diff --git a/CMakeLists.txt b/CMakeLists.txt index ba30960..ee8148d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -17,6 +17,9 @@ cmake_minimum_required(VERSION 3.13) +set(USB_VID 0x2E8A) +set(USB_PID 0x10FD) + if(ESP_PLATFORM) set(ENABLE_PQC 1) set(EXTRA_COMPONENT_DIRS pico-keys-sdk/config/esp32/components src/hsm) @@ -81,7 +84,7 @@ set(SOURCES ${SOURCES} ${CMAKE_CURRENT_LIST_DIR}/src/hsm/kek.c ) -SET_VERSION(ver_major ver_minor "${CMAKE_CURRENT_LIST_DIR}/src/hsm/version.h" 2) +SET_VERSION(ver_major ver_minor "${CMAKE_CURRENT_LIST_DIR}/src/hsm/version.h" 3) if(ESP_PLATFORM) project(pico_hsm) diff --git a/README.md b/README.md index b41c1ab..264434f 100644 --- a/README.md +++ b/README.md @@ -184,9 +184,9 @@ RP2350 and ESP32-S3 microcontrollers are equipped with advanced security feature If you own a Raspberry Pico (RP2040 or RP2350), go to [Download page](https://www.picokeys.com/getting-started/). If your board is mounted with the RP2040, then select Pico. If your board is mounted with the RP2350 or RP2354, select Pico2. -Note that UF2 files are shiped with a dummy VID/PID to avoid license issues (FEFF:FCFD). If you plan to use it with OpenSC or similar tools, you should modify Info.plist of CCID driver to add these VID/PID or use the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App"). +UF2 files are shiped with a VID/PID granted by RaspberryPi (2E8A:10FD). If you plan to use it with OpenSC or similar tools, you should modify Info.plist of CCID driver to add these VID/PID or use the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App"). -You can use whatever VID/PID (i.e., 234b:0000 from FISJ), but remember that you are not authorized to distribute the binary with a VID/PID that you do not own. +You can use whatever VID/PID for internal purposes, but remember that you are not authorized to distribute the binary with a VID/PID that you do not own. Note that the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App") is the most recommended. diff --git a/build_pico_hsm.sh b/build_pico_hsm.sh index 98d0dd3..adb14fc 100755 --- a/build_pico_hsm.sh +++ b/build_pico_hsm.sh @@ -1,7 +1,7 @@ #!/bin/bash VERSION_MAJOR="6" -VERSION_MINOR="2" +VERSION_MINOR="4" SUFFIX="${VERSION_MAJOR}.${VERSION_MINOR}" #if ! [[ -z "${GITHUB_SHA}" ]]; then # SUFFIX="${SUFFIX}.${GITHUB_SHA}" diff --git a/pico-keys-sdk b/pico-keys-sdk index 6860029..6b48302 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit 68600291d0a85cbf695d798a330ebe78fb163a4d +Subproject commit 6b483029a50087384b27c5c691864a3675c92ae3 diff --git a/sdkconfig.defaults b/sdkconfig.defaults index 587bae1..0c6af4d 100755 --- a/sdkconfig.defaults +++ b/sdkconfig.defaults @@ -9,6 +9,7 @@ CONFIG_TINYUSB_TASK_STACK_SIZE=16384 CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="pico-keys-sdk/config/esp32/partitions.csv" CONFIG_PARTITION_TABLE_FILENAME="pico-keys-sdk/config/esp32/partitions.csv" +CONFIG_PARTITION_TABLE_OFFSET=0x10000 CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y CONFIG_ESPTOOLPY_FLASHMODE_QIO=y CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y diff --git a/src/hsm/kek.c b/src/hsm/kek.c index 1a7b9ad..815b578 100644 --- a/src/hsm/kek.c +++ b/src/hsm/kek.c @@ -37,19 +37,6 @@ uint8_t mkek_mask[MKEK_KEY_SIZE]; bool has_mkek_mask = false; uint8_t pending_save_dkek = 0xff; -#define POLY 0xedb88320 - -uint32_t crc32c(const uint8_t *buf, size_t len) { - uint32_t crc = 0xffffffff; - while (len--) { - crc ^= *buf++; - for (int k = 0; k < 8; k++) { - crc = (crc >> 1) ^ (POLY & (0 - (crc & 1))); - } - } - return ~crc; -} - void mkek_masked(uint8_t *mkek, const uint8_t *mask) { if (mask) { for (int i = 0; i < MKEK_KEY_SIZE; i++) { diff --git a/src/hsm/version.h b/src/hsm/version.h index a55ec03..219a868 100644 --- a/src/hsm/version.h +++ b/src/hsm/version.h @@ -18,7 +18,7 @@ #ifndef __VERSION_H_ #define __VERSION_H_ -#define HSM_VERSION 0x0602 +#define HSM_VERSION 0x0604 #define HSM_VERSION_MAJOR ((HSM_VERSION >> 8) & 0xff) #define HSM_VERSION_MINOR (HSM_VERSION & 0xff)