[Cryptech-Commits] [sw/stm32] 02/03: Try to restrict wheel user to only setting pins.
git at cryptech.is
git at cryptech.is
Mon Jul 11 03:16:16 UTC 2016
This is an automated email from the git hooks/post-receive script.
paul at psgd.org pushed a commit to branch parade_of_half_baked_ideas
in repository sw/stm32.
commit 708103998b7005c51fd78fc5563e46dd93fee283
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Sun Jul 10 22:45:32 2016 -0400
Try to restrict wheel user to only setting pins.
This is a bit of social engineering, because at the moment he can easily
drop out of config mode to get the full command set. It also doesn't
restrict his use of RPC.
---
projects/hsm/mgmt-cli.c | 23 +++++++++++++++--------
projects/hsm/mgmt-cli.h | 6 ++++++
projects/hsm/mgmt-keystore.c | 14 ++++++++++++--
3 files changed, 33 insertions(+), 10 deletions(-)
diff --git a/projects/hsm/mgmt-cli.c b/projects/hsm/mgmt-cli.c
index eeeaef5..514cdd1 100644
--- a/projects/hsm/mgmt-cli.c
+++ b/projects/hsm/mgmt-cli.c
@@ -195,7 +195,7 @@ static int embedded_cli_loop(struct cli_def *cli)
}
if (ctx.l < 0)
- continue;
+ break;
/* cli_print(cli, "Process command: '%s'", ctx.cmd); */
n = cli_loop_process_cmd(cli, &ctx);
@@ -219,6 +219,8 @@ static void mgmt_cli_init(struct cli_def *cli)
hal_user_t user;
+static struct cli_def cli;
+
static int check_auth(const char *username, const char *password)
{
hal_client_handle_t client = { -1 };
@@ -233,25 +235,30 @@ static int check_auth(const char *username, const char *password)
else
user = HAL_USER_NONE;
- if (hal_rpc_login(client, user, password, strlen(password)) == LIBHAL_OK)
- return CLI_OK;
+ if (hal_rpc_login(client, user, password, strlen(password)) != LIBHAL_OK) {
+ user = HAL_USER_NONE;
+ return CLI_ERROR;
+ }
- user = HAL_USER_NONE;
- return CLI_ERROR;
+ /* set mode to 'config', so wheel can only set pins */
+ if (user == HAL_USER_WHEEL)
+ cli_set_configmode(&cli, MODE_CONFIG, NULL);
+
+ return CLI_OK;
}
int cli_main(void)
{
- static struct cli_def cli;
-
uart_sem = osSemaphoreCreate(osSemaphore(uart_sem), 0);
mgmt_cli_init(&cli);
cli_set_auth_callback(&cli, check_auth);
+ cli_unregister_command(&cli, "configure");
+
+ configure_cli_misc(&cli);
configure_cli_show(&cli);
configure_cli_fpga(&cli);
- configure_cli_misc(&cli);
configure_cli_firmware(&cli);
configure_cli_bootloader(&cli);
configure_cli_keystore(&cli);
diff --git a/projects/hsm/mgmt-cli.h b/projects/hsm/mgmt-cli.h
index c96dae6..35694aa 100644
--- a/projects/hsm/mgmt-cli.h
+++ b/projects/hsm/mgmt-cli.h
@@ -67,6 +67,12 @@
_cli_cmd_struct(name, name, cmd_##name, (char *) help); \
cli_register_command2(cli, &cmd_##name##_s, NULL)
+#define cli_set_cmd_privilege(name, p) \
+ cmd_##name##_s.privilege = p
+
+#define cli_set_cmd_mode(name, m) \
+ cmd_##name##_s.mode = m
+
typedef enum {
DMA_RX_STOP,
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 128ae4c..ee6d521 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -179,7 +179,7 @@ int cmd_keystore_set_key(struct cli_def *cli, const char *command, char *argv[],
int cmd_keystore_delete_key(struct cli_def *cli, const char *command, char *argv[], int argc)
{
hal_error_t status;
- int hint = 0;
+ int hint = -1;
if (argc != 1) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
@@ -191,7 +191,7 @@ int cmd_keystore_delete_key(struct cli_def *cli, const char *command, char *argv
(uint8_t *) argv[0], strlen(argv[0]),
&hint)) != LIBHAL_OK) {
- cli_print(cli, "Failed deleting key: %s", hal_error_string(status));
+ cli_print(cli, "Failed deleting key \"%s\": %s", argv[0], hal_error_string(status));
return CLI_ERROR;
}
@@ -358,4 +358,14 @@ void configure_cli_keystore(struct cli_def *cli)
/* keystore show keys */
cli_command_node(keystore_show, keys, "Show what PINs and keys are in the keystore");
+
+ cli_set_cmd_mode(keystore, MODE_ANY);
+ cli_set_cmd_mode(keystore_erase, MODE_ANY);
+ cli_set_cmd_mode(keystore_set, MODE_ANY);
+ cli_set_cmd_mode(keystore_set_pin, MODE_ANY);
+ cli_set_cmd_mode(keystore_set_pin_iterations, MODE_ANY);
+ cli_set_cmd_mode(keystore_clear, MODE_ANY);
+ cli_set_cmd_mode(keystore_clear_pin, MODE_ANY);
+ cli_set_cmd_mode(keystore_show, MODE_ANY);
+ cli_set_cmd_mode(keystore_show_keys, MODE_ANY);
}
More information about the Commits
mailing list