diff --git a/protocols/aut64.c b/protocols/aut64.c index 53430bf..6f51b6c 100644 --- a/protocols/aut64.c +++ b/protocols/aut64.c @@ -1,5 +1,5 @@ -#include #include "aut64.h" +#include // https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garcia.pdf @@ -310,11 +310,10 @@ static uint8_t permute_bits(const struct aut64_key* key, uint8_t byte) { int aut64_encrypt(const struct aut64_key* key, uint8_t* message) { int rc; +#ifdef AUT64_ENABLE_VALIDATIONS if(!key || !message) { return AUT64_ERR_NULL_POINTER; } - -#ifdef AUT64_ENABLE_VALIDATIONS // Validate key before doing anything. This prevents silent, unsafe behavior. rc = aut64_validate_key(key); if(rc != AUT64_OK) { @@ -351,11 +350,10 @@ int aut64_encrypt(const struct aut64_key* key, uint8_t* message) { // Decrypt one 8-byte block in place using the provided validated key. int aut64_decrypt(const struct aut64_key* key, uint8_t* message) { +#ifdef AUT64_ENABLE_VALIDATIONS if(!key || !message) { return AUT64_ERR_NULL_POINTER; } - -#ifdef AUT64_ENABLE_VALIDATIONS int rc = aut64_validate_key(key); if(rc != AUT64_OK) { return rc; @@ -375,11 +373,10 @@ int aut64_decrypt(const struct aut64_key* key, uint8_t* message) { // Serialize a validated key structure into its 16-byte packed format. int aut64_pack(uint8_t* dest, const struct aut64_key* src) { +#ifdef AUT64_ENABLE_VALIDATIONS if(!dest || !src) { return AUT64_ERR_NULL_POINTER; } - -#ifdef AUT64_ENABLE_VALIDATIONS // Validate the key we are about to pack. This prevents producing garbage packed keys. int rc = aut64_validate_key(src); if(rc != AUT64_OK) { @@ -414,9 +411,11 @@ int aut64_pack(uint8_t* dest, const struct aut64_key* src) { // Deserialize a 16-byte packed key into a key structure and validate it. int aut64_unpack(struct aut64_key* dest, const uint8_t* src) { +#ifdef AUT64_ENABLE_VALIDATIONS if(!dest || !src) { return AUT64_ERR_NULL_POINTER; } +#endif // Clear the whole struct first, so all fields are in a defined state. *dest = (struct aut64_key){0}; diff --git a/protocols/vag.c b/protocols/vag.c index f261d72..2cd5ff0 100644 --- a/protocols/vag.c +++ b/protocols/vag.c @@ -37,6 +37,7 @@ static void protocol_vag_load_keys(const char* file_name) { if(subghz_keystore_raw_get_data( file_name, i * AUT64_PACKED_KEY_SIZE, key_packed, AUT64_PACKED_KEY_SIZE)) { int rc = aut64_unpack(&protocol_vag_keys[i], key_packed); +#ifdef AUT64_ENABLE_VALIDATIONS if(rc == AUT64_ERR_INVALID_PACKED) { FURI_LOG_E(TAG, "Invalid key: %u", i); } else if(rc == AUT64_ERR_NULL_POINTER) { @@ -47,6 +48,10 @@ static void protocol_vag_load_keys(const char* file_name) { } else { break; } +#else + (void)rc; + protocol_vag_keys_loaded++; +#endif } else { FURI_LOG_E(TAG, "Unable to load key %u", i); break; @@ -198,11 +203,13 @@ static bool vag_aut64_decrypt(uint8_t* block, int key_index) { return false; } int rc = aut64_decrypt(key, block); +#ifdef AUT64_ENABLE_VALIDATIONS if(rc == AUT64_ERR_INVALID_KEY) { FURI_LOG_E(TAG, "Invalid key: %d", key_index + 1); } else if(rc == AUT64_ERR_NULL_POINTER) { FURI_LOG_E(TAG, "key is NULL: %d", key_index + 1); } +#endif return (rc == AUT64_OK) ? true : false; } @@ -1083,11 +1090,13 @@ static bool vag_aut64_encrypt(uint8_t* block, int key_index) { return false; } int rc = aut64_encrypt(key, block); +#ifdef AUT64_ENABLE_VALIDATIONS if(rc == AUT64_ERR_INVALID_KEY) { FURI_LOG_E(TAG, "Invalid key: %d", key_index + 1); } else if(rc == AUT64_ERR_NULL_POINTER) { FURI_LOG_E(TAG, "key is NULL"); } +#endif return (rc == AUT64_OK) ? true : false; }