Use latest version of Pico Keys SDK.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
Submodule pico-keys-sdk updated: 3d0a27c834...e4e43dae04
@@ -192,7 +192,7 @@ void scan_files() {
|
|||||||
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32, 32);
|
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32, 32);
|
||||||
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32 + 32, 32);
|
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32 + 32, 32);
|
||||||
memset(session_pw3, 0, sizeof(session_pw3));
|
memset(session_pw3, 0, sizeof(session_pw3));
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
reset_dek = true;
|
reset_dek = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -203,7 +203,7 @@ void scan_files() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def);
|
dhash[0] = sizeof(def);
|
||||||
double_hash_pin(def, sizeof(def), dhash + 1);
|
double_hash_pin(def, sizeof(def), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_RC, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_RC, NULL, SPECIFY_ANY))) {
|
||||||
@@ -214,7 +214,7 @@ void scan_files() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def);
|
dhash[0] = sizeof(def);
|
||||||
double_hash_pin(def, sizeof(def), dhash + 1);
|
double_hash_pin(def, sizeof(def), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PW3, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PW3, NULL, SPECIFY_ANY))) {
|
||||||
@@ -225,63 +225,63 @@ void scan_files() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def);
|
dhash[0] = sizeof(def);
|
||||||
double_hash_pin(def, sizeof(def), dhash + 1);
|
double_hash_pin(def, sizeof(def), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_SIG_COUNT, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_SIG_COUNT, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("SigCount is empty. Initializing to zero\r\n");
|
printf("SigCount is empty. Initializing to zero\r\n");
|
||||||
const uint8_t def[3] = { 0 };
|
const uint8_t def[3] = { 0 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("PW status is empty. Initializing to default\r\n");
|
printf("PW status is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x1, 127, 127, 127, 3, 3, 3 };
|
const uint8_t def[] = { 0x1, 127, 127, 127, 3, 3, 3 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_UIF_SIG, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_UIF_SIG, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("UIF SIG is empty. Initializing to default\r\n");
|
printf("UIF SIG is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x0, 0x20 };
|
const uint8_t def[] = { 0x0, 0x20 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_UIF_DEC, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_UIF_DEC, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("UIF DEC is empty. Initializing to default\r\n");
|
printf("UIF DEC is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x0, 0x20 };
|
const uint8_t def[] = { 0x0, 0x20 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_UIF_AUT, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_UIF_AUT, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("UIF AUT is empty. Initializing to default\r\n");
|
printf("UIF AUT is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x0, 0x20 };
|
const uint8_t def[] = { 0x0, 0x20 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_KDF, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_KDF, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("KDF is empty. Initializing to default\r\n");
|
printf("KDF is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x81, 0x1, 0x0 };
|
const uint8_t def[] = { 0x81, 0x1, 0x0 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_SEX, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_SEX, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("Sex is empty. Initializing to default\r\n");
