mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'development' into esp32

Browse source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2024-06-03 13:06:39 +02:00
commit 7cb0bbf982
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
32 changed files with 154 additions and 149 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pico-keys-sdk

@ -1 +1 @@
Subproject commit ade730ffb5e38b37afaab21247a2c9ac6db2ac1b
Subproject commit 9a607707f07da0e481a8cf71e2b6965c05e3e0f4

4
src/hsm/cmd_bip_slip.c
View file

@ -113,7 +113,7 @@ int load_master_bip(uint16_t mid, mbedtls_ecp_keypair *ctx, uint8_t chain[32],
uint8_t key_type[1]) {
uint8_t mkey[65];
mbedtls_ecp_keypair_init(ctx);
file_t *ef = search_dynamic_file(EF_MASTER_SEED | mid);
file_t *ef = search_file(EF_MASTER_SEED | mid);
if (!file_has_data(ef)) {
return CCID_ERR_FILE_NOT_FOUND;
}
@ -256,7 +256,7 @@ int cmd_bip_slip() {
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
r = flash_write_data_to_file(ef, mkey, sizeof(mkey));
r = file_put_data(ef, mkey, sizeof(mkey));
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}

4
src/hsm/cmd_change_pin.c
View file

@ -35,7 +35,7 @@ int cmd_change_pin() {
if (!file_has_data(file_pin)) {
return SW_REFERENCE_NOT_FOUND();
}
uint8_t pin_len = file_read_uint8(file_get_data(file_pin));
uint8_t pin_len = file_read_uint8(file_pin);
int r = check_pin(file_pin, apdu.data, pin_len);
if (r != 0x9000) {
return r;
@ -63,7 +63,7 @@ int cmd_change_pin() {
uint8_t dhash[33];
dhash[0] = (uint8_t)apdu.nc - pin_len;
double_hash_pin(apdu.data + pin_len, (uint16_t)(apdu.nc - pin_len), dhash + 1);
flash_write_data_to_file(file_pin, dhash, sizeof(dhash));
file_put_data(file_pin, dhash, sizeof(dhash));
low_flash_available();
return SW_OK();
}

2
src/hsm/cmd_cipher_sym.c
View file

@ -169,7 +169,7 @@ int cmd_cipher_sym() {
if (wait_button_pressed() == true) { // timeout
return SW_SECURE_MESSAGE_EXEC_ERROR();
}
file_t *ef = search_dynamic_file((KEY_PREFIX << 8) | key_id);
file_t *ef = search_file((KEY_PREFIX << 8) | key_id);
if (hd_keytype == 0) {
if (!ef) {
return SW_FILE_NOT_FOUND();

4
src/hsm/cmd_decrypt_asym.c
View file

@ -31,7 +31,7 @@ int cmd_decrypt_asym() {
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
file_t *ef = search_dynamic_file((KEY_PREFIX << 8) | key_id);
file_t *ef = search_file((KEY_PREFIX << 8) | key_id);
if (!ef) {
return SW_FILE_NOT_FOUND();
}
@ -173,7 +173,7 @@ int cmd_decrypt_asym() {
return SW_WRONG_DATA();
}
for (uint8_t n = 0; n < MAX_KEY_DOMAINS; n++) {
file_t *tf = search_dynamic_file(EF_XKEK + n);
file_t *tf = search_file(EF_XKEK + n);
if (tf) {
if (file_get_size(tf) == kdom_uid.len &&
memcmp(file_get_data(tf), kdom_uid.data, kdom_uid.len) == 0) {

4
src/hsm/cmd_delete_file.c
View file

@ -25,13 +25,13 @@ int cmd_delete_file() {
if (apdu.nc == 0) {
ef = currentEF;
if (!(ef = search_dynamic_file(ef->fid))) {
if (!(ef = search_file(ef->fid))) {
return SW_FILE_NOT_FOUND();
}
}
else {
uint16_t fid = (apdu.data[0] << 8) | apdu.data[1];
if (!(ef = search_dynamic_file(fid))) {
if (!(ef = search_file(fid))) {
return SW_FILE_NOT_FOUND();
}
}

2
src/hsm/cmd_derive_asym.c
View file

@ -42,7 +42,7 @@ int cmd_derive_asym() {
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
if (!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) || !file_has_data(fkey)) {
if (!(fkey = search_file((KEY_PREFIX << 8) | key_id)) || !file_has_data(fkey)) {
return SW_FILE_NOT_FOUND();
}
if (key_has_purpose(fkey, ALGO_EC_DERIVE) == false) {

2
src/hsm/cmd_external_authenticate.c
View file

@ -34,7 +34,7 @@ int cmd_external_authenticate() {
if (apdu.nc == 0) {
return SW_WRONG_LENGTH();
}
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!file_has_data(ef_puk)) {
return SW_FILE_NOT_FOUND();
}

