Merge pull request #102 from LedgerHQ/cev/fix_curves

Fix curves
This commit is contained in:
Charles-Edouard de la Vergne 2024-03-14 16:24:51 +01:00 committed by GitHub
commit 400ff19c6d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
25 changed files with 50 additions and 14 deletions

View File

@ -30,7 +30,7 @@ APPNAME = OpenPGP
# Application version
APPVERSION_M = 2
APPVERSION_N = 2
APPVERSION_P = 0
APPVERSION_P = 1
APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"
SPECVERSION:="3.3.1"

View File

@ -321,15 +321,12 @@ int gpg_apdu_pso() {
}
key = &G_gpg_vstate.mse_dec->priv_key.ecfp;
gpg_io_fetch_l(&l);
if (l != 37) {
gpg_io_fetch_tl(&t, &l);
if (t != 0x7f49) {
return SW_WRONG_DATA;
}
gpg_io_fetch_tl(&t, &l);
if ((t != 0x7f49) || (l != 34)) {
return SW_WRONG_DATA;
}
gpg_io_fetch_tl(&t, &l);
if ((t != 0x86) || (l != 32)) {
if (t != 0x86) {
return SW_WRONG_DATA;
}

View File

@ -29,6 +29,7 @@
#define LABEL_RSA2048 "RSA 2048"
#define LABEL_RSA3072 "RSA 3072"
#define LABEL_RSA4096 "RSA 4096"
#define LABEL_SECP256K1 "SECP 256K1"
#define LABEL_SECP256R1 "SECP 256R1"
#define LABEL_Ed25519 "Ed25519"

View File

@ -535,6 +535,7 @@ const ux_menu_entry_t ui_menu_tmpl_type[] = {
#ifdef WITH_SUPPORT_RSA4096
{NULL, ui_menu_tmpl_type_action, 4096, NULL, LABEL_RSA4096, NULL, 0, 0},
#endif
{NULL, ui_menu_tmpl_type_action, CX_CURVE_SECP256K1, NULL, LABEL_SECP256K1, NULL, 0, 0},
{NULL, ui_menu_tmpl_type_action, CX_CURVE_SECP256R1, NULL, LABEL_SECP256R1, NULL, 0, 0},
{NULL, ui_menu_tmpl_type_action, CX_CURVE_Ed25519, NULL, LABEL_Ed25519, NULL, 0, 0},
{ui_menu_template, NULL, 0, &C_icon_back, "Back", NULL, 61, 40},
@ -573,6 +574,9 @@ const bagl_element_t *ui_menu_template_predisplay(const ux_menu_entry_t *entry,
snprintf(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu), " %s", LABEL_RSA4096);
break;
#endif
case CX_CURVE_SECP256K1:
snprintf(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu), " %s", LABEL_SECP256K1);
break;
case CX_CURVE_SECP256R1:
snprintf(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu), " %s", LABEL_SECP256R1);
break;
@ -615,6 +619,7 @@ void ui_menu_tmpl_set_action(unsigned int value) {
attributes.length = 6;
break;
case CX_CURVE_SECP256K1:
case CX_CURVE_SECP256R1:
if (G_gpg_vstate.ux_key == 2) {
attributes.value[0] = KEY_ID_ECDH;

View File

@ -473,6 +473,7 @@ const char *const tmpl_type_getter_values[] = {LABEL_RSA2048,
#ifdef WITH_SUPPORT_RSA4096
LABEL_RSA4096,
#endif
LABEL_SECP256K1,
LABEL_SECP256R1,
LABEL_Ed25519};
@ -481,6 +482,7 @@ const unsigned int tmpl_type_getter_values_map[] = {2048,
#ifdef WITH_SUPPORT_RSA4096
4096,
#endif
CX_CURVE_SECP256K1,
CX_CURVE_SECP256R1,
CX_CURVE_Ed25519};
@ -572,6 +574,9 @@ void ui_menu_template_predisplay() {
snprintf(KEY_TYPE, sizeof(KEY_TYPE), " %s", LABEL_RSA4096);
break;
#endif
case CX_CURVE_SECP256K1:
snprintf(KEY_TYPE, sizeof(KEY_TYPE), " %s", LABEL_SECP256K1);
break;
case CX_CURVE_SECP256R1:
snprintf(KEY_TYPE, sizeof(KEY_TYPE), " %s", LABEL_SECP256R1);
break;
@ -610,6 +615,7 @@ void ui_menu_tmpl_set_action(unsigned int value) {
attributes.length = 6;
break;
case CX_CURVE_SECP256K1:
case CX_CURVE_SECP256R1:
oid = gpg_curve2oid(G_gpg_vstate.ux_type, &oid_len);
if (oid == NULL) {

