dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Harmonize coding style.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-02-14 23:13:46 +01:00
parent cab72f200a
commit daaa5bf402
35 changed files with 1832 additions and 1058 deletions
Download Patch File Download Diff File Expand all files Collapse all files

279
src/hsm/cmd_cipher_sym.c
View File

@@ -36,18 +36,19 @@
/* This is copied from pkcs5.c Mbedtls */
/** Unfortunately it is declared as static, so I cannot call it. **/
static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
int *keylen, mbedtls_md_type_t *md_type )
static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
int *keylen, mbedtls_md_type_t *md_type)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_asn1_buf prf_alg_oid;
unsigned char *p = params->p;
const unsigned char *end = params->p + params->len;
if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE))
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
}
/*
* PBKDF2-params ::= SEQUENCE {
* salt OCTET STRING,
@@ -57,42 +58,57 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
* }
*
*/
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if ((ret = mbedtls_asn1_get_tag(&p, end, &salt->len,
MBEDTLS_ASN1_OCTET_STRING)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
}
salt->p = p;
p += salt->len;
if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if( p == end )
return( 0 );
if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) {
if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if ((ret = mbedtls_asn1_get_int(&p, end, iterations)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
}
if( p == end )
return( 0 );
if (p == end) {
return 0;
}
if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if ((ret = mbedtls_asn1_get_int(&p, end, keylen)) != 0) {
if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
}
}
if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if (p == end) {
return 0;
}
if( p != end )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
if ((ret = mbedtls_asn1_get_alg_null(&p, end, &prf_alg_oid)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
}
return( 0 );
if (mbedtls_oid_get_md_hmac(&prf_alg_oid, md_type) != 0) {
return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
}
if (p != end) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}
return 0;
}
/* Taken from https://github.com/Mbed-TLS/mbedtls/issues/2335 */
int mbedtls_ansi_x936_kdf(mbedtls_md_type_t md_type, size_t input_len, uint8_t *input, size_t shared_info_len, uint8_t *shared_info, size_t output_len, uint8_t *output) {
int mbedtls_ansi_x936_kdf(mbedtls_md_type_t md_type,
size_t input_len,
uint8_t *input,
size_t shared_info_len,
uint8_t *shared_info,
size_t output_len,
uint8_t *output)
{
mbedtls_md_context_t md_ctx;
const mbedtls_md_info_t *md_info = NULL;
int hashlen = 0, exit_code = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
@@ -143,18 +159,23 @@ int mbedtls_ansi_x936_kdf(mbedtls_md_type_t md_type, size_t input_len, uint8_t *
return 0;
}
int cmd_cipher_sym() {
int cmd_cipher_sym()
{
int key_id = P1(apdu);
int algo = P2(apdu);
if (!isUserAuthenticated)
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
file_t *ef = search_dynamic_file((KEY_PREFIX << 8) | key_id);
if (!ef)
if (!ef) {
return SW_FILE_NOT_FOUND();
if (key_has_purpose(ef, algo) == false)
}
if (key_has_purpose(ef, algo) == false) {
return SW_CONDITIONS_NOT_SATISFIED();
if (wait_button_pressed() == true) // timeout
}
if (wait_button_pressed() == true) { // timeout
return SW_SECURE_MESSAGE_EXEC_ERROR();
}
int key_size = file_get_size(ef);
uint8_t kdata[32]; //maximum AES key size
memcpy(kdata, file_get_data(ef), key_size);
@@ -176,21 +197,30 @@ int cmd_cipher_sym() {
mbedtls_aes_free(&aes);
return SW_EXEC_ERROR();
}
r = mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, apdu.nc, tmp_iv, apdu.data, res_APDU);
r = mbedtls_aes_crypt_cbc(&aes,
MBEDTLS_AES_ENCRYPT,
apdu.nc,
tmp_iv,
apdu.data,
res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0) {
mbedtls_aes_free(&aes);
return SW_EXEC_ERROR();
}
}
else if (algo == ALGO_AES_CBC_DECRYPT) {
} else if (algo == ALGO_AES_CBC_DECRYPT) {
int r = mbedtls_aes_setkey_dec(&aes, kdata, key_size*8);
if (r != 0) {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
mbedtls_aes_free(&aes);
return SW_EXEC_ERROR();
}
r = mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_DECRYPT, apdu.nc, tmp_iv, apdu.data, res_APDU);