20
src/hsm/cmd_extras.c
View file

@ -29,6 +29,12 @@
#include "mbedtls/chachapoly.h"
int cmd_extras() {
#ifndef ENABLE_EMULATION
// Only allow change PHY without PIN
if (!isUserAuthenticated && P1(apdu) != 0x1B) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
#endif
if (P1(apdu) == 0xA) { //datetime operations
if (P2(apdu) != 0x0) {
return SW_INCORRECT_P1P2();
@ -107,8 +113,8 @@ int cmd_extras() {
}
else {
uint8_t newopts[] = { apdu.data[0], (opts & 0xff) };
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, newopts, sizeof(newopts));
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, newopts, sizeof(newopts));
low_flash_available();
}
}
@ -193,14 +199,14 @@ int cmd_extras() {
(P2(apdu) == 0x04 && (opts & HSM_OPT_SECURE_LOCK))) {
uint16_t tfids[] = { EF_MKEK, EF_MKEK_SO };
for (int t = 0; t < sizeof(tfids) / sizeof(uint16_t); t++) {
file_t *tf = search_by_fid(tfids[t], NULL, SPECIFY_EF);
file_t *tf = search_file(tfids[t]);
if (tf) {
uint8_t *tmp = (uint8_t *) calloc(1, file_get_size(tf));
memcpy(tmp, file_get_data(tf), file_get_size(tf));
for (int i = 0; i < MKEK_KEY_SIZE; i++) {
MKEK_KEY(tmp)[i] ^= apdu.data[i];
}
flash_write_data_to_file(tf, tmp, file_get_size(tf));
file_put_data(tf, tmp, file_get_size(tf));
free(tmp);
}
}
@ -211,8 +217,8 @@ int cmd_extras() {
else if (P2(apdu) == 0x04) {
newopts[0] &= ~HSM_OPT_SECURE_LOCK >> 8;
}
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, newopts, sizeof(newopts));
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, newopts, sizeof(newopts));
low_flash_available();
}
else if (P2(apdu) == 0x03) {
@ -250,7 +256,7 @@ int cmd_extras() {
else {
return SW_INCORRECT_P1P2();
}
flash_write_data_to_file(ef_phy, tmp, sizeof(tmp));
file_put_data(ef_phy, tmp, sizeof(tmp));
low_flash_available();
}
}

2
src/hsm/cmd_general_authenticate.c
View file

@ -40,7 +40,7 @@ int cmd_general_authenticate() {
pubkey_len = tag_len + 1;
}
}
file_t *fkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fkey = search_file(EF_KEY_DEV);
if (!fkey) {
return SW_EXEC_ERROR();
}

48
src/hsm/cmd_initialize.c
View file

@ -53,15 +53,15 @@ int cmd_initialize() {
asn1_ctx_init(apdu.data, (uint16_t)apdu.nc, &ctxi);
while (walk_tlv(&ctxi, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x80) { //options
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, tag_data, tag_len);
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, tag_data, tag_len);
}
else if (tag == 0x81) { //user pin
if (file_pin1 && file_pin1->data) {
uint8_t dhash[33];
dhash[0] = (uint8_t)tag_len;
double_hash_pin(tag_data, tag_len, dhash + 1);
flash_write_data_to_file(file_pin1, dhash, sizeof(dhash));
file_put_data(file_pin1, dhash, sizeof(dhash));
hash_multi(tag_data, tag_len, session_pin);
has_session_pin = true;
}
@ -71,18 +71,18 @@ int cmd_initialize() {
uint8_t dhash[33];
dhash[0] = (uint8_t)tag_len;
double_hash_pin(tag_data, tag_len, dhash + 1);
flash_write_data_to_file(file_sopin, dhash, sizeof(dhash));
file_put_data(file_sopin, dhash, sizeof(dhash));
hash_multi(tag_data, tag_len, session_sopin);
has_session_sopin = true;
}
}
else if (tag == 0x91) { //retries user pin
file_t *tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_PIN1_MAX_RETRIES);
if (tf && tf->data) {
flash_write_data_to_file(tf, tag_data, tag_len);
file_put_data(tf, tag_data, tag_len);
}
if (file_retries_pin1 && file_retries_pin1->data) {
flash_write_data_to_file(file_retries_pin1, tag_data, tag_len);
file_put_data(file_retries_pin1, tag_data, tag_len);
}
}
else if (tag == 0x92) {
@ -92,10 +92,10 @@ int cmd_initialize() {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
}
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
else if (tag == 0x93) {
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!ef_puk) {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
@ -105,14 +105,14 @@ int cmd_initialize() {
pk_status[0] = puks;
pk_status[1] = puks;
pk_status[2] = tag_data[1];
flash_write_data_to_file(ef_puk, pk_status, sizeof(pk_status));
file_put_data(ef_puk, pk_status, sizeof(pk_status));
for (uint8_t i = 0; i < puks; i++) {
file_t *tf = file_new(EF_PUK + i);
if (!tf) {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
}
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
}
else if (tag == 0x97) {
@ -122,12 +122,12 @@ int cmd_initialize() {
file_t *tf = file_new(EF_DKEK+i);
if (!tf)
return SW_MEMORY_FAILURE();
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
*/
}
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
if (!tf_kd) {
release_mkek(mkek);
return SW_EXEC_ERROR();
@ -143,7 +143,7 @@ int cmd_initialize() {
if (dkeks) {
if (*dkeks > 0) {
uint16_t d = *dkeks;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
@ -153,28 +153,28 @@ int cmd_initialize() {
return SW_EXEC_ERROR();
}
uint16_t d = 0x0101;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
}
else {
uint16_t d = 0x0000;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
if (kds) {
uint8_t t[MAX_KEY_DOMAINS * 2], k = MIN(*kds, MAX_KEY_DOMAINS);
memset(t, 0xff, 2 * k);
if (flash_write_data_to_file(tf_kd, t, 2 * k) != CCID_OK) {
if (file_put_data(tf_kd, t, 2 * k) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
/* When initialized, it has all credentials */
isUserAuthenticated = true;
/* Create terminal private key */
file_t *fdkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fdkey = search_file(EF_KEY_DEV);
if (!fdkey) {
return SW_EXEC_ERROR();
}
@ -200,8 +200,8 @@ int cmd_initialize() {
return SW_EXEC_ERROR();
}
file_t *fpk = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, (uint16_t)cvc_len);
file_t *fpk = search_file(EF_EE_DEV);
ret = file_put_data(fpk, res_APDU, (uint16_t)cvc_len);
if (ret != 0) {
mbedtls_ecdsa_free(&ecdsa);
return SW_EXEC_ERROR();
@ -213,8 +213,8 @@ int cmd_initialize() {
}
memcpy(res_APDU + cvc_len, res_APDU, cvc_len);
mbedtls_ecdsa_free(&ecdsa);
fpk = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, (uint16_t)(2 * cvc_len));
fpk = search_file(EF_TERMCA);
ret = file_put_data(fpk, res_APDU, (uint16_t)(2 * cvc_len));
if (ret != 0) {
return SW_EXEC_ERROR();
}
@ -229,8 +229,8 @@ int cmd_initialize() {
256,
res_APDU,
4096);
fpk = search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, prkd_len);
fpk = search_file(EF_PRKD_DEV);
ret = file_put_data(fpk, res_APDU, prkd_len);
}
if (ret != 0) {