|
printf("Sex is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x30 };
|
const uint8_t def[] = { 0x30 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PW_RETRIES, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PW_RETRIES, NULL, SPECIFY_ANY))) {
|
||||||
if (!ef->data) {
|
if (!ef->data) {
|
||||||
printf("PW retries is empty. Initializing to default\r\n");
|
printf("PW retries is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x1, 3, 3, 3 };
|
const uint8_t def[] = { 0x1, 3, 3, 3 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
@@ -484,7 +484,7 @@ int inc_sig_count() {
|
|||||||
uint32_t counter = (p[0] << 16) | (p[1] << 8) | p[2];
|
uint32_t counter = (p[0] << 16) | (p[1] << 8) | p[2];
|
||||||
counter++;
|
counter++;
|
||||||
uint8_t q[3] = { (counter >> 16) & 0xff, (counter >> 8) & 0xff, counter & 0xff };
|
uint8_t q[3] = { (counter >> 16) & 0xff, (counter >> 8) & 0xff, counter & 0xff };
|
||||||
int r = flash_write_data_to_file(ef, q, sizeof(q));
|
int r = file_put_data(ef, q, sizeof(q));
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return CCID_EXEC_ERROR;
|
return CCID_EXEC_ERROR;
|
||||||
}
|
}
|
||||||
@@ -498,7 +498,7 @@ int reset_sig_count() {
|
|||||||
return CCID_ERR_FILE_NOT_FOUND;
|
return CCID_ERR_FILE_NOT_FOUND;
|
||||||
}
|
}
|
||||||
uint8_t q[3] = { 0 };
|
uint8_t q[3] = { 0 };
|
||||||
int r = flash_write_data_to_file(ef, q, sizeof(q));
|
int r = file_put_data(ef, q, sizeof(q));
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return CCID_EXEC_ERROR;
|
return CCID_EXEC_ERROR;
|
||||||
}
|
}
|
||||||
@@ -868,7 +868,7 @@ int pin_reset_retries(const file_t *pin, bool force) {
|
|||||||
}
|
}
|
||||||
uint8_t max_retries = file_get_data(pw_retries)[(pin->fid & 0xf)];
|
uint8_t max_retries = file_get_data(pw_retries)[(pin->fid & 0xf)];
|
||||||
p[3 + (pin->fid & 0xf)] = max_retries;
|
p[3 + (pin->fid & 0xf)] = max_retries;
|
||||||
int r = flash_write_data_to_file(pw_status, p, file_get_size(pw_status));
|
int r = file_put_data(pw_status, p, file_get_size(pw_status));
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
@@ -885,7 +885,7 @@ int pin_wrong_retry(const file_t *pin) {
|
|||||||
memcpy(p, file_get_data(pw_status), file_get_size(pw_status));
|
memcpy(p, file_get_data(pw_status), file_get_size(pw_status));
|
||||||
if (p[3 + (pin->fid & 0xf)] > 0) {
|
if (p[3 + (pin->fid & 0xf)] > 0) {
|
||||||
p[3 + (pin->fid & 0xf)] -= 1;
|
p[3 + (pin->fid & 0xf)] -= 1;
|
||||||
int r = flash_write_data_to_file(pw_status, p, file_get_size(pw_status));
|
int r = file_put_data(pw_status, p, file_get_size(pw_status));
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
@@ -1026,7 +1026,7 @@ static int cmd_put_data() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = apdu.nc;
|
dhash[0] = apdu.nc;
|
||||||
double_hash_pin(apdu.data, apdu.nc, dhash + 1);
|
double_hash_pin(apdu.data, apdu.nc, dhash + 1);
|
||||||
r = flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
r = file_put_data(ef, dhash, sizeof(dhash));
|
||||||
|
|
||||||
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
|
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
|
||||||
if (!tf) {
|
if (!tf) {
|
||||||
@@ -1037,10 +1037,10 @@ static int cmd_put_data() {
|
|||||||
hash_multi(apdu.data, apdu.nc, session_rc);
|
hash_multi(apdu.data, apdu.nc, session_rc);
|
||||||
memcpy(def + IV_SIZE + 32, dek + IV_SIZE, 32);
|
memcpy(def + IV_SIZE + 32, dek + IV_SIZE, 32);
|
||||||
aes_encrypt_cfb_256(session_rc, def, def + IV_SIZE + 32, 32);
|
aes_encrypt_cfb_256(session_rc, def, def + IV_SIZE + 32, 32);
|
||||||
