mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Use new methods search_file() and file_put_data().

Browse source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2024-04-17 16:36:34 +02:00
parent 623cf10dba
commit b034303193
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
23 changed files with 105 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pico-keys-sdk

@ -1 +1 @@
Subproject commit 6f2721aba343adab1aa0a336e4b15e41fbb77569
Subproject commit ef196bf10ba29410df712b54beef8a2c4876300a

2
src/hsm/cmd_bip_slip.c
View file

@ -256,7 +256,7 @@ int cmd_bip_slip() {
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
r = flash_write_data_to_file(ef, mkey, sizeof(mkey));
r = file_put_data(ef, mkey, sizeof(mkey));
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}

4
src/hsm/cmd_change_pin.c
View file

@ -35,7 +35,7 @@ int cmd_change_pin() {
if (!file_has_data(file_pin)) {
return SW_REFERENCE_NOT_FOUND();
}
uint8_t pin_len = file_read_uint8(file_get_data(file_pin));
uint8_t pin_len = file_read_uint8(file_pin);
int r = check_pin(file_pin, apdu.data, pin_len);
if (r != 0x9000) {
return r;
@ -63,7 +63,7 @@ int cmd_change_pin() {
uint8_t dhash[33];
dhash[0] = (uint8_t)apdu.nc - pin_len;
double_hash_pin(apdu.data + pin_len, (uint16_t)(apdu.nc - pin_len), dhash + 1);
flash_write_data_to_file(file_pin, dhash, sizeof(dhash));
file_put_data(file_pin, dhash, sizeof(dhash));
low_flash_available();
return SW_OK();
}

2
src/hsm/cmd_external_authenticate.c
View file

@ -34,7 +34,7 @@ int cmd_external_authenticate() {
if (apdu.nc == 0) {
return SW_WRONG_LENGTH();
}
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!file_has_data(ef_puk)) {
return SW_FILE_NOT_FOUND();
}

14
src/hsm/cmd_extras.c
View file

@ -81,8 +81,8 @@ int cmd_extras() {
}
else {
uint8_t newopts[] = { apdu.data[0], (opts & 0xff) };
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, newopts, sizeof(newopts));
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, newopts, sizeof(newopts));
low_flash_available();
}
}
@ -167,14 +167,14 @@ int cmd_extras() {
(P2(apdu) == 0x04 && (opts & HSM_OPT_SECURE_LOCK))) {
uint16_t tfids[] = { EF_MKEK, EF_MKEK_SO };
for (int t = 0; t < sizeof(tfids) / sizeof(uint16_t); t++) {
file_t *tf = search_by_fid(tfids[t], NULL, SPECIFY_EF);
file_t *tf = search_file(tfids[t]);
if (tf) {
uint8_t *tmp = (uint8_t *) calloc(1, file_get_size(tf));
memcpy(tmp, file_get_data(tf), file_get_size(tf));
for (int i = 0; i < MKEK_KEY_SIZE; i++) {
MKEK_KEY(tmp)[i] ^= apdu.data[i];
}
flash_write_data_to_file(tf, tmp, file_get_size(tf));
file_put_data(tf, tmp, file_get_size(tf));
free(tmp);
}
}
@ -185,8 +185,8 @@ int cmd_extras() {
else if (P2(apdu) == 0x04) {
newopts[0] &= ~HSM_OPT_SECURE_LOCK >> 8;
}
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, newopts, sizeof(newopts));
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, newopts, sizeof(newopts));
low_flash_available();
}
else if (P2(apdu) == 0x03) {
@ -224,7 +224,7 @@ int cmd_extras() {
else {
return SW_INCORRECT_P1P2();
}
flash_write_data_to_file(ef_phy, tmp, sizeof(tmp));
file_put_data(ef_phy, tmp, sizeof(tmp));
low_flash_available();
}
}

2
src/hsm/cmd_general_authenticate.c
View file

@ -41,7 +41,7 @@ int cmd_general_authenticate() {
pubkey_len = tag_len + 1;
}
}
file_t *fkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fkey = search_file(EF_KEY_DEV);
if (!fkey) {
return SW_EXEC_ERROR();
}