24
src/hsm/cmd_key_domain.c
View file

@ -44,7 +44,7 @@ int cmd_key_domain() {
if (p2 >= MAX_KEY_DOMAINS) {
return SW_WRONG_P1P2();
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
if (!tf_kd) {
return SW_EXEC_ERROR();
}
@ -83,17 +83,17 @@ int cmd_key_domain() {
uint8_t t[MAX_KEY_DOMAINS * 2];
memcpy(t, kdata, tf_kd_size);
t[2 * p2 + 1] = current_dkeks;
if (flash_write_data_to_file(tf_kd, t, tf_kd_size) != CCID_OK) {
if (file_put_data(tf_kd, t, tf_kd_size) != CCID_OK) {
return SW_EXEC_ERROR();
}
low_flash_available();
}
else {
file_t *tf = search_dynamic_file(EF_XKEK + p2);
file_t *tf = search_file(EF_XKEK + p2);
if (2 * p2 >= tf_kd_size) {
return SW_INCORRECT_P1P2();
}
if (current_dkeks == 0xff && !tf) { //XKEK have always 0xff
if (current_dkeks == 0xff && !file_has_data(tf)) { //XKEK have always 0xff
return SW_REFERENCE_NOT_FOUND();
}
}
@ -104,7 +104,7 @@ int cmd_key_domain() {
}
if (p1 == 0x3) { //if key domain is not empty, command is denied
for (uint16_t i = 1; i < 256; i++) {
file_t *fkey = search_dynamic_file(KEY_PREFIX << 8 | (uint8_t)i);
file_t *fkey = search_file(KEY_PREFIX << 8 | (uint8_t)i);
if (get_key_domain(fkey) == p2) {
return SW_FILE_EXISTS();
}
@ -129,16 +129,16 @@ int cmd_key_domain() {
else if (p1 == 0x4) {
t[2 * p2 + 1] = current_dkeks = 0;
}
if (flash_write_data_to_file(tf_kd, t, tf_kd_size) != CCID_OK) {
if (file_put_data(tf_kd, t, tf_kd_size) != CCID_OK) {
return SW_EXEC_ERROR();
}
file_t *tf = NULL;
if ((tf = search_dynamic_file(EF_DKEK + p2))) {
if ((tf = search_file(EF_DKEK + p2))) {
if (delete_file(tf) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
if (p1 == 0x3 && (tf = search_dynamic_file(EF_XKEK + p2))) {
if (p1 == 0x3 && (tf = search_file(EF_XKEK + p2))) {
if (delete_file(tf) != CCID_OK) {
return SW_EXEC_ERROR();
}
@ -151,7 +151,7 @@ int cmd_key_domain() {
else if (p1 == 0x2) { //XKEK Key Domain creation
if (apdu.nc > 0) {
uint16_t pub_len = 0;
file_t *fterm = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
file_t *fterm = search_file(EF_TERMCA);
if (!fterm) {
return SW_EXEC_ERROR();
}
@ -189,7 +189,7 @@ int cmd_key_domain() {
t86_len = 0;
t86 = cvc_get_field(pub, pub_len, &t86_len, 0x86);
if (t86) {
flash_write_data_to_file(tf, t86 + 1, (uint16_t)t86_len - 1);
file_put_data(tf, t86 + 1, (uint16_t)t86_len - 1);
low_flash_available();
}
}
@ -203,8 +203,8 @@ int cmd_key_domain() {
res_APDU[1] = dkeks > current_dkeks ? dkeks - current_dkeks : 0;
dkek_kcv(p2, res_APDU + 2);
res_APDU_size = 2 + 8;
file_t *tf = search_dynamic_file(EF_XKEK + p2);
if (tf) {
file_t *tf = search_file(EF_XKEK + p2);
if (file_has_data(tf)) {
memcpy(res_APDU + 10, file_get_data(tf), file_get_size(tf));
res_APDU_size += file_get_size(tf);
}

2
src/hsm/cmd_key_unwrap.c
View file

@ -132,7 +132,7 @@ int cmd_key_unwrap() {
}
if (res_APDU_size > 0) {
file_t *fpk = file_new((EE_CERTIFICATE_PREFIX << 8) | key_id);
r = flash_write_data_to_file(fpk, res_APDU, res_APDU_size);
r = file_put_data(fpk, res_APDU, res_APDU_size);
if (r != 0) {
return SW_EXEC_ERROR();
}

