Upgraded to version 1.6

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

CMakeLists.txt

@@ -37,11 +37,13 @@ if (NOT DEFINED USB_PID)
 endif()
 add_definitions(-DUSB_PID=${USB_PID})
 
+configure_file(${CMAKE_CURRENT_LIST_DIR}/pico-ccid/config/mbedtls_config.h ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/include/mbedtls COPYONLY)
+        
 target_sources(pico_openpgp PUBLIC
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/ccid2040.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb.c
-        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/openpgp.c
-        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/files.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/usb/usb_descriptors.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/ccid2040.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/asn1.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/file.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/flash.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/fs/low_flash.c
@@ -49,40 +51,30 @@ target_sources(pico_openpgp PUBLIC
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/rng/neug.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/crypto_utils.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/src/ccid/eac.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/openpgp.c
+        ${CMAKE_CURRENT_LIST_DIR}/src/openpgp/files.c
         
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha256.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aes.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha512.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1parse.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/bignum.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/platform_util.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/oid.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa_alt_helpers.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/constant_time.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp_curves.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1write.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hmac_drbg.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md5.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ripemd160.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha1.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdh.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cmac.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher.c
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/cipher_wrap.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/chachapoly.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/constant_time.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/camellia.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/chacha20.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecdh.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/aria.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/poly1305.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ecp_curves.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/gcm.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ccm.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/md5.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/des.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/oid.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/nist_kw.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/platform_util.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/hkdf.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/ripemd160.c
-        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/asn1parse.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/rsa_alt_helpers.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha1.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha256.c
+        ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library/sha512.c
         )
 
 target_include_directories(pico_openpgp PUBLIC
@@ -95,6 +87,11 @@ target_include_directories(pico_openpgp PUBLIC
         ${CMAKE_CURRENT_LIST_DIR}/pico-ccid/mbedtls/library
         )
         
+target_compile_options(pico_openpgp PUBLIC
+    -Wall
+    -Werror
+)
+        
 pico_add_extra_outputs(pico_openpgp)
 
 #target_compile_definitions(pico_openpgp PRIVATE MBEDTLS_ECDSA_DETERMINISTIC=1)

README.md

@@ -21,13 +21,20 @@ Pico OpenPGP has implemented the following features:
 - USB/CCID support with OpenSC, openssl, etc.
 - Extended APDU support.
 - Lifecycle card (termination and activation).
+- Press-to-confirm button.
+- User Interaction Flag for enabling/disabling press-to-confirm button.
+- Key Derivation Function (KDF) for PIN.
+- Manage Security Environment (MSE).
+- DEK for internal safe storage.
 
 All these features are compliant with the specification. Therefore, if you detect some behaviour that is not expected or it does not follow the rules of specs, please open an issue.
 
 ### About Gnuk
-This project was inspired by [Gnuk](https://wiki.debian.org/GNUK "Gnuk"), a same project but focused on STM32 processor family. Despite the initial idea was to port Gnuk to the Raspberry Pico family, the underlaying architecture is widely different (although they run on ARM). For instance, the Pico has two ARM cores, with an appropiate SDK able to leverage them. Also, Pico has an internal flash storage, which is farly larger compared to STM32 ROM storage. Finally, the Pico has a complete USB interface based on TinyUSB, which difficults to port Gnuk. These are only few examples of the difficulties of porting Gnuk to the Raspberry Pico.
+This project was inspired by [Gnuk](https://wiki.debian.org/GNUK "Gnuk"), a same project but focused on STM32 processor family. Despite the initial idea was to port Gnuk to the Raspberry Pico family, the underlaying architecture is widely different (although boh run on ARM). For instance, the Pico has two ARM cores, with an appropiate SDK able to leverage them. Also, Pico has an internal flash storage, which is farly larger compared to STM32 ROM storage. Finally, the Pico has a complete USB interface based on TinyUSB, which difficults to port Gnuk. These are only few examples of the difficulties of porting Gnuk to the Raspberry Pico.
 
-As a consequence, Pico OpenPGP is designed from zero. Well, not strictly from zero, as it borrows some of the buffering between USB and CCID interfaces from Gnuk. Cryptographic operations are implemented with MBEDTLS library.
+As a consequence, Pico OpenPGP is designed from zero. Well, not strictly from zero, as it borrows some of the cryptographic operations implemented with MbedTLS library.
+
+Whilst Gnuk is OpenPGP 2.0 with small set of enhancements, Pico OpenPGP aims at being OpenPGP 3.4 compliant, with new features (not present in Gnuk), such as Manage Security Environment (MSE) or UIF.
 