48
src/hsm/cmd_initialize.c
View file

@ -53,15 +53,15 @@ int cmd_initialize() {
asn1_ctx_init(apdu.data, (uint16_t)apdu.nc, &ctxi);
while (walk_tlv(&ctxi, &p, &tag, &tag_len, &tag_data)) {
if (tag == 0x80) { //options
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, tag_data, tag_len);
file_t *tf = search_file(EF_DEVOPS);
file_put_data(tf, tag_data, tag_len);
}
else if (tag == 0x81) { //user pin
if (file_pin1 && file_pin1->data) {
uint8_t dhash[33];
dhash[0] = (uint8_t)tag_len;
double_hash_pin(tag_data, tag_len, dhash + 1);
flash_write_data_to_file(file_pin1, dhash, sizeof(dhash));
file_put_data(file_pin1, dhash, sizeof(dhash));
hash_multi(tag_data, tag_len, session_pin);
has_session_pin = true;
}
@ -71,18 +71,18 @@ int cmd_initialize() {
uint8_t dhash[33];
dhash[0] = (uint8_t)tag_len;
double_hash_pin(tag_data, tag_len, dhash + 1);
flash_write_data_to_file(file_sopin, dhash, sizeof(dhash));
file_put_data(file_sopin, dhash, sizeof(dhash));
hash_multi(tag_data, tag_len, session_sopin);
has_session_sopin = true;
}
}
else if (tag == 0x91) { //retries user pin
file_t *tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
file_t *tf = search_file(0x1082);
if (tf && tf->data) {
flash_write_data_to_file(tf, tag_data, tag_len);
file_put_data(tf, tag_data, tag_len);
}
if (file_retries_pin1 && file_retries_pin1->data) {
flash_write_data_to_file(file_retries_pin1, tag_data, tag_len);
file_put_data(file_retries_pin1, tag_data, tag_len);
}
}
else if (tag == 0x92) {
@ -92,10 +92,10 @@ int cmd_initialize() {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
}
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
else if (tag == 0x93) {
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!ef_puk) {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
@ -105,14 +105,14 @@ int cmd_initialize() {
pk_status[0] = puks;
pk_status[1] = puks;
pk_status[2] = tag_data[1];
flash_write_data_to_file(ef_puk, pk_status, sizeof(pk_status));
file_put_data(ef_puk, pk_status, sizeof(pk_status));
for (uint8_t i = 0; i < puks; i++) {
file_t *tf = file_new(EF_PUK + i);
if (!tf) {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
}
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
}
else if (tag == 0x97) {
@ -122,12 +122,12 @@ int cmd_initialize() {
file_t *tf = file_new(EF_DKEK+i);
if (!tf)
return SW_MEMORY_FAILURE();
flash_write_data_to_file(tf, NULL, 0);
file_put_data(tf, NULL, 0);
}
*/
}
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
if (!tf_kd) {
release_mkek(mkek);
return SW_EXEC_ERROR();
@ -143,7 +143,7 @@ int cmd_initialize() {
if (dkeks) {
if (*dkeks > 0) {
uint16_t d = *dkeks;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
@ -153,28 +153,28 @@ int cmd_initialize() {
return SW_EXEC_ERROR();
}
uint16_t d = 0x0101;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
}
else {
uint16_t d = 0x0000;
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
if (file_put_data(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
if (kds) {
uint8_t t[MAX_KEY_DOMAINS * 2], k = MIN(*kds, MAX_KEY_DOMAINS);
memset(t, 0xff, 2 * k);
if (flash_write_data_to_file(tf_kd, t, 2 * k) != CCID_OK) {
if (file_put_data(tf_kd, t, 2 * k) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
/* When initialized, it has all credentials */
isUserAuthenticated = true;
/* Create terminal private key */
file_t *fdkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fdkey = search_file(EF_KEY_DEV);
if (!fdkey) {
return SW_EXEC_ERROR();
}
@ -200,8 +200,8 @@ int cmd_initialize() {
return SW_EXEC_ERROR();
}
file_t *fpk = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, (uint16_t)cvc_len);
file_t *fpk = search_file(EF_EE_DEV);
ret = file_put_data(fpk, res_APDU, (uint16_t)cvc_len);
if (ret != 0) {
mbedtls_ecdsa_free(&ecdsa);
return SW_EXEC_ERROR();
@ -213,8 +213,8 @@ int cmd_initialize() {
}
memcpy(res_APDU + cvc_len, res_APDU, cvc_len);
mbedtls_ecdsa_free(&ecdsa);
fpk = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, (uint16_t)(2 * cvc_len));
fpk = search_file(EF_TERMCA);
ret = file_put_data(fpk, res_APDU, (uint16_t)(2 * cvc_len));
if (ret != 0) {
return SW_EXEC_ERROR();
}
@ -229,8 +229,8 @@ int cmd_initialize() {
256,
res_APDU,
4096);
fpk = search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, prkd_len);
fpk = search_file(EF_PRKD_DEV);
ret = file_put_data(fpk, res_APDU, prkd_len);
}
if (ret != 0) {