6
src/hsm/cmd_key_wrap.c
View file

@ -32,7 +32,7 @@ int cmd_key_wrap() {
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
file_t *ef = search_dynamic_file((KEY_PREFIX << 8) | key_id);
file_t *ef = search_file((KEY_PREFIX << 8) | key_id);
if (!ef) {
return SW_FILE_NOT_FOUND();
}
@ -40,7 +40,7 @@ int cmd_key_wrap() {
if (kdom == 0xff) {
return SW_REFERENCE_NOT_FOUND();
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
uint8_t *kdata = file_get_data(tf_kd), dkeks = kdata ? kdata[2 * kdom] : 0,
current_dkeks = kdata ? kdata[2 * kdom + 1] : 0;
if (dkeks != current_dkeks || dkeks == 0 || dkeks == 0xff) {
@ -49,7 +49,7 @@ int cmd_key_wrap() {
if (key_has_purpose(ef, ALGO_WRAP) == false) {
return SW_CONDITIONS_NOT_SATISFIED();
}
file_t *prkd = search_dynamic_file((PRKD_PREFIX << 8) | key_id);
file_t *prkd = search_file((PRKD_PREFIX << 8) | key_id);
if (!prkd) {
return SW_FILE_NOT_FOUND();
}

4
src/hsm/cmd_keypair_gen.c
View file

@ -98,7 +98,7 @@ int cmd_keypair_gen() {
if (a92.data[0] > MAX_KEY_DOMAINS) {
return SW_WRONG_DATA();
}
file_t *tf_xkek = search_dynamic_file(EF_XKEK + a92.data[0]);
file_t *tf_xkek = search_file(EF_XKEK + a92.data[0]);
if (!tf_xkek) {
return SW_WRONG_DATA();
}
@ -145,7 +145,7 @@ int cmd_keypair_gen() {
return SW_EXEC_ERROR();
}
file_t *fpk = file_new((EE_CERTIFICATE_PREFIX << 8) | key_id);
ret = flash_write_data_to_file(fpk, res_APDU, res_APDU_size);
ret = file_put_data(fpk, res_APDU, res_APDU_size);
if (ret != 0) {
return SW_EXEC_ERROR();
}

4
src/hsm/cmd_list_keys.c
View file

@ -21,11 +21,11 @@
int cmd_list_keys() {
/* First we send DEV private key */
/* Both below conditions should be always TRUE */
if (search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF)) {
if (search_file(EF_PRKD_DEV)) {
res_APDU[res_APDU_size++] = EF_PRKD_DEV >> 8;
res_APDU[res_APDU_size++] = EF_PRKD_DEV & 0xff;
}
if (search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF)) {
if (search_file(EF_KEY_DEV)) {
res_APDU[res_APDU_size++] = EF_KEY_DEV >> 8;
res_APDU[res_APDU_size++] = EF_KEY_DEV & 0xff;
}

2
src/hsm/cmd_mse.c
View file

@ -57,7 +57,7 @@ int cmd_mse() {
}
else if (p2 == 0xA4) { /* Aut */
for (uint8_t i = 0; i < MAX_PUK; i++) {
file_t *ef = search_dynamic_file(EF_PUK + i);
file_t *ef = search_file(EF_PUK + i);
if (!ef) {
break;
}

6
src/hsm/cmd_pso.c
View file

@ -51,10 +51,10 @@ int cmd_pso() {
}
for (uint8_t i = 0; i < 0xfe; i++) {
uint16_t fid = (CA_CERTIFICATE_PREFIX << 8) | i;
file_t *ca_ef = search_dynamic_file(fid);
file_t *ca_ef = search_file(fid);
if (!ca_ef) {
ca_ef = file_new(fid);
flash_write_data_to_file(ca_ef, apdu.data, (uint16_t)apdu.nc);
file_put_data(ca_ef, apdu.data, (uint16_t)apdu.nc);
if (add_cert_puk_store(file_get_data(ca_ef), file_get_size(ca_ef),
false) != CCID_OK) {
return SW_FILE_FULL();
@ -144,7 +144,7 @@ int cmd_pso() {
fid,
buf,
cd_len);
flash_write_data_to_file(cd_ef, buf, cd_len);
file_put_data(cd_ef, buf, cd_len);
free(buf);
if (r == 0) {
return SW_EXEC_ERROR();

12
src/hsm/cmd_puk_auth.c
View file

@ -21,7 +21,7 @@
int cmd_puk_auth() {
uint8_t p1 = P1(apdu), p2 = P2(apdu);
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!file_has_data(ef_puk)) {
if (apdu.nc > 0) {
return SW_FILE_NOT_FOUND();
@ -37,7 +37,7 @@ int cmd_puk_auth() {
return SW_INCORRECT_P1P2();
}
for (uint8_t i = 0; i < puk_data[0]; i++) {
ef = search_dynamic_file(EF_PUK + i);
ef = search_file(EF_PUK + i);
if (!ef) { /* Never should not happen */
return SW_MEMORY_FAILURE();
}
@ -48,7 +48,7 @@ int cmd_puk_auth() {
uint8_t *tmp = (uint8_t *) calloc(file_get_size(ef_puk), sizeof(uint8_t));
memcpy(tmp, puk_data, file_get_size(ef_puk));
tmp[1] = puk_data[1] - 1;
flash_write_data_to_file(ef_puk, tmp, file_get_size(ef_puk));
file_put_data(ef_puk, tmp, file_get_size(ef_puk));
puk_data = file_get_data(ef_puk);
free(tmp);
}
@ -56,12 +56,12 @@ int cmd_puk_auth() {
if (p2 >= puk_data[0]) {
return SW_INCORRECT_P1P2();
}
ef = search_dynamic_file(EF_PUK + p2);
ef = search_file(EF_PUK + p2);
if (!ef) { /* Never should not happen */
return SW_MEMORY_FAILURE();
}
}
flash_write_data_to_file(ef, apdu.data, (uint16_t)apdu.nc);
file_put_data(ef, apdu.data, (uint16_t)apdu.nc);
low_flash_available();
}
else {
@ -72,7 +72,7 @@ int cmd_puk_auth() {
if (p2 >= puk_data[0]) {
return SW_INCORRECT_P1P2();
}
file_t *ef = search_dynamic_file(EF_PUK + p2);
file_t *ef = search_file(EF_PUK + p2);
if (!ef) {
return SW_INCORRECT_P1P2();
}

