dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Added support for signatures based on HD BIP/SLIP.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-05-26 18:07:06 +02:00
parent c6c00e7e43
commit ee3ee21e40
3 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/hsm/cmd_bip_slip.c
View File

@@ -24,6 +24,8 @@
const uint8_t *k1_seed = (const uint8_t *)"Bitcoin seed"; const uint8_t *k1_seed = (const uint8_t *)"Bitcoin seed";
const uint8_t *p1_seed = (const uint8_t *)"Nist256p1 seed"; const uint8_t *p1_seed = (const uint8_t *)"Nist256p1 seed";
const uint8_t *sym_seed = (const uint8_t *)"Symmetric key seed"; const uint8_t *sym_seed = (const uint8_t *)"Symmetric key seed";
mbedtls_ecp_keypair hd_context = {0};
uint8_t hd_keytype = 0;
int node_derive_bip_child(const mbedtls_ecp_keypair *parent, const uint8_t cpar[32], const uint8_t *i, mbedtls_ecp_keypair *child, uint8_t cchild[32]) { int node_derive_bip_child(const mbedtls_ecp_keypair *parent, const uint8_t cpar[32], const uint8_t *i, mbedtls_ecp_keypair *child, uint8_t cchild[32]) {
uint8_t data[1+32+4], I[64], *iL = I, *iR = I + 32; uint8_t data[1+32+4], I[64], *iL = I, *iR = I + 32;
@@ -261,5 +263,13 @@ int cmd_bip_slip() {
} }
mbedtls_ecp_keypair_free(&ctx); mbedtls_ecp_keypair_free(&ctx);
} }
else if (p1 == 0x10) {
uint8_t chain[32] = {0}, fgpt[4] = {0}, last_node[4] = {0}, nodes = 0;
int r = node_derive_path(apdu.data, apdu.nc, &hd_context, chain, fgpt, &nodes, last_node, &hd_keytype);
if (r != CCID_OK) {
mbedtls_ecp_keypair_free(&hd_context);
return SW_EXEC_ERROR();
}
}
return SW_OK(); return SW_OK();
} }

24
src/hsm/cmd_signature.c
View File

@@ -14,13 +14,16 @@
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "sc_hsm.h"
#include "crypto_utils.h" #include "crypto_utils.h"
#include "sc_hsm.h" #include "sc_hsm.h"
#include "asn1.h" #include "asn1.h"
#include "mbedtls/oid.h" #include "mbedtls/oid.h"
#include "random.h" #include "random.h"
extern mbedtls_ecp_keypair hd_context;
extern uint8_t hd_keytype;
//----- //-----
/* From OpenSC */ /* From OpenSC */
static const uint8_t hdr_md5[] = { static const uint8_t hdr_md5[] = {
@@ -281,6 +284,25 @@ int cmd_signature() {
res_APDU_size = olen; res_APDU_size = olen;
mbedtls_ecdsa_free(&ctx); mbedtls_ecdsa_free(&ctx);
} }
else if (p2 == ALGO_HD) {
size_t olen = 0;
uint8_t buf[MBEDTLS_ECDSA_MAX_LEN];
if (hd_context.grp.id == MBEDTLS_ECP_DP_NONE) {
return SW_CONDITIONS_NOT_SATISFIED();
}
if (hd_keytype != 0x1 && hd_keytype != 0x2) {
return SW_INCORRECT_PARAMS();
}
md = MBEDTLS_MD_SHA256;
if (mbedtls_ecdsa_write_signature(&hd_context, md, apdu.data, apdu.nc, buf, MBEDTLS_ECDSA_MAX_LEN,
&olen, random_gen, NULL) != 0) {
mbedtls_ecdsa_free(&hd_context);
return SW_EXEC_ERROR();
}
memcpy(res_APDU, buf, olen);
res_APDU_size = olen;
mbedtls_ecdsa_free(&hd_context);
}
else { else {
return SW_INCORRECT_P1P2(); return SW_INCORRECT_P1P2();
} }

1
src/hsm/sc_hsm.h
View File

@@ -58,6 +58,7 @@ extern const uint8_t sc_hsm_aid[];
#define ALGO_EC_DH 0x80 /* ECDH key derivation */ #define ALGO_EC_DH 0x80 /* ECDH key derivation */
#define ALGO_EC_DH_AUTPUK 0x83 #define ALGO_EC_DH_AUTPUK 0x83
#define ALGO_EC_DH_XKEK 0x84 #define ALGO_EC_DH_XKEK 0x84
#define ALGO_HD 0xA0
#define ALGO_WRAP 0x92 #define ALGO_WRAP 0x92
#define ALGO_UNWRAP 0x93 #define ALGO_UNWRAP 0x93