Introduce GET BULK DATA to execute GET DATA in multiple DO with a single APDU.

It saves considerable bandwidth since only one APDU/RAPDU are transmitted.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

.github/FUNDING.yml

@@ -0,0 +1,4 @@
+# These are supported funding model platforms
+
+github: polhenarejos
+custom: ["https://www.paypal.me/polhenarejos"]

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,50 @@
+## Summary
+
+Describe in plain language what this PR does and why.
+
+- What problem does it solve?
+- Is it a bug fix, a new feature, a cleanup/refactor…?
+
+
+## Details / Impact
+
+Please include any relevant details:
+
+- Hardware / board(s) tested:
+- Firmware / commit/base version:
+- Security impact (if any):
+  - e.g. changes PIN handling, touches key storage, affects attestation, etc.
+- Behavior changes:
+  - e.g. new command, new API surface, different defaults, etc.
+
+
+## Testing
+
+How did you test this change?
+
+- Steps to reproduce / validate:
+- Expected vs actual results:
+- Any logs / traces (please remove secrets):
+
+
+## Licensing confirmation (required)
+
+By checking the box below, you confirm ALL of the following:
+
+- You are the author of this contribution, or you have the right to contribute it.
+- You have read `CONTRIBUTING.md`.
+- You agree that this contribution may be merged, used, modified, and redistributed:
+  - under the AGPLv3 Community Edition, **and**
+  - under any proprietary / commercial / Enterprise editions of this project,
+    now or in the future.
+- You understand that submitting this PR does not create any support obligation,
+  SLA, or guarantee of merge.
+
+**I confirm the above licensing terms:**
+
+- [ ] Yes, I agree
+
+
+## Anything else?
+
+Optional: mention known limitations, follow-ups, or if this is related to an existing Issue.

.github/workflows/codeql.yml

@@ -0,0 +1,73 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '23 5 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp', 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+        mode: [ 'pico', 'local' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    # - name: Autobuild
+    #  uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    - run: |
+       echo "Run, Build Application using script"
+       ./workflows/autobuild.sh ${{ matrix.mode }}
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/nightly.yml

@@ -0,0 +1,42 @@
+name: "Nightly deploy"
+
+on:
+  schedule:
+    - cron: '0 2 * * *'
+  workflow_dispatch:
+
+jobs:
+  nightly:
+    name: Deploy nightly
+    strategy:
+      fail-fast: false
+      matrix:
+        refs: [main]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ matrix.refs }}
+          submodules: 'recursive'
+      - name: Restore private key
+        run: |
+          echo "${{ secrets.PRIVATE_KEY_B64 }}" | base64 -d > private.pem
+          chmod 600 private.pem
+      - name : Build
+        env:
+          PICO_SDK_PATH: ../pico-sdk
+          SECURE_BOOT_PKEY: ../private.pem
+        run: |
+           ./workflows/autobuild.sh pico
+           ./build_pico_openpgp.sh --no-eddsa
+           ./workflows/autobuild.sh esp32
+      - name: Delete private key
+        run: rm private.pem
+      - name: Update nightly release
+        uses: pyTooling/Actions/releaser@v6.7.0
+        with:
+          tag: nightly-${{ matrix.refs }}
+          rm: true
+          token: ${{ secrets.GITHUB_TOKEN }}
+          files: release/*.*

.github/workflows/test.yml

@@ -0,0 +1,37 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "Emulation and test"
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ "main", "piv", "eddsa" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main", "piv", "eddsa" ]
+  schedule:
+    - cron: '23 5 * * 4'
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository and submodules
+      uses: actions/checkout@v3
+      with:
+        submodules: recursive
+    - name: Build in container
+      run: ./tests/build-in-docker.sh
+    - name: Start emulation and test
+      run: ./tests/run-test-in-docker.sh

.gitmodules

@@ -1,3 +1,3 @@
-[submodule "pico-ccid"]
+[submodule "pico-keys-sdk"]
-	path = pico-ccid
+	path = pico-keys-sdk
-	url = https://github.com/polhenarejos/pico-ccid.git
+	url = https://github.com/polhenarejos/pico-keys-sdk

CMakeLists.txt

@@ -1,101 +1,127 @@
- # 
+#
- # This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+# This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
- # Copyright (c) 2022 Pol Henarejos.
+# Copyright (c) 2022 Pol Henarejos.
- # 
+#
- # This program is free software: you can redistribute it and/or modify  
+# This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by  
+# it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, version 3.
+# the Free Software Foundation, version 3.
- #
+#
- # This program is distributed in the hope that it will be useful, but 
+# This program is distributed in the hope that it will be useful, but
- # WITHOUT ANY WARRANTY; without even the implied warranty of 
+# WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- # General Public License for more details.
+# General Public License for more details.
- #
+#
- # You should have received a copy of the GNU General Public License 
+# You should have received a copy of the GNU General Public License
- # along with this program. If not, see <http://www.gnu.org/licenses/>.
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
- #
+#
 
 cmake_minimum_required(VERSION 3.13)
 
-include(pico_sdk_import.cmake)
+set(USB_VID 0x2E8A)
+set(USB_PID 0x10FF)
 
-project(pico_openpgp C CXX ASM)
+if(ESP_PLATFORM)
+    set(EXTRA_COMPONENT_DIRS pico-keys-sdk/config/esp32/components src/openpgp)
+    include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+else()
+    if(NOT ENABLE_EMULATION)
+        set(PICO_USE_FASTEST_SUPPORTED_CLOCK 1)
+        include(pico_sdk_import.cmake)
+    endif()
 
-set(CMAKE_C_STANDARD 11)
+    project(pico_openpgp C CXX ASM)
-set(CMAKE_CXX_STANDARD 17)
 
-pico_sdk_init()
+    set(CMAKE_C_STANDARD 11)
+    set(CMAKE_CXX_STANDARD 17)
 
-add_executable(pico_openpgp)
+    if(NOT DEFINED __FOR_CI)
+        set(__FOR_CI 0)
+    endif()
+    if(__FOR_CI)
+        add_definitions(-D__FOR_CI)
+    endif()
 
-if (NOT DEFINED USB_VID)
+    add_executable(pico_openpgp)
-    set(USB_VID 0xFEFF)
 endif()
-add_definitions(-DUSB_VID=${USB_VID})
-if (NOT DEFINED USB_PID)
-    set(USB_PID 0xFCFD)
-endif()
-add_definitions(-DUSB_PID=${USB_PID})
 
-target_sources(pico_openpgp PUBLIC
+set(USB_ITF_CCID 1)
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/ccid2040.c
+set(USB_ITF_WCID 1)
+include(pico-keys-sdk/pico_keys_sdk_import.cmake)
+
+if(NOT ESP_PLATFORM)
+    set(SOURCES ${PICO_KEYS_SOURCES})
+endif()
+set(SOURCES ${SOURCES}
         ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/openpgp.c
         ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/files.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb_descriptors.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/piv.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/file.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/management.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/flash.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_select.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/low_flash.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_get_data.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/random.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_verify.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/neug.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_put_data.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/crypto_utils.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_select_data.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/eac.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_import_data.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_version.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_change_pin.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_mse.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_internal_aut.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_challenge.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_activate_file.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_terminate_df.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_pso.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_keypair_gen.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/cmd_reset_retry.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/do.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/defs.c
+)
 
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha256.c
+SET_VERSION(ver_major ver_minor "${CMAKE_CURRENT_LIST_DIR}/src/openpgp/version.h")
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha512.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/platform_util.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/oid.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa_alt_helpers.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/constant_time.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp_curves.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hmac_drbg.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md5.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ripemd160.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha1.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdh.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cmac.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher_wrap.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/chachapoly.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/camellia.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/chacha20.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aria.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/poly1305.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/gcm.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ccm.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/des.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/nist_kw.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hkdf.c
-        )
 
-target_include_directories(pico_openpgp PUBLIC
+if(ESP_PLATFORM)
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs
+    project(pico_openpgp)
+endif()
+
+set(INCLUDES ${INCLUDES}
         ${CMAKE_CURRENT_LIST_DIR}/src/openpgp
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid
+)
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng
+if(NOT ESP_PLATFORM)
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb
+    target_sources(pico_openpgp PUBLIC ${SOURCES})
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include
+    target_include_directories(pico_openpgp PUBLIC ${INCLUDES})
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library
+
+    target_compile_options(pico_openpgp PUBLIC
+        -Wall
+    )
+    if(NOT MSVC)
+        target_compile_options(pico_openpgp PUBLIC
+            -Werror
+        )
+    endif()
+
+    if(ENABLE_EMULATION)
+        if(NOT MSVC)
+            target_compile_options(pico_openpgp PUBLIC
+                -fdata-sections
+                -ffunction-sections
+            )
+        endif()
+        if(APPLE)
+            target_link_options(pico_openpgp PUBLIC
+                -Wl,-dead_strip
+            )
+        elseif(MSVC)
+            target_compile_options(pico_openpgp PUBLIC
+                -WX
             )
 
-pico_add_extra_outputs(pico_openpgp)
+            target_link_libraries(pico_openpgp PUBLIC wsock32 ws2_32 Bcrypt)
-
+        else()
-#target_compile_definitions(pico_openpgp PRIVATE MBEDTLS_ECDSA_DETERMINISTIC=1)
+            target_link_options(pico_openpgp PUBLIC
-
+                -Wl,--gc-sections
-target_link_libraries(pico_openpgp PRIVATE pico_stdlib tinyusb_device tinyusb_board pico_multicore hardware_flash hardware_sync hardware_adc pico_unique_id hardware_rtc)
+            )
+        endif(APPLE)
+        target_link_libraries(pico_openpgp PRIVATE pico_keys_sdk mbedtls pthread m)
+    else()
+        pico_add_extra_outputs(${CMAKE_PROJECT_NAME})
+    endif()
+endif()

CONTRIBUTING.md

@@ -0,0 +1,105 @@
+# Contributing
+
+Thank you for your interest in contributing to this project.
+
+This repository is published in two forms:
+- a Community Edition released under AGPLv3, and
+- a proprietary / commercial / Enterprise Edition offered to organizations.
+
+To keep that model legally clean, we need to be explicit about how contributions can be used.
+
+By opening a pull request, you agree to all of the following:
+
+1. **You have the right to contribute this code.**
+   You are either the original author of the contribution, or you have obtained the necessary rights/permissions to contribute it under these terms.
+
+2. **Dual licensing permission.**
+   You agree that your contribution may be:
+   - merged into this repository, and
+   - used, copied, modified, sublicensed, and redistributed
+     - under the AGPLv3 Community Edition, and
+     - under any proprietary / commercial / Enterprise editions of this project,
+       now or in the future.
+
+   In other words: you are granting the project maintainer(s) the right to include
+   your contribution in both the open-source (AGPLv3) codebase and in closed-source /
+   commercially licensed builds, without any additional approval or payment.
+
+3. **Attribution.**
+   The maintainers may keep or add attribution lines such as
+   `Copyright (c) <your name>` or an AUTHORS / CONTRIBUTORS list.
+   The maintainers may also make changes for clarity, style, security, refactoring,
+   or integration reasons.
+
+4. **No automatic SLA.**
+   Submitting a pull request does *not* create any support obligation,
+   service-level agreement, warranty, or guarantee that the contribution
+   will be reviewed, merged, or maintained.
+
+5. **Potential rejection for business reasons.**
+   Features that fall under "Enterprise / Commercial" functionality
+   (e.g. multi-tenant provisioning at scale, centralized audit trails,
+   corporate policy enforcement, attestation/branding flows, key escrow / dual-control,
+   etc.) may be declined for the public AGPLv3 tree even if technically valid.
+   That is normal: some functionality is intentionally offered only
+   under commercial terms.
+
+If you are not comfortable with these terms, **do not open a pull request yet.**
+Instead, please open an Issue to start a discussion.
+
+## How to contribute (technical side)
+
+### 1. Bug reports / issues
+- Please include:
+  - hardware / board revision
+  - firmware / commit hash
+  - exact steps to reproduce
+  - expected vs actual behavior
+  - logs / traces if available (strip secrets)
+
+Security-sensitive findings: do **not** post publicly.
+Send a short report by email instead so it can be triaged responsibly.
+
+### 2. Small fixes / minor improvements
+- You can open a PR directly for:
+  - bug fixes
+  - portability fixes / new board definitions
+  - clarifications in code comments
+  - build / tooling cleanup
+  - documentation of existing behavior
+
+Please keep PRs focused (one logical change per PR if possible).
+
+### 3. Larger features / behavior changes
+- Please open an Issue first and describe:
+  - what problem you're solving (not just "add feature X")
+  - impact on existing flows / security model
+  - any new dependencies
+
+This helps avoid doing a bunch of work on something that won't be accepted
+in the Community Edition.
+
+### 4. Coding style / security posture
+- Aim for clarity and small, auditable changes. This code runs in places
+  where secrets live.
+- No debug backdoors, no "just for testing" shortcuts left enabled.
+- Keep external dependencies minimal and license-compatible
+  (MIT / Apache 2.0 / similarly permissive is usually fine).
+
+### 5. Commit / PR format
+- Use descriptive commit messages ("Fix PIN retry counter wrap" is better than "fix stuff").
+- In the PR description, please include a short summary of what was changed and why.
+- At the bottom of the PR description, **copy/paste and confirm the licensing line below**:
+
+  > I confirm that I have read `CONTRIBUTING.md` and I agree that this contribution may be used under both the AGPLv3 Community Edition and any proprietary / commercial / Enterprise editions of this project, now or in the future.
+
+A PR without that confirmation may be delayed or closed without merge.
+
+## Thank you
+
+This project exists because people build on it, break it, fix it,
+and push it into places it wasn't originally designed to go.
+
+Whether you are here for research, hacking on hardware,
+rolling out secure keys for a team, or building a commercial product:
+thank you for helping improve it.

ENTERPRISE.md

@@ -0,0 +1,116 @@
+# Enterprise / Commercial Edition
+
+This project is offered under two editions:
+
+## 1. Community Edition (FOSS)
+
+The Community Edition is released under the GNU Affero General Public License v3 (AGPLv3).
+
+Intended for:
+- individual users and researchers
+- evaluation / prototyping
+- internal lab / security testing
+
+You are allowed to:
+- read and study the source code
+- modify it
+- run it internally
+
+Obligations under AGPLv3:
+- If you distribute modified firmware/binaries/libraries to third parties, you must provide the corresponding source code of your modifications.
+- If you run a modified version of this project as a network-accessible service (internal or external), you must offer the source code of those modifications to the users of that service.
+- No warranty, no support, no SLA.
+- Enterprise features (bulk provisioning, multi-user policy enforcement, device inventory / revocation, corporate PIN rules, custom attestation/identity, etc.) are NOT included.
+
+The Community Edition will continue to exist.
+
+## 2. Enterprise / Commercial Edition
+
+The Enterprise / Commercial Edition is a proprietary license for organizations that need to:
+
+- deploy this in production at scale (multiple devices / multiple users / multiple teams)
+- integrate it into their own physical product or appliance
+- run it as an internal service (VM / container / private cloud "HSM / auth backend") for multiple internal teams or tenants
+- enforce internal security policy (admin vs user roles, mandatory PIN rules, secure offboarding / revocation)
+- avoid any AGPLv3 disclosure obligations for their own modifications and integration code
+
+### What the Enterprise Edition provides
+
+**Base license package (always included):**
+- **Commercial license (proprietary).**
+  You may run and integrate the software/firmware in production — including virtualized / internal-cloud style deployments — without being required to disclose derivative source code under AGPLv3.
+- **Official signed builds.**
+  You receive signed builds from the original developer so you can prove integrity and provenance.
+- **Onboarding call (up to 1 hour).**
+  A live remote session to get you from "we have it" to "it’s actually running in our environment" with minimal guesswork.
+
+**Optional enterprise components (available on demand, scoped and priced per customer):**
+- **Production / multi-user readiness.**
+  Permission to operate the system with multiple users, multiple devices and multiple teams in real environments.
+- **Bulk / fleet provisioning.**
+  Automated enrollment for many tokens/devices/users at once (CSV / directory import), scripted onboarding of new users, initial PIN assignment / reset workflows, and role-based access (admin vs user).
+- **Policy & lifecycle tooling.**
+  Corporate PIN policy enforcement, per-user / per-team access control, device inventory / traceability, and secure revocation / retirement when someone leaves.
+- **Custom attestation / per-organization identity.**
+  Per-company certificate chains and attestation keys so devices can prove "this token/HSM is officially ours," including anti-cloning / unique device identity for OEM and fleet use.
+- **Virtualization / internal cloud deployment support.**
+  Guidance and components to run this as an internal service (VM, container, private-cloud HSM/auth backend) serving multiple internal teams or tenants under your brand.
+- **Post-quantum (PQC) key material handling.**
+  Integration/roadmap support for PQC algorithms (auth / signing) and secure PQC key storage inside the device or service.
+- **Hierarchical deterministic key derivation (HD).**
+  Wallet-style hierarchical key trees (BIP32-like concepts adapted to this platform) for issuing per-user / per-tenant / per-purpose subkeys without exporting the root secret — e.g. embedded wallet logic, tenant isolation, firmware signing trees, large fleets.
+- **Cryptographically signed audit trail / tamper-evident event logging.**
+  High-assurance logging of sensitive actions (key use, provisioning, PIN resets, revocations) with integrity protection for forensic / compliance needs.
+- **Dual-control / two-person approval ("four-eyes").**
+  Require multi-party authorization for high-risk actions such as firmware signing, key export, or critical configuration changes — standard in high-assurance / regulated environments.
+- **Secure key escrow / disaster recovery design.**
+  Split-secret or escrowed backup strategies so you don’t lose critical signing keys if a single admin disappears or hardware is lost.
+- **Release-signing / supply-chain hardening pipeline.**
+  Reference tooling and process so every production firmware/binary is signed with hardware-backed keys, proving origin and preventing tampering in transit or at manufacturing.
+- **Policy-locked hardened mode ("FIPS-style profile").**
+  Restricted algorithms, debug disabled, no raw key export, tamper-evident configuration for regulated / high-assurance deployments.
+- **Priority support / security response SLA.**
+  A direct line and guaranteed response window for production-impacting security issues.
+- **White-label demo / pre-sales bundle.**
+  Branded demo firmware + safe onboarding script so you can show "your product" to your own customers without exposing real production secrets.
+
+These components are NOT automatically bundled. They are available case-by-case depending on your use case and are priced separately.
+
+### Licensing models
+
+- **Internal Use License**
+  Internal production use within one legal entity (your company), including internal private cloud / virtualized deployments for multiple internal teams.
+  Optional enterprise components can be added as needed.
+
+- **OEM / Redistribution / Service License**
+  Integration into a product/appliance you ship to customers, OR operating this as a managed service / hosted feature for external clients or third parties.
+  Optional enterprise components (attestation branding, PQC support, HD key derivation, multi-tenant service hardening, audit trail, etc.) can be added as required.
+
+Pricing depends on scope, fleet size, number of users/tenants, regulatory requirements, and which optional components you select.
+
+### Request a quote
+
+Email: pol@henarejos.me
+Subject: `ENTERPRISE LICENSE <your company name>`
+
+Please include:
+- Company name and country
+- Intended use:
+  - Internal private deployment
+  - OEM / external service to third parties
+- Approximate scale (number of devices/tokens, number of users/tenants)
+- Which optional components you are interested in (bulk provisioning, policy & lifecycle tooling, attestation branding / anti-cloning, virtualization/cloud, PQC, HD key derivation, audit trail, dual-control, key escrow, supply-chain signing, hardened mode, SLA, white-label demo)
+
+You will receive:
+1. A short commercial license agreement naming your company.
+2. Access to the base package (and any optional components agreed).
+3. Scheduling of the onboarding call.
+
+## Why Enterprise exists
+
+- Companies often need hardware-backed security (HSM, FIDO2, OpenPGP, etc.) under their own control, but cannot or will not open-source their internal security workflows.
+- They also need multi-user / fleet-management features that hobby users do not.
+- The commercial license funds continued development, maintenance and new hardware support.
+
+The Community Edition remains AGPLv3.
+The Enterprise Edition is for production, scale, and legal clarity.