10
src/hsm/cmd_key_domain.c
View file

@ -44,7 +44,7 @@ int cmd_key_domain() {
if (p2 >= MAX_KEY_DOMAINS) {
return SW_WRONG_P1P2();
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
if (!tf_kd) {
return SW_EXEC_ERROR();
}
@ -83,7 +83,7 @@ int cmd_key_domain() {
uint8_t t[MAX_KEY_DOMAINS * 2];
memcpy(t, kdata, tf_kd_size);
t[2 * p2 + 1] = current_dkeks;
if (flash_write_data_to_file(tf_kd, t, tf_kd_size) != CCID_OK) {
if (file_put_data(tf_kd, t, tf_kd_size) != CCID_OK) {
return SW_EXEC_ERROR();
}
low_flash_available();
@ -129,7 +129,7 @@ int cmd_key_domain() {
else if (p1 == 0x4) {
t[2 * p2 + 1] = current_dkeks = 0;
}
if (flash_write_data_to_file(tf_kd, t, tf_kd_size) != CCID_OK) {
if (file_put_data(tf_kd, t, tf_kd_size) != CCID_OK) {
return SW_EXEC_ERROR();
}
file_t *tf = NULL;
@ -151,7 +151,7 @@ int cmd_key_domain() {
else if (p1 == 0x2) { //XKEK Key Domain creation
if (apdu.nc > 0) {
uint16_t pub_len = 0;
file_t *fterm = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
file_t *fterm = search_file(EF_TERMCA);
if (!fterm) {
return SW_EXEC_ERROR();
}
@ -189,7 +189,7 @@ int cmd_key_domain() {
t86_len = 0;
t86 = cvc_get_field(pub, pub_len, &t86_len, 0x86);
if (t86) {
flash_write_data_to_file(tf, t86 + 1, (uint16_t)t86_len - 1);
file_put_data(tf, t86 + 1, (uint16_t)t86_len - 1);
low_flash_available();
}
}

2
src/hsm/cmd_key_unwrap.c
View file

@ -133,7 +133,7 @@ int cmd_key_unwrap() {
}
if (res_APDU_size > 0) {
file_t *fpk = file_new((EE_CERTIFICATE_PREFIX << 8) | key_id);
r = flash_write_data_to_file(fpk, res_APDU, res_APDU_size);
r = file_put_data(fpk, res_APDU, res_APDU_size);
if (r != 0) {
return SW_EXEC_ERROR();
}

2
src/hsm/cmd_key_wrap.c
View file

@ -40,7 +40,7 @@ int cmd_key_wrap() {
if (kdom == 0xff) {
return SW_REFERENCE_NOT_FOUND();
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
file_t *tf_kd = search_file(EF_KEY_DOMAIN);
uint8_t *kdata = file_get_data(tf_kd), dkeks = kdata ? kdata[2 * kdom] : 0,
current_dkeks = kdata ? kdata[2 * kdom + 1] : 0;
if (dkeks != current_dkeks || dkeks == 0 || dkeks == 0xff) {

