEND_DEVICE_STATUS,
-
- SEND_HIDDEN_VOLUME_PASSWORD,
- SEND_HIDDEN_VOLUME_SETUP,
- SEND_PASSWORD,
- SEND_NEW_PASSWORD,
- CLEAR_NEW_SD_CARD_FOUND,
-
- SEND_STARTUP,
- SEND_CLEAR_STICK_KEYS_NOT_INITIATED,
- SEND_LOCK_STICK_HARDWARE,
-
- PRODUCTION_TEST,
- SEND_DEBUG_DATA,
-
- CHANGE_UPDATE_PIN,
-
- GET_PW_SAFE_SLOT_STATUS = 0x60,
- GET_PW_SAFE_SLOT_NAME = 0x61,
- GET_PW_SAFE_SLOT_PASSWORD = 0x62,
- GET_PW_SAFE_SLOT_LOGINNAME = 0x63,
- SET_PW_SAFE_SLOT_DATA_1 = 0x64,
- SET_PW_SAFE_SLOT_DATA_2 = 0x65,
- PW_SAFE_ERASE_SLOT = 0x66,
- PW_SAFE_ENABLE = 0x67,
- PW_SAFE_INIT_KEY = 0x68,
- PW_SAFE_SEND_DATA = 0x69,
- SD_CARD_HIGH_WATERMARK = 0x70,
- DETECT_SC_AES = 0x6a,
- NEW_AES_KEY = 0x6b
-};
-
/*
* POD types for HID proto commands
* Instances are meant to be __packed.
@@ -125,39 +43,42 @@ enum class CommandID : uint8_t {
*/
template <CommandID cmd_id, typename Payload>
struct HIDReport {
- uint8_t _zero;
- CommandID command_id; // uint8_t
- union {
- uint8_t _padding[HID_REPORT_SIZE - 6];
- Payload payload;
- } __packed;
- uint32_t crc;
-
- // POD types can't have non-default constructors
- // used in Transaction<>::run()
- void initialize() {
- bzero(this, sizeof *this);
- command_id = cmd_id;
- }
-
- uint32_t calculate_CRC() const {
- // w/o leading zero, a part of each HID packet
- // w/o 4-byte crc
- return ::crc((const uint8_t *)(this) + 1,
- (size_t)(HID_REPORT_SIZE - 5));
- }
-
- void update_CRC() {
- crc = calculate_CRC();
- }
-
- bool isCRCcorrect() const {
- return crc == calculate_CRC();
- }
-
- bool isValid() const {
- return !_zero && payload.isValid() && isCRCcorrect();
- }
+ uint8_t _zero;
+ CommandID command_id; // uint8_t
+ union {
+ uint8_t _padding[HID_REPORT_SIZE - 6];
+ Payload payload;
+ } __packed;
+ uint32_t crc;
+
+ // POD types can't have non-default constructors
+ // used in Transaction<>::run()
+ void initialize() {
+ bzero(this, sizeof *this);
+ command_id = cmd_id;
+ }
+
+ uint32_t calculate_CRC() const {
+ // w/o leading zero, a part of each HID packet
+ // w/o 4-byte crc
+ return misc::stm_crc32((const uint8_t *)(this) + 1,
+ (size_t)(HID_REPORT_SIZE - 5));
+ }
+
+ void update_CRC() { crc = calculate_CRC(); }
+
+ bool isCRCcorrect() const { return crc == calculate_CRC(); }
+
+ bool isValid() const {
+ return true;
+ // return !_zero && payload.isValid() && isCRCcorrect();
+ }
+
+ operator std::string() const {
+ // Packet type is known upfront in normal operation.
+ // Can't be used to dissect random packets.
+ return QueryDissector<cmd_id, decltype(*this)>::dissect(*this);
+ }
} __packed;
/*
@@ -166,890 +87,139 @@ struct HIDReport {
* command_id member in incoming HIDReport structure carries the command
* type last used.
*/
-template <typename ResponsePayload>
+template <CommandID cmd_id, typename ResponsePayload>
struct DeviceResponse {
- uint8_t _zero;
- uint8_t device_status;
- uint8_t last_command_type;
- uint32_t last_command_crc;
- uint8_t last_command_status;
- union {
- uint8_t _padding[HID_REPORT_SIZE - 12];
- ResponsePayload payload;
- } __packed;
- uint32_t crc;
-
- void initialize() {
- bzero(this, sizeof *this);
- }
-
- uint32_t calculate_CRC() const {
- // w/o leading zero, a part of each HID packet
- // w/o 4-byte crc
- return ::crc((const uint8_t *)(this) + 1,
- (size_t)(HID_REPORT_SIZE - 5));
- }
-
- void update_CRC() {
- crc = calculate_CRC();
- }
-
- bool isCRCcorrect() const {
- return crc == calculate_CRC();
- }
-
- bool isValid() const {
- return !_zero && payload.isValid() && isCRCcorrect();
- }
+ uint8_t _zero;
+ uint8_t device_status;
+ uint8_t command_id; // originally last_command_type
+ uint32_t last_command_crc;
+ uint8_t last_command_status;
+ union {
+ uint8_t _padding[HID_REPORT_SIZE - 12];
+ ResponsePayload payload;
+ } __packed;
+ uint32_t crc;
+
+ void initialize() { bzero(this, sizeof *this); }
+
+ uint32_t calculate_CRC() const {
+ // w/o leading zero, a part of each HID packet
+ // w/o 4-byte crc
+ return misc::stm_crc32((const uint8_t *)(this) + 1,
+ (size_t)(HID_REPORT_SIZE - 5));
+ }
+
+ void update_CRC() { crc = calculate_CRC(); }
+
+ bool isCRCcorrect() const { return crc == calculate_CRC(); }
+
+ bool isValid() const {
+ // return !_zero && payload.isValid() && isCRCcorrect() &&
+ // command_id == (uint8_t)(cmd_id);
+ return true;
+ }
+
+ operator std::string() const {
+ return ResponseDissector<cmd_id, decltype(*this)>::dissect(*this);
+ }
} __packed;
struct EmptyPayload {
- uint8_t _data[];
+ uint8_t _data[];
+
+ bool isValid() const { return true; }
- bool isValid() const {
- return true;
- }
+ std::string dissect() const { return std::string("Empty Payload."); }
} __packed;
-template<CommandID cmd_id, typename command_payload,
- typename response_payload>
+template <CommandID cmd_id, typename command_payload, typename response_payload>
class Transaction : semantics::non_constructible {
-public:
- // Types declared in command class scope can't be reached from there.
- typedef command_payload CommandPayload;
- typedef response_payload ResponsePayload;
-
- typedef struct HIDReport<cmd_id, CommandPayload> OutgoingPacket;
- typedef struct DeviceResponse<ResponsePayload> ResponsePacket;
-
- static_assert(std::is_pod<OutgoingPacket>::value,
- "OutgoingPacket must be a POD type");
- static_assert(std::is_pod<ResponsePacket>::value,
- "ResponsePacket must be a POD type");
- static_assert(sizeof(OutgoingPacket) == HID_REPORT_SIZE,
- "OutgoingPacket type is not the right size");
- static_assert(sizeof(ResponsePacket) == HID_REPORT_SIZE,
- "ResponsePacket type is not the right size");
-
- static response_payload run(device::Device &dev,
- const command_payload &payload) {
- using namespace device;
-
- CommError status;
- OutgoingPacket outp;
- ResponsePacket resp;
-
- // POD types can't have non-default constructors
- outp.initialize();
- resp.initialize();
-
- outp.payload = payload;
- outp.update_CRC();
-
- if (!outp.isValid())
- throw std::runtime_error("Invalid outgoing packet");
-
- status = dev.send(&outp);
- if ((int)(status) < 0 && status != CommError::ERR_NO_ERROR)
- throw std::runtime_error(
- std::string("Device error while sending command ") +
- std::to_string((int)(status)));
-
- status = dev.recv(&resp);
- if ((int)(status) < 0 && status != CommError::ERR_NO_ERROR)
- throw std::runtime_error(
- std::string("Device error while executing command ") +
- std::to_string((int)(status)));
-
- if (!resp.isValid())
- throw std::runtime_error("Invalid incoming packet");
-
- // See: DeviceResponse
- return resp.payload;
- }
-
- static response_payload run(device::Device &dev) {
- command_payload empty_payload;
- return run(dev, empty_payload);
- }
+ public:
+ // Types declared in command class scope can't be reached from there.