LICENSE

@@ -1,5 +1,5 @@
-                    GNU GENERAL PUBLIC LICENSE
+                    GNU AFFERO GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
+                       Version 3, 19 November 2007
 
  Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
@@ -7,17 +7,15 @@
 
                             Preamble
 
-  The GNU General Public License is a free, copyleft license for
+  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works.
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
 
   The licenses for most software and other practical works are designed
 to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom to
+our General Public Licenses are intended to guarantee your freedom to
 share and change all versions of a program--to make sure it remains free
-software for all its users.  We, the Free Software Foundation, use the
+software for all its users.
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors.  You can apply it to
-your programs, too.
 
   When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
@@ -26,44 +24,34 @@ them if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new
 free programs, and that you know you can do these things.
 
-  To protect your rights, we need to prevent others from denying you
+  Developers that use our General Public Licenses protect your rights
-these rights or asking you to surrender the rights.  Therefore, you have
+with two steps: (1) assert copyright on the software, and (2) offer
-certain responsibilities if you distribute copies of the software, or if
+you this License which gives you legal permission to copy, distribute
-you modify it: responsibilities to respect the freedom of others.
+and/or modify the software.
 
-  For example, if you distribute copies of such a program, whether
+  A secondary benefit of defending all users' freedom is that
-gratis or for a fee, you must pass on to the recipients the same
+improvements made in alternate versions of the program, if they
-freedoms that you received.  You must make sure that they, too, receive
+receive widespread use, become available for other developers to
-or can get the source code.  And you must show them these terms so they
+incorporate.  Many developers of free software are heartened and
-know their rights.
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
 
-  Developers that use the GNU GPL protect your rights with two steps:
+  The GNU Affero General Public License is designed specifically to
-(1) assert copyright on the software, and (2) offer you this License
+ensure that, in such cases, the modified source code becomes available
-giving you legal permission to copy, distribute and/or modify it.
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
 
-  For the developers' and authors' protection, the GPL clearly explains
+  An older license, called the Affero General Public License and
-that there is no warranty for this free software.  For both users' and
+published by Affero, was designed to accomplish similar goals.  This is
-authors' sake, the GPL requires that modified versions be marked as
+a different license, not a version of the Affero GPL, but Affero has
-changed, so that their problems will not be attributed erroneously to
+released a new version of the Affero GPL which permits relicensing under
-authors of previous versions.
+this license.
-
-  Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so.  This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software.  The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable.  Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products.  If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
-  Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary.  To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
 
   The precise terms and conditions for copying, distribution and
 modification follow.
@@ -72,7 +60,7 @@ modification follow.
 
   0. Definitions.
 
-  "This License" refers to version 3 of the GNU General Public License.
+  "This License" refers to version 3 of the GNU Affero General Public License.
 
   "Copyright" also means copyright-like laws that apply to other kinds of
 works, such as semiconductor masks.
@@ -549,35 +537,45 @@ to collect a royalty for further conveying from those to whom you convey
 the Program, the only way you could satisfy both those terms and this
 License would be to refrain entirely from conveying the Program.
 
-  13. Use with the GNU Affero General Public License.
+  13. Remote Network Interaction; Use with the GNU General Public License.
+
+  Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software.  This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
 
   Notwithstanding any other provision of this License, you have
 permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
+under version 3 of the GNU General Public License into a single
 combined work, and to convey the resulting work.  The terms of this
 License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
+but the work with which it is combined will remain governed by version
-section 13, concerning interaction through a network will apply to the
+3 of the GNU General Public License.
-combination as such.
 
   14. Revised Versions of this License.
 
   The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time.  Such new versions will
+the GNU Affero General Public License from time to time.  Such new versions
-be similar in spirit to the present version, but may differ in detail to
+will be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 
   Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU General
+Program specifies that a certain numbered version of the GNU Affero General
 Public License "or any later version" applies to it, you have the
 option of following the terms and conditions either of that numbered
 version or of any later version published by the Free Software
 Foundation.  If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
+GNU Affero General Public License, you may choose any version ever published
 by the Free Software Foundation.
 
   If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
+versions of the GNU Affero General Public License can be used, that proxy's
 public statement of acceptance of a version permanently authorizes you
 to choose that version for the Program.
 
@@ -635,40 +633,29 @@ the "copyright" line and a pointer to where the full notice is found.
     Copyright (C) <year>  <name of author>
 
     This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
+    it under the terms of the GNU Affero General Public License as published by
     the Free Software Foundation, either version 3 of the License, or
     (at your option) any later version.
 
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
+    GNU Affero General Public License for more details.
 
-    You should have received a copy of the GNU General Public License
+    You should have received a copy of the GNU Affero General Public License
     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 Also add information on how to contact you by electronic and paper mail.
 
-  If the program does terminal interaction, make it output a short
+  If your software can interact with users remotely through a computer
-notice like this when it starts in an interactive mode:
+network, you should also make sure that it provides a way for users to
-
+get its source.  For example, if your program is a web application, its
-    <program>  Copyright (C) <year>  <name of author>
+interface could display a "Source" link that leads users to an archive
-    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+of the code.  There are many ways you could offer source, and different
-    This is free software, and you are welcome to redistribute it
+solutions will be better for different programs; see section 13 for the
-    under certain conditions; type `show c' for details.
+specific requirements.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
 
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
+For more information on this, and how to apply and follow the GNU AGPL, see
 <https://www.gnu.org/licenses/>.
-
-  The GNU General Public License does not permit incorporating your program
-into proprietary programs.  If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.  But first, please read
-<https://www.gnu.org/licenses/why-not-lgpl.html>.

README.md

@@ -0,0 +1,216 @@
+# Pico OpenPGP
+This project aims at transforming your Raspberry Pico or ESP32 microcontroller into a Smart Card with an OpenPGP applet integrated. The Pico works as a reader with an embedded OpenPGP card, like a USB card.
+
+OpenPGP cards are used to manage PGP keys and do cryptographic operations, such as keypair generation, signing and asymmetric deciphering. Pico OpenPGP follows the [**OpenPGP 3.4.1** specifications](https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.pdf "**OpenPGP 3.4.1** specifications"), available at [GnuPG](http://gnupg.org "GnuPG").
+
+If you are looking for a OpenPGP + Fido, see: https://github.com/polhenarejos/pico-fido2. Available through [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App").
+
+## Features
+Pico OpenPGP has implemented the following features:
+
+- Key generation and encrypted storage.
+- RSA key generation from 1024 to 4096 bits.
+- ECDSA key generation from 192 to 521 bits.
+- ECC curves secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp256k1.
+- SHA1, SHA224, SHA256, SHA384, SHA512 digests.
+- RSA-PKCS and raw RSA signature.
+- ECDSA raw and hash signature.
+- ECDH key derivation.
+- PIN authorization.
+- PKCS11 compliant interface.
+- HRNG (hardware random number generator).
+- Device Encryption Key (DEK).
+- USB/CCID support with OpenSC, openssl, etc.
+- Extended APDU support.
+- Lifecycle card (termination and activation).
+- Press-to-confirm button.
+- User Interaction Flag for enabling/disabling press-to-confirm button.
+- Key Derivation Function (KDF) for PIN.
+- Manage Security Environment (MSE).
+- DEK for internal safe storage.
+- AES key generation.
+- AES ciphering and deciphering.
+- Cardholder certificates support.
+- Secure Boot and Secure Lock in RP2350 and ESP32-S3 MCUs.
+- One Time Programming to store the master key that encrypts all resident keys and seeds.
+- Rescue interface to allow recovery of the device if it becomes unresponsive or undetectable.
+- LED customization with PicoKey App.
+
+All these features are compliant with the specification. Therefore, if you detect some behaviour that is not expected or it does not follow the rules of specs, please open an issue.
+
+## AES support
+There is no known software that supports AES with OpenPGP. Nevertheless, it can be used with customized PKCS11 modules or interfacing with raw APDU packets.
+
+During asymmetric key generation for DEC key, Pico OpenPGP also generates a 32 bits symmetric key for AES operations.
+
+OpenPGP card 3.4 specifications describe the procedure to perform ciphering (encryption and decryption) with AES via PSO:ENCIPHER and PSO:DECIPHER. Both commands are supported by Pico OpenPGP.
+
+### About Gnuk
+This project was inspired by [Gnuk](https://wiki.debian.org/GNUK "Gnuk"), a same project but focused on STM32 processor family. Despite the initial idea was to port Gnuk to the Raspberry Pico family, the underlaying architecture is widely different (although boh run on ARM). For instance, the Pico has two ARM cores, with an appropiate SDK able to leverage them. Also, Pico has an internal flash storage, which is farly larger compared to STM32 ROM storage. Finally, the Pico has a complete USB interface based on TinyUSB, which difficults to port Gnuk. These are only few examples of the difficulties of porting Gnuk to the Raspberry Pico.
+
+As a consequence, Pico OpenPGP is designed from zero. Well, not strictly from zero, as it borrows some of the cryptographic operations implemented with MbedTLS library.
+
+Whilst Gnuk is OpenPGP 2.0 with small set of enhancements, Pico OpenPGP aims at being OpenPGP 3.4 compliant, with new features (not present in Gnuk), such as Manage Security Environment (MSE) or UIF.
+
+## Security considerations
+All secret keys (asymmetric and symmetric) are stored encrypted in the flash memory of the Raspberry Pico using a Device Encyrption Key (DEK). DEK is a 256 bit AES key used to protect private and secret keys. Keys are never stored in RAM except for signature and decryption operations and only during the process. All keys (including DEK) are loaded and cleared every time to avoid potential security flaws.
+
+At the same time, DEK is encrypted with doubled salted and hashed PIN. For RP2350 and ESP32-S3 microcontrollers it is masked by a secure device 32 bytes key. Also, the PIN is hashed in memory during the session. Hence, PIN is never stored in plain text neither in flash nor in memory. Note that PIN is conveyed from the host to the Pico in plain text if no secure channel is provided.
+
+If the Pico is stolen the contents of private and secret keys cannot be read without the PIN, even if the flash memory is dumped.
+
+### RP2350 and ESP32-S3
+RP2350 and ESP32-S3 microcontrollers are equipped with advanced security features, including Secure Boot and Secure Lock, ensuring that firmware integrity and authenticity are tightly controlled. Both devices support the storage of the Device Encryption Key (DEK) in an OTP (One-Time Programmable) memory region, making it permanently inaccessible for external access or tampering. This secure, non-volatile region guarantees that critical security keys are embedded into the hardware, preventing unauthorized access and supporting robust defenses against code injection or firmware modification. Together, Secure Boot and Secure Lock enforce firmware authentication, while the DEK in OTP memory solidifies the foundation for secure operations.
+
+## Download
+**If you own an ESP32-S3 board, go to [ESP32 Flasher](https://www.picokeys.com/esp32-flasher/) for flashing your Pico OpenPGP.**
+
+If you own a Raspberry Pico (RP2040 or RP2350), go to [Download page](https://www.picokeys.com/getting-started/), select your vendor and model and download the proper firmware; or go to [Release page](https://www.github.com/polhenarejos/pico-openpgp/releases/) and download the UF2 file for your board.
+
+UF2 files are shiped with a VID/PID granted by RaspberryPi (2E8A:10FF). If you plan to use it with OpenSC or similar tools, you should modify Info.plist of CCID driver to add these VID/PID or use the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App").
+
+You can use whatever VID/PID for internal purposes, but remember that you are not authorized to distribute the binary with a VID/PID that you do not own.
+
+Note that the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App") is the most recommended.
+
+## Build for Raspberry Pico
+Before building, ensure you have installed the toolchain for the Pico and the Pico SDK is properly located in your drive.
+```
+git clone https://github.com/polhenarejos/pico-openpgp
+git submodule update --init --recursive
+cd pico-openpgp
+mkdir build
+cd build
+PICO_SDK_PATH=/path/to/pico-sdk cmake .. -DPICO_BOARD=board_type -DUSB_VID=0x1234 -DUSB_PID=0x5678
+make
+```
+Note that `PICO_BOARD`, `USB_VID` and `USB_PID` are optional. If not provided, `pico` board and VID/PID `FEFF:FCFD` will be used.
+
+Additionally, you can pass the `VIDPID=value` parameter to build the firmware with a known VID/PID. The supported values are:
+
+- `NitroHSM`
+- `NitroFIDO2`
+- `NitroStart`
+- `NitroPro`
+- `Nitro3`
+- `Yubikey5`
+- `YubikeyNeo`
+- `YubiHSM`
+- `Gnuk`
+- `GnuPG`
+
+After running `make`, the binary file `pico_openpgp.uf2` will be generated. To load this onto your Pico board:
+
+1. Put the Pico board into loading mode by holding the `BOOTSEL` button while plugging it in.
+2. Copy the `pico_openpgp.uf2` file to the new USB mass storage device that appears.
+3. Once the file is copied, the Pico mass storage device will automatically disconnect, and the Pico board will reset with the new firmware.
+4. A blinking LED will indicate that the device is ready to work.
+
+## Operation time
+### Keypair generation
+Generating EC keys is almost instant. RSA keypair generation takes some time, specially for `3072` and `4096` bits.
+
+| RSA key length (bits) | Average time (seconds) |
+| :---: | :---: |
+| 1024 | 16 |
+| 2048 | 124 |
+| 3072 | 600 |
+| 4096 | ~1000 |
+
+### Signature and decrypt
+| RSA key length (bits) | Average time (seconds) |
+| :---: | :---: |
+| 1024 | 1 |
+| 2048 | 3 |
+| 3072 | 7 |
+| 4096 | 15 |
+
+## Led blink
+Pico OpenPGP uses the led to indicate the current status. Four states are available:
+### Press to confirm
+The Led is almost on all the time. It goes off for 100 miliseconds every second.
+
+![Press to confirm](https://user-images.githubusercontent.com/55573252/162008917-6a730eac-396c-44cc-890e-802294be30a3.gif)
+
+### Idle mode
+In idle mode, the Pico OpenPGP goes to sleep. It waits for a command and it is awaken by the driver. The Led is almost off all the time. It goes on for 500 milliseconds every second.
+
+![Idle mode](https://user-images.githubusercontent.com/55573252/162008980-d5a5caad-072e-400c-98e3-2c606b4b2af9.gif)
+
+### Active mode
+In active mode, the Pico OpenPGP is awaken and ready to receive a command. It blinks four times in a second.
+
+![Active](https://user-images.githubusercontent.com/55573252/162008997-1ea8cd7e-5384-4893-9dcb-b473153fc375.gif)
+
+### Processing
+While processing, the Pico OpenPGP is busy and cannot receive additional commands until the current is processed. In this state, the Led blinks 20 times in a second.
+
+![Processing](https://user-images.githubusercontent.com/55573252/162009007-df45111e-2473-4a92-97c5-15c3cd19babd.gif)
+
+## Driver
+
+Pico OpenPGP uses the `openpgp` driver provided by [OpenSC](https://github.com/OpenSC/OpenSC/ "OpenSC"). This driver utilizes the standardized PKCS#11 interface to communicate with the user and it can be used with many engines that accept PKCS#11 interface, such as OpenSSL, P11 library or pkcs11-tool.
+
+It also accepts the use of GnuPG programs (`gpg` and `gpg2`) to manipulate the card. For instance, it can be used with the `gpg --edit-card --expert` interface to change the cryptographic keys, generate new keypairs or simply set the cardholder name.
+
+Pico OpenPGP relies on PKCS#15 structure to store and manipulate the internal files (PINs, private keys, certificates, etc.) and directories. Therefore, it accepts the commands from `pkcs15-tool`. For instance, `pkcs15-tool -D` will list all elements stored in the Pico OpenPGP.
+
+The way to communicate is exactly the same as with other cards, such as OpenPGP or similar.
+
+### Important
+OpenSC relies on PCSC driver, which reads a list (`Info.plist`) that contains a pair of VID/PID of supported readers. In order to be detectable, you have several options:
+- Use the [PicoKey App](https://www.picokeys.com/picokeyapp/ "PicoKey App") that commissions the PicoKey on-the-fly without external tools.
+- Build and configure the project with the proper VID/PID with `USB_VID` and `USB_PID` parameters in `CMake` (see [Build section](#build "Build section")). Note that you cannot distribute the patched/compiled binary if you do not own the VID/PID or have an explicit authorization.
+
+## License and Commercial Use
+
+This project is available under two editions:
+
+**Community Edition (FOSS)**
+- Released under the GNU Affero General Public License v3 (AGPLv3).
+- You are free to study, modify, and run the code, including for internal evaluation.
+- If you distribute modified binaries/firmware, OR if you run a modified version of this project as a network-accessible service, you must provide the corresponding source code to the users of that binary or service, as required by AGPLv3.
+- No warranty. No SLA. No guaranteed support.
+
+**Enterprise / Commercial Edition**
+- Proprietary license for organizations that want to:
+  - run this in production with multiple users/devices,
+  - integrate it into their own product/appliance,
+  - enforce corporate policies (PIN policy, admin/user roles, revocation),
+  - deploy it as an internal virtualized / cloud-style service,
+  - and *not* be required to publish derivative source code.
+- Base package includes:
+  - commercial license (no AGPLv3 disclosure obligation for your modifications / integration)
+  - onboarding call
+  - access to officially signed builds
+- Optional / on-demand enterprise components that can be added case-by-case:
+  - ability to operate in multi-user / multi-device environments
+  - device inventory, traceability and secure revocation/offboarding
+  - custom attestation, per-organization device identity / anti-cloning
+  - virtualization / internal "HSM or auth backend" service for multiple teams or tenants
+  - post-quantum (PQC) key material handling and secure PQC credential storage
+  - hierarchical deterministic key derivation (HD wallet–style key trees for per-user / per-tenant keys, firmware signing trees, etc.)
+  - cryptographically signed audit trail / tamper-evident logging
+  - dual-control / two-person approval for high-risk operations
+  - secure key escrow / disaster recovery strategy
+  - release-signing / supply-chain hardening toolchain
+  - policy-locked hardened mode ("FIPS-style profile")
+  - priority security-response SLA
+  - white-label demo / pre-sales bundle
+
+Typical licensing models:
+- Internal use (single legal entity, including internal private cloud / virtualized deployments).
+- OEM / Redistribution / Service (ship in your product OR offer it as a service to third parties).
+
+These options are scoped and priced individually depending on which components you actually need.
+
+For commercial licensing and enterprise features, email pol@henarejos.me
+Subject: `ENTERPRISE LICENSE <your company name>`
+
+See `ENTERPRISE.md` for details.
+
+## Credits
+Pico OpenPGP uses the following libraries or portion of code:
+- MbedTLS for cryptographic operations.
+- TinyUSB for low level USB procedures.
+

