From b2d650f511d1eef08138f09ecd4e96656eef173b Mon Sep 17 00:00:00 2001
From: Cástor Muñoz <cmvidal@gmail.com>
Date: Sat, 6 Dec 2014 23:27:01 +0100
Subject: iAP: authentication 1.0

Change-Id: I71b8e9f7ce2568c180396d6695cef18ce94ded32
---
 apps/iap/iap-core.c   |  3 ++-
 apps/iap/iap-core.h   |  1 +
 apps/iap/iap-lingo0.c | 23 +++++++++++++++++++++--
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/apps/iap/iap-core.c b/apps/iap/iap-core.c
index 4fa9c09a47..9e5771ab50 100644
--- a/apps/iap/iap-core.c
+++ b/apps/iap/iap-core.c
@@ -718,7 +718,8 @@ void iap_periodic(void)
              * is in the RX buffer right now.
              */
             IAP_TX_INIT(0x00, 0x17);
-            IAP_TX_PUT_DATA(iap_rxstart, 20);
+            IAP_TX_PUT_DATA(iap_rxstart,
+                        (device.auth.version == 0x100) ? 16 : 20);
             IAP_TX_PUT(0x01);
 
             iap_send_tx();
diff --git a/apps/iap/iap-core.h b/apps/iap/iap-core.h
index d06e3c300c..61b72d4ca2 100644
--- a/apps/iap/iap-core.h
+++ b/apps/iap/iap-core.h
@@ -88,6 +88,7 @@ struct auth_t {
     enum authen_state state;        /* Current state of authentication */
     unsigned char max_section;      /* The maximum number of certificate sections */
     unsigned char next_section;     /* The next expected section number */
+    uint16_t version;               /* Authentication version */
 };
 
 /* State of GetAccessoryInfo */
diff --git a/apps/iap/iap-lingo0.c b/apps/iap/iap-lingo0.c
index 9e0355cb3f..e69b42beae 100644
--- a/apps/iap/iap-lingo0.c
+++ b/apps/iap/iap-lingo0.c
@@ -603,8 +603,27 @@ void iap_handlepkt_mode0(const unsigned int len, const unsigned char *buf)
                 break;
             }
 
-            /* We only support version 2.0 */
-            if ((buf[2] != 2) || (buf[3] != 0)) {
+            device.auth.version = (buf[2] << 8) | buf[3];
+
+            /* We support authentication versions 1.0 and 2.0 */
+            if (device.auth.version == 0x100) {
+                /* If we could really do authentication we'd have to
+                 * check the certificate here. Since we can't, just acknowledge
+                 * the packet with an "everything OK" AckDevAuthenticationInfo
+                 *
+                 * Skip GetAccessoryInfo process, this command together with
+                 * authentication level 2 were added in iAP release 24, it is
+                 * not be supported by devices authenticating at level 1.
+                 */
+                IAP_TX_INIT(0x00, 0x16);
+                IAP_TX_PUT(0x00);
+
+                iap_send_tx();
+                device.auth.state = AUST_CERTDONE;
+                break;
+            }
+
+            if (device.auth.version != 0x200) {
                 /* Version mismatches are signalled by AckDevAuthenticationInfo
                  * with the status set to Authentication Information unsupported
                  */
-- 
cgit v1.2.3