mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 01:18:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Removing trailing spaces.

Browse source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-08-19 01:44:27 +02:00
parent 1f2ccd8c1c
commit aebb68724a
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
52 changed files with 583 additions and 568 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
CMakeLists.txt
View file

@ -1,17 +1,17 @@
# #
# This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). # This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
# Copyright (c) 2022 Pol Henarejos. # Copyright (c) 2022 Pol Henarejos.
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3. # the Free Software Foundation, version 3.
# #
# This program is distributed in the hope that it will be useful, but # This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of # WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details. # General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
@ -88,7 +88,7 @@ target_sources(pico_hsm PUBLIC
${CMAKE_CURRENT_LIST_DIR}/src/hsm/files.c ${CMAKE_CURRENT_LIST_DIR}/src/hsm/files.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/kek.c ${CMAKE_CURRENT_LIST_DIR}/src/hsm/kek.c
${CMAKE_CURRENT_LIST_DIR}/src/hsm/oid.c ${CMAKE_CURRENT_LIST_DIR}/src/hsm/oid.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c
${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c

14
README.md
View file

@ -86,7 +86,7 @@ This feature protects the user from unwanted uses from background applications t
It allows the storage of arbitrary files with binary data. It allows the storage of arbitrary files with binary data.
### Real time clock (RTC) ### Real time clock (RTC)
Pico HSM has a RTC with external datetime setting and getting. Pico HSM has a RTC with external datetime setting and getting.
### Secure Messaging (secure channel) ### Secure Messaging (secure channel)
Pico HSM supports secure channel, where the data packets between the host and device are encrypted to avoid man-in-the-middle attacks. Pico HSM supports secure channel, where the data packets between the host and device are encrypted to avoid man-in-the-middle attacks.
@ -98,7 +98,7 @@ A specific session PIN can be set during the session opening to avoid the system
Secure channel messages are secured with a certificate issued by an external PKI. Secure channel messages are secured with a certificate issued by an external PKI.
### Multiple key domains ### Multiple key domains
Key domains are domains to store separate private/secret keys. Each domain is protected by a DKEK, independent from the other domains. Private/secret keys can be generated in different key domains to be used with separated DKEK. Key domains are domains to store separate private/secret keys. Each domain is protected by a DKEK, independent from the other domains. Private/secret keys can be generated in different key domains to be used with separated DKEK.
Therefore, a single device may contain different domains with independent keys. Therefore, a single device may contain different domains with independent keys.
### Key usage counter ### Key usage counter
@ -113,17 +113,17 @@ In PKA, the PIN is used for protecting the DKEK, as classic method with only PIN
[^1]: PKCS11 modules (`pkcs11-tool` and `sc-tool`) do not support CMAC and key derivation. It must be processed through raw APDU command (`opensc-tool -s`). [^1]: PKCS11 modules (`pkcs11-tool` and `sc-tool`) do not support CMAC and key derivation. It must be processed through raw APDU command (`opensc-tool -s`).
[^2]: Available via SCS3 tool. See [SCS3](/doc/scs3.md "SCS3") for more information. [^2]: Available via SCS3 tool. See [SCS3](/doc/scs3.md "SCS3") for more information.
[^3]: Imports are available only if the Pico HSM is previously initialized with a DKEK and the DKEK shares are available during the import process. [^3]: Imports are available only if the Pico HSM is previously initialized with a DKEK and the DKEK shares are available during the import process.
## Security considerations ## Security considerations
All secret keys (asymmetric and symmetric) are stored encrypted in the flash memory of the Raspberry Pico. DKEK is used as a 256 bit AES key to protect private and secret keys. Keys are never stored in RAM except for signature and decryption operations and only during the process. All keys (including DKEK) are loaded and cleared every time to avoid potential security flaws. All secret keys (asymmetric and symmetric) are stored encrypted in the flash memory of the Raspberry Pico. DKEK is used as a 256 bit AES key to protect private and secret keys. Keys are never stored in RAM except for signature and decryption operations and only during the process. All keys (including DKEK) are loaded and cleared every time to avoid potential security flaws.
At the same time, DKEK is encrypted with doubled salted and hashed PIN. Also, the PIN is hashed in memory during the session. Hence, PIN is never stored in plain text neither in flash nor in memory. Note that PIN is conveyed from the host to the HSM in plain text if no secure channel is provided. At the same time, DKEK is encrypted with doubled salted and hashed PIN. Also, the PIN is hashed in memory during the session. Hence, PIN is never stored in plain text neither in flash nor in memory. Note that PIN is conveyed from the host to the HSM in plain text if no secure channel is provided.
If the Pico is stolen the contents of private and secret keys cannot be read without the PIN, even if the flash memory is dumped. If the Pico is stolen the contents of private and secret keys cannot be read without the PIN, even if the flash memory is dumped.
## Download ## Download
Please, go to the Release page and download the UF2 file for your board. Please, go to the Release page and download the UF2 file for your board.
Note that UF2 files are shiped with a dummy VID/PID to avoid license issues (FEFF:FCFD). If you are planning to use it with OpenSC or similar, you should modify Info.plist of CCID driver to add these VID/PID or use the VID/PID patcher as follows: Note that UF2 files are shiped with a dummy VID/PID to avoid license issues (FEFF:FCFD). If you are planning to use it with OpenSC or similar, you should modify Info.plist of CCID driver to add these VID/PID or use the VID/PID patcher as follows:
`./patch_vidpid.sh VID:PID input_hsm_file.uf2 output_hsm_file.uf2` `./patch_vidpid.sh VID:PID input_hsm_file.uf2 output_hsm_file.uf2`
@ -179,7 +179,7 @@ For Public Key Authentication, check [doc/public_key_authentication.md](/doc/pub
## Operation time ## Operation time
### Keypair generation ### Keypair generation
Generating EC keys is almost instant. RSA keypair generation takes some time, specially for `3072` and `4096` bits. Generating EC keys is almost instant. RSA keypair generation takes some time, specially for `3072` and `4096` bits.
| RSA key length (bits) | Average time (seconds) | | RSA key length (bits) | Average time (seconds) |
| :---: | :---: | | :---: | :---: |
@ -227,7 +227,7 @@ While processing, the Pico HSM is busy and cannot receive additional commands un
## Driver ## Driver
Pico HSM uses the `sc-hsm` driver provided by [OpenSC](https://github.com/OpenSC/OpenSC/ "OpenSC") or the `sc-hsm-embedded` driver provided by [CardContact](https://github.com/CardContact/sc-hsm-embedded "CardContact"). This driver utilizes the standardized PKCS#11 interface to communicate with the user and it can be used with many engines that accept PKCS#11 interface, such as OpenSSL, P11 library or pkcs11-tool. Pico HSM uses the `sc-hsm` driver provided by [OpenSC](https://github.com/OpenSC/OpenSC/ "OpenSC") or the `sc-hsm-embedded` driver provided by [CardContact](https://github.com/CardContact/sc-hsm-embedded "CardContact"). This driver utilizes the standardized PKCS#11 interface to communicate with the user and it can be used with many engines that accept PKCS#11 interface, such as OpenSSL, P11 library or pkcs11-tool.
Pico HSM relies on PKCS#15 structure to store and manipulate the internal files (PINs, private keys, certificates, etc.) and directories. Therefore, it accepts the commands from `pkcs15-tool`. For instance, `pkcs15-tool -D` will list all elements stored in the Pico HSM. Pico HSM relies on PKCS#15 structure to store and manipulate the internal files (PINs, private keys, certificates, etc.) and directories. Therefore, it accepts the commands from `pkcs15-tool`. For instance, `pkcs15-tool -D` will list all elements stored in the Pico HSM.

4
build_pico_hsm.sh
View file

@ -46,8 +46,8 @@ for board in adafruit_feather_rp2040 \
wiznet_w5100s_evb_pico wiznet_w5100s_evb_pico
do do
rm -rf * rm -rf *
PICO_SDK_PATH=~/Devel/pico/pico-sdk cmake .. -DPICO_BOARD=$board PICO_SDK_PATH=~/Devel/pico/pico-sdk cmake .. -DPICO_BOARD=$board
make -kj20 make -kj20
mv pico_hsm.uf2 ../release/pico_hsm_$board-$VERSION_MAJOR.$VERSION_MINOR.uf2 mv pico_hsm.uf2 ../release/pico_hsm_$board-$VERSION_MAJOR.$VERSION_MINOR.uf2
done done

67
burn-cvcerts.py
View file

@ -7,29 +7,31 @@ from cvc.asn1 import ASN1
import json import json
import urllib.request import urllib.request
import base64 import base64
from getpass import getpass
from binascii import hexlify from binascii import hexlify
class APDUResponse(Exception): class APDUResponse(Exception):
def __init__(self, sw1, sw2): def __init__(self, sw1, sw2):
self.sw1 = sw1 self.sw1 = sw1
self.sw2 = sw2 self.sw2 = sw2
super().__init__(f'SW:{sw1:02X}{sw2:02X}') super().__init__(f'SW:{sw1:02X}{sw2:02X}')
def send_apdu(card, command, p1, p2, data): def send_apdu(card, command, p1, p2, data):
lc = [0x00] + list(len(data).to_bytes(2,'big')) lc = [0x00] + list(len(data).to_bytes(2, 'big'))
le = [0x00, 0x00] le = [0x00, 0x00]
if (isinstance(command, list) and len(command) > 1): if (isinstance(command, list) and len(command) > 1):
apdu = command apdu = command
else: else:
apdu = [0x00, command] apdu = [0x00, command]
apdu = apdu + [p1, p2] + lc + data + le apdu = apdu + [p1, p2] + lc + data + le
response, sw1, sw2 = card.connection.transmit(apdu) response, sw1, sw2 = card.connection.transmit(apdu)
if (sw1 != 0x90): if (sw1 != 0x90):
raise APDUResponse(sw1,sw2) raise APDUResponse(sw1, sw2)
return response return response
def main(): def main():
print('Pico HSM burning certificates tool v1.0') print('Pico HSM burning certificates tool v1.0')
print('Author: Pol Henarejos') print('Author: Pol Henarejos')
@ -40,7 +42,8 @@ def main():
print('* PLEASE READ IT CAREFULLY *') print('* PLEASE READ IT CAREFULLY *')
print('********************************') print('********************************')
print('') print('')
print('This tool will erase and reset your device. It will delete all private and secret keys.') print('This tool will erase and reset your device. It will delete all '
'private and secret keys.')
print('Are you sure?') print('Are you sure?')
_ = input('[Press enter to confirm]') _ = input('[Press enter to confirm]')
cardtype = AnyCardType() cardtype = AnyCardType()
@ -48,47 +51,59 @@ def main():
# request card insertion # request card insertion
cardrequest = CardRequest(timeout=10, cardType=cardtype) cardrequest = CardRequest(timeout=10, cardType=cardtype)
card = cardrequest.waitforcard() card = cardrequest.waitforcard()
# connect to the card and perform a few transmits # connect to the card and perform a few transmits
card.connection.connect() card.connection.connect()
reset_data = [0x80, 0x02, 0x00, 0x01, 0x81, 0x06, 0x36, 0x34, 0x38, 0x32, 0x31, 0x39, 0x82, 0x08, 0x35, 0x37, 0x36, 0x32, 0x31, 0x38, 0x38, 0x30, 0x91, 0x01, 0x03] reset_data = [0x80, 0x02, 0x00, 0x01, 0x81, 0x06, 0x36, 0x34, 0x38,
0x32, 0x31,
0x39, 0x82, 0x08, 0x35, 0x37, 0x36, 0x32, 0x31, 0x38,
0x38, 0x30, 0x91, 0x01, 0x03]
response = send_apdu(card, [0x80, 0x50], 0x00, 0x00, reset_data) response = send_apdu(card, [0x80, 0x50], 0x00, 0x00, reset_data)
response = send_apdu(card, 0xB1, 0xCE, 0x00, [0x54,0x02,0x00,0x00]) response = send_apdu(card, 0xB1, 0xCE, 0x00, [0x54, 0x02, 0x00, 0x00])
cert = bytearray(response) cert = bytearray(response)
Y = CVC().decode(cert).pubkey().find(0x86).data() Y = CVC().decode(cert).pubkey().find(0x86).data()
print(f'Public Point: {hexlify(Y).decode()}') print(f'Public Point: {hexlify(Y).decode()}')
user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7' user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; '
'rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7'
pbk = base64.urlsafe_b64encode(Y) pbk = base64.urlsafe_b64encode(Y)
data = urllib.parse.urlencode({'pubkey':pbk}).encode() data = urllib.parse.urlencode({'pubkey': pbk}).encode()
req = urllib.request.Request("https://www.henarejos.me/pico-hsm/cvc/", method='POST', data=data, headers={'User-Agent':user_agent,} ) #The assembled request req = urllib.request.Request("https://www.henarejos.me/pico-hsm/cvc/",
method='POST',
data=data,
headers={'User-Agent': user_agent, })
response = urllib.request.urlopen(req) response = urllib.request.urlopen(req)
resp = response.read().decode('utf-8') resp = response.read().decode('utf-8')
j = json.loads(resp) j = json.loads(resp)
print('Device name: '+j['devname']) print('Device name: '+j['devname'])
dataef = base64.urlsafe_b64decode(j['cvcert']) + base64.urlsafe_b64decode(j['dvcert']) dataef = base64.urlsafe_b64decode(
j['cvcert']) + base64.urlsafe_b64decode(j['dvcert'])
response = send_apdu(card, 0xa4, 0x00, 0x00, [0x2f,0x02])
response = send_apdu(card, 0xa4, 0x00, 0x00, [0x2f, 0x02])
pin = b'648219' pin = b'648219'
response = send_apdu(card, 0x20, 0x00, 0x81, list(pin)) response = send_apdu(card, 0x20, 0x00, 0x81, list(pin))
apdu_data = [0x54, 0x02, 0x00, 0x00] + list(ASN1.make_tag(0x53, dataef)) apdu_data = [0x54, 0x02, 0x00, 0x00] + \
list(ASN1.make_tag(0x53, dataef))
response = send_apdu(card, 0xd7, 0x00, 0x00, apdu_data) response = send_apdu(card, 0xd7, 0x00, 0x00, apdu_data)
print('Certificate uploaded successfully!') print('Certificate uploaded successfully!')
print('') print('')
print('Note that the device is initialized with a default PIN and configuration.') print('Note that the device is initialized with a default PIN and '
print('Now you can initialize the device as usual with you chosen PIN and configuration options.') 'configuration.')
print('Now you can initialize the device as usual with you chosen PIN '
'and configuration options.')
except CardRequestTimeoutException: except CardRequestTimeoutException:
print('time-out: no card inserted during last 10s') print('time-out: no card inserted during last 10s')
def run(): def run():
main() main()
if __name__ == "__main__": if __name__ == "__main__":
run() run()