2
src/hsm/cmd_keypair_gen.c
View file

@ -145,7 +145,7 @@ int cmd_keypair_gen() {
return SW_EXEC_ERROR();
}
file_t *fpk = file_new((EE_CERTIFICATE_PREFIX << 8) | key_id);
ret = flash_write_data_to_file(fpk, res_APDU, res_APDU_size);
ret = file_put_data(fpk, res_APDU, res_APDU_size);
if (ret != 0) {
return SW_EXEC_ERROR();
}

4
src/hsm/cmd_list_keys.c
View file

@ -21,11 +21,11 @@
int cmd_list_keys() {
/* First we send DEV private key */
/* Both below conditions should be always TRUE */
if (search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF)) {
if (search_file(EF_PRKD_DEV)) {
res_APDU[res_APDU_size++] = EF_PRKD_DEV >> 8;
res_APDU[res_APDU_size++] = EF_PRKD_DEV & 0xff;
}
if (search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF)) {
if (search_file(EF_KEY_DEV)) {
res_APDU[res_APDU_size++] = EF_KEY_DEV >> 8;
res_APDU[res_APDU_size++] = EF_KEY_DEV & 0xff;
}

4
src/hsm/cmd_pso.c
View file

@ -54,7 +54,7 @@ int cmd_pso() {
file_t *ca_ef = search_dynamic_file(fid);
if (!ca_ef) {
ca_ef = file_new(fid);
flash_write_data_to_file(ca_ef, apdu.data, (uint16_t)apdu.nc);
file_put_data(ca_ef, apdu.data, (uint16_t)apdu.nc);
if (add_cert_puk_store(file_get_data(ca_ef), file_get_size(ca_ef),
false) != CCID_OK) {
return SW_FILE_FULL();
@ -144,7 +144,7 @@ int cmd_pso() {
fid,
buf,
cd_len);
flash_write_data_to_file(cd_ef, buf, cd_len);
file_put_data(cd_ef, buf, cd_len);
free(buf);
if (r == 0) {
return SW_EXEC_ERROR();

6
src/hsm/cmd_puk_auth.c
View file

@ -21,7 +21,7 @@
int cmd_puk_auth() {
uint8_t p1 = P1(apdu), p2 = P2(apdu);
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
file_t *ef_puk = search_file(EF_PUKAUT);
if (!file_has_data(ef_puk)) {
if (apdu.nc > 0) {
return SW_FILE_NOT_FOUND();
@ -48,7 +48,7 @@ int cmd_puk_auth() {
uint8_t *tmp = (uint8_t *) calloc(file_get_size(ef_puk), sizeof(uint8_t));
memcpy(tmp, puk_data, file_get_size(ef_puk));
tmp[1] = puk_data[1] - 1;
flash_write_data_to_file(ef_puk, tmp, file_get_size(ef_puk));
file_put_data(ef_puk, tmp, file_get_size(ef_puk));
puk_data = file_get_data(ef_puk);
free(tmp);
}
@ -61,7 +61,7 @@ int cmd_puk_auth() {
return SW_MEMORY_FAILURE();
}
}
flash_write_data_to_file(ef, apdu.data, (uint16_t)apdu.nc);
file_put_data(ef, apdu.data, (uint16_t)apdu.nc);
low_flash_available();
}
else {

8
src/hsm/cmd_read_binary.c
View file

@ -25,7 +25,7 @@ int cmd_read_binary() {
if ((ins & 0x1) == 0) {
if ((p1 & 0x80) != 0) {
if (!(ef = search_by_fid(p1 & 0x1f, NULL, SPECIFY_EF))) {
if (!(ef = search_file(p1 & 0x1f))) {
return SW_FILE_NOT_FOUND();
}
offset = p2;
@ -37,7 +37,7 @@ int cmd_read_binary() {
}
else {
if (p1 == 0 && (p2 & 0xE0) == 0 && (p2 & 0x1f) != 0 && (p2 & 0x1f) != 0x1f) {
if (!(ef = search_by_fid(p2 & 0x1f, NULL, SPECIFY_EF))) {
if (!(ef = search_file(p2 & 0x1f))) {
return SW_FILE_NOT_FOUND();
}
}
@ -46,9 +46,7 @@ int cmd_read_binary() {
if (file_id == 0x0) {
ef = currentEF;
}
else if (!(ef =
search_by_fid(file_id, NULL,
SPECIFY_EF)) && !(ef = search_dynamic_file(file_id))) {
else if (!(ef = search_file(file_id))) {
return SW_FILE_NOT_FOUND();
}

