Archives
/
openpgp-card-app
mirror of https://github.com/LedgerHQ/openpgp-card-app
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #85 from LedgerHQ/unified-sdk

Browse Source 
Unified sdk
pull/86/head
cbouvet-ledger 1 year ago committed by GitHub
parent 64662c181f 0106be021f
commit c29e6e2eff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 82 additions and 260 deletions
Show Stats Download Patch File Download Diff File

9
.gitignore vendored
Unescape Escape View File

@ -0,0 +1,9 @@
# Glyphs auto-generated
src/glyphs.*
# Build files
dep
obj
release
bin
debug

55
Makefile
Unescape Escape View File

@ -37,15 +37,15 @@ endif
ifeq ($(TARGET_NAME),TARGET_BLUE)
ICONNAME = images/icon_monero_blue.gif
else ifeq ($(TARGET_NAME),TARGET_NANOX)
ICONNAME = images/icon_pgp_nanox.gif
else
else ifeq ($(TARGET_NAME),TARGET_NANOS)
ICONNAME = images/icon_pgp.gif
else
ICONNAME = images/icon_pgp_nanox.gif
endif
APPVERSION_M:=1
APPVERSION_N:=4
APPVERSION_P:=3
APPVERSION_P:=4
APPVERSION:=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
SPECVERSION:="3.3.1"
@ -57,14 +57,13 @@ DEFINES += SPEC_VERSION=$(SPECVERSION)
DEFINES += GPG_MULTISLOT=$(GPG_MULTISLOT)
#DEFINES += GPG_LOG
ifeq ($(TARGET_NAME),TARGET_NANOX)
DEFINES += UI_NANO_X
DEFINES += GPG_SHAKE256
else ifeq ($(TARGET_NAME),TARGET_BLUE)
ifeq ($(TARGET_NAME),TARGET_BLUE)
DEFINES += UI_BLUE
else
else ifeq ($(TARGET_NAME),TARGET_NANOS)
DEFINES += UI_NANO_S
else
DEFINES += UI_NANO_X
DEFINES += GPG_SHAKE256
endif
@ -114,33 +113,44 @@ DEFINES += APPVERSION=\"$(APPVERSION)\"
DEFINES += HAVE_USB_CLASS_CCID
ifeq ($(NO_CXNG),)
INCLUDES_PATH += $(BOLOS_SDK)/lib_cxng/include
endif
# RSA addition.
DEFINES += HAVE_RSA
INCLUDES_PATH += $(BOLOS_SDK)/lib_cxng/src
SOURCE_PATH += $(BOLOS_SDK)/lib_cxng/src/cx_rsa.c
SOURCE_PATH += $(BOLOS_SDK)/lib_cxng/src/cx_pkcs1.c
SOURCE_PATH += $(BOLOS_SDK)/lib_cxng/src/cx_utils.c
# RSA - End
ifeq ($(TARGET_NAME),TARGET_NANOX)
# DEFINES += HAVE_BLE BLE_COMMAND_TIMEOUT_MS=2000
# DEFINES += HAVE_BLE_APDU # basic ledger apdu transport over BLE
DEFINES += HAVE_BLE BLE_COMMAND_TIMEOUT_MS=2000
DEFINES += HAVE_BLE_APDU # basic ledger apdu transport over BLE
endif
DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
ifeq ($(TARGET_NAME),TARGET_NANOS)
DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=128
else
DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
DEFINES += HAVE_GLO096
DEFINES += HAVE_BAGL BAGL_WIDTH=128 BAGL_HEIGHT=64
DEFINES += HAVE_BAGL_ELLIPSIS # long label truncation feature
DEFINES += HAVE_BAGL_FONT_OPEN_SANS_REGULAR_11PX
DEFINES += HAVE_BAGL_FONT_OPEN_SANS_EXTRABOLD_11PX
DEFINES += HAVE_BAGL_FONT_OPEN_SANS_LIGHT_16PX
DEFINES += HAVE_UX_FLOW
DEFINES += HAVE_BLE BLE_COMMAND_TIMEOUT_MS=2000
DEFINES += HAVE_BLE_APDU # basic ledger apdu transport over BLE
else
DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=128
DEFINES += HAVE_UX_FLOW
endif
# Enabling debug PRINTF
DEBUG = 0
ifneq ($(DEBUG),0)
ifeq ($(TARGET_NAME),TARGET_NANOX)
DEFINES += HAVE_PRINTF PRINTF=mcu_usb_printf
else
ifeq ($(TARGET_NAME),TARGET_NANOS)
DEFINES += HAVE_PRINTF PRINTF=screen_printf
else
DEFINES += HAVE_PRINTF PRINTF=mcu_usb_printf
endif
DEFINES += PLINE="PRINTF(\"FILE:%s..LINE:%d\n\",__FILE__,__LINE__)"
else
@ -185,9 +195,8 @@ include $(BOLOS_SDK)/Makefile.glyphs
### variables processed by the common makefile.rules of the SDK to grab source files and include dirs
APP_SOURCE_PATH += src
SDK_SOURCE_PATH += lib_stusb lib_stusb_impl
#SDK_SOURCE_PATH += lib_u2f
ifeq ($(TARGET_NAME),TARGET_NANOX)
SDK_SOURCE_PATH += lib_ux
ifeq ($(TARGET_NAME),TARGET_NANOX)
SDK_SOURCE_PATH += lib_blewbxx lib_blewbxx_impl
endif

