port SDK 1.4.2.1

6 years ago · b71d2d02d7
parent 81090d3f23
commit b71d2d02d7
10 changed files with 45 additions and 30 deletions
--- a/6
+++ b/6
@ -15,6 +15,12 @@
 #  limitations under the License.
 #*******************************************************************************

+BOLOS_SDK=/home/cme/Projects/Git/ledger/nanos-secure-sdk-cslashm
+
+
+CLANGPATH=/home/cme/Projects/Git/ledger/compilers/clang+llvm-4.0.0-x86_64-linux-gnu-ubuntu-16.10/bin/
+GCCPATH=/home/cme/Projects/Git/ledger/compilers/gcc-arm-none-eabi-5_3-2016q1/bin/
+

 ifeq ($(BOLOS_SDK),)
 $(error Environment variable BOLOS_SDK is not set)
--- a/doc/user/blue-app-openpgp-card.rst
+++ b/doc/user/blue-app-openpgp-card.rst
@ -1,5 +1,5 @@
 ..
-   Copyright 2017 Cedric Mesnil <cslashm@gmail.com>, Ledger SAS
+   Copyright 2018 Cedric Mesnil <cslashm@gmail.com>, Ledger SAS
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at
--- a/src/gpg_challenge.c
+++ b/src/gpg_challenge.c
@ -44,16 +44,16 @@ int gpg_apdu_get_challenge() {
    chain[0] = 'r'; chain[1]='n'; chain[2] = 'd';

    cx_sha256_init(&G_gpg_vstate.work.md.sha256);    
-    cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, 0, Sr, 32, NULL);
-    cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, 0, chain, 3, NULL);
+    cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, 0, Sr, 32, NULL, 0);
+    cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, 0, chain, 3, NULL, 0);
    hlen=cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, 
                 CX_LAST, G_gpg_vstate.work.io_buffer, G_gpg_vstate.io_length, 
-                 G_gpg_vstate.work.io_buffer);
+                 G_gpg_vstate.work.io_buffer, 32);
    
    cx_sha3_xof_init(&G_gpg_vstate.work.md.sha3, 256, olen);
    cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha3, 
            CX_LAST, G_gpg_vstate.work.io_buffer, hlen, 
-            G_gpg_vstate.work.io_buffer);
+            G_gpg_vstate.work.io_buffer,olen);
  } else {
    cx_rng(G_gpg_vstate.work.io_buffer, olen);
  }
--- a/src/gpg_data.c
+++ b/src/gpg_data.c
@ -67,7 +67,7 @@ int gpg_apdu_get_data(unsigned int ref)  {
    break;
    /* ----------------- Config RSA exponent ----------------- */
  case 0x01F8:
-    gpg_io_insert_u32(N_gpg_pstate->default_RSA_exponent);
+    gpg_io_insert(N_gpg_pstate->default_RSA_exponent,4);
    break;

   /* ----------------- Application ----------------- */
@ -433,7 +433,12 @@ int gpg_apdu_put_data(unsigned int ref) {
      os_memset(pq+ksz, 0, ksz-len_q);
      
      //regenerate RSA private key
-      cx_rsa_generate_pair(ksz<<1, rsa_pub, rsa_priv, e, pq);
+      unsigned char _e[4];
+      _e[0] = e>>24;
+      _e[1] = e>>16;
+      _e[2] = e>>8;
+      _e[3] = e>>0;
+      cx_rsa_generate_pair(ksz<<1, rsa_pub, rsa_priv, _e, 4, pq);

      //write keys
      nvm_write(&keygpg->pub_key.rsa, rsa_pub->e, 4);
--- a/src/gpg_gen.c
+++ b/src/gpg_gen.c
@ -46,12 +46,12 @@ static void gpg_pso_derive_key_seed(unsigned char *Sn, unsigned char* key_name,
  h[1] = idx;

  cx_sha256_init(&G_gpg_vstate.work.md.sha256);
-  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, 0,       Sn,      32, NULL);
-  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, 0,       (unsigned char *)key_name, 4, NULL);
-  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, CX_LAST, h   , 2, h);
+  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, 0,       Sn,      32, NULL, 0);
+  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, 0,       (unsigned char *)key_name, 4, NULL, 0);
+  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha256, CX_LAST, h   , 2, h,32);

  cx_sha3_xof_init(&G_gpg_vstate.work.md.sha3, 256, Ski_len);
-  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha3, CX_LAST, h, 32, Ski);
+  cx_hash((cx_hash_t*)&G_gpg_vstate.work.md.sha3, CX_LAST, h, 32, Ski, Ski_len);
 }


@ -153,8 +153,7 @@ int gpg_apdu_gen() {
        cx_math_next_prime(pq+size,size);
      }

