aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm
diff options
context:
space:
mode:
authorPaul Selkirk <paul@psgd.org>2016-07-10 22:45:32 -0400
committerPaul Selkirk <paul@psgd.org>2016-07-10 22:45:32 -0400
commit708103998b7005c51fd78fc5563e46dd93fee283 (patch)
treeb0775abe3a1bb4d5d9c7969de92dfcc513b539d9 /projects/hsm
parent35b8b35dc6dbf8fff62817a1de3820004af085ae (diff)
Try to restrict wheel user to only setting pins.
This is a bit of social engineering, because at the moment he can easily drop out of config mode to get the full command set. It also doesn't restrict his use of RPC.
Diffstat (limited to 'projects/hsm')
-rw-r--r--projects/hsm/mgmt-cli.c23
-rw-r--r--projects/hsm/mgmt-cli.h6
-rw-r--r--projects/hsm/mgmt-keystore.c14
3 files changed, 33 insertions, 10 deletions
diff --git a/projects/hsm/mgmt-cli.c b/projects/hsm/mgmt-cli.c
index eeeaef5..514cdd1 100644
--- a/projects/hsm/mgmt-cli.c
+++ b/projects/hsm/mgmt-cli.c
@@ -195,7 +195,7 @@ static int embedded_cli_loop(struct cli_def *cli)
}
if (ctx.l < 0)
- continue;
+ break;
/* cli_print(cli, "Process command: '%s'", ctx.cmd); */
n = cli_loop_process_cmd(cli, &ctx);
@@ -219,6 +219,8 @@ static void mgmt_cli_init(struct cli_def *cli)
hal_user_t user;
+static struct cli_def cli;
+
static int check_auth(const char *username, const char *password)
{
hal_client_handle_t client = { -1 };
@@ -233,25 +235,30 @@ static int check_auth(const char *username, const char *password)
else
user = HAL_USER_NONE;
- if (hal_rpc_login(client, user, password, strlen(password)) == LIBHAL_OK)
- return CLI_OK;
+ if (hal_rpc_login(client, user, password, strlen(password)) != LIBHAL_OK) {
+ user = HAL_USER_NONE;
+ return CLI_ERROR;
+ }
- user = HAL_USER_NONE;
- return CLI_ERROR;
+ /* set mode to 'config', so wheel can only set pins */
+ if (user == HAL_USER_WHEEL)
+ cli_set_configmode(&cli, MODE_CONFIG, NULL);
+
+ return CLI_OK;
}
int cli_main(void)
{
- static struct cli_def cli;
-
uart_sem = osSemaphoreCreate(osSemaphore(uart_sem), 0);
mgmt_cli_init(&cli);
cli_set_auth_callback(&cli, check_auth);
+ cli_unregister_command(&cli, "configure");
+
+ configure_cli_misc(&cli);
configure_cli_show(&cli);
configure_cli_fpga(&cli);
- configure_cli_misc(&cli);
configure_cli_firmware(&cli);
configure_cli_bootloader(&cli);
configure_cli_keystore(&cli);
diff --git a/projects/hsm/mgmt-cli.h b/projects/hsm/mgmt-cli.h
index c96dae6..35694aa 100644
--- a/projects/hsm/mgmt-cli.h
+++ b/projects/hsm/mgmt-cli.h
@@ -67,6 +67,12 @@
_cli_cmd_struct(name, name, cmd_##name, (char *) help); \
cli_register_command2(cli, &cmd_##name##_s, NULL)
+#define cli_set_cmd_privilege(name, p) \
+ cmd_##name##_s.privilege = p
+
+#define cli_set_cmd_mode(name, m) \
+ cmd_##name##_s.mode = m
+
typedef enum {
DMA_RX_STOP,
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 128ae4c..ee6d521 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -179,7 +179,7 @@ int cmd_keystore_set_key(struct cli_def *cli, const char *command, char *argv[],
int cmd_keystore_delete_key(struct cli_def *cli, const char *command, char *argv[], int argc)
{
hal_error_t status;
- int hint = 0;
+ int hint = -1;
if (argc != 1) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
@@ -191,7 +191,7 @@ int cmd_keystore_delete_key(struct cli_def *cli, const char *command, char *argv
(uint8_t *) argv[0], strlen(argv[0]),
&hint)) != LIBHAL_OK) {
- cli_print(cli, "Failed deleting key: %s", hal_error_string(status));
+ cli_print(cli, "Failed deleting key \"%s\": %s", argv[0], hal_error_string(status));
return CLI_ERROR;
}
@@ -358,4 +358,14 @@ void configure_cli_keystore(struct cli_def *cli)
/* keystore show keys */
cli_command_node(keystore_show, keys, "Show what PINs and keys are in the keystore");
+
+ cli_set_cmd_mode(keystore, MODE_ANY);
+ cli_set_cmd_mode(keystore_erase, MODE_ANY);
+ cli_set_cmd_mode(keystore_set, MODE_ANY);
+ cli_set_cmd_mode(keystore_set_pin, MODE_ANY);
+ cli_set_cmd_mode(keystore_set_pin_iterations, MODE_ANY);
+ cli_set_cmd_mode(keystore_clear, MODE_ANY);
+ cli_set_cmd_mode(keystore_clear_pin, MODE_ANY);
+ cli_set_cmd_mode(keystore_show, MODE_ANY);
+ cli_set_cmd_mode(keystore_show_keys, MODE_ANY);
}