From 2b05b9739ed81f7b79ff5bc0f77988500ba0d914 Mon Sep 17 00:00:00 2001
From: Pawel Olejniczak <pawel.olejniczak@mudita.com>
Date: Wed, 17 Feb 2021 17:12:24 +0100
Subject: [PATCH] [EGD-5204] Secure USB communication

Secure all endpoints by returning 403(Forbidden) when USB is connected.
Request screen passcode to enable secured endpoints.
---
 .../application-desktop/ApplicationDesktop.cpp     |  2 +-
 .../application-desktop/widgets/PinLockHandler.cpp |  8 ++++++--
 module-bsp/CMakeLists.txt                          |  2 ++
 module-services/service-desktop/ServiceDesktop.cpp |  3 ++-
 .../developerMode/DeveloperModeHelper.hpp          | 14 +++++---------
 5 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/module-apps/application-desktop/ApplicationDesktop.cpp b/module-apps/application-desktop/ApplicationDesktop.cpp
index 5b5cbf97d792244b4a325c95960af6c8057cf57a..42ec56e98ff299627d1326e19d437068b8cd6b7e 100644
--- a/module-apps/application-desktop/ApplicationDesktop.cpp
+++ b/module-apps/application-desktop/ApplicationDesktop.cpp
@@ -53,7 +53,7 @@ namespace app
 
         addActionReceiver(app::manager::actions::RequestScreenPasscode, [this](auto &&data) {
             lockHandler.handleScreenPasscodeRequest(std::move(data));
-            return msgHandled();
+            return actionHandled();
         });
 
         addActionReceiver(app::manager::actions::RequestPuk, [this](auto &&data) {
diff --git a/module-apps/application-desktop/widgets/PinLockHandler.cpp b/module-apps/application-desktop/widgets/PinLockHandler.cpp
index 7b7b4d9b2bfa1a19b9186fb09a12040475ccc0ab..0572ce769f0a3ce669af2d123ab18f0e292f60b8 100644
--- a/module-apps/application-desktop/widgets/PinLockHandler.cpp
+++ b/module-apps/application-desktop/widgets/PinLockHandler.cpp
@@ -68,7 +68,7 @@ namespace gui
             simLock.lockType  = type;
         }
         simLock.passcodeName = passcodeData->getPasscodeName();
-        simLock.value = passcodeData->getAttempts();
+        simLock.value        = passcodeData->getAttempts();
     }
 
     void PinLockHandler::handlePasscodeRequest(PinLock::LockType type, app::manager::actions::ActionParamsPtr &&data)
@@ -90,7 +90,11 @@ namespace gui
             Store::GSM::SIM::NONE, PinLock::LockState::PasscodeRequired, PinLock::LockType::Screen);
 
         if (params->isCancel()) {
-            app->switchWindow(app::window::name::desktop_main_window);
+            if (app->getCurrentWindow()->getName() == app::window::name::desktop_pin_lock) {
+                app->switchWindow(app::window::name::desktop_main_window);
+            }
+            app->bus.sendUnicast(std::make_shared<sdesktop::passcode::ScreenPasscodeUnlocked>(),
+                                 service::name::service_desktop);
             return;
         }
 
diff --git a/module-bsp/CMakeLists.txt b/module-bsp/CMakeLists.txt
index aba0c9e59cc52e4ce9933d1036f1c5f2fc096fd1..5b5dcedc3491b1c4d196a48e3c528826ca139c98 100644
--- a/module-bsp/CMakeLists.txt
+++ b/module-bsp/CMakeLists.txt
@@ -75,6 +75,8 @@ target_compile_definitions(${PROJECT_NAME}
         -DFSL_SDK_ENABLE_DRIVER_CACHE_CONTROL=1
         -D__STARTUP_INITIALIZE_NONCACHEDATA
         -D__USE_CMSIS
+        -DDEBUG_VCOM=1
+        -DDEBUG_USB=1
         )
 
 target_include_directories(${PROJECT_NAME}
diff --git a/module-services/service-desktop/ServiceDesktop.cpp b/module-services/service-desktop/ServiceDesktop.cpp
index c442da0706c017930d2c4b28ed826bb45e093c25..7424f99460079888b24615b02e6a8d2b88e46540 100644
--- a/module-services/service-desktop/ServiceDesktop.cpp
+++ b/module-services/service-desktop/ServiceDesktop.cpp
@@ -201,7 +201,8 @@ sys::ReturnCodes ServiceDesktop::InitHandler()
     });
 
     connect(sdesktop::usb::USBDisconnected(), [&](sys::Message *msg) {
-        bus.sendUnicast(std::make_shared<sdesktop::passcode::ScreenPasscodeRequest>(),
+        LOG_INFO("USB disconnected. Enabling secured endpoints.");
+        bus.sendUnicast(std::make_shared<sdesktop::passcode::ScreenPasscodeRequest>(true),
                         app::manager::ApplicationManager::ServiceName);
         return std::make_shared<sys::ResponseMessage>();
     });
diff --git a/module-services/service-desktop/endpoints/developerMode/DeveloperModeHelper.hpp b/module-services/service-desktop/endpoints/developerMode/DeveloperModeHelper.hpp
index 8d2569b3a03e678aa4f0e0d53a1367d6ab3554c3..9680fa84ec3a25057ee72d383f809b1d1d1cf97d 100644
--- a/module-services/service-desktop/endpoints/developerMode/DeveloperModeHelper.hpp
+++ b/module-services/service-desktop/endpoints/developerMode/DeveloperModeHelper.hpp
@@ -55,9 +55,7 @@ namespace parserFSM
         inline constexpr auto changeCellularStateCmd = "changeCellularStateCmd";
         inline constexpr auto getInfo                = "getInfo";
         inline constexpr auto tethering              = "tethering";
-
-        inline constexpr auto tethering   = "tethering";
-        inline constexpr auto usbSecurity = "usbSecurity";
+        inline constexpr auto usbSecurity            = "usbSecurity";
         /// values for getInfo cmd
         inline constexpr auto simStateInfo      = "simState";
         inline constexpr auto cellularStateInfo = "cellularState";
@@ -69,12 +67,10 @@ namespace parserFSM
         inline constexpr auto tetheringOn  = "on";
         inline constexpr auto tetheringOff = "off";
 
-        /// values for tethering
-        inline constexpr auto tetheringOn  = "on";
-        inline constexpr auto tetheringOff = "off";
+        /// values for usbSecurity
+        inline constexpr auto usbLock   = "usbLock";
+        inline constexpr auto usbUnlock = "usbUnlock";
+
     } // namespace json::developerMode
 
-    /// values for usbSecurity
-    inline constexpr auto usbLock   = "usbLock";
-    inline constexpr auto usbUnlock = "usbUnlock";
 } // namespace parserFSM