First attempt to add support to ESP32.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

src/hsm/CMakeLists.txt

@@ -0,0 +1,6 @@
+idf_component_register(
+    SRCS ${SOURCES}
+    INCLUDE_DIRS . ../../pico-keys-sdk/src ../../pico-keys-sdk/src/fs ../../pico-keys-sdk/src/rng ../../pico-keys-sdk/src/usb
+    REQUIRES bootloader_support esp_partition esp_tinyusb zorxx__neopixel mbedtls
+)
+idf_component_set_property(${COMPONENT_NAME} WHOLE_ARCHIVE ON)

src/hsm/cmd_cipher_sym.c

@@ -15,16 +15,15 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
+#include "sc_hsm.h"
 #include "mbedtls/aes.h"
 #include "mbedtls/cmac.h"
 #include "mbedtls/hkdf.h"
 #include "mbedtls/chachapoly.h"
 #include "mbedtls/gcm.h"
-#include "md_wrap.h"
+//#include "mbedtls/md_wrap.h"
 #include "mbedtls/md.h"
 #include "crypto_utils.h"
-#include "sc_hsm.h"
 #include "kek.h"
 #include "asn1.h"
 #include "oid.h"
@@ -134,7 +133,7 @@ int mbedtls_ansi_x963_kdf(mbedtls_md_type_t md_type,
     }
 
     // keydatalen equals output_len
-    hashlen = md_info->size;
+    hashlen = mbedtls_md_get_size(md_info);
     if (output_len >= hashlen * ((1ULL << 32) - 1)) {
         return exit_code;
     }
@@ -349,7 +348,7 @@ int cmd_cipher_sym() {
             if (r != 0) {
                 return SW_EXEC_ERROR();
             }
-            res_APDU_size = md_info->size;
+            res_APDU_size = mbedtls_md_get_size(md_info);
         }
         else if (memcmp(oid.data, OID_HKDF_SHA256,
                         oid.len) == 0 ||

src/hsm/cmd_decrypt_asym.c

@@ -15,10 +15,9 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
+#include "sc_hsm.h"
 #include "mbedtls/ecdh.h"
 #include "crypto_utils.h"
-#include "sc_hsm.h"
 #include "kek.h"
 #include "files.h"
 #include "asn1.h"

src/hsm/cmd_derive_asym.c

@@ -15,10 +15,9 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
+#include "sc_hsm.h"
 #include "mbedtls/ecdsa.h"
 #include "crypto_utils.h"
-#include "sc_hsm.h"
 #include "cvc.h"
 
 #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E

src/hsm/cmd_extras.c

@@ -15,11 +15,12 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
-#include "mbedtls/ecdh.h"
 #include "sc_hsm.h"
-#ifndef ENABLE_EMULATION
+#include "mbedtls/ecdh.h"
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
 #include "hardware/rtc.h"
+#else
+#include <sys/time.h>
 #endif
 #include "files.h"
 #include "random.h"
@@ -33,7 +34,7 @@ int cmd_extras() {
             return SW_INCORRECT_P1P2();
         }
         if (apdu.nc == 0) {
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
             datetime_t dt;
             if (!rtc_get_datetime(&dt)) {
                 return SW_EXEC_ERROR();
@@ -46,13 +47,26 @@ int cmd_extras() {
             res_APDU[res_APDU_size++] = dt.hour;
             res_APDU[res_APDU_size++] = dt.min;
             res_APDU[res_APDU_size++] = dt.sec;
+#else
+            struct timeval tv;
+            struct tm *tm;
+            gettimeofday(&tv, NULL);
+            tm = localtime(&tv.tv_sec);
+            res_APDU[res_APDU_size++] = (tm->tm_year + 1900) >> 8;
+            res_APDU[res_APDU_size++] = (tm->tm_year + 1900) & 0xff;
+            res_APDU[res_APDU_size++] = tm->tm_mon;
+            res_APDU[res_APDU_size++] = tm->tm_mday;
+            res_APDU[res_APDU_size++] = tm->tm_wday;
+            res_APDU[res_APDU_size++] = tm->tm_hour;
+            res_APDU[res_APDU_size++] = tm->tm_min;
+            res_APDU[res_APDU_size++] = tm->tm_sec;
 #endif
         }
         else {
             if (apdu.nc != 8) {
                 return SW_WRONG_LENGTH();
             }
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
             datetime_t dt;
             dt.year = (apdu.data[0] << 8) | (apdu.data[1]);
             dt.month = apdu.data[2];
@@ -64,6 +78,18 @@ int cmd_extras() {
             if (!rtc_set_datetime(&dt)) {
                 return SW_WRONG_DATA();
             }
+#else
+            struct tm tm;
+            struct timeval tv;
+            tm.tm_year = ((apdu.data[0] << 8) | (apdu.data[1])) - 1900;
+            tm.tm_mon = apdu.data[2];
+            tm.tm_mday = apdu.data[3];
+            tm.tm_wday = apdu.data[4];
+            tm.tm_hour = apdu.data[5];
+            tm.tm_min = apdu.data[6];
+            tm.tm_sec = apdu.data[7];
+            tv.tv_sec = mktime(&tm);
+            settimeofday(&tv, NULL);
 #endif
         }
     }