build_pico_openpgp.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+VERSION_MAJOR="4"
+VERSION_MINOR="4"
+SUFFIX="${VERSION_MAJOR}.${VERSION_MINOR}"
+#if ! [[ -z "${GITHUB_SHA}" ]]; then
+#    SUFFIX="${SUFFIX}.${GITHUB_SHA}"
+#fi
+
+mkdir -p build_release
+mkdir -p release
+rm -rf -- release/*
+cd build_release
+
+PICO_SDK_PATH="${PICO_SDK_PATH:-../../pico-sdk}"
+SECURE_BOOT_PKEY="${SECURE_BOOT_PKEY:-../../ec_private_key.pem}"
+boards=("pico" "pico2")
+
+for board_name in "${boards[@]}"
+do
+    rm -rf -- ./*
+    PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name -DSECURE_BOOT_PKEY=${SECURE_BOOT_PKEY}
+    make -j`nproc`
+    mv pico_openpgp.uf2 ../release/pico_openpgp_$board_name-$SUFFIX.uf2
+done

patch_vidpid.sh

@@ -0,0 +1,94 @@
+#!/bin/bash
+
+#
+# This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+# Copyright (c) 2022 Pol Henarejos.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 3.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+VERSION_MAJOR="5" #Version of Pico Keys SDK
+VERSION_MINOR="0"
+
+echo "----------------------------"
+echo "VID/PID patcher for Pico OpenPGP"
+echo "----------------------------"
+echo ""
+
+if [ "$#" -le 0 ]; then
+    echo "Usage: $0 VID:PID [input_uf2_file] [output_uf2_file]"
+    exit 1
+fi
+
+IFS=':' read -r -a ARR <<< "$1"
+
+if [ ${#ARR[@]} -ne 2 ]; then
+    echo "ERROR: Specify vendor and product ids as VID:PID (e.g., $0 CAFE:1234)"
+    exit 1
+fi
+
+VID=${ARR[0]}
+PID=${ARR[1]}
+
+if [ ${#VID} -ne 4 ]; then
+    echo "ERROR: VID length must be 4 hexadecimal characters"
+    exit 1
+fi
+
+if [ ${#PID} -ne 4 ]; then
+    echo "ERROR: PID length must be 4 hexadecimal characters"
+    exit 1
+fi
+
+if ! [[ $VID =~ ^[0-9A-Fa-f]{1,}$ ]] ; then
+    echo "ERROR: VID must contain hexadecimal characters"
+    exit 1
+fi
+
+if ! [[ $PID =~ ^[0-9A-Fa-f]{1,}$ ]] ; then
+    echo "ERROR: PID must contain hexadecimal characters"
+    exit 1
+fi
+
+UF2_FILE_IF="pico_openpgp.uf2"
+UF2_FILE_OF="$UF2_FILE_IF"
+
+if [ "$#" -ge 2 ]; then
+    UF2_FILE_IF="$2"
+    UF2_FILE_OF="$UF2_FILE_IF"
+fi
+
+if [ "$#" -ge 3 ]; then
+    UF2_FILE_OF="$3"
+fi
+
+
+echo -n "Patching ${UF2_FILE_IF}... "
+
+if [[ ! -f "$UF2_FILE_IF" ]]; then
+    echo "ERROR: UF2 file ${UF2_FILE_IF} does not exist"
+    exit 1
+fi
+
+if [ "$UF2_FILE_IF" != "$UF2_FILE_OF" ]; then
+    cp -R $UF2_FILE_IF $UF2_FILE_OF
+fi
+
+LITTLE_VID="\x${VID:2:2}\x${VID:0:2}"
+LITTLE_PID="\x${PID:2:2}\x${PID:0:2}"
+
+perl -pi -e "s/\xff\xfe\xfd\xfc\x$VERSION_MINOR\x$VERSION_MAJOR\x01\x02\x03\x01/$LITTLE_VID$LITTLE_PID\x$VERSION_MINOR\x$VERSION_MAJOR\x01\x02\x03\x01/" $UF2_FILE_OF
+
+echo "Done!"
+echo ""
+echo "Patched file was saved in ${UF2_FILE_OF}"

pico_sdk_import.cmake

@@ -18,9 +18,20 @@ if (DEFINED ENV{PICO_SDK_FETCH_FROM_GIT_PATH} AND (NOT PICO_SDK_FETCH_FROM_GIT_P
     message("Using PICO_SDK_FETCH_FROM_GIT_PATH from environment ('${PICO_SDK_FETCH_FROM_GIT_PATH}')")
 endif ()
 
+if (DEFINED ENV{PICO_SDK_FETCH_FROM_GIT_TAG} AND (NOT PICO_SDK_FETCH_FROM_GIT_TAG))
+    set(PICO_SDK_FETCH_FROM_GIT_TAG $ENV{PICO_SDK_FETCH_FROM_GIT_TAG})
+    message("Using PICO_SDK_FETCH_FROM_GIT_TAG from environment ('${PICO_SDK_FETCH_FROM_GIT_TAG}')")
+endif ()
+
+if (PICO_SDK_FETCH_FROM_GIT AND NOT PICO_SDK_FETCH_FROM_GIT_TAG)
+  set(PICO_SDK_FETCH_FROM_GIT_TAG "master")
+  message("Using master as default value for PICO_SDK_FETCH_FROM_GIT_TAG")
+endif()
+
 set(PICO_SDK_PATH "${PICO_SDK_PATH}" CACHE PATH "Path to the Raspberry Pi Pico SDK")
 set(PICO_SDK_FETCH_FROM_GIT "${PICO_SDK_FETCH_FROM_GIT}" CACHE BOOL "Set to ON to fetch copy of SDK from git if not otherwise locatable")
 set(PICO_SDK_FETCH_FROM_GIT_PATH "${PICO_SDK_FETCH_FROM_GIT_PATH}" CACHE FILEPATH "location to download SDK")
+set(PICO_SDK_FETCH_FROM_GIT_TAG "${PICO_SDK_FETCH_FROM_GIT_TAG}" CACHE FILEPATH "release tag for SDK")
 
 if (NOT PICO_SDK_PATH)
     if (PICO_SDK_FETCH_FROM_GIT)
@@ -29,11 +40,22 @@ if (NOT PICO_SDK_PATH)
         if (PICO_SDK_FETCH_FROM_GIT_PATH)
             get_filename_component(FETCHCONTENT_BASE_DIR "${PICO_SDK_FETCH_FROM_GIT_PATH}" REALPATH BASE_DIR "${CMAKE_SOURCE_DIR}")
         endif ()
+        # GIT_SUBMODULES_RECURSE was added in 3.17
+        if (${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.17.0")
             FetchContent_Declare(
                     pico_sdk
                     GIT_REPOSITORY https://github.com/raspberrypi/pico-sdk
-                GIT_TAG master
+                    GIT_TAG ${PICO_SDK_FETCH_FROM_GIT_TAG}
+                    GIT_SUBMODULES_RECURSE FALSE
             )
+        else ()
+            FetchContent_Declare(
+                    pico_sdk
+                    GIT_REPOSITORY https://github.com/raspberrypi/pico-sdk
+                    GIT_TAG ${PICO_SDK_FETCH_FROM_GIT_TAG}
+            )
+        endif ()
+
         if (NOT pico_sdk)
             message("Downloading Raspberry Pi Pico SDK")
             FetchContent_Populate(pico_sdk)

sdkconfig.defaults

@@ -0,0 +1,58 @@
+# This file was generated using idf.py save-defconfig. It can be edited manually.
+# Espressif IoT Development Framework (ESP-IDF) Project Minimal Configuration
+#
+IGNORE_UNKNOWN_FILES_FOR_MANAGED_COMPONENTS=1
+
+CONFIG_TINYUSB=y
+CONFIG_TINYUSB_TASK_STACK_SIZE=16384
+
+CONFIG_PARTITION_TABLE_CUSTOM=y
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="pico-keys-sdk/config/esp32/partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="pico-keys-sdk/config/esp32/partitions.csv"
+CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y
+CONFIG_ESPTOOLPY_FLASHMODE_QIO=y
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+CONFIG_WL_SECTOR_SIZE_512=y
+CONFIG_WL_SECTOR_MODE_PERF=y
+COMPILER_OPTIMIZATION="Performance"
+
+CONFIG_MBEDTLS_CMAC_C=y
+CONFIG_MBEDTLS_CHACHA20_C=y
+CONFIG_MBEDTLS_POLY1305_C=y
+CONFIG_MBEDTLS_CHACHAPOLY_C=y
+CONFIG_MBEDTLS_HKDF_C=y
+CONFIG_MBEDTLS_HARDWARE_ECC=y
+CONFIG_MBEDTLS_HARDWARE_GCM=y
+CONFIG_MBEDTLS_DES_C=y
+# CONFIG_MBEDTLS_HARDWARE_MPI is not set
+CONFIG_MBEDTLS_HARDWARE_SHA=y
+CONFIG_MBEDTLS_HARDWARE_AES=y
+# CONFIG_MBEDTLS_ROM_MD5 is not set
+CONFIG_MBEDTLS_SHA512_C=y
+CONFIG_MBEDTLS_TLS_DISABLED=y
+# CONFIG_MBEDTLS_TLS_ENABLED is not set
+# CONFIG_ESP_TLS_USE_DS_PERIPHERAL is not set
+# CONFIG_ESP_WIFI_ENABLED is not set
+# CONFIG_ESP_WIFI_MBEDTLS_CRYPTO is not set
+# CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT is not set
+# CONFIG_WPA_MBEDTLS_CRYPTO is not set
+# CONFIG_MBEDTLS_PSK_MODES is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_RSA is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA is not set
+# CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA is not set
+# CONFIG_MBEDTLS_SSL_RENEGOTIATION is not set
+# CONFIG_MBEDTLS_SSL_PROTO_TLS1_2 is not set
+# CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1 is not set
+# CONFIG_MBEDTLS_SSL_PROTO_DTLS is not set
+# CONFIG_MBEDTLS_SSL_ALPN is not set
+# CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS is not set
+# CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS is not set
+# CONFIG_ESP32_WIFI_ENABLE_WPA3_SAE is not set
+# CONFIG_ESP32_WIFI_ENABLE_WPA3_OWE_STA is not set
+# CONFIG_ESP_WIFI_ENABLE_WPA3_SAE is not set
+# CONFIG_ESP_WIFI_ENABLE_WPA3_OWE_STA is not set
+
+CONFIG_ESP_COREDUMP_ENABLE_TO_UART=y

src/openpgp/CMakeLists.txt

@@ -0,0 +1,6 @@
+idf_component_register(
+    SRCS ${SOURCES}
+    INCLUDE_DIRS .
+    REQUIRES mbedtls efuse pico-keys-sdk
+)
+idf_component_set_property(${COMPONENT_NAME} WHOLE_ARCHIVE ON)

src/openpgp/cmd_activate_file.c

@@ -0,0 +1,22 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_activate_file() {
+    return SW_OK();
+}

src/openpgp/cmd_challenge.c

@@ -0,0 +1,29 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "random.h"
+
+int cmd_challenge() {
+    uint8_t *rb = (uint8_t *) random_bytes_get(apdu.ne);
+    if (!rb) {
+        return SW_WRONG_LENGTH();
+    }
+    memcpy(res_APDU, rb, apdu.ne);
+    res_APDU_size = apdu.ne;
+    return SW_OK();
+}

src/openpgp/cmd_change_pin.c

@@ -0,0 +1,69 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "otp.h"
+
+int cmd_change_pin() {
+    if (P1(apdu) != 0x0) {
+        return SW_WRONG_P1P2();
+    }
+    uint16_t fid = 0x1000 | P2(apdu);
+    file_t *pw;
+    if (!(pw = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    uint8_t pin_len = file_get_data(pw)[0];
+    uint16_t r = 0;
+    r = check_pin(pw, apdu.data, pin_len);
+    if (r != 0x9000) {
+        return r;
+    }
+    if ((r = load_dek()) != PICOKEY_OK) {
+        return SW_EXEC_ERROR();
+    }
+
+    if (otp_key_1) {
+        for (int i = 0; i < 32; i++) {
+            dek[IV_SIZE + i] ^= otp_key_1[i];
+        }
+    }
+    uint8_t dhash[33];
+    dhash[0] = apdu.nc - pin_len;
+    double_hash_pin(apdu.data + pin_len, apdu.nc - pin_len, dhash + 1);
+    file_put_data(pw, dhash, sizeof(dhash));
+
+    file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
+    if (!tf) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    uint8_t def[IV_SIZE + 32 + 32 + 32 + 32] = {0};
+    memcpy(def, file_get_data(tf), file_get_size(tf));
+    if (P2(apdu) == 0x81) {
+        hash_multi(apdu.data + pin_len, apdu.nc - pin_len, session_pw1);
+        memcpy(def + IV_SIZE, dek + IV_SIZE, 32);
+        aes_encrypt_cfb_256(session_pw1, def, def + IV_SIZE, 32);
+    }
+    else if (P2(apdu) == 0x83) {
+        hash_multi(apdu.data + pin_len, apdu.nc - pin_len, session_pw3);
+        memcpy(def + IV_SIZE + 32 + 32, dek + IV_SIZE, 32);
+        aes_encrypt_cfb_256(session_pw3, def, def + IV_SIZE + 32 + 32, 32);
+    }
+    file_put_data(tf, def, sizeof(def));
+    low_flash_available();
+    return SW_OK();
+}

src/openpgp/cmd_get_data.c

@@ -0,0 +1,149 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "asn1.h"
+
+extern bool is_gpg;
+
+int cmd_get_data() {
+    if (apdu.nc > 0) {
+        return SW_WRONG_LENGTH();
+    }
+    uint16_t fid = (P1(apdu) << 8) | P2(apdu);
+    file_t *ef;
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (fid == EF_PRIV_DO_3) {
+        if (!has_pw2 && !has_pw3) {
+            return SW_SECURITY_STATUS_NOT_SATISFIED();
+        }
+    }
+    else if (fid == EF_PRIV_DO_4) {
+        if (!has_pw3) {
+            return SW_SECURITY_STATUS_NOT_SATISFIED();
+        }
+    }
+    else if (!authenticate_action(ef, ACL_OP_READ_SEARCH)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if (currentEF && currentEF->fid == fid) { // previously selected same EF
+        ef = currentEF;
+    }
+    else {
+        select_file(ef);
+    }
+    if (ef->data) {
+        if (fid == EF_PW_STATUS || fid == EF_HIST_BYTES || fid == EF_FULL_AID || fid == EF_SEC_TPL) {
+            is_gpg = true;
+        }
+        uint16_t fids[] = { 1, fid };
+        uint16_t data_len = parse_do(fids, 1);
+        if (!(ef->type & FILE_DATA_FLASH)) {
+            uint8_t *p = NULL;
+            uint16_t tg = 0;
+            uint16_t tg_len = 0;
+            asn1_ctx_t ctxi;
+            asn1_ctx_init(res_APDU, data_len, &ctxi);
+            if (walk_tlv(&ctxi, &p, &tg, &tg_len, NULL)) {
+                uint8_t dec = 2;
+                if ((tg & 0x1f) == 0x1f) {
+                    dec++;
+                }
+                if ((res_APDU[dec - 1] & 0xF0) == 0x80) {
+                    dec += (res_APDU[dec - 1] & 0x0F);
+                }
+                if (tg_len + dec == data_len) {
+                    memmove(res_APDU, res_APDU + dec, data_len - dec);
+                    data_len -= dec;
+                    res_APDU_size -= dec;
+                }
+            }
+        }
+        if (is_gpg == false) {
+            uint8_t off = 2;
+            if (P1(apdu) > 0x0) {
+                off++;
+            }
+            if (data_len >= 128) {
+                off++;
+            }
+            if (data_len >= 256) {
+                off++;
+            }
+            memmove(res_APDU + off, res_APDU, data_len);
+            off = 0;
+            if (P1(apdu) > 0x0) {
+                res_APDU[off++] = P1(apdu);
+                res_APDU[off++] = P2(apdu);
+            }
+            else {
+                res_APDU[off++] = P2(apdu);
+            }
+            if (data_len >= 256) {
+                res_APDU[off++] = 0x82;
+                res_APDU[off++] = (data_len >> 8) & 0xff;
+                res_APDU[off++] = data_len & 0xff;
+            }
+            else if (data_len >= 128) {
+                res_APDU[off++] = 0x81;
+                res_APDU[off++] = data_len;
+            }
+            else {
+                res_APDU[off++] = data_len;
+            }
+            res_APDU_size += off;
+        }
+        // if (apdu.ne > data_len)
+        //     apdu.ne = data_len;
+    }
+    return SW_OK();
+}
+
+int cmd_get_next_data() {
+    file_t *ef = NULL;
+    if (apdu.nc > 0) {
+        return SW_WRONG_LENGTH();
+    }
+    if (!currentEF) {
+        return SW_RECORD_NOT_FOUND();
+    }
+    uint16_t fid = (P1(apdu) << 8) | P2(apdu);
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!authenticate_action(ef, ACL_OP_UPDATE_ERASE)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if ((currentEF->fid & 0x1FF0) != (fid & 0x1FF0)) {
+        return SW_WRONG_P1P2();
+    }
+    fid = currentEF->fid + 1; //curentEF contains private DO. so, we select the next one
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    select_file(ef);
+    return cmd_get_data();
+}
+
+int cmd_get_bulk_data() {
+    if (apdu.nc < 3) {
+        return SW_WRONG_LENGTH();
+    }
+    return bulk_cmd(cmd_get_data);
+}

