summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjaseg <git@jaseg.net>2018-11-14 09:39:43 +0900
committerjaseg <git@jaseg.net>2018-11-14 09:39:43 +0900
commit9249e792a1cc7ef6d04fa6a8eba6bd9bbc066915 (patch)
treecc85ad5f592b460f57471a3741d2ddeee6103912
parent370301e06da15aada3772461d9f96d50d87475ca (diff)
downloadsecure-hid-9249e792a1cc7ef6d04fa6a8eba6bd9bbc066915.tar.gz
secure-hid-9249e792a1cc7ef6d04fa6a8eba6bd9bbc066915.tar.bz2
secure-hid-9249e792a1cc7ef6d04fa6a8eba6bd9bbc066915.zip
GUI pairing working as it should
-rwxr-xr-xhexnoise.py23
-rwxr-xr-xpairing.py44
-rw-r--r--src/demo.c16
-rw-r--r--src/noise.c9
-rw-r--r--src/packet_interface.h1
5 files changed, 62 insertions, 31 deletions
diff --git a/hexnoise.py b/hexnoise.py
index cfbe9df..55a2be2 100755
--- a/hexnoise.py
+++ b/hexnoise.py
@@ -28,8 +28,9 @@ class ReportType(enum.Enum):
KEYBOARD = 1
MOUSE = 2
PAIRING_INPUT = 3
- PAIRING_SUCESS = 4
+ PAIRING_SUCCESS = 4
PAIRING_ERROR = 5
+ PAIRING_START = 6
class ProtocolError(Exception):
pass
@@ -205,6 +206,8 @@ class NoiseEngine:
self.proto.set_as_initiator()
self.proto.set_keypair_from_private_bytes(Keypair.STATIC, self.static_local)
self.proto.start_handshake()
+ self.paired = False
+ self.connected = False
self.packetizer.send_packet(PacketType.INITIATE_HANDSHAKE, b'')
self.debug_print('Handshake started')
@@ -226,6 +229,17 @@ class NoiseEngine:
self.proto.read_message(payload)
else:
raise ProtocolError(f'Incorrect packet type {pkt_type}. Ignoring since this is only test code.')
+
+ msg_type, payload = self.packetizer.receive_packet()
+ rtype, data = self._decrypt(payload)
+ if rtype is ReportType.PAIRING_SUCCESS:
+ self.connected, self.paired = True, True
+ elif rtype is ReportType.PAIRING_START:
+ self.connected, self.paired = True, False
+ else:
+ self.connected, self.paired = True, False
+ raise UserWarning(f'Unexpected record type {rtype} in {msg_type} packet. Ignoring.')
+
if self.debug:
print('Handshake finished, handshake hash:')
hexdump(print, self.proto.get_handshake_hash())
@@ -282,7 +296,7 @@ class NoiseEngine:
def pairing_messages(self):
user_input = ''
for msg_type, payload in self.receive_loop():
- if msg_type == ReportType.PAIRING_INPUT:
+ if msg_type is ReportType.PAIRING_INPUT:
ch = chr(payload[0])
if ch == '\b':
user_input = user_input[:-1]
@@ -290,10 +304,10 @@ class NoiseEngine:
user_input += ch
yield user_input
- elif msg_type == ReportType.PAIRING_SUCESS:
+ elif msg_type is ReportType.PAIRING_SUCCESS:
break
- elif msg_type == ReportType.PAIRING_ERROR:
+ elif msg_type is ReportType.PAIRING_ERROR:
raise ProtocolError('Device-side pairing error') # FIXME find better exception subclass here
else:
@@ -313,7 +327,6 @@ class NoiseEngine:
keys = { *KeyMapper.map_modifiers(modbyte), *KeyMapper.map_regulars(keycodes) }
if self.debug:
print('Emitting:', keys)
- print('payload:', binascii.hexlify(payload), 'emitting:', keys)
for key in keys - old_kcs:
ui.emit(key, 1, syn=False)
diff --git a/pairing.py b/pairing.py
index 605b002..a1ba939 100755
--- a/pairing.py
+++ b/pairing.py
@@ -49,27 +49,29 @@ class PairingWindow(Gtk.Window):
def run_handshake(self):
self.noise.perform_handshake()
- binding_incantation = self.noise.channel_binding_incantation()
- self.label.set_markup(f'<b>Step 2</b>\n\nPerform channel binding ritual.\n'
- f'Enter the following incantation, then press enter.\n'
- f'<b>{binding_incantation}</b>')
-
- def update_text(text):
- self.entry.set_text(text)
- self.entry.set_position(len(text))
