more changes
This commit is contained in:
NIIBE Yutaka
127
src/gnuk.h
127
src/gnuk.h
@@ -4,12 +4,17 @@ extern void put_byte (uint8_t b);
|
||||
extern void put_byte_with_no_nl (uint8_t b);
|
||||
extern void put_short (uint16_t x);
|
||||
extern void put_string (const char *s);
|
||||
extern void put_binary (const char *s, int len);
|
||||
|
||||
extern void _write (const char *, int);
|
||||
|
||||
extern size_t strlen(const char *s);
|
||||
extern void *memcpy(void *dest, const void *src, size_t n);
|
||||
extern void *memset(void *s, int c, size_t n);
|
||||
extern size_t strlen (const char *s);
|
||||
extern int strncmp(const char *s1, const char *s2, size_t n);
|
||||
extern void *memcpy (void *dest, const void *src, size_t n);
|
||||
extern void *memset (void *s, int c, size_t n);
|
||||
extern void *malloc (size_t size);
|
||||
extern int memcmp (const void *s1, const void *s2, size_t n);
|
||||
extern void free (void *ptr);
|
||||
|
||||
/*
|
||||
* Interface between ICC<-->GPG
|
||||
@@ -21,10 +26,10 @@ extern Thread *gpg_thread;
|
||||
|
||||
#define EV_EXEC_FINISHED (eventmask_t)2 /* GPG Execution finished */
|
||||
|
||||
/* maximum cmd apdu data is key import 22+4+128+128 (head, e, p, q)*/
|
||||
/* maximum cmd apdu data is key import 22+4+128+128 (proc_key_import) */
|
||||
#define MAX_CMD_APDU_SIZE (7+282) /* header + data */
|
||||
|
||||
#define MAX_RES_APDU_SIZE (256+2) /* Data + status */
|
||||
/* maximum res apdu data is public key 5+9+256+2 (gpg_do_public_key) */
|
||||
#define MAX_RES_APDU_SIZE ((5+9+256)+2) /* Data + status */
|
||||
extern uint8_t cmd_APDU[MAX_CMD_APDU_SIZE];
|
||||
extern uint8_t res_APDU[MAX_RES_APDU_SIZE];
|
||||
extern int cmd_APDU_size;
|
||||
@@ -38,9 +43,13 @@ extern int res_APDU_size;
|
||||
#define AC_ALWAYS 0xFF
|
||||
|
||||
extern int ac_check_status (uint8_t ac_flag);
|
||||
extern int verify_pso_cds (uint8_t *pw, int pw_len);
|
||||
extern int verify_pso_other (uint8_t *pw, int pw_len);
|
||||
extern int verify_pso_admin (uint8_t *pw, int pw_len);
|
||||
extern int verify_pso_cds (const uint8_t *pw, int pw_len);
|
||||
extern int verify_pso_other (const uint8_t *pw, int pw_len);
|
||||
extern int verify_admin (const uint8_t *pw, int pw_len);
|
||||
extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known);
|
||||
|
||||
extern void reset_pso_cds (void);
|
||||
|
||||
|
||||
|
||||
extern void write_res_apdu (const uint8_t *p, int len,
|
||||
@@ -48,9 +57,10 @@ extern void write_res_apdu (const uint8_t *p, int len,
|
||||
|
||||
extern int gpg_do_table_init (void);
|
||||
extern void gpg_do_get_data (uint16_t tag);
|
||||
extern void gpg_do_put_data (uint16_t tag, uint8_t *data, int len);
|
||||
extern void gpg_do_put_data (uint16_t tag, const uint8_t *data, int len);
|
||||
extern void gpg_do_public_key (uint8_t kk_byte);
|
||||
|
||||
|
||||
extern uint8_t * flash_do_write (uint16_t tag, uint8_t *data, int len);
|
||||
|
||||
enum kind_of_key {
|
||||
GPG_KEY_FOR_SIGNATURE,
|
||||
@@ -58,27 +68,100 @@ enum kind_of_key {
|
||||
GPG_KEY_FOR_AUTHENTICATION,
|
||||
};
|
||||
|
||||
extern void flash_do_release (const uint8_t *);
|
||||
extern const uint8_t *flash_do_write (uint16_t tag, const uint8_t *data, int len);
|
||||
extern uint8_t *flash_key_alloc (enum kind_of_key);
|
||||
extern void flash_key_release (const uint8_t *);
|
||||
|
||||
#define KEY_MAGIC_LEN 8
|
||||
#define KEY_CONTENT_LEN 256
|
||||
#define KEY_CONTENT_LEN 256 /* p and q */
|
||||
#define GNUK_MAGIC "Gnuk KEY"
|
||||
#define KEYSTORE_LEN (KEY_MAGIC_LEN+4+4+KEY_CONTENT_LEN)
|
||||
#define KEYSTORE_LEN (KEY_MAGIC_LEN+4+4+KEY_CONTENT_LEN*2)
|
||||
|
||||
/* encrypted data content */
|
||||
struct key_data {
|
||||