6
src/hsm/cmd_reset_retry.c
View file

@ -36,7 +36,7 @@ int cmd_reset_retry() {
if (P1(apdu) == 0x0 || P1(apdu) == 0x2) {
uint8_t newpin_len = 0;
if (P1(apdu) == 0x0) {
uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin));
uint8_t so_pin_len = file_read_uint8(file_sopin);
if ((uint16_t)apdu.nc <= so_pin_len + 1) {
return SW_WRONG_LENGTH();
}
@ -58,7 +58,7 @@ int cmd_reset_retry() {
uint8_t dhash[33];
dhash[0] = newpin_len;
double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
flash_write_data_to_file(file_pin1, dhash, sizeof(dhash));
file_put_data(file_pin1, dhash, sizeof(dhash));
if (pin_reset_retries(file_pin1, true) != CCID_OK) {
return SW_MEMORY_FAILURE();
}
@ -82,7 +82,7 @@ int cmd_reset_retry() {
return SW_COMMAND_NOT_ALLOWED();
}
if (P1(apdu) == 0x1) {
uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin));
uint8_t so_pin_len = file_read_uint8(file_sopin);
if (apdu.nc != so_pin_len) {
return SW_WRONG_LENGTH();
}

3
src/hsm/cmd_select.c
View file

@ -63,8 +63,7 @@ int cmd_select() {
pfx == DCOD_PREFIX ||
pfx == DATA_PREFIX ||
pfx == PROT_DATA_PREFIX) {*/
if (fid != 0x0 && !(pe = search_dynamic_file(fid)) &&
!(pe = search_by_fid(fid, NULL, SPECIFY_EF))) {
if (fid != 0x0 && !(pe = search_file(fid))) {
return SW_FILE_NOT_FOUND();
}
/*}*/

5
src/hsm/cmd_signature.c
View file

@ -104,10 +104,7 @@ int cmd_signature() {
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
if ((!(fkey = search_dynamic_file((KEY_PREFIX << 8) | key_id)) &&
!(fkey =
search_by_fid((KEY_PREFIX << 8) | key_id, NULL,
SPECIFY_EF))) || !file_has_data(fkey)) {
if (!(fkey = search_file((KEY_PREFIX << 8) | key_id)) || !file_has_data(fkey)) {
return SW_FILE_NOT_FOUND();
}
if (get_key_counter(fkey) == 0) {

9
src/hsm/cmd_update_ef.c
View file

@ -72,15 +72,12 @@ int cmd_update_ef() {
if (fid == 0x0 && !ef) {
return SW_FILE_NOT_FOUND();
}
else if (fid != 0x0 &&
!(ef =
search_by_fid(fid, NULL,
SPECIFY_EF)) && !(ef = search_dynamic_file(fid))) { //if does not exist, create it
else if (fid != 0x0 && !(ef = search_file(fid))) { //if does not exist, create it
//return SW_FILE_NOT_FOUND();
ef = file_new(fid);
}
if (offset == 0) {
int r = flash_write_data_to_file(ef, data, data_len);
int r = file_put_data(ef, data, data_len);
if (r != CCID_OK) {
return SW_MEMORY_FAILURE();
}
@ -93,7 +90,7 @@ int cmd_update_ef() {
uint8_t *data_merge = (uint8_t *) calloc(1, offset + data_len);
memcpy(data_merge, file_get_data(ef), offset);
memcpy(data_merge + offset, data, data_len);
int r = flash_write_data_to_file(ef, data_merge, offset + data_len);
int r = file_put_data(ef, data_merge, offset + data_len);
free(data_merge);
if (r != CCID_OK) {
return SW_MEMORY_FAILURE();