+ typedef command_payload CommandPayload;
+ typedef response_payload ResponsePayload;
+
+ typedef struct HIDReport<cmd_id, CommandPayload> OutgoingPacket;
+ typedef struct DeviceResponse<cmd_id, ResponsePayload> ResponsePacket;
+
+ static_assert(std::is_pod<OutgoingPacket>::value,
+ "outgoingpacket must be a pod type");
+ static_assert(std::is_pod<ResponsePacket>::value,
+ "ResponsePacket must be a POD type");
+ static_assert(sizeof(OutgoingPacket) == HID_REPORT_SIZE,
+ "OutgoingPacket type is not the right size");
+ static_assert(sizeof(ResponsePacket) == HID_REPORT_SIZE,
+ "ResponsePacket type is not the right size");
+
+ static uint32_t getCRC(
+ const command_payload &payload) {
+ OutgoingPacket outp;
+ outp.initialize();
+ outp.payload = payload;
+ outp.update_CRC();
+ return outp.crc;
+ }
+
+ static response_payload run(device::Device &dev,
+ const command_payload &payload) {
+ using namespace ::nitrokey::device;
+ using namespace ::nitrokey::log;
+
+ Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
+
+ CommError status;
+ OutgoingPacket outp;
+ ResponsePacket resp;
+
+ // POD types can't have non-default constructors
+ outp.initialize();
+ resp.initialize();
+
+ outp.payload = payload;
+ outp.update_CRC();
+
+ Log::instance()("Outgoing HID packet:", Loglevel::DEBUG);
+ Log::instance()((std::string)(outp), Loglevel::DEBUG);
+
+ if (!outp.isValid()) throw std::runtime_error("Invalid outgoing packet");
+
+ status = dev.send(&outp);
+ if ((int)(status) < 0 && status != CommError::ERR_NO_ERROR)
+ throw std::runtime_error(
+ std::string("Device error while sending command ") +
+ std::to_string((int)(status)));
+
+ // FIXME make checks done in device:recv here
+ int retry = dev.get_retry_count();
+ while (retry-- > 0) {
+ status = dev.recv(&resp);
+ if (resp.device_status == 0) break;
+ Log::instance()("Device status is not ready (CRC error?) retrying..",
+ Loglevel::DEBUG); // FIXME translate device_status to log
+ Log::instance()("Invalid incoming HID packet:", Loglevel::DEBUG_L2);
+ Log::instance()((std::string)(resp), Loglevel::DEBUG_L2);
+ std::this_thread::sleep_for(dev.get_retry_timeout());
+ continue;
+ }
+ if ((int)(status) < 0 && status != CommError::ERR_NO_ERROR)
+ throw std::runtime_error(
+ std::string("Device error while executing command ") +
+ std::to_string((int)(status)));
+
+ Log::instance()("Incoming HID packet:", Loglevel::DEBUG);
+ Log::instance()((std::string)(resp), Loglevel::DEBUG);
+
+ if (!resp.isValid()) throw std::runtime_error("Invalid incoming packet");
+
+ // See: DeviceResponse
+ return resp.payload;
+ }
+
+ static response_payload run(device::Device &dev) {
+ command_payload empty_payload;
+ return run(dev, empty_payload);
+ }
};
-
-/*
- * Stick10 protocol definition
- */
-namespace stick10 {
- namespace command {
- class GetSlotName : semantics::non_constructible {
- public:
- // reachable as a typedef in Transaction
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t slot_name[15];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::READ_SLOT_NAME,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class EraseSlot : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::ERASE_SLOT,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SetTime : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t reset; // 0 - get time, 1 - set time
- uint64_t time; // posix time
-
- bool isValid() const {
- return reset && reset != 1;
- }
- } __packed;
-
- typedef Transaction<CommandID::SET_TIME,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- // TODO duplicate TOTP
- class WriteToHOTPSlot : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint8_t slot_name[15];
- uint8_t slot_secret[20];
- uint8_t slot_config;
- uint8_t slot_token_id[13];
- uint8_t slot_counter[8];
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::WRITE_TO_SLOT,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class WriteToTOTPSlot : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint8_t slot_name[15];
- uint8_t slot_secret[20];
- uint8_t slot_config;
- uint8_t slot_token_id[13];
- uint16_t slot_interval;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::WRITE_TO_SLOT,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class GetCode : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint64_t challenge;
- uint64_t last_totp_time;
- uint8_t last_interval;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t code[18];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_CODE,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetHOTP : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_CODE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ReadSlot : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t slot_name[15];
- uint8_t config;
- uint8_t token_id[13];
- uint64_t counter;
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::READ_SLOT,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetStatus : semantics::non_constructible {
- public:
- struct ResponsePayload {
- uint16_t firmware_version;
- uint8_t card_serial[4];
- uint8_t general_config[3];
- uint8_t otp_password_config[2];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_STATUS,
- struct EmptyPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetPasswordRetryCount : semantics::non_constructible {
- public:
- struct ResponsePayload {
- uint8_t password_retry_count;
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_PASSWORD_RETRY_COUNT,
- struct EmptyPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetUserPasswordRetryCount : semantics::non_constructible {
- public:
- struct ResponsePayload {
- uint8_t password_retry_count;
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_USER_PASSWORD_RETRY_COUNT,
- struct EmptyPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetPasswordSafeSlotStatus : semantics::non_constructible {
- public:
- struct ResponsePayload {
- uint8_t password_safe_status[PWS_SLOT_COUNT];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_PW_SAFE_SLOT_STATUS,
- struct EmptyPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetPasswordSafeSlotName : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t slot_name[PWS_SLOTNAME_LENGTH];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_PW_SAFE_SLOT_NAME,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetPasswordSafeSlotPassword : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t slot_password[PWS_PASSWORD_LENGTH];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_PW_SAFE_SLOT_PASSWORD,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class GetPasswordSafeSlotLogin : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- struct ResponsePayload {
- uint8_t slot_login[PWS_LOGINNAME_LENGTH];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::GET_PW_SAFE_SLOT_LOGINNAME,
- struct CommandPayload,
- struct ResponsePayload> CommandTransaction;
- };
-
- class SetPasswordSafeSlotData : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint8_t slot_name[PWS_SLOTNAME_LENGTH];
- uint8_t slot_password[PWS_PASSWORD_LENGTH];
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::SET_PW_SAFE_SLOT_DATA_1,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SetPasswordSafeSlotData2 : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint8_t slot_name[PWS_SLOTNAME_LENGTH];
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::SET_PW_SAFE_SLOT_DATA_2,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ErasePasswordSafeSlot : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::PW_SAFE_ERASE_SLOT,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class EnablePasswordSafe : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::PW_SAFE_ENABLE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class PasswordSafeInitKey : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::PW_SAFE_INIT_KEY,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- // TODO naming screwed up, see above
- class PasswordSafeSendSlotViaHID: semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t slot_number;
- uint8_t slot_kind;
-
- bool isValid() const {
- return !(slot_number & 0xF0);
- }
- } __packed;
-
- typedef Transaction<CommandID::PW_SAFE_SEND_DATA,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
-
- // TODO "Device::passwordSafeSendSlotDataViaHID"
-
- class WriteGeneralConfig : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t config[5];
- } __packed;
-
- typedef Transaction<CommandID::WRITE_CONFIG,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class FirstAuthenticate : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t card_password[25];
- uint8_t temporary_password[25];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::FIRST_AUTHENTICATE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class UserAuthenticate : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t card_password[25];
- uint8_t temporary_password[25];
-
- bool isValid() const {
- return true;
- }
- } __packed;
-
- typedef Transaction<CommandID::USER_AUTHENTICATE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class Authorize : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t crc[4];
- uint8_t password[25];
- } __packed;
-
- typedef Transaction<CommandID::AUTHORIZE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class UserAuthorize : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t crc[4];
- uint8_t password[25];
- } __packed;
-
- typedef Transaction<CommandID::USER_AUTHORIZE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class UnlockUserPassword : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t admin_password[20]; // TODO
- } __packed;
-
- // TODO could we get the stick to return the retry count?
-
- typedef Transaction<CommandID::UNLOCK_USER_PASSWORD,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ChangeUserPin : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t old_pin[25];
- uint8_t new_pin[25];
- } __packed;
-
- typedef Transaction<CommandID::CHANGE_USER_PIN,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- // TODO why is it needed?