uint8_t *key_addr;
|
||||
/* encrypted data content */
|
||||
char magic[KEY_MAGIC_LEN];
|
||||
uint32_t random;
|
||||
uint8_t data[KEY_CONTENT_LEN]; /* p and q */
|
||||
uint32_t check;
|
||||
uint8_t data[KEY_CONTENT_LEN];
|
||||
uint32_t random;
|
||||
char magic[KEY_MAGIC_LEN];
|
||||
};
|
||||
|
||||
extern int flash_key_write (uint8_t *key_addr, uint8_t *key_data);
|
||||
#define ADDITIONAL_DATA_SIZE 16
|
||||
#define DATA_ENCRYPTION_KEY_SIZE 16
|
||||
struct prvkey_data {
|
||||
const uint8_t *key_addr;
|
||||
uint8_t crm_encrypted[ADDITIONAL_DATA_SIZE];
|
||||
uint8_t dek_encrypted_1[DATA_ENCRYPTION_KEY_SIZE];
|
||||
uint8_t dek_encrypted_2[DATA_ENCRYPTION_KEY_SIZE];
|
||||
uint8_t dek_encrypted_3[DATA_ENCRYPTION_KEY_SIZE];
|
||||
};
|
||||
|
||||
#define KEYSTRING_LEN 20 /* Use 16-byte for AES encryption */
|
||||
extern uint8_t keystring_pw1[KEYSTRING_LEN];
|
||||
extern uint32_t get_random (void);
|
||||
|
||||
extern int gpg_load_key (enum kind_of_key kk);
|
||||
extern int flash_key_write (uint8_t *key_addr, const uint8_t *key_data, const uint8_t *modulus);
|
||||
|
||||
#define KEYSTRING_PASSLEN_SIZE 1
|
||||
#define KEYSTRING_SALT_SIZE 8 /* optional */
|
||||
#define KEYSTRING_ITER_SIZE 1 /* optional */
|
||||
#define KEYSTRING_MD_SIZE 20
|
||||
#define KEYSTRING_SIZE_PW1 (KEYSTRING_PASSLEN_SIZE+KEYSTRING_MD_SIZE)
|
||||
#define KEYSTRING_SIZE_RC (KEYSTRING_PASSLEN_SIZE+KEYSTRING_MD_SIZE)
|
||||
#define KEYSTRING_SIZE_PW3 (KEYSTRING_PASSLEN_SIZE+KEYSTRING_SALT_SIZE \
|
||||
+KEYSTRING_ITER_SIZE+KEYSTRING_MD_SIZE)
|
||||
|
||||
extern int gpg_do_load_prvkey (enum kind_of_key kk, int who, const uint8_t *keystring);
|
||||
extern int gpg_do_chks_prvkey (enum kind_of_key kk,
|
||||
int who_old, const uint8_t *old_ks,
|
||||
int who_new, const uint8_t *new_ks);
|
||||
|
||||
extern int gpg_change_keystring (int who_old, const uint8_t *old_ks,
|
||||
int who_new, const uint8_t *new_ks);
|
||||
|
||||
extern struct key_data kd;
|
||||
|
||||
#ifdef DEBUG
|
||||
#define DEBUG_INFO(msg) put_string (msg)
|
||||
#define DEBUG_SHORT(h) put_short (h)
|
||||
#define DEBUG_BYTE(b) put_byte (b)
|
||||
#define DEBUG_BINARY(s,len) put_binary ((const char *)s,len)
|
||||
#else
|
||||
#define DEBUG_INFO(msg)
|
||||
#define DEBUG_SHORT(h)
|
||||
#define DEBUG_BYTE(b)
|
||||
#define DEBUG_BINARY(s,len)
|
||||
#endif
|
||||
|
||||
extern int rsa_sign (const uint8_t *, uint8_t *, int);
|
||||
extern const uint8_t *modulus_calc (const uint8_t *, int);
|
||||
extern void modulus_free (const uint8_t *);
|
||||
|
||||
extern int gpg_do_write_privkey (enum kind_of_key kk, const uint8_t *key_data, int key_len);
|
||||
|
||||
extern const uint8_t *gpg_do_read_simple (uint16_t);
|
||||
extern void gpg_do_write_simple (uint16_t, const uint8_t *, int);
|
||||
extern void gpg_do_increment_digital_signature_counter (void);
|
||||
|
||||
#define PW_STATUS_PW1 4
|
||||
#define PW_STATUS_RC 5
|
||||
#define PW_STATUS_PW3 6
|
||||
|
||||
|
||||
extern void gpg_set_pw3 (const uint8_t *newpw, int newpw_len);
|
||||
extern void fatal (void);
|
||||
|
||||
extern uint8_t keystring_md_pw3[KEYSTRING_MD_SIZE];
|
||||
|
||||
#define GNUK_DO_PRVKEY_SIG 0xff01
|
||||
#define GNUK_DO_PRVKEY_DEC 0xff02
|
||||
#define GNUK_DO_PRVKEY_AUT 0xff03
|
||||
#define GNUK_DO_KEYSTRING_PW1 0xff04
|
||||
#define GNUK_DO_KEYSTRING_RC 0xff05
|
||||
#define GNUK_DO_KEYSTRING_PW3 0xff06
|
||||
#define GNUK_DO_PW_STATUS 0xff07
|
||||
#define SIZE_PW_STATUS_BYTES 7
|
||||
|
||||
/* 16-byte random bytes */
|
||||
extern uint8_t *get_data_encryption_key (void);
|
||||
extern void dek_free (uint8_t *);
|
||||
|
||||
extern uint32_t hardclock (void);
|
||||
|
||||
Reference in New Issue
Block a user