src/openpgp/cmd_import_data.c

@@ -0,0 +1,216 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#ifdef ESP_PLATFORM
+#include "esp_compat.h"
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#else
+#include "common.h"
+#endif
+#include "openpgp.h"
+#include "random.h"
+#include "do.h"
+
+uint16_t tag_len(uint8_t **data) {
+    size_t len = *(*data)++;
+    if (len == 0x82) {
+        len = *(*data)++ << 8;
+        len |= *(*data)++;
+    }
+    else if (len == 0x81) {
+        len = *(*data)++;
+    }
+    return len;
+}
+
+int cmd_import_data() {
+    file_t *ef = NULL;
+    uint16_t fid = 0x0;
+    if (P1(apdu) != 0x3F || P2(apdu) != 0xFF) {
+        return SW_WRONG_P1P2();
+    }
+    if (apdu.nc < 5) {
+        return SW_WRONG_LENGTH();
+    }
+    uint8_t *start = apdu.data;
+    if (*start++ != 0x4D) {
+        return SW_WRONG_DATA();
+    }
+    uint16_t tgl = tag_len(&start);
+    if (*start != 0xB6 && *start != 0xB8 && *start != 0xA4) {
+        return SW_WRONG_DATA();
+    }
+    if (*start == 0xB6) {
+        fid = EF_PK_SIG;
+    }
+    else if (*start == 0xB8) {
+        fid = EF_PK_DEC;
+    }
+    else if (*start == 0xA4) {
+        fid = EF_PK_AUT;
+    }
+    else {
+        return SW_WRONG_DATA();
+    }
+    start++;
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!authenticate_action(ef, ACL_OP_UPDATE_ERASE)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    start += (*start + 1);
+    if (*start++ != 0x7F || *start++ != 0x48) {
+        return SW_WRONG_DATA();
+    }
+    tgl = tag_len(&start);
+    uint8_t *end = start + tgl, *p[9] = { 0 };
+    uint16_t len[9] = { 0 };
+    while (start < end) {
+        uint8_t tag = *start++;
+        if ((tag >= 0x91 && tag <= 0x97) || tag == 0x99) {
+            len[tag - 0x91] = tag_len(&start);
+        }
+        else {
+            return SW_WRONG_DATA();
+        }
+    }
+    if (*start++ != 0x5F || *start++ != 0x48) {
+        return SW_WRONG_DATA();
+    }
+    tgl = tag_len(&start);
+    end = start + tgl;
+    for (int t = 0; start < end && t < 9; t++) {
+        if (len[t] > 0) {
+            p[t] = start;
+            start += len[t];
+        }
+    }
+
+    file_t *algo_ef = search_by_fid(fid - 0x0010, NULL, SPECIFY_EF);
+    if (!algo_ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    const uint8_t *algo = algorithm_attr_rsa2k + 1;
+    uint16_t algo_len = algorithm_attr_rsa2k[0];
+    if (algo_ef && algo_ef->data) {
+        algo = file_get_data(algo_ef);
+        algo_len = file_get_size(algo_ef);
+    }
+    int r = 0;
+    if (algo[0] == ALGO_RSA) {
+        mbedtls_rsa_context rsa;
+        if (p[0] == NULL || len[0] == 0 || p[1] == NULL || len[1] == 0 || p[2] == NULL ||
+            len[2] == 0) {
+            return SW_WRONG_DATA();
+        }
+        mbedtls_rsa_init(&rsa);
+        r = mbedtls_mpi_read_binary(&rsa.E, p[0], len[0]);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = mbedtls_mpi_read_binary(&rsa.P, p[1], len[1]);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = mbedtls_mpi_read_binary(&rsa.Q, p[2], len[2]);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = mbedtls_rsa_import(&rsa, NULL, &rsa.P, &rsa.Q, NULL, &rsa.E);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = mbedtls_rsa_complete(&rsa);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = mbedtls_rsa_check_privkey(&rsa);
+        if (r != 0) {
+            mbedtls_rsa_free(&rsa);
+            return SW_EXEC_ERROR();
+        }
+        r = store_keys(&rsa, ALGO_RSA, fid, true);
+        make_rsa_response(&rsa);
+        mbedtls_rsa_free(&rsa);
+        if (r != PICOKEY_OK) {
+            return SW_EXEC_ERROR();
+        }
+    }
+    else if (algo[0] == ALGO_ECDSA || algo[0] == ALGO_ECDH || algo[0] == ALGO_EDDSA) {
+        mbedtls_ecp_keypair ecdsa;
+        if (p[1] == NULL || len[1] == 0) {
+            return SW_WRONG_DATA();
+        }
+        mbedtls_ecp_group_id gid = get_ec_group_id_from_attr(algo + 1, algo_len - 1);
+        if (gid == MBEDTLS_ECP_DP_NONE) {
+            return SW_FUNC_NOT_SUPPORTED();
+        }
+        mbedtls_ecp_keypair_init(&ecdsa);
+        if (gid == MBEDTLS_ECP_DP_CURVE25519) {
+            mbedtls_ecp_group_load(&ecdsa.grp, gid);
+            r = mbedtls_mpi_read_binary(&ecdsa.d, p[1], len[1]);
+        }
+        else {
+            r = mbedtls_ecp_read_key(gid, &ecdsa, p[1], len[1]);
+        }
+        if (r != 0) {
+            mbedtls_ecp_keypair_free(&ecdsa);
+            return SW_EXEC_ERROR();
+        }
+#ifdef MBEDTLS_EDDSA_C
+        if (ecdsa.grp.id == MBEDTLS_ECP_DP_ED25519) {
+            r = mbedtls_ecp_point_edwards(&ecdsa.grp, &ecdsa.Q, &ecdsa.d, random_gen, NULL);
+        }
+        else
+#endif
+        {
+            r = mbedtls_ecp_mul(&ecdsa.grp, &ecdsa.Q, &ecdsa.d, &ecdsa.grp.G, random_gen, NULL);
+        }
+        if (r != 0) {
+            mbedtls_ecp_keypair_free(&ecdsa);
+            return SW_EXEC_ERROR();
+        }
+        r = store_keys(&ecdsa, ALGO_ECDSA, fid, true);
+        make_ecdsa_response(&ecdsa);
+        mbedtls_ecp_keypair_free(&ecdsa);
+        if (r != PICOKEY_OK) {
+            return SW_EXEC_ERROR();
+        }
+    }
+    else {
+        return SW_FUNC_NOT_SUPPORTED();
+    }
+    if (fid == EF_PK_SIG) {
+        reset_sig_count();
+    }
+    file_t *pbef = search_by_fid(fid + 3, NULL, SPECIFY_EF);
+    if (!pbef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    r = file_put_data(pbef, res_APDU, res_APDU_size);
+    if (r != PICOKEY_OK) {
+        return SW_EXEC_ERROR();
+    }
+    res_APDU_size = 0; //make_*_response sets a response. we need to overwrite
+    return SW_OK();
+}

src/openpgp/cmd_internal_aut.c

@@ -0,0 +1,77 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "do.h"
+
+int cmd_internal_aut() {
+    if (P1(apdu) != 0x00 || P2(apdu) != 0x00) {
+        return SW_WRONG_P1P2();
+    }
+    if (!has_pw3 && !has_pw2) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    file_t *algo_ef = search_by_fid(algo_aut, NULL, SPECIFY_EF);
+    if (!algo_ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    const uint8_t *algo = algorithm_attr_rsa2k + 1;
+    if (algo_ef && algo_ef->data) {
+        algo = file_get_data(algo_ef);
+    }
+    file_t *ef = search_by_fid(pk_aut, NULL, SPECIFY_EF);
+    if (!ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (wait_button_pressed_fid(EF_UIF_AUT) == true) {
+        return SW_SECURE_MESSAGE_EXEC_ERROR();
+    }
+    int r = PICOKEY_OK;
+    if (algo[0] == ALGO_RSA) {
+        mbedtls_rsa_context ctx;
+        mbedtls_rsa_init(&ctx);
+        r = load_private_key_rsa(&ctx, ef, true);
+        if (r != PICOKEY_OK) {
+            mbedtls_rsa_free(&ctx);
+            return SW_EXEC_ERROR();
+        }
+        size_t olen = 0;
+        r = rsa_sign(&ctx, apdu.data, apdu.nc, res_APDU, &olen);
+        mbedtls_rsa_free(&ctx);
+        if (r != 0) {
+            return SW_EXEC_ERROR();
+        }
+        res_APDU_size = olen;
+    }
+    else if (algo[0] == ALGO_ECDH || algo[0] == ALGO_ECDSA || algo[0] == ALGO_EDDSA) {
+        mbedtls_ecp_keypair ctx;
+        mbedtls_ecp_keypair_init(&ctx);
+        r = load_private_key_ecdsa(&ctx, ef, true);
+        if (r != PICOKEY_OK) {
+            mbedtls_ecp_keypair_free(&ctx);
+            return SW_EXEC_ERROR();
+        }
+        size_t olen = 0;
+        r = ecdsa_sign(&ctx, apdu.data, apdu.nc, res_APDU, &olen);
+        mbedtls_ecp_keypair_free(&ctx);
+        if (r != 0) {
+            return SW_EXEC_ERROR();
+        }
+        res_APDU_size = olen;
+    }
+    return SW_OK();
+}

src/openpgp/cmd_keypair_gen.c

@@ -0,0 +1,138 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "do.h"
+#include "random.h"
+
+int cmd_keypair_gen() {
+    if (P2(apdu) != 0x0) {
+        return SW_INCORRECT_P1P2();
+    }
+    if (apdu.nc != 2 && apdu.nc != 5) {
+        return SW_WRONG_LENGTH();
+    }
+    if (!has_pw3 && P1(apdu) == 0x80) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+
+    uint16_t fid = 0x0;
+    int r = PICOKEY_OK;
+    if (apdu.data[0] == 0xB6) {
+        fid = EF_PK_SIG;
+    }
+    else if (apdu.data[0] == 0xB8) {
+        fid = EF_PK_DEC;
+    }
+    else if (apdu.data[0] == 0xA4) {
+        fid = EF_PK_AUT;
+    }
+    else {
+        return SW_WRONG_DATA();
+    }
+
+    file_t *algo_ef = search_by_fid(fid - 0x0010, NULL, SPECIFY_EF);
+    if (!algo_ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    const uint8_t *algo = algorithm_attr_rsa2k + 1;
+    uint16_t algo_len = algorithm_attr_rsa2k[0];
+    if (algo_ef && algo_ef->data) {
+        algo = file_get_data(algo_ef);
+        algo_len = file_get_size(algo_ef);
+    }
+    if (P1(apdu) == 0x80) { //generate
+        if (algo[0] == ALGO_RSA) {
+            int exponent = 65537, nlen = (algo[1] << 8) | algo[2];
+            printf("KEYPAIR RSA %d\r\n", nlen);
+            //if (nlen != 2048 && nlen != 4096)
+            //    return SW_FUNC_NOT_SUPPORTED();
+            mbedtls_rsa_context rsa;
+            mbedtls_rsa_init(&rsa);
+            uint8_t index = 0;
+            r = mbedtls_rsa_gen_key(&rsa, random_gen, &index, nlen, exponent);
+            if (r != 0) {
+                mbedtls_rsa_free(&rsa);
+                return SW_EXEC_ERROR();
+            }
+            r = store_keys(&rsa, ALGO_RSA, fid, true);
+            make_rsa_response(&rsa);
+            mbedtls_rsa_free(&rsa);
+            if (r != PICOKEY_OK) {
+                return SW_EXEC_ERROR();
+            }
+        }
+        else if (algo[0] == ALGO_ECDH || algo[0] == ALGO_ECDSA || algo[0] == ALGO_EDDSA) {
+            printf("KEYPAIR ECDSA\r\n");
+            mbedtls_ecp_group_id gid = get_ec_group_id_from_attr(algo + 1, algo_len - 1);
+            if (gid == MBEDTLS_ECP_DP_NONE) {
+                return SW_FUNC_NOT_SUPPORTED();
+            }
+            mbedtls_ecp_keypair ecdsa;
+            mbedtls_ecp_keypair_init(&ecdsa);
+            uint8_t index = 0;
+            r = mbedtls_ecdsa_genkey(&ecdsa, gid, random_gen, &index);
+            if (r != 0) {
+                mbedtls_ecp_keypair_free(&ecdsa);
+                return SW_EXEC_ERROR();
+            }
+            r = store_keys(&ecdsa, algo[0], fid, true);
+            make_ecdsa_response(&ecdsa);
+            mbedtls_ecp_keypair_free(&ecdsa);
+            if (r != PICOKEY_OK) {
+                return SW_EXEC_ERROR();
+            }
+        }
+        else {
+            return SW_FUNC_NOT_SUPPORTED();
+        }
+        file_t *pbef = search_by_fid(fid + 3, NULL, SPECIFY_EF);
+        if (!pbef) {
+            return SW_REFERENCE_NOT_FOUND();
+        }
+        r = file_put_data(pbef, res_APDU, res_APDU_size);
+        if (r != PICOKEY_OK) {
+            return SW_EXEC_ERROR();
+        }
+        if (fid == EF_PK_SIG) {
+            reset_sig_count();
+        }
+        else if (fid == EF_PK_DEC) {
+            // OpenPGP does not allow generating AES keys. So, we generate a new one when gen for DEC is called.
+            // It is a 256 AES key by default.
+            uint8_t aes_key[32]; //maximum AES key size
+            uint8_t key_size = 32;
+            memcpy(aes_key, random_bytes_get(key_size), key_size);
+            r = store_keys(aes_key, ALGO_AES_256, EF_AES_KEY, true);
+            /* if storing the key fails, we silently continue */
+            //if (r != PICOKEY_OK)
+            //    return SW_EXEC_ERROR();
+        }
+        low_flash_available();
+        return SW_OK();
+    }
+    else if (P1(apdu) == 0x81) { //read
+        file_t *ef = search_by_fid(fid + 3, NULL, SPECIFY_EF);
+        if (!file_has_data(ef)) {
+            return SW_REFERENCE_NOT_FOUND();
+        }
+        res_APDU_size = file_get_size(ef);
+        memcpy(res_APDU, file_get_data(ef), res_APDU_size);
+        return SW_OK();
+    }
+    return SW_INCORRECT_P1P2();
+}

src/openpgp/cmd_mse.c

@@ -0,0 +1,49 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_mse() {
+    if (P1(apdu) != 0x41 || (P2(apdu) != 0xA4 && P2(apdu) != 0xB8)) {
+        return SW_WRONG_P1P2();
+    }
+    if (apdu.data[0] != 0x83 || apdu.data[1] != 0x1 ||
+        (apdu.data[2] != 0x2 && apdu.data[2] != 0x3)) {
+        return SW_WRONG_DATA();
+    }
+    if (P2(apdu) == 0xA4) {
+        if (apdu.data[2] == 0x2) {
+            algo_dec = EF_ALGO_PRIV2;
+            pk_dec = EF_PK_DEC;
+        }
+        else if (apdu.data[2] == 0x3) {
+            algo_dec = EF_ALGO_PRIV3;
+            pk_dec = EF_PK_AUT;
+        }
+    }
+    else if (P2(apdu) == 0xB8) {
+        if (apdu.data[2] == 0x2) {
+            algo_aut = EF_ALGO_PRIV2;
+            pk_aut = EF_PK_DEC;
+        }
+        else if (apdu.data[2] == 0x3) {
+            algo_aut = EF_ALGO_PRIV3;
+            pk_aut = EF_PK_AUT;
+        }
+    }
+    return SW_OK();
+}