- class IsAESSupported : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[20];
- } __packed;
-
- typedef Transaction<CommandID::DETECT_SC_AES,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ChangeAdminPin : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t old_pin[25];
- uint8_t new_pin[25];
- } __packed;
-
- typedef Transaction<CommandID::CHANGE_ADMIN_PIN,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class LockDevice : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::LOCK_DEVICE,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class FactoryReset : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[20];
- } __packed;
-
- typedef Transaction<CommandID::FACTORY_RESET,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class BuildAESKey : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[20];
- } __packed;
-
- typedef Transaction<CommandID::NEW_AES_KEY,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
- }
-}
-
-/*
-* STICK20 protocol command ids
-* a superset of STICK10
-*/
-namespace stick20 {
- namespace command {
- class EnableEncryptedPartition : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30]; // TODO check w/ firmware
- };
-
- typedef Transaction<CommandID::ENABLE_CRYPTED_PARI,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class DisableEncryptedPartition : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::DISABLE_CRYPTED_PARI,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class EnableHiddenEncryptedPartition : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30]; // TODO check w/ firmware
- };
-
- typedef Transaction<CommandID::ENABLE_HIDDEN_CRYPTED_PARI,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class DisableHiddenEncryptedPartition : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::DISABLE_CRYPTED_PARI,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class EnableFirmwareUpdate : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30]; // TODO check w/ firmware
- };
-
- typedef Transaction<CommandID::ENABLE_FIRMWARE_UPDATE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class UpdatePassword : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t old_password[15];
- uint8_t new_password[15];
- };
-
- typedef Transaction<CommandID::CHANGE_UPDATE_PIN,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ExportFirmware : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::EXPORT_FIRMWARE_TO_FILE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class CreateNewKeys : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::GENERATE_NEW_KEYS,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class FillSDCardWithRandomChars : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t volume_flag;
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::FILL_SD_CARD_WITH_RANDOM_CHARS,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SetupHiddenVolume : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::SEND_HIDDEN_VOLUME_SETUP,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendPasswordMatrix : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::SEND_PASSWORD_MATRIX,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendPasswordMatrixPinData : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t pin_data[30]; // TODO how long actually can it be?
- };
-
- typedef Transaction<CommandID::SEND_PASSWORD_MATRIX_PINDATA,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendPasswordMatrixSetup : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t setup_data[30]; // TODO how long actually can it be?
- };
-
- typedef Transaction<CommandID::SEND_PASSWORD_MATRIX_SETUP,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class GetDeviceStatus : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::GET_DEVICE_STATUS,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendPassword : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::SEND_PASSWORD,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendNewPassword : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::SEND_NEW_PASSWORD,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- // TODO fix original nomenclature
- class SendSetReadonlyToUncryptedVolume : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::ENABLE_READWRITE_UNCRYPTED_LUN,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendSetReadwriteToUncryptedVolume : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::ENABLE_READWRITE_UNCRYPTED_LUN,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendClearNewSdCardFound : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::CLEAR_NEW_SD_CARD_FOUND,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendStartup : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint64_t localtime; // POSIX
- };
-
- typedef Transaction<CommandID::SEND_STARTUP,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class SendHiddenVolumeSetup : semantics::non_constructible {
- public:
- struct CommandPayload {
- // TODO HiddenVolumeSetup_tst type
- };
-
- typedef Transaction<CommandID::SEND_HIDDEN_VOLUME_SETUP,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class LockFirmware : semantics::non_constructible {
- public:
- struct CommandPayload {
- uint8_t password[30];
- };
-
- typedef Transaction<CommandID::SEND_LOCK_STICK_HARDWARE,
- struct CommandPayload,
- struct EmptyPayload> CommandTransaction;
- };
-
- class ProductionTest : semantics::non_constructible {
- public:
- typedef Transaction<CommandID::PRODUCTION_TEST,
- struct EmptyPayload,
- struct EmptyPayload> CommandTransaction;
- };
- }
}
}
-
#endif
diff --git a/include/dissect.h b/include/dissect.h
new file mode 100644
index 0000000..993d348
--- /dev/null
+++ b/include/dissect.h
@@ -0,0 +1,82 @@
+/*
+ * Protocol packet dissection
+ */
+#ifndef DISSECT_H
+#define DISSECT_H
+#include <string>
+#include <sstream>
+#include "misc.h"
+#include "cxx_semantics.h"
+#include "command_id.h"
+#include "device_proto.h"
+
+namespace nitrokey {
+namespace proto {
+
+template <CommandID id, class HIDPacket>
+class QueryDissector : semantics::non_constructible {
+ public:
+ static std::string dissect(const HIDPacket &pod) {
+ std::stringstream out;
+
+ out << "Raw HID packet:" << std::endl;
+ out << ::nitrokey::misc::hexdump((const char *)(&pod), sizeof pod);
+
+ out << "Contents:" << std::endl;
+ out << "Command ID:\t" << commandid_to_string((CommandID)(pod.command_id))
+ << std::endl;
+ out << "CRC:\t" << pod.crc << std::endl;
+
+ out << "Payload:" << std::endl;
+ out << pod.payload.dissect();
+ return out.str();
+ }
+};
+
+template <CommandID id, class HIDPacket>
+class ResponseDissector : semantics::non_constructible {
+ public:
+ static std::string dissect(const HIDPacket &pod) {
+ std::stringstream out;
+
+ // FIXME use values from firmware (possibly generate separate
+ // header automatically)
+ std::string status[4];
+ status[0] = " STATUS_READY";
+ status[1] = " STATUS_BUSY";
+ status[2] = " STATUS_ERROR";
+ status[3] = " STATUS_RECEIVED_REPORT";
+ std::string cmd[11];
+ cmd[0] = " CMD_STATUS_OK";
+ cmd[1] = " CMD_STATUS_WRONG_CRC";
+ cmd[2] = " CMD_STATUS_WRONG_SLOT";
+ cmd[3] = " CMD_STATUS_SLOT_NOT_PROGRAMMED";
+ cmd[4] = " CMD_STATUS_WRONG_PASSWORD";
+ cmd[5] = " CMD_STATUS_NOT_AUTHORIZED";
+ cmd[6] = " CMD_STATUS_TIMESTAMP_WARNING";
+ cmd[7] = " CMD_STATUS_NO_NAME_ERROR";
+ cmd[8] = " CMD_STATUS_NOT_SUPPORTED";
+ cmd[9] = " CMD_STATUS_UNKNOWN_COMMAND";
+ cmd[10] = " CMD_STATUS_AES_DEC_FAILED";
+
+ out << "Raw HID packet:" << std::endl;
+ out << ::nitrokey::misc::hexdump((const char *)(&pod), sizeof pod);
+
+ out << "Device status:\t" << pod.device_status + 0 << " "
+ << status[pod.device_status] << std::endl;
+ out << "Command ID:\t" << commandid_to_string((CommandID)(pod.command_id))
+ << std::endl;
+ out << "Last command CRC:\t" << pod.last_command_crc << std::endl;
+ out << "Last command status:\t" << pod.last_command_status + 0 << " "
+ << cmd[pod.last_command_status] << std::endl;
+ out << "CRC:\t" << pod.crc << std::endl;
+
+ out << "Payload:" << std::endl;
+ out << pod.payload.dissect();
+ return out.str();
+ }
+};
+}
+}
+
+#endif
diff --git a/include/inttypes.h b/include/inttypes.h
new file mode 100644
index 0000000..de2cc83
--- /dev/null
+++ b/include/inttypes.h
@@ -0,0 +1,522 @@
+/* Copyright (c) 2004,2005,2007 Joerg Wunsch Copyright (c) 2005, Carlos Lamas All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+ * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ * Neither the name of the copyright holders nor the names of contributors may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+/* $Id: inttypes.h 1766 2008-10-17 21:33:57Z arcanum $ */
+
+#ifndef __INTTYPES_H_
+#define __INTTYPES_H_
+
+#include <stdint.h>
+
+/** \file */
+/** \defgroup avr_inttypes <inttypes.h>: Integer Type conversions
+ \code #include <inttypes.h> \endcode
+
+ This header file includes the exact-width integer definitions from
+ <tt><stdint.h></tt>, and extends them with additional facilities
+ provided by the implementation.
+
+ Currently, the extensions include two additional integer types
+ that could hold a "far" pointer (i.e. a code pointer that can
+ address more than 64 KB), as well as standard names for all printf
+ and scanf formatting options that are supported by the \ref avr_stdio.
+ As the library does not support the full range of conversion
+ specifiers from ISO 9899:1999, only those conversions that are
+ actually implemented will be listed here.
+
+ The idea behind these conversion macros is that, for each of the
+ types defined by <stdint.h>, a macro will be supplied that portably
+ allows formatting an object of that type in printf() or scanf()
+ operations. Example:
+
+ \code
+ #include <inttypes.h>
+
+ uint8_t smallval;
+ int32_t longval;
+ ...