View File

@ -207,6 +207,7 @@ enum {
#ifdef WITH_SUPPORT_RSA4096
TOKEN_TYPE_RSA4096,
#endif
TOKEN_TYPE_SECP256K1,
TOKEN_TYPE_SECP256R1,
TOKEN_TYPE_Ed25519,
TOKEN_TYPE_BACK
@ -217,12 +218,12 @@ static const char* const keyTypeTexts[] = {LABEL_RSA2048,
#ifdef WITH_SUPPORT_RSA4096
LABEL_RSA4096,
#endif
LABEL_SECP256K1,
LABEL_SECP256R1,
LABEL_Ed25519};
static uint32_t _getKeyType(const uint8_t key) {
uint8_t* attributes = NULL;
uint32_t tag = 0;
uint32_t token = 0;
switch (key) {
@ -241,8 +242,7 @@ static uint32_t _getKeyType(const uint8_t key) {
}
switch (attributes[0]) {
case KEY_ID_RSA:
tag = U2BE(attributes, 1);
switch (tag) {
switch (U2BE(attributes, 1)) {
case 2048:
token = TOKEN_TYPE_RSA2048;
break;
@ -257,18 +257,31 @@ static uint32_t _getKeyType(const uint8_t key) {
}
break;
case KEY_ID_ECDH:
tag = attributes[1];
switch (tag) {
switch (attributes[1]) {
case 0x2A:
token = TOKEN_TYPE_SECP256R1;
break;
case 0x2B:
token = TOKEN_TYPE_Ed25519;
switch (attributes[2]) {
case 0x06:
token = TOKEN_TYPE_Ed25519;
break;
case 0x81:
token = TOKEN_TYPE_SECP256K1;
break;
}
break;
}
break;
case KEY_ID_ECDSA:
token = TOKEN_TYPE_SECP256R1;
switch (attributes[1]) {
case 0x2A:
token = TOKEN_TYPE_SECP256R1;
break;
case 0x2B:
token = TOKEN_TYPE_SECP256K1;
break;
}
break;
case KEY_ID_EDDSA:
token = TOKEN_TYPE_Ed25519;
@ -315,6 +328,17 @@ static void template_key_cb(int token, uint8_t index) {
oid_len = 6;
break;
case TOKEN_TYPE_SECP256K1:
if (G_gpg_vstate.ux_key == TOKEN_TEMPLATE_DEC) {
attributes.value[0] = KEY_ID_ECDH;
} else {
attributes.value[0] = KEY_ID_ECDSA;
}
oid = gpg_curve2oid(CX_CURVE_SECP256K1, &oid_len);
memmove(attributes.value + 1, oid, oid_len);
attributes.length = 1 + oid_len;
break;
case TOKEN_TYPE_SECP256R1:
if (G_gpg_vstate.ux_key == TOKEN_TEMPLATE_DEC) {
attributes.value[0] = KEY_ID_ECDH;
@ -409,6 +433,9 @@ static void ui_settings_template(void) {
bar.subText = PIC(LABEL_RSA4096);
break;
#endif
case TOKEN_TYPE_SECP256K1:
bar.subText = PIC(LABEL_SECP256K1);
break;
case TOKEN_TYPE_SECP256R1:
bar.subText = PIC(LABEL_SECP256R1);
break;

Binary file not shown.

Before

Width:  |  Height:  |  Size: 401 B

After

Width:  |  Height:  |  Size: 410 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 417 B

After

Width:  |  Height:  |  Size: 421 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 321 B

After

Width:  |  Height:  |  Size: 411 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 415 B

After

Width:  |  Height:  |  Size: 440 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 415 B

After

Width:  |  Height:  |  Size: 440 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 475 B

After

Width:  |  Height:  |  Size: 481 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 604 B

After

Width:  |  Height:  |  Size: 584 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 601 B

After

Width:  |  Height:  |  Size: 669 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 484 B

After

Width:  |  Height:  |  Size: 619 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 376 B

After

Width:  |  Height:  |  Size: 408 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 376 B

After

Width:  |  Height:  |  Size: 408 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 475 B

After

Width:  |  Height:  |  Size: 481 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 604 B

After

Width:  |  Height:  |  Size: 584 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 601 B

After

Width:  |  Height:  |  Size: 669 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 484 B

After

Width:  |  Height:  |  Size: 619 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 376 B

After

Width:  |  Height:  |  Size: 408 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 376 B

After

Width:  |  Height:  |  Size: 408 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 9.4 KiB

After

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

After

Width:  |  Height:  |  Size: 12 KiB