-
-      cx_rsa_generate_pair(ksz, rsa_pub, rsa_priv, N_gpg_pstate->default_RSA_exponent, pq);
+      cx_rsa_generate_pair(ksz, rsa_pub, rsa_priv, N_gpg_pstate->default_RSA_exponent, 4, pq);

      nvm_write(pkey, rsa_priv, pkey_size);
      nvm_write(&keygpg->pub_key.rsa[0], rsa_pub->e, 4);
@ -262,7 +261,7 @@ int gpg_apdu_gen() {
      curve = gpg_oid2curve(keygpg->attributes.value+1, keygpg->attributes.length-1);
      if (curve == CX_CURVE_Ed25519) {
        os_memmove(G_gpg_vstate.work.io_buffer+128, keygpg->pub_key.ecfp256.W,keygpg->pub_key.ecfp256.W_len);
-        cx_edward_compress_point(CX_CURVE_Ed25519, G_gpg_vstate.work.io_buffer+128);
+        cx_edward_compress_point(CX_CURVE_Ed25519, G_gpg_vstate.work.io_buffer+128, 65);
        gpg_io_insert_tlv(0x86, 32, G_gpg_vstate.work.io_buffer+129); //129: discard 02
      } else if (curve == CX_CURVE_Curve25519) {
        unsigned int i,len;
--- a/src/gpg_init.c
+++ b/src/gpg_init.c
@ -283,8 +283,12 @@ int gpg_install(unsigned char app_state) {
    gpg_nvm_write(&N_gpg_pstate->config_slot, G_gpg_vstate.work.io_buffer, 3);
    
    //config rsa pub
-    l = GPG_RSA_DEFAULT_PUB;
-    nvm_write(&N_gpg_pstate->default_RSA_exponent, &l, sizeof(unsigned int));
+    #define GPG_RSA_DEFAULT_PUB 0x00010001
+    G_gpg_vstate.work.io_buffer[0] = (GPG_RSA_DEFAULT_PUB>>24)&0xFF;
+    G_gpg_vstate.work.io_buffer[1] = (GPG_RSA_DEFAULT_PUB>>16)&0xFF;
+    G_gpg_vstate.work.io_buffer[2] = (GPG_RSA_DEFAULT_PUB>>8)&0xFF; 
+    G_gpg_vstate.work.io_buffer[3] = (GPG_RSA_DEFAULT_PUB>>0)&0xFF;
+    nvm_write(&N_gpg_pstate->default_RSA_exponent, G_gpg_vstate.work.io_buffer, 4);
    
    //config pin
    #if 1
@ -300,7 +304,7 @@ int gpg_install(unsigned char app_state) {
    //default key template: RSA 2048)
    
    for (int s = 0; s< GPG_KEYS_SLOTS; s++) {
-#if 1
+#if 0
      l = sizeof(C_default_AlgoAttrRSA);
      gpg_nvm_write(&N_gpg_pstate->keys[s].sig.attributes.value, (void*)C_default_AlgoAttrRSA, l);
      gpg_nvm_write(&N_gpg_pstate->keys[s].sig.attributes.length, &l, sizeof(unsigned int));
--- a/src/gpg_pin.c
+++ b/src/gpg_pin.c
@ -63,7 +63,7 @@ static int gpg_pin_check_internal(gpg_pin_t *pin,  unsigned char *pin_val, int p
  counter = pin->counter-1;
  gpg_nvm_write(&(pin->counter), &counter, sizeof(int));
  cx_sha256_init(&sha256);
-  cx_hash((cx_hash_t*)&sha256, CX_LAST, pin_val, pin_len, NULL);
+  cx_hash((cx_hash_t*)&sha256, CX_LAST, pin_val, pin_len, NULL, 0);
  if (os_memcmp(sha256.acc, pin->value, 32)) {
    return SW_SECURITY_STATUS_NOT_SATISFIED;
  }
@ -103,7 +103,7 @@ void gpg_pin_set(gpg_pin_t *pin, unsigned char *pin_val, unsigned int pin_len) {
  gpg_pin_t newpin;

  cx_sha256_init(&sha256);
-  cx_hash((cx_hash_t*)&sha256, CX_LAST, pin_val, pin_len, newpin.value);
+  cx_hash((cx_hash_t*)&sha256, CX_LAST, pin_val, pin_len, newpin.value, 32);
  newpin.length = pin_len;
  newpin.counter = 3;