r = flash_write_data_to_file(tf, def, sizeof(def));
|
r = file_put_data(tf, def, sizeof(def));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
r = flash_write_data_to_file(ef, apdu.data, apdu.nc);
|
r = file_put_data(ef, apdu.data, apdu.nc);
|
||||||
}
|
}
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return SW_MEMORY_FAILURE();
|
return SW_MEMORY_FAILURE();
|
||||||
@@ -1071,7 +1071,7 @@ static int cmd_change_pin() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = apdu.nc - pin_len;
|
dhash[0] = apdu.nc - pin_len;
|
||||||
double_hash_pin(apdu.data + pin_len, apdu.nc - pin_len, dhash + 1);
|
double_hash_pin(apdu.data + pin_len, apdu.nc - pin_len, dhash + 1);
|
||||||
flash_write_data_to_file(pw, dhash, sizeof(dhash));
|
file_put_data(pw, dhash, sizeof(dhash));
|
||||||
|
|
||||||
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
|
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
|
||||||
if (!tf) {
|
if (!tf) {
|
||||||
@@ -1089,7 +1089,7 @@ static int cmd_change_pin() {
|
|||||||
memcpy(def + IV_SIZE + 32 + 32, dek + IV_SIZE, 32);
|
memcpy(def + IV_SIZE + 32 + 32, dek + IV_SIZE, 32);
|
||||||
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32 + 32, 32);
|
aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32 + 32, 32);
|
||||||
}
|
}
|
||||||
flash_write_data_to_file(tf, def, sizeof(def));
|
file_put_data(tf, def, sizeof(def));
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
return SW_OK();
|
return SW_OK();
|
||||||
}
|
}
|
||||||
@@ -1141,12 +1141,12 @@ static int cmd_reset_retry() {
|
|||||||
hash_multi(apdu.data + (apdu.nc - newpin_len), newpin_len, session_pw1);
|
hash_multi(apdu.data + (apdu.nc - newpin_len), newpin_len, session_pw1);
|
||||||
memcpy(def + IV_SIZE, dek + IV_SIZE, 32);
|
memcpy(def + IV_SIZE, dek + IV_SIZE, 32);
|
||||||
aes_encrypt_cfb_256(session_pw1, def, def + IV_SIZE, 32);
|
aes_encrypt_cfb_256(session_pw1, def, def + IV_SIZE, 32);
|
||||||
r = flash_write_data_to_file(tf, def, sizeof(def));
|
r = file_put_data(tf, def, sizeof(def));
|
||||||
|
|
||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = newpin_len;
|
dhash[0] = newpin_len;
|
||||||
double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
|
double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
|
||||||
flash_write_data_to_file(pw, dhash, sizeof(dhash));
|
file_put_data(pw, dhash, sizeof(dhash));
|
||||||
if (pin_reset_retries(pw, true) != CCID_OK) {
|
if (pin_reset_retries(pw, true) != CCID_OK) {
|
||||||
return SW_MEMORY_FAILURE();
|
return SW_MEMORY_FAILURE();
|
||||||
}
|
}
|
||||||
@@ -1203,7 +1203,7 @@ int store_keys(void *key_ctx, int type, uint16_t key_id, bool use_kek) {
|
|||||||
//r = aes_encrypt_cfb_256(file_read(pw3->data+2), session_pw3, kdata, key_size);
|
//r = aes_encrypt_cfb_256(file_read(pw3->data+2), session_pw3, kdata, key_size);
|
||||||
//if (r != CCID_OK)
|
//if (r != CCID_OK)
|
||||||
// return r;
|
// return r;
|
||||||
r = flash_write_data_to_file(ef, kdata, key_size);
|
r = file_put_data(ef, kdata, key_size);
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
@@ -1431,7 +1431,7 @@ static int cmd_keypair_gen() {
|
|||||||
if (!pbef) {
|
if (!pbef) {
|
||||||
return SW_REFERENCE_NOT_FOUND();
|
return SW_REFERENCE_NOT_FOUND();
|
||||||
}
|
}
|
||||||
r = flash_write_data_to_file(pbef, res_APDU, res_APDU_size);
|
r = file_put_data(pbef, res_APDU, res_APDU_size);
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return SW_EXEC_ERROR();
|
return SW_EXEC_ERROR();
|
||||||
}
|
}
|
||||||
@@ -2031,7 +2031,7 @@ static int cmd_import_data() {
|
|||||||
if (!pbef) {
|
if (!pbef) {
|
||||||
return SW_REFERENCE_NOT_FOUND();
|
return SW_REFERENCE_NOT_FOUND();
|
||||||
}
|
}
|
||||||
r = flash_write_data_to_file(pbef, res_APDU, res_APDU_size);