2
doc/aes.md
View file

@ -54,4 +54,4 @@ Using decrypt algorithm AES-CBC
This is a text. This is a text.
``` ```
AES-CBC it is a block operation and it requires an input size multiple of 16 bytes. Thus, for a trivial data, a padding operation has to be performed beforehand. AES-CBC it is a block operation and it requires an input size multiple of 16 bytes. Thus, for a trivial data, a padding operation has to be performed beforehand.

12
doc/asymmetric-ciphering.md
View file

@ -24,12 +24,12 @@ This algorithm uses the PKCSv1.5 padding. It is considered deprecated and insecu
First, we encrypt the data with the public key: First, we encrypt the data with the public key:
``` ```
$ openssl rsautl -encrypt -inkey 1.pub -in data -pubin -out data.crypt $ openssl rsautl -encrypt -inkey 1.pub -in data -pubin -out data.crypt
``` ```
Then, we decrypt with the private key inside the Pico HSM: Then, we decrypt with the private key inside the Pico HSM:
``` ```
$ pkcs11-tool --id 1 --pin 648219 --decrypt --mechanism RSA-PKCS -i data.crypt $ pkcs11-tool --id 1 --pin 648219 --decrypt --mechanism RSA-PKCS -i data.crypt
Using slot 0 with a present token (0x0) Using slot 0 with a present token (0x0)
Using decrypt algorithm RSA-PKCS Using decrypt algorithm RSA-PKCS
@ -54,7 +54,7 @@ $ openssl rsautl -encrypt -inkey 1.pub -in data_pad -pubin -out data.crypt -raw
Then, we decrypt with the private key inside the Pico HSM: Then, we decrypt with the private key inside the Pico HSM:
``` ```
$ cat data.crypt|pkcs11-tool --id 4 --pin 648219 --decrypt --mechanism RSA-X-509 $ cat data.crypt|pkcs11-tool --id 4 --pin 648219 --decrypt --mechanism RSA-X-509
Using slot 0 with a present token (0x0) Using slot 0 with a present token (0x0)
Using decrypt algorithm RSA-X-509 Using decrypt algorithm RSA-X-509
This is a test string. Be safe, be secure. This is a test string. Be safe, be secure.
@ -78,7 +78,7 @@ This is a test string. Be safe, be secure.
``` ```
## ECDH-DERIVE ## ECDH-DERIVE
ECC keys do not allow ciphering operations. Instead, the ECDH scheme provides a mechanism to exchange a shared symmetric key without transmitting it to the remote part. The shared key is composed by multiplying the local private key and the remote public key. ECC keys do not allow ciphering operations. Instead, the ECDH scheme provides a mechanism to exchange a shared symmetric key without transmitting it to the remote part. The shared key is composed by multiplying the local private key and the remote public key.
First, we create the remote part, Bob, by generating an ECC keypair and getting the public key: First, we create the remote part, Bob, by generating an ECC keypair and getting the public key:
``` ```
@ -104,8 +104,8 @@ No output is displayed if both are equal.
You can also view the contents of both keys: You can also view the contents of both keys:
``` ```
$ xxd -p bob-mine.der $ xxd -p bob-mine.der
9874558aefa9d92cc051e5da6d1753987e5314925d6d78bf 9874558aefa9d92cc051e5da6d1753987e5314925d6d78bf
$ xxd -p mine-bob.der $ xxd -p mine-bob.der
9874558aefa9d92cc051e5da6d1753987e5314925d6d78bf 9874558aefa9d92cc051e5da6d1753987e5314925d6d78bf
``` ```

24
doc/backup-and-restore.md
View file

@ -29,15 +29,15 @@ symbols.
Please keep the generated DKEK share file in a safe location. We also recommend to keep a Please keep the generated DKEK share file in a safe location. We also recommend to keep a
paper printout, in case the electronic version becomes unavailable. A printable version paper printout, in case the electronic version becomes unavailable. A printable version
of the file can be generated using "openssl base64 -in <filename>". of the file can be generated using "openssl base64 -in <filename>".
Enter password to encrypt DKEK share : Enter password to encrypt DKEK share :
Please retype password to confirm : Please retype password to confirm :
Enciphering DKEK share, please wait... Enciphering DKEK share, please wait...
DKEK share created and saved to dkek.pbe DKEK share created and saved to dkek.pbe
``` ```
The generated file `dkek.pbe` contains the DKEK. Technically, it contains a share. But if a device is initialized with one share, it is equivalent to contain the full DKEK. The generated file `dkek.pbe` contains the DKEK. Technically, it contains a share. But if a device is initialized with one share, it is equivalent to contain the full DKEK.
Keep these file in a safe place. If this file is lost, you can export the private keys but you will not be able to import into another device or in the same device if it is initialized again. Keep these file in a safe place. If this file is lost, you can export the private keys but you will not be able to import into another device or in the same device if it is initialized again.
@ -52,7 +52,7 @@ At this moment, the Pico HSM expects the DKEK. It is loaded with the following c
``` ```
$ sc-hsm-tool --import-dkek-share dkek.pbe $ sc-hsm-tool --import-dkek-share dkek.pbe
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Enter password to decrypt DKEK share : Enter password to decrypt DKEK share :
Deciphering DKEK share, please wait... Deciphering DKEK share, please wait...
DKEK share imported DKEK share imported
@ -81,7 +81,7 @@ And finally, all are imported one after the other, without special order:
``` ```
$ sc-hsm-tool --import-dkek-share dkek-share-1.pbe $ sc-hsm-tool --import-dkek-share dkek-share-1.pbe
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Enter password to decrypt DKEK share : Enter password to decrypt DKEK share :
Deciphering DKEK share, please wait... Deciphering DKEK share, please wait...
DKEK share imported DKEK share imported
@ -90,7 +90,7 @@ DKEK import pending, 2 share(s) still missing
$ sc-hsm-tool --import-dkek-share dkek-share-2.pbe $ sc-hsm-tool --import-dkek-share dkek-share-2.pbe
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Enter password to decrypt DKEK share : Enter password to decrypt DKEK share :
Deciphering DKEK share, please wait... Deciphering DKEK share, please wait...
DKEK share imported DKEK share imported
@ -99,7 +99,7 @@ DKEK import pending, 1 share(s) still missing
$ sc-hsm-tool --import-dkek-share dkek-share-1.pbe $ sc-hsm-tool --import-dkek-share dkek-share-1.pbe
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Enter password to decrypt DKEK share : Enter password to decrypt DKEK share :
Deciphering DKEK share, please wait... Deciphering DKEK share, please wait...
DKEK share imported DKEK share imported
@ -110,7 +110,7 @@ DKEK key check value : 4B7DA256ACD4EF62
### DKEK n-of-m threshold scheme ### DKEK n-of-m threshold scheme
This scheme provides an extra level of flexiblity, as not all custodians are necessary to import the DKEK share. For instance, with the previous schemes, if a custodian gets unavailable, the initialization will block until the missing custodian can got to finalize the initialization. This scheme provides an extra level of flexiblity, as not all custodians are necessary to import the DKEK share. For instance, with the previous schemes, if a custodian gets unavailable, the initialization will block until the missing custodian can got to finalize the initialization.
With n-of-m threshold scheme, it flexibilizes the number of required custodians to reduce failure points. If a share is lost, the DKEK can still be recovered without major implications. With n-of-m threshold scheme, it flexibilizes the number of required custodians to reduce failure points. If a share is lost, the DKEK can still be recovered without major implications.
This scheme is not a replacement of DKEK shares. Instead, it splits the DKEK share encryption password amongst the n-of-m threshold scheme. For instance, if you define 2 shares and a scheme of 3-of-5 threshold for each share, it will imply 10 different custodians, where 6 are necessary to load both shares. You can also mix one share with traditional passphrase and the other with the n-of-m threshold scheme. This scheme is not a replacement of DKEK shares. Instead, it splits the DKEK share encryption password amongst the n-of-m threshold scheme. For instance, if you define 2 shares and a scheme of 3-of-5 threshold for each share, it will imply 10 different custodians, where 6 are necessary to load both shares. You can also mix one share with traditional passphrase and the other with the n-of-m threshold scheme.
@ -123,7 +123,7 @@ Using reader with a card:Free Software Initiative of Japan Gnuk
The DKEK will be enciphered using a randomly generated 64 bit password. The DKEK will be enciphered using a randomly generated 64 bit password.
This password is split using a (3-of-5) threshold scheme. This password is split using a (3-of-5) threshold scheme.
Please keep the generated and encrypted DKEK file in a safe location. We also recommend Please keep the generated and encrypted DKEK file in a safe location. We also recommend
to keep a paper printout, in case the electronic version becomes unavailable. A printable version to keep a paper printout, in case the electronic version becomes unavailable. A printable version
of the file can be generated using "openssl base64 -in <filename>". of the file can be generated using "openssl base64 -in <filename>".
@ -191,7 +191,7 @@ Private RSA Key [Certificate]
... ...
``` ```
Note that `Key ref` and `ID` may be different. Whilst different keys may share the same `ID` (highly discouraged), the `Key ref` is a value internally computed and unique. Note that `Key ref` and `ID` may be different. Whilst different keys may share the same `ID` (highly discouraged), the `Key ref` is a value internally computed and unique.
To export and wrap the private key: To export and wrap the private key:
@ -199,10 +199,10 @@ To export and wrap the private key:
$ sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219 $ sc-hsm-tool --wrap-key wrap-key.bin --key-reference 1 --pin 648219
``` ```
A file named `wrap-key.bin` is created with the private key encrypted securely with the DKEK. A file named `wrap-key.bin` is created with the private key encrypted securely with the DKEK.
## Restore ## Restore
To restore the wraped key, a device initialized with the same DKEK is mandatory. To restore the wraped key, a device initialized with the same DKEK is mandatory.
To unwrap the key: To unwrap the key:

