diff --git a/CMakeLists.txt b/CMakeLists.txt index 0deb72a..91d6789 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -96,13 +96,23 @@ if(NOT ESP_PLATFORM) target_sources(pico_hsm PUBLIC ${SOURCES}) target_include_directories(pico_hsm PUBLIC ${INCLUDES}) - target_compile_options(pico_hsm PUBLIC + set(COMMON_COMPILE_OPTIONS -Wall ) + target_compile_options(pico_hsm PRIVATE ${COMMON_COMPILE_OPTIONS}) + + pico_keys_apply_strict_flags( + SOURCES ${SOURCES} + FILTER_REGEX "/src/hsm/|/pico-keys-sdk/src/|/pico-keys-sdk/config/" + ) + if(NOT MSVC) - target_compile_options(pico_hsm PUBLIC - -Werror - ) + string(FIND ${CMAKE_C_COMPILER} ":" COMPILER_COLON) + if(${COMPILER_COLON} GREATER_EQUAL 0) + target_compile_options(pico_hsm PRIVATE + -Wno-error=use-after-free + ) + endif() endif() if(ENABLE_EMULATION) diff --git a/pico-keys-sdk b/pico-keys-sdk index 3463382..8aad7bd 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit 34633828d7351cf979bbb7aa75fede3db047251a +Subproject commit 8aad7bdef9103f0c2abb4ececffa29928d489403 diff --git a/src/hsm/cmd_bip_slip.c b/src/hsm/cmd_bip_slip.c index a7e7804..97a32ad 100644 --- a/src/hsm/cmd_bip_slip.c +++ b/src/hsm/cmd_bip_slip.c @@ -27,11 +27,11 @@ const uint8_t *sym_seed = (const uint8_t *) "Symmetric key seed"; mbedtls_ecp_keypair hd_context = { 0 }; uint8_t hd_keytype = 0; -int node_derive_bip_child(const mbedtls_ecp_keypair *parent, - const uint8_t cpar[32], - const uint8_t *i, - mbedtls_ecp_keypair *child, - uint8_t cchild[32]) { +static int node_derive_bip_child(const mbedtls_ecp_keypair *parent, + const uint8_t cpar[32], + const uint8_t *i, + mbedtls_ecp_keypair *child, + uint8_t cchild[32]) { uint8_t data[1 + 32 + 4], I[64], *iL = I, *iR = I + 32; mbedtls_mpi il, kchild; mbedtls_mpi_init(&il); @@ -75,19 +75,19 @@ int node_derive_bip_child(const mbedtls_ecp_keypair *parent, return PICOKEY_OK; } -int sha256_ripemd160(const uint8_t *buffer, size_t buffer_len, uint8_t *output) { +static int sha256_ripemd160(const uint8_t *buffer, size_t buffer_len, uint8_t *output) { mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), buffer, buffer_len, output); mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160), output, 32, output); return PICOKEY_OK; } -int sha256_sha256(const uint8_t *buffer, size_t buffer_len, uint8_t *output) { +static int sha256_sha256(const uint8_t *buffer, size_t buffer_len, uint8_t *output) { mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), buffer, buffer_len, output); mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), output, 32, output); return PICOKEY_OK; } -int node_fingerprint_bip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { +static int node_fingerprint_bip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { size_t olen = 0; uint8_t buffer[33]; mbedtls_ecp_point_write_binary(&ctx->grp, @@ -101,7 +101,7 @@ int node_fingerprint_bip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { return PICOKEY_OK; } -int node_fingerprint_slip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { +static int node_fingerprint_slip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { uint8_t buffer[32]; mbedtls_mpi_write_binary(&ctx->d, buffer, sizeof(buffer)); sha256_ripemd160(buffer, sizeof(buffer), buffer); @@ -109,8 +109,8 @@ int node_fingerprint_slip(mbedtls_ecp_keypair *ctx, uint8_t fingerprint[4]) { return PICOKEY_OK; } -int load_master_bip(uint16_t mid, mbedtls_ecp_keypair *ctx, uint8_t chain[32], - uint8_t key_type[1]) { +static int load_master_bip(uint16_t mid, mbedtls_ecp_keypair *ctx, uint8_t chain[32], + uint8_t key_type[1]) { uint8_t mkey[65]; mbedtls_ecp_keypair_init(ctx); file_t *ef = search_file(EF_MASTER_SEED | mid); @@ -146,14 +146,14 @@ int load_master_bip(uint16_t mid, mbedtls_ecp_keypair *ctx, uint8_t chain[32], return PICOKEY_OK; } -int node_derive_path(const uint8_t *path, - uint16_t