13
Makefile.rules
Unescape Escape View File

@ -16,17 +16,18 @@
#*******************************************************************************
# temporary redef, to ensure wider compliance of the SDK with pre-1.6 apps
ifeq ($(TARGET_NAME),TARGET_NANOX)
ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOX TARGET_NANOS2))
SDK_SOURCE_PATH += lib_bagl
else
SDK_SOURCE_PATH += lib_ux
SDK_SOURCE_PATH += lib_bagl lib_ux
endif
#Make the SDK modified SDK sources prioritar to the original ones
# adding the correct target header to sources
SDK_SOURCE_PATH += target/$(TARGET)/include
SOURCE_PATH += $(dir $(foreach libdir, $(APP_SOURCE_PATH), $(dir $(shell find $(libdir) | grep "\.c$$")))) $(BOLOS_SDK)/src $(foreach libdir, $(SDK_SOURCE_PATH), $(dir $(shell find $(BOLOS_SDK)/$(libdir) | grep "\.c$$")))
SOURCE_FILES := $(foreach path, $(SOURCE_PATH),$(shell find $(path) | grep "\.c$$") ) $(GLYPH_DESTC)
INCLUDES_PATH := $(dir $(foreach libdir, $(APP_SOURCE_PATH), $(dir $(shell find $(libdir) | grep "\.h$$")))) $(dir $(foreach libdir, $(SDK_SOURCE_PATH), $(dir $(shell find $(BOLOS_SDK)/$(libdir) | grep "\.h$$")))) include $(BOLOS_SDK)/include $(BOLOS_SDK)/include/arm
SOURCE_PATH += $(dir $(foreach libdir, $(APP_SOURCE_PATH), $(dir $(shell find $(libdir) -name '*.[csS]')))) $(BOLOS_SDK)/src $(foreach libdir, $(SDK_SOURCE_PATH), $(dir $(shell find $(BOLOS_SDK)/$(libdir) -name '*.[csS]')))
SOURCE_FILES := $(foreach path, $(SOURCE_PATH),$(shell find $(path) -name '*.[csS]') ) $(GLYPH_DESTC)
INCLUDES_PATH += $(dir $(foreach libdir, $(APP_SOURCE_PATH), $(dir $(shell find $(libdir) | grep "\.h$$")))) $(dir $(foreach libdir, $(SDK_SOURCE_PATH), $(dir $(shell find $(BOLOS_SDK)/$(libdir) | grep "\.h$$")))) include $(BOLOS_SDK)/include $(BOLOS_SDK)/include/arm
VPATH := $(dir $(SOURCE_FILES))
OBJECT_FILES := $(sort $(addprefix obj/, $(addsuffix .o, $(basename $(notdir $(SOURCE_FILES))))))

