From fe429bf5af9a1ab92b57ba19a009a88e115faf7f Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Mon, 21 Feb 2022 00:27:53 +0100 Subject: [PATCH] Adding signature to public file. Storing private key in disk. Signed-off-by: Pol Henarejos --- sc_hsm.c | 62 +++++++++++++++++++++++++++++++++++++++++--------------- sc_hsm.h | 1 + 2 files changed, 47 insertions(+), 16 deletions(-) diff --git a/sc_hsm.c b/sc_hsm.c index 461b7ed..e120425 100644 --- a/sc_hsm.c +++ b/sc_hsm.c @@ -148,9 +148,14 @@ static int cmd_select() { static int cmd_list_keys() { - static uint16_t r[] = { KEY_PREFIX | 0x100, KEY_PREFIX | 0x200, DCOD_PREFIX | 0x100, CD_PREFIX | 0x300 }; - res_APDU = (uint8_t *)r; - res_APDU_size = sizeof(r); + for (file_chain_t *fc = ef_prkdf; fc; fc = fc->next) { + res_APDU[res_APDU_size++] = KEY_PREFIX; + res_APDU[res_APDU_size++] = fc->file->fid & 0xff; + } + for (file_chain_t *fc = ef_cdf; fc; fc = fc->next) { + res_APDU[res_APDU_size++] = CD_PREFIX; + res_APDU[res_APDU_size++] = fc->file->fid & 0xff; + } return SW_OK(); } @@ -321,7 +326,7 @@ static int cmd_initialize() { uint8_t dhash[32]; double_hash_pin(p, tag_len, dhash); flash_write_data_to_file(file_pin1, dhash, sizeof(dhash)); - hash(p, tag_len, session_pin); + hash_multi(p, tag_len, session_pin); has_session_pin = true; } } @@ -330,7 +335,7 @@ static int cmd_initialize() { uint8_t dhash[32]; double_hash_pin(p, tag_len, dhash); flash_write_data_to_file(file_sopin, dhash, sizeof(dhash)); - hash(p, tag_len, session_sopin); + hash_multi(p, tag_len, session_sopin); has_session_sopin = true; } } @@ -364,13 +369,13 @@ static int cmd_initialize() { void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]) { uint8_t o1[32]; - hash(pin, len, o1); + hash_multi(pin, len, o1); for (int i = 0; i < sizeof(o1); i++) o1[i] ^= pin[i%len]; - hash(o1, sizeof(o1), output); + hash_multi(o1, sizeof(o1), output); } -void hash(const uint8_t *input, size_t len, uint8_t output[32]) +void hash_multi(const uint8_t *input, size_t len, uint8_t output[32]) { mbedtls_sha256_context ctx; mbedtls_sha256_init(&ctx); @@ -390,6 +395,18 @@ void hash(const uint8_t *input, size_t len, uint8_t output[32]) mbedtls_sha256_free (&ctx); } +void hash(const uint8_t *input, size_t len, uint8_t output[32]) +{ + mbedtls_sha256_context ctx; + mbedtls_sha256_init(&ctx); + + mbedtls_sha256_starts (&ctx, 0); + mbedtls_sha256_update (&ctx, input, len); + + mbedtls_sha256_finish (&ctx, output); + mbedtls_sha256_free (&ctx); +} + static int cmd_import_dkek() { if (dkeks == 0) return SW_COMMAND_NOT_ALLOWED(); @@ -446,9 +463,12 @@ int store_key_rsa(mbedtls_rsa_context *rsa, int key_bits, uint8_t key_id) /*in b mbedtls_mpi_write_binary(&rsa->Q, pq+key_size/2, key_size/2); file_t *fpk = file_new((KEY_PREFIX << 8) | key_id); int r = flash_write_data_to_file(fpk, pq, key_size); + free(pq); if (r != HSM_OK) return r; add_file_to_chain(fpk, &ef_prkdf); + low_flash_available(); + return HSM_OK; } sc_context_t *create_context() { @@ -465,6 +485,9 @@ static int cmd_keypair_gen() { uint8_t key_id = P1(apdu); uint8_t auth_key_id = P2(apdu); sc_context_t *ctx = create_context(); + struct sc_pkcs15_card p15card; + p15card.card = (sc_card_t *)malloc(sizeof(sc_card_t)); + p15card.card->ctx = ctx; size_t tout = 0; sc_asn1_print_tags(apdu.cmd_apdu_data, apdu.cmd_apdu_data_len); @@ -478,6 +501,8 @@ static int cmd_keypair_gen() { const uint8_t *ex = sc_asn1_find_tag(ctx, p, tout, 0x82, &ex_len); const uint8_t *ks = sc_asn1_find_tag(ctx, p, tout, 0x2, &ks_len); int exponent = 65537, key_size = 2048; + uint8_t *cvcbin; + size_t cvclen; if (ex) { sc_asn1_decode_integer(ex, ex_len, &exponent, 0); } @@ -506,17 +531,20 @@ static int cmd_keypair_gen() { cvc.primeOrModuluslen = key_size/8; cvc.primeOrModulus = (uint8_t *)malloc(cvc.primeOrModuluslen); mbedtls_mpi_write_binary(&rsa.N, cvc.primeOrModulus, key_size/8); + int r = sc_pkcs15emu_sc_hsm_encode_cvc(&p15card, &cvc, &cvcbin, &cvclen); cvc.signatureLen = key_size/8; cvc.signature = (uint8_t *)malloc(key_size/8); - ret = mbedtls_rsa_rsassa_pkcs1_v15_sign(&rsa, NULL, NULL, MBEDTLS_MD_NONE, offsetof(sc_cvc_t, signature), (uint8_t *)&cvc, cvc.signature); + uint8_t hsh[32]; + hash(cvcbin, cvclen, hsh); + ret = mbedtls_rsa_rsassa_pkcs1_v15_sign(&rsa, random_gen, &index, MBEDTLS_MD_SHA256, 32, hsh, cvc.signature); printf("ret %d\r\n"); - u8 *cvcbin; - size_t cvclen; - struct sc_pkcs15_card p15card; - p15card.card = (sc_card_t *)malloc(sizeof(sc_card_t)); - p15card.card->ctx = ctx; - int r = sc_pkcs15emu_sc_hsm_encode_cvc(&p15card, &cvc, &cvcbin, &cvclen); + free(cvcbin); + + r = sc_pkcs15emu_sc_hsm_encode_cvc(&p15card, &cvc, &cvcbin, &cvclen); printf("r %d\r\n",r); + r = store_key_rsa(&rsa, key_size, key_id); + printf("r %d\r\n"); + sc_pkcs15emu_sc_hsm_free_cvc(&cvc); mbedtls_rsa_free(&rsa); free(p15card.card); @@ -524,6 +552,8 @@ static int cmd_keypair_gen() { res_APDU_size = cvclen; apdu.expected_res_size = cvclen; free(cvcbin); + + } else if (memcmp(oid, "\x4\x0\x7F\x0\x7\x2\x2\x2\x2\x3",MIN(oid_len,10)) == 0) { //ECC size_t prime_len; @@ -547,7 +577,7 @@ static int cmd_keypair_gen() { } } - sc_release_context(ctx); + //sc_release_context(ctx); return SW_OK(); } diff --git a/sc_hsm.h b/sc_hsm.h index 8acaa6e..5099e14 100644 --- a/sc_hsm.h +++ b/sc_hsm.h @@ -45,6 +45,7 @@ extern int pin_reset_retries(const file_t *pin); extern int pin_wrong_retry(const file_t *pin); extern void hash(const uint8_t *input, size_t len, uint8_t output[32]); +extern void hash_multi(const uint8_t *input, size_t len, uint8_t output[32]); extern void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]); extern uint8_t session_pin[32], session_sopin[32];