From c6ba90ba1ca606b63373caaba16cb4fcc65d00f9 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Mon, 9 Jan 2017 18:30:29 +0100 Subject: Remove unused inttypes Signed-off-by: Szczepan Zalega --- include/CommandFailedException.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/CommandFailedException.h') diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 9b0c59e..8bcdcae 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -7,7 +7,7 @@ #include #include -#include +#include "log.h" class CommandFailedException : public std::exception { public: -- cgit v1.2.3 From c551b27792774b87a1be7fd0dcfd9e209eaef5ec Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Sat, 14 Jan 2017 13:37:29 +0100 Subject: Method to get commands failure cause Signed-off-by: Szczepan Zalega --- include/CommandFailedException.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'include/CommandFailedException.h') diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 8bcdcae..3753ad4 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -11,8 +11,8 @@ class CommandFailedException : public std::exception { public: - uint8_t last_command_code; - uint8_t last_command_status; + const uint8_t last_command_code; + const uint8_t last_command_status; CommandFailedException(uint8_t last_command_code, uint8_t last_command_status) : last_command_code(last_command_code), @@ -24,6 +24,10 @@ public: return "Command execution has failed on device"; } + bool reason_slot_not_programmed() const throw(){ + return last_command_status == 3; //FIXME use enum status codes + } + }; -- cgit v1.2.3 From 56bd3e2c4353cfc1b902c6dfb55df0ef563c5372 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 17 Jan 2017 15:35:44 +0100 Subject: Check command's fail reason within exception Signed-off-by: Szczepan Zalega --- include/CommandFailedException.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'include/CommandFailedException.h') diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 3753ad4..190eabc 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -8,6 +8,9 @@ #include #include #include "log.h" +#include "command_id.h" + +using cs = nitrokey::proto::stick10::command_status; class CommandFailedException : public std::exception { public: @@ -25,7 +28,11 @@ public: } bool reason_slot_not_programmed() const throw(){ - return last_command_status == 3; //FIXME use enum status codes + return last_command_status == static_cast(cs::slot_not_programmed); + } + + bool reason_wrong_password() const throw(){ + return last_command_status == static_cast(cs::wrong_password); } }; -- cgit v1.2.3 From 03f444905d3a7af3091c2401280e83146f08443a Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 31 Jan 2017 18:17:23 +0100 Subject: Add more shortcuts for checking devices error code Signed-off-by: Szczepan Zalega --- include/CommandFailedException.h | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'include/CommandFailedException.h') diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 190eabc..6ff9a2d 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -14,11 +14,11 @@ using cs = nitrokey::proto::stick10::command_status; class CommandFailedException : public std::exception { public: - const uint8_t last_command_code; + const uint8_t last_command_id; const uint8_t last_command_status; - CommandFailedException(uint8_t last_command_code, uint8_t last_command_status) : - last_command_code(last_command_code), + CommandFailedException(uint8_t last_command_id, uint8_t last_command_status) : + last_command_id(last_command_id), last_command_status(last_command_status){ nitrokey::log::Log::instance()(std::string("CommandFailedException, status: ")+ std::to_string(last_command_status), nitrokey::log::Loglevel::DEBUG); } @@ -27,6 +27,19 @@ public: return "Command execution has failed on device"; } + + bool reason_timestamp_warning() const throw(){ + return last_command_status == static_cast(cs::timestamp_warning); + } + + bool reason_AES_not_initialized() const throw(){ + return last_command_status == static_cast(cs::AES_dec_failed); + } + + bool reason_not_authorized() const throw(){ + return last_command_status == static_cast(cs::not_authorized); + } + bool reason_slot_not_programmed() const throw(){ return last_command_status == static_cast(cs::slot_not_programmed); } -- cgit v1.2.3 From 29fc4839b7aaf76c3587cf0d268546fd1d1390c4 Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Tue, 21 Feb 2017 14:56:07 +0100 Subject: Build debug-log-free