 ## Security considerations
 All secret keys (asymmetric and symmetric) are stored encrypted in the flash memory of the Raspberry Pico. DEK is used as a 256 bit AES key to protect private and secret keys. Keys are never stored in RAM except for signature and decryption operations and only during the process. All keys (including DEK) are loaded and cleared every time to avoid potential security flaws.
@@ -116,6 +123,5 @@ OpenSC relies on PCSC driver, which reads a list (`Info.plist`) that contains a
 ## Credits
 Pico OpenPGP uses the following libraries or portion of code:
 - mbedTLS for cryptographic operations.
-- gnuk for low level CCID procedures support.
 - TinyUSB for low level USB procedures.
 

VERSION

@@ -1 +1 @@
-Version=1.2
+Version=1.4

build_pico_openpgp.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 VERSION_MAJOR="1"
-VERSION_MINOR="2"
+VERSION_MINOR="6"
 
 rm -rf release/*
 cd build_release

patch_vidpid.sh

@@ -17,8 +17,8 @@
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 #
 
-VERSION_MAJOR="1" #Version of Pico CCID Core
+VERSION_MAJOR="2" #Version of Pico CCID Core
-VERSION_MINOR="1"
+VERSION_MINOR="0"
 
 echo "----------------------------"
 echo "VID/PID patcher for Pico OpenPGP"

src/openpgp/files.c

@@ -54,7 +54,7 @@ uint8_t historical_bytes[] = {
 
 uint8_t extended_capabilities[] = {
   10, 0,
-  0x76,				/*
+  0x77,				/*
 				 * No Secure Messaging supported
 				 * GET CHALLENGE supported
 				 * Key import supported
@@ -62,7 +62,7 @@ uint8_t extended_capabilities[] = {
 				 * No private_use_DO
 				 * Algorithm attrs are changable
 				 * ENC/DEC with AES
-				 * No KDF-DO available
+				 * KDF-DO available
 				 */
   0,		  /* Secure Messaging Algorithm: N/A (TDES=0, AES=1) */
   0x00, 128, 		/* Max size of GET CHALLENGE */
@@ -137,9 +137,13 @@ file_t file_entries[] = {
     /* 50 */ { .fid = EF_PB_AUT, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
     /* 51 */ { .fid = EF_PW_PRIV, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
     /* 52 */ { .fid = EF_DEK, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 53 */ { .fid = EF_KDF, .parent = 0, .name = NULL, .type = FILE_TYPE_WORKING_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_R_WP },
+    /* 54 */ { .fid = EF_CH_1, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 55 */ { .fid = EF_CH_2, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
+    /* 56 */ { .fid = EF_CH_3, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_NONE },
     
-    /* 53 */ { .fid = 0x0000, .parent = 0, .name = openpgp_aid, .type = FILE_TYPE_WORKING_EF, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
+    /* 57 */ { .fid = 0x0000, .parent = 0, .name = openpgp_aid, .type = FILE_TYPE_WORKING_EF, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = ACL_RO },
-    /* 54 */ { .fid = 0x0000, .parent = 0xff, .name = NULL, .type = FILE_TYPE_UNKNOWN, .data = NULL, .ef_structure = 0, .acl = ACL_NONE } //end
+    /* 58 */ { .fid = 0x0000, .parent = 0xff, .name = NULL, .type = FILE_TYPE_UNKNOWN, .data = NULL, .ef_structure = 0, .acl = ACL_NONE } //end
 };
 
 const file_t *MF = &file_entries[0];

src/openpgp/files.h

@@ -35,6 +35,9 @@
 #define EF_PB_DEC       0x10d5
 #define EF_PB_AUT       0x10d6
 #define EF_DEK          0x1099
+#define EF_CH_1         0x1f21
+#define EF_CH_2         0x1f22
+#define EF_CH_3         0x1f23
 
 #define EF_EXT_HEADER   0x004d //C
 #define EF_FULL_AID     0x004f //S
@@ -63,10 +66,12 @@
 #define EF_TS_DEC       0x00cf //S
 #define EF_TS_AUT       0x00d0 //S
 #define EF_RESET_CODE   0x00d3 //S
+#define EF_AES_KEY      0x00d5 //S
 #define EF_UIF_SIG      0x00d6 //S
 #define EF_UIF_DEC      0x00d7 //S
 #define EF_UIF_AUT      0x00d8 //S
 #define EF_KEY_INFO     0x00de //S
+#define EF_KDF          0x00f9 //C
 #define EF_ALGO_INFO    0x00fa //C
 #define EF_LANG_PREF    0x5f2d //S
 #define EF_SEX          0x5f35 //S

src/openpgp/version.h

@@ -23,5 +23,10 @@
 #define OPGP_VERSION_MAJOR ((OPGP_VERSION >> 8) & 0xff)
 #define OPGP_VERSION_MINOR (OPGP_VERSION & 0xff)
 
-#endif
 
+#define PIPGP_VERSION 0x0106
+
+#define PIPGP_VERSION_MAJOR ((PIPGP_VERSION >> 8) & 0xff)
+#define PIPGP_VERSION_MINOR (PIPGP_VERSION & 0xff)
+
+#endif