+ printf("The hexadecimal value of smallval is %" PRIx8
+ ", the decimal value of longval is %" PRId32 ".\n",
+ smallval, longval);
+ \endcode
+*/
+
+/** \name Far pointers for memory access >64K */
+
+/* @{ */
+/** \ingroup avr_inttypes
+ signed integer type that can hold a pointer > 64 KB */
+typedef int32_t int_farptr_t;
+
+/** \ingroup avr_inttypes
+ unsigned integer type that can hold a pointer > 64 KB */
+typedef uint32_t uint_farptr_t;
+
+/* @} */
+
+#if !defined(__cplusplus) || defined(__STDC_LIMIT_MACROS)
+
+
+/** \name macros for printf and scanf format specifiers
+
+ For C++, these are only included if __STDC_LIMIT_MACROS
+ is defined before including <inttypes.h>.
+ */
+
+/* @{ */
+/** \ingroup avr_inttypes
+ decimal printf format for int8_t */
+#define PRId8 "d"
+/** \ingroup avr_inttypes
+ decimal printf format for int_least8_t */
+#define PRIdLEAST8 "d"
+/** \ingroup avr_inttypes
+ decimal printf format for int_fast8_t */
+#define PRIdFAST8 "d"
+
+/** \ingroup avr_inttypes
+ integer printf format for int8_t */
+#define PRIi8 "i"
+/** \ingroup avr_inttypes
+ integer printf format for int_least8_t */
+#define PRIiLEAST8 "i"
+/** \ingroup avr_inttypes
+ integer printf format for int_fast8_t */
+#define PRIiFAST8 "i"
+
+
+/** \ingroup avr_inttypes
+ decimal printf format for int16_t */
+#define PRId16 "d"
+/** \ingroup avr_inttypes
+ decimal printf format for int_least16_t */
+#define PRIdLEAST16 "d"
+/** \ingroup avr_inttypes
+ decimal printf format for int_fast16_t */
+#define PRIdFAST16 "d"
+
+/** \ingroup avr_inttypes
+ integer printf format for int16_t */
+#define PRIi16 "i"
+/** \ingroup avr_inttypes
+ integer printf format for int_least16_t */
+#define PRIiLEAST16 "i"
+/** \ingroup avr_inttypes
+ integer printf format for int_fast16_t */
+#define PRIiFAST16 "i"
+
+
+/** \ingroup avr_inttypes
+ decimal printf format for int32_t */
+#define PRId32 "ld"
+/** \ingroup avr_inttypes
+ decimal printf format for int_least32_t */
+#define PRIdLEAST32 "ld"
+/** \ingroup avr_inttypes
+ decimal printf format for int_fast32_t */
+#define PRIdFAST32 "ld"
+
+/** \ingroup avr_inttypes
+ integer printf format for int32_t */
+#define PRIi32 "li"
+/** \ingroup avr_inttypes
+ integer printf format for int_least32_t */
+#define PRIiLEAST32 "li"
+/** \ingroup avr_inttypes
+ integer printf format for int_fast32_t */
+#define PRIiFAST32 "li"
+
+
+#ifdef __avr_libc_does_not_implement_long_long_in_printf_or_scanf
+
+#define PRId64 "lld"
+#define PRIdLEAST64 "lld"
+#define PRIdFAST64 "lld"
+
+#define PRIi64 "lli"
+#define PRIiLEAST64 "lli"
+#define PRIiFAST64 "lli"
+
+
+#define PRIdMAX "lld"
+#define PRIiMAX "lli"
+
+#endif
+
+/** \ingroup avr_inttypes
+ decimal printf format for intptr_t */
+#define PRIdPTR PRId16
+/** \ingroup avr_inttypes
+ integer printf format for intptr_t */
+#define PRIiPTR PRIi16
+
+/** \ingroup avr_inttypes
+ octal printf format for uint8_t */
+#define PRIo8 "o"
+/** \ingroup avr_inttypes
+ octal printf format for uint_least8_t */
+#define PRIoLEAST8 "o"
+/** \ingroup avr_inttypes
+ octal printf format for uint_fast8_t */
+#define PRIoFAST8 "o"
+
+/** \ingroup avr_inttypes
+ decimal printf format for uint8_t */
+#define PRIu8 "u"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_least8_t */
+#define PRIuLEAST8 "u"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_fast8_t */
+#define PRIuFAST8 "u"
+
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint8_t */
+#define PRIx8 "x"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_least8_t */
+#define PRIxLEAST8 "x"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_fast8_t */
+#define PRIxFAST8 "x"
+
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint8_t */
+#define PRIX8 "X"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_least8_t */
+#define PRIXLEAST8 "X"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_fast8_t */
+#define PRIXFAST8 "X"
+
+
+/** \ingroup avr_inttypes
+ octal printf format for uint16_t */
+#define PRIo16 "o"
+/** \ingroup avr_inttypes
+ octal printf format for uint_least16_t */
+#define PRIoLEAST16 "o"
+/** \ingroup avr_inttypes
+ octal printf format for uint_fast16_t */
+#define PRIoFAST16 "o"
+
+/** \ingroup avr_inttypes
+ decimal printf format for uint16_t */
+#define PRIu16 "u"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_least16_t */
+#define PRIuLEAST16 "u"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_fast16_t */
+#define PRIuFAST16 "u"
+
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint16_t */
+#define PRIx16 "x"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_least16_t */
+#define PRIxLEAST16 "x"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_fast16_t */
+#define PRIxFAST16 "x"
+
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint16_t */
+#define PRIX16 "X"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_least16_t */
+#define PRIXLEAST16 "X"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_fast16_t */
+#define PRIXFAST16 "X"
+
+
+/** \ingroup avr_inttypes
+ octal printf format for uint32_t */
+#define PRIo32 "lo"
+/** \ingroup avr_inttypes
+ octal printf format for uint_least32_t */
+#define PRIoLEAST32 "lo"
+/** \ingroup avr_inttypes
+ octal printf format for uint_fast32_t */
+#define PRIoFAST32 "lo"
+
+/** \ingroup avr_inttypes
+ decimal printf format for uint32_t */
+#define PRIu32 "lu"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_least32_t */
+#define PRIuLEAST32 "lu"
+/** \ingroup avr_inttypes
+ decimal printf format for uint_fast32_t */
+#define PRIuFAST32 "lu"
+
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint32_t */
+#define PRIx32 "lx"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_least32_t */
+#define PRIxLEAST32 "lx"
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uint_fast32_t */
+#define PRIxFAST32 "lx"
+
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint32_t */
+#define PRIX32 "lX"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_least32_t */
+#define PRIXLEAST32 "lX"
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uint_fast32_t */
+#define PRIXFAST32 "lX"
+
+
+#ifdef __avr_libc_does_not_implement_long_long_in_printf_or_scanf
+
+#define PRIo64 "llo"
+#define PRIoLEAST64 "llo"
+#define PRIoFAST64 "llo"
+
+#define PRIu64 "llu"
+#define PRIuLEAST64 "llu"
+#define PRIuFAST64 "llu"
+
+#define PRIx64 "llx"
+#define PRIxLEAST64 "llx"
+#define PRIxFAST64 "llx"
+
+#define PRIX64 "llX"
+#define PRIXLEAST64 "llX"
+#define PRIXFAST64 "llX"
+
+#define PRIoMAX "llo"
+#define PRIuMAX "llu"
+#define PRIxMAX "llx"
+#define PRIXMAX "llX"
+
+#endif
+
+/** \ingroup avr_inttypes
+ octal printf format for uintptr_t */
+#define PRIoPTR PRIo16
+/** \ingroup avr_inttypes
+ decimal printf format for uintptr_t */
+#define PRIuPTR PRIu16
+/** \ingroup avr_inttypes
+ hexadecimal printf format for uintptr_t */
+#define PRIxPTR PRIx16
+/** \ingroup avr_inttypes
+ uppercase hexadecimal printf format for uintptr_t */
+#define PRIXPTR PRIX16
+
+
+#ifdef __avr_libc_does_not_implement_hh_in_scanf
+
+#define SCNd8 "hhd"
+#define SCNdLEAST8 "hhd"
+#define SCNdFAST8 "hhd"
+
+#define SCNi8 "hhi"
+#define SCNiLEAST8 "hhi"
+#define SCNiFAST8 "hhi"
+
+#endif
+
+
+/** \ingroup avr_inttypes
+ decimal scanf format for int16_t */
+#define SCNd16 "d"
+/** \ingroup avr_inttypes
+ decimal scanf format for int_least16_t */
+#define SCNdLEAST16 "d"
+/** \ingroup avr_inttypes
+ decimal scanf format for int_fast16_t */
+#define SCNdFAST16 "d"
+
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int16_t */
+#define SCNi16 "i"
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int_least16_t */
+#define SCNiLEAST16 "i"
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int_fast16_t */
+#define SCNiFAST16 "i"
+
+
+/** \ingroup avr_inttypes
+ decimal scanf format for int32_t */
+#define SCNd32 "ld"