10
doc/extra_command.md
View file

@ -1,6 +1,6 @@
# Extra command # Extra command
Pico HSM supports a customized extra command to use with different options. Since the drivers in the market do not support the following features, a raw APDU command shall be sent. Pico HSM supports a customized extra command to use with different options. Since the drivers in the market do not support the following features, a raw APDU command shall be sent.
To send a raw APDU command, `opensc-tool -s <APDU>` can be used. The `APDU` parameter is a string of hexadecimal numbers and it takes the following form: To send a raw APDU command, `opensc-tool -s <APDU>` can be used. The `APDU` parameter is a string of hexadecimal numbers and it takes the following form:
``` ```
@ -27,7 +27,7 @@ For example, to obtain the current datetime:
``` ```
$ opensc-tool -s 80640A0008 $ opensc-tool -s 80640A0008
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Sending: 80 64 0A 00 08 Sending: 80 64 0A 00 08
Received (SW1=0x90, SW2=0x00): Received (SW1=0x90, SW2=0x00):
07 E6 04 06 03 13 29 1E ......). 07 E6 04 06 03 13 29 1E ......).
``` ```
@ -49,7 +49,7 @@ To set the reference datetime, a datetime string must be provided. For example:
``` ```
$ opensc-tool -s 80640A000807E6040603132917 $ opensc-tool -s 80640A000807E6040603132917
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Sending: 80 64 0A 00 08 07 E6 04 06 03 13 29 17 Sending: 80 64 0A 00 08 07 E6 04 06 03 13 29 17
Received (SW1=0x90, SW2=0x00) Received (SW1=0x90, SW2=0x00)
``` ```
@ -72,7 +72,7 @@ This feature is disabled by default but can be enabled rapidly by setting the LS
``` ```
$ opensc-tool -s 806406000101 $ opensc-tool -s 806406000101
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Sending: 80 64 06 00 01 01 Sending: 80 64 06 00 01 01
Received (SW1=0x90, SW2=0x00) Received (SW1=0x90, SW2=0x00)
``` ```
@ -99,7 +99,7 @@ This feature is disabled by default but can be enabled rapidly by setting the 2n
``` ```
$ opensc-tool -s 806406000102 $ opensc-tool -s 806406000102
Using reader with a card: Free Software Initiative of Japan Gnuk Using reader with a card: Free Software Initiative of Japan Gnuk
Sending: 80 64 06 00 01 01 Sending: 80 64 06 00 01 01
Received (SW1=0x90, SW2=0x00) Received (SW1=0x90, SW2=0x00)
``` ```

14
doc/public_key_authentication.md
View file

@ -29,7 +29,7 @@ On a secondary device, generate a private key, on the ECC 256 bits (`brainpoolP2
<img width="1037" src="https://user-images.githubusercontent.com/55573252/173353764-4620ece4-0d82-4a23-a153-99bf912621a7.png"> <img width="1037" src="https://user-images.githubusercontent.com/55573252/173353764-4620ece4-0d82-4a23-a153-99bf912621a7.png">
Once finished, export the public key. Once finished, export the public key.
<img width="350" src="https://user-images.githubusercontent.com/55573252/173353732-63f40572-a42f-4e5c-a9ab-6e52a083956b.png"> <img width="350" src="https://user-images.githubusercontent.com/55573252/173353732-63f40572-a42f-4e5c-a9ab-6e52a083956b.png">
@ -64,17 +64,17 @@ From now on, you have full access and can operate normally with the primary devi
Pico HSM uses the PIN to protect the DKEK, which is lately used to protect private/secret keys and wrap/unwrap. However, when PKA is enabled, the authentication is not performed by introducing any PIN. Pico HSM uses the PIN to protect the DKEK, which is lately used to protect private/secret keys and wrap/unwrap. However, when PKA is enabled, the authentication is not performed by introducing any PIN.
Authenticated privileges are granted when PKA succeeds, regardless of PIN, which is optional. Authenticated privileges are granted when PKA succeeds, regardless of PIN, which is optional.
Nevertheless, **it is extremely recommended to combine PKA with PIN**. Note that when combined, only PKA grants authenticated privileges. Therefore, if both schemes are setup, it is necessary to unlock the DKEK with PIN verification. Nevertheless, **it is extremely recommended to combine PKA with PIN**. Note that when combined, only PKA grants authenticated privileges. Therefore, if both schemes are setup, it is necessary to unlock the DKEK with PIN verification.
Otherwise, it will not be possible to operate with private/secret keys despite the user will be logged in. Otherwise, it will not be possible to operate with private/secret keys despite the user will be logged in.
With this scheme, multiple custodians may authenticate the device individually and remotely and, when fully authenticated, the master user can unlock the DKEK with the PIN. With this scheme, multiple custodians may authenticate the device individually and remotely and, when fully authenticated, the master user can unlock the DKEK with the PIN.
Moreover, with this approach the device is kept safe and neither the DKEK nor the private/secret keys are stored in plain text in the device. Moreover, with this approach the device is kept safe and neither the DKEK nor the private/secret keys are stored in plain text in the device.
Even though the flash memory is dumped by an attacker, it will not be possible to decipher any sensitive data or key. Even though the flash memory is dumped by an attacker, it will not be possible to decipher any sensitive data or key.
Initialization of the device with PKA **and** PIN can be achieved with SCS3 or OpenSC: Initialization of the device with PKA **and** PIN can be achieved with SCS3 or OpenSC:
**Note:** do not import any DKEK share or DKEK operation before PKA and PIN setup. **Note:** do not import any DKEK share or DKEK operation before PKA and PIN setup.
### With OpenSC ### With OpenSC
@ -84,9 +84,9 @@ Use the following command (or similar), which accepts the use of PIN parameter *
sc-hsm-tool -X --so-pin 1234567890123456 --pin 648219 -K 1 -n 1 -s 1 sc-hsm-tool -X --so-pin 1234567890123456 --pin 648219 -K 1 -n 1 -s 1
``` ```
and PKA and PIN are enabled, jointly with DKEK protection. and PKA and PIN are enabled, jointly with DKEK protection.
### With SCS3 ###<EFBFBD>With SCS3
Unfortunately, SCS3 does not allow to initialize the device with PKA and PIN at the same time, though it can be achieved in separated steps: Unfortunately, SCS3 does not allow to initialize the device with PKA and PIN at the same time, though it can be achieved in separated steps:
@ -94,4 +94,4 @@ Unfortunately, SCS3 does not allow to initialize the device with PKA and PIN at
2. There is NO default PIN. So, DO NOT attempt to log in yet. A reset PIN shall be requested. 2. There is NO default PIN. So, DO NOT attempt to log in yet. A reset PIN shall be requested.
3. Click on ``Reset User-PIN``, introduce the SO-PIN configured during the initialization and introduce the desired User-PIN. 3. Click on ``Reset User-PIN``, introduce the SO-PIN configured during the initialization and introduce the desired User-PIN.
When done, the device will be configured with PIN **and** PKA. When done, the device will be configured with PIN **and** PKA.

10
doc/scs3.md
View file

@ -4,11 +4,11 @@ SCS3 tool is a specific tool developed by CardContact to manage HSM. Thanks to i
- Import PKCS12 private keys and certificates. - Import PKCS12 private keys and certificates.
- Import private keys and certificates from other Pico HSM devices in WKY format. - Import private keys and certificates from other Pico HSM devices in WKY format.
- -
Unfortunately, there is no pkcs11 tool or equivalent capable to perform the import. Since it uses the SC-HSM driver, it also supports the communication with the [SCS3 tool](https://www.openscdp.org/scsh3/ "SCS3 tool"). It can be downloaded from [here](https://www.openscdp.org/scsh3/download.html "here"). Unfortunately, there is no pkcs11 tool or equivalent capable to perform the import. Since it uses the SC-HSM driver, it also supports the communication with the [SCS3 tool](https://www.openscdp.org/scsh3/ "SCS3 tool"). It can be downloaded from [here](https://www.openscdp.org/scsh3/download.html "here").
However, SCS3 only works with those HSM manufactured by CardContact. The check is performed by means of trust store against the manufacturing certificates. For obvious reasons, these certificates can only be signed with the private keys of the Certificate Authorities listed in the trust store. However, SCS3 only works with those HSM manufactured by CardContact. The check is performed by means of trust store against the manufacturing certificates. For obvious reasons, these certificates can only be signed with the private keys of the Certificate Authorities listed in the trust store.
Pico HSM is shipped with its own CA certificates. To load this certificate onto the trust store of SCS3, the following line has to be appended to `SmartCardHSM.rootCerts` variable, near line `235` in the file `scs3/scsh/sc-hsm/SmartCardHSM.js`. Pico HSM is shipped with its own CA certificates. To load this certificate onto the trust store of SCS3, the following line has to be appended to `SmartCardHSM.rootCerts` variable, near line `235` in the file `scs3/scsh/sc-hsm/SmartCardHSM.js`.
@ -39,8 +39,8 @@ After this ammendment, the program can be started and the KeyManager can be invo
>load("keymanager/keymanager.js"); >load("keymanager/keymanager.js");
SmartCard-HSM Version 1.6 on JCOP Free memory 217104 byte SmartCard-HSM Version 1.6 on JCOP Free memory 217104 byte
Issuer Certificate : CVC id-AT DV (official domestic) CAR=ESCVCAHSM00001 CHR=ESDVCAHSM00001 CED=27 / de març / 2022 CXD=31 / de desembre / 2025 Issuer Certificate : CVC id-AT DV (official domestic) CAR=ESCVCAHSM00001 CHR=ESDVCAHSM00001 CED=27 / de març / 2022 CXD=31 / de desembre / 2025
Device Certificate : CVC id-AT Terminal CAR=ESDVCAHSM00001 CHR=ESTERMHSM00001 CED=27 / de març / 2022 CXD=31 / de desembre / 2023 Device Certificate : CVC id-AT Terminal CAR=ESDVCAHSM00001 CHR=ESTERMHSM00001 CED=27 / de març / 2022 CXD=31 / de desembre / 2023
Default Key Domain : 0F89B400975EDD2D425ABF85F2FBD318779B3D85475E65D4 Default Key Domain : 0F89B400975EDD2D425ABF85F2FBD318779B3D85475E65D4
------------------------------------------------------------------- -------------------------------------------------------------------
Please right-click on nodes in the outline to see possible actions. Please right-click on nodes in the outline to see possible actions.
@ -60,7 +60,7 @@ It can be executed in a Terminal via
``` ```
## DKEK requirement ## DKEK requirement
In order to perform the import, private keys must be wrapped with the same DKEK present in the Pico HSM. Thus, the Pico HSM must be previously initialized with at minimum of 1 DKEK share. This share will be used to wrap the private key before import. In order to perform the import, private keys must be wrapped with the same DKEK present in the Pico HSM. Thus, the Pico HSM must be previously initialized with at minimum of 1 DKEK share. This share will be used to wrap the private key before import.
Note that the DKEK share shall be available before the import. In this way, all custodians must be present during the import process, since they will have to introduce their respective DKEK. Note that the DKEK share shall be available before the import. In this way, all custodians must be present during the import process, since they will have to introduce their respective DKEK.

14
doc/sign-verify.md
View file

@ -1,7 +1,7 @@
# Sign and verify # Sign and verify
Pico HSM supports in place signature of arbitrary data. It supports the following algorithms: Pico HSM supports in place signature of arbitrary data. It supports the following algorithms:
* RSA-PKCS * RSA-PKCS
* RSA-X-509 * RSA-X-509
* SHA1-RSA-PKCS * SHA1-RSA-PKCS
* SHA256-RSA-PKCS * SHA256-RSA-PKCS
@ -32,7 +32,7 @@ $ openssl rsa -inform DER -outform PEM -in 1.der -pubin > 1.pub
At this moment, you are able to verify with the public key in `1.pub`. The signature is computed inside the Pico HSM with the private key. It never leaves the device. At this moment, you are able to verify with the public key in `1.pub`. The signature is computed inside the Pico HSM with the private key. It never leaves the device.
## RSA-PKCS ## RSA-PKCS
This algorithm is used to sign raw data. This algorithm is used to sign raw data.
To sign the data: To sign the data:
``` ```
@ -91,7 +91,7 @@ This algorithm uses the RSA-PKCS with PSS salt to randomize the signature. Pico
To sign the data: To sign the data:
``` ```
$ pkcs11-tool --id 1 --sign --pin 648219 --mechanism RSA-PKCS-PSS -i data.sha1 -o data.sig $ pkcs11-tool --id 1 --sign --pin 648219 --mechanism RSA-PKCS-PSS -i data.sha1 -o data.sig
``` ```
To verify the signature: To verify the signature:
``` ```
@ -105,7 +105,7 @@ This algorithm takes the file as the input and sends its hash for signing with t
To sign the data: To sign the data:
``` ```
$ pkcs11-tool --id 1 --sign --pin 648219 --mechanism SHA1-RSA-PKCS-PSS -i data -o data.sig $ pkcs11-tool --id 1 --sign --pin 648219 --mechanism SHA1-RSA-PKCS-PSS -i data -o data.sig
``` ```
To verify the signature: To verify the signature:
``` ```
@ -118,14 +118,14 @@ This is a raw ECDSA signature, which is usually used to sign a hashed message. `
To sign the data: To sign the data:
``` ```
$ pkcs11-tool --id 11 --sign --pin 648219 --mechanism ECDSA -i data.sha1 -o data.sig --signature-format openssl $ pkcs11-tool --id 11 --sign --pin 648219 --mechanism ECDSA -i data.sha1 -o data.sig --signature-format openssl
Using slot 0 with a present token (0x0) Using slot 0 with a present token (0x0)
Using signature algorithm ECDSA Using signature algorithm ECDSA
``` ```
To verify the signature: To verify the signature:
``` ```
$ openssl pkeyutl -verify -pubin -inkey 11.pub -in data.sha1 -sigfile data.sig $ openssl pkeyutl -verify -pubin -inkey 11.pub -in data.sha1 -sigfile data.sig
Signature Verified Successfully Signature Verified Successfully
``` ```
@ -143,6 +143,6 @@ Using signature algorithm ECDSA-SHA256
The signature is verified with the hash: The signature is verified with the hash:
``` ```
$ openssl pkeyutl -verify -pubin -inkey 11.pub -in data.sha1 -sigfile data.sig $ openssl pkeyutl -verify -pubin -inkey 11.pub -in data.sha1 -sigfile data.sig
Signature Verified Successfully Signature Verified Successfully
``` ```

6
doc/store_data.md
View file

@ -9,7 +9,7 @@ Before writting a file into the Pico HSM, we generate the data file with the fol
``` ```
$ echo 'Pico HSM is awesome!' > test $ echo 'Pico HSM is awesome!' > test
``` ```
Then, we can store the data file with the following command: Then, we can store the data file with the following command:
@ -43,7 +43,7 @@ Always provide a unique `--label`, as it will be used to index and reference the
To view the stored file, we can use the following command with the same label we employed: To view the stored file, we can use the following command with the same label we employed:
``` ```
$ pkcs11-tool --read-object --type data --label 'test1' $ pkcs11-tool --read-object --type data --label 'test1'
Using slot 0 with a present token (0x0) Using slot 0 with a present token (0x0)
Pico HSM is awesome! Pico HSM is awesome!
``` ```
@ -98,7 +98,7 @@ Data object 'test1'
applicationName: test1 applicationName: test1
Path: e82b0601040181c31f0201::cf00 Path: e82b0601040181c31f0201::cf00
Data (21 bytes): 5069636F2048534D20697320617765736F6D65210A Data (21 bytes): 5069636F2048534D20697320617765736F6D65210A
Data object 'test2' Data object 'test2'
applicationName: test2 applicationName: test2
Path: e82b0601040181c31f0201::cd01 Path: e82b0601040181c31f0201::cd01