8
src/hsm/cmd_read_binary.c
View file

@ -25,7 +25,7 @@ int cmd_read_binary() {
if ((ins & 0x1) == 0) {
if ((p1 & 0x80) != 0) {
if (!(ef = search_by_fid(p1 & 0x1f, NULL, SPECIFY_EF))) {
if (!(ef = search_file(p1 & 0x1f))) {
return SW_FILE_NOT_FOUND();
}
offset = p2;
@ -37,7 +37,7 @@ int cmd_read_binary() {
}
else {
if (p1 == 0 && (p2 & 0xE0) == 0 && (p2 & 0x1f) != 0 && (p2 & 0x1f) != 0x1f) {
if (!(ef = search_by_fid(p2 & 0x1f, NULL, SPECIFY_EF))) {
if (!(ef = search_file(p2 & 0x1f))) {
return SW_FILE_NOT_FOUND();
}
}
@ -46,9 +46,7 @@ int cmd_read_binary() {
if (file_id == 0x0) {
ef = currentEF;
}
else if (!(ef =
search_by_fid(file_id, NULL,
SPECIFY_EF)) && !(ef = search_dynamic_file(file_id))) {
else if (!(ef = search_file(file_id))) {
return SW_FILE_NOT_FOUND();
}

6
src/hsm/cmd_reset_retry.c
View file

@ -36,7 +36,7 @@ int cmd_reset_retry() {
if (P1(apdu) == 0x0 || P1(apdu) == 0x2) {
uint8_t newpin_len = 0;
if (P1(apdu) == 0x0) {
uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin));
uint8_t so_pin_len = file_read_uint8(file_sopin);
if ((uint16_t)apdu.nc <= so_pin_len + 1) {
return SW_WRONG_LENGTH();
}
@ -58,7 +58,7 @@ int cmd_reset_retry() {
uint8_t dhash[33];
dhash[0] = newpin_len;
double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
flash_write_data_to_file(file_pin1, dhash, sizeof(dhash));
file_put_data(file_pin1, dhash, sizeof(dhash));
if (pin_reset_retries(file_pin1, true) != CCID_OK) {
return SW_MEMORY_FAILURE();
}
@ -82,7 +82,7 @@ int cmd_reset_retry() {
return SW_COMMAND_NOT_ALLOWED();
}
if (P1(apdu) == 0x1) {
uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin));
uint8_t so_pin_len = file_read_uint8(file_sopin);
if (apdu.nc != so_pin_len) {
return SW_WRONG_LENGTH();
}

3
src/hsm/cmd_select.c
View file

@ -63,8 +63,7 @@ int cmd_select() {
pfx == DCOD_PREFIX ||
pfx == DATA_PREFIX ||
pfx == PROT_DATA_PREFIX) {*/
if (fid != 0x0 && !(pe = search_dynamic_file(fid)) &&
!(pe = search_by_fid(fid, NULL, SPECIFY_EF))) {
if (fid != 0x0 && !(pe = search_file(fid))) {
return SW_FILE_NOT_FOUND();
}
/*}*/

5
src/hsm/cmd_signature.c
View file

@ -104,10 +104,7 @@ int cmd_signature() {
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
if ((!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) &&
!(fkey =
search_by_fid((KEY_PREFIX << 8) | key_id, NULL,
SPECIFY_EF))) || !file_has_data(fkey)) {
if (!(fkey = search_file((KEY_PREFIX << 8) | key_id)) || !file_has_data(fkey)) {
return SW_FILE_NOT_FOUND();
}
if (get_key_counter(fkey) == 0) {

9
src/hsm/cmd_update_ef.c
View file

@ -72,15 +72,12 @@ int cmd_update_ef() {
if (fid == 0x0 && !ef) {
return SW_FILE_NOT_FOUND();
}
else if (fid != 0x0 &&
!(ef =
search_by_fid(fid, NULL,
SPECIFY_EF)) && !(ef = search_dynamic_file(fid))) { //if does not exist, create it
else if (fid != 0x0 && !(ef = search_file(fid))) { //if does not exist, create it
//return SW_FILE_NOT_FOUND();
ef = file_new(fid);
}
if (offset == 0) {
int r = flash_write_data_to_file(ef, data, data_len);
int r = file_put_data(ef, data, data_len);
if (r != CCID_OK) {
return SW_MEMORY_FAILURE();
}
@ -93,7 +90,7 @@ int cmd_update_ef() {
uint8_t *data_merge = (uint8_t *) calloc(1, offset + data_len);
memcpy(data_merge, file_get_data(ef), offset);
memcpy(data_merge + offset, data, data_len);
int r = flash_write_data_to_file(ef, data_merge, offset + data_len);
int r = file_put_data(ef, data_merge, offset + data_len);
free(data_merge);
if (r != CCID_OK) {
return SW_MEMORY_FAILURE();

