diff --git a/CMakeLists.txt b/CMakeLists.txt index 11422cf..44a1697 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -26,23 +26,15 @@ set_source_files_properties( ) target_sources(hsm2040 PUBLIC - ${CMAKE_CURRENT_LIST_DIR}/hsm2040.c - ${CMAKE_CURRENT_LIST_DIR}/usb_descriptors.c - ${CMAKE_CURRENT_LIST_DIR}/openpgp.c - ${CMAKE_CURRENT_LIST_DIR}/debug.c - ${CMAKE_CURRENT_LIST_DIR}/openpgp-do.c - ${CMAKE_CURRENT_LIST_DIR}/ac.c - ${CMAKE_CURRENT_LIST_DIR}/file.c - ${CMAKE_CURRENT_LIST_DIR}/flash.c - ${CMAKE_CURRENT_LIST_DIR}/flash_openpgp.c - ${CMAKE_CURRENT_LIST_DIR}/low_flash.c - ${CMAKE_CURRENT_LIST_DIR}/call-rsa.c - ${CMAKE_CURRENT_LIST_DIR}/call-ec_p256k1.c - ${CMAKE_CURRENT_LIST_DIR}/ecc-ed25519.c - ${CMAKE_CURRENT_LIST_DIR}/ecc-ed448.c - ${CMAKE_CURRENT_LIST_DIR}/random.c - ${CMAKE_CURRENT_LIST_DIR}/ecc-mont.c - ${CMAKE_CURRENT_LIST_DIR}/ecc-x448.c + ${CMAKE_CURRENT_LIST_DIR}/src/hsm/hsm2040.c + ${CMAKE_CURRENT_LIST_DIR}/src/hsm/sc_hsm.c + ${CMAKE_CURRENT_LIST_DIR}/src/usb/usb_descriptors.c + ${CMAKE_CURRENT_LIST_DIR}/src/fs/file.c + ${CMAKE_CURRENT_LIST_DIR}/src/fs/flash.c + ${CMAKE_CURRENT_LIST_DIR}/src/fs/low_flash.c + ${CMAKE_CURRENT_LIST_DIR}/src/rng/random.c + ${CMAKE_CURRENT_LIST_DIR}/src/rng/neug.c + ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library/sha256.c ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library/aes.c ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library/sha512.c @@ -62,16 +54,6 @@ target_sources(hsm2040 PUBLIC ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library/ripemd160.c ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library/sha1.c - ${CMAKE_CURRENT_LIST_DIR}/shake256.c - ${CMAKE_CURRENT_LIST_DIR}/neug.c - ${CMAKE_CURRENT_LIST_DIR}/ec_p256k1.c - ${CMAKE_CURRENT_LIST_DIR}/bn.c - ${CMAKE_CURRENT_LIST_DIR}/mod.c - ${CMAKE_CURRENT_LIST_DIR}/jpc_p256k1.c - ${CMAKE_CURRENT_LIST_DIR}/modp256k1.c - ${CMAKE_CURRENT_LIST_DIR}/p448.c - ${CMAKE_CURRENT_LIST_DIR}/mod25638.c - ${CMAKE_CURRENT_LIST_DIR}/sc_hsm.c ${CMAKE_CURRENT_LIST_DIR}/OpenSC/src/libopensc/pkcs15.c ${CMAKE_CURRENT_LIST_DIR}/OpenSC/src/libopensc/pkcs15-prkey.c ${CMAKE_CURRENT_LIST_DIR}/OpenSC/src/libopensc/pkcs15-algo.c @@ -91,7 +73,10 @@ target_sources(hsm2040 PUBLIC ) target_include_directories(hsm2040 PUBLIC - ${CMAKE_CURRENT_LIST_DIR} + ${CMAKE_CURRENT_LIST_DIR}/src/fs + ${CMAKE_CURRENT_LIST_DIR}/src/hsm + ${CMAKE_CURRENT_LIST_DIR}/src/rng + ${CMAKE_CURRENT_LIST_DIR}/src/usb ${CMAKE_CURRENT_LIST_DIR}/opensc/src ${CMAKE_CURRENT_LIST_DIR}/mbedtls/include ${CMAKE_CURRENT_LIST_DIR}/mbedtls/library diff --git a/common.h b/common.h deleted file mode 100644 index a630fcc..0000000 --- a/common.h +++ /dev/null @@ -1,401 +0,0 @@ -/** - * \file common.h - * - * \brief Utility macros for internal use in the library - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef MBEDTLS_LIBRARY_COMMON_H -#define MBEDTLS_LIBRARY_COMMON_H - -#include "mbedtls/build_info.h" - -#include - -/** Helper to define a function as static except when building invasive tests. - * - * If a function is only used inside its own source file and should be - * declared `static` to allow the compiler to optimize for code size, - * but that function has unit tests, define it with - * ``` - * MBEDTLS_STATIC_TESTABLE int mbedtls_foo(...) { ... } - * ``` - * and declare it in a header in the `library/` directory with - * ``` - * #if defined(MBEDTLS_TEST_HOOKS) - * int mbedtls_foo(...); - * #endif - * ``` - */ -#if defined(MBEDTLS_TEST_HOOKS) -#define MBEDTLS_STATIC_TESTABLE -#else -#define