src/openpgp/cmd_pso.c

@@ -0,0 +1,213 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#ifdef ESP_PLATFORM
+#include "esp_compat.h"
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#else
+#include "common.h"
+#endif
+#include "openpgp.h"
+#include "do.h"
+#include "random.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/asn1.h"
+
+int cmd_pso() {
+    uint16_t algo_fid = 0x0, pk_fid = 0x0;
+    bool is_aes = false;
+    if (P1(apdu) == 0x9E && P2(apdu) == 0x9A) {
+        if (!has_pw3 && !has_pw1) {
+            return SW_SECURITY_STATUS_NOT_SATISFIED();
+        }
+        algo_fid = EF_ALGO_PRIV1;
+        pk_fid = EF_PK_SIG;
+    }
+    else if (P1(apdu) == 0x80 && P2(apdu) == 0x86) {
+        if (!has_pw3 && !has_pw2) {
+            return SW_SECURITY_STATUS_NOT_SATISFIED();
+        }
+        algo_fid = algo_dec;
+        pk_fid = pk_dec;
+    }
+    else {
+        return SW_INCORRECT_P1P2();
+    }
+    file_t *algo_ef = search_by_fid(algo_fid, NULL, SPECIFY_EF);
+    if (!algo_ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    const uint8_t *algo = algorithm_attr_rsa2k + 1;
+    if (algo_ef && algo_ef->data) {
+        algo = file_get_data(algo_ef);
+    }
+    if (apdu.data[0] == 0x2) { //AES PSO?
+        if (((apdu.nc - 1) % 16 == 0 && P1(apdu) == 0x80 && P2(apdu) == 0x86) ||
+            (apdu.nc % 16 == 0 && P1(apdu) == 0x86 && P2(apdu) == 0x80)) {
+            pk_fid = EF_AES_KEY;
+            is_aes = true;
+        }
+    }
+    file_t *ef = search_by_fid(pk_fid, NULL, SPECIFY_EF);
+    if (!ef) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (wait_button_pressed_fid(pk_fid == EF_PK_SIG ? EF_UIF_SIG : EF_UIF_DEC) == true) {
+        return SW_SECURE_MESSAGE_EXEC_ERROR();
+    }
+    int r = PICOKEY_OK;
+    int key_size = file_get_size(ef);
+    if (is_aes) {
+        uint8_t aes_key[32];
+        r = load_aes_key(aes_key, ef);
+        if (r != PICOKEY_OK) {
+            memset(aes_key, 0, sizeof(aes_key));
+            return SW_EXEC_ERROR();
+        }
+        if (P1(apdu) == 0x80 && P2(apdu) == 0x86) { //decipher
+            r = aes_decrypt(aes_key, NULL, key_size, PICO_KEYS_AES_MODE_CBC, apdu.data + 1, apdu.nc - 1);
+            memset(aes_key, 0, sizeof(aes_key));
+            if (r != PICOKEY_OK) {
+                return SW_EXEC_ERROR();
+            }
+            memcpy(res_APDU, apdu.data + 1, apdu.nc - 1);
+            res_APDU_size = apdu.nc - 1;
+        }
+        else if (P1(apdu) == 0x86 && P2(apdu) == 0x80) { //encipher
+            r = aes_encrypt(aes_key, NULL, key_size, PICO_KEYS_AES_MODE_CBC, apdu.data, apdu.nc);
+            memset(aes_key, 0, sizeof(aes_key));
+            if (r != PICOKEY_OK) {
+                return SW_EXEC_ERROR();
+            }
+            res_APDU[0] = 0x2;
+            memcpy(res_APDU + 1, apdu.data, apdu.nc);
+            res_APDU_size = apdu.nc + 1;
+        }
+        return SW_OK();
+    }
+    if (algo[0] == ALGO_RSA) {
+        mbedtls_rsa_context ctx;
+        mbedtls_rsa_init(&ctx);
+        r = load_private_key_rsa(&ctx, ef, true);
+        if (r != PICOKEY_OK) {
+            mbedtls_rsa_free(&ctx);
+            return SW_EXEC_ERROR();
+        }
+        if (P1(apdu) == 0x9E && P2(apdu) == 0x9A) {
+            size_t olen = 0;
+            r = rsa_sign(&ctx, apdu.data, apdu.nc, res_APDU, &olen);
+            mbedtls_rsa_free(&ctx);
+            if (r != 0) {
+                return SW_EXEC_ERROR();
+            }
+            res_APDU_size = olen;
+            //apdu.ne = key_size;
+            inc_sig_count();
+        }
+        else if (P1(apdu) == 0x80 && P2(apdu) == 0x86) {
+            if (apdu.nc < key_size) { //needs padding
+                memset(apdu.data + apdu.nc, 0, key_size - apdu.nc);
+            }
+            size_t olen = 0;
+            r = mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                          random_gen,
+                                          NULL,
+                                          &olen,
+                                          apdu.data + 1,
+                                          res_APDU,
+                                          key_size);
+            mbedtls_rsa_free(&ctx);
+            if (r != 0) {
+                return SW_EXEC_ERROR();
+            }
+            res_APDU_size = olen;
+        }
+    }
+    else if (algo[0] == ALGO_ECDH || algo[0] == ALGO_ECDSA || algo[0] == ALGO_EDDSA) {
+        if (P1(apdu) == 0x9E && P2(apdu) == 0x9A) {
+            mbedtls_ecp_keypair ctx;
+            mbedtls_ecp_keypair_init(&ctx);
+            r = load_private_key_ecdsa(&ctx, ef, true);
+            if (r != PICOKEY_OK) {
+                mbedtls_ecp_keypair_free(&ctx);
+                return SW_EXEC_ERROR();
+            }
+            size_t olen = 0;
+            r = ecdsa_sign(&ctx, apdu.data, apdu.nc, res_APDU, &olen);
+            mbedtls_ecp_keypair_free(&ctx);
+            if (r != 0) {
+                return SW_EXEC_ERROR();
+            }
+            res_APDU_size = olen;
+            inc_sig_count();
+        }
+        else if (P1(apdu) == 0x80 && P2(apdu) == 0x86) {
+            mbedtls_ecdh_context ctx;
+            uint8_t kdata[67];
+            uint8_t *data = apdu.data, *end = data + apdu.nc;
+            size_t len = 0;
+            if (mbedtls_asn1_get_tag(&data, end, &len, 0xA6) != 0) {
+                return SW_WRONG_DATA();
+            }
+            if (*data++ != 0x7f) {
+                return SW_WRONG_DATA();
+            }
+            if (mbedtls_asn1_get_tag(&data, end, &len,
+                                     0x49) != 0 ||
+                mbedtls_asn1_get_tag(&data, end, &len, 0x86) != 0) {
+                return SW_WRONG_DATA();
+            }
+            //if (len != 2*key_size-1)
+            //    return SW_WRONG_LENGTH();
+            memcpy(kdata, file_get_data(ef), key_size);
+            if (dek_decrypt(kdata, key_size) != 0) {
+                return SW_EXEC_ERROR();
+            }
+            mbedtls_ecdh_init(&ctx);
+            mbedtls_ecp_group_id gid = kdata[0];
+            r = mbedtls_ecdh_setup(&ctx, gid);
+            if (r != 0) {
+                mbedtls_ecdh_free(&ctx);
+                return SW_DATA_INVALID();
+            }
+            r = mbedtls_ecp_read_key(gid, (mbedtls_ecdsa_context *)&ctx.ctx.mbed_ecdh, kdata + 1, key_size - 1);
+            if (r != 0) {
+                mbedtls_ecdh_free(&ctx);
+                return SW_DATA_INVALID();
+            }
+            r = mbedtls_ecdh_read_public(&ctx, data - 1, len + 1);
+            if (r != 0) {
+                mbedtls_ecdh_free(&ctx);
+                return SW_DATA_INVALID();
+            }
+            size_t olen = 0;
+            r = mbedtls_ecdh_calc_secret(&ctx,
+                                         &olen,
+                                         res_APDU,
+                                         MBEDTLS_ECP_MAX_BYTES,
+                                         random_gen,
+                                         NULL);
+            if (r != 0) {
+                mbedtls_ecdh_free(&ctx);
+                return SW_EXEC_ERROR();
+            }
+            res_APDU_size = olen;
+            mbedtls_ecdh_free(&ctx);
+        }
+    }
+    return SW_OK();
+}

src/openpgp/cmd_put_data.c

@@ -0,0 +1,85 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_put_data() {
+    uint16_t fid = (P1(apdu) << 8) | P2(apdu);
+    file_t *ef;
+    if (fid == EF_RESET_CODE) {
+        fid = EF_RC;
+    }
+    else if (fid == EF_ALGO_SIG || fid == EF_ALGO_DEC || fid == EF_ALGO_AUT) {
+        fid |= 0x1000;
+    }
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!authenticate_action(ef, ACL_OP_UPDATE_ERASE)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if ((fid == EF_PRIV_DO_1 || fid == EF_PRIV_DO_3) && (!has_pw2 && !has_pw3)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if (!(fid == EF_PRIV_DO_1 || fid == EF_PRIV_DO_3) && !has_pw3) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if (fid == EF_PW_STATUS) {
+        fid = EF_PW_PRIV;
+        apdu.nc = 4; //we silently ommit the reset parameters
+    }
+    if (currentEF && currentEF->fid == fid) { // previously selected same EF
+        ef = currentEF;
+    }
+    if (ef->type & FILE_DATA_FLASH) {
+        int r = 0;
+        if (apdu.nc > 0) {
+            if (fid == EF_RC) {
+                has_rc = false;
+                if ((r = load_dek()) != PICOKEY_OK) {
+                    return SW_EXEC_ERROR();
+                }
+                uint8_t dhash[33];
+                dhash[0] = apdu.nc;
+                double_hash_pin(apdu.data, apdu.nc, dhash + 1);
+                r = file_put_data(ef, dhash, sizeof(dhash));
+
+                file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
+                if (!tf) {
+                    return SW_REFERENCE_NOT_FOUND();
+                }
+                uint8_t def[IV_SIZE + 32 + 32 + 32 + 32];
+                memcpy(def, file_get_data(tf), file_get_size(tf));
+                hash_multi(apdu.data, apdu.nc, session_rc);
+                memcpy(def + IV_SIZE + 32, dek + IV_SIZE, 32);
+                aes_encrypt_cfb_256(session_rc, def, def + IV_SIZE + 32, 32);
+                r = file_put_data(tf, def, sizeof(def));
+            }
+            else {
+                r = file_put_data(ef, apdu.data, apdu.nc);
+            }
+            if (r != PICOKEY_OK) {
+                return SW_MEMORY_FAILURE();
+            }
+            low_flash_available();
+        }
+        else {
+            delete_file(ef);
+        }
+    }
+    return SW_OK();
+}

src/openpgp/cmd_reset_retry.c

@@ -0,0 +1,91 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "otp.h"
+
+int cmd_reset_retry() {
+    if (P2(apdu) != 0x81) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (P1(apdu) == 0x0 || P1(apdu) == 0x2) {
+        int newpin_len = 0;
+        file_t *pw = NULL;
+        has_pw1 = false;
+        if (!(pw = search_by_fid(EF_PW1, NULL, SPECIFY_EF))) {
+            return SW_REFERENCE_NOT_FOUND();
+        }
+        if (P1(apdu) == 0x0) {
+            file_t *rc;
+            if (!(rc = search_by_fid(EF_RC, NULL, SPECIFY_EF))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+            uint8_t pin_len = file_get_data(rc)[0];
+            if (apdu.nc <= pin_len) {
+                return SW_WRONG_LENGTH();
+            }
+            uint16_t r = check_pin(rc, apdu.data, pin_len);
+            if (r != 0x9000) {
+                return r;
+            }
+            newpin_len = apdu.nc - pin_len;
+            has_rc = true;
+            hash_multi(apdu.data, pin_len, session_rc);
+            has_pw1 = has_pw3 = false;
+            isUserAuthenticated = false;
+        }
+        else if (P1(apdu) == 0x2) {
+            if (!has_pw3) {
+                return SW_CONDITIONS_NOT_SATISFIED();
+            }
+            newpin_len = apdu.nc;
+        }
+        int r = 0;
+        if ((r = load_dek()) != PICOKEY_OK) {
+            return SW_EXEC_ERROR();
+        }
+        file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
+        if (!tf) {
+            return SW_REFERENCE_NOT_FOUND();
+        }
+        if (otp_key_1) {
+            for (int i = 0; i < 32; i++) {
+                dek[IV_SIZE + i] ^= otp_key_1[i];
+            }
+        }
+        uint8_t def[IV_SIZE + 32 + 32 + 32 + 32];
+        memcpy(def, file_get_data(tf), file_get_size(tf));
+        hash_multi(apdu.data + (apdu.nc - newpin_len), newpin_len, session_pw1);
+        memcpy(def + IV_SIZE, dek + IV_SIZE, 32);
+        aes_encrypt_cfb_256(session_pw1, def, def + IV_SIZE, 32);
+        r = file_put_data(tf, def, sizeof(def));
+
+        uint8_t dhash[33];
+        dhash[0] = newpin_len;
+        double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
+        file_put_data(pw, dhash, sizeof(dhash));
+        if (pin_reset_retries(pw, true) != PICOKEY_OK) {
+            return SW_MEMORY_FAILURE();
+        }
+        low_flash_available();
+        if ((r = load_dek()) != PICOKEY_OK) {
+            return SW_EXEC_ERROR();
+        }
+        return SW_OK();
+    }
+    return SW_INCORRECT_P1P2();
+}

src/openpgp/cmd_select.c

@@ -0,0 +1,86 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_select() {
+    uint8_t p1 = P1(apdu);
+    uint8_t p2 = P2(apdu);
+    file_t *pe = NULL;
+    uint16_t fid = 0x0;
+
+    if (apdu.nc >= 2) {
+        fid = get_uint16_t_be(apdu.data);
+    }
+
+    if (!pe) {
+        if (p1 == 0x0) { //Select MF, DF or EF - File identifier or absent
+            if (apdu.nc == 0) {
+                pe = (file_t *) MF;
+                //ac_fini();
+            }
+            else if (apdu.nc == 2) {
+                if (!(pe = search_by_fid(fid, NULL, SPECIFY_ANY))) {
+                    return SW_REFERENCE_NOT_FOUND();
+                }
+            }
+        }
+        else if (p1 == 0x01) { //Select child DF - DF identifier
+            if (!(pe = search_by_fid(fid, currentDF, SPECIFY_DF))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+        }
+        else if (p1 == 0x02) { //Select EF under the current DF - EF identifier
+            if (!(pe = search_by_fid(fid, currentDF, SPECIFY_EF))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+        }
+        else if (p1 == 0x03) { //Select parent DF of the current DF - Absent
+            if (apdu.nc != 0) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+        }
+        else if (p1 == 0x04) { //Select by DF name - e.g., [truncated] application identifier
+            if (!(pe = search_by_name(apdu.data, apdu.nc))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+            if (card_terminated) {
+                return set_res_sw(0x62, 0x85);
+            }
+        }
+        else if (p1 == 0x08) { //Select from the MF - Path without the MF identifier
+            if (!(pe = search_by_path(apdu.data, apdu.nc, MF))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+        }
+        else if (p1 == 0x09) { //Select from the current DF - Path without the current DF identifier
+            if (!(pe = search_by_path(apdu.data, apdu.nc, currentDF))) {
+                return SW_REFERENCE_NOT_FOUND();
+            }
+        }
+    }
+    if ((p2 & 0xfc) == 0x00 || (p2 & 0xfc) == 0x04) {
+        if ((p2 & 0xfc) == 0x04) {
+            process_fci(pe, 0);
+        }
+    }
+    else {
+        return SW_INCORRECT_P1P2();
+    }
+    select_file(pe);
+    return SW_OK();
+}

src/openpgp/cmd_select_data.c

@@ -0,0 +1,54 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_select_data() {
+    file_t *ef = NULL;
+    uint16_t fid = 0x0;
+    if (P2(apdu) != 0x4) {
+        return SW_WRONG_P1P2();
+    }
+    if (apdu.data[0] != 0x60) {
+        return SW_WRONG_DATA();
+    }
+    if (apdu.nc != apdu.data[1] + 2 || apdu.nc < 5) {
+        return SW_WRONG_LENGTH();
+    }
+    if (apdu.data[2] != 0x5C) {
+        return SW_WRONG_DATA();
+    }
+    if (apdu.data[3] == 2) {
+        fid = (apdu.data[4] << 8) | apdu.data[5];
+    }
+    else {
+        fid = apdu.data[4];
+    }
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!authenticate_action(ef, ACL_OP_UPDATE_ERASE)) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    fid &= ~0x6000; //Now get private DO
+    fid += P1(apdu);
+    if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    select_file(ef);
+    return SW_OK();
+}

src/openpgp/cmd_terminate_df.c

@@ -0,0 +1,37 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_terminate_df() {
+    if (P1(apdu) != 0x0 || P2(apdu) != 0x0) {
+        return SW_INCORRECT_P1P2();
+    }
+    file_t *retries;
+    if (!(retries = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!has_pw3 && *(file_get_data(retries) + 6) > 0) {
+        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    }
+    if (apdu.nc != 0) {
+        return SW_WRONG_LENGTH();
+    }
+    initialize_flash(true);
+    scan_files_openpgp();
+    return SW_OK();
+}

src/openpgp/cmd_verify.c

@@ -0,0 +1,67 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+
+int cmd_verify() {
+    uint8_t p1 = P1(apdu);
+    uint8_t p2 = P2(apdu);
+
+    if (p1 == 0xFF) {
+        if (apdu.nc != 0) {
+            return SW_WRONG_DATA();
+        }
+        if (p2 == 0x81) {
+            has_pw1 = false;
+        }
+        else if (p2 == 0x82) {
+            has_pw2 = false;
+        }
+        else if (p2 == 0x83) {
+            has_pw3 = false;
+        }
+        return SW_OK();
+    }
+    else if (p1 != 0x0 || (p2 & 0x60) != 0x0) {
+        return SW_WRONG_P1P2();
+    }
+    uint16_t fid = 0x1000 | p2;
+    if (fid == EF_RC && apdu.nc > 0) {
+        fid = EF_PW1;
+    }
+    file_t *pw, *pw_status;
+    if (!(pw = search_by_fid(fid, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (!(pw_status = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_EF))) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (file_get_data(pw)[0] == 0) { //not initialized
+        return SW_REFERENCE_NOT_FOUND();
+    }
+    if (apdu.nc > 0) {
+        return check_pin(pw, apdu.data, apdu.nc);
+    }
+    uint8_t retries = *(file_get_data(pw_status) + 3 + (fid & 0xf));
+    if (retries == 0) {
+        return SW_PIN_BLOCKED();
+    }
+    if ((p2 == 0x81 && has_pw1) || (p2 == 0x82 && has_pw2) || (p2 == 0x83 && has_pw3)) {
+        return SW_OK();
+    }
+    return set_res_sw(0x63, 0xc0 | retries);
+}

src/openpgp/cmd_version.c

@@ -0,0 +1,26 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "version.h"
+
+int cmd_version_openpgp() {
+    res_APDU[res_APDU_size++] = PIPGP_VERSION_MAJOR;
+    res_APDU[res_APDU_size++] = PIPGP_VERSION_MINOR;
+    res_APDU[res_APDU_size++] = 0x0;
+    return SW_OK();
+}

src/openpgp/defs.c

@@ -0,0 +1,23 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "version.h"
+
+uint8_t PICO_PRODUCT = 3;
+uint8_t PICO_VERSION_MAJOR = PIPGP_VERSION_MAJOR;
+uint8_t PICO_VERSION_MINOR = PIPGP_VERSION_MINOR;