16
doc/usage.md
View file

@ -1,7 +1,7 @@
# Usage # Usage
## Tools ## Tools
We use multiple tools and PKCS#11 drivers and modules, depending on the purpose. We use multiple tools and PKCS#11 drivers and modules, depending on the purpose.
* **pkcs11-tool**: from OpenSC. It interfaces with the HSM via PKCS#11 interface. It supports different drivers and modules. * **pkcs11-tool**: from OpenSC. It interfaces with the HSM via PKCS#11 interface. It supports different drivers and modules.
* **sc-tool**: an alias of pkcs11-tool with the sc-hsm-embedded module. It is mainly used for AES management and it is defined as: * **sc-tool**: an alias of pkcs11-tool with the sc-hsm-embedded module. It is mainly used for AES management and it is defined as:
``` ```
@ -32,10 +32,10 @@ The first step is to initialize the HSM:
``` ```
$ sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 $ sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219
``` ```
The PIN number is used to manage all private keys in the device. It supports three attemps. After the third PIN failure, it gets blocked. The PIN number is used to manage all private keys in the device. It supports three attemps. After the third PIN failure, it gets blocked.
The PIN accepts from 6 to 16 characters. The PIN accepts from 6 to 16 characters.
The SO-PIN is used to unblock the PIN. It accepts 15 attemps. After 15 failed attempts, the device will be completely blocked and will be necessary to initialize again, erasing all private keys and losing the access. Therefore, keep the SO-PIN in a safe place. The SO-PIN is used to unblock the PIN. It accepts 15 attemps. After 15 failed attempts, the device will be completely blocked and will be necessary to initialize again, erasing all private keys and losing the access. Therefore, keep the SO-PIN in a safe place.
The SO-PIN is always 16 hexadecimal characters. The SO-PIN is always 16 hexadecimal characters.
## PIN and SO-PIN management ## PIN and SO-PIN management
@ -62,7 +62,7 @@ To generate a RSA 2048 bits, use the following command:
$ pkcs11-tool -l --pin 648219 --keypairgen --key-type rsa:2048 --id 1 --label "RSA2K" $ pkcs11-tool -l --pin 648219 --keypairgen --key-type rsa:2048 --id 1 --label "RSA2K"
Using slot 0 with a present token (0x0) Using slot 0 with a present token (0x0)
Key pair generated: Key pair generated:
Private Key Object; RSA Private Key Object; RSA
label: RSA2K label: RSA2K
ID: 1 ID: 1
Usage: decrypt, sign Usage: decrypt, sign
@ -77,7 +77,7 @@ The ID parameter is an internal hexadecimal number for easy identification. The
Pico HSM accepts RSA of 1024 (`rsa:1024`), 2048 (`rsa:2048`) and 4096 bits (`rsa:4096`). Pico HSM accepts RSA of 1024 (`rsa:1024`), 2048 (`rsa:2048`) and 4096 bits (`rsa:4096`).
**Caution**: RSA 2048 bits may take more than 20 seconds. RSA 4096 bits may take more than 20 minutes. The Pico HSM will work as normally and neither the HSM nor the host will block. But, in the meantime, the Pico HSM will not accept any command. **Caution**: RSA 2048 bits may take more than 20 seconds. RSA 4096 bits may take more than 20 minutes. The Pico HSM will work as normally and neither the HSM nor the host will block. But, in the meantime, the Pico HSM will not accept any command.
An alternative is to generate the private key locally and import it to the HSM. This approach, however, is less secure as it does not use a True RNG or HRNG like Pico HSM. Use this approach if you have plugged a TRNG or you are not worried about obtaining the highest entropy. An alternative is to generate the private key locally and import it to the HSM. This approach, however, is less secure as it does not use a True RNG or HRNG like Pico HSM. Use this approach if you have plugged a TRNG or you are not worried about obtaining the highest entropy.
Pico HSM also accepts ECDSA keypairs: Pico HSM also accepts ECDSA keypairs:
@ -157,9 +157,9 @@ Certificate:
a0:30:b2:ec:d3:d6:0d:58:f3 a0:30:b2:ec:d3:d6:0d:58:f3
Exponent: 65537 (0x10001) Exponent: 65537 (0x10001)
X509v3 extensions: X509v3 extensions:
X509v3 Subject Key Identifier: X509v3 Subject Key Identifier:
98:07:DA:13:B0:8E:A0:5C:97:83:68:FE:4A:25:8D:50:C4:DC:16:FA 98:07:DA:13:B0:8E:A0:5C:97:83:68:FE:4A:25:8D:50:C4:DC:16:FA
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:98:07:DA:13:B0:8E:A0:5C:97:83:68:FE:4A:25:8D:50:C4:DC:16:FA keyid:98:07:DA:13:B0:8E:A0:5C:97:83:68:FE:4A:25:8D:50:C4:DC:16:FA
X509v3 Basic Constraints: critical X509v3 Basic Constraints: critical
@ -173,7 +173,7 @@ Certificate:
99:2b:b2:82:66:c1:06:a7:2c:62:af:e2:e4:93:42:36:66:8d: 99:2b:b2:82:66:c1:06:a7:2c:62:af:e2:e4:93:42:36:66:8d:
c5:3f:e1:ec:5f:9a:f8:5f:b3:6a:8f:0e:12:5d:c9:46:38:ea: c5:3f:e1:ec:5f:9a:f8:5f:b3:6a:8f:0e:12:5d:c9:46:38:ea:
0b:08 0b:08
``` ```
The resulting file `cert.pem` contains the signed certificate in PEM format. Convert it into DER format and load it into the Pico HSM: The resulting file `cert.pem` contains the signed certificate in PEM format. Convert it into DER format and load it into the Pico HSM:

16
patch_vidpid.sh
View file

@ -1,19 +1,19 @@
#!/bin/bash #!/bin/bash
# #
# This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). # This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
# Copyright (c) 2022 Pol Henarejos. # Copyright (c) 2022 Pol Henarejos.
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3. # the Free Software Foundation, version 3.
# #
# This program is distributed in the hope that it will be useful, but # This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of # WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details. # General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #

16
src/hsm/cmd_challenge.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

18
src/hsm/cmd_change_pin.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "kek.h" #include "kek.h"

16
src/hsm/cmd_cipher_sym.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

18
src/hsm/cmd_decrypt_asym.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "common.h" #include "common.h"
#include "mbedtls/ecdh.h" #include "mbedtls/ecdh.h"
#include "crypto_utils.h" #include "crypto_utils.h"

20
src/hsm/cmd_delete_file.c
View file

@ -1,27 +1,27 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
int cmd_delete_file() { int cmd_delete_file() {
file_t *ef = NULL; file_t *ef = NULL;
if (!isUserAuthenticated) if (!isUserAuthenticated)
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
if (apdu.nc == 0) { if (apdu.nc == 0) {
ef = currentEF; ef = currentEF;
if (!(ef = search_dynamic_file(ef->fid))) if (!(ef = search_dynamic_file(ef->fid)))

24
src/hsm/cmd_derive_asym.c
View file

@ -1,22 +1,22 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "common.h" #include "common.h"
#include "mbedtls/ecdsa.h" #include "mbedtls/ecdsa.h"
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
@ -43,7 +43,7 @@ int cmd_derive_asym() {
file_t *fkey; file_t *fkey;
if (!isUserAuthenticated) if (!isUserAuthenticated)
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
if (!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) || !fkey->data || file_get_size(fkey) == 0) if (!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) || !fkey->data || file_get_size(fkey) == 0)
return SW_FILE_NOT_FOUND(); return SW_FILE_NOT_FOUND();
if (key_has_purpose(fkey, ALGO_EC_DERIVE) == false) if (key_has_purpose(fkey, ALGO_EC_DERIVE) == false)
return SW_CONDITIONS_NOT_SATISFIED(); return SW_CONDITIONS_NOT_SATISFIED();
@ -52,7 +52,7 @@ int cmd_derive_asym() {
if (apdu.data[0] == ALGO_EC_DERIVE) { if (apdu.data[0] == ALGO_EC_DERIVE) {
mbedtls_ecdsa_context ctx; mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx); mbedtls_ecdsa_init(&ctx);
int r; int r;
r = load_private_key_ecdsa(&ctx, fkey); r = load_private_key_ecdsa(&ctx, fkey);
if (r != CCID_OK) { if (r != CCID_OK) {
@ -96,7 +96,7 @@ int cmd_derive_asym() {
mbedtls_mpi_free(&a); mbedtls_mpi_free(&a);
mbedtls_mpi_free(&nd); mbedtls_mpi_free(&nd);
} }
else else
return SW_WRONG_DATA(); return SW_WRONG_DATA();
return SW_OK(); return SW_OK();
} }

16
src/hsm/cmd_external_authenticate.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

18
src/hsm/cmd_extras.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
#include "hardware/rtc.h" #include "hardware/rtc.h"
#include "files.h" #include "files.h"

28
src/hsm/cmd_general_authenticate.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -32,7 +32,7 @@ int cmd_general_authenticate() {
const uint8_t *pubkey = NULL; const uint8_t *pubkey = NULL;
uint16_t tag = 0x0; uint16_t tag = 0x0;
uint8_t *tag_data = NULL, *p = NULL; uint8_t *tag_data = NULL, *p = NULL;
size_t tag_len = 0; size_t tag_len = 0;
while (walk_tlv(apdu.data+2, apdu.nc-2, &p, &tag, &tag_len, &tag_data)) { while (walk_tlv(apdu.data+2, apdu.nc-2, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x80) { if (tag == 0x80) {
pubkey = tag_data-1; //mbedtls ecdh starts reading one pos before pubkey = tag_data-1; //mbedtls ecdh starts reading one pos before
@ -78,14 +78,14 @@ int cmd_general_authenticate() {
} }
sm_derive_all_keys(derived, olen); sm_derive_all_keys(derived, olen);
uint8_t *t = (uint8_t *)calloc(1, pubkey_len+16); uint8_t *t = (uint8_t *)calloc(1, pubkey_len+16);
memcpy(t, "\x7F\x49\x3F\x06\x0A", 5); memcpy(t, "\x7F\x49\x3F\x06\x0A", 5);
if (sm_get_protocol() == MSE_AES) if (sm_get_protocol() == MSE_AES)
memcpy(t+5, OID_ID_CA_ECDH_AES_CBC_CMAC_128, 10); memcpy(t+5, OID_ID_CA_ECDH_AES_CBC_CMAC_128, 10);
t[15] = 0x86; t[15] = 0x86;
memcpy(t+16, pubkey, pubkey_len); memcpy(t+16, pubkey, pubkey_len);
res_APDU[res_APDU_size++] = 0x7C; res_APDU[res_APDU_size++] = 0x7C;
res_APDU[res_APDU_size++] = 20; res_APDU[res_APDU_size++] = 20;
res_APDU[res_APDU_size++] = 0x81; res_APDU[res_APDU_size++] = 0x81;
@ -94,11 +94,11 @@ int cmd_general_authenticate() {
res_APDU_size += 8; res_APDU_size += 8;
res_APDU[res_APDU_size++] = 0x82; res_APDU[res_APDU_size++] = 0x82;
res_APDU[res_APDU_size++] = 8; res_APDU[res_APDU_size++] = 8;
r = sm_sign(t, pubkey_len+16, res_APDU+res_APDU_size); r = sm_sign(t, pubkey_len+16, res_APDU+res_APDU_size);
free(t); free(t);
if (r != CCID_OK) if (r != CCID_OK)
return SW_EXEC_ERROR(); return SW_EXEC_ERROR();
res_APDU_size += 8; res_APDU_size += 8;
} }

22
src/hsm/cmd_initialize.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -41,7 +41,7 @@ int cmd_initialize() {
has_session_pin = has_session_sopin = false; has_session_pin = has_session_sopin = false;
uint16_t tag = 0x0; uint16_t tag = 0x0;
uint8_t *tag_data = NULL, *p = NULL, *kds = NULL, *dkeks = NULL; uint8_t *tag_data = NULL, *p = NULL, *kds = NULL, *dkeks = NULL;
size_t tag_len = 0; size_t tag_len = 0;
while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) { while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x80) { //options if (tag == 0x80) { //options
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF); file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
@ -170,12 +170,12 @@ int cmd_initialize() {
return SW_EXEC_ERROR(); return SW_EXEC_ERROR();
} }
mbedtls_ecdsa_free(&ecdsa); mbedtls_ecdsa_free(&ecdsa);
file_t *fpk = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF); file_t *fpk = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, cvc_len); ret = flash_write_data_to_file(fpk, res_APDU, cvc_len);
if (ret != 0) if (ret != 0)
return SW_EXEC_ERROR(); return SW_EXEC_ERROR();
const uint8_t *keyid = (const uint8_t *)"\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0", *label = (const uint8_t *)"ESTERMHSM"; const uint8_t *keyid = (const uint8_t *)"\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0", *label = (const uint8_t *)"ESTERMHSM";
size_t prkd_len = asn1_build_prkd_ecc(label, strlen((const char *)label), keyid, 20, 192, res_APDU, 4096); size_t prkd_len = asn1_build_prkd_ecc(label, strlen((const char *)label), keyid, 20, 192, res_APDU, 4096);
fpk = search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF); fpk = search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF);

22
src/hsm/cmd_key_domain.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -120,9 +120,9 @@ int cmd_key_domain() {
if (!t86 || t86[0] != 0x4) if (!t86 || t86[0] != 0x4)
return SW_EXEC_ERROR(); return SW_EXEC_ERROR();
size_t t54_len = 0; size_t t54_len = 0;
const uint8_t *t54 = cvc_get_field(apdu.data, apdu.nc, &t54_len, 0x54); const uint8_t *t54 = cvc_get_field(apdu.data, apdu.nc, &t54_len, 0x54);
if (!t54) if (!t54)
return SW_WRONG_DATA(); return SW_WRONG_DATA();
uint8_t hash[32], *input = (uint8_t *)calloc(1, (t86_len-1)/2+1); uint8_t hash[32], *input = (uint8_t *)calloc(1, (t86_len-1)/2+1);
input[0] = 0x54; input[0] = 0x54;
memcpy(input+1, t86+1, (t86_len-1)/2); memcpy(input+1, t86+1, (t86_len-1)/2);
@ -134,7 +134,7 @@ int cmd_key_domain() {
file_t *tf = file_new(EF_XKEK+p2); file_t *tf = file_new(EF_XKEK+p2);
if (!tf) if (!tf)
return SW_MEMORY_FAILURE(); return SW_MEMORY_FAILURE();
//All checks done. Get Key Domain UID //All checks done. Get Key Domain UID
pub = cvc_get_pub(apdu.data, apdu.nc, &pub_len); pub = cvc_get_pub(apdu.data, apdu.nc, &pub_len);
if (pub) { if (pub) {

