Upgrade to v4.2

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

.github/workflows/nightly.yml

@@ -34,7 +34,7 @@ jobs:
       - name: Delete private key
         run: rm private.pem
       - name: Update nightly release
-        uses: pyTooling/Actions/releaser@main
+        uses: pyTooling/Actions/releaser@v6.7.0
         with:
           tag: nightly-${{ matrix.refs }}
           rm: true

build_pico_openpgp.sh

@@ -1,48 +1,25 @@
 #!/bin/bash
 
 VERSION_MAJOR="4"
-VERSION_MINOR="0"
+VERSION_MINOR="2"
-NO_EDDSA=0
 SUFFIX="${VERSION_MAJOR}.${VERSION_MINOR}"
 #if ! [[ -z "${GITHUB_SHA}" ]]; then
 #    SUFFIX="${SUFFIX}.${GITHUB_SHA}"
 #fi
 
-if [[ $1 == "--no-eddsa" ]]; then
-    NO_EDDSA=1
-    echo "Skipping EDDSA build"
-fi
-
 mkdir -p build_release
 mkdir -p release
-mkdir -p release_eddsa
 rm -rf -- release/*
-if [[ $NO_EDDSA -eq 0 ]]; then
-    rm -rf -- release_eddsa/*
-fi
 cd build_release
 
 PICO_SDK_PATH="${PICO_SDK_PATH:-../../pico-sdk}"
 SECURE_BOOT_PKEY="${SECURE_BOOT_PKEY:-../../ec_private_key.pem}"
-board_dir=${PICO_SDK_PATH}/src/boards/include/boards
+boards=("pico" "pico2")
-for board in "$board_dir"/*
+
+for board_name in "${boards[@]}"
 do
-    board_name="$(basename -- "$board" .h)"
     rm -rf -- ./*
     PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name -DSECURE_BOOT_PKEY=${SECURE_BOOT_PKEY}
     make -j`nproc`
     mv pico_openpgp.uf2 ../release/pico_openpgp_$board_name-$SUFFIX.uf2
 done
-
-# Build with EDDSA
-
-if [[ $NO_EDDSA -eq 0 ]]; then
-    for board in "$board_dir"/*
-    do
-        board_name="$(basename -- "$board" .h)"
-        rm -rf -- ./*
-        PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name -DSECURE_BOOT_PKEY=${SECURE_BOOT_PKEY} -DENABLE_EDDSA=1
-        make -j`nproc`
-        mv pico_openpgp.uf2 ../release_eddsa/pico_openpgp_$board_name-$SUFFIX-eddsa1.uf2
-    done
-fi

src/openpgp/cmd_get_data.c

@@ -18,6 +18,8 @@
 #include "openpgp.h"
 #include "asn1.h"
 
+extern bool is_gpg;
+
 int cmd_get_data() {
     if (apdu.nc > 0) {
         return SW_WRONG_LENGTH();
@@ -37,6 +39,9 @@ int cmd_get_data() {
         select_file(ef);
     }
     if (ef->data) {
+        if (fid == EF_PW_STATUS || fid == EF_HIST_BYTES || fid == EF_FULL_AID || fid == EF_SEC_TPL) {
+            is_gpg = true;
+        }
         uint16_t fids[] = { 1, fid };
         uint16_t data_len = parse_do(fids, 1);
         uint8_t *p = NULL;
@@ -58,7 +63,41 @@ int cmd_get_data() {
                 res_APDU_size -= dec;
             }
         }
-        //if (apdu.ne > data_len)
+        if (is_gpg == false) {
+            uint8_t off = 2;
+            if (P1(apdu) > 0x0) {
+                off++;
+            }
+            if (data_len >= 128) {
+                off++;
+            }
+            if (data_len >= 256) {
+                off++;
+            }
+            memmove(res_APDU + off, res_APDU, data_len);
+            off = 0;
+            if (P1(apdu) > 0x0) {
+                res_APDU[off++] = P1(apdu);
+                res_APDU[off++] = P2(apdu);
+            }
+            else {
+                res_APDU[off++] = P2(apdu);
+            }
+            if (data_len >= 256) {
+                res_APDU[off++] = 0x82;
+                res_APDU[off++] = (data_len >> 8) & 0xff;
+                res_APDU[off++] = data_len & 0xff;
+            }
+            else if (data_len >= 128) {
+                res_APDU[off++] = 0x81;
+                res_APDU[off++] = data_len;
+            }
+            else {
+                res_APDU[off++] = data_len;
+            }
+            res_APDU_size += off;
+        }
+        // if (apdu.ne > data_len)
         //     apdu.ne = data_len;
     }
     return SW_OK();

src/openpgp/management.c

@@ -22,6 +22,8 @@
 #include "asn1.h"
 #include "management.h"
 
+bool is_gpg = true;
+
 int man_process_apdu();
 int man_unload();
 
@@ -39,6 +41,7 @@ int man_select(app_t *a, uint8_t force) {
     res_APDU_size = strlen((char *) res_APDU);
     apdu.ne = res_APDU_size;
     init_piv();
+    is_gpg = false;
     return PICOKEY_OK;
 }
 

src/openpgp/version.h

@@ -29,7 +29,7 @@
 #define PIV_VERSION_MINOR (PIV_VERSION & 0xff)
 
 
-#define PIPGP_VERSION 0x0400
+#define PIPGP_VERSION 0x0402
 
 #define PIPGP_VERSION_MAJOR ((PIPGP_VERSION >> 8) & 0xff)
 #define PIPGP_VERSION_MINOR (PIPGP_VERSION & 0xff)