From 62c72c48a540e11541e2d7c7114f260217e766cc Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Tue, 30 Aug 2022 17:55:42 +0200
Subject: [PATCH] Moving to new pico-hsm-sdk.

---
 CMakeLists.txt             | 83 ++++++++++++++++++++------------------
 pico-hsm-sdk               |  2 +-
 src/hsm/cmd_cipher_sym.c   |  2 +-
 src/hsm/cmd_decrypt_asym.c |  2 +-
 src/hsm/cmd_key_wrap.c     |  2 +-
 src/hsm/cvc.c              |  1 -
 src/hsm/sc_hsm.c           | 14 ++++---
 src/hsm/sc_hsm.h           |  6 ++-
 8 files changed, 59 insertions(+), 53 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index dbd7ce5..9e08292 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -43,20 +43,22 @@ add_definitions(-DDEBUG_APDU=${DEBUG_APDU})
 
 find_package( PythonInterp 3.7 REQUIRED )
 
-configure_file(${CMAKE_CURRENT_LIST_DIR}/pico-ccid/config/mbedtls_config.h ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include/mbedtls COPYONLY)
+configure_file(${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/config/mbedtls_config.h ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/include/mbedtls COPYONLY)
 
 target_sources(pico_hsm PUBLIC
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb_descriptors.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/ccid2040.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/asn1.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/file.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/flash.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/low_flash.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/random.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/neug.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/crypto_utils.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/eac.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/usb.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid/usb_descriptors.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid/ccid.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/asn1.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/file.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/flash.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/low_flash.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng/random.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng/hwrng.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/crypto_utils.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/eac.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/apdu.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/main.c
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm/sc_hsm.c
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm/cmd_select.c
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm/cmd_list_keys.c
@@ -89,38 +91,39 @@ target_sources(pico_hsm PUBLIC
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm/kek.c
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm/oid.c
 
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cmac.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher_wrap.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/constant_time.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdh.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp_curves.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hkdf.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md5.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/oid.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/platform_util.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ripemd160.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa_alt_helpers.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha1.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha256.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha512.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/aes.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/asn1write.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/bignum.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cmac.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cipher.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cipher_wrap.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/constant_time.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecdsa.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecdh.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecp.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecp_curves.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/hkdf.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/md.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/md5.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/oid.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/platform_util.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ripemd160.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/rsa.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/rsa_alt_helpers.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha1.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha256.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha512.c
         )
 
 target_include_directories(pico_hsm PUBLIC
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs
         ${CMAKE_CURRENT_LIST_DIR}/src/hsm
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/include
+        ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library
         )
 
 target_compile_options(pico_hsm PUBLIC
diff --git a/pico-hsm-sdk b/pico-hsm-sdk
index b75e5a6..2f565f2 160000
--- a/pico-hsm-sdk
+++ b/pico-hsm-sdk
@@ -1 +1 @@
-Subproject commit b75e5a6619dbad5f541081904b9191e98602d81d
+Subproject commit 2f565f23e02639c5ee941b8e4f0cf488560d5d15
diff --git a/src/hsm/cmd_cipher_sym.c b/src/hsm/cmd_cipher_sym.c
index 2fa7099..42d7c3c 100644
--- a/src/hsm/cmd_cipher_sym.c
+++ b/src/hsm/cmd_cipher_sym.c
@@ -36,7 +36,7 @@ int cmd_cipher_sym() {
     if ((apdu.nc % 16) != 0) {
         return SW_WRONG_LENGTH();
     }
-    if (wait_button() == true) //timeout
+    if (wait_button_pressed() == true) // timeout
         return SW_SECURE_MESSAGE_EXEC_ERROR();
     int key_size = file_get_size(ef);
     uint8_t kdata[32]; //maximum AES key size
diff --git a/src/hsm/cmd_decrypt_asym.c b/src/hsm/cmd_decrypt_asym.c
index 147355e..559ed24 100644
--- a/src/hsm/cmd_decrypt_asym.c
+++ b/src/hsm/cmd_decrypt_asym.c
@@ -72,7 +72,7 @@ int cmd_decrypt_asym() {
     }
     else if (p2 == ALGO_EC_DH || p2 == ALGO_EC_DH_XKEK) {
         mbedtls_ecdh_context ctx;
-        if (wait_button() == true) //timeout
+        if (wait_button_pressed() == true) //timeout
             return SW_SECURE_MESSAGE_EXEC_ERROR();
         int key_size = file_get_size(ef);
         uint8_t *kdata = (uint8_t *)calloc(1,key_size);
diff --git a/src/hsm/cmd_key_wrap.c b/src/hsm/cmd_key_wrap.c
index 5c21faf..0f96bed 100644
--- a/src/hsm/cmd_key_wrap.c
+++ b/src/hsm/cmd_key_wrap.c
@@ -69,7 +69,7 @@ int cmd_key_wrap() {
     }
     else if (*dprkd == P15_KEYTYPE_AES) {
         uint8_t kdata[32]; //maximum AES key size
-        if (wait_button() == true) //timeout
+        if (wait_button_pressed() == true) //timeout
             return SW_SECURE_MESSAGE_EXEC_ERROR();
 