18
src/hsm/cmd_key_gen.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "random.h" #include "random.h"

18
src/hsm/cmd_key_unwrap.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "kek.h" #include "kek.h"

18
src/hsm/cmd_key_wrap.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -71,7 +71,7 @@ int cmd_key_wrap() {
uint8_t kdata[32]; //maximum AES key size uint8_t kdata[32]; //maximum AES key size
if (wait_button() == true) //timeout if (wait_button() == true) //timeout
return SW_SECURE_MESSAGE_EXEC_ERROR(); return SW_SECURE_MESSAGE_EXEC_ERROR();
int key_size = file_get_size(ef), aes_type = HSM_KEY_AES; int key_size = file_get_size(ef), aes_type = HSM_KEY_AES;
memcpy(kdata, file_get_data(ef), key_size); memcpy(kdata, file_get_data(ef), key_size);
if (mkek_decrypt(kdata, key_size) != 0) { if (mkek_decrypt(kdata, key_size) != 0) {

24
src/hsm/cmd_keypair_gen.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "files.h" #include "files.h"
@ -29,7 +29,7 @@ int cmd_keypair_gen() {
if (!isUserAuthenticated) if (!isUserAuthenticated)
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
int ret = 0; int ret = 0;
size_t tout = 0; size_t tout = 0;
//sc_asn1_print_tags(apdu.data, apdu.nc); //sc_asn1_print_tags(apdu.data, apdu.nc);
uint8_t *p = NULL; uint8_t *p = NULL;
@ -72,7 +72,7 @@ int cmd_keypair_gen() {
mbedtls_rsa_free(&rsa); mbedtls_rsa_free(&rsa);
return SW_EXEC_ERROR(); return SW_EXEC_ERROR();
} }
mbedtls_rsa_free(&rsa); mbedtls_rsa_free(&rsa);
} }
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256,MIN(oid_len,10)) == 0) { //ECC else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256,MIN(oid_len,10)) == 0) { //ECC
size_t prime_len; size_t prime_len;
@ -131,7 +131,7 @@ int cmd_keypair_gen() {
} }
mbedtls_ecdsa_free(&ecdsa); mbedtls_ecdsa_free(&ecdsa);
} }
} }
} }
else else

18
src/hsm/cmd_list_keys.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -48,7 +48,7 @@ int cmd_list_keys()
res_APDU[res_APDU_size++] = f->fid & 0xff; res_APDU[res_APDU_size++] = f->fid & 0xff;
} }
} }
for (int i = 0; i < dynamic_files; i++) { for (int i = 0; i < dynamic_files; i++) {
file_t *f = &dynamic_file[i]; file_t *f = &dynamic_file[i];
if ((f->fid & 0xff00) == (DCOD_PREFIX << 8)) { if ((f->fid & 0xff00) == (DCOD_PREFIX << 8)) {

20
src/hsm/cmd_mse.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -32,7 +32,7 @@ int cmd_mse() {
if (p1 & 0x1) { //SET if (p1 & 0x1) { //SET
uint16_t tag = 0x0; uint16_t tag = 0x0;
uint8_t *tag_data = NULL, *p = NULL; uint8_t *tag_data = NULL, *p = NULL;
size_t tag_len = 0; size_t tag_len = 0;
while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) { while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x80) { if (tag == 0x80) {
if (p2 == 0xA4) { if (p2 == 0xA4) {
@ -42,7 +42,7 @@ int cmd_mse() {
} }
else if (tag == 0x83) { else if (tag == 0x83) {
if (tag_len == 1) { if (tag_len == 1) {
} }
else { else {
if (p2 == 0xB6) { if (p2 == 0xB6) {

20
src/hsm/cmd_pso.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
#include "oid.h" #include "oid.h"
#include "asn1.h" #include "asn1.h"
@ -53,7 +53,7 @@ int cmd_pso() {
flash_write_data_to_file(ca_ef, apdu.data, apdu.nc); flash_write_data_to_file(ca_ef, apdu.data, apdu.nc);
if (add_cert_puk_store(file_get_data(ca_ef), file_get_size(ca_ef), false) != CCID_OK) if (add_cert_puk_store(file_get_data(ca_ef), file_get_size(ca_ef), false) != CCID_OK)
return SW_FILE_FULL(); return SW_FILE_FULL();
size_t chr_len = 0; size_t chr_len = 0;
const uint8_t *chr = cvc_get_chr(apdu.data, apdu.nc, &chr_len); const uint8_t *chr = cvc_get_chr(apdu.data, apdu.nc, &chr_len);
if (chr == NULL) if (chr == NULL)

18
src/hsm/cmd_puk_auth.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
#include "files.h" #include "files.h"
#include "cvc.h" #include "cvc.h"

30
src/hsm/cmd_read_binary.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -22,7 +22,7 @@ int cmd_read_binary() {
uint32_t offset = 0; uint32_t offset = 0;
uint8_t ins = INS(apdu), p1 = P1(apdu), p2 = P2(apdu); uint8_t ins = INS(apdu), p1 = P1(apdu), p2 = P2(apdu);
const file_t *ef = NULL; const file_t *ef = NULL;
if ((ins & 0x1) == 0) if ((ins & 0x1) == 0)
{ {
if ((p1 & 0x80) != 0) { if ((p1 & 0x80) != 0) {
@ -39,23 +39,23 @@ int cmd_read_binary() {
if (p1 == 0 && (p2 & 0xE0) == 0 && (p2 & 0x1f) != 0 && (p2 & 0x1f) != 0x1f) { if (p1 == 0 && (p2 & 0xE0) == 0 && (p2 & 0x1f) != 0 && (p2 & 0x1f) != 0x1f) {
if (!(ef = search_by_fid(p2&0x1f, NULL, SPECIFY_EF))) if (!(ef = search_by_fid(p2&0x1f, NULL, SPECIFY_EF)))
return SW_FILE_NOT_FOUND (); return SW_FILE_NOT_FOUND ();
} }
else { else {
uint16_t file_id = make_uint16_t(p1, p2); // & 0x7fff; uint16_t file_id = make_uint16_t(p1, p2); // & 0x7fff;
if (file_id == 0x0) if (file_id == 0x0)
ef = currentEF; ef = currentEF;
else if (!(ef = search_by_fid(file_id, NULL, SPECIFY_EF)) && !(ef = search_dynamic_file(file_id))) else if (!(ef = search_by_fid(file_id, NULL, SPECIFY_EF)) && !(ef = search_dynamic_file(file_id)))
return SW_FILE_NOT_FOUND (); return SW_FILE_NOT_FOUND ();
if (apdu.data[0] != 0x54) if (apdu.data[0] != 0x54)
return SW_WRONG_DATA(); return SW_WRONG_DATA();
offset = 0; offset = 0;
for (int d = 0; d < apdu.data[1]; d++) for (int d = 0; d < apdu.data[1]; d++)
offset |= apdu.data[2+d]<<(apdu.data[1]-1-d)*8; offset |= apdu.data[2+d]<<(apdu.data[1]-1-d)*8;
} }
} }
if ((fid >> 8) == KEY_PREFIX || !authenticate_action(ef, ACL_OP_READ_SEARCH)) { if ((fid >> 8) == KEY_PREFIX || !authenticate_action(ef, ACL_OP_READ_SEARCH)) {
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
} }
@ -77,7 +77,7 @@ int cmd_read_binary() {
uint16_t data_len = file_get_size(ef); uint16_t data_len = file_get_size(ef);
if (offset > data_len) if (offset > data_len)
return SW_WRONG_P1P2(); return SW_WRONG_P1P2();
uint16_t maxle = data_len-offset; uint16_t maxle = data_len-offset;
if (apdu.ne > maxle) if (apdu.ne > maxle)
apdu.ne = maxle; apdu.ne = maxle;

22
src/hsm/cmd_reset_retry.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -21,7 +21,7 @@
int cmd_reset_retry() { int cmd_reset_retry() {
if (P2(apdu) != 0x81) if (P2(apdu) != 0x81)
return SW_REFERENCE_NOT_FOUND(); return SW_REFERENCE_NOT_FOUND();
if (!file_sopin || !file_pin1) { if (!file_sopin || !file_pin1) {
return SW_FILE_NOT_FOUND(); return SW_FILE_NOT_FOUND();
} }
@ -43,7 +43,7 @@ int cmd_reset_retry() {
has_session_sopin = true; has_session_sopin = true;
hash_multi(apdu.data, 8, session_sopin); hash_multi(apdu.data, 8, session_sopin);
} }
else if (P1(apdu) == 0x2) { else if (P1(apdu) == 0x2) {
if (!has_session_sopin) if (!has_session_sopin)
return SW_CONDITIONS_NOT_SATISFIED(); return SW_CONDITIONS_NOT_SATISFIED();
if (apdu.nc > 16) if (apdu.nc > 16)
@ -69,7 +69,7 @@ int cmd_reset_retry() {
low_flash_available(); low_flash_available();
return SW_OK(); return SW_OK();
} }
else if (P1(apdu) == 0x1 || P1(apdu) == 0x3) { else if (P1(apdu) == 0x1 || P1(apdu) == 0x3) {
if (!(opts & HSM_OPT_RRC_RESET_ONLY)) if (!(opts & HSM_OPT_RRC_RESET_ONLY))
return SW_COMMAND_NOT_ALLOWED(); return SW_COMMAND_NOT_ALLOWED();
if (P1(apdu) == 0x1) { if (P1(apdu) == 0x1) {

42
src/hsm/cmd_select.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -42,26 +42,26 @@ int cmd_select() {
uint8_t p2 = P2(apdu); uint8_t p2 = P2(apdu);
file_t *pe = NULL; file_t *pe = NULL;
uint16_t fid = 0x0; uint16_t fid = 0x0;
// Only "first or only occurence" supported // Only "first or only occurence" supported
//if ((p2 & 0xF3) != 0x00) { //if ((p2 & 0xF3) != 0x00) {
// return SW_INCORRECT_P1P2(); // return SW_INCORRECT_P1P2();
//} //}
if (apdu.nc >= 2) if (apdu.nc >= 2)
fid = get_uint16_t(apdu.data, 0); fid = get_uint16_t(apdu.data, 0);
//if ((fid & 0xff00) == (KEY_PREFIX << 8)) //if ((fid & 0xff00) == (KEY_PREFIX << 8))
// fid = (PRKD_PREFIX << 8) | (fid & 0xff); // fid = (PRKD_PREFIX << 8) | (fid & 0xff);
uint8_t pfx = fid >> 8; uint8_t pfx = fid >> 8;
if (pfx == PRKD_PREFIX || if (pfx == PRKD_PREFIX ||
pfx == CD_PREFIX || pfx == CD_PREFIX ||
pfx == CA_CERTIFICATE_PREFIX || pfx == CA_CERTIFICATE_PREFIX ||
pfx == KEY_PREFIX || pfx == KEY_PREFIX ||
pfx == EE_CERTIFICATE_PREFIX || pfx == EE_CERTIFICATE_PREFIX ||
pfx == DCOD_PREFIX || pfx == DCOD_PREFIX ||
pfx == DATA_PREFIX || pfx == DATA_PREFIX ||
pfx == PROT_DATA_PREFIX) { pfx == PROT_DATA_PREFIX) {
if (!(pe = search_dynamic_file(fid)) && !(pe = search_by_fid(fid, NULL, SPECIFY_EF))) if (!(pe = search_dynamic_file(fid)) && !(pe = search_by_fid(fid, NULL, SPECIFY_EF)))
return SW_FILE_NOT_FOUND(); return SW_FILE_NOT_FOUND();
@ -98,7 +98,7 @@ int cmd_select() {
} }
if (card_terminated) { if (card_terminated) {
return set_res_sw(0x62, 0x85); return set_res_sw(0x62, 0x85);
} }
} }
else if (p1 == 0x08) { //Select from the MF - Path without the MF identifier else if (p1 == 0x08) { //Select from the MF - Path without the MF identifier
if (!(pe = search_by_path(apdu.data, apdu.nc, MF))) { if (!(pe = search_by_path(apdu.data, apdu.nc, MF))) {

20
src/hsm/cmd_session_pin.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
#include "random.h" #include "random.h"
#include "eac.h" #include "eac.h"
@ -23,7 +23,7 @@ int cmd_session_pin() {
if (P1(apdu) == 0x01 && P2(apdu) == 0x81) { if (P1(apdu) == 0x01 && P2(apdu) == 0x81) {
memcpy(sm_session_pin, random_bytes_get(8), 8); memcpy(sm_session_pin, random_bytes_get(8), 8);
sm_session_pin_len = 8; sm_session_pin_len = 8;
memcpy(res_APDU, sm_session_pin, sm_session_pin_len); memcpy(res_APDU, sm_session_pin, sm_session_pin_len);
res_APDU_size = sm_session_pin_len; res_APDU_size = sm_session_pin_len;
apdu.ne = sm_session_pin_len; apdu.ne = sm_session_pin_len;