+/** \ingroup avr_inttypes
+ decimal scanf format for int_least32_t */
+#define SCNdLEAST32 "ld"
+/** \ingroup avr_inttypes
+ decimal scanf format for int_fast32_t */
+#define SCNdFAST32 "ld"
+
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int32_t */
+#define SCNi32 "li"
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int_least32_t */
+#define SCNiLEAST32 "li"
+/** \ingroup avr_inttypes
+ generic-integer scanf format for int_fast32_t */
+#define SCNiFAST32 "li"
+
+
+#ifdef __avr_libc_does_not_implement_long_long_in_printf_or_scanf
+
+#define SCNd64 "lld"
+#define SCNdLEAST64 "lld"
+#define SCNdFAST64 "lld"
+
+#define SCNi64 "lli"
+#define SCNiLEAST64 "lli"
+#define SCNiFAST64 "lli"
+
+#define SCNdMAX "lld"
+#define SCNiMAX "lli"
+
+#endif
+
+/** \ingroup avr_inttypes
+ decimal scanf format for intptr_t */
+#define SCNdPTR SCNd16
+/** \ingroup avr_inttypes
+ generic-integer scanf format for intptr_t */
+#define SCNiPTR SCNi16
+
+#ifdef __avr_libc_does_not_implement_hh_in_scanf
+
+#define SCNo8 "hho"
+#define SCNoLEAST8 "hho"
+#define SCNoFAST8 "hho"
+
+#define SCNu8 "hhu"
+#define SCNuLEAST8 "hhu"
+#define SCNuFAST8 "hhu"
+
+#define SCNx8 "hhx"
+#define SCNxLEAST8 "hhx"
+#define SCNxFAST8 "hhx"
+
+#endif
+
+/** \ingroup avr_inttypes
+ octal scanf format for uint16_t */
+#define SCNo16 "o"
+/** \ingroup avr_inttypes
+ octal scanf format for uint_least16_t */
+#define SCNoLEAST16 "o"
+/** \ingroup avr_inttypes
+ octal scanf format for uint_fast16_t */
+#define SCNoFAST16 "o"
+
+/** \ingroup avr_inttypes
+ decimal scanf format for uint16_t */
+#define SCNu16 "u"
+/** \ingroup avr_inttypes
+ decimal scanf format for uint_least16_t */
+#define SCNuLEAST16 "u"
+/** \ingroup avr_inttypes
+ decimal scanf format for uint_fast16_t */
+#define SCNuFAST16 "u"
+
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint16_t */
+#define SCNx16 "x"
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint_least16_t */
+#define SCNxLEAST16 "x"
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint_fast16_t */
+#define SCNxFAST16 "x"
+
+
+/** \ingroup avr_inttypes
+ octal scanf format for uint32_t */
+#define SCNo32 "lo"
+/** \ingroup avr_inttypes
+ octal scanf format for uint_least32_t */
+#define SCNoLEAST32 "lo"
+/** \ingroup avr_inttypes
+ octal scanf format for uint_fast32_t */
+#define SCNoFAST32 "lo"
+
+/** \ingroup avr_inttypes
+ decimal scanf format for uint32_t */
+#define SCNu32 "lu"
+/** \ingroup avr_inttypes
+ decimal scanf format for uint_least32_t */
+#define SCNuLEAST32 "lu"
+/** \ingroup avr_inttypes
+ decimal scanf format for uint_fast32_t */
+#define SCNuFAST32 "lu"
+
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint32_t */
+#define SCNx32 "lx"
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint_least32_t */
+#define SCNxLEAST32 "lx"
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uint_fast32_t */
+#define SCNxFAST32 "lx"
+
+
+#ifdef __avr_libc_does_not_implement_long_long_in_printf_or_scanf
+
+#define SCNo64 "llo"
+#define SCNoLEAST64 "llo"
+#define SCNoFAST64 "llo"
+
+#define SCNu64 "llu"
+#define SCNuLEAST64 "llu"
+#define SCNuFAST64 "llu"
+
+#define SCNx64 "llx"
+#define SCNxLEAST64 "llx"
+#define SCNxFAST64 "llx"
+
+#define SCNoMAX "llo"
+#define SCNuMAX "llu"
+#define SCNxMAX "llx"
+
+#endif
+
+/** \ingroup avr_inttypes
+ octal scanf format for uintptr_t */
+#define SCNoPTR SCNo16
+/** \ingroup avr_inttypes
+ decimal scanf format for uintptr_t */
+#define SCNuPTR SCNu16
+/** \ingroup avr_inttypes
+ hexadecimal scanf format for uintptr_t */
+#define SCNxPTR SCNx16
+
+/* @} */
+
+
+#endif /* !defined(__cplusplus) || defined(__STDC_LIMIT_MACROS) */
+
+
+#endif /* __INTTYPES_H_ */
diff --git a/include/log.h b/include/log.h
new file mode 100644
index 0000000..8eda4fb
--- /dev/null
+++ b/include/log.h
@@ -0,0 +1,50 @@
+#ifndef LOG_H
+#define LOG_H
+#include <string>
+#include <cstddef>
+
+namespace nitrokey {
+namespace log {
+
+enum class Loglevel : int { DEBUG_L2, DEBUG, INFO, WARNING, ERROR };
+
+class LogHandler {
+ public:
+ virtual void print(const std::string &, Loglevel lvl) = 0;
+
+ protected:
+ std::string loglevel_to_str(Loglevel);
+};
+
+class StdlogHandler : public LogHandler {
+ public:
+ virtual void print(const std::string &, Loglevel lvl);
+};
+
+extern StdlogHandler stdlog_handler;
+
+class Log {
+ public:
+ Log() : mp_loghandler(&stdlog_handler), m_loglevel(Loglevel::WARNING) {}
+
+ static Log &instance() {
+ if (mp_instance == NULL) mp_instance = new Log;
+ return *mp_instance;
+ }
+
+ void operator()(const std::string &, Loglevel);
+
+ void set_loglevel(Loglevel lvl) { m_loglevel = lvl; }
+
+ void set_handler(LogHandler *handler) { mp_loghandler = handler; }
+
+ private:
+ Loglevel m_loglevel;
+ LogHandler *mp_loghandler;
+
+ static Log *mp_instance;
+};
+}
+}
+
+#endif
diff --git a/include/misc.h b/include/misc.h
new file mode 100644
index 0000000..07f221c
--- /dev/null
+++ b/include/misc.h
@@ -0,0 +1,14 @@
+#ifndef MISC_H
+#define MISC_H
+#include <stdio.h>
+#include <string>
+
+namespace nitrokey {
+namespace misc {
+
+std::string hexdump(const char *p, size_t size);
+uint32_t stm_crc32(const uint8_t *data, size_t size);
+}
+}
+
+#endif
diff --git a/include/stick10_commands.h b/include/stick10_commands.h
new file mode 100644
index 0000000..f1903aa
--- /dev/null
+++ b/include/stick10_commands.h
@@ -0,0 +1,588 @@
+#ifndef STICK10_COMMANDS_H
+#define STICK10_COMMANDS_H
+#include <string>
+#include <sstream>
+#include "inttypes.h"
+#include "command.h"
+
+namespace nitrokey {
+namespace proto {
+
+/*
+ * Stick10 protocol definition
+ */
+namespace stick10 {
+class GetSlotName : public Command<CommandID::READ_SLOT_NAME> {
+ public:
+ // reachable as a typedef in Transaction
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t slot_name[15];
+
+ bool isValid() const { return true; }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class EraseSlot : Command<CommandID::ERASE_SLOT> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class SetTime : Command<CommandID::SET_TIME> {
+ public:
+ struct CommandPayload {
+ uint8_t reset; // 0 - get time, 1 - set time
+ uint64_t time; // posix time
+
+ bool isValid() const { return reset && reset != 1; }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+// TODO duplicate TOTP
+class WriteToHOTPSlot : Command<CommandID::WRITE_TO_SLOT> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint8_t slot_name[15];
+ uint8_t slot_secret[20];
+ uint8_t slot_config;
+ uint8_t slot_token_id[13];
+ uint8_t slot_counter[8];
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "slot_number:\t" << (int)(slot_number) << std::endl;
+ ss << "slot_name:\t" << slot_name << std::endl;
+ ss << "slot_secret:\t" << slot_secret << std::endl;
+ ss << "slot_config:\t" << slot_config << std::endl;
+ ss << "slot_token_id:\t" << slot_token_id << std::endl;
+ ss << "slot_counter:\t" << slot_counter << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class WriteToTOTPSlot : Command<CommandID::WRITE_TO_SLOT> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint8_t slot_name[15];
+ uint8_t slot_secret[20];
+ uint8_t slot_config;
+ uint8_t slot_token_id[13];
+ uint16_t slot_interval;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class GetCode : Command<CommandID::GET_CODE> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint64_t challenge;
+ uint64_t last_totp_time;
+ uint8_t last_interval;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t code[18];
+
+ bool isValid() const { return true; }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class GetHOTP : Command<CommandID::GET_CODE> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return (slot_number & 0xF0); }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "slot_number:\t" << (int)(slot_number) << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ struct ResponsePayload {