10
src/hsm/cmd_verify.c
View file

@ -39,25 +39,25 @@ int cmd_verify() {
if (apdu.nc > 0) {
return check_pin(file_pin1, apdu.data, (uint16_t)apdu.nc);
}
if (file_read_uint8(file_get_data(file_retries_pin1)) == 0) {
if (file_read_uint8(file_retries_pin1) == 0) {
return SW_PIN_BLOCKED();
}
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_get_data(file_retries_pin1)));
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_pin1));
}
else if (p2 == 0x88) { //SOPin
if (file_read_uint8(file_get_data(file_sopin)) == 0) { //not initialized
if (file_read_uint8(file_sopin) == 0) { //not initialized
return SW_REFERENCE_NOT_FOUND();
}
if (apdu.nc > 0) {
return check_pin(file_sopin, apdu.data, (uint16_t)apdu.nc);
}
if (file_read_uint8(file_get_data(file_retries_sopin)) == 0) {
if (file_read_uint8(file_retries_sopin) == 0) {
return SW_PIN_BLOCKED();
}
if (has_session_sopin) {
return SW_OK();
}
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_get_data(file_retries_sopin)));
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_sopin));
}
else if (p2 == 0x85) {
return SW_OK();

2
src/hsm/cvc.c
View file

@ -322,7 +322,7 @@ uint16_t asn1_cvc_aut(void *rsa_ecdsa,
uint16_t outcar_len = dev_name_len;
const uint8_t *outcar = dev_name;
uint16_t outcar_size = asn1_len_tag(0x42, outcar_len);
file_t *fkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fkey = search_file(EF_KEY_DEV);
if (!fkey) {
return 0;
}

12
src/hsm/files.c
View file

@ -41,22 +41,22 @@ file_t file_entries[] = {
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0 } }, //EF.TokenInfo
/* 8 */ { .fid = 0x5033, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0 } }, //EF.UnusedSpace
/* 9 */ { .fid = 0x1081, .parent = 5, .name = NULL,
/* 9 */ { .fid = EF_PIN1, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //PIN (PIN1)
/* 10 */ { .fid = 0x1082, .parent = 5, .name = NULL,
/* 10 */ { .fid = EF_PIN1_MAX_RETRIES, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //max retries PIN (PIN1)
/* 11 */ { .fid = 0x1083, .parent = 5, .name = NULL,
/* 11 */ { .fid = EF_PIN1_RETRIES, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //retries PIN (PIN1)
/* 12 */ { .fid = 0x1088, .parent = 5, .name = NULL,
/* 12 */ { .fid = EF_SOPIN, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //PIN (SOPIN)
/* 13 */ { .fid = 0x1089, .parent = 5, .name = NULL,
/* 13 */ { .fid = EF_SOPIN_MAX_RETRIES, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //max retries PIN (SOPIN)
/* 14 */ { .fid = 0x108A, .parent = 5, .name = NULL,
/* 14 */ { .fid = EF_SOPIN_RETRIES, .parent = 5, .name = NULL,
.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
.ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, //retries PIN (SOPIN)
/* 15 */ { .fid = EF_DEVOPS, .parent = 5, .name = NULL,

8
src/hsm/files.h
View file

@ -24,7 +24,13 @@
#define EF_DEVOPS 0x100E
#define EF_MKEK 0x100A
#define EF_MKEK_SO 0x100B
#define EF_XKEK 0x1080
#define EF_XKEK 0x1070
#define EF_PIN1 0x1081
#define EF_PIN1_MAX_RETRIES 0x1082
#define EF_PIN1_RETRIES 0x1083
#define EF_SOPIN 0x1088
#define EF_SOPIN_MAX_RETRIES 0x1089
#define EF_SOPIN_RETRIES 0x108A
#define EF_DKEK 0x1090
#define EF_KEY_DOMAIN 0x10A0
#define EF_PUKAUT 0x10C0