8
src/gpg_api.h
Unescape Escape View File

@ -62,14 +62,6 @@ void gpg_pin_set(gpg_pin_t *pin, unsigned char *pin_val, unsigned int pin_
int gpg_mse_reset();
int gpg_apdu_mse();
#ifdef GPG_SHAKE256
void cx_shake256_init(cx_sha3_t *hash, unsigned int out_length);
void cx_shake256_update(cx_sha3_t *ctx, const uint8_t *data, size_t len);
int cx_shake256_final(cx_sha3_t *hash, uint8_t *digest);
#endif
/* ----------------------------------------------------------------------- */
/* --- IO ---- */
/* ----------------------------------------------------------------------- */

10
src/gpg_gen.c
Unescape Escape View File

@ -53,8 +53,8 @@ void gpg_pso_derive_key_seed(unsigned char *Sn,
cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha256, CX_LAST, h, 2, h, 32);
#ifdef GPG_SHAKE256
cx_shake256_init(&G_gpg_vstate.work.md.sha3, Ski_len);
cx_shake256_update(&G_gpg_vstate.work.md.sha3, h, 32);
cx_shake256_final(&G_gpg_vstate.work.md.sha3, Ski);
cx_sha3_update(&G_gpg_vstate.work.md.sha3, h, 32);
cx_sha3_final(&G_gpg_vstate.work.md.sha3, Ski);
#else
cx_sha3_xof_init(&G_gpg_vstate.work.md.sha3, 256, Ski_len);
cx_hash((cx_hash_t *)&G_gpg_vstate.work.md.sha3, CX_LAST, h, 32, Ski, Ski_len);
@ -132,13 +132,7 @@ int gpg_apdu_gen() {
pkey_size = sizeof(cx_rsa_3072_private_key_t);
break;
case 4096 / 8:
// temporary removal for nano X
#ifdef TARGET_NANOX
THROW(SW_WRONG_DATA);
break;
#else
pkey_size = sizeof(cx_rsa_4096_private_key_t);
#endif
break;
default:
THROW(SW_WRONG_DATA);

2
src/gpg_nvram.c
Unescape Escape View File

@ -19,7 +19,7 @@
#include "gpg_api.h"
#include "gpg_vars.h"
#ifdef TARGET_NANOX
#if defined(TARGET_NANOX) || defined(TARGET_NANOS2)
const gpg_nv_state_t N_state_pic;
#else
gpg_nv_state_t N_state_pic;

4
src/gpg_pso.c
Unescape Escape View File

@ -77,7 +77,7 @@ static int gpg_sign(gpg_key_t *sigkey) {
// --- ECDSA/EdDSA
if ((sigkey->attributes.value[0] == 19) || (sigkey->attributes.value[0] == 22)) {
cx_ecfp_private_key_t *key;
unsigned int sz, i, rs_len;
unsigned int sz, i, rs_len, info;
unsigned char * rs;
key = &sigkey->priv_key.ecfp;
@ -90,7 +90,7 @@ static int gpg_sign(gpg_key_t *sigkey) {
THROW(SW_CONDITIONS_NOT_SATISFIED);
return SW_CONDITIONS_NOT_SATISFIED;
}
sz = cx_ecdsa_sign(key, CX_RND_TRNG, CX_NONE, G_gpg_vstate.work.io_buffer, sz, RS, 256, NULL);
sz = cx_ecdsa_sign(key, CX_RND_TRNG, CX_NONE, G_gpg_vstate.work.io_buffer, sz, RS, 256, &info);
// reencode r,s in MPI format
gpg_io_discard(0);

6
src/gpg_ram.c
Unescape Escape View File

@ -20,7 +20,7 @@
#include "gpg_vars.h"
#include "os_io_seproxyhal.h"
#ifdef TARGET_NANOX
#if defined(TARGET_NANOX) || defined(TARGET_NANOS2)
#include "ux.h"
ux_state_t G_ux;
bolos_ux_params_t G_ux_params;
@ -36,3 +36,7 @@ int apdu_n;
#endif
gpg_v_state_t G_gpg_vstate;
#ifdef HAVE_RSA
union cx_u G_cx;
#endif // HAVE_RSA