+ union {
+ uint8_t whole_response[18]; //TODO remove if not needed
+ struct {
+ uint32_t code;
+ uint8_t config;
+ } __packed;
+ } __packed;
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "code:\t" << (code) << std::endl;
+ ss << "config:\t" << "TODO" /*(config) */<< std::endl; //TODO show byte field options
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct ResponsePayload>
+ CommandTransaction;
+};
+
+class ReadSlot : Command<CommandID::READ_SLOT> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "slot_number:\t" << (int)(slot_number) << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t slot_name[15];
+ uint8_t config;
+ uint8_t token_id[13];
+ uint64_t counter;
+
+ bool isValid() const { return true; }
+
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "slot_name:\t" << slot_name << std::endl;
+ ss << "config:\t" << config << std::endl;
+ ss << "token_id:\t" << token_id << std::endl;
+ ss << "counter:\t" << counter << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class GetStatus : Command<CommandID::GET_STATUS> {
+ public:
+ struct ResponsePayload {
+ uint16_t firmware_version;
+ uint8_t card_serial[4];
+ uint8_t general_config[3];
+ uint8_t otp_password_config[2];
+
+ bool isValid() const { return true; }
+
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "firmware_version:\t" << firmware_version << std::endl;
+ ss << "card_serial:\t"
+ << ::nitrokey::misc::hexdump((const char *)(card_serial),
+ sizeof card_serial);
+ ss << "general_config:\t"
+ << ::nitrokey::misc::hexdump((const char *)(general_config),
+ sizeof general_config);
+ ss << "otp_password_config:\t"
+ << ::nitrokey::misc::hexdump((const char *)(otp_password_config),
+ sizeof otp_password_config);
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct EmptyPayload, struct ResponsePayload>
+ CommandTransaction;
+};
+
+class GetPasswordRetryCount : Command<CommandID::GET_PASSWORD_RETRY_COUNT> {
+ public:
+ struct ResponsePayload {
+ uint8_t password_retry_count;
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " password_retry_count\t" << password_retry_count << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct EmptyPayload, struct ResponsePayload>
+ CommandTransaction;
+};
+
+class GetUserPasswordRetryCount
+ : Command<CommandID::GET_USER_PASSWORD_RETRY_COUNT> {
+ public:
+ struct ResponsePayload {
+ uint8_t password_retry_count;
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " password_retry_count\t" << password_retry_count << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct EmptyPayload, struct ResponsePayload>
+ CommandTransaction;
+};
+
+class GetPasswordSafeSlotStatus : Command<CommandID::GET_PW_SAFE_SLOT_STATUS> {
+ public:
+ struct ResponsePayload {
+ uint8_t password_safe_status[PWS_SLOT_COUNT];
+
+ bool isValid() const { return true; }
+ } __packed;
+
+ typedef Transaction<command_id(), struct EmptyPayload, struct ResponsePayload>
+ CommandTransaction;
+};
+
+class GetPasswordSafeSlotName : Command<CommandID::GET_PW_SAFE_SLOT_NAME> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "slot_number\t" << slot_number << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t slot_name[PWS_SLOTNAME_LENGTH];
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " slot_name\t" << slot_name << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class GetPasswordSafeSlotPassword
+ : Command<CommandID::GET_PW_SAFE_SLOT_PASSWORD> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " slot_number\t" << slot_number << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t slot_password[PWS_PASSWORD_LENGTH];
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " slot_password\t" << slot_password << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class GetPasswordSafeSlotLogin
+ : Command<CommandID::GET_PW_SAFE_SLOT_LOGINNAME> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " slot_number\t" << slot_number << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ struct ResponsePayload {
+ uint8_t slot_login[PWS_LOGINNAME_LENGTH];
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " slot_login\t" << slot_login << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload,
+ struct ResponsePayload> CommandTransaction;
+};
+
+class SetPasswordSafeSlotData : Command<CommandID::SET_PW_SAFE_SLOT_DATA_1> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint8_t slot_name[PWS_SLOTNAME_LENGTH];
+ uint8_t slot_password[PWS_PASSWORD_LENGTH];
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class SetPasswordSafeSlotData2 : Command<CommandID::SET_PW_SAFE_SLOT_DATA_2> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint8_t slot_name[PWS_SLOTNAME_LENGTH];
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class ErasePasswordSafeSlot : Command<CommandID::PW_SAFE_ERASE_SLOT> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class EnablePasswordSafe : Command<CommandID::PW_SAFE_ENABLE> {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+
+ bool isValid() const { return true; }
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " password\t" << password << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class PasswordSafeInitKey : Command<CommandID::PW_SAFE_INIT_KEY> {
+ public:
+ typedef Transaction<command_id(), struct EmptyPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+// TODO naming screwed up, see above
+class PasswordSafeSendSlotViaHID : Command<CommandID::PW_SAFE_SEND_DATA> {
+ public:
+ struct CommandPayload {
+ uint8_t slot_number;
+ uint8_t slot_kind;
+
+ bool isValid() const { return !(slot_number & 0xF0); }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+// TODO "Device::passwordSafeSendSlotDataViaHID"
+
+class WriteGeneralConfig : Command<CommandID::WRITE_CONFIG> {
+ public:
+ struct CommandPayload {
+ uint8_t config[5];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class FirstAuthenticate : Command<CommandID::FIRST_AUTHENTICATE> {
+ public:
+ struct CommandPayload {
+ uint8_t card_password[25];
+ uint8_t temporary_password[25];
+
+ bool isValid() const { return true; }
+
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << "card_password:\t" << card_password << std::endl;
+ ss << "temporary_password:\t" << temporary_password << std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class UserAuthenticate : Command<CommandID::USER_AUTHENTICATE> {
+ public:
+ struct CommandPayload {
+ uint8_t card_password[25];
+ uint8_t temporary_password[25];
+
+ bool isValid() const { return true; }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class Authorize : Command<CommandID::AUTHORIZE> {
+ public:
+ struct CommandPayload {
+ uint32_t crc_to_authorize;
+ uint8_t temporary_password[25];
+
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " crc_to_authorize:\t" << crc_to_authorize<< std::endl;
+ ss << " temporary_password:\t" << temporary_password<< std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class UserAuthorize : Command<CommandID::USER_AUTHORIZE> {
+ public:
+ struct CommandPayload {
+ uint8_t crc_to_authorize[4];
+ uint8_t temporary_password[25];
+ std::string dissect() const {
+ std::stringstream ss;
+ ss << " crc_to_authorize:\t" << crc_to_authorize<< std::endl;
+ ss << " temporary_password:\t" << temporary_password<< std::endl;
+ return ss.str();
+ }
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class UnlockUserPassword : Command<CommandID::UNLOCK_USER_PASSWORD> {
+ public:
+ struct CommandPayload {
+ uint8_t admin_password[20]; // TODO
+ } __packed;
+
+ // TODO could we get the stick to return the retry count?
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class ChangeUserPin : Command<CommandID::CHANGE_USER_PIN> {
+ public:
+ struct CommandPayload {
+ uint8_t old_pin[25];
+ uint8_t new_pin[25];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+// TODO why is it needed?
