dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Harmonize coding style.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-02-14 23:13:46 +01:00
parent cab72f200a
commit daaa5bf402
35 changed files with 1832 additions and 1058 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
src/hsm/cmd_key_unwrap.c
View File

@@ -20,17 +20,21 @@
#include "kek.h"
#include "cvc.h"
int cmd_key_unwrap() {
int cmd_key_unwrap()
{
int key_id = P1(apdu), r = 0;
if (P2(apdu) != 0x93)
if (P2(apdu) != 0x93) {
return SW_WRONG_P1P2();
if (!isUserAuthenticated)
}
if (!isUserAuthenticated) {
return SW_SECURITY_STATUS_NOT_SATISFIED();
}
int key_type = dkek_type_key(apdu.data);
uint8_t kdom = -1, *allowed = NULL;
size_t allowed_len = 0;
if (key_type == 0x0)
if (key_type == 0x0) {
return SW_DATA_INVALID();
}
if (key_type == HSM_KEY_RSA) {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
@@ -50,13 +54,12 @@ int cmd_key_unwrap() {
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
}
else if (key_type == HSM_KEY_EC) {
} else if (key_type == HSM_KEY_EC) {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
do {
r = dkek_decode_key(++kdom, &ctx, apdu.data, apdu.nc, NULL, &allowed, &allowed_len);
} while((r == CCID_ERR_FILE_NOT_FOUND || r == CCID_WRONG_DKEK) && kdom < MAX_KEY_DOMAINS);
} while ((r == CCID_ERR_FILE_NOT_FOUND || r == CCID_WRONG_DKEK) && kdom < MAX_KEY_DOMAINS);
if (r != CCID_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
@@ -70,24 +73,30 @@ int cmd_key_unwrap() {
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
}
else if (key_type == HSM_KEY_AES) {
} else if (key_type == HSM_KEY_AES) {
uint8_t aes_key[32];
int key_size = 0, aes_type = 0;
do {
r = dkek_decode_key(++kdom, aes_key, apdu.data, apdu.nc, &key_size, &allowed, &allowed_len);
} while((r == CCID_ERR_FILE_NOT_FOUND || r == CCID_WRONG_DKEK) && kdom < MAX_KEY_DOMAINS);
r = dkek_decode_key(++kdom,
aes_key,
apdu.data,
apdu.nc,
&key_size,
&allowed,
&allowed_len);
} while ((r == CCID_ERR_FILE_NOT_FOUND || r == CCID_WRONG_DKEK) && kdom < MAX_KEY_DOMAINS);
if (r != CCID_OK) {
return SW_EXEC_ERROR();
}
if (key_size == 32)
if (key_size == 32) {
aes_type = HSM_KEY_AES_256;
else if (key_size == 24)
} else if (key_size == 24) {
aes_type = HSM_KEY_AES_192;
else if (key_size == 16)
} else if (key_size == 16) {
aes_type = HSM_KEY_AES_128;
else
} else {
return SW_EXEC_ERROR();
}
r = store_keys(aes_key, aes_type, key_id);
if (r != CCID_OK) {
return SW_EXEC_ERROR();
@@ -95,7 +104,7 @@ int cmd_key_unwrap() {
}
if ((allowed != NULL && allowed_len > 0) || kdom >= 0) {
size_t meta_len = (allowed_len > 0 ? 2+allowed_len : 0) + (kdom >= 0 ? 3 : 0);
uint8_t *meta = (uint8_t *)calloc(1,meta_len), *m = meta;
uint8_t *meta = (uint8_t *) calloc(1, meta_len), *m = meta;
if (allowed_len > 0) {
*m++ = 0x91;
*m++ = allowed_len;
@@ -108,14 +117,16 @@ int cmd_key_unwrap() {
}
r = meta_add((KEY_PREFIX << 8) | key_id, meta, meta_len);
free(meta);
if (r != CCID_OK)
if (r != CCID_OK) {
return r;
}
}
if (res_APDU_size > 0) {
file_t *fpk = file_new((EE_CERTIFICATE_PREFIX << 8) | key_id);
r = flash_write_data_to_file(fpk, res_APDU, res_APDU_size);
if (r != 0)
if (r != 0) {
return SW_EXEC_ERROR();
}
low_flash_available();
res_APDU_size = 0;
}