208
src/gpg_shake256.c
Unescape Escape View File

@ -1,208 +0,0 @@
#ifdef GPG_SHAKE256
#include "os.h"
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
#define cx_rotr64(x, n) (((x) >> (n)) | ((x) << ((64) - (n))))
#define cx_rotl64(x, n) (((x) << (n)) | ((x) >> ((64) - (n))))
#define cx_shr64(x, n) ((x) >> (n))
// Assume state is a uint64_t array
#define S64(x, y) state[x + 5 * y]
#define ROTL64(x, n) cx_rotl64(x, n)
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
static void cx_sha3_theta(uint64_t state[]) {
uint64_t C[5];
uint64_t D[5];
int i, j;
for (i = 0; i < 5; i++) {
C[i] = S64(i, 0) ^ S64(i, 1) ^ S64(i, 2) ^ S64(i, 3) ^ S64(i, 4);
}
for (i = 0; i < 5; i++) {
D[i] = C[(i + 4) % 5] ^ ROTL64(C[(i + 1) % 5], 1);
for (j = 0; j < 5; j++) {
S64(i, j) ^= D[i];
}
}
}
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
static const int C_cx_pi_table[] = {10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4,
15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1};
static const int C_cx_rho_table[] = {1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14,
27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44};
static void cx_sha3_rho_pi(uint64_t state[]) {
int i, j;
uint64_t A;
uint64_t tmp;
A = state[1];
for (i = 0; i < 24; i++) {
j = C_cx_pi_table[i];
tmp = state[j];
state[j] = ROTL64(A, C_cx_rho_table[i]);
A = tmp;
}
}
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
static void cx_sha3_chi(uint64_t state[]) {
uint64_t C[5];
int i, j;
for (j = 0; j < 5; j++) {
for (i = 0; i < 5; i++) {
C[i] = S64(i, j);
}
for (i = 0; i < 5; i++) {
S64(i, j) ^= (~C[(i + 1) % 5]) & C[(i + 2) % 5];
}
}
}
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
#define _64BITS(h, l) (h##ULL << 32) | (l##ULL)
static const uint64_t C_cx_iota_RC[24] = {
_64BITS(0x00000000, 0x00000001), _64BITS(0x00000000, 0x00008082), _64BITS(0x80000000, 0x0000808A),
_64BITS(0x80000000, 0x80008000), _64BITS(0x00000000, 0x0000808B), _64BITS(0x00000000, 0x80000001),
_64BITS(0x80000000, 0x80008081), _64BITS(0x80000000, 0x00008009), _64BITS(0x00000000, 0x0000008A),
_64BITS(0x00000000, 0x00000088), _64BITS(0x00000000, 0x80008009), _64BITS(0x00000000, 0x8000000A),
_64BITS(0x00000000, 0x8000808B), _64BITS(0x80000000, 0x0000008B), _64BITS(0x80000000, 0x00008089),
_64BITS(0x80000000, 0x00008003), _64BITS(0x80000000, 0x00008002), _64BITS(0x80000000, 0x00000080),
_64BITS(0x00000000, 0x0000800A), _64BITS(0x80000000, 0x8000000A), _64BITS(0x80000000, 0x80008081),
_64BITS(0x80000000, 0x00008080), _64BITS(0x00000000, 0x80000001), _64BITS(0x80000000, 0x80008008)};
static void cx_sha3_iota(uint64_t state[], int round) {
S64(0, 0) ^= C_cx_iota_RC[round];
}
/* ----------------------------------------------------------------------- */
/* */
/* ----------------------------------------------------------------------- */
static void cx_sha3_block(cx_sha3_t *hash) {
uint64_t *block;
uint64_t *acc;
int r, i, n;
block = (uint64_t *)hash->block;
acc = (uint64_t *)hash->acc;
if (hash->block_size > 144) {
n = 21;
} else if (hash->block_size > 136) {
n = 18;
} else if (hash->block_size > 104) {
n = 17;
} else if (hash->block_size > 72) {
n = 13;
} else {
n = 9;
}
for (i = 0; i < n; i++) {
acc[i] ^= block[i];
}
for (r = 0; r < 24; r++) {
cx_sha3_theta(acc);
cx_sha3_rho_pi(acc);
cx_sha3_chi(acc);
cx_sha3_iota(acc, r);
}
}
void cx_shake256_init(cx_sha3_t *hash, unsigned int out_length) {
memset(hash, 0, sizeof(cx_sha3_t));
hash->header.algo = CX_SHAKE256;
hash->output_size = out_length;
hash->block_size = (1600 - 2 * 256) >> 3;
}
void cx_shake256_update(cx_sha3_t *ctx, const uint8_t *data, size_t len) {
unsigned int r;
unsigned int block_size;
unsigned char *block;
unsigned int blen;
block_size = ctx->block_size;
block = ctx->block;
blen = ctx->blen;
ctx->blen = 0;
// --- append input data and process all blocks ---
if ((blen + len) >= block_size) {
r = block_size - blen;
do {
if (ctx->header.counter == CX_HASH_MAX_BLOCK_COUNT) {
THROW(INVALID_PARAMETER);
}
memcpy(block + blen, data, r);
cx_sha3_block(ctx);
blen = 0;
ctx->header.counter++;
data += r;
len -= r;
r = block_size;
} while (len >= block_size);
}
// --- remind rest data---
memcpy(block + blen, data, len);
blen += len;
ctx->blen = blen;
}
int cx_shake256_final(cx_sha3_t *hash, uint8_t *digest) {
unsigned int block_size;
unsigned char *block;
unsigned int blen;
unsigned int len;
block = hash->block;
block_size = hash->block_size;
blen = hash->blen;
// CX_SHA3_XOF
memset(block + blen, 0, (200 - blen));
block[blen] |= 0x1F;
block[block_size - 1] |= 0x80;
cx_sha3_block(hash);
// provide result
len = hash->output_size;
blen = len;
memset(block, 0, 200);
while (blen > block_size) {
memcpy(digest, hash->acc, block_size);
blen -= block_size;
digest += block_size;
cx_sha3_block(hash);
}
memcpy(digest, hash->acc, blen);
return 1;
}
#endif // GPG_SHAKE256