|
r = file_put_data(pbef, res_APDU, res_APDU_size);
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
return SW_EXEC_ERROR();
|
return SW_EXEC_ERROR();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -84,7 +84,7 @@ static int get_serial() {
|
|||||||
#ifndef ENABLE_EMULATION
|
#ifndef ENABLE_EMULATION
|
||||||
pico_unique_board_id_t unique_id;
|
pico_unique_board_id_t unique_id;
|
||||||
pico_get_unique_board_id(&unique_id);
|
pico_get_unique_board_id(&unique_id);
|
||||||
uint32_t serial = (unique_id.id[0] & 7F) << 24 | unique_id.id[1] << 16 | unique_id.id[2] << 8 | unique_id.id[3];
|
uint32_t serial = (unique_id.id[0] & 0x7F) << 24 | unique_id.id[1] << 16 | unique_id.id[2] << 8 | unique_id.id[3];
|
||||||
return serial;
|
return serial;
|
||||||
#else
|
#else
|
||||||
return 0;
|
return 0;
|
||||||
@@ -179,28 +179,28 @@ static void scan_files() {
|
|||||||
if (file_get_size(ef) == 0) {
|
if (file_get_size(ef) == 0) {
|
||||||
printf("PW status is empty. Initializing to default\r\n");
|
printf("PW status is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x1, 127, 127, 127, 3, 3, 3, 3, 3 };
|
const uint8_t def[] = { 0x1, 127, 127, 127, 3, 3, 3, 3, 3 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
else if (file_get_size(ef) == 7) {
|
else if (file_get_size(ef) == 7) {
|
||||||
printf("PW status is older. Initializing to default\r\n");
|
printf("PW status is older. Initializing to default\r\n");
|
||||||
uint8_t def[9] = { 0 };
|
uint8_t def[9] = { 0 };
|
||||||
memcpy(def, file_get_data(ef), 7);
|
memcpy(def, file_get_data(ef), 7);
|
||||||
def[7] = def[8] = 3; // PIV retries
|
def[7] = def[8] = 3; // PIV retries
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PW_RETRIES, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PW_RETRIES, NULL, SPECIFY_ANY))) {
|
||||||
if (file_get_size(ef) == 0) {
|
if (file_get_size(ef) == 0) {
|
||||||
printf("PW retries is empty. Initializing to default\r\n");
|
printf("PW retries is empty. Initializing to default\r\n");
|
||||||
const uint8_t def[] = { 0x1, 3, 3, 3, 3, 3 };
|
const uint8_t def[] = { 0x1, 3, 3, 3, 3, 3 };
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
else if (file_get_size(ef) == 4) {
|
else if (file_get_size(ef) == 4) {
|
||||||
printf("PW retries is older. Initializing to default\r\n");
|
printf("PW retries is older. Initializing to default\r\n");
|
||||||
uint8_t def[6] = { 0 };
|
uint8_t def[6] = { 0 };
|
||||||
memcpy(def, file_get_data(ef), 4);
|
memcpy(def, file_get_data(ef), 4);
|
||||||
def[4] = def[5] = 3; // PIV retries
|
def[4] = def[5] = 3; // PIV retries
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
bool reset_dek = false;
|
bool reset_dek = false;
|
||||||
@@ -219,12 +219,12 @@ static void scan_files() {
|
|||||||
memcpy(def + IV_SIZE + 32*3, dek + IV_SIZE, 32);
|
memcpy(def + IV_SIZE + 32*3, dek + IV_SIZE, 32);
|
||||||
hash_multi(defpin, sizeof(defpin), session_pwpiv);
|
hash_multi(defpin, sizeof(defpin), session_pwpiv);
|
||||||
aes_encrypt_cfb_256(session_pwpiv, def, def + IV_SIZE + 32*3, 32);
|
aes_encrypt_cfb_256(session_pwpiv, def, def + IV_SIZE + 32*3, 32);
|
||||||
flash_write_data_to_file(ef, def, sizeof(def));
|
file_put_data(ef, def, sizeof(def));
|
||||||
|
|
||||||
has_pwpiv = true;
|
has_pwpiv = true;
|
||||||
uint8_t *key = (uint8_t *)"\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08";
|
uint8_t *key = (uint8_t *)"\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08";
|
||||||
file_t *ef = search_by_fid(EF_PIV_KEY_CARDMGM, NULL, SPECIFY_ANY);
|
file_t *ef = search_by_fid(EF_PIV_KEY_CARDMGM, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, key, 24);
|
file_put_data(ef, key, 24);
|
||||||