src/hsm/cmd_general_authenticate.c

@@ -15,10 +15,9 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
+#include "sc_hsm.h"
 #include "mbedtls/ecdh.h"
 #include "asn1.h"
-#include "sc_hsm.h"
 #include "random.h"
 #include "oid.h"
 #include "eac.h"

src/hsm/cmd_initialize.c

@@ -28,7 +28,7 @@ extern void scan_all();
 
 extern char __StackLimit;
 int heapLeft() {
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
     char *p = malloc(256);   // try to avoid undue fragmentation
     int left = &__StackLimit - p;
     free(p);

src/hsm/cmd_key_unwrap.c

@@ -15,9 +15,8 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
-#include "crypto_utils.h"
 #include "sc_hsm.h"
+#include "crypto_utils.h"
 #include "kek.h"
 #include "cvc.h"
 

src/hsm/cvc.c

@@ -15,9 +15,8 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include "common.h"
-#include "cvc.h"
 #include "sc_hsm.h"
+#include "cvc.h"
 #include "mbedtls/rsa.h"
 #include "mbedtls/ecdsa.h"
 #include <string.h>

src/hsm/cvc.h

@@ -19,7 +19,7 @@
 #define _CVC_H_
 
 #include <stdlib.h>
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
 #include "pico/stdlib.h"
 #else
 #include <stdbool.h>

src/hsm/kek.c

@@ -15,16 +15,14 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include <string.h>
-#include "common.h"
+#include "sc_hsm.h"
 #include "stdlib.h"
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
 #include "pico/stdlib.h"
 #endif
 #include "kek.h"
 #include "crypto_utils.h"
 #include "random.h"
-#include "sc_hsm.h"
 #include "mbedtls/md.h"
 #include "mbedtls/cmac.h"
 #include "mbedtls/rsa.h"

src/hsm/kek.h

@@ -19,10 +19,11 @@
 #define _DKEK_H_
 
 #include "crypto_utils.h"
-#ifdef ENABLE_EMULATION
+#if defined(ENABLE_EMULATION) || defined(ESP_PLATFORM)
 #include <stdbool.h>
 #endif
 
+
 extern int load_mkek(uint8_t *);
 extern int store_mkek(const uint8_t *);
 extern int save_dkek_key(uint8_t, const uint8_t *key);

src/hsm/sc_hsm.c

@@ -17,7 +17,6 @@
 
 #include "sc_hsm.h"
 #include "files.h"
-#include "common.h"
 #include "version.h"
 #include "crypto_utils.h"
 #include "kek.h"
@@ -89,6 +88,7 @@ int sc_hsm_select_aid(app_t *a) {
 }
 
 INITIALIZER( sc_hsm_ctor ) {
+    printf("INITIALIZER\n");
     ccid_atr = atr_sc_hsm;
     register_app(sc_hsm_select_aid, sc_hsm_aid);
 }

src/hsm/sc_hsm.h

@@ -19,10 +19,14 @@
 #define _SC_HSM_H_
 
 #include <stdlib.h>
+#ifndef ESP_PLATFORM
 #include "common.h"
+#else
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#endif
 #include "mbedtls/rsa.h"
 #include "mbedtls/ecdsa.h"
-#ifndef ENABLE_EMULATION
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
 #include "pico/stdlib.h"
 #endif
 #include "file.h"