dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Harmonize coding style.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-02-14 23:13:46 +01:00
parent cab72f200a
commit daaa5bf402
35 changed files with 1832 additions and 1058 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
src/hsm/cmd_initialize.c
View File

@@ -27,7 +27,8 @@
extern void scan_all();
extern char __StackLimit;
int heapLeft() {
int heapLeft()
{
#ifndef ENABLE_EMULATION
char *p = malloc(256); // try to avoid undue fragmentation
int left = &__StackLimit - p;
@@ -38,7 +39,8 @@ int heapLeft() {
return left;
}
int cmd_initialize() {
int cmd_initialize()
{
if (apdu.nc > 0) {
uint8_t mkek[MKEK_SIZE];
int ret_mkek = load_mkek(mkek); //Try loading MKEK with previous session
@@ -52,8 +54,7 @@ int cmd_initialize() {
if (tag == 0x80) { //options
file_t *tf = search_by_fid(EF_DEVOPS, NULL, SPECIFY_EF);
flash_write_data_to_file(tf, tag_data, tag_len);
}
else if (tag == 0x81) { //user pin
} else if (tag == 0x81) { //user pin
if (file_pin1 && file_pin1->data) {
uint8_t dhash[33];
dhash[0] = tag_len;
@@ -62,8 +63,7 @@ int cmd_initialize() {
hash_multi(tag_data, tag_len, session_pin);
has_session_pin = true;
}
}
else if (tag == 0x82) { //sopin pin
} else if (tag == 0x82) { //sopin pin
if (file_sopin && file_sopin->data) {
uint8_t dhash[33];
dhash[0] = tag_len;
@@ -72,8 +72,7 @@ int cmd_initialize() {
hash_multi(tag_data, tag_len, session_sopin);
has_session_sopin = true;
}
}
else if (tag == 0x91) { //retries user pin
} else if (tag == 0x91) { //retries user pin
file_t *tf = search_by_fid(0x1082, NULL, SPECIFY_EF);
if (tf && tf->data) {
flash_write_data_to_file(tf, tag_data, tag_len);
@@ -81,8 +80,7 @@ int cmd_initialize() {
if (file_retries_pin1 && file_retries_pin1->data) {
flash_write_data_to_file(file_retries_pin1, tag_data, tag_len);
}
}
else if (tag == 0x92) {
} else if (tag == 0x92) {
dkeks = tag_data;
file_t *tf = file_new(EF_DKEK);
if (!tf) {
@@ -90,14 +88,13 @@ int cmd_initialize() {
return SW_MEMORY_FAILURE();
}
flash_write_data_to_file(tf, NULL, 0);
}
else if (tag == 0x93) {
} else if (tag == 0x93) {
file_t *ef_puk = search_by_fid(EF_PUKAUT, NULL, SPECIFY_EF);
if (!ef_puk) {
release_mkek(mkek);
return SW_MEMORY_FAILURE();
}
uint8_t pk_status[4], puks = MIN(tag_data[0],MAX_PUK);
uint8_t pk_status[4], puks = MIN(tag_data[0], MAX_PUK);
memset(pk_status, 0, sizeof(pk_status));
pk_status[0] = puks;
pk_status[1] = puks;
@@ -111,17 +108,16 @@ int cmd_initialize() {
}
flash_write_data_to_file(tf, NULL, 0);
}
}
else if (tag == 0x97) {
} else if (tag == 0x97) {
kds = tag_data;
/*
for (int i = 0; i < MIN(*kds,MAX_KEY_DOMAINS); i++) {
for (int i = 0; i < MIN(*kds,MAX_KEY_DOMAINS); i++) {
file_t *tf = file_new(EF_DKEK+i);
if (!tf)
return SW_MEMORY_FAILURE();
flash_write_data_to_file(tf, NULL, 0);
}
*/
}
*/
}
}
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
@@ -129,8 +125,9 @@ int cmd_initialize() {
release_mkek(mkek);
return SW_EXEC_ERROR();
}
if (ret_mkek != CCID_OK)
if (ret_mkek != CCID_OK) {
ret_mkek = load_mkek(mkek); //Try again with new PIN/SO-PIN just in case some is the same
}
if (store_mkek(ret_mkek == CCID_OK ? mkek : NULL) != CCID_OK) {
release_mkek(mkek);
return SW_EXEC_ERROR();
@@ -139,35 +136,39 @@ int cmd_initialize() {
if (dkeks) {
if (*dkeks > 0) {
uint16_t d = *dkeks;
if (flash_write_data_to_file(tf_kd, (const uint8_t *)&d, sizeof(d)) != CCID_OK)
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
else {
}
} else {
int r = save_dkek_key(0, random_bytes_get(32));
if (r != CCID_OK)
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
uint16_t d = 0x0101;
if (flash_write_data_to_file(tf_kd, (const uint8_t *)&d, sizeof(d)) != CCID_OK)
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
}
else {
} else {
uint16_t d = 0x0000;
if (flash_write_data_to_file(tf_kd, (const uint8_t *)&d, sizeof(d)) != CCID_OK)
if (flash_write_data_to_file(tf_kd, (const uint8_t *) &d, sizeof(d)) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
if (kds) {
uint8_t t[MAX_KEY_DOMAINS*2], k = MIN(*kds,MAX_KEY_DOMAINS);
uint8_t t[MAX_KEY_DOMAINS*2], k = MIN(*kds, MAX_KEY_DOMAINS);
memset(t, 0xff, 2*k);
if (flash_write_data_to_file(tf_kd, t, 2*k) != CCID_OK)
if (flash_write_data_to_file(tf_kd, t, 2*k) != CCID_OK) {
return SW_EXEC_ERROR();
}
}
/* When initialized, it has all credentials */
isUserAuthenticated = true;
/* Create terminal private key */
file_t *fdkey = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
if (!fdkey)
if (!fdkey) {
return SW_EXEC_ERROR();
}
int ret = 0;
if (ret_mkek != CCID_OK || !file_has_data(fdkey)) {
mbedtls_ecdsa_context ecdsa;
@@ -193,19 +194,28 @@ int cmd_initialize() {
file_t *fpk = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, cvc_len);
if (ret != 0)
if (ret != 0) {
return SW_EXEC_ERROR();
}
const uint8_t *keyid = (const uint8_t *)"\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0", *label = (const uint8_t *)"ESTERMHSM";
size_t prkd_len = asn1_build_prkd_ecc(label, strlen((const char *)label), keyid, 20, 192, res_APDU, 4096);
const uint8_t *keyid =
(const uint8_t *) "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0",
*label = (const uint8_t *) "ESTERMHSM";
size_t prkd_len = asn1_build_prkd_ecc(label,
strlen((const char *) label),
keyid,
20,
192,
res_APDU,
4096);
fpk = search_by_fid(EF_PRKD_DEV, NULL, SPECIFY_EF);
ret = flash_write_data_to_file(fpk, res_APDU, prkd_len);
}
if (ret != 0)
if (ret != 0) {
return SW_EXEC_ERROR();
}
low_flash_available();
}
else { //free memory bytes request
} else { //free memory bytes request
int heap_left = heapLeft();
res_APDU[0] = ((heap_left >> 24) & 0xff);
res_APDU[1] = ((heap_left >> 16) & 0xff);