uint8_t meta[] = { PIV_ALGO_AES192, PINPOLICY_ALWAYS, TOUCHPOLICY_ALWAYS, ORIGIN_GENERATED };
|
uint8_t meta[] = { PIV_ALGO_AES192, PINPOLICY_ALWAYS, TOUCHPOLICY_ALWAYS, ORIGIN_GENERATED };
|
||||||
meta_add(EF_PIV_KEY_CARDMGM, meta, sizeof(meta));
|
meta_add(EF_PIV_KEY_CARDMGM, meta, sizeof(meta));
|
||||||
has_pwpiv = false;
|
has_pwpiv = false;
|
||||||
@@ -240,7 +240,7 @@ static void scan_files() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def);
|
dhash[0] = sizeof(def);
|
||||||
double_hash_pin(def, sizeof(def), dhash + 1);
|
double_hash_pin(def, sizeof(def), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PIV_PUK, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PIV_PUK, NULL, SPECIFY_ANY))) {
|
||||||
@@ -250,7 +250,7 @@ static void scan_files() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def);
|
dhash[0] = sizeof(def);
|
||||||
double_hash_pin(def, sizeof(def), dhash + 1);
|
double_hash_pin(def, sizeof(def), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((ef = search_by_fid(EF_PIV_KEY_ATTESTATION, NULL, SPECIFY_ANY))) {
|
if ((ef = search_by_fid(EF_PIV_KEY_ATTESTATION, NULL, SPECIFY_ANY))) {
|
||||||
@@ -263,7 +263,7 @@ static void scan_files() {
|
|||||||
uint8_t cert[2048];
|
uint8_t cert[2048];
|
||||||
r = x509_create_cert(&ecdsa, PIV_ALGO_ECCP384, EF_PIV_KEY_ATTESTATION, false, cert, sizeof(cert));
|
r = x509_create_cert(&ecdsa, PIV_ALGO_ECCP384, EF_PIV_KEY_ATTESTATION, false, cert, sizeof(cert));
|
||||||
ef = search_by_fid(EF_PIV_ATTESTATION, NULL, SPECIFY_ANY);
|
ef = search_by_fid(EF_PIV_ATTESTATION, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, cert + sizeof(cert) - r, r);
|
file_put_data(ef, cert + sizeof(cert) - r, r);
|
||||||
mbedtls_ecdsa_free(&ecdsa);
|
mbedtls_ecdsa_free(&ecdsa);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -885,7 +885,7 @@ static int cmd_asym_keygen() {
|
|||||||
uint8_t cert[2048];
|
uint8_t cert[2048];
|
||||||
r = x509_create_cert(&rsa, a80.data[0], key_ref, false, cert, sizeof(cert));
|
r = x509_create_cert(&rsa, a80.data[0], key_ref, false, cert, sizeof(cert));
|
||||||
file_t *ef = search_by_fid(key_cert, NULL, SPECIFY_ANY);
|
file_t *ef = search_by_fid(key_cert, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, cert + sizeof(cert) - r, r);
|
file_put_data(ef, cert + sizeof(cert) - r, r);
|
||||||
r = store_keys(&rsa, ALGO_RSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
|
r = store_keys(&rsa, ALGO_RSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
|
||||||
mbedtls_rsa_free(&rsa);
|
mbedtls_rsa_free(&rsa);
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
@@ -906,7 +906,7 @@ static int cmd_asym_keygen() {
|
|||||||
uint8_t cert[2048];
|
uint8_t cert[2048];
|
||||||
r = x509_create_cert(&ecdsa, a80.data[0], key_ref, false, cert, sizeof(cert));
|
r = x509_create_cert(&ecdsa, a80.data[0], key_ref, false, cert, sizeof(cert));
|
||||||
file_t *ef = search_by_fid(key_cert, NULL, SPECIFY_ANY);
|
file_t *ef = search_by_fid(key_cert, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, cert + sizeof(cert) - r, r);
|
file_put_data(ef, cert + sizeof(cert) - r, r);
|
||||||
r = store_keys(&ecdsa, ALGO_ECDSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
|
r = store_keys(&ecdsa, ALGO_ECDSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
|
||||||
mbedtls_ecdsa_free(&ecdsa);
|
mbedtls_ecdsa_free(&ecdsa);
|
||||||
if (r != CCID_OK) {
|
if (r != CCID_OK) {
|
||||||
@@ -947,7 +947,7 @@ int cmd_put_data() {
|
|||||||
return SW_MEMORY_FAILURE();
|
return SW_MEMORY_FAILURE();
|
||||||
}
|
}
|
||||||
if (a53.len > 0) {
|
if (a53.len > 0) {
|
||||||
flash_write_data_to_file(ef, a53.data, a53.len);
|
file_put_data(ef, a53.data, a53.len);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
flash_clear_file(ef);