32
src/hsm/cmd_signature.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "asn1.h" #include "asn1.h"
@ -94,7 +94,7 @@ int cmd_signature() {
file_t *fkey; file_t *fkey;
if (!isUserAuthenticated) if (!isUserAuthenticated)
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
if (!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) || !fkey->data || file_get_size(fkey) == 0) if (!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) || !fkey->data || file_get_size(fkey) == 0)
return SW_FILE_NOT_FOUND(); return SW_FILE_NOT_FOUND();
if (get_key_counter(fkey) == 0) if (get_key_counter(fkey) == 0)
return SW_FILE_FULL(); return SW_FILE_FULL();
@ -114,7 +114,7 @@ int cmd_signature() {
if (p2 >= ALGO_RSA_RAW && p2 <= ALGO_RSA_PSS_SHA512) { if (p2 >= ALGO_RSA_RAW && p2 <= ALGO_RSA_PSS_SHA512) {
mbedtls_rsa_context ctx; mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx); mbedtls_rsa_init(&ctx);
int r; int r;
r = load_private_key_rsa(&ctx, fkey); r = load_private_key_rsa(&ctx, fkey);
if (r != CCID_OK) { if (r != CCID_OK) {
@ -144,15 +144,15 @@ int cmd_signature() {
asn1_find_tag(p, tout, 0x4, &hash_len, &hash); asn1_find_tag(p, tout, 0x4, &hash_len, &hash);
} }
if (oid && oid_len > 0) { if (oid && oid_len > 0) {
if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA1, oid_len) == 0) if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA224, oid_len) == 0) else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA224, oid_len) == 0)
md = MBEDTLS_MD_SHA224; md = MBEDTLS_MD_SHA224;
else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA256, oid_len) == 0) else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA256, oid_len) == 0)
md = MBEDTLS_MD_SHA256; md = MBEDTLS_MD_SHA256;
else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA384, oid_len) == 0) else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA384, oid_len) == 0)
md = MBEDTLS_MD_SHA384; md = MBEDTLS_MD_SHA384;
else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA512, oid_len) == 0) else if (memcmp(oid, MBEDTLS_OID_DIGEST_ALG_SHA512, oid_len) == 0)
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
} }
if (p2 >= ALGO_RSA_PSS && p2 <= ALGO_RSA_PSS_SHA512) { if (p2 >= ALGO_RSA_PSS && p2 <= ALGO_RSA_PSS_SHA512) {

30
src/hsm/cmd_update_ef.c
View file

@ -1,20 +1,20 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h" #include "sc_hsm.h"
#include "asn1.h" #include "asn1.h"
@ -33,19 +33,19 @@ int cmd_update_ef() {
ef = currentEF; ef = currentEF;
else if (p1 != EE_CERTIFICATE_PREFIX && p1 != PRKD_PREFIX && p1 != CA_CERTIFICATE_PREFIX && p1 != CD_PREFIX && p1 != DATA_PREFIX && p1 != DCOD_PREFIX && p1 != PROT_DATA_PREFIX) else if (p1 != EE_CERTIFICATE_PREFIX && p1 != PRKD_PREFIX && p1 != CA_CERTIFICATE_PREFIX && p1 != CD_PREFIX && p1 != DATA_PREFIX && p1 != DCOD_PREFIX && p1 != PROT_DATA_PREFIX)
return SW_INCORRECT_P1P2(); return SW_INCORRECT_P1P2();
if (ef && !authenticate_action(ef, ACL_OP_UPDATE_ERASE)) if (ef && !authenticate_action(ef, ACL_OP_UPDATE_ERASE))
return SW_SECURITY_STATUS_NOT_SATISFIED(); return SW_SECURITY_STATUS_NOT_SATISFIED();
uint16_t tag = 0x0; uint16_t tag = 0x0;
uint8_t *tag_data = NULL, *p = NULL; uint8_t *tag_data = NULL, *p = NULL;
size_t tag_len = 0; size_t tag_len = 0;
while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) { while (walk_tlv(apdu.data, apdu.nc, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x54) { //ofset tag if (tag == 0x54) { //ofset tag
for (int i = 1; i <= tag_len; i++) for (int i = 1; i <= tag_len; i++)
offset |= (*tag_data++ << (8*(tag_len-i))); offset |= (*tag_data++ << (8*(tag_len-i)));
} }
else if (tag == 0x53) { //data else if (tag == 0x53) { //data
data_len = tag_len; data_len = tag_len;
data = tag_data; data = tag_data;
} }
@ -71,7 +71,7 @@ int cmd_update_ef() {
else { else {
if (!ef->data) if (!ef->data)
return SW_DATA_INVALID(); return SW_DATA_INVALID();
uint8_t *data_merge = (uint8_t *)calloc(1, offset+data_len); uint8_t *data_merge = (uint8_t *)calloc(1, offset+data_len);
memcpy(data_merge, file_get_data(ef), offset); memcpy(data_merge, file_get_data(ef), offset);
memcpy(data_merge+offset, data, data_len); memcpy(data_merge+offset, data, data_len);
@ -82,5 +82,5 @@ int cmd_update_ef() {
} }
low_flash_available(); low_flash_available();
} }
return SW_OK(); return SW_OK();
} }

18
src/hsm/cmd_verify.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -20,7 +20,7 @@
int cmd_verify() { int cmd_verify() {
uint8_t p1 = P1(apdu); uint8_t p1 = P1(apdu);
uint8_t p2 = P2(apdu); uint8_t p2 = P2(apdu);
if (p1 != 0x0 || (p2 & 0x60) != 0x0) if (p1 != 0x0 || (p2 & 0x60) != 0x0)
return SW_WRONG_P1P2(); return SW_WRONG_P1P2();

70
src/hsm/cvc.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -126,7 +126,7 @@ size_t asn1_cvc_cert_body(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_
uint8_t *car = NULL, *chr = NULL; uint8_t *car = NULL, *chr = NULL;
size_t lencar = 0, lenchr = 0; size_t lencar = 0, lenchr = 0;
if (asn1_find_tag(apdu.data, apdu.nc, 0x42, &lencar, &car) == false || lencar == 0 || car == NULL) { if (asn1_find_tag(apdu.data, apdu.nc, 0x42, &lencar, &car) == false || lencar == 0 || car == NULL) {
car = (uint8_t *)dev_name; car = (uint8_t *)dev_name;
lencar = dev_name_len; lencar = dev_name_len;
@ -136,9 +136,9 @@ size_t asn1_cvc_cert_body(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_
lenchr = dev_name_len; lenchr = dev_name_len;
} }
size_t car_size = asn1_len_tag(0x42, lencar), chr_size = asn1_len_tag(0x5f20, lenchr); size_t car_size = asn1_len_tag(0x42, lencar), chr_size = asn1_len_tag(0x5f20, lenchr);
size_t tot_len = asn1_len_tag(0x7f4e, cpi_size+car_size+pubkey_size+chr_size+ext_size); size_t tot_len = asn1_len_tag(0x7f4e, cpi_size+car_size+pubkey_size+chr_size+ext_size);
if (buf_len == 0 || buf == NULL) if (buf_len == 0 || buf == NULL)
return tot_len; return tot_len;
if (buf_len < tot_len) if (buf_len < tot_len)
@ -283,14 +283,14 @@ size_t asn1_build_cert_description(const uint8_t *label, size_t label_len, const
*p++ = 0x3; *p++ = 0x3;
p += format_tlv_len(opt_len, p); p += format_tlv_len(opt_len, p);
memcpy(p, "\x06\x40", 2); p += 2; memcpy(p, "\x06\x40", 2); p += 2;
//Seq 2 //Seq 2
*p++ = 0x30; *p++ = 0x30;
p += format_tlv_len(asn1_len_tag(0x4, 20), p); p += format_tlv_len(asn1_len_tag(0x4, 20), p);
*p++ = 0x4; *p++ = 0x4;
p += format_tlv_len(20, p); p += format_tlv_len(20, p);
mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), puk, puk_len, p); p += 20; mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), puk, puk_len, p); p += 20;
//Seq 3 //Seq 3
*p++ = 0xA1; *p++ = 0xA1;
p += format_tlv_len(asn1_len_tag(0x30, asn1_len_tag(0x30, asn1_len_tag(0x4, sizeof(uint16_t)))), p); p += format_tlv_len(asn1_len_tag(0x30, asn1_len_tag(0x30, asn1_len_tag(0x4, sizeof(uint16_t)))), p);
@ -323,7 +323,7 @@ size_t asn1_build_prkd_ecc(const uint8_t *label, size_t label_len, const uint8_t
*p++ = 0xC; *p++ = 0xC;
p += format_tlv_len(label_len, p); p += format_tlv_len(label_len, p);
memcpy(p, label, label_len); p += label_len; memcpy(p, label, label_len); p += label_len;
//Seq 2 //Seq 2
*p++ = 0x30; *p++ = 0x30;
p += format_tlv_len(asn1_len_tag(0x4, keyid_len)+asn1_len_tag(0x3, 3), p); p += format_tlv_len(asn1_len_tag(0x4, keyid_len)+asn1_len_tag(0x3, 3), p);
@ -333,7 +333,7 @@ size_t asn1_build_prkd_ecc(const uint8_t *label, size_t label_len, const uint8_t
*p++ = 0x3; *p++ = 0x3;
p += format_tlv_len(3, p); p += format_tlv_len(3, p);
memcpy(p, "\x07\x20\x80", 3); p += 3; memcpy(p, "\x07\x20\x80", 3); p += 3;
//Seq 3 //Seq 3
*p++ = 0xA1; *p++ = 0xA1;
p += format_tlv_len(asn1_len_tag(0x30, asn1_len_tag(0x30, asn1_len_tag(0x4, 0))+asn1_len_tag(0x2,2)), p); p += format_tlv_len(asn1_len_tag(0x30, asn1_len_tag(0x30, asn1_len_tag(0x4, 0))+asn1_len_tag(0x2,2)), p);
@ -444,7 +444,7 @@ mbedtls_ecp_group_id cvc_inherite_ec_group(const uint8_t *ca, size_t ca_len) {
const uint8_t *t81 = cvc_get_field(ca_puk, ca_puk_len, &t81_len, 0x81); const uint8_t *t81 = cvc_get_field(ca_puk, ca_puk_len, &t81_len, 0x81);
if (!t81) if (!t81)
return MBEDTLS_ECP_DP_NONE; return MBEDTLS_ECP_DP_NONE;
return ec_get_curve_from_prime(t81, t81_len); return ec_get_curve_from_prime(t81, t81_len);
} }
@ -465,11 +465,11 @@ int puk_verify(const uint8_t *sig, size_t sig_len, const uint8_t *hash, size_t h
mbedtls_rsa_context rsa; mbedtls_rsa_context rsa;
mbedtls_rsa_init(&rsa); mbedtls_rsa_init(&rsa);
mbedtls_md_type_t md = MBEDTLS_MD_NONE; mbedtls_md_type_t md = MBEDTLS_MD_NONE;
if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_1, oid_len) == 0) if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_256, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_256, oid_len) == 0)
md = MBEDTLS_MD_SHA256; md = MBEDTLS_MD_SHA256;
else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_512, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_512, oid_len) == 0)
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
else if (memcmp(oid, OID_ID_TA_RSA_PSS_SHA_1, oid_len) == 0) { else if (memcmp(oid, OID_ID_TA_RSA_PSS_SHA_1, oid_len) == 0) {
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
@ -514,19 +514,19 @@ int puk_verify(const uint8_t *sig, size_t sig_len, const uint8_t *hash, size_t h
} }
else if (memcmp(oid, OID_ID_TA_ECDSA, 9) == 0) { //ECC else if (memcmp(oid, OID_ID_TA_ECDSA, 9) == 0) { //ECC
mbedtls_md_type_t md = MBEDTLS_MD_NONE; mbedtls_md_type_t md = MBEDTLS_MD_NONE;
if (memcmp(oid, OID_ID_TA_ECDSA_SHA_1, oid_len) == 0) if (memcmp(oid, OID_ID_TA_ECDSA_SHA_1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_224, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_224, oid_len) == 0)
md = MBEDTLS_MD_SHA224; md = MBEDTLS_MD_SHA224;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256, oid_len) == 0)
md = MBEDTLS_MD_SHA256; md = MBEDTLS_MD_SHA256;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_384, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_384, oid_len) == 0)
md = MBEDTLS_MD_SHA384; md = MBEDTLS_MD_SHA384;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_512, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_512, oid_len) == 0)
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
if (md == MBEDTLS_MD_NONE) if (md == MBEDTLS_MD_NONE)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
size_t t86_len = 0; size_t t86_len = 0;
const uint8_t *t86 = cvc_get_field(puk, puk_len, &t86_len, 0x86); const uint8_t *t86 = cvc_get_field(puk, puk_len, &t86_len, 0x86);
if (!t86) if (!t86)
@ -595,11 +595,11 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
mbedtls_md_type_t md = MBEDTLS_MD_NONE; mbedtls_md_type_t md = MBEDTLS_MD_NONE;
if (memcmp(oid, OID_ID_TA_RSA, 9) == 0) { //RSA if (memcmp(oid, OID_ID_TA_RSA, 9) == 0) { //RSA
if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_1, oid_len) == 0) if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_256, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_256, oid_len) == 0)
md = MBEDTLS_MD_SHA256; md = MBEDTLS_MD_SHA256;
else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_512, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_RSA_V1_5_SHA_512, oid_len) == 0)
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
else if (memcmp(oid, OID_ID_TA_RSA_PSS_SHA_1, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_RSA_PSS_SHA_1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
@ -609,18 +609,18 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
} }
else if (memcmp(oid, OID_ID_TA_ECDSA, 9) == 0) { //ECC else if (memcmp(oid, OID_ID_TA_ECDSA, 9) == 0) { //ECC
if (memcmp(oid, OID_ID_TA_ECDSA_SHA_1, oid_len) == 0) if (memcmp(oid, OID_ID_TA_ECDSA_SHA_1, oid_len) == 0)
md = MBEDTLS_MD_SHA1; md = MBEDTLS_MD_SHA1;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_224, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_224, oid_len) == 0)
md = MBEDTLS_MD_SHA224; md = MBEDTLS_MD_SHA224;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_256, oid_len) == 0)
md = MBEDTLS_MD_SHA256; md = MBEDTLS_MD_SHA256;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_384, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_384, oid_len) == 0)
md = MBEDTLS_MD_SHA384; md = MBEDTLS_MD_SHA384;
else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_512, oid_len) == 0) else if (memcmp(oid, OID_ID_TA_ECDSA_SHA_512, oid_len) == 0)
md = MBEDTLS_MD_SHA512; md = MBEDTLS_MD_SHA512;
} }
if (md == MBEDTLS_MD_NONE) if (md == MBEDTLS_MD_NONE)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md);
uint8_t hash[64], hash_len = mbedtls_md_get_size(md_info); uint8_t hash[64], hash_len = mbedtls_md_get_size(md_info);