--- a/src/gpg_pso.c
+++ b/src/gpg_pso.c
@ -93,11 +93,12 @@ static int gpg_sign(gpg_key_t *sigkey) {
      }
      //sign
      if (sigkey->attributes.value[0] == 19) {
+
        sz = cx_ecdsa_sign(key,
                           CX_RND_TRNG,
                           CX_NONE,
-                           G_gpg_vstate.work.io_buffer, G_gpg_vstate.io_length,
-                           G_gpg_vstate.work.io_buffer,
+                           G_gpg_vstate.work.io_buffer, 32/*G_gpg_vstate.io_length*/,
+                           G_gpg_vstate.work.io_buffer, GPG_IO_BUFFER_LENGTH,
                           NULL);
        //reencode r,s in MPI format
        gpg_io_discard(0);
@ -121,7 +122,7 @@ static int gpg_sign(gpg_key_t *sigkey) {
                           CX_NONE,
                           CX_SHA512, G_gpg_vstate.work.io_buffer, G_gpg_vstate.io_length,
                           NULL, 0,
-                           G_gpg_vstate.work.io_buffer+128,
+                           G_gpg_vstate.work.io_buffer+128, GPG_IO_BUFFER_LENGTH-128,
                           NULL);
        gpg_io_discard(0);
        gpg_io_insert(G_gpg_vstate.work.io_buffer+128, sz);
@ -162,7 +163,7 @@ int gpg_apdu_pso(unsigned int pso) {
    sz = cx_aes(key,
                CX_ENCRYPT|CX_CHAIN_CBC|CX_LAST,
                G_gpg_vstate.work.io_buffer+G_gpg_vstate.io_offset, msg_len,
-                G_gpg_vstate.work.io_buffer+1);
+                G_gpg_vstate.work.io_buffer+1, GPG_IO_BUFFER_LENGTH-1);
    //send
    gpg_io_discard(0);
    G_gpg_vstate.work.io_buffer[0] = 0x02;
@ -232,7 +233,7 @@ int gpg_apdu_pso(unsigned int pso) {
      sz = cx_aes(key,
                  CX_DECRYPT|CX_CHAIN_CBC|CX_LAST,
                  G_gpg_vstate.work.io_buffer+G_gpg_vstate.io_offset, msg_len,
-                  G_gpg_vstate.work.io_buffer);
+                  G_gpg_vstate.work.io_buffer, GPG_IO_BUFFER_LENGTH);
      //send
      gpg_io_discard(0);
      gpg_io_inserted(sz);
@ -275,8 +276,8 @@ int gpg_apdu_pso(unsigned int pso) {
        G_gpg_vstate.work.io_buffer[511] = 0x02;
        sz = cx_ecdh(key,
                    CX_ECDH_X,
-                    G_gpg_vstate.work.io_buffer+511,
-                    G_gpg_vstate.work.io_buffer+256);
+                    G_gpg_vstate.work.io_buffer+511, 65, 
+                    G_gpg_vstate.work.io_buffer+256, 160);
        for (i = 0; i <=31; i++) { 
          G_gpg_vstate.work.io_buffer[128+i] = G_gpg_vstate.work.io_buffer[287-i];
        }
@ -284,8 +285,8 @@ int gpg_apdu_pso(unsigned int pso) {
      } else {
        sz = cx_ecdh(key,
                    CX_ECDH_X,
-                    G_gpg_vstate.work.io_buffer+G_gpg_vstate.io_offset,
-                    G_gpg_vstate.work.io_buffer+128);
+                    G_gpg_vstate.work.io_buffer+G_gpg_vstate.io_offset, 65,
+                    G_gpg_vstate.work.io_buffer+128, 160);
      }
      //send
      gpg_io_discard(0);
--- a/src/gpg_types.h
+++ b/src/gpg_types.h
@ -116,7 +116,7 @@ struct gpg_nv_state_s {
  /* 01F1 (01F2 is volatile)*/
  unsigned char config_slot[3];
  /* RSA exponent */
-  unsigned int default_RSA_exponent;
+  unsigned char default_RSA_exponent[4];

  /*  0101 0102 0103 0104 */
  LV(private_DO1, GPG_EXT_PRIVATE_DO_LENGTH);
--- a/src/lib_stusb_impl/usbd_impl.c
+++ b/src/lib_stusb_impl/usbd_impl.c
@ -322,7 +322,7 @@ static __ALIGN_BEGIN const uint8_t const N_USBD_CfgDesc[] __ALIGN_END =
 #ifdef HAVE_IO_U2F
  /* HID FIDO ################################################################################################ */

-  /************** Descriptor of KBD HID interface ****************/
+  /************** Descriptor of HID FIDO interface ****************/
  0x09,         /*bLength: Interface Descriptor size*/
  USB_DESC_TYPE_INTERFACE,/*bDescriptorType: Interface descriptor type*/
  U2F_INTF,         /*bInterfaceNumber: Number of Interface*/