10
src/hsm/cmd_verify.c
View file

@ -39,25 +39,25 @@ int cmd_verify() {
if (apdu.nc > 0) {
return check_pin(file_pin1, apdu.data, (uint16_t)apdu.nc);
}
if (file_read_uint8(file_get_data(file_retries_pin1)) == 0) {
if (file_read_uint8(file_retries_pin1) == 0) {
return SW_PIN_BLOCKED();
}
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_get_data(file_retries_pin1)));
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_pin1));
}
else if (p2 == 0x88) { //SOPin
if (file_read_uint8(file_get_data(file_sopin)) == 0) { //not initialized
if (file_read_uint8(file_sopin) == 0) { //not initialized
return SW_REFERENCE_NOT_FOUND();
}
if (apdu.nc > 0) {
return check_pin(file_sopin, apdu.data, (uint16_t)apdu.nc);
}
if (file_read_uint8(file_get_data(file_retries_sopin)) == 0) {
if (file_read_uint8(file_retries_sopin) == 0) {
return SW_PIN_BLOCKED();
}
if (has_session_sopin) {
return SW_OK();
}
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_get_data(file_retries_sopin)));
return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_sopin));
}
else if (p2 == 0x85) {
return SW_OK();

2
src/hsm/cvc.c
View file

@ -323,7 +323,7 @@ uint16_t asn1_cvc_aut(void *rsa_ecdsa,
uint16_t outcar_len = dev_name_len;
const uint8_t *outcar = dev_name;
uint16_t outcar_size = asn1_len_tag(0x42, outcar_len);
file_t *fkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
file_t *fkey = search_file(EF_KEY_DEV);
if (!fkey) {
return 0;
}

16
src/hsm/kek.c
View file

@ -57,14 +57,14 @@ int load_mkek(uint8_t *mkek) {
}
const uint8_t *pin = NULL;
if (pin == NULL && has_session_pin == true) {
file_t *tf = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK);
if (file_has_data(tf)) {
memcpy(mkek, file_get_data(tf), MKEK_SIZE);
pin = session_pin;
}
}
if (pin == NULL && has_session_sopin == true) {
file_t *tf = search_by_fid(EF_MKEK_SO, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK_SO);
if (file_has_data(tf)) {
memcpy(mkek, file_get_data(tf), MKEK_SIZE);
pin = session_sopin;
@ -137,7 +137,7 @@ int store_mkek(const uint8_t *mkek) {
if (has_session_pin) {
uint8_t tmp_mkek_pin[MKEK_SIZE];
memcpy(tmp_mkek_pin, tmp_mkek, MKEK_SIZE);
file_t *tf = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK);
if (!tf) {
release_mkek(tmp_mkek);
release_mkek(tmp_mkek_pin);
@ -147,13 +147,13 @@ int store_mkek(const uint8_t *mkek) {
MKEK_IV(tmp_mkek_pin),
MKEK_KEY(tmp_mkek_pin),
MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE);
flash_write_data_to_file(tf, tmp_mkek_pin, MKEK_SIZE);
file_put_data(tf, tmp_mkek_pin, MKEK_SIZE);
release_mkek(tmp_mkek_pin);
}
if (has_session_sopin) {
uint8_t tmp_mkek_sopin[MKEK_SIZE];
memcpy(tmp_mkek_sopin, tmp_mkek, MKEK_SIZE);
file_t *tf = search_by_fid(EF_MKEK_SO, NULL, SPECIFY_EF);
file_t *tf = search_file(EF_MKEK_SO);
if (!tf) {
release_mkek(tmp_mkek);
release_mkek(tmp_mkek_sopin);
@ -163,7 +163,7 @@ int store_mkek(const uint8_t *mkek) {
MKEK_IV(tmp_mkek_sopin),
MKEK_KEY(tmp_mkek_sopin),
MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE);
flash_write_data_to_file(tf, tmp_mkek_sopin, MKEK_SIZE);
file_put_data(tf, tmp_mkek_sopin, MKEK_SIZE);
release_mkek(tmp_mkek_sopin);
}
low_flash_available();
@ -180,7 +180,7 @@ int store_dkek_key(uint8_t id, uint8_t *dkek) {
if (r != CCID_OK) {
return r;
}
flash_write_data_to_file(tf, dkek, DKEK_KEY_SIZE);
file_put_data(tf, dkek, DKEK_KEY_SIZE);
low_flash_available();
return CCID_OK;
}
@ -213,7 +213,7 @@ int import_dkek_share(uint8_t id, const uint8_t *share) {
for (int i = 0; i < DKEK_KEY_SIZE; i++) {
tmp_dkek[i] ^= share[i];
}
flash_write_data_to_file(tf, tmp_dkek, DKEK_KEY_SIZE);
file_put_data(tf, tmp_dkek, DKEK_KEY_SIZE);
low_flash_available();
return CCID_OK;
}