         int key_size = file_get_size(ef), aes_type = HSM_KEY_AES;
diff --git a/src/hsm/cvc.c b/src/hsm/cvc.c
index 8d4fece..a679442 100644
--- a/src/hsm/cvc.c
+++ b/src/hsm/cvc.c
@@ -22,7 +22,6 @@
 #include "mbedtls/ecdsa.h"
 #include <string.h>
 #include "asn1.h"
-#include "ccid2040.h"
 #include "crypto_utils.h"
 #include "random.h"
 #include "oid.h"
diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c
index de25bdb..c319c89 100644
--- a/src/hsm/sc_hsm.c
+++ b/src/hsm/sc_hsm.c
@@ -24,6 +24,8 @@
 #include "eac.h"
 #include "cvc.h"
 #include "asn1.h"
+#include "ccid.h"
+#include "usb.h"
 
 const uint8_t sc_hsm_aid[] = {
     11,
@@ -245,13 +247,13 @@ uint16_t get_device_options() {
 
 extern uint32_t board_button_read(void);
 
-bool wait_button() {
+bool wait_button_pressed() {
     uint16_t opts = get_device_options();
     uint32_t val = EV_PRESS_BUTTON;
     if (opts & HSM_OPT_BOOTSEL_BUTTON) {
-        queue_try_add(&card_to_ccid_q, &val);
+        queue_try_add(&card_to_usb_q, &val);
         do {
-            queue_remove_blocking(&ccid_to_card_q, &val);
+            queue_remove_blocking(&usb_to_card_q, &val);
         }
         while (val != EV_BUTTON_PRESSED && val != EV_BUTTON_TIMEOUT);
     }
@@ -259,7 +261,7 @@ bool wait_button() {
 }
 
 int parse_token_info(const file_t *f, int mode) {
-    char *label = "Pico-HSM";
+    char *label = "SmartCard-HSM";
     char *manu = "Pol Henarejos";
     if (mode == 1) {
         uint8_t *p = res_APDU;
@@ -523,7 +525,7 @@ int find_and_store_meta_key(uint8_t key_id) {
 }
 
 int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
-    if (wait_button() == true) //timeout
+    if (wait_button_pressed() == true) //timeout
         return CCID_VERIFICATION_FAILED;
 
     int key_size = file_get_size(fkey);
@@ -566,7 +568,7 @@ int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
 }
 
 int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey) {
-    if (wait_button() == true) //timeout
+    if (wait_button_pressed() == true) //timeout
         return CCID_VERIFICATION_FAILED;
 
     int key_size = file_get_size(fkey);
diff --git a/src/hsm/sc_hsm.h b/src/hsm/sc_hsm.h
index 98391f8..45d590a 100644
--- a/src/hsm/sc_hsm.h
+++ b/src/hsm/sc_hsm.h
@@ -23,7 +23,9 @@
 #include "mbedtls/rsa.h"
 #include "mbedtls/ecdsa.h"
 #include "pico/stdlib.h"
-#include "ccid2040.h"
+#include "file.h"
+#include "apdu.h"
+#include "hsm.h"
 
 extern const uint8_t sc_hsm_aid[];
 
@@ -111,7 +113,7 @@ extern const uint8_t *get_meta_tag(file_t *ef, uint16_t meta_tag, size_t *tag_le
 extern bool key_has_purpose(file_t *ef, uint8_t purpose);
 extern int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey);
 extern int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey);
-extern bool wait_button();
+extern bool wait_button_pressed();
 extern int store_keys(void *key_ctx, int type, uint8_t key_id);
 extern int find_and_store_meta_key(uint8_t key_id);
 extern uint32_t get_key_counter(file_t *fkey);