path_len, - mbedtls_ecp_keypair *ctx, - uint8_t chain[32], - uint8_t fingerprint[4], - uint8_t *nodes, - uint8_t last_node[4], - uint8_t key_type[1]) { +static int node_derive_path(const uint8_t *path, + uint16_t path_len, + mbedtls_ecp_keypair *ctx, + uint8_t chain[32], + uint8_t fingerprint[4], + uint8_t *nodes, + uint8_t last_node[4], + uint8_t key_type[1]) { uint8_t *tag_data = NULL, *p = NULL; uint16_t tag_len = 0, tag = 0x0; uint8_t node = 0, N[64] = { 0 }; @@ -205,7 +205,7 @@ int node_derive_path(const uint8_t *path, return PICOKEY_OK; } -int cmd_bip_slip() { +int cmd_bip_slip(void) { uint8_t p1 = P1(apdu), p2 = P2(apdu); if (p1 == 0x1 || p1 == 0x2 || p1 == 0x3) { // Master generation (K1 and P1) if (p2 >= 10) { diff --git a/src/hsm/cmd_challenge.c b/src/hsm/cmd_challenge.c index 058bb3d..bf5bc22 100644 --- a/src/hsm/cmd_challenge.c +++ b/src/hsm/cmd_challenge.c @@ -21,7 +21,7 @@ uint8_t challenge[256]; uint8_t challenge_len = 0; -int cmd_challenge() { +int cmd_challenge(void) { uint8_t *rb = (uint8_t *) random_bytes_get(apdu.ne); if (!rb) { return SW_WRONG_LENGTH(); diff --git a/src/hsm/cmd_change_pin.c b/src/hsm/cmd_change_pin.c index 7dabca6..9a96b9f 100644 --- a/src/hsm/cmd_change_pin.c +++ b/src/hsm/cmd_change_pin.c @@ -19,7 +19,7 @@ #include "sc_hsm.h" #include "kek.h" -int cmd_change_pin() { +int cmd_change_pin(void) { if (P1(apdu) == 0x0) { if (P2(apdu) == 0x81 || P2(apdu) == 0x88) { file_t *file_pin = NULL; diff --git a/src/hsm/cmd_cipher_sym.c b/src/hsm/cmd_cipher_sym.c index 9749f99..c1f9c82 100644 --- a/src/hsm/cmd_cipher_sym.c +++ b/src/hsm/cmd_cipher_sym.c @@ -77,11 +77,19 @@ static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, return 0; } - if ((ret = mbedtls_asn1_get_int(&p, end, (int *)keylen)) != 0) { + int keylen_i = 0; + if ((ret = mbedtls_asn1_get_int(&p, end, &keylen_i)) != 0) { if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); } } + else if (keylen_i < 0 || keylen_i > UINT16_MAX) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } + else { + *keylen = (uint16_t) keylen_i; + } if (p == end) { return 0; @@ -104,13 +112,13 @@ static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, } /* Taken from https://github.com/Mbed-TLS/mbedtls/issues/2335 */ -int mbedtls_ansi_x963_kdf(mbedtls_md_type_t md_type, - uint16_t input_len, - uint8_t *input, - uint16_t shared_info_len, - uint8_t *shared_info, - uint16_t output_len, - uint8_t *output) { +static int mbedtls_ansi_x963_kdf(mbedtls_md_type_t md_type, + uint16_t input_len, + uint8_t *input, + uint16_t shared_info_len, + uint8_t *shared_info, + uint16_t output_len, + uint8_t *output) { mbedtls_md_context_t md_ctx; const mbedtls_md_info_t *md_info = NULL; int hashlen = 0, exit_code = MBEDTLS_ERR_MD_BAD_INPUT_DATA; @@ -128,7 +136,7 @@ int mbedtls_ansi_x963_kdf(mbedtls_md_type_t md_type, return exit_code; } - if (input_len + shared_info_len + 4 >= (1ULL << 61) - 1) { + if ((uint64_t) input_len + (uint64_t) shared_info_len + 4ULL >= (1ULL << 61) - 1) { return exit_code; } @@ -158,7 +166,7 @@ int mbedtls_ansi_x963_kdf(mbedtls_md_type_t md_type, return 0; } -int cmd_cipher_sym() { +int cmd_cipher_sym(void) { uint8_t key_id = P1(apdu), algo = P2(apdu); if (!isUserAuthenticated) { return SW_SECURITY_STATUS_NOT_SATISFIED(); diff --git a/src/hsm/cmd_decrypt_asym.c b/src/hsm/cmd_decrypt_asym.c index e5bbfcc..2d8f28b 100644 --- a/src/hsm/cmd_decrypt_asym.c +++ b/src/hsm/cmd_decrypt_asym.c @@ -25,7 +25,7 @@ #include "random.h" #include "oid.h" -int cmd_decrypt_asym() { +int cmd_decrypt_asym(void) { uint8_t key_id = P1(apdu); uint8_t p2 = P2(apdu); if (!isUserAuthenticated) { diff --git a/src/hsm/cmd_delete_file.c b/src/hsm/cmd_delete_file.c index 1b4a03b..635435a 100644 --- a/src/hsm/cmd_delete_file.c +++ b/src/hsm/cmd_delete_file.c @@ -17,7 +17,7 @@ #include "sc_hsm.h" -int cmd_delete_file() { +int