library for increased security Signed-off-by: Szczepan Zalega --- CMakeLists.txt | 6 +++++ NitrokeyManager.cc | 6 ++--- device.cc | 38 +++++++++++++++--------------- include/CommandFailedException.h | 2 +- include/LibraryException.h | 2 +- include/LongOperationInProgressException.h | 2 +- include/device_proto.h | 34 +++++++++++++------------- include/log.h | 7 ++++++ include/misc.h | 2 +- 9 files changed, 56 insertions(+), 43 deletions(-) (limited to 'include/CommandFailedException.h') diff --git a/CMakeLists.txt b/CMakeLists.txt index 89ab66d..0ed907b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -71,13 +71,19 @@ ENDIF() IF (NOT LIBNITROKEY_STATIC) add_library(nitrokey SHARED ${SOURCE_FILES}) + add_library(nitrokey-log SHARED ${SOURCE_FILES}) install (TARGETS nitrokey DESTINATION "lib") SET(LIBNAME nitrokey) ELSE() add_library(nitrokey-static STATIC ${SOURCE_FILES}) + add_library(nitrokey-static-log STATIC ${SOURCE_FILES}) SET(LIBNAME nitrokey-static) ENDIF() target_link_libraries(${LIBNAME} hidapi-libusb) +target_link_libraries(${LIBNAME}-log hidapi-libusb) + +SET_TARGET_PROPERTIES(${LIBNAME} PROPERTIES COMPILE_DEFINITIONS "NO_LOG") + file(GLOB LIB_INCLUDES "include/libnitrokey/*.h") install (FILES ${LIB_INCLUDES} DESTINATION "include") diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 62687b3..1e5c14e 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -22,7 +22,7 @@ namespace nitrokey{ // throw EmptySourceStringException(slot_number); return; const size_t s_dest = sizeof dest; - nitrokey::log::Log::instance()(std::string("strcpyT sizes dest src ") + LOG(std::string("strcpyT sizes dest src ") +std::to_string(s_dest)+ " " +std::to_string(strlen(src))+ " " ,nitrokey::log::Loglevel::DEBUG_L2); @@ -45,7 +45,7 @@ namespace nitrokey{ template void NitrokeyManager::authorize_packet(T &package, const char *admin_temporary_password, shared_ptr device){ if (!is_authorization_command_supported()){ - Log::instance()("Authorization command not supported, skipping", Loglevel::WARNING); + LOG("Authorization command not supported, skipping", Loglevel::WARNING); } auto auth = get_payload(); strcpyT(auth.temporary_password, admin_temporary_password); @@ -311,7 +311,7 @@ namespace nitrokey{ break; } default: - Log::instance()(string(__FILE__) + to_string(__LINE__) + + LOG(string(__FILE__) + to_string(__LINE__) + string(__FUNCTION__) + string(" Unhandled device model for HOTP") , Loglevel::DEBUG); break; diff --git a/device.cc b/device.cc index fcc3ba7..7201087 100644 --- a/device.cc +++ b/device.cc @@ -31,12 +31,12 @@ Device::Device(const uint16_t vid, const uint16_t pid, const DeviceModel model, bool Device::disconnect() { //called in object's destructor - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(m_model==DeviceModel::PRO?"PRO":"STORAGE"), Loglevel::DEBUG_L2); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(m_model==DeviceModel::PRO?"PRO":"STORAGE"), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); - Log::instance()(std::string("Disconnection success: ") + std::to_string(mp_devhandle == nullptr), Loglevel::DEBUG_L2); + LOG(std::string("Disconnection success: ") + std::to_string(mp_devhandle == nullptr), Loglevel::DEBUG_L2); if(mp_devhandle == nullptr) return false; hid_close(mp_devhandle); @@ -46,24 +46,24 @@ bool Device::disconnect() { return true; } bool Device::connect() { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); // hid_init(); // done automatically on hid_open mp_devhandle = hid_open(m_vid, m_pid, nullptr); const auto success = mp_devhandle != nullptr; - Log::instance()(std::string("Connection success: ") + std::to_string(success), Loglevel::DEBUG_L2); + LOG(std::string("Connection success: ") + std::to_string(success), Loglevel::DEBUG_L2); return success; } int Device::send(const void *packet) { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); if (mp_devhandle == nullptr) { - Log::instance()(std::string("Connection fail") , Loglevel::DEBUG_L2); + LOG(std::string("Connection fail") , Loglevel::DEBUG_L2); throw DeviceNotConnected("Attempted HID send on an invalid descriptor."); } @@ -72,15 +72,15 @@ int Device::send(const void *packet) { } int Device::recv(void *packet) { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); - Log::instance()(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); + LOG(std::string(__FUNCTION__) + std::string(" *IN* "), Loglevel::DEBUG_L2); int status; int retry_count = 0; if (mp_devhandle == nullptr){ - Log::instance()(std::string("Connection fail") , Loglevel::DEBUG_L2); + LOG(std::string("Connection fail") , Loglevel::DEBUG_L2); throw DeviceNotConnected("Attempted HID receive on an invalid descriptor."); } @@ -94,20 +94,20 @@ int Device::recv(void *packet) { auto pwherr = hid_error(mp_devhandle); std::wstring wherr = (pwherr != nullptr) ? pwherr : L"No error message"; std::string herr(wherr.begin(), wherr.end()); - Log::instance()(std::string("libhid error message: ") + herr, + LOG(std::string("libhid error message: ") + herr, Loglevel::DEBUG_L2); if (status > 0) break; // success if (retry_count++ >= m_retry_receiving_count) { - Log::instance()( + LOG( "Maximum retry count reached: " + std::to_string(retry_count), Loglevel::WARNING); - Log::instance()( + LOG( std::string("Counter stats: ") + m_counters.get_as_string(), Loglevel::DEBUG); break; } - Log::instance()("Retrying... " + std::to_string(retry_count), + LOG("Retrying... " + std::to_string(retry_count), Loglevel::DEBUG); std::this_thread::sleep_for(m_retry_timeout); } @@ -116,7 +116,7 @@ int Device::recv(void *packet) { } bool Device::could_be_enumerated() { - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); std::lock_guard lock(mex_dev_com); if (mp_devhandle==nullptr){ return false; @@ -135,7 +135,7 @@ bool Device::could_be_enumerated() { void Device::show_stats() { auto s = m_counters.get_as_string(); - Log::instance()(s, Loglevel::DEBUG_L2); + LOG(s, Loglevel::DEBUG_L2); } Stick10::Stick10(): diff --git a/include/CommandFailedException.h b/include/CommandFailedException.h index 6ff9a2d..417e850 100644 --- a/include/CommandFailedException.h +++ b/include/CommandFailedException.h @@ -20,7 +20,7 @@ public: CommandFailedException(uint8_t last_command_id, uint8_t last_command_status) : last_command_id(last_command_id), last_command_status(last_command_status){ - nitrokey::log::Log::instance()(std::string("CommandFailedException, status: ")+ std::to_string(last_command_status), nitrokey::log::Loglevel::DEBUG); + LOG(std::string("CommandFailedException, status: ")+ std::to_string(last_command_status), nitrokey::log::Loglevel::DEBUG); } virtual const char *what() const throw() { diff --git a/include/LibraryException.h b/include/LibraryException.h index daf0155..b9303ad 100644 --- a/include/LibraryException.h +++ b/include/LibraryException.h @@ -83,7 +83,7 @@ public: TooLongStringException(size_t size_source, size_t size_destination, const std::string &message = "") : size_source( size_source), size_destination(size_destination), message(message) { - nitrokey::log::Log::instance()(std::string("TooLongStringException, size diff: ")+ std::to_string(size_source-size_destination), nitrokey::log::Loglevel::DEBUG); + LOG(std::string("TooLongStringException, size diff: ")+ std::to_string(size_source-size_destination), nitrokey::log::Loglevel::DEBUG); } diff --git a/include/LongOperationInProgressException.h b/include/LongOperationInProgressException.h index 7f182b0..5b441c0 100644 --- a/include/LongOperationInProgressException.h +++ b/include/LongOperationInProgressException.h @@ -15,7 +15,7 @@ public: LongOperationInProgressException( unsigned char _command_id, uint8_t last_command_status, unsigned char _progress_bar_value) : CommandFailedException(_command_id, last_command_status), progress_bar_value(_progress_bar_value){ - nitrokey::log::Log::instance()( + LOG( std::string("LongOperationInProgressException, progress bar status: ")+ std::to_string(progress_bar_value), nitrokey::log::Loglevel::DEBUG); } diff --git a/include/device_proto.h b/include/device_proto.h index 3519123..ea8f136 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -218,7 +218,7 @@ namespace nitrokey { static std::mutex send_receive_mtx; std::lock_guard guard(send_receive_mtx); - Log::instance()(__FUNCTION__, Loglevel::DEBUG_L2); + LOG(__FUNCTION__, Loglevel::DEBUG_L2); if (dev == nullptr){ throw DeviceNotConnected("Device not initialized"); @@ -236,8 +236,8 @@ namespace nitrokey { outp.payload = payload; outp.update_CRC(); - Log::instance()("Outgoing HID packet:", Loglevel::DEBUG); - Log::instance()(static_cast(outp), Loglevel::DEBUG); + LOG("Outgoing HID packet:", Loglevel::DEBUG); + LOG(static_cast(outp), Loglevel::DEBUG); if (!outp.isValid()) throw std::runtime_error("Invalid outgoing packet"); @@ -249,7 +249,7 @@ namespace nitrokey { status = dev->send(&outp); if (status <= 0){ //FIXME early disconnection not yet working properly -// Log::instance()("Encountered communication error, disconnecting device", Loglevel::DEBUG_L2); +// LOG("Encountered communication error, disconnecting device", Loglevel::DEBUG_L2); // dev->disconnect(); dev->m_counters.sending_error++; throw DeviceSendingFailure( @@ -268,7 +268,7 @@ namespace nitrokey { if (dev->get_device_model() == DeviceModel::STORAGE && resp.command_id >= stick20::CMD_START_VALUE && resp.command_id < stick20::CMD_END_VALUE ) { - Log::instance()(std::string("Detected storage device cmd, status: ") + + LOG(std::string("Detected storage device cmd, status: ") + std::to_string(resp.storage_status.device_status), Loglevel::DEBUG_L2); resp.last_command_status = static_cast(stick10::command_status::ok); @@ -286,7 +286,7 @@ namespace nitrokey { resp.device_status = static_cast(stick10::device_status::ok); break; default: - Log::instance()(std::string("Unknown storage device status, cannot translate: ") + + LOG(std::string("Unknown storage device status, cannot translate: ") + std::to_string(resp.storage_status.device_status), Loglevel::DEBUG); resp.device_status = resp.storage_status.device_status; break; @@ -306,11 +306,11 @@ namespace nitrokey { dev->m_counters.busy++; if (busy_counter++<10) { receiving_retry_counter++; - Log::instance()("Status busy, not decreasing receiving_retry_counter counter: " + + LOG("Status busy, not decreasing receiving_retry_counter counter: " + std::to_string(receiving_retry_counter), Loglevel::DEBUG_L2); } else { busy_counter = 0; - Log::instance()("Status busy, decreasing receiving_retry_counter counter: " + + LOG("Status busy, decreasing receiving_retry_counter counter: " + std::to_string(receiving_retry_counter), Loglevel::DEBUG); } } @@ -320,7 +320,7 @@ namespace nitrokey { successful_communication = true; break; } - Log::instance()(std::string("Retry status - dev status, awaited cmd crc, correct packet CRC: ") + LOG(std::string("Retry status - dev status, awaited cmd crc, correct packet CRC: ") + std::to_string(resp.device_status) + " " + std::to_string(CRC_equal_awaited) + " " + std::to_string(resp.isCRCcorrect()), Loglevel::DEBUG_L2); @@ -329,18 +329,18 @@ namespace nitrokey { if (!CRC_equal_awaited) dev->m_counters.CRC_other_than_awaited++; - Log::instance()( + LOG( "Device is not ready or received packet's last CRC is not equal to sent CRC packet, retrying...", Loglevel::DEBUG); - Log::instance()("Invalid incoming HID packet:", Loglevel::DEBUG_L2); - Log::instance()(static_cast(resp), Loglevel::DEBUG_L2); + LOG("Invalid incoming HID packet:", Loglevel::DEBUG_L2); + LOG(static_cast(resp), Loglevel::DEBUG_L2); dev->m_counters.total_retries++; std::this_thread::sleep_for(dev->get_retry_timeout()); continue; } if (successful_communication) break; - Log::instance()(std::string("Resending (outer loop) "), Loglevel::DEBUG_L2); - Log::instance()(std::string("sending_retry_counter count: ") + std::to_string(sending_retry_counter), + LOG(std::string("Resending (outer loop) "), Loglevel::DEBUG_L2); + LOG(std::string("sending_retry_counter count: ") + std::to_string(sending_retry_counter), Loglevel::DEBUG); } @@ -355,9 +355,9 @@ namespace nitrokey { std::to_string(status)); } - Log::instance()("Incoming HID packet:", Loglevel::DEBUG); - Log::instance()(static_cast(resp), Loglevel::DEBUG); - Log::instance()(std::string("receiving_retry_counter count: ") + std::to_string(receiving_retry_counter), + LOG("Incoming HID packet:", Loglevel::DEBUG); + LOG(static_cast(resp), Loglevel::DEBUG); + LOG(std::string("receiving_retry_counter count: ") + std::to_string(receiving_retry_counter), Loglevel::DEBUG); if (resp.device_status == static_cast(stick10::device_status::busy) && diff --git a/include/log.h b/include/log.h index 695884b..a3e8281 100644 --- a/include/log.h +++ b/include/log.h @@ -53,4 +53,11 @@ class Log { } } + +#ifdef NO_LOG +#define LOG(string, level) while(false){} +#else +#define LOG(string, level) nitrokey::log::Log::instance()((string), (level)) +#endif + #endif diff --git a/include/misc.h b/include/misc.h index c39c741..111d772 100644 --- a/include/misc.h +++ b/include/misc.h @@ -28,7 +28,7 @@ namespace misc { // throw EmptySourceStringException(slot_number); return; const size_t s_dest = sizeof dest; - nitrokey::log::Log::instance()(std::string("strcpyT sizes dest src ") + LOG(std::string("strcpyT sizes dest src ") +std::to_string(s_dest)+ " " +std::to_string(strlen(src))+ " " ,nitrokey::log::Loglevel::DEBUG); -- cgit v1.2.3