|
flash_clear_file(ef);
|
||||||
@@ -978,7 +978,7 @@ static int cmd_set_mgmkey() {
|
|||||||
return SW_WRONG_DATA();
|
return SW_WRONG_DATA();
|
||||||
}
|
}
|
||||||
file_t *ef = search_by_fid(key_ref, NULL, SPECIFY_ANY);
|
file_t *ef = search_by_fid(key_ref, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, apdu.data + 3, pinlen);
|
file_put_data(ef, apdu.data + 3, pinlen);
|
||||||
uint8_t *meta = NULL, new_meta[4];
|
uint8_t *meta = NULL, new_meta[4];
|
||||||
int meta_len = 0;
|
int meta_len = 0;
|
||||||
if ((meta_len = meta_find(key_ref, &meta)) <= 0) {
|
if ((meta_len = meta_find(key_ref, &meta)) <= 0) {
|
||||||
@@ -1011,7 +1011,7 @@ static int cmd_move_key() {
|
|||||||
return SW_FILE_NOT_FOUND();
|
return SW_FILE_NOT_FOUND();
|
||||||
}
|
}
|
||||||
if (to != 0xFF) {
|
if (to != 0xFF) {
|
||||||
flash_write_data_to_file(efd, file_get_data(efs), file_get_size(efs));
|
file_put_data(efd, file_get_data(efs), file_get_size(efs));
|
||||||
}
|
}
|
||||||
flash_clear_file(efs);
|
flash_clear_file(efs);
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
@@ -1035,7 +1035,7 @@ static int cmd_change_pin() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = pin_len;
|
dhash[0] = pin_len;
|
||||||
double_hash_pin(apdu.data + pin_data[0], pin_len, dhash + 1);
|
double_hash_pin(apdu.data + pin_data[0], pin_len, dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
return SW_OK();
|
return SW_OK();
|
||||||
}
|
}
|
||||||
@@ -1057,7 +1057,7 @@ static int cmd_reset_retry() {
|
|||||||
dhash[0] = pin_len;
|
dhash[0] = pin_len;
|
||||||
double_hash_pin(apdu.data + puk_data[0], pin_len, dhash + 1);
|
double_hash_pin(apdu.data + puk_data[0], pin_len, dhash + 1);
|
||||||
ef = search_by_fid(EF_PIV_PIN, NULL, SPECIFY_ANY);
|
ef = search_by_fid(EF_PIV_PIN, NULL, SPECIFY_ANY);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
pin_reset_retries(ef, true);
|
pin_reset_retries(ef, true);
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
return SW_OK();
|
return SW_OK();
|
||||||
@@ -1072,7 +1072,7 @@ static int cmd_set_retries() {
|
|||||||
memcpy(tmp, file_get_data(ef), file_get_size(ef));
|
memcpy(tmp, file_get_data(ef), file_get_size(ef));
|
||||||
tmp[4] = P1(apdu);
|
tmp[4] = P1(apdu);
|
||||||
tmp[5] = P2(apdu);
|
tmp[5] = P2(apdu);
|
||||||
flash_write_data_to_file(ef, tmp, file_get_size(ef));
|
file_put_data(ef, tmp, file_get_size(ef));
|
||||||
free(tmp);
|
free(tmp);
|
||||||
|
|
||||||
ef = search_by_fid(EF_PIV_PIN, NULL, SPECIFY_ANY);
|
ef = search_by_fid(EF_PIV_PIN, NULL, SPECIFY_ANY);
|
||||||
@@ -1080,14 +1080,14 @@ static int cmd_set_retries() {
|
|||||||
uint8_t dhash[33];
|
uint8_t dhash[33];
|
||||||
dhash[0] = sizeof(def_pin);
|
dhash[0] = sizeof(def_pin);
|
||||||
double_hash_pin(def_pin, sizeof(def_pin), dhash + 1);
|
double_hash_pin(def_pin, sizeof(def_pin), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
pin_reset_retries(ef, true);
|
pin_reset_retries(ef, true);
|
||||||
|
|
||||||
ef = search_by_fid(EF_PIV_PUK, NULL, SPECIFY_ANY);
|
ef = search_by_fid(EF_PIV_PUK, NULL, SPECIFY_ANY);
|
||||||
const uint8_t def_puk[8] = {0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38};
|
const uint8_t def_puk[8] = {0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38};
|
||||||
dhash[0] = sizeof(def_puk);
|
dhash[0] = sizeof(def_puk);
|
||||||
double_hash_pin(def_puk, sizeof(def_puk), dhash + 1);
|
double_hash_pin(def_puk, sizeof(def_puk), dhash + 1);
|
||||||
flash_write_data_to_file(ef, dhash, sizeof(dhash));
|
file_put_data(ef, dhash, sizeof(dhash));
|
||||||
pin_reset_retries(ef, true);
|
pin_reset_retries(ef, true);
|
||||||
|
|
||||||
low_flash_available();
|
low_flash_available();
|
||||||
|
|||||||
Reference in New Issue
Block a user