Clean magic numbers with define constants

src/gpg_data.c

@@ -111,7 +111,7 @@ int gpg_apdu_get_data(unsigned int ref) {
 
             /* ----------------- aid, histo, ext_length, ... ----------------- */
         case 0x6E:
-            gpg_io_insert_tlv(0x4F, 16, (const unsigned char *) N_gpg_pstate->AID);
+            gpg_io_insert_tlv(0x4F, AID_LENGTH, (const unsigned char *) N_gpg_pstate->AID);
             memmove(G_gpg_vstate.work.io_buffer + G_gpg_vstate.io_offset - 6,
                     G_gpg_vstate.kslot->serial,
                     4);
@@ -743,7 +743,7 @@ int gpg_apdu_put_data(unsigned int ref) {
                                               G_gpg_vstate.io_length,
                                               &aes_key));
             nvm_write((void *) &N_gpg_pstate->SM_enc, &aes_key, sizeof(cx_aes_key_t));
-            CX_CHECK(cx_aes_init_key_no_throw(G_gpg_vstate.work.io_buffer + 16,
+            CX_CHECK(cx_aes_init_key_no_throw(G_gpg_vstate.work.io_buffer + CX_AES_128_KEY_LEN,
                                               G_gpg_vstate.io_length,
                                               &aes_key));
             nvm_write((void *) &N_gpg_pstate->SM_mac, &aes_key, sizeof(cx_aes_key_t));
@@ -809,11 +809,11 @@ static int gpg_init_keyenc(cx_aes_key_t *keyenc) {
     if (sw != SW_OK) {
         return sw;
     }
-    sw = gpg_pso_derive_key_seed(seed, (unsigned char *) PIC("key "), 1, seed, 16);
+    sw = gpg_pso_derive_key_seed(seed, (unsigned char *) PIC("key "), 1, seed, CX_AES_BLOCK_SIZE);
     if (sw != SW_OK) {
         return sw;
     }
-    CX_CHECK(cx_aes_init_key_no_throw(seed, 16, keyenc));
+    CX_CHECK(cx_aes_init_key_no_throw(seed, CX_AES_BLOCK_SIZE, keyenc));
 
 end:
     if (error != CX_OK) {

src/gpg_dispatch.c

@@ -242,7 +242,7 @@ int gpg_dispatch() {
 #ifdef GPG_LOG
         case INS_GET_LOG:
             gpg_io_discard(1);
-            gpg_io_insert(G_gpg_vstate.log_buffer, 32);
+            gpg_io_insert(G_gpg_vstate.log_buffer, sizeof(G_gpg_vstate.log_buffer));
             return SW_OK;
 #endif
 

src/gpg_io.c

@@ -242,7 +242,7 @@ void gpg_io_do(unsigned int io_flags) {
             memmove(G_io_apdu_buffer, G_gpg_vstate.work.io_buffer + G_gpg_vstate.io_offset, tx);
             G_gpg_vstate.io_length -= tx;
             G_gpg_vstate.io_offset += tx;
-            G_io_apdu_buffer[tx] = 0x61;
+            G_io_apdu_buffer[tx] = (SW_CORRECT_BYTES_AVAILABLE >> 8) & 0xFF;
             if (G_gpg_vstate.io_length > MAX_OUT - 2) {
                 xx = MAX_OUT - 2;
             } else {

src/gpg_pso.c

@@ -225,7 +225,7 @@ int gpg_apdu_pso() {
             unsigned int msg_len;
             cx_aes_key_t *key = NULL;
             key = &G_gpg_vstate.kslot->AES_dec;
-            if (!(key->size != 16)) {
+            if (!(key->size != CX_AES_128_KEY_LEN)) {
                 return SW_CONDITIONS_NOT_SATISFIED;
             }
             msg_len = G_gpg_vstate.io_length - G_gpg_vstate.io_offset;
@@ -238,7 +238,7 @@ int gpg_apdu_pso() {
                                      &ksz));
             // send
             gpg_io_discard(0);
-            G_gpg_vstate.work.io_buffer[0] = 0x02;
+            G_gpg_vstate.work.io_buffer[0] = PAD_AES;
             gpg_io_inserted(1 + ksz);
             return SW_OK;
         }
@@ -251,7 +251,7 @@ int gpg_apdu_pso() {
 