56
src/hsm/sc_hsm.c
View file

@ -94,45 +94,45 @@ INITIALIZER( sc_hsm_ctor ) {
}
void scan_files() {
file_pin1 = search_by_fid(0x1081, NULL, SPECIFY_EF);
file_pin1 = search_file(0x1081);
if (file_pin1) {
if (!file_pin1->data) {
printf("PIN1 is empty. Initializing with default password\n");
const uint8_t empty[33] = { 0 };
flash_write_data_to_file(file_pin1, empty, sizeof(empty));
file_put_data(file_pin1, empty, sizeof(empty));
}
}
else {
printf("FATAL ERROR: PIN1 not found in memory!\n");
}
file_sopin = search_by_fid(0x1088, NULL, SPECIFY_EF);
file_sopin = search_file(0x1088);
if (file_sopin) {
if (!file_sopin->data) {
printf("SOPIN is empty. Initializing with default password\n");
const uint8_t empty[33] = { 0 };
flash_write_data_to_file(file_sopin, empty, sizeof(empty));
file_put_data(file_sopin, empty, sizeof(empty));
}
}
else {
printf("FATAL ERROR: SOPIN not found in memory!\n");
}
file_retries_pin1 = search_by_fid(0x1083, NULL, SPECIFY_EF);
file_retries_pin1 = search_file(0x1083);
if (file_retries_pin1) {
if (!file_retries_pin1->data) {
printf("Retries PIN1 is empty. Initializing with default retriesr\n");
const uint8_t retries = 3;
flash_write_data_to_file(file_retries_pin1, &retries, sizeof(uint8_t));
file_put_data(file_retries_pin1, &retries, sizeof(uint8_t));
}
}
else {
printf("FATAL ERROR: Retries PIN1 not found in memory!\n");
}
file_retries_sopin = search_by_fid(0x108A, NULL, SPECIFY_EF);
file_retries_sopin = search_file(0x108A);
if (file_retries_sopin) {
if (!file_retries_sopin->data) {
printf("Retries SOPIN is empty. Initializing with default retries\n");
const uint8_t retries = 15;
flash_write_data_to_file(file_retries_sopin, &retries, sizeof(uint8_t));
file_put_data(file_retries_sopin, &retries, sizeof(uint8_t));
}
}
else {
@ -140,23 +140,23 @@ void scan_files() {
}
file_t *tf = NULL;
tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
tf = search_file(0x1082);
if (tf) {
if (!tf->data) {
printf("Max retries PIN1 is empty. Initializing with default max retriesr\n");
const uint8_t retries = 3;
flash_write_data_to_file(tf, &retries, sizeof(uint8_t));
file_put_data(tf, &retries, sizeof(uint8_t));
}
}
else {
printf("FATAL ERROR: Max Retries PIN1 not found in memory!\n");
}
tf = search_by_fid(0x1089, NULL, SPECIFY_EF);
tf = search_file(0x1089);
if (tf) {
if (!tf->data) {
printf("Max Retries SOPIN is empty. Initializing with default max retries\n");
const uint8_t retries = 15;
flash_write_data_to_file(tf, &retries, sizeof(uint8_t));
file_put_data(tf, &retries, sizeof(uint8_t));
}
}
else {
@ -227,7 +227,7 @@ void reset_puk_store() {
}
memset(puk_store, 0, sizeof(puk_store));
puk_store_entries = 0;
file_t *fterm = search_by_fid(EF_TERMCA, NULL, SPECIFY_EF);
file_t *fterm = search_file(EF_TERMCA);
if (fterm) {
uint8_t *p = NULL, *fterm_data = file_get_data(fterm), *pq = fterm_data;
uint16_t fterm_data_len = file_get_size(fterm);
@ -239,7 +239,7 @@ void reset_puk_store() {
}
}
for (int i = 0; i < 0xfe; i++) {
file_t *ef = search_dynamic_file((CA_CERTIFICATE_PREFIX << 8) | (uint8_t)i);