26
src/hsm/kek.c
View file

@ -55,14 +55,14 @@ int load_mkek(uint8_t *mkek) {
}
const uint8_t *pin = NULL;
if (pin == NULL && has_session_pin == true) {
file_t *tf = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK);
if (file_has_data(tf)) {
memcpy(mkek, file_get_data(tf), MKEK_SIZE);
pin = session_pin;
}
}
if (pin == NULL && has_session_sopin == true) {
file_t *tf = search_by_fid(EF_MKEK_SO, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK_SO);
if (file_has_data(tf)) {
memcpy(mkek, file_get_data(tf), MKEK_SIZE);
pin = session_sopin;
@ -107,8 +107,8 @@ int mse_decrypt_ct(uint8_t *data, size_t len) {
}
int load_dkek(uint8_t id, uint8_t *dkek) {
file_t *tf = search_dynamic_file(EF_DKEK + id);
if (!tf) {
file_t *tf = search_file(EF_DKEK + id);
if (!file_has_data(tf)) {
return CCID_ERR_FILE_NOT_FOUND;
}
memcpy(dkek, file_get_data(tf), DKEK_KEY_SIZE);
@ -135,7 +135,7 @@ int store_mkek(const uint8_t *mkek) {
if (has_session_pin) {
uint8_t tmp_mkek_pin[MKEK_SIZE];
memcpy(tmp_mkek_pin, tmp_mkek, MKEK_SIZE);
file_t *tf = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK);
if (!tf) {
release_mkek(tmp_mkek);
release_mkek(tmp_mkek_pin);
@ -145,13 +145,13 @@ int store_mkek(const uint8_t *mkek) {
MKEK_IV(tmp_mkek_pin),
MKEK_KEY(tmp_mkek_pin),
MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE);
flash_write_data_to_file(tf, tmp_mkek_pin, MKEK_SIZE);
file_put_data(tf, tmp_mkek_pin, MKEK_SIZE);
release_mkek(tmp_mkek_pin);
}
if (has_session_sopin) {
uint8_t tmp_mkek_sopin[MKEK_SIZE];
memcpy(tmp_mkek_sopin, tmp_mkek, MKEK_SIZE);
file_t *tf = search_by_fid(EF_MKEK_SO, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK_SO);
if (!tf) {
release_mkek(tmp_mkek);
release_mkek(tmp_mkek_sopin);
@ -161,7 +161,7 @@ int store_mkek(const uint8_t *mkek) {
MKEK_IV(tmp_mkek_sopin),
MKEK_KEY(tmp_mkek_sopin),
MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE);
flash_write_data_to_file(tf, tmp_mkek_sopin, MKEK_SIZE);
file_put_data(tf, tmp_mkek_sopin, MKEK_SIZE);
release_mkek(tmp_mkek_sopin);
}
low_flash_available();
@ -170,7 +170,7 @@ int store_mkek(const uint8_t *mkek) {
}
int store_dkek_key(uint8_t id, uint8_t *dkek) {
file_t *tf = search_dynamic_file(EF_DKEK + id);
file_t *tf = search_file(EF_DKEK + id);
if (!tf) {
return CCID_ERR_FILE_NOT_FOUND;
}
@ -178,7 +178,7 @@ int store_dkek_key(uint8_t id, uint8_t *dkek) {
if (r != CCID_OK) {
return r;
}
flash_write_data_to_file(tf, dkek, DKEK_KEY_SIZE);
file_put_data(tf, dkek, DKEK_KEY_SIZE);
low_flash_available();
return CCID_OK;
}
@ -186,7 +186,7 @@ int store_dkek_key(uint8_t id, uint8_t *dkek) {
int save_dkek_key(uint8_t id, const uint8_t *key) {
uint8_t dkek[DKEK_KEY_SIZE];
if (!key) {
file_t *tf = search_dynamic_file(EF_DKEK + id);
file_t *tf = search_file(EF_DKEK + id);
if (!tf) {
return CCID_ERR_FILE_NOT_FOUND;
}
@ -200,7 +200,7 @@ int save_dkek_key(uint8_t id, const uint8_t *key) {
int import_dkek_share(uint8_t id, const uint8_t *share) {
uint8_t tmp_dkek[DKEK_KEY_SIZE];
file_t *tf = search_dynamic_file(EF_DKEK + id);
file_t *tf = search_file(EF_DKEK + id);
if (!tf) {
return CCID_ERR_FILE_NOT_FOUND;
}
@ -211,7 +211,7 @@ int import_dkek_share(uint8_t id, const uint8_t *share) {
for (int i = 0; i < DKEK_KEY_SIZE; i++) {
tmp_dkek[i] ^= share[i];
}
flash_write_data_to_file(tf, tmp_dkek, DKEK_KEY_SIZE);
file_put_data(tf, tmp_dkek, DKEK_KEY_SIZE);
low_flash_available();
return CCID_OK;
}

