From 6fe7d7991b5f2919e27d21b835a03d75c0f726e8 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Mon, 28 Mar 2022 17:37:24 +0200 Subject: [PATCH] Len of CMAC is always 16. Signed-off-by: Pol Henarejos --- src/hsm/sc_hsm.c | 60 ++++-------------------------------------------- 1 file changed, 5 insertions(+), 55 deletions(-) diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c index 060833d..014ecc1 100644 --- a/src/hsm/sc_hsm.c +++ b/src/hsm/sc_hsm.c @@ -30,6 +30,7 @@ #include "mbedtls/hkdf.h" #include "version.h" #include "cvcerts.h" +#include "hash_utils.h" const uint8_t sc_hsm_aid[] = { 11, @@ -73,6 +74,7 @@ int sc_hsm_unload() { return HSM_OK; } +//AES CBC encryption with a 256 bit key static int encrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, int len) { mbedtls_aes_context aes; @@ -86,6 +88,7 @@ static int encrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, int len return mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_ENCRYPT, len, &iv_offset, tmp_iv, data, data); } +//AES CBC decryption with a 256 bit key static int decrypt(const uint8_t *key, const uint8_t *iv, uint8_t *data, int len) { mbedtls_aes_context aes; @@ -268,7 +271,7 @@ int cvc_prepare_signatures(sc_pkcs15_card_t *p15card, sc_cvc_t *cvc, size_t sig_ free(cvcbin); return r; } - hash(cvcbin, cvclen, hsh); + hash256(cvcbin, cvclen, hsh); free(cvcbin); return HSM_OK; } @@ -606,59 +609,6 @@ static int cmd_initialize() { return SW_OK(); } -void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]) { - uint8_t o1[32]; - hash_multi(pin, len, o1); - for (int i = 0; i < sizeof(o1); i++) - o1[i] ^= pin[i%len]; - hash_multi(o1, sizeof(o1), output); -} - -void hash_multi(const uint8_t *input, size_t len, uint8_t output[32]) -{ - mbedtls_sha256_context ctx; - mbedtls_sha256_init(&ctx); - int iters = 256; - - pico_get_unique_board_id(&unique_id); - - mbedtls_sha256_starts (&ctx, 0); - mbedtls_sha256_update (&ctx, unique_id.id, sizeof(unique_id.id)); - - while (iters > len) - { - mbedtls_sha256_update (&ctx, input, len); - iters -= len; - } - if (iters > 0) // remaining iterations - mbedtls_sha256_update (&ctx, input, iters); - mbedtls_sha256_finish (&ctx, output); - mbedtls_sha256_free (&ctx); -} - -void hash(const uint8_t *input, size_t len, uint8_t output[32]) -{ - mbedtls_sha256_context ctx; - mbedtls_sha256_init(&ctx); - - mbedtls_sha256_starts (&ctx, 0); - mbedtls_sha256_update (&ctx, input, len); - - mbedtls_sha256_finish (&ctx, output); - mbedtls_sha256_free (&ctx); -} - -void generic_hash(mbedtls_md_type_t md, const uint8_t *input, size_t len, uint8_t *output) { - mbedtls_md_context_t ctx; - mbedtls_md_init(&ctx); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md); - mbedtls_md_setup(&ctx, md_info, 0); - mbedtls_md_starts(&ctx); - mbedtls_md_update(&ctx, input, len); - mbedtls_md_finish(&ctx, output); - mbedtls_md_free(&ctx); -} - static int cmd_import_dkek() { //if (dkeks == 0) // return SW_COMMAND_NOT_ALLOWED(); @@ -1610,7 +1560,7 @@ static int cmd_cipher_sym() { int r = mbedtls_cipher_cmac(cipher_info, kdata, key_size*8, apdu.cmd_apdu_data, apdu.cmd_apdu_data_len, res_APDU); if (r != 0) return SW_EXEC_ERROR(); - res_APDU_size = apdu.cmd_apdu_data_len; + res_APDU_size = 16; } else if (algo == ALGO_AES_DERIVE) { int r = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), NULL, 0, file_read(ef->data+2), key_size, apdu.cmd_apdu_data, apdu.cmd_apdu_data_len, res_APDU, apdu.cmd_apdu_data_len);