r = mbedtls_aes_crypt_cbc(&aes,
MBEDTLS_AES_DECRYPT,
apdu.nc,
tmp_iv,
apdu.data,
res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0) {
mbedtls_aes_free(&aes);
@@ -199,36 +229,44 @@ int cmd_cipher_sym() {
}
res_APDU_size = apdu.nc;
mbedtls_aes_free(&aes);
}
else if (algo == ALGO_AES_CMAC) {
} else if (algo == ALGO_AES_CMAC) {
const mbedtls_cipher_info_t *cipher_info;
if (key_size == 16)
if (key_size == 16) {
cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
else if (key_size == 24)
} else if (key_size == 24) {
cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_192_ECB);
else if (key_size == 32)
} else if (key_size == 32) {
cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_256_ECB);
else {
} else {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_DATA();
}
int r = mbedtls_cipher_cmac(cipher_info, kdata, key_size*8, apdu.data, apdu.nc, res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
}
res_APDU_size = 16;
}
else if (algo == ALGO_AES_DERIVE) {
int r = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), NULL, 0, file_get_data(ef), key_size, apdu.data, apdu.nc, res_APDU, apdu.nc);
} else if (algo == ALGO_AES_DERIVE) {
int r = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
NULL,
0,
file_get_data(ef),
key_size,
apdu.data,
apdu.nc,
res_APDU,
apdu.nc);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
}
res_APDU_size = apdu.nc;
}
else if (algo == ALGO_EXT_CIPHER_ENCRYPT || algo == ALGO_EXT_CIPHER_DECRYPT) {
} else if (algo == ALGO_EXT_CIPHER_ENCRYPT || algo == ALGO_EXT_CIPHER_DECRYPT) {
size_t oid_len = 0, aad_len = 0, iv_len = 0, enc_len = 0;
uint8_t *oid = NULL, *aad = NULL, *iv = NULL, *enc = NULL;
if (!asn1_find_tag(apdu.data, apdu.nc, 0x6, &oid_len, &oid) || oid_len == 0 || oid == NULL) {
if (!asn1_find_tag(apdu.data, apdu.nc, 0x6, &oid_len,
&oid) || oid_len == 0 || oid == NULL) {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_DATA();
}
@@ -246,57 +284,88 @@ int cmd_cipher_sym() {
mbedtls_chachapoly_context ctx;
mbedtls_chachapoly_init(&ctx);
if (algo == ALGO_EXT_CIPHER_ENCRYPT) {
r = mbedtls_chachapoly_encrypt_and_tag(&ctx, enc_len, iv ? iv : tmp_iv, aad, aad_len, enc, res_APDU, res_APDU + enc_len);
}
else if (algo == ALGO_EXT_CIPHER_DECRYPT) {
r = mbedtls_chachapoly_auth_decrypt(&ctx, enc_len - 16, iv ? iv : tmp_iv, aad, aad_len, enc + enc_len - 16, enc, res_APDU);
r = mbedtls_chachapoly_encrypt_and_tag(&ctx,
enc_len,
iv ? iv : tmp_iv,
aad,
aad_len,
enc,
res_APDU,
res_APDU + enc_len);
} else if (algo == ALGO_EXT_CIPHER_DECRYPT) {
r = mbedtls_chachapoly_auth_decrypt(&ctx,
enc_len - 16,
iv ? iv : tmp_iv,
aad,
aad_len,
enc + enc_len - 16,
enc,
res_APDU);
}
mbedtls_platform_zeroize(kdata, sizeof(kdata));
mbedtls_chachapoly_free(&ctx);
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
if (algo == ALGO_EXT_CIPHER_ENCRYPT)
}
if (algo == ALGO_EXT_CIPHER_ENCRYPT) {
res_APDU_size = enc_len + 16;
else if (algo == ALGO_EXT_CIPHER_DECRYPT)
} else if (algo == ALGO_EXT_CIPHER_DECRYPT) {
res_APDU_size = enc_len - 16;
}
else if (memcmp(oid, OID_DIGEST, 7) == 0) {
}
} else if (memcmp(oid, OID_DIGEST, 7) == 0) {
const mbedtls_md_info_t *md_info = NULL;
if (memcmp(oid, OID_HMAC_SHA1, oid_len) == 0)
if (memcmp(oid, OID_HMAC_SHA1, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
else if (memcmp(oid, OID_HMAC_SHA224, oid_len) == 0)
} else if (memcmp(oid, OID_HMAC_SHA224, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA224);
else if (memcmp(oid, OID_HMAC_SHA256, oid_len) == 0)
} else if (memcmp(oid, OID_HMAC_SHA256, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
else if (memcmp(oid, OID_HMAC_SHA384, oid_len) == 0)
} else if (memcmp(oid, OID_HMAC_SHA384, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
else if (memcmp(oid, OID_HMAC_SHA512, oid_len) == 0)
} else if (memcmp(oid, OID_HMAC_SHA512, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
if (md_info == NULL)
}
if (md_info == NULL) {
return SW_WRONG_DATA();
}
int r = mbedtls_md_hmac(md_info, kdata, key_size, apdu.data, apdu.nc, res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
}
res_APDU_size = md_info->size;
}
else if (memcmp(oid, OID_HKDF_SHA256, oid_len) == 0 || memcmp(oid, OID_HKDF_SHA384, oid_len) == 0 || memcmp(oid, OID_HKDF_SHA512, oid_len) == 0) {
} else if (memcmp(oid, OID_HKDF_SHA256,
oid_len) == 0 ||
memcmp(oid, OID_HKDF_SHA384,