56
src/hsm/sc_hsm.c
View file

@ -94,45 +94,45 @@ INITIALIZER( sc_hsm_ctor ) {
}
void scan_files() {
file_pin1 = search_by_fid(0x1081, NULL, SPECIFY_EF);
file_pin1 = search_file(EF_PIN1);
if (file_pin1) {
if (!file_pin1->data) {
printf("PIN1 is empty. Initializing with default password\n");
const uint8_t empty[33] = { 0 };
flash_write_data_to_file(file_pin1, empty, sizeof(empty));
file_put_data(file_pin1, empty, sizeof(empty));
}
}
else {
printf("FATAL ERROR: PIN1 not found in memory!\n");
}
file_sopin = search_by_fid(0x1088, NULL, SPECIFY_EF);
file_sopin = search_file(EF_SOPIN);
if (file_sopin) {
if (!file_sopin->data) {
printf("SOPIN is empty. Initializing with default password\n");
const uint8_t empty[33] = { 0 };
flash_write_data_to_file(file_sopin, empty, sizeof(empty));
file_put_data(file_sopin, empty, sizeof(empty));
}
}
else {
printf("FATAL ERROR: SOPIN not found in memory!\n");
}
file_retries_pin1 = search_by_fid(0x1083, NULL, SPECIFY_EF);
file_retries_pin1 = search_file(EF_PIN1_RETRIES);
if (file_retries_pin1) {
if (!file_retries_pin1->data) {
printf("Retries PIN1 is empty. Initializing with default retriesr\n");
const uint8_t retries = 3;
flash_write_data_to_file(file_retries_pin1, &retries, sizeof(uint8_t));
file_put_data(file_retries_pin1, &retries, sizeof(uint8_t));
}
}
else {
printf("FATAL ERROR: Retries PIN1 not found in memory!\n");
}
file_retries_sopin = search_by_fid(0x108A, NULL, SPECIFY_EF);
file_retries_sopin = search_file(EF_SOPIN_RETRIES);
if (file_retries_sopin) {
if (!file_retries_sopin->data) {
printf("Retries SOPIN is empty. Initializing with default retries\n");
const uint8_t retries = 15;
flash_write_data_to_file(file_retries_sopin, &retries, sizeof(uint8_t));
file_put_data(file_retries_sopin, &retries, sizeof(uint8_t));
}
}
else {
@ -140,23 +140,23 @@ void scan_files() {
}
file_t *tf = NULL;
tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
tf = search_file(EF_PIN1_MAX_RETRIES);
if (tf) {
if (!tf->data) {
printf("Max retries PIN1 is empty. Initializing with default max retriesr\n");
const uint8_t retries = 3;
flash_write_data_to_file(tf, &retries, sizeof(uint8_t));
file_put_data(tf, &retries, sizeof(uint8_t));
}
}
else {
printf("FATAL ERROR: Max Retries PIN1 not found in memory!\n");
}
tf = search_by_fid(0x1089, NULL, SPECIFY_EF);
tf = search_file(EF_SOPIN_MAX_RETRIES);
if (tf) {
if (!tf->data) {
printf("Max Retries SOPIN is empty. Initializing with default max retries\n");
const uint8_t retries = 15;
flash_write_data_to_file(tf, &retries, sizeof(uint8_t));
file_put_data(tf, &retries, sizeof(uint8_t));
}
}
else {
@ -227,7 +227,7 @@ void reset_puk_store() {
}
memset(puk_store, 0, sizeof(puk_store));
puk_store_entries = 0;
file_t *fterm = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
file_t *fterm = search_file(EF_TERMCA);
if (fterm) {
uint8_t *p = NULL, *fterm_data = file_get_data(fterm), *pq = fterm_data;
uint16_t fterm_data_len = file_get_size(fterm);
@ -239,7 +239,7 @@ void reset_puk_store() {
}
}
for (int i = 0; i < 0xfe; i++) {
file_t *ef = search_dynamic_file((CA_CERTIFICATE_PREFIX << 8) | (uint8_t)i);
file_t *ef = search_file((CA_CERTIFICATE_PREFIX << 8) | (uint8_t)i);
if (ef && file_get_size(ef) > 0) {
add_cert_puk_store(file_get_data(ef), file_get_size(ef), false);
}
@ -264,9 +264,9 @@ int sc_hsm_unload() {
}
uint16_t get_device_options() {
file_t *ef = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
file_t *ef = search_file(EF_DEVOPS);
if (file_has_data(ef)) {
return (file_read_uint8(file_get_data(ef)) << 8) | file_read_uint8(file_get_data(ef) + 1);
return (file_read_uint8(ef) << 8) | file_read_uint8_offset(ef, 1);
}
return 0x0;
}
@ -318,17 +318,17 @@ int pin_reset_retries(const file_t *pin, bool force) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
}
const file_t *max = search_by_fid(pin->fid + 1, NULL, SPECIFY_EF);
const file_t *act = search_by_fid(pin->fid + 2, NULL, SPECIFY_EF);
const file_t *max = search_file(pin->fid + 1);
const file_t *act = search_file(pin->fid + 2);
if (!max || !act) {
return CCID_ERR_FILE_NOT_FOUND;
}
uint8_t retries = file_read_uint8(file_get_data(act));
uint8_t retries = file_read_uint8(act);
if (retries == 0 && force == false) { // blocked
return CCID_ERR_BLOCKED;
}
retries = file_read_uint8(file_get_data(max));
int r = flash_write_data_to_file((file_t *) act, &retries, sizeof(retries));
retries = file_read_uint8(max);
int r = file_put_data((file_t *) act, &retries, sizeof(retries));
low_flash_available();
return r;
}
@ -337,14 +337,14 @@ int pin_wrong_retry(const file_t *pin) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
}
const file_t *act = search_by_fid(pin->fid + 2, NULL, SPECIFY_EF);
const file_t *act = search_file(pin->fid + 2);
if (!act) {
return CCID_ERR_FILE_NOT_FOUND;
}
uint8_t retries = file_read_uint8(file_get_data(act));
uint8_t retries = file_read_uint8(act);
if (retries > 0) {
retries -= 1;
int r = flash_write_data_to_file((file_t *) act, &retries, sizeof(retries));
int r = file_put_data((file_t *) act, &retries, sizeof(retries));
if (r != CCID_OK) {
return r;
}
@ -358,8 +358,8 @@ int pin_wrong_retry(const file_t *pin) {
}
bool pka_enabled() {
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
return file_has_data(ef_puk) && file_read_uint8(file_get_data(ef_puk)) > 0;
file_t *ef_puk = search_file(EF_PUKAUT);
return file_has_data(ef_puk) && file_read_uint8(ef_puk) > 0;
}
uint16_t check_pin(const file_t *pin, const uint8_t *data, uint16_t len) {
@ -544,7 +544,7 @@ int store_keys(void *key_ctx, int type, uint8_t key_id) {
if (r != CCID_OK) {
return r;
}
r = flash_write_data_to_file(fpk, kdata, (uint16_t)key_size);
r = file_put_data(fpk, kdata, (uint16_t)key_size);
if (r != CCID_OK) {
return r;
}
@ -556,7 +556,7 @@ int store_keys(void *key_ctx, int type, uint8_t key_id) {
uint16_t prkd_len = asn1_build_prkd_generic(NULL, 0, (uint8_t *)key_id_str, (uint16_t)strlen(key_id_str), key_size * 8, type, kdata, sizeof(kdata));
if (prkd_len > 0) {
fpk = file_new((PRKD_PREFIX << 8) | key_id);
r = flash_write_data_to_file(fpk, kdata, prkd_len);
r = file_put_data(fpk, kdata, prkd_len);
if (r != 0) {
return SW_EXEC_ERROR();
}

2
tools/pico-hsm-patch-vidpid.sh
View file

@ -17,7 +17,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
VERSION_MAJOR="4" #Version of Pico CCID Core
VERSION_MAJOR="5" #Version of Pico Keys SDK
VERSION_MINOR="0"
echo "----------------------------"

2
tools/pico-hsm-tool.py
View file

@ -464,6 +464,8 @@ def phy(picohsm, args):
ret = picohsm.phy(args.subcommand, val)
if (ret):
print(f'Current value: {hexlify(ret)}')
else:
print('Command executed successfully. Please, restart your Pico Key.')
def main(args):
sys.stderr.buffer.write(b'Pico HSM Tool v1.12\n')