mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Moving to new pico-hsm-sdk.

Browse source
This commit is contained in:
Pol Henarejos 2022-08-30 17:55:42 +02:00
parent 3944c8437a
commit 62c72c48a5
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
8 changed files with 59 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

83
CMakeLists.txt
View file

@ -43,20 +43,22 @@ add_definitions(-DDEBUG_APDU=${DEBUG_APDU})
find_package( PythonInterp 3.7 REQUIRED )
configure_file(${CMAKE_CURRENT_LIST_DIR}/pico-ccid/config/mbedtls_config.h ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include/mbedtls COPYONLY)
configure_file(${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/config/mbedtls_config.h ${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/include/mbedtls COPYONLY)
target_sources(pico_hsm PUBLIC
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb_descriptors.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/ccid2040.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/asn1.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/file.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/flash.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/low_flash.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/random.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/neug.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/crypto_utils.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/eac.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/usb.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid/usb_descriptors.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid/ccid.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/asn1.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/file.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/flash.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs/low_flash.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng/random.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng/hwrng.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/crypto_utils.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/eac.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/apdu.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/main.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/sc_hsm.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/cmd_select.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/cmd_list_keys.c
@ -89,38 +91,39 @@ target_sources(pico_hsm PUBLIC
${CMAKE_CURRENT_LIST_DIR}/src/hsm/kek.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/oid.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cmac.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher_wrap.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/constant_time.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdsa.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdh.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp_curves.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hkdf.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md5.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/oid.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/platform_util.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ripemd160.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa_alt_helpers.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha1.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha256.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha512.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/aes.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/asn1write.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/bignum.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cmac.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cipher.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/cipher_wrap.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/constant_time.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecdsa.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecdh.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecp.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ecp_curves.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/hkdf.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/md.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/md5.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/oid.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/platform_util.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/ripemd160.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/rsa.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/rsa_alt_helpers.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha1.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha256.c
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library/sha512.c
)
target_include_directories(pico_hsm PUBLIC
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/fs
${CMAKE_CURRENT_LIST_DIR}/src/hsm
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/rng
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/src/usb/ccid
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/include
${CMAKE_CURRENT_LIST_DIR}/pico-hsm-sdk/mbedtls/library
)
target_compile_options(pico_hsm PUBLIC

2
pico-hsm-sdk

@ -1 +1 @@
Subproject commit b75e5a6619dbad5f541081904b9191e98602d81d
Subproject commit 2f565f23e02639c5ee941b8e4f0cf488560d5d15

2
src/hsm/cmd_cipher_sym.c
View file

@ -36,7 +36,7 @@ int cmd_cipher_sym() {
if ((apdu.nc % 16) != 0) {
return SW_WRONG_LENGTH();
}
if (wait_button() == true) //timeout
if (wait_button_pressed() == true) // timeout
return SW_SECURE_MESSAGE_EXEC_ERROR();
int key_size = file_get_size(ef);
uint8_t kdata[32]; //maximum AES key size

2
src/hsm/cmd_decrypt_asym.c
View file

@ -72,7 +72,7 @@ int cmd_decrypt_asym() {
}
else if (p2 == ALGO_EC_DH || p2 == ALGO_EC_DH_XKEK) {
mbedtls_ecdh_context ctx;
if (wait_button() == true) //timeout
if (wait_button_pressed() == true) //timeout
return SW_SECURE_MESSAGE_EXEC_ERROR();
int key_size = file_get_size(ef);
uint8_t *kdata = (uint8_t *)calloc(1,key_size);

2
src/hsm/cmd_key_wrap.c
View file

@ -69,7 +69,7 @@ int cmd_key_wrap() {
}
else if (*dprkd == P15_KEYTYPE_AES) {
uint8_t kdata[32]; //maximum AES key size
if (wait_button() == true) //timeout
if (wait_button_pressed() == true) //timeout
return SW_SECURE_MESSAGE_EXEC_ERROR();
int key_size = file_get_size(ef), aes_type = HSM_KEY_AES;

1
src/hsm/cvc.c
View file

@ -22,7 +22,6 @@
#include "mbedtls/ecdsa.h"
#include <string.h>
#include "asn1.h"
#include "ccid2040.h"
#include "crypto_utils.h"
#include "random.h"
#include "oid.h"

14
src/hsm/sc_hsm.c
View file

@ -24,6 +24,8 @@
#include "eac.h"
#include "cvc.h"
#include "asn1.h"
#include "ccid.h"
#include "usb.h"
const uint8_t sc_hsm_aid[] = {
11,
@ -245,13 +247,13 @@ uint16_t get_device_options() {
extern uint32_t board_button_read(void);
bool wait_button() {
bool wait_button_pressed() {
uint16_t opts = get_device_options();
uint32_t val = EV_PRESS_BUTTON;
if (opts & HSM_OPT_BOOTSEL_BUTTON) {
queue_try_add(&card_to_ccid_q, &val);
queue_try_add(&card_to_usb_q, &val);
do {
queue_remove_blocking(&ccid_to_card_q, &val);
queue_remove_blocking(&usb_to_card_q, &val);
}
while (val != EV_BUTTON_PRESSED && val != EV_BUTTON_TIMEOUT);
}
@ -259,7 +261,7 @@ bool wait_button() {
}
int parse_token_info(const file_t *f, int mode) {
char *label = "Pico-HSM";
char *label = "SmartCard-HSM";
char *manu = "Pol Henarejos";
if (mode == 1) {
uint8_t *p = res_APDU;
@ -523,7 +525,7 @@ int find_and_store_meta_key(uint8_t key_id) {
}
int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
if (wait_button() == true) //timeout
if (wait_button_pressed() == true) //timeout
return CCID_VERIFICATION_FAILED;
int key_size = file_get_size(fkey);
@ -566,7 +568,7 @@ int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
}
int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey) {
if (wait_button() == true) //timeout
if (wait_button_pressed() == true) //timeout
return CCID_VERIFICATION_FAILED;
int key_size = file_get_size(fkey);

6
src/hsm/sc_hsm.h
View file

@ -23,7 +23,9 @@
#include "mbedtls/rsa.h"
#include "mbedtls/ecdsa.h"
#include "pico/stdlib.h"
#include "ccid2040.h"
#include "file.h"
#include "apdu.h"
#include "hsm.h"
extern const uint8_t sc_hsm_aid[];
@ -111,7 +113,7 @@ extern const uint8_t *get_meta_tag(file_t *ef, uint16_t meta_tag, size_t *tag_le
extern bool key_has_purpose(file_t *ef, uint8_t purpose);
extern int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey);
extern int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey);
extern bool wait_button();
extern bool wait_button_pressed();
extern int store_keys(void *key_ctx, int type, uint8_t key_id);
extern int find_and_store_meta_key(uint8_t key_id);
extern uint32_t get_key_counter(file_t *fkey);