src/openpgp/do.c

@@ -0,0 +1,389 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "openpgp.h"
+#include "asn1.h"
+
+int parse_do(uint16_t *fids, int mode) {
+    int len = 0;
+    file_t *ef;
+    for (int i = 0; i < fids[0]; i++) {
+        if ((ef = search_by_fid(fids[i + 1], NULL, SPECIFY_EF))) {
+            uint16_t data_len;
+            if ((ef->type & FILE_DATA_FUNC) == FILE_DATA_FUNC) {
+                data_len = ((int (*)(const file_t *, int))(ef->data))((const file_t *) ef, mode);
+            }
+            else {
+                data_len = file_get_size(ef);
+                if (mode == 1) {
+                    if (fids[0] > 1 && res_APDU_size > 0) {
+                        if (fids[i + 1] < 0x0100) {
+                            res_APDU[res_APDU_size++] = fids[i + 1] & 0xff;
+                        }
+                        else {
+                            res_APDU[res_APDU_size++] = fids[i + 1] >> 8;
+                            res_APDU[res_APDU_size++] = fids[i + 1] & 0xff;
+                        }
+                        res_APDU_size += format_tlv_len(data_len, res_APDU + res_APDU_size);
+                    }
+                    if (file_has_data(ef)) {
+                        memcpy(res_APDU + res_APDU_size, file_get_data(ef), data_len);
+                    }
+                    res_APDU_size += data_len;
+                }
+            }
+            len += data_len;
+        }
+    }
+    return len;
+}
+
+int parse_trium(uint16_t fid, uint8_t num, size_t size) {
+    for (uint8_t i = 0; i < num; i++) {
+        file_t *ef;
+        if ((ef = search_by_fid(fid + i, NULL, SPECIFY_EF)) && ef->data) {
+            uint16_t data_len = file_get_size(ef);
+            memcpy(res_APDU + res_APDU_size, file_get_data(ef), data_len);
+            res_APDU_size += data_len;
+        }
+        else {
+            memset(res_APDU + res_APDU_size, 0, size);
+            res_APDU_size += size;
+        }
+    }
+    return num * size;
+}
+
+int parse_ch_data(const file_t *f, int mode) {
+    uint16_t fids[] = {
+        3,
+        EF_CH_NAME, EF_LANG_PREF, EF_SEX,
+    };
+    res_APDU[res_APDU_size++] = EF_CH_DATA & 0xff;
+    res_APDU[res_APDU_size++] = 0x82;
+    uint8_t *lp = res_APDU + res_APDU_size;
+    res_APDU_size += 2;
+    parse_do(fids, mode);
+    uint16_t lpdif = res_APDU + res_APDU_size - lp - 2;
+    *lp++ = lpdif >> 8;
+    *lp++ = lpdif & 0xff;
+    return lpdif + 4;
+}
+
+int parse_sec_tpl(const file_t *f, int mode) {
+    res_APDU[res_APDU_size++] = EF_SEC_TPL & 0xff;
+    res_APDU[res_APDU_size++] = 5;
+    file_t *ef = search_by_fid(EF_SIG_COUNT, NULL, SPECIFY_ANY);
+    if (ef && ef->data) {
+        res_APDU[res_APDU_size++] = EF_SIG_COUNT & 0xff;
+        res_APDU[res_APDU_size++] = 3;
+        memcpy(res_APDU + res_APDU_size, file_get_data(ef), 3);
+        res_APDU_size += 3;
+    }
+    return 5 + 2;
+}
+
+int parse_ch_cert(const file_t *f, int mode) {
+    return 0;
+}
+
+int parse_fp(const file_t *f, int mode) {
+    res_APDU[res_APDU_size++] = EF_FP & 0xff;
+    res_APDU[res_APDU_size++] = 60;
+    return parse_trium(EF_FP_SIG, 3, 20) + 2;
+}
+
+int parse_cafp(const file_t *f, int mode) {
+    res_APDU[res_APDU_size++] = EF_CA_FP & 0xff;
+    res_APDU[res_APDU_size++] = 60;
+    return parse_trium(EF_FP_CA1, 3, 20) + 2;
+}
+
+int parse_ts(const file_t *f, int mode) {
+    res_APDU[res_APDU_size++] = EF_TS_ALL & 0xff;
+    res_APDU[res_APDU_size++] = 12;
+    return parse_trium(EF_TS_SIG, 3, 4) + 2;
+}
+
+int parse_keyinfo(const file_t *f, int mode) {
+    int init_len = res_APDU_size;
+    if (res_APDU_size > 0) {
+        res_APDU[res_APDU_size++] = EF_KEY_INFO & 0xff;
+        res_APDU[res_APDU_size++] = 6;
+    }
+    file_t *ef = search_by_fid(EF_PK_SIG, NULL, SPECIFY_ANY);
+    res_APDU[res_APDU_size++] = 0x00;
+    if (ef && ef->data) {
+        res_APDU[res_APDU_size++] = 0x01;
+    }
+    else {
+        res_APDU[res_APDU_size++] = 0x00;
+    }
+
+    ef = search_by_fid(EF_PK_DEC, NULL, SPECIFY_ANY);
+    res_APDU[res_APDU_size++] = 0x01;
+    if (ef && ef->data) {
+        res_APDU[res_APDU_size++] = 0x01;
+    }
+    else {
+        res_APDU[res_APDU_size++] = 0x00;
+    }
+
+    ef = search_by_fid(EF_PK_AUT, NULL, SPECIFY_ANY);
+    res_APDU[res_APDU_size++] = 0x02;
+    if (ef && ef->data) {
+        res_APDU[res_APDU_size++] = 0x01;
+    }
+    else {
+        res_APDU[res_APDU_size++] = 0x00;
+    }
+    return res_APDU_size - init_len;
+}
+
+int parse_pw_status(const file_t *f, int mode) {
+    file_t *ef;
+    int init_len = res_APDU_size;
+    if (res_APDU_size > 0) {
+        res_APDU[res_APDU_size++] = EF_PW_STATUS & 0xff;
+        res_APDU[res_APDU_size++] = 7;
+    }
+    ef = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_ANY);
+    if (ef && ef->data) {
+        memcpy(res_APDU + res_APDU_size, file_get_data(ef), 7);
+        res_APDU_size += 7;
+    }
+    return res_APDU_size - init_len;
+}
+
+const uint8_t algorithm_attr_x448[] = {
+    4,
+    ALGO_ECDH,
+    /* OID of X448 */
+    0x2b, 0x65, 0x6f
+};
+
+const uint8_t algorithm_attr_rsa1k[] = {
+    6,
+    ALGO_RSA,
+    0x04, 0x00,       /* Length modulus (in bit): 1024 */
+    0x00, 0x20,       /* Length exponent (in bit): 32  */
+    0x00          /* 0: Acceptable format is: P and Q */
+};
+
+const uint8_t algorithm_attr_rsa2k[] = {
+    6,
+    ALGO_RSA,
+    0x08, 0x00,       /* Length modulus (in bit): 2048 */
+    0x00, 0x20,       /* Length exponent (in bit): 32  */
+    0x00          /* 0: Acceptable format is: P and Q */
+};
+
+const uint8_t algorithm_attr_rsa3k[] = {
+    6,
+    ALGO_RSA,
+    0x0C, 0x00,       /* Length modulus (in bit): 3072 */
+    0x00, 0x20,       /* Length exponent (in bit): 32  */
+    0x00          /* 0: Acceptable format is: P and Q */
+};
+
+const uint8_t algorithm_attr_rsa4k[] = {
+    6,
+    ALGO_RSA,
+    0x10, 0x00,       /* Length modulus (in bit): 4096 */
+    0x00, 0x20,       /* Length exponent (in bit): 32  */
+    0x00          /* 0: Acceptable format is: P and Q */
+};
+
+const uint8_t algorithm_attr_p256k1[] = {
+    6,
+    ALGO_ECDSA,
+    0x2b, 0x81, 0x04, 0x00, 0x0a
+};
+
+const uint8_t algorithm_attr_p256r1[] = {
+    9,
+    ALGO_ECDSA,
+    0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07
+};
+
+const uint8_t algorithm_attr_p384r1[] = {
+    6,
+    ALGO_ECDSA,
+    0x2B, 0x81, 0x04, 0x00, 0x22
+};
+
+const uint8_t algorithm_attr_p521r1[] = {
+    6,
+    ALGO_ECDSA,
+    0x2B, 0x81, 0x04, 0x00, 0x23
+};
+
+const uint8_t algorithm_attr_bp256r1[] = {
+    10,
+    ALGO_ECDSA,
+    0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07
+};
+
+const uint8_t algorithm_attr_bp384r1[] = {
+    10,
+    ALGO_ECDSA,
+    0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0B
+};
+
+const uint8_t algorithm_attr_bp512r1[] = {
+    10,
+    ALGO_ECDSA,
+    0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0D
+};
+
+const uint8_t algorithm_attr_cv25519[] = {
+    11,
+    ALGO_ECDH,
+    0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01
+};
+
+#ifdef MBEDTLS_EDDSA_C
+const uint8_t algorithm_attr_ed25519[] = {
+    10,
+    ALGO_EDDSA,
+    0x2b, 0x06, 0x01, 0x04, 0x01, 0xda, 0x47, 0x0f, 0x01
+};
+
+const uint8_t algorithm_attr_ed448[] = {
+    4,
+    ALGO_EDDSA,
+    0x2b, 0x65, 0x71
+};
+#endif
+
+int parse_algo(const uint8_t *algo, uint16_t tag) {
+    res_APDU[res_APDU_size++] = tag & 0xff;
+    memcpy(res_APDU + res_APDU_size, algo, algo[0] + 1);
+    res_APDU_size += algo[0] + 1;
+    return algo[0] + 2;
+}
+
+int parse_algoinfo(const file_t *f, int mode) {
+    int datalen = 0;
+    if (f->fid == EF_ALGO_INFO) {
+        res_APDU[res_APDU_size++] = EF_ALGO_INFO & 0xff;
+        res_APDU[res_APDU_size++] = 0x82;
+        uint8_t *lp = res_APDU + res_APDU_size;
+        res_APDU_size += 2;
+        datalen += parse_algo(algorithm_attr_rsa1k, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_rsa2k, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_rsa3k, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_rsa4k, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_p256k1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_p256r1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_p384r1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_p521r1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_bp256r1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_bp384r1, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_bp512r1, EF_ALGO_SIG);
+#ifdef MBEDTLS_EDDSA_C
+        datalen += parse_algo(algorithm_attr_ed25519, EF_ALGO_SIG);
+        datalen += parse_algo(algorithm_attr_ed448, EF_ALGO_SIG);
+#endif
+
+        datalen += parse_algo(algorithm_attr_rsa1k, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_rsa2k, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_rsa3k, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_rsa4k, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_p256k1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_p256r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_p384r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_p521r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_bp256r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_bp384r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_bp512r1, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_cv25519, EF_ALGO_DEC);
+        datalen += parse_algo(algorithm_attr_x448, EF_ALGO_DEC);
+
+        datalen += parse_algo(algorithm_attr_rsa1k, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_rsa2k, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_rsa3k, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_rsa4k, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_p256k1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_p256r1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_p384r1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_p521r1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_bp256r1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_bp384r1, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_bp512r1, EF_ALGO_AUT);
+#ifdef MBEDTLS_EDDSA_C
+        datalen += parse_algo(algorithm_attr_ed25519, EF_ALGO_AUT);
+        datalen += parse_algo(algorithm_attr_ed448, EF_ALGO_AUT);
+#endif
+        uint16_t lpdif = res_APDU + res_APDU_size - lp - 2;
+        *lp++ = lpdif >> 8;
+        *lp++ = lpdif & 0xff;
+        datalen = lpdif + 4;
+    }
+    else if (f->fid == EF_ALGO_SIG || f->fid == EF_ALGO_DEC || f->fid == EF_ALGO_AUT) {
+        uint16_t fid = 0x1000 | f->fid;
+        file_t *ef;
+        if (!(ef = search_by_fid(fid, NULL, SPECIFY_EF)) || !ef->data) {
+            datalen += parse_algo(algorithm_attr_rsa2k, f->fid);
+        }
+        else {
+            uint16_t len = file_get_size(ef);
+            if (res_APDU_size > 0) {
+                res_APDU[res_APDU_size++] = f->fid & 0xff;
+                res_APDU[res_APDU_size++] = len & 0xff;
+                datalen += 2;
+            }
+            memcpy(res_APDU + res_APDU_size, file_get_data(ef), len);
+            res_APDU_size += len;
+            datalen += len;
+        }
+    }
+    return datalen;
+}
+
+int parse_app_data(const file_t *f, int mode) {
+    uint16_t fids[] = {
+        6,
+        EF_FULL_AID, EF_HIST_BYTES, EF_EXLEN_INFO, EF_GFM, EF_DISCRETE_DO, EF_KEY_INFO
+    };
+    res_APDU[res_APDU_size++] = EF_APP_DATA & 0xff;
+    res_APDU[res_APDU_size++] = 0x82;
+    uint8_t *lp = res_APDU + res_APDU_size;
+    res_APDU_size += 2;
+    parse_do(fids, mode);
+    uint16_t lpdif = res_APDU + res_APDU_size - lp - 2;
+    *lp++ = lpdif >> 8;
+    *lp++ = lpdif & 0xff;
+    return lpdif + 4;
+}
+
+int parse_discrete_do(const file_t *f, int mode) {
+    uint16_t fids[] = {
+        11,
+        EF_EXT_CAP, EF_ALGO_SIG, EF_ALGO_DEC, EF_ALGO_AUT, EF_PW_STATUS, EF_FP, EF_CA_FP, EF_TS_ALL,
+        EF_UIF_SIG, EF_UIF_DEC, EF_UIF_AUT
+    };
+    res_APDU[res_APDU_size++] = EF_DISCRETE_DO & 0xff;
+    res_APDU[res_APDU_size++] = 0x82;
+    uint8_t *lp = res_APDU + res_APDU_size;
+    res_APDU_size += 2;
+    parse_do(fids, mode);
+    uint16_t lpdif = res_APDU + res_APDU_size - lp - 2;
+    *lp++ = lpdif >> 8;
+    *lp++ = lpdif & 0xff;
+    return lpdif + 4;
+}

src/openpgp/do.h

@@ -0,0 +1,32 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+extern const uint8_t algorithm_attr_p256k1[];
+extern const uint8_t algorithm_attr_p256r1[];
+extern const uint8_t algorithm_attr_p384r1[];
+extern const uint8_t algorithm_attr_p521r1[];
+extern const uint8_t algorithm_attr_bp256r1[];
+extern const uint8_t algorithm_attr_bp384r1[];
+extern const uint8_t algorithm_attr_bp512r1[];
+extern const uint8_t algorithm_attr_cv25519[];
+extern const uint8_t algorithm_attr_x448[];
+extern const uint8_t algorithm_attr_rsa2k[];
+extern const uint8_t algorithm_attr_rsa4096[];
+#ifdef MBEDTLS_EDDSA_C
+extern const uint8_t algorithm_attr_ed25519[];
+extern const uint8_t algorithm_attr_ed448[];
+#endif

src/openpgp/files.c

@@ -3,16 +3,16 @@
  * Copyright (c) 2022 Pol Henarejos.
  *
  * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by  
+ * it under the terms of the GNU Affero General Public License as published by
  * the Free Software Foundation, version 3.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
+ * Affero General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License 
+ * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
 #include "files.h"
@@ -20,12 +20,12 @@
 extern const uint8_t openpgp_aid[];
 extern const uint8_t openpgp_aid_full[];
 
-#define ACL_NONE    {0xff,0xff,0xff,0xff,0xff,0xff,0xff}
+#define ACL_NONE    { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }
-#define ACL_ALL     {0}
+#define ACL_ALL     { 0 }
-#define ACL_RO      {0xff,0xff,0xff,0xff,0xff,0xff,0x00}
+#define ACL_RO      { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00 }
-#define ACL_RW      {0xff,0xff,0xff,0xff,0x00,0x00,0x00}
+#define ACL_RW      { 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00 }
-#define ACL_R_WP    {0xff,0xff,0xff,0xff,0x90,0x90,0x00}
+#define ACL_R_WP    { 0xff, 0xff, 0xff, 0xff, 0x90, 0x90, 0x00 }
-#define ACL_WP      {0xff,0xff,0xff,0xff,0x90,0x90,0xff}
+#define ACL_WP      { 0xff, 0xff, 0xff, 0xff, 0x90, 0x90, 0xff }
 
 extern int parse_ch_data(const file_t *f, int mode);
 extern int parse_sec_tpl(const file_t *f, int mode);
@@ -39,6 +39,7 @@ extern int parse_algoinfo(const file_t *f, int mode);
 extern int parse_app_data(const file_t *f, int mode);
 extern int parse_discrete_do(const file_t *f, int mode);
 extern int parse_pw_status(const file_t *f, int mode);
+extern int piv_parse_discovery(const file_t *f);
 
 uint8_t historical_bytes[] = {
     10, 0,
@@ -54,20 +55,20 @@ uint8_t historical_bytes[] = {
 
 uint8_t extended_capabilities[] = {
     10, 0,
-  0x74,				/*
+    0x7f,           /*
                      * No Secure Messaging supported
                      * GET CHALLENGE supported
                      * Key import supported
                      * PW status byte can be put
-				 * No private_use_DO
+                     * private_use_DO
                      * Algorithm attrs are changable
-				 * No DEC with AES
+                     * ENC/DEC with AES
                      * KDF-DO available
                      */
     0,        /* Secure Messaging Algorithm: N/A (TDES=0, AES=1) */
     0x00, 128,      /* Max size of GET CHALLENGE */
     0x08, 0x00,   /* max. length of cardholder certificate (2KiB) */
-  0x00, 0xff,
+    0x08, 0x00,   /* max. length of private DO (2KiB) */
     0x00, 0x1
 };
 
@@ -77,72 +78,429 @@ uint8_t feature_mngmnt[] = {
 };
 
 uint8_t exlen_info[] = {
-    8,0,
+    8, 0,
     0x2, 0x2, 0x07, 0xff,
     0x2, 0x2, 0x08, 0x00,
 };
 