+class IsAESSupported : Command<CommandID::DETECT_SC_AES> {
+ public:
+ struct CommandPayload {
+ uint8_t password[20];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class ChangeAdminPin : Command<CommandID::CHANGE_ADMIN_PIN> {
+ public:
+ struct CommandPayload {
+ uint8_t old_pin[25];
+ uint8_t new_pin[25];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class LockDevice : Command<CommandID::LOCK_DEVICE> {
+ public:
+ typedef Transaction<command_id(), struct EmptyPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class FactoryReset : Command<CommandID::FACTORY_RESET> {
+ public:
+ struct CommandPayload {
+ uint8_t password[20];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+
+class BuildAESKey : Command<CommandID::NEW_AES_KEY> {
+ public:
+ struct CommandPayload {
+ uint8_t password[20];
+ } __packed;
+
+ typedef Transaction<command_id(), struct CommandPayload, struct EmptyPayload>
+ CommandTransaction;
+};
+}
+}
+}
+#endif
diff --git a/include/stick20_commands.h b/include/stick20_commands.h
new file mode 100644
index 0000000..b84d436
--- /dev/null
+++ b/include/stick20_commands.h
@@ -0,0 +1,233 @@
+#ifndef STICK20_COMMANDS_H
+#define STICK20_COMMANDS_H
+#include "inttypes.h"
+
+namespace nitrokey {
+namespace proto {
+
+/*
+* STICK20 protocol command ids
+* a superset of STICK10
+*/
+namespace stick20 {
+class EnableEncryptedPartition : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30]; // TODO check w/ firmware
+ };
+
+ typedef Transaction<CommandID::ENABLE_CRYPTED_PARI, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class DisableEncryptedPartition : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::DISABLE_CRYPTED_PARI, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class EnableHiddenEncryptedPartition : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30]; // TODO check w/ firmware
+ };
+
+ typedef Transaction<CommandID::ENABLE_HIDDEN_CRYPTED_PARI,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class DisableHiddenEncryptedPartition : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::DISABLE_CRYPTED_PARI, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class EnableFirmwareUpdate : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30]; // TODO check w/ firmware
+ };
+
+ typedef Transaction<CommandID::ENABLE_FIRMWARE_UPDATE, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class UpdatePassword : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t old_password[15];
+ uint8_t new_password[15];
+ };
+
+ typedef Transaction<CommandID::CHANGE_UPDATE_PIN, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class ExportFirmware : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::EXPORT_FIRMWARE_TO_FILE, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class CreateNewKeys : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::GENERATE_NEW_KEYS, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class FillSDCardWithRandomChars : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t volume_flag;
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::FILL_SD_CARD_WITH_RANDOM_CHARS,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SetupHiddenVolume : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::SEND_HIDDEN_VOLUME_SETUP, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendPasswordMatrix : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::SEND_PASSWORD_MATRIX, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendPasswordMatrixPinData : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t pin_data[30]; // TODO how long actually can it be?
+ };
+
+ typedef Transaction<CommandID::SEND_PASSWORD_MATRIX_PINDATA,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendPasswordMatrixSetup : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t setup_data[30]; // TODO how long actually can it be?
+ };
+
+ typedef Transaction<CommandID::SEND_PASSWORD_MATRIX_SETUP,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class GetDeviceStatus : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::GET_DEVICE_STATUS, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendPassword : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::SEND_PASSWORD, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendNewPassword : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::SEND_NEW_PASSWORD, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+// TODO fix original nomenclature
+class SendSetReadonlyToUncryptedVolume : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::ENABLE_READWRITE_UNCRYPTED_LUN,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendSetReadwriteToUncryptedVolume : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::ENABLE_READWRITE_UNCRYPTED_LUN,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendClearNewSdCardFound : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::CLEAR_NEW_SD_CARD_FOUND, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendStartup : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint64_t localtime; // POSIX
+ };
+
+ typedef Transaction<CommandID::SEND_STARTUP, struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class SendHiddenVolumeSetup : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ // TODO HiddenVolumeSetup_tst type
+ };
+
+ typedef Transaction<CommandID::SEND_HIDDEN_VOLUME_SETUP,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class LockFirmware : semantics::non_constructible {
+ public:
+ struct CommandPayload {
+ uint8_t password[30];
+ };
+
+ typedef Transaction<CommandID::SEND_LOCK_STICK_HARDWARE,
+ struct CommandPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+
+class ProductionTest : semantics::non_constructible {
+ public:
+ typedef Transaction<CommandID::PRODUCTION_TEST, struct EmptyPayload,
+ struct EmptyPayload> CommandTransaction;
+};
+}
+}
+}
+
+#endif
diff --git a/log.cc b/log.cc
new file mode 100644
index 0000000..5889a1e
--- /dev/null
+++ b/log.cc
@@ -0,0 +1,42 @@
+#include <iostream>
+#include <string>
+#include <ctime>
+#include <iomanip>
+#include "log.h"
+
+namespace nitrokey {
+namespace log {
+
+Log *Log::mp_instance = NULL;
+StdlogHandler stdlog_handler;
+
+std::string LogHandler::loglevel_to_str(Loglevel lvl) {
+ switch (lvl) {
+ case Loglevel::DEBUG_L2:
+ return std::string("DEBUG_L2");
+ case Loglevel::DEBUG:
+ return std::string("DEBUG");
+ case Loglevel::INFO:
+ return std::string("INFO");
+ case Loglevel::WARNING:
+ return std::string("WARNING");
+ case Loglevel::ERROR:
+ return std::string("ERROR");
+ }
+ return std::string("");
+}
+
+void Log::operator()(const std::string &logstr, Loglevel lvl) {
+ if (mp_loghandler != NULL)
+ if ((int)(lvl) >= (int)(m_loglevel)) mp_loghandler->print(logstr, lvl);
+}
+
+void StdlogHandler::print(const std::string &str, Loglevel lvl) {
+ std::time_t t = std::time(nullptr);
+ std::tm tm = *std::localtime(&t);
+
+ std::clog << "[" << loglevel_to_str(lvl) << "] ["
+ << std::put_time(&tm, "%c %Z") << "]\t" << str << std::endl;
+}
+}
+}
diff --git a/misc.cc b/misc.cc
new file mode 100644
index 0000000..0f1be45
--- /dev/null
+++ b/misc.cc
@@ -0,0 +1,49 @@
+#include <sstream>
+#include <string>
+#include "misc.h"
+#include "inttypes.h"
+
+namespace nitrokey {
+namespace misc {
+
+std::string hexdump(const char *p, size_t size) {
+ std::stringstream out;
+ char formatbuf[128];
+ const char *pstart = p;
+
+ for (const char *pend = p + size; p < pend;) {
+ snprintf(formatbuf, 128, "%04x\t", p - pstart);
+ out << formatbuf;
+
+ for (const char *le = p + 16; p < le && p < pend; p++) {
+ snprintf(formatbuf, 128, "%02x ", uint8_t(*p));
+ out << formatbuf;
+ }
+ out << std::endl;
+ }
+ return out.str();
+}
+
+static uint32_t _crc32(uint32_t crc, uint32_t data) {
+ int i;
+ crc = crc ^ data;
+
+ for (i = 0; i < 32; i++) {
+ if (crc & 0x80000000)
+ crc = (crc << 1) ^ 0x04C11DB7; // polynomial used in STM32
+ else
+ crc = (crc << 1);
+ }
+
+ return crc;
+}
+
+uint32_t stm_crc32(const uint8_t *data, size_t size) {
+ uint32_t crc = 0xffffffff;
+ const uint32_t *pend = (const uint32_t *)(data + size);
+ for (const uint32_t *p = (const uint32_t *)(data); p < pend; p++)