             switch (pad_byte) {
                 // --- PSO:DEC:RSA
-                case 0x00: {
+                case PAD_RSA: {
                     cx_rsa_private_key_t *key = NULL;
                     if (G_gpg_vstate.mse_dec->attributes.value[0] != KEY_ID_RSA) {
                         return SW_CONDITIONS_NOT_SATISFIED;
@@ -291,10 +291,10 @@ int gpg_apdu_pso() {
                 }
 
                 // --- PSO:DEC:AES
-                case 0x02: {
+                case PAD_AES: {
                     cx_aes_key_t *key;
                     key = &G_gpg_vstate.kslot->AES_dec;
-                    if (!(key->size != 16)) {
+                    if (!(key->size != CX_AES_128_KEY_LEN)) {
                         return SW_CONDITIONS_NOT_SATISFIED;
                     }
                     msg_len = G_gpg_vstate.io_length - G_gpg_vstate.io_offset;
@@ -312,7 +312,7 @@ int gpg_apdu_pso() {
                 }
 
                 // --- PSO:DEC:ECDH
-                case 0xA6: {
+                case PAD_ECDH: {
                     cx_ecfp_private_key_t *key;
                     unsigned int curve;
 

src/gpg_types.h

@@ -41,6 +41,7 @@
 #define GPG_MIN_PW1_LENGTH 6
 #define GPG_MIN_PW3_LENGTH 8
 
+#define AID_LENGTH         16
 #define HISTO_LENGTH       15
 #define HISTO_OFFSET_STATE 12  // 3rd byte from last (buffer size is 15)
 #ifdef TARGET_NANOS
@@ -53,6 +54,10 @@
 
 #define GPG_RSA_DEFAULT_PUB 0x00010001U
 
+#ifndef CX_AES_128_KEY_LEN
+#define CX_AES_128_KEY_LEN CX_AES_BLOCK_SIZE
+#endif
+
 /* ---  Keys IDs  --- */
 // https://www.rfc-editor.org/rfc/rfc4880#section-9.1
 #define KEY_ID_RSA   1   // RSA (Encrypt or Sign)
@@ -160,7 +165,7 @@ struct gpg_nv_state_s {
 
     /* -- Application  Related Data -- */
     /*  4F */
-    unsigned char AID[16];
+    unsigned char AID[AID_LENGTH];
     /*  5F52 */
     unsigned char histo[HISTO_LENGTH];
 
@@ -292,7 +297,7 @@ struct gpg_v_state_s {
 #endif
 
 #ifdef GPG_LOG
-    unsigned char log_buffer[32];
+    unsigned char log_buffer[256];
 #endif
 };
 typedef struct gpg_v_state_s gpg_v_state_t;
@@ -367,6 +372,7 @@ typedef struct gpg_v_state_s gpg_v_state_t;
 #define SW_INS_NOT_SUPPORTED             0x6d00
 #define SW_CLA_NOT_SUPPORTED             0x6e00
 #define SW_UNKNOWN                       0x6f00
+#define SW_CORRECT_BYTES_AVAILABLE       0x6100
 #define SW_OK                            0x9000
 
 /* ---  P1/P2 constants  --- */
@@ -394,4 +400,9 @@ typedef struct gpg_v_state_s gpg_v_state_t;
 #define KEY_AUT 0xa4
 #define KEY_NB  3
 
+/* ---  Padding indicators  --- */
+#define PAD_RSA  0x00
+#define PAD_AES  0x02
+#define PAD_ECDH 0xa6
+
 #endif