2
src/gpg_types.h
Unescape Escape View File

@ -17,9 +17,7 @@
#define GPG_TYPES_H
#include "os_io_seproxyhal.h"
#ifdef TARGET_NANOX
#include "ux.h"
#endif
/* cannot send more that F0 bytes in CCID, why? do not know for now
* So set up length to F0 minus 2 bytes for SW

8
src/gpg_vars.h
Unescape Escape View File

@ -18,6 +18,7 @@
#include "os.h"
#include "cx.h"
#include "ux.h"
#include "os_io_seproxyhal.h"
#include "gpg_types.h"
#include "gpg_api.h"
@ -33,7 +34,7 @@ extern const unsigned char C_OID_cv25519[10];
extern gpg_v_state_t G_gpg_vstate;
#ifdef TARGET_NANOX
#if defined(TARGET_NANOX) || defined(TARGET_NANOS2)
extern const gpg_nv_state_t N_state_pic;
#define N_gpg_pstate ((volatile gpg_nv_state_t *)PIC(&N_state_pic))
#else
@ -46,4 +47,9 @@ extern int apdu_n;
#endif
extern ux_state_t ux;
#ifdef HAVE_RSA
#include "cx_ram.h"
extern union cx_u G_cx;
#endif // HAVE_RSA
#endif

17
src/sdk/usbd_impl.c
Unescape Escape View File

@ -198,6 +198,23 @@ static uint8_t const USBD_PRODUCT_FS_STRING[] = {
' ', 0,
'X', 0,
};
#elif defined(TARGET_NANOS2)
#ifndef HAVE_LEGACY_PID
#define USBD_PID 0x5000
#else // HAVE_LEGACY_PID
#define USBD_PID 0x0005
#endif // HAVE_LEGACY_PID
static uint8_t const USBD_PRODUCT_FS_STRING[] = {
7*2+2,
USB_DESC_TYPE_STRING,
'N', 0,
'a', 0,
'n', 0,
'o', 0,
' ', 0,
'S', 0,
'P', 0,
};
#else
#error unknown TARGET_ID
#endif

Write Preview
Loading…
Cancel
Save