-
- clean = lambda s: re.sub('[^a-z0-9-]', '', s.lower())
- if clean(binding_incantation).startswith(clean(text)):
- color = 0.9, 1.0, 0.9 # light red
- else:
- color = 1.0, 0.9, 0.9 # light green
- self.entry.override_background_color(Gtk.StateType.NORMAL, Gdk.RGBA(*color, 1.0))
-
- for user_input in self.noise.pairing_messages():
- print(f'User input: "{user_input}"')
- GLib.idle_add(update_text, user_input)
-
- self.label.set_markup(f'<b>Done!</b>')
+ if not self.noise.paired:
+ binding_incantation = self.noise.channel_binding_incantation()
+ GLib.idle_add(self.label.set_markup,
+ f'<b>Step 2</b>\n\nPerform channel binding ritual.\n'
+ f'Enter the following incantation, then press enter.\n'
+ f'<b>{binding_incantation}</b>')
+
+ def update_text(text):
+ self.entry.set_text(text)
+ self.entry.set_position(len(text))
+
+ clean = lambda s: re.sub('[^a-z0-9-]', '', s.lower())
+ if clean(binding_incantation).startswith(clean(text)):
+ color = 0.9, 1.0, 0.9 # light red
+ else:
+ color = 1.0, 0.9, 0.9 # light green
+ self.entry.override_background_color(Gtk.StateType.NORMAL, Gdk.RGBA(*color, 1.0))
+
+ for user_input in self.noise.pairing_messages():
+ print(f'User input: "{user_input}"')
+ GLib.idle_add(update_text, user_input)
+
+ GLib.idle_add(self.label.set_markup, f'<b>Done!</b>')
# FIXME demo
self.noise.uinput_passthrough()
diff --git a/src/demo.c b/src/demo.c
index 8f51b54..abe8f19 100644
--- a/src/demo.c
+++ b/src/demo.c
@@ -61,8 +61,8 @@ static uint8_t remote_key_reference[CURVE25519_KEY_LEN];
void _fini(void);
-static inline void delay_ms_busy_loop(uint32_t ms) {
- for (volatile uint32_t i = 0; i < 14903*ms; i++);
+static inline void delay(uint32_t n) {
+ for (volatile uint32_t i = 0; i < 1490*n; i++);
}
@@ -414,10 +414,16 @@ int main(void)
if (generate_identity_key(&noise_state))
LOG_PRINTF("Error generating identiy key\n");
+ int poll_ctr = 0;
while (23) {
- TRACING_SET(TR_USBH_POLL);
- usbh_poll(tim6_get_time_us());
- TRACING_CLEAR(TR_USBH_POLL);
+ delay(1);
+
+ if (++poll_ctr == 10) {
+ poll_ctr = 0;
+ TRACING_SET(TR_USBH_POLL);
+ usbh_poll(tim6_get_time_us());
+ TRACING_CLEAR(TR_USBH_POLL);
+ }
TRACING_SET(TR_HOST_PKT_HANDLER);
if (host_packet_length > 0) {
diff --git a/src/noise.c b/src/noise.c
index 9f898dd..a30d338 100644
--- a/src/noise.c
+++ b/src/noise.c
@@ -147,9 +147,18 @@ int try_continue_noise_handshake(struct NoiseState *st, uint8_t *buf, size_t len
HANDLE_NOISE_ERROR(noise_dhstate_get_public_key(remote_dh, st->remote_key, sizeof(st->remote_key)), "getting remote pubkey");
if (!memcmp(st->remote_key, st->remote_key_reference, sizeof(st->remote_key))) { /* keys match */
+ uint8_t response = REPORT_PAIRING_SUCCESS;
+ if (send_encrypted_message(st, &response, sizeof(response)))
+ LOG_PRINTF("Error sending pairing response packet\n");
+
uninit_handshake(st, HANDSHAKE_DONE_KNOWN_HOST);
st->failed_handshakes = 0;
+
} else { /* keys don't match */
+ uint8_t response = REPORT_PAIRING_START;
+ if (send_encrypted_message(st, &response, sizeof(response)))
+ LOG_PRINTF("Error sending pairing response packet\n");
+
uninit_handshake(st, HANDSHAKE_DONE_UNKNOWN_HOST);
st->failed_handshakes++;
}
diff --git a/src/packet_interface.h b/src/packet_interface.h
index 0502325..4d1be07 100644
--- a/src/packet_interface.h
+++ b/src/packet_interface.h
@@ -23,6 +23,7 @@ enum packet_types {
REPORT_PAIRING_INPUT = 3,
REPORT_PAIRING_SUCCESS = 4,
REPORT_PAIRING_ERROR = 5,
+ REPORT_PAIRING_START = 6,
};
struct hid_report_packet {