16
src/hsm/cvc.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

16
src/hsm/files.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

16
src/hsm/files.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

112
src/hsm/kek.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -215,7 +215,7 @@ int mkek_decrypt(uint8_t *data, size_t len) {
int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_t *out_len, const uint8_t *allowed, size_t allowed_len) { int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_t *out_len, const uint8_t *allowed, size_t allowed_len) {
if (!(key_type & HSM_KEY_RSA) && !(key_type & HSM_KEY_EC) && !(key_type & HSM_KEY_AES)) if (!(key_type & HSM_KEY_RSA) && !(key_type & HSM_KEY_EC) && !(key_type & HSM_KEY_AES))
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
uint8_t kb[8+2*4+2*4096/8+3+13]; //worst case: RSA-4096 (plus, 13 bytes padding) uint8_t kb[8+2*4+2*4096/8+3+13]; //worst case: RSA-4096 (plus, 13 bytes padding)
memset(kb, 0, sizeof(kb)); memset(kb, 0, sizeof(kb));
int kb_len = 0, r = 0; int kb_len = 0, r = 0;
@ -226,19 +226,19 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
r = dkek_kenc(id, kenc); r = dkek_kenc(id, kenc);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
uint8_t kcv[8]; uint8_t kcv[8];
memset(kcv, 0, sizeof(kcv)); memset(kcv, 0, sizeof(kcv));
r = dkek_kcv(id, kcv); r = dkek_kcv(id, kcv);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
uint8_t kmac[32]; uint8_t kmac[32];
memset(kmac, 0, sizeof(kmac)); memset(kmac, 0, sizeof(kmac));
r = dkek_kmac(id, kmac); r = dkek_kmac(id, kmac);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
if (key_type & HSM_KEY_AES) { if (key_type & HSM_KEY_AES) {
if (key_type & HSM_KEY_AES_128) if (key_type & HSM_KEY_AES_128)
kb_len = 16; kb_len = 16;
@ -246,38 +246,38 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
kb_len = 24; kb_len = 24;
else if (key_type & HSM_KEY_AES_256) else if (key_type & HSM_KEY_AES_256)
kb_len = 32; kb_len = 32;
if (kb_len != 16 && kb_len != 24 && kb_len != 32) if (kb_len != 16 && kb_len != 24 && kb_len != 32)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
if (*out_len < 8+1+10+6+4+(2+32+14)+16) if (*out_len < 8+1+10+6+4+(2+32+14)+16)
return CCID_WRONG_LENGTH; return CCID_WRONG_LENGTH;
put_uint16_t(kb_len, kb+8); put_uint16_t(kb_len, kb+8);
memcpy(kb+10, key_ctx, kb_len); memcpy(kb+10, key_ctx, kb_len);
kb_len += 2; kb_len += 2;
algo = (uint8_t *)"\x00\x08\x60\x86\x48\x01\x65\x03\x04\x01"; //2.16.840.1.101.3.4.1 (2+8) algo = (uint8_t *)"\x00\x08\x60\x86\x48\x01\x65\x03\x04\x01"; //2.16.840.1.101.3.4.1 (2+8)
algo_len = 10; algo_len = 10;
} }
else if (key_type & HSM_KEY_RSA) { else if (key_type & HSM_KEY_RSA) {
if (*out_len < 8+1+12+6+(8+2*4+2*4096/8+3+13)+16) //13 bytes pading if (*out_len < 8+1+12+6+(8+2*4+2*4096/8+3+13)+16) //13 bytes pading
return CCID_WRONG_LENGTH; return CCID_WRONG_LENGTH;
mbedtls_rsa_context *rsa = (mbedtls_rsa_context *)key_ctx; mbedtls_rsa_context *rsa = (mbedtls_rsa_context *)key_ctx;
kb_len = 0; kb_len = 0;
put_uint16_t(mbedtls_rsa_get_len(rsa)*8, kb+8+kb_len); kb_len += 2; put_uint16_t(mbedtls_rsa_get_len(rsa)*8, kb+8+kb_len); kb_len += 2;
put_uint16_t(mbedtls_mpi_size(&rsa->D), kb+8+kb_len); kb_len += 2; put_uint16_t(mbedtls_mpi_size(&rsa->D), kb+8+kb_len); kb_len += 2;
mbedtls_mpi_write_binary(&rsa->D, kb+8+kb_len, mbedtls_mpi_size(&rsa->D)); kb_len += mbedtls_mpi_size(&rsa->D); mbedtls_mpi_write_binary(&rsa->D, kb+8+kb_len, mbedtls_mpi_size(&rsa->D)); kb_len += mbedtls_mpi_size(&rsa->D);
put_uint16_t(mbedtls_mpi_size(&rsa->N), kb+8+kb_len); kb_len += 2; put_uint16_t(mbedtls_mpi_size(&rsa->N), kb+8+kb_len); kb_len += 2;
mbedtls_mpi_write_binary(&rsa->N, kb+8+kb_len, mbedtls_mpi_size(&rsa->N)); kb_len += mbedtls_mpi_size(&rsa->N); mbedtls_mpi_write_binary(&rsa->N, kb+8+kb_len, mbedtls_mpi_size(&rsa->N)); kb_len += mbedtls_mpi_size(&rsa->N);
put_uint16_t(mbedtls_mpi_size(&rsa->E), kb+8+kb_len); kb_len += 2; put_uint16_t(mbedtls_mpi_size(&rsa->E), kb+8+kb_len); kb_len += 2;
mbedtls_mpi_write_binary(&rsa->E, kb+8+kb_len, mbedtls_mpi_size(&rsa->E)); kb_len += mbedtls_mpi_size(&rsa->E); mbedtls_mpi_write_binary(&rsa->E, kb+8+kb_len, mbedtls_mpi_size(&rsa->E)); kb_len += mbedtls_mpi_size(&rsa->E);
algo = (uint8_t *)"\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x01\x02"; algo = (uint8_t *)"\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x01\x02";
algo_len = 12; algo_len = 12;
} }
else if (key_type & HSM_KEY_EC) { else if (key_type & HSM_KEY_EC) {
if (*out_len < 8+1+12+6+(8+2*8+9*66+2+4)+16) //4 bytes pading if (*out_len < 8+1+12+6+(8+2*8+9*66+2+4)+16) //4 bytes pading
return CCID_WRONG_LENGTH; return CCID_WRONG_LENGTH;
mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *)key_ctx; mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *)key_ctx;
kb_len = 0; kb_len = 0;
@ -300,16 +300,16 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
kb[8+kb_len++] = 0x4; kb[8+kb_len++] = 0x4;
mbedtls_mpi_write_binary(&ecdsa->Q.X, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.X)); kb_len += mbedtls_mpi_size(&ecdsa->Q.X); mbedtls_mpi_write_binary(&ecdsa->Q.X, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.X)); kb_len += mbedtls_mpi_size(&ecdsa->Q.X);
mbedtls_mpi_write_binary(&ecdsa->Q.Y, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.Y)); kb_len += mbedtls_mpi_size(&ecdsa->Q.Y); mbedtls_mpi_write_binary(&ecdsa->Q.Y, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.Y)); kb_len += mbedtls_mpi_size(&ecdsa->Q.Y);
algo = (uint8_t *)"\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03"; algo = (uint8_t *)"\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03";
algo_len = 12; algo_len = 12;
} }
memset(out, 0, *out_len); memset(out, 0, *out_len);
*out_len = 0; *out_len = 0;
memcpy(out+*out_len, kcv, 8); memcpy(out+*out_len, kcv, 8);
*out_len += 8; *out_len += 8;
if (key_type & HSM_KEY_AES) if (key_type & HSM_KEY_AES)
out[*out_len] = 15; out[*out_len] = 15;
else if (key_type & HSM_KEY_RSA) else if (key_type & HSM_KEY_RSA)
@ -317,14 +317,14 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
else if (key_type & HSM_KEY_EC) else if (key_type & HSM_KEY_EC)
out[*out_len] = 12; out[*out_len] = 12;
*out_len += 1; *out_len += 1;
if (algo) { if (algo) {
memcpy(out+*out_len, algo, algo_len); memcpy(out+*out_len, algo, algo_len);
*out_len += algo_len; *out_len += algo_len;
} }
else else
*out_len += 2; *out_len += 2;
if (allowed && allowed_len > 0) { if (allowed && allowed_len > 0) {
put_uint16_t(allowed_len, out+*out_len); *out_len += 2; put_uint16_t(allowed_len, out+*out_len); *out_len += 2;
memcpy(out+*out_len, allowed, allowed_len); memcpy(out+*out_len, allowed, allowed_len);
@ -334,7 +334,7 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
*out_len += 2; *out_len += 2;
//add 4 zeros //add 4 zeros
*out_len += 4; *out_len += 4;
memcpy(kb, random_bytes_get(8), 8); memcpy(kb, random_bytes_get(8), 8);
kb_len += 8; //8 random bytes kb_len += 8; //8 random bytes
int kb_len_pad = ((int)(kb_len/16))*16; int kb_len_pad = ((int)(kb_len/16))*16;
@ -347,12 +347,12 @@ int dkek_encode_key(uint8_t id, void *key_ctx, int key_type, uint8_t *out, size_
r = aes_encrypt(kenc, NULL, 256, HSM_AES_MODE_CBC, kb, kb_len_pad); r = aes_encrypt(kenc, NULL, 256, HSM_AES_MODE_CBC, kb, kb_len_pad);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
memcpy(out+*out_len, kb, kb_len_pad); memcpy(out+*out_len, kb, kb_len_pad);
*out_len += kb_len_pad; *out_len += kb_len_pad;
r = mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_256_ECB), kmac, 256, out, *out_len, out+*out_len); r = mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_256_ECB), kmac, 256, out, *out_len, out+*out_len);
*out_len += 16; *out_len += 16;
if (r != 0) if (r != 0)
return r; return r;
@ -376,62 +376,62 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
r = dkek_kcv(id, kcv); r = dkek_kcv(id, kcv);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
uint8_t kmac[32]; uint8_t kmac[32];
memset(kmac, 0, sizeof(kmac)); memset(kmac, 0, sizeof(kmac));
r = dkek_kmac(id, kmac); r = dkek_kmac(id, kmac);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
uint8_t kenc[32]; uint8_t kenc[32];
memset(kenc, 0, sizeof(kenc)); memset(kenc, 0, sizeof(kenc));
r = dkek_kenc(id, kenc); r = dkek_kenc(id, kenc);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
if (memcmp(kcv, in, 8) != 0) if (memcmp(kcv, in, 8) != 0)
return CCID_WRONG_DKEK; return CCID_WRONG_DKEK;
uint8_t signature[16]; uint8_t signature[16];
r = mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_256_ECB), kmac, 256, in, in_len-16, signature); r = mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_256_ECB), kmac, 256, in, in_len-16, signature);
if (r != 0) if (r != 0)
return CCID_WRONG_SIGNATURE; return CCID_WRONG_SIGNATURE;
if (memcmp(signature, in+in_len-16, 16) != 0) if (memcmp(signature, in+in_len-16, 16) != 0)
return CCID_WRONG_SIGNATURE; return CCID_WRONG_SIGNATURE;
int key_type = in[8]; int key_type = in[8];
if (key_type != 5 && key_type != 6 && key_type != 12 && key_type != 15) if (key_type != 5 && key_type != 6 && key_type != 12 && key_type != 15)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
if ((key_type == 5 || key_type == 6) && memcmp(in+9, "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x01\x02", 12) != 0) if ((key_type == 5 || key_type == 6) && memcmp(in+9, "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x01\x02", 12) != 0)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
if (key_type == 12 && memcmp(in+9, "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03", 12) != 0) if (key_type == 12 && memcmp(in+9, "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03", 12) != 0)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
if (key_type == 15 && memcmp(in+9, "\x00\x08\x60\x86\x48\x01\x65\x03\x04\x01", 10) != 0) if (key_type == 15 && memcmp(in+9, "\x00\x08\x60\x86\x48\x01\x65\x03\x04\x01", 10) != 0)
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
size_t ofs = 9; size_t ofs = 9;
//OID //OID
size_t len = get_uint16_t(in, ofs); size_t len = get_uint16_t(in, ofs);
ofs += len+2; ofs += len+2;
//Allowed algorithms //Allowed algorithms
len = get_uint16_t(in, ofs); len = get_uint16_t(in, ofs);
*allowed = (uint8_t *)(in+ofs+2); *allowed = (uint8_t *)(in+ofs+2);
*allowed_len = len; *allowed_len = len;
ofs += len+2; ofs += len+2;
//Access conditions //Access conditions
len = get_uint16_t(in, ofs); len = get_uint16_t(in, ofs);
ofs += len+2; ofs += len+2;
//Key OID //Key OID
len = get_uint16_t(in, ofs); len = get_uint16_t(in, ofs);
ofs += len+2; ofs += len+2;
if ((in_len-16-ofs) % 16 != 0) if ((in_len-16-ofs) % 16 != 0)
return CCID_WRONG_PADDING; return CCID_WRONG_PADDING;
uint8_t kb[8+2*4+2*4096/8+3+13]; //worst case: RSA-4096 (plus, 13 bytes padding) uint8_t kb[8+2*4+2*4096/8+3+13]; //worst case: RSA-4096 (plus, 13 bytes padding)
@ -440,7 +440,7 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
r = aes_decrypt(kenc, NULL, 256, HSM_AES_MODE_CBC, kb, in_len-16-ofs); r = aes_decrypt(kenc, NULL, 256, HSM_AES_MODE_CBC, kb, in_len-16-ofs);
if (r != CCID_OK) if (r != CCID_OK)
return r; return r;
int key_size = get_uint16_t(kb, 8); int key_size = get_uint16_t(kb, 8);
if (key_size_out) if (key_size_out)
*key_size_out = key_size; *key_size_out = key_size;
@ -455,7 +455,7 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
mbedtls_rsa_free(rsa); mbedtls_rsa_free(rsa);
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
} }
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
r = mbedtls_mpi_read_binary(&rsa->N, kb+ofs, len); ofs += len; r = mbedtls_mpi_read_binary(&rsa->N, kb+ofs, len); ofs += len;
if (r != 0) { if (r != 0) {
@ -466,20 +466,20 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
else if (key_type == 6) { else if (key_type == 6) {
//DP-1 //DP-1
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
//DQ-1 //DQ-1
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
r = mbedtls_mpi_read_binary(&rsa->P, kb+ofs, len); ofs += len; r = mbedtls_mpi_read_binary(&rsa->P, kb+ofs, len); ofs += len;
if (r != 0) { if (r != 0) {
mbedtls_rsa_free(rsa); mbedtls_rsa_free(rsa);
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
} }
//PQ //PQ
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
r = mbedtls_mpi_read_binary(&rsa->Q, kb+ofs, len); ofs += len; r = mbedtls_mpi_read_binary(&rsa->Q, kb+ofs, len); ofs += len;
if (r != 0) { if (r != 0) {
@ -489,14 +489,14 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
//N //N
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
} }
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
r = mbedtls_mpi_read_binary(&rsa->E, kb+ofs, len); ofs += len; r = mbedtls_mpi_read_binary(&rsa->E, kb+ofs, len); ofs += len;
if (r != 0) { if (r != 0) {
mbedtls_rsa_free(rsa); mbedtls_rsa_free(rsa);
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
} }
if (key_type == 5) { if (key_type == 5) {
r = mbedtls_rsa_import(rsa, &rsa->N, NULL, NULL, &rsa->D, &rsa->E); r = mbedtls_rsa_import(rsa, &rsa->N, NULL, NULL, &rsa->D, &rsa->E);
if (r != 0) { if (r != 0) {
@ -511,7 +511,7 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
return CCID_EXEC_ERROR; return CCID_EXEC_ERROR;
} }
} }
r = mbedtls_rsa_complete(rsa); r = mbedtls_rsa_complete(rsa);
if (r != 0) { if (r != 0) {
mbedtls_rsa_free(rsa); mbedtls_rsa_free(rsa);
@ -526,13 +526,13 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
else if (key_type == 12) { else if (key_type == 12) {
mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *)key_ctx; mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *)key_ctx;
mbedtls_ecdsa_init(ecdsa); mbedtls_ecdsa_init(ecdsa);
//A //A
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
//B //B
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
//P //P
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
mbedtls_ecp_group_id ec_id = ec_get_curve_from_prime(kb+ofs, len); mbedtls_ecp_group_id ec_id = ec_get_curve_from_prime(kb+ofs, len);
@ -541,13 +541,13 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, size_t in_len,
return CCID_WRONG_DATA; return CCID_WRONG_DATA;
} }
ofs += len; ofs += len;
//N //N
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
//G //G
len = get_uint16_t(kb, ofs); ofs += len+2; len = get_uint16_t(kb, ofs); ofs += len+2;
//d //d
len = get_uint16_t(kb, ofs); ofs += 2; len = get_uint16_t(kb, ofs); ofs += 2;
r = mbedtls_ecp_read_key(ec_id, ecdsa, kb+ofs, len); r = mbedtls_ecp_read_key(ec_id, ecdsa, kb+ofs, len);