cmd_delete_file(void) { file_t *ef = NULL; if (!isUserAuthenticated) { return SW_SECURITY_STATUS_NOT_SATISFIED(); diff --git a/src/hsm/cmd_derive_asym.c b/src/hsm/cmd_derive_asym.c index 6dcf60c..3da3914 100644 --- a/src/hsm/cmd_derive_asym.c +++ b/src/hsm/cmd_derive_asym.c @@ -35,7 +35,7 @@ cleanup: return ret; } -int cmd_derive_asym() { +int cmd_derive_asym(void) { uint8_t key_id = P1(apdu); uint8_t dest_id = P2(apdu); file_t *fkey; diff --git a/src/hsm/cmd_external_authenticate.c b/src/hsm/cmd_external_authenticate.c index 2068f99..2b0f2e5 100644 --- a/src/hsm/cmd_external_authenticate.c +++ b/src/hsm/cmd_external_authenticate.c @@ -24,7 +24,7 @@ extern file_t *ef_puk_aut; extern uint8_t challenge[256]; extern uint8_t challenge_len; -int cmd_external_authenticate() { +int cmd_external_authenticate(void) { if (P1(apdu) != 0x0 || P2(apdu) != 0x0) { return SW_INCORRECT_P1P2(); } diff --git a/src/hsm/cmd_extras.c b/src/hsm/cmd_extras.c index 869eca8..1aa1608 100644 --- a/src/hsm/cmd_extras.c +++ b/src/hsm/cmd_extras.c @@ -45,7 +45,7 @@ #define CMD_OTP 0x4C #define CMD_MEMORY 0x5 -int cmd_extras() { +int cmd_extras(void) { int cmd = P1(apdu); #ifndef ENABLE_EMULATION // Only allow change PHY without PIN @@ -172,7 +172,7 @@ int cmd_extras() { if ((P2(apdu) == SECURE_LOCK_ENABLE && !(opts & HSM_OPT_SECURE_LOCK)) || (P2(apdu) == SECURE_LOCK_DISABLE && (opts & HSM_OPT_SECURE_LOCK))) { uint16_t tfids[] = { EF_MKEK, EF_MKEK_SO }; - for (int t = 0; t < sizeof(tfids) / sizeof(uint16_t); t++) { + for (size_t t = 0; t < sizeof(tfids) / sizeof(uint16_t); t++) { file_t *tf = search_file(tfids[t]); if (tf) { uint8_t *tmp = (uint8_t *) calloc(1, file_get_size(tf)); @@ -241,7 +241,7 @@ int cmd_extras() { } } #endif -#if PICO_RP2350 +#if defined(PICO_RP2350) && PICO_RP2350 else if (cmd == CMD_OTP) { if (apdu.nc < 2) { return SW_WRONG_LENGTH(); diff --git a/src/hsm/cmd_general_authenticate.c b/src/hsm/cmd_general_authenticate.c index a9be579..514e30a 100644 --- a/src/hsm/cmd_general_authenticate.c +++ b/src/hsm/cmd_general_authenticate.c @@ -24,7 +24,7 @@ #include "files.h" #include "otp.h" -int cmd_general_authenticate() { +int cmd_general_authenticate(void) { if (P1(apdu) == 0x0 && P2(apdu) == 0x0) { if (apdu.data[0] == 0x7C) { int r = 0; diff --git a/src/hsm/cmd_initialize.c b/src/hsm/cmd_initialize.c index 8425c13..092908e 100644 --- a/src/hsm/cmd_initialize.c +++ b/src/hsm/cmd_initialize.c @@ -25,10 +25,8 @@ #include "cvc.h" #include "otp.h" -extern void scan_all(); - extern char __StackLimit; -int heapLeft() { +static int heapLeft(void) { #if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM) char *p = malloc(256); // try to avoid undue fragmentation int left = &__StackLimit - p; @@ -39,8 +37,7 @@ int heapLeft() { return left; } -extern void reset_puk_store(); -int cmd_initialize() { +int cmd_initialize(void) { if (apdu.nc > 0) { uint8_t mkek[MKEK_SIZE]; uint16_t opts = get_device_options(); diff --git a/src/hsm/cmd_key_domain.c b/src/hsm/cmd_key_domain.c index 0f899cd..0f2d213 100644 --- a/src/hsm/cmd_key_domain.c +++ b/src/hsm/cmd_key_domain.c @@ -33,7 +33,7 @@ uint8_t get_key_domain(file_t *fkey) { return 0x0; } -int cmd_key_domain() { +int cmd_key_domain(void) { //if (dkeks == 0) // return SW_COMMAND_NOT_ALLOWED(); uint8_t p1 = P1(apdu), p2 = P2(apdu); diff --git a/src/hsm/cmd_key_gen.c b/src/hsm/cmd_key_gen.c index 7d4f1d8..325d21a 100644 --- a/src/hsm/cmd_key_gen.c +++ b/src/hsm/cmd_key_gen.c @@ -19,7 +19,7 @@ #include "sc_hsm.h" #include "random.h" -int cmd_key_gen() { +int cmd_key_gen(void) { uint8_t key_id = P1(apdu); uint8_t p2 = P2(apdu); uint8_t key_size = 32; diff --git a/src/hsm/cmd_key_unwrap.c b/src/hsm/cmd_key_unwrap.c index 9a40459..241ea6a 100644 --- a/src/hsm/cmd_key_unwrap.c +++ b/src/hsm/cmd_key_unwrap.c @@ -20,7 +20,7 @@ #include "kek.h" #include "cvc.h" -int