 file_t file_entries[] = {
-    /*  0 */ { .fid = 0x3f00, .parent = 0xff, .name = NULL, .type = FILE_TYPE_DF, .data = NULL, .ef_structure = 0, .acl = ACL_NONE }, // MF
+    /*  0 */ { .fid = 0x3f00, .parent = 0xff, .name = NULL, .type = FILE_TYPE_DF, .data = NULL,
-    /*  1 */ { .fid = EF_FULL_AID, .parent = 0, .name = openpgp_aid_full, .type = FILE_TYPE_WORKING_EF, .data = (uint8_t *)openpgp_aid_full, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = 0, .acl = ACL_NONE },                                                                                  // MF
-    /*  2 */ { .fid = EF_CH_NAME, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  1 */ { .fid = EF_FULL_AID, .parent = 0, .name = openpgp_aid_full,
-    /*  3 */ { .fid = EF_LOGIN_DATA, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF, .data = (uint8_t *) openpgp_aid_full,
-    /*  4 */ { .fid = EF_LANG_PREF, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /*  5 */ { .fid = EF_SEX, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  2 */ { .fid = EF_CH_NAME, .parent = 0, .name = NULL,
-    /*  6 */ { .fid = EF_URI_URL, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /*  7 */ { .fid = EF_HIST_BYTES, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = historical_bytes, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /*  8 */ { .fid = EF_CH_DATA, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_ch_data, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /*  3 */ { .fid = EF_LOGIN_DATA, .parent = 0, .name = NULL,
-    /*  9 */ { .fid = EF_SEC_TPL, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_sec_tpl, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /* 10 */ { .fid = EF_CH_CERT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_ch_cert, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 11 */ { .fid = EF_EXLEN_INFO, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = exlen_info, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /*  4 */ { .fid = EF_LANG_PREF, .parent = 0, .name = NULL,
-    /* 12 */ { .fid = EF_GFM, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = feature_mngmnt, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /* 13 */ { .fid = EF_SIG_COUNT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 14 */ { .fid = EF_EXT_CAP, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF, .data = extended_capabilities, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /*  5 */ { .fid = EF_SEX, .parent = 0, .name = NULL,
-    /* 15 */ { .fid = EF_ALGO_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_algoinfo, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /* 16 */ { .fid = EF_ALGO_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_algoinfo, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 17 */ { .fid = EF_ALGO_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_algoinfo, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  6 */ { .fid = EF_URI_URL, .parent = 0, .name = NULL,
-    /* 18 */ { .fid = EF_PW_STATUS, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_pw_status, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /* 19 */ { .fid = EF_FP, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_fp, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 20 */ { .fid = EF_FP_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  7 */ { .fid = EF_HIST_BYTES, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF,
-    /* 21 */ { .fid = EF_FP_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .data = historical_bytes, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 22 */ { .fid = EF_FP_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  8 */ { .fid = EF_CH_DATA, .parent = 0, .name = NULL,
-    /* 23 */ { .fid = EF_CA_FP, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_cafp, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_ch_data,
-    /* 24 */ { .fid = EF_FP_CA1, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 25 */ { .fid = EF_FP_CA2, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /*  9 */ { .fid = EF_SEC_TPL, .parent = 0, .name = NULL,
-    /* 26 */ { .fid = EF_FP_CA3, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_sec_tpl,
-    /* 27 */ { .fid = EF_TS_ALL, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_ts, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 28 */ { .fid = EF_TS_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 10 */ { .fid = EF_CH_CERT, .parent = 0, .name = NULL,
-    /* 29 */ { .fid = EF_TS_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_ch_cert,
-    /* 30 */ { .fid = EF_TS_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 31 */ { .fid = EF_RESET_CODE, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 11 */ { .fid = EF_EXLEN_INFO, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF,
-    /* 32 */ { .fid = EF_UIF_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .data = exlen_info, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 33 */ { .fid = EF_UIF_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 12 */ { .fid = EF_GFM, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF,
-    /* 34 */ { .fid = EF_UIF_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+               .data = feature_mngmnt, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 35 */ { .fid = EF_KEY_INFO, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_keyinfo, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 13 */ { .fid = EF_SIG_COUNT, .parent = 0, .name = NULL,
-    /* 36 */ { .fid = EF_ALGO_INFO, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_algoinfo, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
-    /* 37 */ { .fid = EF_APP_DATA, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_app_data, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 38 */ { .fid = EF_DISCRETE_DO, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *)parse_discrete_do, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 14 */ { .fid = EF_EXT_CAP, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF,
+               .data = extended_capabilities, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 15 */ { .fid = EF_ALGO_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_algoinfo,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 16 */ { .fid = EF_ALGO_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_algoinfo,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 17 */ { .fid = EF_ALGO_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_algoinfo,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 18 */ { .fid = EF_PW_STATUS, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_pw_status,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 19 */ { .fid = EF_FP, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_fp,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 20 */ { .fid = EF_FP_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 21 */ { .fid = EF_FP_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 22 */ { .fid = EF_FP_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 23 */ { .fid = EF_CA_FP, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_cafp,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 24 */ { .fid = EF_FP_CA1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 25 */ { .fid = EF_FP_CA2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 26 */ { .fid = EF_FP_CA3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 27 */ { .fid = EF_TS_ALL, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_ts,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 28 */ { .fid = EF_TS_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 29 */ { .fid = EF_TS_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 30 */ { .fid = EF_TS_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 31 */ { .fid = EF_RESET_CODE, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 32 */ { .fid = EF_UIF_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 33 */ { .fid = EF_UIF_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 34 */ { .fid = EF_UIF_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 35 */ { .fid = EF_KEY_INFO, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_keyinfo,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 36 */ { .fid = EF_ALGO_INFO, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_algoinfo,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 37 */ { .fid = EF_APP_DATA, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_app_data,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 38 */ { .fid = EF_DISCRETE_DO, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) parse_discrete_do,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 39 */ { .fid = EF_PW1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 40 */ { .fid = EF_RC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 41 */ { .fid = EF_PW3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 42 */ { .fid = EF_ALGO_PRIV1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 43 */ { .fid = EF_ALGO_PRIV2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 44 */ { .fid = EF_ALGO_PRIV3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 45 */ { .fid = EF_PK_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 46 */ { .fid = EF_PK_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 47 */ { .fid = EF_PK_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 48 */ { .fid = EF_PB_SIG, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 49 */ { .fid = EF_PB_DEC, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 50 */ { .fid = EF_PB_AUT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 51 */ { .fid = EF_PW_PRIV, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 52 */ { .fid = EF_DEK, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 53 */ { .fid = EF_KDF, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 54 */ { .fid = EF_CH_1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 55 */ { .fid = EF_CH_2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 56 */ { .fid = EF_CH_3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    // ** PIV ** //
+    /* 57 */ { .fid = EF_PIV_ADMIN_DATA, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 58 */ { .fid = EF_PIV_ATTESTATION, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 59 */ { .fid = EF_PIV_MSCMAP, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 60 */ { .fid = EF_PIV_MSROOTS1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 61 */ { .fid = EF_PIV_MSROOTS2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 62 */ { .fid = EF_PIV_MSROOTS3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 63 */ { .fid = EF_PIV_MSROOTS4, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 64 */ { .fid = EF_PIV_MSROOTS5, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 65 */ { .fid = EF_PIV_KEY_AUTHENTICATION, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 66 */ { .fid = EF_PIV_KEY_CARDMGM, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 67 */ { .fid = EF_PIV_KEY_SIGNATURE, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 68 */ { .fid = EF_PIV_KEY_KEYMGM, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 69 */ { .fid = EF_PIV_KEY_CARDAUTH, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 70 */ { .fid = EF_PIV_KEY_RETIRED1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 71 */ { .fid = EF_PIV_KEY_RETIRED2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 72 */ { .fid = EF_PIV_KEY_RETIRED3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 73 */ { .fid = EF_PIV_KEY_RETIRED4, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 74 */ { .fid = EF_PIV_KEY_RETIRED5, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 75 */ { .fid = EF_PIV_KEY_RETIRED6, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 76 */ { .fid = EF_PIV_KEY_RETIRED7, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 77 */ { .fid = EF_PIV_KEY_RETIRED8, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 78 */ { .fid = EF_PIV_KEY_RETIRED9, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 79 */ { .fid = EF_PIV_KEY_RETIRED10, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 80 */ { .fid = EF_PIV_KEY_RETIRED11, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 81 */ { .fid = EF_PIV_KEY_RETIRED12, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 82 */ { .fid = EF_PIV_KEY_RETIRED12, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 83 */ { .fid = EF_PIV_KEY_RETIRED13, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 84 */ { .fid = EF_PIV_KEY_RETIRED14, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 85 */ { .fid = EF_PIV_KEY_RETIRED15, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 86 */ { .fid = EF_PIV_KEY_RETIRED16, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 87 */ { .fid = EF_PIV_KEY_RETIRED17, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 88 */ { .fid = EF_PIV_KEY_RETIRED18, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 89 */ { .fid = EF_PIV_KEY_RETIRED19, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 90 */ { .fid = EF_PIV_KEY_RETIRED20, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 91 */ { .fid = EF_PIV_KEY_ATTESTATION, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 92 */ { .fid = EF_PIV_CAPABILITY, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 93 */ { .fid = EF_PIV_CHUID, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 94 */ { .fid = EF_PIV_AUTHENTICATION, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 95 */ { .fid = EF_PIV_FINGERPRINTS, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 96 */ { .fid = EF_PIV_SECURITY, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 97 */ { .fid = EF_PIV_FACIAL, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 98 */ { .fid = EF_PIV_PRINTED, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 99 */ { .fid = EF_PIV_SIGNATURE, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 100 */ { .fid = EF_PIV_KEY_MANAGEMENT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 101 */ { .fid = EF_PIV_CARD_AUTH, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 102 */ { .fid = EF_PIV_DISCOVERY, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FUNC, .data = (uint8_t *) piv_parse_discovery,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 103 */ { .fid = EF_PIV_KEY_HISTORY, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 104 */ { .fid = EF_PIV_IRIS, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 105 */ { .fid = EF_PIV_BITGT, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 106 */ { .fid = EF_PIV_SM_SIGNER, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 107 */ { .fid = EF_PIV_PC_REF_DATA, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 108 */ { .fid = EF_PIV_RETIRED1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 109 */ { .fid = EF_PIV_RETIRED2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 110 */ { .fid = EF_PIV_RETIRED3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 111 */ { .fid = EF_PIV_RETIRED4, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 112 */ { .fid = EF_PIV_RETIRED5, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 113 */ { .fid = EF_PIV_RETIRED6, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 114 */ { .fid = EF_PIV_RETIRED7, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 115 */ { .fid = EF_PIV_RETIRED8, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 116 */ { .fid = EF_PIV_RETIRED9, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 117 */ { .fid = EF_PIV_RETIRED10, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 118 */ { .fid = EF_PIV_RETIRED11, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 119 */ { .fid = EF_PIV_RETIRED12, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 120 */ { .fid = EF_PIV_RETIRED13, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 121 */ { .fid = EF_PIV_RETIRED14, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 122 */ { .fid = EF_PIV_RETIRED15, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 123 */ { .fid = EF_PIV_RETIRED16, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 124 */ { .fid = EF_PIV_RETIRED17, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 125 */ { .fid = EF_PIV_RETIRED18, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 126 */ { .fid = EF_PIV_RETIRED19, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 127 */ { .fid = EF_PIV_RETIRED20, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 128 */ { .fid = EF_PIV_PIN, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 129 */ { .fid = EF_PIV_PUK, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 130 */ { .fid = EF_META, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 131 */ { .fid = EF_PW_RETRIES, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 131 */ { .fid = EF_PRIV_DO_1, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 132 */ { .fid = EF_PRIV_DO_2, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 133 */ { .fid = EF_PRIV_DO_3, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 134 */ { .fid = EF_PRIV_DO_4, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 135 */ { .fid = EF_PW_RETRIES, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 136 */ { .fid = EF_PW_STATUS, .parent = 0, .name = NULL,
+               .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL,
+               .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
 
-    /* 39 */ { .fid = EF_PW1, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 137 */ { .fid = 0x0000, .parent = 0, .name = openpgp_aid, .type = FILE_TYPE_WORKING_EF,
-    /* 40 */ { .fid = EF_RC, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+               .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 41 */ { .fid = EF_PW3, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+    /* 138 */ { .fid = 0x0000, .parent = 0xff, .name = NULL, .type = FILE_TYPE_NOT_KNOWN, .data = NULL,
-    /* 42 */ { .fid = EF_PW1_RETRIES, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
+               .ef_structure = 0, .acl = ACL_NONE }                                                                                       //end
-    /* 43 */ { .fid = EF_RC_RETRIES, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 44 */ { .fid = EF_PW3_RETRIES, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 45 */ { .fid = EF_ALGO_PRIV1, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 46 */ { .fid = EF_ALGO_PRIV2, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 47 */ { .fid = EF_ALGO_PRIV3, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
-    /* 48 */ { .fid = EF_PK_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 49 */ { .fid = EF_PK_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 50 */ { .fid = EF_PK_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 51 */ { .fid = EF_PB_SIG, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 52 */ { .fid = EF_PB_DEC, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    /* 53 */ { .fid = EF_PB_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_WP },
-    
-    /* 54 */ { .fid = 0x0000, .parent = 0, .name = openpgp_aid, .type = FILE_TYPE_WORKING_EF, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 55 */ { .fid = 0x0000, .parent = 0xff, .name = NULL, .type = FILE_TYPE_UNKNOWN, .data = NULL, .ef_structure = 0, .acl = ACL_NONE } //end
 };
 
 const file_t *MF = &file_entries[0];
-const file_t *file_openpgp = &file_entries[sizeof(file_entries)/sizeof(file_t)-2];
+const file_t *file_openpgp = &file_entries[sizeof(file_entries) / sizeof(file_t) - 2];
-const file_t *file_last = &file_entries[sizeof(file_entries)/sizeof(file_t)-1];
+const file_t *file_last = &file_entries[sizeof(file_entries) / sizeof(file_t) - 1];

src/openpgp/files.h

@@ -3,16 +3,16 @@
  * Copyright (c) 2022 Pol Henarejos.
  *
  * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by  
+ * it under the terms of the GNU Affero General Public License as published by
  * the Free Software Foundation, version 3.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
+ * Affero General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License 
+ * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
 
@@ -24,18 +24,21 @@
 #define EF_PW1          0x1081
 #define EF_RC           0x1082
 #define EF_PW3          0x1083
-#define EF_PW1_RETRIES  0x1084
-#define EF_RC_RETRIES   0x1085
-#define EF_PW3_RETRIES  0x1086
 #define EF_ALGO_PRIV1   0x10c1
 #define EF_ALGO_PRIV2   0x10c2
 #define EF_ALGO_PRIV3   0x10c3
+#define EF_PW_PRIV      0x10c4
+#define EF_PW_RETRIES   0x10c5
 #define EF_PK_SIG       0x10d1
 #define EF_PK_DEC       0x10d2
 #define EF_PK_AUT       0x10d3
 #define EF_PB_SIG       0x10d4
 #define EF_PB_DEC       0x10d5
 #define EF_PB_AUT       0x10d6
+#define EF_DEK          0x1099
+#define EF_CH_1         0x1f21
+#define EF_CH_2         0x1f22
+#define EF_CH_3         0x1f23
 
 #define EF_EXT_HEADER   0x004d //C
 #define EF_FULL_AID     0x004f //S
@@ -64,10 +67,12 @@
 #define EF_TS_DEC       0x00cf //S
 #define EF_TS_AUT       0x00d0 //S
 #define EF_RESET_CODE   0x00d3 //S
+#define EF_AES_KEY      0x00d5 //S
 #define EF_UIF_SIG      0x00d6 //S
 #define EF_UIF_DEC      0x00d7 //S
 #define EF_UIF_AUT      0x00d8 //S
 #define EF_KEY_INFO     0x00de //S
+#define EF_KDF          0x00f9 //C
 #define EF_ALGO_INFO    0x00fa //C
 #define EF_LANG_PREF    0x5f2d //S
 #define EF_SEX          0x5f35 //S
@@ -77,4 +82,90 @@
 #define EF_EXLEN_INFO   0x7f66 //C
 #define EF_GFM          0x7f74 //C
 
+// PIV
+
+#define EF_PIV_PIN  0x1184
+#define EF_PIV_PUK  0x1185
+
+#define EF_PIV_ADMIN_DATA  0xff00
+#define EF_PIV_ATTESTATION 0xff01
+#define	EF_PIV_MSCMAP      0xff10
+#define	EF_PIV_MSROOTS1    0xff11
+#define EF_PIV_MSROOTS2    0xff12
+#define EF_PIV_MSROOTS3    0xff13
+#define EF_PIV_MSROOTS4    0xff14
+#define EF_PIV_MSROOTS5    0xff15
+
+#define EF_PIV_KEY_AUTHENTICATION   0x009a
+#define EF_PIV_KEY_CARDMGM          0x009b
+#define EF_PIV_KEY_SIGNATURE        0x009c
+#define EF_PIV_KEY_KEYMGM           0x009d
+#define EF_PIV_KEY_CARDAUTH         0x009e
+#define EF_PIV_KEY_RETIRED1         0x0082
+#define EF_PIV_KEY_RETIRED2         0x0083
+#define EF_PIV_KEY_RETIRED3         0x0084
+#define EF_PIV_KEY_RETIRED4         0x0085
+#define EF_PIV_KEY_RETIRED5         0x0086
+#define EF_PIV_KEY_RETIRED6         0x0087
+#define EF_PIV_KEY_RETIRED7         0x0088
+#define EF_PIV_KEY_RETIRED8         0x0089
+#define EF_PIV_KEY_RETIRED9         0x008a
+#define EF_PIV_KEY_RETIRED10        0x008b
+#define EF_PIV_KEY_RETIRED11        0x008c
+#define EF_PIV_KEY_RETIRED12        0x008d
+#define EF_PIV_KEY_RETIRED13        0x008e
+#define EF_PIV_KEY_RETIRED14        0x008f
+#define EF_PIV_KEY_RETIRED15        0x0090
+#define EF_PIV_KEY_RETIRED16        0x0091
+#define EF_PIV_KEY_RETIRED17        0x0092
+#define EF_PIV_KEY_RETIRED18        0x0096 // It's 0x93 but assigned to EF_SIG_COUNT
+#define EF_PIV_KEY_RETIRED19        0x0094
+#define EF_PIV_KEY_RETIRED20        0x0095
+#define EF_PIV_KEY_ATTESTATION      0x00fb // It's 0xf9 but assigned to EF_KDF
+
+#define EF_PIV_CAPABILITY       0xc107
+#define EF_PIV_CHUID            0xc102
+#define EF_PIV_AUTHENTICATION   0xc105 /* cert for 9a key */
+#define EF_PIV_FINGERPRINTS     0xc103
+#define EF_PIV_SECURITY         0xc106
+#define EF_PIV_FACIAL           0xc108
+#define EF_PIV_PRINTED          0xc109
+#define EF_PIV_SIGNATURE        0xc10a /* cert for 9c key */
+#define EF_PIV_KEY_MANAGEMENT   0xc10b /* cert for 9d key */
+#define EF_PIV_CARD_AUTH        0xc101 /* cert for 9e key */
+#define EF_PIV_DISCOVERY        0x007e
+#define EF_PIV_KEY_HISTORY      0xc10c
+#define EF_PIV_IRIS             0xc121
+#define EF_PIV_BITGT            0x7f61
+#define EF_PIV_SM_SIGNER        0xc122
+#define EF_PIV_PC_REF_DATA      0xc123
+
+#define EF_PIV_RETIRED1  0xc10d
+#define EF_PIV_RETIRED2  0xc10e
+#define EF_PIV_RETIRED3  0xc10f
+#define EF_PIV_RETIRED4  0xc110
+#define EF_PIV_RETIRED5  0xc111
+#define EF_PIV_RETIRED6  0xc112
+#define EF_PIV_RETIRED7  0xc113
+#define EF_PIV_RETIRED8  0xc114
+#define EF_PIV_RETIRED9  0xc115
+#define EF_PIV_RETIRED10 0xc116
+#define EF_PIV_RETIRED11 0xc117
+#define EF_PIV_RETIRED12 0xc118
+#define EF_PIV_RETIRED13 0xc119
+#define EF_PIV_RETIRED14 0xc11a
+#define EF_PIV_RETIRED15 0xc11b
+#define EF_PIV_RETIRED16 0xc11c
+#define EF_PIV_RETIRED17 0xc11d
+#define EF_PIV_RETIRED18 0xc11e
+#define EF_PIV_RETIRED19 0xc11f
+#define EF_PIV_RETIRED20 0xc120
+
+#define EF_DEV_CONF     0x1122
+
+#define EF_PRIV_DO_1        0x0101
+#define EF_PRIV_DO_2        0x0102
+#define EF_PRIV_DO_3        0x0103
+#define EF_PRIV_DO_4        0x0104
+
 #endif