+ crc = _crc32(crc, *p);
+ return crc;
+}
+}
+}
diff --git a/test.cc b/test.cc
deleted file mode 100644
index 5c59c60..0000000
--- a/test.cc
+++ /dev/null
@@ -1,35 +0,0 @@
-#include <iostream>
-#include <string.h>
-#include "device_proto.h"
-#include "device.h"
-
-using namespace std;
-
-using namespace device;
-using namespace proto;
-using namespace proto::stick10::command;
-
-int main() {
- Stick20 stick;
- cout << stick.connect() << endl;
-
- {
- auto resp = GetStatus::CommandTransaction::run(stick);
- cout << resp.firmware_version << endl;
- }
-
- {
- FirstAuthenticate::CommandTransaction::CommandPayload authreq;
- strcpy((char *)(authreq.card_password), "12345678");
- FirstAuthenticate::CommandTransaction::run(stick, authreq);
- }
-
- {
- for (int i=0; i<32; i++) {
- GetSlotName::CommandTransaction::CommandPayload slotname_req;
- slotname_req.slot_number=i;
- auto slot_resp = GetSlotName::CommandTransaction::run(stick);
- cout << slot_resp.slot_name << endl;
- }
- }
-}
diff --git a/unittest/Catch b/unittest/Catch
new file mode 160000
+Subproject ae5ee2cf63d6d67bd1369b512d2a7b60b571c90
diff --git a/unittest/Makefile b/unittest/Makefile
new file mode 100644
index 0000000..aa9d53a
--- /dev/null
+++ b/unittest/Makefile
@@ -0,0 +1,33 @@
+CC = $(PREFIX)-gcc
+#CXX = $(PREFIX)-g++
+CXX = clang++-3.6
+LD = $(CXX)
+
+INCLUDE = -I../include -ICatch/single_include/
+LIB = -L../build
+LDLIBS = -lnitrokey
+BUILD = build
+
+CXXFLAGS = -std=c++14 -fPIC
+
+CXXSOURCES = $(wildcard *.cc)
+TARGETS = $(CXXSOURCES:%.cc=$(BUILD)/%)
+DEPENDS = $(CXXSOURCES:%.cc=$(BUILD)/%.d)
+
+$(BUILD)/%.d: %.cc
+ $(CXX) -M $< -o $@ $(INCLUDE) $(CXXFLAGS)
+
+$(BUILD)/%: %.cc $(DEPENDS)
+ $(CXX) $< -o $@ $(INCLUDE) $(LIB) $(CXXFLAGS) $(LDLIBS)
+
+all: $(TARGETS)
+
+clean:
+ rm -f $(TARGETS)
+
+mrproper: clean
+ rm -f $(BUILD)/*.d
+
+.PHONY: all clean mrproper
+
+include $(wildcard build/*.d)
diff --git a/unittest/build/libnitrokey.so b/unittest/build/libnitrokey.so
new file mode 120000
index 0000000..69a5e22
--- /dev/null
+++ b/unittest/build/libnitrokey.so
@@ -0,0 +1 @@
+../../build/libnitrokey.so \ No newline at end of file
diff --git a/unittest/test.cc b/unittest/test.cc
new file mode 100644
index 0000000..02f742c
--- /dev/null
+++ b/unittest/test.cc
@@ -0,0 +1,80 @@
+#define CATCH_CONFIG_MAIN // This tells Catch to provide a main()
+#include "catch.hpp"
+
+#include <iostream>
+#include <string.h>
+#include "device_proto.h"
+#include "log.h"
+#include "stick10_commands.h"
+
+using namespace std;
+using namespace nitrokey::device;
+using namespace nitrokey::proto::stick10;
+using namespace nitrokey::log;
+
+std::string getSlotName(Stick10 &stick, int slotNo) {
+ ReadSlot::CommandTransaction::CommandPayload slot_req;
+ slot_req.slot_number = slotNo;
+ auto slot = ReadSlot::CommandTransaction::run(stick, slot_req);
+ std::string sName(reinterpret_cast<char *>(slot.slot_name));
+ return sName;
+}
+
+TEST_CASE("Slot names are correct", "[slotNames]") {
+ Stick10 stick;
+ bool connected = stick.connect();
+ REQUIRE(connected == true);
+
+ Log::instance().set_loglevel(Loglevel::DEBUG);
+
+ auto resp = GetStatus::CommandTransaction::run(stick);
+
+ FirstAuthenticate::CommandTransaction::CommandPayload authreq;
+ strcpy((char *)(authreq.card_password), "12345678");
+ FirstAuthenticate::CommandTransaction::run(stick, authreq);
+
+ {
+ EnablePasswordSafe::CommandTransaction::CommandPayload authreq;
+ strcpy((char *)(authreq.password), "123456");
+ EnablePasswordSafe::CommandTransaction::run(stick, authreq);
+ }
+
+ REQUIRE(getSlotName(stick, 0x20) == std::string("1"));
+ REQUIRE(getSlotName(stick, 0x21) == std::string("slot2"));
+
+ {
+ auto resp = GetPasswordRetryCount::CommandTransaction::run(stick);
+ REQUIRE(resp.password_retry_count == 3);
+ }
+ {
+ auto resp = GetUserPasswordRetryCount::CommandTransaction::run(stick);
+ REQUIRE(resp.password_retry_count == 3);
+ }
+
+ {
+ GetPasswordSafeSlotName::CommandTransaction::CommandPayload slot;
+ slot.slot_number = 0;
+ auto resp2 = GetPasswordSafeSlotName::CommandTransaction::run(stick, slot);
+ std::string sName(reinterpret_cast<char *>(resp2.slot_name));
+ REQUIRE(sName == std::string("web1"));
+ }
+
+ {
+ GetPasswordSafeSlotPassword::CommandTransaction::CommandPayload slot;
+ slot.slot_number = 0;
+ auto resp2 =
+ GetPasswordSafeSlotPassword::CommandTransaction::run(stick, slot);
+ std::string sName(reinterpret_cast<char *>(resp2.slot_password));
+ REQUIRE(sName == std::string("pass1"));
+ }
+
+ {
+ GetPasswordSafeSlotLogin::CommandTransaction::CommandPayload slot;
+ slot.slot_number = 0;
+ auto resp2 = GetPasswordSafeSlotLogin::CommandTransaction::run(stick, slot);
+ std::string sName(reinterpret_cast<char *>(resp2.slot_login));
+ REQUIRE(sName == std::string("login1"));
+ }
+
+ stick.disconnect();
+}
diff --git a/unittest/test_HOTP.cc b/unittest/test_HOTP.cc
new file mode 100644
index 0000000..b263693
--- /dev/null
+++ b/unittest/test_HOTP.cc
@@ -0,0 +1,101 @@
+#define CATCH_CONFIG_MAIN // This tells Catch to provide a main()
+#include "catch.hpp"
+
+#include <iostream>
+//#include <string.h>
+#include "device_proto.h"
+#include "log.h"
+#include "stick10_commands.h"
+#include <cstdlib>
+
+using namespace std;
+using namespace nitrokey::device;
+using namespace nitrokey::proto::stick10;
+using namespace nitrokey::log;
+
+void hexStringToByte(uint8_t data[], const char* hexString){
+ assert(strlen(hexString)%2==0);
+ char buf[2];
+ for(int i=0; i<strlen(hexString); i++){
+ buf[i%2] = hexString[i];
+ if (i%2==1){
+ data[i/2] = strtoul(buf, NULL, 16) & 0xFF;
+ }
+ }
+};
+
+TEST_CASE("test secret", "[functions]") {
+ uint8_t slot_secret[21];
+ slot_secret[20] = 0;
+ const char* secretHex = "3132333435363738393031323334353637383930";
+ hexStringToByte(slot_secret, secretHex);
+ CAPTURE(slot_secret);
+ REQUIRE(strcmp("12345678901234567890",reinterpret_cast<char *>(slot_secret) ) == 0 );
+}
+
+TEST_CASE("Test HOTP codes according to RFC", "[HOTP]") {
+ Stick10 stick;
+ bool connected = stick.connect();
+
+ REQUIRE(connected == true);
+
+ Log::instance().set_loglevel(Loglevel::DEBUG);
+
+ auto resp = GetStatus::CommandTransaction::run(stick);
+
+ const char * temporary_password = "123456789012345678901234";
+ {
+ FirstAuthenticate::CommandTransaction::CommandPayload authreq;
+ strcpy((char *)(authreq.card_password), "12345678");
+ strcpy((char *)(authreq.temporary_password), temporary_password);
+ FirstAuthenticate::CommandTransaction::run(stick, authreq);
+ }
+
+ //test according to https://tools.ietf.org/html/rfc4226#page-32
+ {
+ WriteToHOTPSlot::CommandTransaction::CommandPayload hwrite;
+ hwrite.slot_number = 0x10;
+ strcpy(reinterpret_cast<char *>(hwrite.slot_name), "rfc4226_lib");
+ //strcpy(reinterpret_cast<char *>(hwrite.slot_secret), "");
+ const char* secretHex = "3132333435363738393031323334353637383930";
+ hexStringToByte(hwrite.slot_secret, secretHex);
+ //hwrite.slot_config; //TODO check various configs in separate test cases
+ //strcpy(reinterpret_cast<char *>(hwrite.slot_token_id), "");
+ //strcpy(reinterpret_cast<char *>(hwrite.slot_counter), "");
+
+ //authorize writehotp first
+ {
+ Authorize::CommandTransaction::CommandPayload auth;
+ strcpy((char *)(auth.temporary_password), temporary_password);
+ auth.crc_to_authorize = WriteToHOTPSlot::CommandTransaction::getCRC(hwrite);
+ Authorize::CommandTransaction::run(stick, auth);
+ }
+
+ //run hotp command
+ WriteToHOTPSlot::CommandTransaction::run(stick, hwrite);
+
+ uint32_t codes[] = {
+ 755224, 287082, 359152, 969429, 338314,
+ 254676, 287922, 162583, 399871, 520489
+ };
+
+ for( auto code: codes){
+ GetHOTP::CommandTransaction::CommandPayload gh;
+ gh.slot_number = 0x10;
+ auto resp = GetHOTP::CommandTransaction::run(stick, gh);
+ REQUIRE( resp.code == code);
+ }
+ //checking slot programmed before with nitro-app
+ /*
+ for( auto code: codes){
+ GetHOTP::CommandTransaction::CommandPayload gh;
+ gh.slot_number = 0x12;
+ auto resp = GetHOTP::CommandTransaction::run(stick, gh);
+ REQUIRE( resp.code == code);
+ }
+ */
+ }
+
+
+ stick.disconnect();
+}