cmd_key_unwrap() { +int cmd_key_unwrap(void) { uint8_t key_id = P1(apdu); int r = 0; if (P2(apdu) != 0x93) { diff --git a/src/hsm/cmd_key_wrap.c b/src/hsm/cmd_key_wrap.c index 124ebbc..34c9998 100644 --- a/src/hsm/cmd_key_wrap.c +++ b/src/hsm/cmd_key_wrap.c @@ -21,9 +21,7 @@ #include "kek.h" #include "files.h" -extern uint8_t get_key_domain(file_t *fkey); - -int cmd_key_wrap() { +int cmd_key_wrap(void) { int r = 0; uint8_t key_id = P1(apdu); if (P2(apdu) != 0x92) { diff --git a/src/hsm/cmd_keypair_gen.c b/src/hsm/cmd_keypair_gen.c index 411736c..50996da 100644 --- a/src/hsm/cmd_keypair_gen.c +++ b/src/hsm/cmd_keypair_gen.c @@ -24,7 +24,7 @@ #include "random.h" #include "kek.h" -int cmd_keypair_gen() { +int cmd_keypair_gen(void) { uint8_t key_id = P1(apdu); if (!isUserAuthenticated) { return SW_SECURITY_STATUS_NOT_SATISFIED(); diff --git a/src/hsm/cmd_list_keys.c b/src/hsm/cmd_list_keys.c index e1e82cd..a7fc02a 100644 --- a/src/hsm/cmd_list_keys.c +++ b/src/hsm/cmd_list_keys.c @@ -18,7 +18,7 @@ #include "sc_hsm.h" #include "files.h" -int cmd_list_keys() { +int cmd_list_keys(void) { /* First we send DEV private key */ /* Both below conditions should be always TRUE */ if (search_file(EF_PRKD_DEV)) { diff --git a/src/hsm/cmd_mse.c b/src/hsm/cmd_mse.c index 1815181..bbaf6aa 100644 --- a/src/hsm/cmd_mse.c +++ b/src/hsm/cmd_mse.c @@ -24,7 +24,7 @@ file_t *ef_puk_aut = NULL; -int cmd_mse() { +int cmd_mse(void) { int p1 = P1(apdu); int p2 = P2(apdu); if (p2 != 0xA4 && p2 != 0xA6 && p2 != 0xAA && p2 != 0xB4 && p2 != 0xB6 && p2 != 0xB8) { diff --git a/src/hsm/cmd_pso.c b/src/hsm/cmd_pso.c index 00baf17..822c19a 100644 --- a/src/hsm/cmd_pso.c +++ b/src/hsm/cmd_pso.c @@ -20,10 +20,9 @@ #include "asn1.h" #include "cvc.h" -extern int add_cert_puk_store(const uint8_t *data, uint16_t data_len, bool copy); extern PUK *current_puk; -int cmd_pso() { +int cmd_pso(void) { uint8_t p1 = P1(apdu), p2 = P2(apdu); if (p1 == 0x0 && (p2 == 0x92 || p2 == 0xAE || p2 == 0xBE)) { /* Verify certificate */ if (apdu.nc == 0) { diff --git a/src/hsm/cmd_puk_auth.c b/src/hsm/cmd_puk_auth.c index 5447a64..094ee4c 100644 --- a/src/hsm/cmd_puk_auth.c +++ b/src/hsm/cmd_puk_auth.c @@ -19,7 +19,7 @@ #include "files.h" #include "cvc.h" -int cmd_puk_auth() { +int cmd_puk_auth(void) { uint8_t p1 = P1(apdu), p2 = P2(apdu); file_t *ef_puk = search_file(EF_PUKAUT); if (!file_has_data(ef_puk)) { diff --git a/src/hsm/cmd_read_binary.c b/src/hsm/cmd_read_binary.c index aba9c84..a5bca1c 100644 --- a/src/hsm/cmd_read_binary.c +++ b/src/hsm/cmd_read_binary.c @@ -17,7 +17,9 @@ #include "sc_hsm.h" -int cmd_read_binary() { +typedef int (*file_data_handler_t)(const file_t *f, int mode); + +int cmd_read_binary(void) { uint16_t offset = 0; uint8_t ins = INS(apdu), p1 = P1(apdu), p2 = P2(apdu); const file_t *ef = NULL; @@ -65,7 +67,11 @@ int cmd_read_binary() { } if (ef->data) { if ((ef->type & FILE_DATA_FUNC) == FILE_DATA_FUNC) { - uint16_t data_len = (uint16_t)((int (*)(const file_t *, int))(ef->data))((const file_t *) ef, 1); //already copies content to res_APDU + union { + uint8_t *data; + file_data_handler_t handler; + } data_func = { .data = ef->data }; + uint16_t data_len = (uint16_t)data_func.handler((const file_t *) ef, 1); //already copies content to res_APDU if (offset > data_len) { return SW_WRONG_P1P2(); } diff --git a/src/hsm/cmd_reset_retry.c b/src/hsm/cmd_reset_retry.c index 597e7b8..b2b129e 100644 --- a/src/hsm/cmd_reset_retry.c +++ b/src/hsm/cmd_reset_retry.c @@ -19,7 +19,7 @@ #include "sc_hsm.h" #include "kek.h" -int cmd_reset_retry() { +int cmd_reset_retry(void) { if (P2(apdu) != 0x81) { return SW_REFERENCE_NOT_FOUND(); } diff --git a/src/hsm/cmd_select.c b/src/hsm/cmd_select.c index 70677cb..9961e68 100644 --- a/src/hsm/cmd_select.c +++ b/src/hsm/cmd_select.c @@ -36,7 +36,7 @@ void select_file(file_t *pe) { } } -int cmd_select() { +int