From 92a61aa0cd9a28056e6979f01a72b8742702dbfe Mon Sep 17 00:00:00 2001
From: Joel Challis <git@zvecr.com>
Date: Sat, 16 Apr 2022 19:13:05 +0100
Subject: Implement XAP 'secure' core requirements (#16843)

Co-authored-by: Drashna Jaelre <drashna@live.com>
Co-authored-by: Stefan Kerkmann <karlk90@pm.me>
---
 quantum/secure.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 quantum/secure.c

(limited to 'quantum/secure.c')

diff --git a/quantum/secure.c b/quantum/secure.c
new file mode 100644
index 0000000000..00048bd6dd
--- /dev/null
+++ b/quantum/secure.c
@@ -0,0 +1,87 @@
+// Copyright 2022 QMK
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+#include "secure.h"
+#include "timer.h"
+
+#ifndef SECURE_UNLOCK_TIMEOUT
+#    define SECURE_UNLOCK_TIMEOUT 5000
+#endif
+
+#ifndef SECURE_IDLE_TIMEOUT
+#    define SECURE_IDLE_TIMEOUT 60000
+#endif
+
+#ifndef SECURE_UNLOCK_SEQUENCE
+#    define SECURE_UNLOCK_SEQUENCE \
+        {                          \
+            { 0, 0 }               \
+        }
+#endif
+
+static secure_status_t secure_status = SECURE_LOCKED;
+static uint32_t        unlock_time   = 0;
+static uint32_t        idle_time     = 0;
+
+secure_status_t secure_get_status(void) {
+    return secure_status;
+}
+
+void secure_lock(void) {
+    secure_status = SECURE_LOCKED;
+}
+
+void secure_unlock(void) {
+    secure_status = SECURE_UNLOCKED;
+    idle_time     = timer_read32();
+}
+
+void secure_request_unlock(void) {
+    if (secure_status == SECURE_LOCKED) {
+        secure_status = SECURE_PENDING;
+        unlock_time   = timer_read32();
+    }
+}
+
+void secure_activity_event(void) {
+    if (secure_status == SECURE_UNLOCKED) {
+        idle_time = timer_read32();
+    }
+}
+
+void secure_keypress_event(uint8_t row, uint8_t col) {
+    static const uint8_t sequence[][2] = SECURE_UNLOCK_SEQUENCE;
+    static const uint8_t sequence_len  = sizeof(sequence) / sizeof(sequence[0]);
+
+    static uint8_t offset = 0;
+    if ((sequence[offset][0] == row) && (sequence[offset][1] == col)) {
+        offset++;
+        if (offset == sequence_len) {
+            offset = 0;
+            secure_unlock();
+        }
+    } else {
+        offset = 0;
+        secure_lock();
+    }
+}
+
+void secure_task(void) {
+#if SECURE_UNLOCK_TIMEOUT != 0
+    // handle unlock timeout
+    if (secure_status == SECURE_PENDING) {
+        if (timer_elapsed32(unlock_time) >= SECURE_UNLOCK_TIMEOUT) {
+            secure_lock();
+        }
+    }
+#endif
+
+#if SECURE_IDLE_TIMEOUT != 0
+    // handle idle timeout
+    if (secure_status == SECURE_UNLOCKED) {
+        if (timer_elapsed32(idle_time) >= SECURE_IDLE_TIMEOUT) {
+            secure_lock();
+        }
+    }
+#endif
+}
-- 
cgit v1.2.3