16
src/hsm/kek.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

16
src/hsm/oid.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

18
src/hsm/oid.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -70,7 +70,7 @@
#define OID_ID_RI_DH_SHA_224 OID_ID_RI_DH "\x02" #define OID_ID_RI_DH_SHA_224 OID_ID_RI_DH "\x02"
#define OID_ID_RI_DH_SHA_256 OID_ID_RI_DH "\x03" #define OID_ID_RI_DH_SHA_256 OID_ID_RI_DH "\x03"
#define OID_ID_RI_ECDH OID_ID_RI "\x02" #define OID_ID_RI_ECDH OID_ID_RI "\x02"
#define OID_ID_RI_ECDH_SHA_1 OID_ID_RI_ECDH "\x01" #define OID_ID_RI_ECDH_SHA_1 OID_ID_RI_ECDH "\x01"
#define OID_ID_RI_ECDH_SHA_224 OID_ID_RI_ECDH "\x02" #define OID_ID_RI_ECDH_SHA_224 OID_ID_RI_ECDH "\x02"

44
src/hsm/sc_hsm.c
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
@ -26,13 +26,13 @@
#include "asn1.h" #include "asn1.h"
const uint8_t sc_hsm_aid[] = { const uint8_t sc_hsm_aid[] = {
11, 11,
0xE8,0x2B,0x06,0x01,0x04,0x01,0x81,0xC3,0x1F,0x02,0x01 0xE8,0x2B,0x06,0x01,0x04,0x01,0x81,0xC3,0x1F,0x02,0x01
}; };
const uint8_t atr_sc_hsm[] = { const uint8_t atr_sc_hsm[] = {
24, 24,
0x3B,0xFE,0x18,0x00,0x00,0x81,0x31,0xFE,0x45,0x80,0x31,0x81,0x54,0x48,0x53,0x4D,0x31,0x73,0x80,0x21,0x40,0x81,0x07,0xFA 0x3B,0xFE,0x18,0x00,0x00,0x81,0x31,0xFE,0x45,0x80,0x31,0x81,0x54,0x48,0x53,0x4D,0x31,0x73,0x80,0x21,0x40,0x81,0x07,0xFA
}; };
uint8_t session_pin[32], session_sopin[32]; uint8_t session_pin[32], session_sopin[32];
@ -84,7 +84,7 @@ app_t *sc_hsm_select_aid(app_t *a) {
return NULL; return NULL;
} }
void __attribute__ ((constructor)) sc_hsm_ctor() { void __attribute__ ((constructor)) sc_hsm_ctor() {
ccid_atr = atr_sc_hsm; ccid_atr = atr_sc_hsm;
register_app(sc_hsm_select_aid); register_app(sc_hsm_select_aid);
} }
@ -135,7 +135,7 @@ void scan_files() {
printf("FATAL ERROR: Retries SOPIN not found in memory!\r\n"); printf("FATAL ERROR: Retries SOPIN not found in memory!\r\n");
} }
file_t *tf = NULL; file_t *tf = NULL;
tf = search_by_fid(0x1082, NULL, SPECIFY_EF); tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
if (tf) { if (tf) {
if (!tf->data) { if (!tf->data) {
@ -176,7 +176,7 @@ int add_cert_puk_store(const uint8_t *data, size_t data_len, bool copy) {
return CCID_ERR_NULL_PARAM; return CCID_ERR_NULL_PARAM;
if (puk_store_entries == MAX_PUK_STORE_ENTRIES) if (puk_store_entries == MAX_PUK_STORE_ENTRIES)
return CCID_ERR_MEMORY_FATAL; return CCID_ERR_MEMORY_FATAL;
puk_store[puk_store_entries].copied = copy; puk_store[puk_store_entries].copied = copy;
if (copy == true) { if (copy == true) {
uint8_t *tmp = (uint8_t *)calloc(data_len, sizeof(uint8_t)); uint8_t *tmp = (uint8_t *)calloc(data_len, sizeof(uint8_t));
@ -189,7 +189,7 @@ int add_cert_puk_store(const uint8_t *data, size_t data_len, bool copy) {
puk_store[puk_store_entries].chr = cvc_get_chr(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].chr_len); puk_store[puk_store_entries].chr = cvc_get_chr(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].chr_len);
puk_store[puk_store_entries].car = cvc_get_car(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].car_len); puk_store[puk_store_entries].car = cvc_get_car(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].car_len);
puk_store[puk_store_entries].puk = cvc_get_pub(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].puk_len); puk_store[puk_store_entries].puk = cvc_get_pub(puk_store[puk_store_entries].cvcert, data_len, &puk_store[puk_store_entries].puk_len);
puk_store_entries++; puk_store_entries++;
return CCID_OK; return CCID_OK;
} }
@ -278,7 +278,7 @@ int parse_token_info(const file_t *f, int mode) {
int pin_reset_retries(const file_t *pin, bool force) { int pin_reset_retries(const file_t *pin, bool force) {
if (!pin) if (!pin)
return CCID_ERR_NULL_PARAM; return CCID_ERR_NULL_PARAM;
const file_t *max = search_by_fid(pin->fid+1, NULL, SPECIFY_EF); const file_t *max = search_by_fid(pin->fid+1, NULL, SPECIFY_EF);
const file_t *act = search_by_fid(pin->fid+2, NULL, SPECIFY_EF); const file_t *act = search_by_fid(pin->fid+2, NULL, SPECIFY_EF);
if (!max || !act) if (!max || !act)
@ -294,7 +294,7 @@ int pin_reset_retries(const file_t *pin, bool force) {
int pin_wrong_retry(const file_t *pin) { int pin_wrong_retry(const file_t *pin) {
if (!pin) if (!pin)
return CCID_ERR_NULL_PARAM; return CCID_ERR_NULL_PARAM;
const file_t *act = search_by_fid(pin->fid+2, NULL, SPECIFY_EF); const file_t *act = search_by_fid(pin->fid+2, NULL, SPECIFY_EF);
if (!act) if (!act)
return CCID_ERR_FILE_NOT_FOUND; return CCID_ERR_FILE_NOT_FOUND;
@ -381,7 +381,7 @@ uint32_t get_key_counter(file_t *fkey) {
const uint8_t *meta_tag = get_meta_tag(fkey, 0x90, &tag_len); const uint8_t *meta_tag = get_meta_tag(fkey, 0x90, &tag_len);
if (meta_tag) if (meta_tag)
return (meta_tag[0] << 24) | (meta_tag[1] << 16) | (meta_tag[2] << 8) | meta_tag[3]; return (meta_tag[0] << 24) | (meta_tag[1] << 16) | (meta_tag[2] << 8) | meta_tag[3];
return 0xffffffff; return 0xffffffff;
} }
bool key_has_purpose(file_t *ef, uint8_t purpose) { bool key_has_purpose(file_t *ef, uint8_t purpose) {
@ -417,7 +417,7 @@ uint32_t decrement_key_counter(file_t *fkey) {
tag_data[1] = (val >> 16) & 0xff; tag_data[1] = (val >> 16) & 0xff;
tag_data[2] = (val >> 8) & 0xff; tag_data[2] = (val >> 8) & 0xff;
tag_data[3] = val & 0xff; tag_data[3] = val & 0xff;
int r = meta_add(fkey->fid, cmeta, meta_size); int r = meta_add(fkey->fid, cmeta, meta_size);
free(cmeta); free(cmeta);
if (r != 0) if (r != 0)
@ -525,7 +525,7 @@ int find_and_store_meta_key(uint8_t key_id) {
int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) { int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
if (wait_button() == true) //timeout if (wait_button() == true) //timeout
return CCID_VERIFICATION_FAILED; return CCID_VERIFICATION_FAILED;
int key_size = file_get_size(fkey); int key_size = file_get_size(fkey);
uint8_t kdata[4096/8]; uint8_t kdata[4096/8];
memcpy(kdata, file_get_data(fkey), key_size); memcpy(kdata, file_get_data(fkey), key_size);
@ -568,7 +568,7 @@ int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey) {
int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey) { int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey) {
if (wait_button() == true) //timeout if (wait_button() == true) //timeout
return CCID_VERIFICATION_FAILED; return CCID_VERIFICATION_FAILED;
int key_size = file_get_size(fkey); int key_size = file_get_size(fkey);
uint8_t kdata[67]; //Worst case, 521 bit + 1byte uint8_t kdata[67]; //Worst case, 521 bit + 1byte
memcpy(kdata, file_get_data(fkey), key_size); memcpy(kdata, file_get_data(fkey), key_size);
@ -622,7 +622,7 @@ typedef struct cmd
static const cmd_t cmds[] = { static const cmd_t cmds[] = {
{ INS_SELECT_FILE, cmd_select }, { INS_SELECT_FILE, cmd_select },
{ INS_LIST_KEYS, cmd_list_keys }, { INS_LIST_KEYS, cmd_list_keys },
{ INS_READ_BINARY, cmd_read_binary }, { INS_READ_BINARY, cmd_read_binary },
{ INS_READ_BINARY_ODD, cmd_read_binary }, { INS_READ_BINARY_ODD, cmd_read_binary },
{ INS_VERIFY, cmd_verify }, { INS_VERIFY, cmd_verify },

16
src/hsm/sc_hsm.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

16
src/hsm/version.h
View file

@ -1,17 +1,17 @@
/* /*
* This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm). * This file is part of the Pico HSM distribution (https://github.com/polhenarejos/pico-hsm).
* Copyright (c) 2022 Pol Henarejos. * Copyright (c) 2022 Pol Henarejos.
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3. * the Free Software Foundation, version 3.
* *
* This program is distributed in the hope that it will be useful, but * This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details. * General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */

2
workflows/autobuild.sh
View file

@ -10,4 +10,4 @@ cd ..
mkdir build mkdir build
cd build cd build
cmake -DPICO_SDK_PATH=../pico-sdk .. cmake -DPICO_SDK_PATH=../pico-sdk ..
make make