MBEDTLS_STATIC_TESTABLE static -#endif - -#if defined(MBEDTLS_TEST_HOOKS) -extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const char * file ); -#define MBEDTLS_TEST_HOOK_TEST_ASSERT( TEST ) \ - do { \ - if( ( ! ( TEST ) ) && ( ( *mbedtls_test_hook_test_fail ) != NULL ) ) \ - { \ - ( *mbedtls_test_hook_test_fail )( #TEST, __LINE__, __FILE__ ); \ - } \ - } while( 0 ) -#else -#define MBEDTLS_TEST_HOOK_TEST_ASSERT( TEST ) -#endif /* defined(MBEDTLS_TEST_HOOKS) */ - -/** Allow library to access its structs' private members. - * - * Although structs defined in header files are publicly available, - * their members are private and should not be accessed by the user. - */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -/** Byte Reading Macros - * - * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th - * byte from x, where byte 0 is the least significant byte. - */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) - -/** - * Get the unsigned 32 bits integer corresponding to four bytes in - * big-endian order (MSB first). - * - * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p data of the first and most significant - * byte of the four bytes to build the 32 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ - ) -#endif - -/** - * Put in memory a 32 bits unsigned integer in big-endian order. - * - * \param n 32 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 32 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the most significant - * byte of the 32 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ -} -#endif - -/** - * Get the unsigned 32 bits integer corresponding to four bytes in - * little-endian order (LSB first). - * - * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p data of the first and least significant - * byte of the four bytes to build the 32 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ - ) -#endif - -/** - * Put in memory a 32 bits unsigned integer in little-endian order. - * - * \param n 32 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 32 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the least significant - * byte of the 32 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ -} -#endif - -/** - * Get the unsigned 16 bits integer corresponding to two bytes in - * little-endian order (LSB first). - * - * \param data Base address of the memory to get the two bytes from. - * \param offset Offset from \p data of the first and least significant - * byte of the two bytes to build the 16 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ - ) -#endif - -/** - * Put in memory a 16 bits unsigned integer in little-endian order. - * - * \param n 16 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 16 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the least significant - * byte of the 16 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ -} -#endif - -/** - * Get the unsigned 16 bits integer corresponding to two bytes in - * big-endian order (MSB first). - * - * \param data Base address of the memory to get the two bytes from. - * \param offset Offset from \p data of the first and most significant - * byte of the two bytes to build the 16 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ - ) -#endif - -/** - * Put in memory a 16 bits unsigned integer in big-endian order. - * - * \param n 16 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 16 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the most significant - * byte of the 16 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ -} -#endif - -/** - * Get the unsigned 24 bits integer corresponding to three bytes in - * big-endian order (MSB first). - * - * \param data Base address of the memory to get the three bytes from. - * \param offset Offset from \p data of the first and most significant - * byte of the three bytes to build the 24 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT24_BE -#define MBEDTLS_GET_UINT24_BE( data , offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] ) \ - ) -#endif - -/** - * Put in memory a 24 bits unsigned integer in big-endian order. - * - * \param n 24 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 24 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the most significant - * byte of the 24 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT24_BE -#define MBEDTLS_PUT_UINT24_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_0( n ); \ -} -#endif - -/** - * Get the unsigned 24 bits integer corresponding to three bytes in - * little-endian order (LSB first). - * - * \param data Base address of the memory to get the three bytes from. - * \param offset Offset from \p data of the first and least significant - * byte of the three bytes to build the 24 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT24_LE -#define MBEDTLS_GET_UINT24_LE( data, offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - ) -#endif - -/** - * Put in memory a 24 bits unsigned integer in little-endian order. - * - * \param n 24 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 24 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the least significant - * byte of the 24 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT24_LE -#define MBEDTLS_PUT_UINT24_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ -} -#endif - -/** - * Get the unsigned 64 bits integer corresponding to eight bytes in - * big-endian order (MSB first). - * - * \param data Base address of the memory to get the eight bytes from. - * \param offset Offset from \p data of the first and most significant - * byte of the eight bytes to build the 64 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ - ) -#endif - -/** - * Put in memory a 64 bits unsigned integer in big-endian order. - * - * \param n 64 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 64 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the most significant - * byte of the 64 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ -} -#endif - -/** - * Get the unsigned 64 bits integer corresponding to eight bytes in - * little-endian order (LSB first). - * - * \param data Base address of the memory to get the eight bytes from. - * \param offset Offset from \p data of the first and least significant - * byte of the eight bytes to build the 64 bits unsigned - * integer from. - */ -#ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ - ) -#endif - -/** - * Put in memory a 64 bits unsigned integer in little-endian order. - * - * \param n 64 bits unsigned integer to put in memory. - * \param data Base address of the memory where to put the 64 - * bits unsigned integer in. - * \param offset Offset from \p data where to put the least significant - * byte of the 64 bits unsigned integer \p n. - */ -#ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ -} -#endif - -/* Fix MSVC C99 compatible issue - * MSVC support __func__ from visual studio 2015( 1900 ) - * Use MSVC predefine macro to avoid name check fail. - */ -#if (defined(_MSC_VER) && ( _MSC_VER <= 1900 )) -#define /*no-check-names*/ __func__ __FUNCTION__ -#endif - -#endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/md_wrap.h b/md_wrap.h deleted file mode 100644 index 90c7957..0000000 --- a/md_wrap.h +++ /dev/null @@ -1,82 +0,0 @@ -/** - * \file md_wrap.h - * - * \brief Message digest wrappers. - * - * \warning This in an internal header. Do not include directly. - * - * \author Adriaan de Jong - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_MD_WRAP_H -#define MBEDTLS_MD_WRAP_H - -#include "mbedtls/build_info.h" - -#include "mbedtls/md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * Message digest information. - * Allows message digest functions to be called in a generic way. - */ -struct mbedtls_md_info_t -{ - /** Name of the message digest */ - const char * name; - - /** Digest identifier */ - mbedtls_md_type_t type; - - /** Output length of the digest function in bytes */ - unsigned char size; - - /** Block length of the digest function in bytes */ - unsigned char block_size; -}; - -#if defined(MBEDTLS_MD5_C) -extern const mbedtls_md_info_t mbedtls_md5_info; -#endif -#if defined(MBEDTLS_RIPEMD160_C) -extern const mbedtls_md_info_t mbedtls_ripemd160_info; -#endif -#if defined(MBEDTLS_SHA1_C) -extern const mbedtls_md_info_t mbedtls_sha1_info; -#endif -#if defined(MBEDTLS_SHA224_C) -extern const mbedtls_md_info_t mbedtls_sha224_info; -#endif -#if defined(MBEDTLS_SHA256_C) -extern const mbedtls_md_info_t mbedtls_sha256_info; -#endif -#if defined(MBEDTLS_SHA384_C) -extern const mbedtls_md_info_t mbedtls_sha384_info; -#endif -#if defined(MBEDTLS_SHA512_C) -extern const mbedtls_md_info_t mbedtls_sha512_info; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* MBEDTLS_MD_WRAP_H */ diff --git a/padlock.h b/padlock.h deleted file mode 100644 index 1506ee0..0000000 --- a/padlock.h +++ /dev/null @@ -1,120 +0,0 @@ -/** - * \file padlock.h - * - * \brief VIA PadLock ACE for HW encryption/decryption supported by some - * processors - * - * \warning These functions are only for internal use by other library - * functions; you must not call them directly. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_PADLOCK_H -#define MBEDTLS_PADLOCK_H - -#include "mbedtls/build_info.h" - -#include "mbedtls/aes.h" - -#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ - -#if defined(__has_feature) -#if __has_feature(address_sanitizer) -#define MBEDTLS_HAVE_ASAN -#endif -#endif - -/* Some versions of ASan result in errors about not enough registers */ -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ - !defined(MBEDTLS_HAVE_ASAN) - -#ifndef MBEDTLS_HAVE_X86 -#define MBEDTLS_HAVE_X86 -#endif - -#include - -#define MBEDTLS_PADLOCK_RNG 0x000C -#define MBEDTLS_PADLOCK_ACE 0x00C0 -#define MBEDTLS_PADLOCK_PHE 0x0C00 -#define MBEDTLS_PADLOCK_PMM 0x3000 - -#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) (x) & ~15)) - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Internal PadLock detection routine - * - * \note This function is only for internal use by other library - * functions; you must not call it directly. - * - * \param feature The feature to detect - * - * \return non-zero if CPU has support for the feature, 0 otherwise - */ -int mbedtls_padlock_has_support( int feature ); - -/** - * \brief Internal PadLock AES-ECB block en(de)cryption - * - * \note This function is only for internal use by other library - * functions; you must not call it directly. - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if success, 1 if operation failed - */ -int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief Internal PadLock AES-CBC buffer en(de)cryption - * - * \note This function is only for internal use by other library - * functions; you must not call it directly. - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if success, 1 if operation failed - */ -int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -#ifdef __cplusplus -} -#endif - -#endif /* HAVE_X86 */ - -#endif /* padlock.h */ diff --git a/file.c b/src/fs/file.c similarity index 99% rename from file.c rename to src/fs/file.c index 8337376..c501e67 100644 --- a/file.c +++ b/src/fs/file.c @@ -1,5 +1,4 @@ #include "file.h" -#include "gnuk.h" #include "tusb.h" #include "hsm2040.h" #include "sc_hsm.h" diff --git a/file.h b/src/fs/file.h similarity index 100% rename from file.h rename to src/fs/file.h diff --git a/flash.c b/src/fs/flash.c similarity index 80% rename from flash.c rename to src/fs/flash.c index cc994d3..9a1dd0e 100644 --- a/flash.c +++ b/src/fs/flash.c @@ -1,43 +1,6 @@ -/* - * flash.c -- Data Objects (DO) and GPG Key handling on Flash ROM - * - * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 - * Free Software Initiative of Japan - * Author: NIIBE Yutaka - * - * This file is a part of Gnuk, a GnuPG USB Token implementation. - * - * Gnuk is free software: you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Gnuk is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - */ - -/* - * We assume single DO size is less than 256. - * - * NOTE: "Card holder certificate" (which size is larger than 256) is - * not put into data pool, but is implemented by its own flash - * page(s). - */ - #include #include -#include "config.h" - -#include "sys.h" -#include "gnuk.h" - #include "pico/stdlib.h" #include "hardware/flash.h" #include "hsm2040.h" diff --git a/low_flash.c b/src/fs/low_flash.c similarity index 99% rename from low_flash.c rename to src/fs/low_flash.c index cbd0c91..2f06ea7 100644 --- a/low_flash.c +++ b/src/fs/low_flash.c @@ -8,7 +8,6 @@ #include "pico/mutex.h" #include "pico/sem.h" #include "pico/multicore.h" -#include "gnuk.h" #include "hsm2040.h" #include "sc_hsm.h" #include diff --git a/hsm2040.c b/src/hsm/hsm2040.c similarity index 99% rename from hsm2040.c rename to src/hsm/hsm2040.c index 3e20a47..1545ac4 100644 --- a/hsm2040.c +++ b/src/hsm/hsm2040.c @@ -1,9 +1,3 @@ -/** - * Copyright (c) 2020 Raspberry Pi (Trading) Ltd. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - #include // Pico @@ -19,11 +13,7 @@ #include "device/usbd_pvt.h" #include "pico/util/queue.h" #include "pico/multicore.h" -#include "gnuk.h" -#include "config.h" #include "random.h" - -// Device descriptors #include "hsm2040.h" extern void do_flash(); diff --git a/hsm2040.h b/src/hsm/hsm2040.h similarity index 72% rename from hsm2040.h rename to src/hsm/hsm2040.h index e1e17f5..b63a70e 100644 --- a/hsm2040.h +++ b/src/hsm/hsm2040.h @@ -57,6 +57,37 @@ struct apdu { uint8_t *res_apdu_data; }; +#define MAX_CMD_APDU_DATA_SIZE (24+4+256+256) +#define MAX_RES_APDU_DATA_SIZE (5+9+512) +#define CCID_MSG_HEADER_SIZE 10 +#define USB_LL_BUF_SIZE 64 + +/* CCID thread */ +#define EV_CARD_CHANGE 1 +#define EV_TX_FINISHED 2 /* CCID Tx finished */ +#define EV_EXEC_ACK_REQUIRED 4 /* OpenPGPcard Execution ACK required */ +#define EV_EXEC_FINISHED 8 /* OpenPGPcard Execution finished */ +#define EV_RX_DATA_READY 16 /* USB Rx data available */ + +/* OpenPGPcard thread */ +#define EV_MODIFY_CMD_AVAILABLE 1 +#define EV_VERIFY_CMD_AVAILABLE 2 +#define EV_CMD_AVAILABLE 4 +#define EV_EXIT 8 +#define EV_PINPAD_INPUT_DONE 16 + +enum ccid_state { + CCID_STATE_NOCARD, /* No card available */ + CCID_STATE_START, /* Initial */ + CCID_STATE_WAIT, /* Waiting APDU */ + + CCID_STATE_EXECUTE, /* Executing command */ + CCID_STATE_ACK_REQUIRED_0, /* Ack required (executing)*/ + CCID_STATE_ACK_REQUIRED_1, /* Waiting user's ACK (execution finished) */ + + CCID_STATE_EXITED, /* CCID Thread Terminated */ + CCID_STATE_EXEC_REQUESTED, /* Exec requested */ +}; #define CLS(a) a.cmd_apdu_head[0] #define INS(a) a.cmd_apdu_head[1] diff --git a/sc_hsm.c b/src/hsm/sc_hsm.c similarity index 100% rename from sc_hsm.c rename to src/hsm/sc_hsm.c diff --git a/sc_hsm.h b/src/hsm/sc_hsm.h similarity index 100% rename from sc_hsm.h rename to src/hsm/sc_hsm.h diff --git a/ac.c b/src/openpgp/ac.c similarity index 100% rename from ac.c rename to src/openpgp/ac.c diff --git a/affine.h b/src/openpgp/affine.h similarity index 100% rename from affine.h rename to src/openpgp/affine.h diff --git a/bn.c b/src/openpgp/bn.c similarity index 100% rename from bn.c rename to src/openpgp/bn.c diff --git a/bn.h b/src/openpgp/bn.h similarity index 100% rename from bn.h rename to src/openpgp/bn.h diff --git a/call-ec.c b/src/openpgp/call-ec.c similarity index 100% rename from call-ec.c rename to src/openpgp/call-ec.c diff --git a/call-ec_p256k1.c b/src/openpgp/call-ec_p256k1.c similarity index 100% rename from call-ec_p256k1.c rename to src/openpgp/call-ec_p256k1.c diff --git a/call-rsa.c b/src/openpgp/call-rsa.c similarity index 100% rename from call-rsa.c rename to src/openpgp/call-rsa.c diff --git a/config.h b/src/openpgp/config.h similarity index 100% rename from config.h rename to src/openpgp/config.h diff --git a/debug.c b/src/openpgp/debug.c similarity index 100% rename from debug.c rename to src/openpgp/debug.c diff --git a/ec_p256k1.c b/src/openpgp/ec_p256k1.c similarity index 100% rename from ec_p256k1.c rename to src/openpgp/ec_p256k1.c diff --git a/ec_p256k1.h b/src/openpgp/ec_p256k1.h similarity index 100% rename from ec_p256k1.h rename to src/openpgp/ec_p256k1.h diff --git a/ecc-ed25519.c b/src/openpgp/ecc-ed25519.c similarity index 100% rename from ecc-ed25519.c rename to src/openpgp/ecc-ed25519.c diff --git a/ecc-ed448.c b/src/openpgp/ecc-ed448.c similarity index 100% rename from ecc-ed448.c rename to src/openpgp/ecc-ed448.c diff --git a/ecc-mont.c b/src/openpgp/ecc-mont.c similarity index 100% rename from ecc-mont.c rename to src/openpgp/ecc-mont.c diff --git a/ecc-x448.c b/src/openpgp/ecc-x448.c similarity index 100% rename from ecc-x448.c rename to src/openpgp/ecc-x448.c diff --git a/ecc.c b/src/openpgp/ecc.c similarity index 100% rename from ecc.c rename to src/openpgp/ecc.c diff --git a/field-group-select.h b/src/openpgp/field-group-select.h similarity index 100% rename from field-group-select.h rename to src/openpgp/field-group-select.h diff --git a/flash_openpgp.c b/src/openpgp/flash_openpgp.c similarity index 100% rename from flash_openpgp.c rename to src/openpgp/flash_openpgp.c diff --git a/gnuk.h b/src/openpgp/gnuk.h similarity index 100% rename from gnuk.h rename to src/openpgp/gnuk.h diff --git a/jpc-ac_p256k1.h b/src/openpgp/jpc-ac_p256k1.h similarity index 100% rename from jpc-ac_p256k1.h rename to src/openpgp/jpc-ac_p256k1.h diff --git a/jpc.c b/src/openpgp/jpc.c similarity index 100% rename from jpc.c rename to src/openpgp/jpc.c diff --git a/jpc_p256k1.c b/src/openpgp/jpc_p256k1.c similarity index 100% rename from jpc_p256k1.c rename to src/openpgp/jpc_p256k1.c diff --git a/mod.c b/src/openpgp/mod.c similarity index 100% rename from mod.c rename to src/openpgp/mod.c diff --git a/mod.h