cmd_select(void) { uint8_t p1 = P1(apdu); uint8_t p2 = P2(apdu); file_t *pe = NULL; diff --git a/src/hsm/cmd_session_pin.c b/src/hsm/cmd_session_pin.c index 217cfa8..ae1098d 100644 --- a/src/hsm/cmd_session_pin.c +++ b/src/hsm/cmd_session_pin.c @@ -19,7 +19,7 @@ #include "random.h" #include "eac.h" -int cmd_session_pin() { +int cmd_session_pin(void) { if (P1(apdu) == 0x01 && P2(apdu) == 0x81) { memcpy(sm_session_pin, random_bytes_get(8), 8); sm_session_pin_len = 8; diff --git a/src/hsm/cmd_signature.c b/src/hsm/cmd_signature.c index 7169ee0..84fcced 100644 --- a/src/hsm/cmd_signature.c +++ b/src/hsm/cmd_signature.c @@ -72,11 +72,11 @@ static const struct digest_info_prefix { { MBEDTLS_MD_RIPEMD160, hdr_ripemd160, sizeof(hdr_ripemd160), 20 }, { 0, NULL, 0, 0 } }; -int pkcs1_strip_digest_info_prefix(mbedtls_md_type_t *algorithm, - const uint8_t *in_dat, - uint16_t in_len, - uint8_t *out_dat, - uint16_t *out_len) { +static int pkcs1_strip_digest_info_prefix(mbedtls_md_type_t *algorithm, + const uint8_t *in_dat, + uint16_t in_len, + uint8_t *out_dat, + uint16_t *out_len) { for (int i = 0; digest_info_prefix[i].algorithm != 0; i++) { uint16_t hdr_len = digest_info_prefix[i].hdr_len, hash_len = digest_info_prefix[i].hash_len; const uint8_t *hdr = digest_info_prefix[i].hdr; @@ -99,7 +99,7 @@ int pkcs1_strip_digest_info_prefix(mbedtls_md_type_t *algorithm, } //----- -int cmd_signature() { +int cmd_signature(void) { uint8_t key_id = P1(apdu); uint8_t p2 = P2(apdu); mbedtls_md_type_t md = MBEDTLS_MD_NONE; diff --git a/src/hsm/cmd_update_ef.c b/src/hsm/cmd_update_ef.c index 1134666..957f8ed 100644 --- a/src/hsm/cmd_update_ef.c +++ b/src/hsm/cmd_update_ef.c @@ -18,9 +18,7 @@ #include "sc_hsm.h" #include "asn1.h" -extern void select_file(file_t *pe); - -int cmd_update_ef() { +int cmd_update_ef(void) { uint8_t p1 = P1(apdu), p2 = P2(apdu); uint16_t fid = (p1 << 8) | p2; uint8_t *data = NULL; diff --git a/src/hsm/cmd_verify.c b/src/hsm/cmd_verify.c index 32d8f79..1d4dcff 100644 --- a/src/hsm/cmd_verify.c +++ b/src/hsm/cmd_verify.c @@ -17,7 +17,7 @@ #include "sc_hsm.h" -int cmd_verify() { +int cmd_verify(void) { uint8_t p1 = P1(apdu); uint8_t p2 = P2(apdu); diff --git a/src/hsm/cvc.c b/src/hsm/cvc.c index f7e0e97..6b20fa1 100644 --- a/src/hsm/cvc.c +++ b/src/hsm/cvc.c @@ -30,10 +30,7 @@ #include "mbedtls/eddsa.h" #endif -extern const uint8_t *dev_name; -extern uint16_t dev_name_len; - -uint16_t asn1_cvc_public_key_rsa(mbedtls_rsa_context *rsa, uint8_t *buf, uint16_t buf_len) { +static uint16_t asn1_cvc_public_key_rsa(mbedtls_rsa_context *rsa, uint8_t *buf, uint16_t buf_len) { const uint8_t oid_rsa[] = { 0x04, 0x00, 0x7F, 0x00, 0x07, 0x02, 0x02, 0x02, 0x01, 0x02 }; uint16_t n_size = (uint16_t)mbedtls_mpi_size(&rsa->N), e_size = (uint16_t)mbedtls_mpi_size(&rsa->E); uint16_t ntot_size = asn1_len_tag(0x81, n_size), etot_size = asn1_len_tag(0x82, e_size); @@ -74,7 +71,7 @@ const uint8_t *pointA[] = { "\x01\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFC", }; -uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecp_keypair *ecdsa, uint8_t *buf, uint16_t buf_len) { +static uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecp_keypair *ecdsa, uint8_t *buf, uint16_t buf_len) { uint8_t Y_buf[MBEDTLS_ECP_MAX_PT_LEN], G_buf[MBEDTLS_ECP_MAX_PT_LEN]; const uint8_t oid_ecdsa[] = { 0x04, 0x00, 0x7F, 0x00, 0x07, 0x02, 0x02, 0x02, 0x02, 0x03 }; const uint8_t oid_ri[] = { 0x04, 0x00, 0x7F, 0x00, 0x07, 0x02, 0x02, 0x05, 0x02, 0x03 }; @@ -167,13 +164,13 @@ uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecp_keypair *ecdsa, uint8_t *buf, uin return tot_len; } -uint16_t asn1_cvc_cert_body(void *rsa_ecdsa, - uint8_t key_type, - uint8_t *buf, - uint16_t buf_len, - const uint8_t *ext, - uint16_t ext_len, - bool full) { +static uint16_t asn1_cvc_cert_body(void *rsa_ecdsa, + uint8_t key_type, + uint8_t *buf, + uint16_t buf_len, + const uint8_t *ext, + uint16_t ext_len, + bool full) { uint16_t pubkey_size = 0; if (key_type & PICO_KEYS_KEY_RSA) { pubkey_size = asn1_cvc_public_key_rsa(rsa_ecdsa, NULL, 0); @@ -611,7 +608,7 @@ const uint8_t *cvc_get_field(const uint8_t *data, uint16_t len, uint16_t *olen, return ctxo.data; } -const uint8_t *cvc_get_body(const uint8_t *data, uint16_t len, uint16_t *olen) { +static const uint8_t *cvc_get_body(const uint8_t *data, uint16_t len, uint16_t *olen) { const uint8_t *bkdata = data; if ((data = cvc_get_field(data, len, olen, 0x67)) == NULL) { /* Check for CSR */ data = bkdata; @@ -622,7 +619,7 @@ const uint8_t *cvc_get_body(const uint8_t *data, uint16_t len, uint16_t *olen) { return NULL; } -const uint8_t *cvc_get_sig(const uint8_t *data, uint16_t len, uint16_t *olen) { +static const uint8_t *cvc_get_sig(const uint8_t *data, uint16_t len, uint16_t *olen) { const uint8_t *bkdata = data; if ((data = cvc_get_field(data, len, olen, 0x67)) == NULL) { /* Check for CSR */ data = bkdata; @@ -664,7 +661,7 @@ const uint8_t *cvc_get_ext(const uint8_t *data, uint16_t len, uint16_t *olen) { extern PUK puk_store[MAX_PUK_STORE_ENTRIES]; extern int puk_store_entries; -int puk_store_index(const uint8_t *chr, uint16_t chr_len) { +static int puk_store_index(const uint8_t *chr, uint16_t chr_len) { for (int i = 0; i < puk_store_entries; i++) { if (memcmp(puk_store[i].chr, chr, chr_len) == 0) { return i; diff --git a/src/hsm/files.h b/src/hsm/files.h index 86d684d..983b09e 100644 --- a/src/hsm/files.h +++ b/src/hsm/files.h @@ -51,9 +51,4 @@ #define EF_TOKENINFO 0x2F03 #define EF_STATICTOKEN 0xCB00 -extern file_t *file_pin1; -extern file_t *file_retries_pin1; -extern file_t *file_sopin; -extern file_t *file_retries_sopin; - #endif diff --git a/src/hsm/kek.c b/src/hsm/kek.c index 815b578..dc2d7b9 100644 --- a/src/hsm/kek.c +++ b/src/hsm/kek.c @@ -31,13 +31,11 @@ #include "files.h" #include "otp.h" -extern bool has_session_pin, has_session_sopin; -extern uint8_t session_pin[32], session_sopin[32]; uint8_t mkek_mask[MKEK_KEY_SIZE]; bool has_mkek_mask = false; uint8_t pending_save_dkek = 0xff; -void mkek_masked(uint8_t *mkek, const uint8_t *mask) { +static void mkek_masked(uint8_t *mkek, const uint8_t *mask) { if (mask) { for (int i = 0; i < MKEK_KEY_SIZE; i++) { MKEK_KEY(mkek)[i] ^= mask[i]; @@ -76,7 +74,9 @@ int load_mkek(uint8_t *mkek) { if (ret != 0) { return PICOKEY_EXEC_ERROR; } - if (crc32c(MKEK_KEY(mkek), MKEK_KEY_SIZE) != *(uint32_t *) MKEK_CHECKSUM(mkek)) { + uint32_t mkek_checksum = 0; + memcpy(&mkek_checksum, MKEK_CHECKSUM(mkek), sizeof(mkek_checksum)); + if (crc32c(MKEK_KEY(mkek), MKEK_KEY_SIZE) != mkek_checksum) { return PICOKEY_WRONG_DKEK; } if (otp_key_1) { @@ -96,7 +96,7 @@ int mse_decrypt_ct(uint8_t *data, size_t len) { return ret; } -int load_dkek(uint8_t id, uint8_t *dkek) { +static int load_dkek(uint8_t id, uint8_t *dkek) { file_t *tf = search_file(EF_DKEK + id); if (!file_has_data(tf)) { return PICOKEY_ERR_FILE_NOT_FOUND; @@ -124,7 +124,8 @@ int store_mkek(const uint8_t *mkek) { if (otp_key_1) { mkek_masked(tmp_mkek, otp_key_1); } - *(uint32_t *) MKEK_CHECKSUM(tmp_mkek) = crc32c(MKEK_KEY(tmp_mkek), MKEK_KEY_SIZE); + uint32_t mkek_checksum = crc32c(MKEK_KEY(tmp_mkek), MKEK_KEY_SIZE); + memcpy(MKEK_CHECKSUM(tmp_mkek), &mkek_checksum, sizeof(mkek_checksum)); if (has_session_pin) { uint8_t tmp_mkek_pin[MKEK_SIZE]; memcpy(tmp_mkek_pin, tmp_mkek, MKEK_SIZE); @@ -217,7 +218,7 @@ int dkek_kcv(uint8_t id, uint8_t *kcv) { //kcv 8 bytes return PICOKEY_OK; } -int dkek_kenc(uint8_t id, uint8_t *kenc) { //kenc 32 bytes +static int dkek_kenc(uint8_t id, uint8_t *kenc) { //kenc 32 bytes uint8_t dkek[DKEK_KEY_SIZE + 4]; memset(kenc, 0, 32); int r = load_dkek(id, dkek); @@ -230,7 +231,7 @@ int dkek_kenc(uint8_t id, uint8_t *kenc) { //kenc 32 bytes return