file_t *ef = search_file((CA_CERTIFICATE_PREFIX << 8) | (uint8_t)i);
if (ef && file_get_size(ef) > 0) {
add_cert_puk_store(file_get_data(ef), file_get_size(ef), false);
}
@ -264,9 +264,9 @@ int sc_hsm_unload() {
}
uint16_t get_device_options() {
file_t *ef = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
file_t *ef = search_file(EF_DEVOPS);
if (file_has_data(ef)) {
return (file_read_uint8(file_get_data(ef)) << 8) | file_read_uint8(file_get_data(ef) + 1);
return (file_read_uint8(ef) << 8) | file_read_uint8_offset(ef, 1);
}
return 0x0;
}
@ -318,17 +318,17 @@ int pin_reset_retries(const file_t *pin, bool force) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
}
const file_t *max = search_by_fid(pin->fid + 1, NULL, SPECIFY_EF);
const file_t *act = search_by_fid(pin->fid + 2, NULL, SPECIFY_EF);
const file_t *max = search_file(pin->fid + 1);
const file_t *act = search_file(pin->fid + 2);
if (!max || !act) {
return CCID_ERR_FILE_NOT_FOUND;
}
uint8_t retries = file_read_uint8(file_get_data(act));
uint8_t retries = file_read_uint8(act);
if (retries == 0 && force == false) { // blocked
return CCID_ERR_BLOCKED;
}
retries = file_read_uint8(file_get_data(max));
int r = flash_write_data_to_file((file_t *) act, &retries, sizeof(retries));
retries = file_read_uint8(max);
int r = file_put_data((file_t *) act, &retries, sizeof(retries));
low_flash_available();
return r;
}
@ -337,14 +337,14 @@ int pin_wrong_retry(const file_t *pin) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
}
const file_t *act = search_by_fid(pin->fid + 2, NULL, SPECIFY_EF);
const file_t *act = search_file(pin->fid + 2);
if (!act) {
return CCID_ERR_FILE_NOT_FOUND;
}
uint8_t retries = file_read_uint8(file_get_data(act));
uint8_t retries = file_read_uint8(act);
if (retries > 0) {
retries -= 1;
int r = flash_write_data_to_file((file_t *) act, &retries, sizeof(retries));
int r = file_put_data((file_t *) act, &retries, sizeof(retries));
if (r != CCID_OK) {
return r;
}
@ -358,8 +358,8 @@ int pin_wrong_retry(const file_t *pin) {
}
bool pka_enabled() {
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
return file_has_data(ef_puk) && file_read_uint8(file_get_data(ef_puk)) > 0;
file_t *ef_puk = search_file(EF_PUKAUT);
return file_has_data(ef_puk) && file_read_uint8(ef_puk) > 0;
}
uint16_t check_pin(const file_t *pin, const uint8_t *data, uint16_t len) {
@ -544,7 +544,7 @@ int store_keys(void *key_ctx, int type, uint8_t key_id) {
if (r != CCID_OK) {
return r;
}
r = flash_write_data_to_file(fpk, kdata, (uint16_t)key_size);
r = file_put_data(fpk, kdata, (uint16_t)key_size);
if (r != CCID_OK) {
return r;
}
@ -556,7 +556,7 @@ int store_keys(void *key_ctx, int type, uint8_t key_id) {
uint16_t prkd_len = asn1_build_prkd_generic(NULL, 0, (uint8_t *)key_id_str, (uint16_t)strlen(key_id_str), key_size * 8, type, kdata, sizeof(kdata));
if (prkd_len > 0) {
fpk = file_new((PRKD_PREFIX << 8) | key_id);
r = flash_write_data_to_file(fpk, kdata, prkd_len);
r = file_put_data(fpk, kdata, prkd_len);
if (r != 0) {
return SW_EXEC_ERROR();
}