b/src/openpgp/mod.h similarity index 100% rename from mod.h rename to src/openpgp/mod.h diff --git a/mod25638.c b/src/openpgp/mod25638.c similarity index 100% rename from mod25638.c rename to src/openpgp/mod25638.c diff --git a/mod25638.h b/src/openpgp/mod25638.h similarity index 100% rename from mod25638.h rename to src/openpgp/mod25638.h diff --git a/modp256k1.c b/src/openpgp/modp256k1.c similarity index 100% rename from modp256k1.c rename to src/openpgp/modp256k1.c diff --git a/modp256k1.h b/src/openpgp/modp256k1.h similarity index 100% rename from modp256k1.h rename to src/openpgp/modp256k1.h diff --git a/muladd_256.h b/src/openpgp/muladd_256.h similarity index 100% rename from muladd_256.h rename to src/openpgp/muladd_256.h diff --git a/openpgp-do.c b/src/openpgp/openpgp-do.c similarity index 100% rename from openpgp-do.c rename to src/openpgp/openpgp-do.c diff --git a/openpgp.c b/src/openpgp/openpgp.c similarity index 100% rename from openpgp.c rename to src/openpgp/openpgp.c diff --git a/p448.c b/src/openpgp/p448.c similarity index 100% rename from p448.c rename to src/openpgp/p448.c diff --git a/p448.h b/src/openpgp/p448.h similarity index 100% rename from p448.h rename to src/openpgp/p448.h diff --git a/shake256.c b/src/openpgp/shake256.c similarity index 100% rename from shake256.c rename to src/openpgp/shake256.c diff --git a/shake256.h b/src/openpgp/shake256.h similarity index 100% rename from shake256.h rename to src/openpgp/shake256.h diff --git a/status-code.h b/src/openpgp/status-code.h similarity index 100% rename from status-code.h rename to src/openpgp/status-code.h diff --git a/neug.c b/src/rng/neug.c similarity index 97% rename from neug.c rename to src/rng/neug.c index 50fa0fc..a381f94 100644 --- a/neug.c +++ b/src/rng/neug.c @@ -29,14 +29,13 @@ #include "pico/stdlib.h" //#include -#include "sys.h" #include "neug.h" //#include "adc.h" -#include "gnuk.h" #include "hardware/structs/rosc.h" #include "hardware/gpio.h" #include "hardware/adc.h" #include "bsp/board.h" +#include "pico/unique_id.h" void adc_start () { @@ -198,7 +197,9 @@ void *neug_task () */ void neug_init (uint32_t *buf, uint8_t size) { - const uint32_t *u = (const uint32_t *)unique_device_id (); + pico_unique_board_id_t unique_id; + pico_get_unique_board_id(&unique_id); + const uint32_t *u = (const uint32_t *)unique_id.id; struct rng_rb *rb = &the_ring_buffer; int i; diff --git a/neug.h b/src/rng/neug.h similarity index 100% rename from neug.h rename to src/rng/neug.h diff --git a/random.c b/src/rng/random.c similarity index 99% rename from random.c rename to src/rng/random.c index 60a7eda..3a65673 100644 --- a/random.c +++ b/src/rng/random.c @@ -25,7 +25,6 @@ #include #include -#include "gnuk.h" #include "neug.h" #define RANDOM_BYTES_LENGTH 32 diff --git a/random.h b/src/rng/random.h similarity index 100% rename from random.h rename to src/rng/random.h diff --git a/ccid-types.h b/src/usb/ccid-types.h similarity index 100% rename from ccid-types.h rename to src/usb/ccid-types.h diff --git a/ccid.h b/src/usb/ccid.h similarity index 100% rename from ccid.h rename to src/usb/ccid.h diff --git a/tusb_config.h b/src/usb/tusb_config.h similarity index 100% rename from tusb_config.h rename to src/usb/tusb_config.h diff --git a/usb_descriptors.c b/src/usb/usb_descriptors.c similarity index 100% rename from usb_descriptors.c rename to src/usb/usb_descriptors.c diff --git a/usb_descriptors.h b/src/usb/usb_descriptors.h similarity index 100% rename from usb_descriptors.h rename to src/usb/usb_descriptors.h