PICOKEY_OK; } -int dkek_kmac(uint8_t id, uint8_t *kmac) { //kmac 32 bytes +static int dkek_kmac(uint8_t id, uint8_t *kmac) { //kmac 32 bytes uint8_t dkek[DKEK_KEY_SIZE + 4]; memset(kmac, 0, 32); int r = load_dkek(id, dkek); diff --git a/src/hsm/kek.h b/src/hsm/kek.h index d364ff9..0293f16 100644 --- a/src/hsm/kek.h +++ b/src/hsm/kek.h @@ -28,7 +28,7 @@ extern int load_mkek(uint8_t *); extern int store_mkek(const uint8_t *); extern int save_dkek_key(uint8_t, const uint8_t *key); extern int store_dkek_key(uint8_t, uint8_t *); -extern void init_mkek(); +extern void init_mkek(void); extern void release_mkek(uint8_t *); extern int import_dkek_share(uint8_t, const uint8_t *share); extern int dkek_kcv(uint8_t, uint8_t *kcv); diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c index 59d453e..e729c9d 100644 --- a/src/hsm/sc_hsm.c +++ b/src/hsm/sc_hsm.c @@ -48,44 +48,14 @@ uint8_t PICO_PRODUCT = 1; uint8_t PICO_VERSION_MAJOR = HSM_VERSION_MAJOR; uint8_t PICO_VERSION_MINOR = HSM_VERSION_MINOR; -static int sc_hsm_process_apdu(); +static int sc_hsm_process_apdu(void); -static void init_sc_hsm(); -static int sc_hsm_unload(); - -extern int cmd_select(); -extern void select_file(file_t *pe); -extern int cmd_list_keys(); - -extern int cmd_read_binary(); -extern int cmd_verify(); -extern int cmd_reset_retry(); -extern int cmd_challenge(); -extern int cmd_external_authenticate(); -extern int cmd_mse(); -extern int cmd_initialize(); -extern int cmd_key_domain(); -extern int cmd_key_wrap(); -extern int cmd_keypair_gen(); -extern int cmd_update_ef(); -extern int cmd_delete_file(); -extern int cmd_change_pin(); -extern int cmd_key_gen(); -extern int cmd_signature(); -extern int cmd_key_unwrap(); -extern int cmd_decrypt_asym(); -extern int cmd_cipher_sym(); -extern int cmd_derive_asym(); -extern int cmd_extras(); -extern int cmd_general_authenticate(); -extern int cmd_session_pin(); -extern int cmd_puk_auth(); -extern int cmd_pso(); -extern int cmd_bip_slip(); +static void init_sc_hsm(void); +static int sc_hsm_unload(void); extern const uint8_t *ccid_atr; -int sc_hsm_select_aid(app_t *a, uint8_t force) { +static int sc_hsm_select_aid(app_t *a, uint8_t force) { (void) force; a->process_apdu = sc_hsm_process_apdu; a->unload = sc_hsm_unload; @@ -99,7 +69,7 @@ INITIALIZER( sc_hsm_ctor ) { register_app(sc_hsm_select_aid, sc_hsm_aid); } -void scan_files() { +static void scan_files(void) { file_pin1 = search_file(EF_PIN1); if (file_pin1) { if (!file_pin1->data) { @@ -171,7 +141,7 @@ void scan_files() { low_flash_available(); } -void scan_all() { +void scan_all(void) { scan_flash(); scan_files(); } @@ -223,7 +193,7 @@ int puk_store_select_chr(const uint8_t *chr) { return PICOKEY_ERR_FILE_NOT_FOUND; } -void reset_puk_store() { +void reset_puk_store(void) { if (puk_store_entries > 0) { /* From previous session */ for (int i = 0; i < puk_store_entries; i++) { if (puk_store[i].copied == true) { @@ -254,7 +224,7 @@ void reset_puk_store() { memset(puk_status, 0, sizeof(puk_status)); } -void init_sc_hsm() { +void init_sc_hsm(void) { scan_all(); has_session_pin = has_session_sopin = false; isUserAuthenticated = false; @@ -262,14 +232,14 @@ void init_sc_hsm() { reset_puk_store(); } -int sc_hsm_unload() { +int sc_hsm_unload(void) { has_session_pin = has_session_sopin = false; isUserAuthenticated = false; sm_session_pin_len = 0; return PICOKEY_OK; } -uint16_t get_device_options() { +uint16_t get_device_options(void) { file_t *ef = search_file(EF_DEVOPS); if (file_has_data(ef)) { return get_uint16_t_be(file_get_data(ef)); @@ -277,7 +247,7 @@ uint16_t get_device_options() { return 0x0; } -bool wait_button_pressed() { +bool wait_button_pressed(void) { uint32_t val = EV_PRESS_BUTTON; #ifndef ENABLE_EMULATION uint16_t opts = get_device_options(); @@ -294,11 +264,11 @@ bool wait_button_pressed() { int parse_token_info(const file_t *f, int mode) { (void)f; #ifdef __FOR_CI - char *label = "SmartCard-HSM"; + const char *label = "SmartCard-HSM"; #else - char *label = "Pico-HSM"; + const char *label = "Pico-HSM"; #endif - char *manu = "Pol Henarejos"; + const char *manu = "Pol Henarejos"; if (mode == 1) { uint8_t *p = res_APDU; *p++ = 0x30; @@ -321,9 +291,9 @@ int parse_token_info(const file_t *f, int mode) { int parse_ef_dir(const file_t *f, int mode) { (void)f; #ifdef __FOR_CI - char *label = "SmartCard-HSM"; + const char *label = "SmartCard-HSM"; #else - char *label = "Pico-HSM"; + const char *label = "Pico-HSM"; #endif if (mode == 1) { uint8_t *p = res_APDU; @@ -380,7 +350,7 @@ int pin_wrong_retry(const file_t *pin) { return PICOKEY_ERR_BLOCKED; } -bool pka_enabled() { +bool pka_enabled(void) { file_t *ef_puk = search_file(EF_PUKAUT); return file_has_data(ef_puk) && file_read_uint8(ef_puk) > 0; } @@ -763,7 +733,7 @@ static const cmd_t cmds[] = { { 0x00, 0x0 } }; -int sc_hsm_process_apdu() { +int sc_hsm_process_apdu(void) { uint32_t ne = apdu.ne; int r = sm_unwrap(); if (r != PICOKEY_OK) { diff --git a/src/hsm/sc_hsm.h b/src/hsm/sc_hsm.h index f2dbba0..952c1a1 100644 --- a/src/hsm/sc_hsm.h +++ b/src/hsm/sc_hsm.h @@ -108,27 +108,60 @@ extern const uint8_t sc_hsm_aid[]; extern int pin_reset_retries(const file_t *pin, bool); extern int pin_wrong_retry(const file_t *pin); +extern void select_file(file_t *pe); extern void hash(const uint8_t *input, uint16_t len, uint8_t output[32]); -extern uint16_t get_device_options(); +extern int add_cert_puk_store(const uint8_t *data, uint16_t data_len, bool copy); +extern int parse_token_info(const file_t *f, int mode); +extern int parse_ef_dir(const file_t *f, int mode); +extern void scan_all(void); +extern void reset_puk_store(void); +extern uint16_t get_device_options(void); extern bool has_session_pin, has_session_sopin; extern uint8_t session_pin[32], session_sopin[32]; extern uint16_t check_pin(const file_t *pin, const uint8_t *data, uint16_t len); -extern bool pka_enabled(); +extern bool pka_enabled(void); extern const uint8_t *dev_name; extern uint16_t dev_name_len; extern uint8_t puk_status[MAX_PUK]; extern int puk_store_select_chr(const uint8_t *chr); -extern int delete_file(file_t *ef); extern const uint8_t *get_meta_tag(file_t *ef, uint16_t meta_tag, uint16_t *tag_len); extern bool key_has_purpose(file_t *ef, uint8_t purpose); extern int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey); extern int load_private_key_ec(mbedtls_ecp_keypair *ctx, file_t *fkey); extern int load_private_key_ecdh(mbedtls_ecp_keypair *ctx, file_t *fkey); -extern bool wait_button_pressed(); +extern bool wait_button_pressed(void); extern int store_keys(void *key_ctx, int type, uint8_t key_id); extern int find_and_store_meta_key(uint8_t key_id); extern uint32_t get_key_counter(file_t *fkey); extern uint32_t decrement_key_counter(file_t *fkey); +extern int cmd_select(void); +extern int cmd_list_keys(void); +extern int cmd_read_binary(void); +extern int cmd_verify(void); +extern int cmd_reset_retry(void); +extern int cmd_challenge(void); +extern int cmd_external_authenticate(void); +extern int cmd_mse(void); +extern int cmd_initialize(void); +extern int cmd_key_domain(void); +extern int cmd_key_wrap(void); +extern int cmd_keypair_gen(void); +extern int cmd_update_ef(void); +extern int cmd_delete_file(void); +extern int cmd_change_pin(void); +extern int cmd_key_gen(void); +extern int cmd_signature(void); +extern int cmd_key_unwrap(void); +extern int cmd_decrypt_asym(void); +extern int cmd_cipher_sym(void); +extern int cmd_derive_asym(void); +extern int cmd_extras(void); +extern int cmd_general_authenticate(void); +extern int cmd_session_pin(void); +extern int cmd_puk_auth(void); +extern int cmd_pso(void); +extern int cmd_bip_slip(void); +extern uint8_t get_key_domain(file_t *fkey); #endif