oid_len) == 0 || memcmp(oid, OID_HKDF_SHA512, oid_len) == 0) {
const mbedtls_md_info_t *md_info = NULL;
if (memcmp(oid, OID_HKDF_SHA256, oid_len) == 0)
if (memcmp(oid, OID_HKDF_SHA256, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
else if (memcmp(oid, OID_HKDF_SHA384, oid_len) == 0)
} else if (memcmp(oid, OID_HKDF_SHA384, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
else if (memcmp(oid, OID_HKDF_SHA512, oid_len) == 0)
} else if (memcmp(oid, OID_HKDF_SHA512, oid_len) == 0) {
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
int r = mbedtls_hkdf(md_info, iv, iv_len, kdata, key_size, enc, enc_len, res_APDU, apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : mbedtls_md_get_size(md_info));
}
int r = mbedtls_hkdf(md_info,
iv,
iv_len,
kdata,
key_size,
enc,
enc_len,
res_APDU,
apdu.ne > 0 &&
apdu.ne < 65536 ? apdu.ne : mbedtls_md_get_size(md_info));
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne :mbedtls_md_get_size(md_info);
}
else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) {
}
res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : mbedtls_md_get_size(md_info);
} else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) {
int iterations = 0, keylen = 0;
mbedtls_asn1_buf salt, params = { .p = enc, .len = enc_len, .tag = (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) };
mbedtls_asn1_buf salt,
params =
{ .p = enc, .len = enc_len, .tag = (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) };
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
mbedtls_md_context_t md_ctx;
@@ -312,43 +381,63 @@ int cmd_cipher_sym() {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_DATA();
}
r = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx, kdata, key_size, salt.p, salt.len, iterations, keylen ? keylen : (apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32), res_APDU);
r = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx,
kdata,
key_size,
salt.p,
salt.len,
iterations,
keylen ? keylen : (apdu.ne > 0 &&
apdu.ne < 65536 ? apdu.ne : 32),
res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
mbedtls_md_free(&md_ctx);
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
}
res_APDU_size = keylen ? keylen : (apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32);
}
else if (memcmp(oid, OID_PKCS5_PBES2, oid_len) == 0) {
mbedtls_asn1_buf params = { .p = aad, .len = aad_len, .tag = (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) };
int r = mbedtls_pkcs5_pbes2(&params, algo == ALGO_EXT_CIPHER_ENCRYPT ? MBEDTLS_PKCS5_ENCRYPT : MBEDTLS_PKCS5_DECRYPT, kdata, key_size, enc, enc_len, res_APDU);
} else if (memcmp(oid, OID_PKCS5_PBES2, oid_len) == 0) {
mbedtls_asn1_buf params =
{ .p = aad, .len = aad_len, .tag = (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) };
int r = mbedtls_pkcs5_pbes2(&params,
algo == ALGO_EXT_CIPHER_ENCRYPT ? MBEDTLS_PKCS5_ENCRYPT : MBEDTLS_PKCS5_DECRYPT,
kdata,
key_size,
enc,
enc_len,
res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0) {
return SW_WRONG_DATA();
}
res_APDU_size = enc_len;
}
else if (memcmp(oid, OID_KDF_X963, oid_len) == 0) {
} else if (memcmp(oid, OID_KDF_X963, oid_len) == 0) {
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
if (memcmp(enc, OID_HMAC_SHA1, enc_len) == 0)
if (memcmp(enc, OID_HMAC_SHA1, enc_len) == 0) {
md_type = MBEDTLS_MD_SHA1;
else if (memcmp(enc, OID_HMAC_SHA224, enc_len) == 0)
} else if (memcmp(enc, OID_HMAC_SHA224, enc_len) == 0) {
md_type = MBEDTLS_MD_SHA224;
else if (memcmp(enc, OID_HMAC_SHA256, enc_len) == 0)
} else if (memcmp(enc, OID_HMAC_SHA256, enc_len) == 0) {
md_type = MBEDTLS_MD_SHA256;
else if (memcmp(enc, OID_HMAC_SHA384, enc_len) == 0)
} else if (memcmp(enc, OID_HMAC_SHA384, enc_len) == 0) {
md_type = MBEDTLS_MD_SHA384;
else if (memcmp(enc, OID_HMAC_SHA512, enc_len) == 0)
} else if (memcmp(enc, OID_HMAC_SHA512, enc_len) == 0) {
md_type = MBEDTLS_MD_SHA512;
int r = mbedtls_ansi_x936_kdf(md_type, key_size, kdata, aad_len, aad, apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32, res_APDU);
}
int r = mbedtls_ansi_x936_kdf(md_type,
key_size,
kdata,
aad_len,
aad,
apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32,
res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0) {
return SW_WRONG_DATA();
}
res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32;
}
}
else {
} else {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_P1P2();
}