src/openpgp/management.c

@@ -0,0 +1,156 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "pico_keys.h"
+#include "apdu.h"
+#include "version.h"
+#include "files.h"
+#include "asn1.h"
+#include "management.h"
+
+bool is_gpg = true;
+
+int man_process_apdu();
+int man_unload();
+
+const uint8_t man_aid[] = {
+    8,
+    0xa0, 0x00, 0x00, 0x05, 0x27, 0x47, 0x11, 0x17
+};
+
+extern void init_piv();
+int man_select(app_t *a, uint8_t force) {
+    (void) force;
+    a->process_apdu = man_process_apdu;
+    a->unload = man_unload;
+    sprintf((char *) res_APDU, "%d.%d.0", PIV_VERSION_MAJOR, PIV_VERSION_MINOR);
+    res_APDU_size = strlen((char *) res_APDU);
+    apdu.ne = res_APDU_size;
+    init_piv();
+    is_gpg = false;
+    return PICOKEY_OK;
+}
+
+INITIALIZER( man_ctor ) {
+    register_app(man_select, man_aid);
+}
+
+int man_unload() {
+    return PICOKEY_OK;
+}
+
+bool cap_supported(uint16_t cap) {
+    file_t *ef = search_dynamic_file(EF_DEV_CONF);
+    if (file_has_data(ef)) {
+        uint16_t tag = 0x0;
+        uint8_t *tag_data = NULL, *p = NULL;
+        uint16_t tag_len = 0;
+        asn1_ctx_t ctxi;
+        asn1_ctx_init(file_get_data(ef), file_get_size(ef), &ctxi);
+        while (walk_tlv(&ctxi, &p, &tag, &tag_len, &tag_data)) {
+            if (tag == TAG_USB_ENABLED) {
+                uint16_t ecaps = tag_data[0];
+                if (tag_len == 2) {
+                    ecaps = (tag_data[0] << 8) | tag_data[1];
+                }
+                return ecaps & cap;
+            }
+        }
+    }
+    return true;
+}
+
+int man_get_config() {
+    file_t *ef = search_dynamic_file(EF_DEV_CONF);
+    res_APDU_size = 0;
+    res_APDU[res_APDU_size++] = 0; // Overall length. Filled later
+    res_APDU[res_APDU_size++] = TAG_USB_SUPPORTED;
+    res_APDU[res_APDU_size++] = 1;
+    res_APDU[res_APDU_size++] = CAP_PIV | CAP_OPENPGP;
+    res_APDU[res_APDU_size++] = TAG_SERIAL;
+    res_APDU[res_APDU_size++] = 4;
+    memcpy(res_APDU + res_APDU_size, pico_serial.id, 4);
+    res_APDU_size += 4;
+    res_APDU[res_APDU_size++] = TAG_FORM_FACTOR;
+    res_APDU[res_APDU_size++] = 1;
+    res_APDU[res_APDU_size++] = 0x01;
+    res_APDU[res_APDU_size++] = TAG_VERSION;
+    res_APDU[res_APDU_size++] = 3;
+    res_APDU[res_APDU_size++] = PIV_VERSION_MAJOR;
+    res_APDU[res_APDU_size++] = PIV_VERSION_MINOR;
+    res_APDU[res_APDU_size++] = 0;
+    res_APDU[res_APDU_size++] = TAG_NFC_SUPPORTED;
+    res_APDU[res_APDU_size++] = 1;
+    res_APDU[res_APDU_size++] = 0x00;
+    if (!file_has_data(ef)) {
+        res_APDU[res_APDU_size++] = TAG_USB_ENABLED;
+        res_APDU[res_APDU_size++] = 1;
+        res_APDU[res_APDU_size++] = CAP_PIV | CAP_OPENPGP;
+        res_APDU[res_APDU_size++] = TAG_DEVICE_FLAGS;
+        res_APDU[res_APDU_size++] = 1;
+        res_APDU[res_APDU_size++] = FLAG_EJECT;
+        res_APDU[res_APDU_size++] = TAG_CONFIG_LOCK;
+        res_APDU[res_APDU_size++] = 1;
+        res_APDU[res_APDU_size++] = 0x00;
+        res_APDU[res_APDU_size++] = TAG_NFC_ENABLED;
+        res_APDU[res_APDU_size++] = 1;
+        res_APDU[res_APDU_size++] = 0x00;
+    }
+    else {
+        memcpy(res_APDU + res_APDU_size, file_get_data(ef), file_get_size(ef));
+        res_APDU_size += file_get_size(ef);
+    }
+    res_APDU[0] = res_APDU_size - 1;
+    return 0;
+}
+
+int cmd_read_config() {
+    man_get_config();
+    return SW_OK();
+}
+
+int cmd_write_config() {
+    if (apdu.data[0] != apdu.nc - 1) {
+        return SW_WRONG_DATA();
+    }
+    file_t *ef = file_new(EF_DEV_CONF);
+    file_put_data(ef, apdu.data + 1, apdu.nc - 1);
+    low_flash_available();
+    return SW_OK();
+}
+
+#define INS_READ_CONFIG             0x1D
+#define INS_WRITE_CONFIG            0x1C
+
+static const cmd_t cmds[] = {
+    { INS_READ_CONFIG, cmd_read_config },
+    { INS_WRITE_CONFIG, cmd_write_config },
+    { 0x00, 0x0 }
+};
+
+int man_process_apdu() {
+    if (CLA(apdu) != 0x00) {
+        return SW_CLA_NOT_SUPPORTED();
+    }
+    for (const cmd_t *cmd = cmds; cmd->ins != 0x00; cmd++) {
+        if (cmd->ins == INS(apdu)) {
+            int r = cmd->cmd_handler();
+            return r;
+        }
+    }
+    return SW_INS_NOT_SUPPORTED();
+}

src/openpgp/management.h

@@ -0,0 +1,55 @@
+/*
+ * This file is part of the Pico OpenPGP distribution (https://github.com/polhenarejos/pico-openpgp).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#ifndef _MANAGEMENT_H_
+#define _MANAGEMENT_H_
+
+#include <stdlib.h>
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
+#include "pico/stdlib.h"
+#endif
+
+#define TAG_USB_SUPPORTED 0x01
+#define TAG_SERIAL 0x02
+#define TAG_USB_ENABLED 0x03
+#define TAG_FORM_FACTOR 0x04
+#define TAG_VERSION 0x05
+#define TAG_AUTO_EJECT_TIMEOUT 0x06
+#define TAG_CHALRESP_TIMEOUT 0x07
+#define TAG_DEVICE_FLAGS 0x08
+#define TAG_APP_VERSIONS 0x09
+#define TAG_CONFIG_LOCK 0x0A
+#define TAG_UNLOCK 0x0B
+#define TAG_REBOOT 0x0C
+#define TAG_NFC_SUPPORTED 0x0D
+#define TAG_NFC_ENABLED 0x0E
+
+#define CAP_OTP 0x01
+#define CAP_U2F 0x02
+#define CAP_FIDO2 0x200
+#define CAP_OATH 0x20
+#define CAP_PIV 0x10
+#define CAP_OPENPGP 0x08
+#define CAP_HSMAUTH 0x100
+
+#define FLAG_REMOTE_WAKEUP 0x40
+#define FLAG_EJECT 0x80
+
+extern bool cap_supported(uint16_t cap);
+extern int man_get_config();
+
+#endif //_MANAGEMENT_H

src/openpgp/openpgp.h

@@ -3,28 +3,80 @@
  * Copyright (c) 2022 Pol Henarejos.
  *
  * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by  
+ * it under the terms of the GNU Affero General Public License as published by
  * the Free Software Foundation, version 3.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
+ * Affero General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License 
+ * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
 #ifndef __OPENPGP_H_
 #define __OPENPGP_H_
 
 #include "stdlib.h"
+#if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM)
 #include <pico/stdlib.h>
-
-#include "ccid2040.h"
-
-extern bool has_pw1;
-extern bool has_pw3;
-
 #endif
 
+#include "pico_keys.h"
+#include "apdu.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/ecdsa.h"
+#include "crypto_utils.h"
+#include "files.h"
+
+extern bool has_pw1;
+extern bool has_pw2;
+extern bool has_pw3;
+extern bool has_rc;
+extern uint8_t session_pw1[32];
+extern uint8_t session_rc[32];
+extern uint8_t session_pw3[32];
+extern uint8_t dek[IV_SIZE + 32];
+
+extern int store_keys(void *key_ctx, int type, uint16_t key_id, bool use_kek);
+extern void make_rsa_response(mbedtls_rsa_context *rsa);
+extern void make_ecdsa_response(mbedtls_ecdsa_context *ecdsa);
+extern int ecdsa_sign(mbedtls_ecdsa_context *ctx,
+                      const uint8_t *data,
+                      size_t data_len,
+                      uint8_t *out,
+                      size_t *out_len);
+extern int rsa_sign(mbedtls_rsa_context *ctx,
+                    const uint8_t *data,
+                    size_t data_len,
+                    uint8_t *out,
+                    size_t *out_len);
+extern int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey, bool use_dek);
+extern int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey, bool use_dek);
+extern int pin_reset_retries(const file_t *pin, bool force);
+
+#define ALGO_RSA        0x01
+#define ALGO_ECDH       0x12
+#define ALGO_ECDSA      0x13
+#define ALGO_EDDSA      0x16
+#define ALGO_AES        0x70
+#define ALGO_AES_128    0x71
+#define ALGO_AES_192    0x72
+#define ALGO_AES_256    0x74
+
+extern void select_file(file_t *pe);
+extern int parse_do(uint16_t *fids, int mode);
+extern int load_dek();
+extern int check_pin(const file_t *pin, const uint8_t *data, size_t len);
+extern mbedtls_ecp_group_id get_ec_group_id_from_attr(const uint8_t *algo, size_t algo_len);
+extern int reset_sig_count();
+extern uint16_t algo_dec, algo_aut, pk_dec, pk_aut;
+extern bool wait_button_pressed_fid(uint16_t fid);
+extern void scan_files_openpgp();
+extern int load_aes_key(uint8_t *aes_key, file_t *fkey);
+extern int inc_sig_count();
+extern int dek_encrypt(uint8_t *data, size_t len);
+extern int dek_decrypt(uint8_t *data, size_t len);
+
+#endif

src/openpgp/version.h

@@ -3,16 +3,16 @@
  * Copyright (c) 2022 Pol Henarejos.
  *
  * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by  
+ * it under the terms of the GNU Affero General Public License as published by
  * the Free Software Foundation, version 3.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
+ * Affero General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License 
+ * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
  */
 
 #ifndef __VERSION_H_
@@ -23,5 +23,15 @@
 #define OPGP_VERSION_MAJOR ((OPGP_VERSION >> 8) & 0xff)
 #define OPGP_VERSION_MINOR (OPGP_VERSION & 0xff)
 
-#endif
+#define PIV_VERSION 0x0507
 
+#define PIV_VERSION_MAJOR ((PIV_VERSION >> 8) & 0xff)
+#define PIV_VERSION_MINOR (PIV_VERSION & 0xff)
+
+
+#define PIPGP_VERSION 0x0404
+
+#define PIPGP_VERSION_MAJOR ((PIPGP_VERSION >> 8) & 0xff)
+#define PIPGP_VERSION_MINOR (PIPGP_VERSION & 0xff)
+
+#endif

tests/000_config/test_000_config_card.py

@@ -0,0 +1 @@
+from card_test_check_card import *

tests/001_initial_check/test_000_initial_card.py

@@ -0,0 +1 @@
+from card_test_empty_card import *

tests/001_initial_check/test_001_initial_card.py

@@ -0,0 +1 @@
+from card_test_set_attr import *

tests/010_kdfnone/test_010_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_personalize_card_1 import *

tests/010_kdfnone/test_011_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_personalize_card_2 import *

tests/010_kdfnone/test_012_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_public_key_operations import *

tests/010_kdfnone/test_013_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_ds_counter2 import *

tests/010_kdfnone/test_014_keygen_kdfnone.py

@@ -0,0 +1,24 @@
+"""
+test_005_keygen.py - test key generation
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from card_test_keygen import *

tests/010_kdfnone/test_015_keygen_kdfnone.py

@@ -0,0 +1,24 @@
+"""
+test_005_keygen.py - test key generation
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from card_test_public_key_operations_kg import *

tests/010_kdfnone/test_016_keygen_kdfnone.py

@@ -0,0 +1,24 @@
+"""
+test_005_keygen.py - test key generation
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from card_test_ds_counter1 import *

tests/010_kdfnone/test_017_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_personalize_reset import *

tests/010_kdfnone/test_018_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_remove_keys import *

tests/010_kdfnone/test_019_adminfull_kdfnone.py

@@ -0,0 +1,2 @@
+from skip_if_kdfreq import *
+from card_test_reset_pw3 import *

tests/010_kdfnone/test_040_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_personalize_admin_less_1 import *

tests/010_kdfnone/test_041_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_public_key_operations_alt import *

tests/010_kdfnone/test_042_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_ds_counter1 import *

tests/010_kdfnone/test_043_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_personalize_admin_less_2 import *

tests/010_kdfnone/test_044_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_personalize_reset import *

tests/010_kdfnone/test_045_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_remove_keys import *

tests/010_kdfnone/test_046_adminless_kdfnone.py

@@ -0,0 +1,25 @@
+"""
+test_005_adminless_kdfnone.py - test admin-less mode
+
+Copyright (C) 2016, 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_if_kdfreq import *
+from skip_gnuk_only_tests import *
+from card_test_reset_pw3 import *

tests/020_kdffull/01_initial_check/test_050_adminfull_kdffull.py

@@ -0,0 +1,23 @@
+"""
+test_011_adminfull_kdffull.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_test_kdf_full import *

tests/020_kdffull/02_personalization/test_051_adminfull_kdffull.py

@@ -0,0 +1,23 @@
+"""
+test_011_adminfull_kdffull.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_test_personalize_card_1 import *

tests/020_kdffull/03_key_import/001_rsa2k/test_rsa2k_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_rsa2k import *

tests/020_kdffull/03_key_import/002_nistp256r1/test_nistp256r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_nistp256r1 import *

tests/020_kdffull/03_key_import/003_brainpoolp256r1/test_brainpoolp256r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_brainpoolp256r1 import *

tests/020_kdffull/03_key_import/004_secp256k1/test_secp256k1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_secp256k1 import *

tests/020_kdffull/03_key_import/005_nistp384r1/test_nistp384r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_nistp384r1 import *

tests/020_kdffull/03_key_import/006_brainpoolp384r1/test_brainpoolp384r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_brainpoolp384r1 import *

tests/020_kdffull/03_key_import/008_nistp521r1/test_nistp521r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_nistp521r1 import *

tests/020_kdffull/03_key_import/009_brainpoolp512r1/test_brainpoolp521r1_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_brainpoolp512r1 import *

tests/020_kdffull/03_key_import/010_curve25519/test_curve25519_import.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_curve25519 import *

tests/020_kdffull/04_keygen/001_rsa2k/test_rsa2k_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_rsa2k import *

tests/020_kdffull/04_keygen/002_nistp256r1/test_nistp256r1_keygen.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_nistp256r1 import *

tests/020_kdffull/04_keygen/003_brainpoolp256r1/test_brainpoolp256r1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_brainpoolp256r1 import *

tests/020_kdffull/04_keygen/004_secp256k1/test_secp256k1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_secp256k1 import *

tests/020_kdffull/04_keygen/005_nistp384r1/test_nistp384r1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_nistp384r1 import *

tests/020_kdffull/04_keygen/006_brainpoolp384r1/test_brainpoolp384r1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_brainpoolp384r1 import *

tests/020_kdffull/04_keygen/008_nistp521r1/test_nistp521r1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_nistp521r1 import *

tests/020_kdffull/04_keygen/009_brainpoolp512r1/test_brainpoolp521r1_keygen.py

@@ -0,0 +1 @@
+from card_test_kg_pko_dsc_brainpoolp512r1 import *

tests/020_kdffull/04_keygen/010_curve25519/test_curve25519_keygen.py

@@ -0,0 +1 @@
+from card_test_ki_pko_dsc_curve25519 import *

tests/020_kdffull/05_finalize/test_000_reset_to_TEST4.py

@@ -0,0 +1,15 @@
+import pytest
+from card_const import *
+from constants_for_test import *
+
+def test_setup_pw1_4(card):
+    r = card.change_passwd(1, FACTORY_PASSPHRASE_PW1, PW1_TEST4)
+    assert r
+
+def test_verify_pw1_4(card):
+    v = card.verify(1, PW1_TEST4)
+    assert v
+
+def test_verify_pw1_4_2(card):
+    v = card.verify(2, PW1_TEST4)
+    assert v

tests/020_kdffull/05_finalize/test_057_adminfull_kdffull.py

@@ -0,0 +1,23 @@
+"""
+test_011_adminfull_kdffull.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_test_personalize_reset import *

tests/020_kdffull/05_finalize/test_058_adminfull_kdffull.py

@@ -0,0 +1,23 @@
+"""
+test_011_adminfull_kdffull.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_test_remove_keys import *

tests/020_kdffull/05_finalize/test_059_adminfull_kdffull.py

@@ -0,0 +1,23 @@
+"""
+test_011_adminfull_kdffull.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from card_test_reset_pw3 import *

tests/020_kdffull/conftest.py

@@ -0,0 +1 @@
+from skip_if_no_kdf_support import *

tests/030_kdfsingle/test_060_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_kdf_single import *

tests/030_kdfsingle/test_061_adminfull_kdfsingle.py

@@ -0,0 +1,25 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_personalize_card_1 import *
+from card_test_personalize_card_2 import *

tests/030_kdfsingle/test_062_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_public_key_operations import *

tests/030_kdfsingle/test_063_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_ds_counter2 import *

tests/030_kdfsingle/test_064_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_personalize_reset import *

tests/030_kdfsingle/test_065_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_remove_keys import *

tests/030_kdfsingle/test_066_adminfull_kdfsingle.py

@@ -0,0 +1,24 @@
+"""
+test_016_adminfull_kdfsingle.py - test KDF data object
+
+Copyright (C) 2018, 2019  g10 Code GmbH
+Author: NIIBE Yutaka <gniibe@fsij.org>
+
+This file is a part of Gnuk, a GnuPG USB Token implementation.
+
+Gnuk is free software: you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+Gnuk is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
+License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+from skip_gnuk_only_tests import *
+from card_test_reset_pw3 import *

tests/030_kdfsingle/test_070_adminless_kdfsingle.py

@@ -0,0 +1,2 @@
+from skip_gnuk_only_tests import *
+from card_test_personalize_admin_less_1 import *

tests/030_kdfsingle/test_071_adminless_kdfsingle.py

@@ -0,0 +1,2 @@
+from skip_gnuk_only_tests import *
+from card_test_public_key_operations_alt import *

tests/030_kdfsingle/test_072_adminless_kdfsingle.py

@@ -0,0 +1,2 @@
+from skip_gnuk_only_tests import *
+from card_test_ds_counter1 import *