diff --git a/ChangeLog b/ChangeLog index 924b57d..d22871f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,20 @@ +2014-11-20 Niibe Yutaka + + * src/gnuk.h (NR_NONE, NR_DO__FIRST__): Remove. + (NR_DO_*): Redefine. + (NR_KEY_ALGO_ATTR_SIG, NR_KEY_ALGO_ATTR_DEC) + (NR_KEY_ALGO_ATTR_AUT): New. + + * src/openpgp-do.c (gpg_do_load_prvkey, gpg_do_delete_prvkey) + (gpg_do_write_prvkey, gpg_do_chks_prvkey, gpg_data_scan) + (gpg_data_copy, gpg_do_read_simple) + (gpg_do_write_simple): Don't use NR_DO__FIRST__. + (gpg_do_put_data): Don't use NR_NONE any more. + (do_tag_to_nr): Use -1 to specify NONE. + + * src/flash.c (flash_enum_clear, flash_enum_write_internal) + (flash_enum_write): New. + 2014-11-19 Niibe Yutaka * src/gnuk.h (FIRMWARE_UPDATE_KEY_CONTENT_LEN): New. diff --git a/src/flash.c b/src/flash.c index 23a50e9..d5ab832 100644 --- a/src/flash.c +++ b/src/flash.c @@ -477,6 +477,38 @@ flash_bool_write (uint8_t nr) } +void +flash_enum_clear (const uint8_t **addr_p) +{ + flash_bool_clear (addr_p); +} + +void +flash_enum_write_internal (const uint8_t *p, int nr, uint8_t v) +{ + uint16_t hw = nr | (v << 8); + + flash_program_halfword ((uint32_t)p, hw); +} + +const uint8_t * +flash_enum_write (uint8_t nr, uint8_t v) +{ + uint8_t *p; + uint16_t hw = nr | (v << 8); + + p = flash_data_pool_allocate (2); + if (p == NULL) + { + DEBUG_INFO ("enum allocation failure.\r\n"); + return NULL; + } + + flash_program_halfword ((uint32_t)p, hw); + return p; +} + + int flash_cnt123_get_value (const uint8_t *p) { diff --git a/src/gnuk.h b/src/gnuk.h index b5f4538..8bc8921 100644 --- a/src/gnuk.h +++ b/src/gnuk.h @@ -284,7 +284,6 @@ extern uint8_t keystring_md_pw3[KEYSTRING_MD_SIZE]; extern uint8_t admin_authorized; /*** Flash memory tag values ***/ -#define NR_NONE 0x00 /* Data objects */ /* * Representation of data object: @@ -292,28 +291,27 @@ extern uint8_t admin_authorized; * <-1 halfword-> <--len/2 halfwords-> * <-tag-><-len-> <---data content---> */ -#define NR_DO__FIRST__ 0x01 -#define NR_DO_SEX 0x01 -#define NR_DO_FP_SIG 0x02 -#define NR_DO_FP_DEC 0x03 -#define NR_DO_FP_AUT 0x04 -#define NR_DO_CAFP_1 0x05 -#define NR_DO_CAFP_2 0x06 -#define NR_DO_CAFP_3 0x07 -#define NR_DO_KGTIME_SIG 0x08 -#define NR_DO_KGTIME_DEC 0x09 -#define NR_DO_KGTIME_AUT 0x0a -#define NR_DO_LOGIN_DATA 0x0b -#define NR_DO_URL 0x0c -#define NR_DO_NAME 0x0d -#define NR_DO_LANGUAGE 0x0e -#define NR_DO_PRVKEY_SIG 0x0f -#define NR_DO_PRVKEY_DEC 0x10 -#define NR_DO_PRVKEY_AUT 0x11 -#define NR_DO_KEYSTRING_PW1 0x12 -#define NR_DO_KEYSTRING_RC 0x13 -#define NR_DO_KEYSTRING_PW3 0x14 -#define NR_DO__LAST__ 21 /* == 0x15 */ +#define NR_DO_SEX 0x00 +#define NR_DO_FP_SIG 0x01 +#define NR_DO_FP_DEC 0x02 +#define NR_DO_FP_AUT 0x03 +#define NR_DO_CAFP_1 0x04 +#define NR_DO_CAFP_2 0x05 +#define NR_DO_CAFP_3 0x06 +#define NR_DO_KGTIME_SIG 0x07 +#define NR_DO_KGTIME_DEC 0x08 +#define NR_DO_KGTIME_AUT 0x09 +#define NR_DO_LOGIN_DATA 0x0a +#define NR_DO_URL 0x0b +#define NR_DO_NAME 0x0c +#define NR_DO_LANGUAGE 0x0d +#define NR_DO_PRVKEY_SIG 0x0e +#define NR_DO_PRVKEY_DEC 0x0f +#define NR_DO_PRVKEY_AUT 0x10 +#define NR_DO_KEYSTRING_PW1 0x11 +#define NR_DO_KEYSTRING_RC 0x12 +#define NR_DO_KEYSTRING_PW3 0x13 +#define NR_DO__LAST__ 20 /* == 0x14 */ /* 14-bit counter for DS: Recorded in flash memory by 1-halfword (2-byte). */ /* * Representation of 14-bit counter: @@ -332,7 +330,10 @@ extern uint8_t admin_authorized; * 1023: 0xc3ff */ #define NR_COUNTER_DS_LSB 0xc0 /* ..0xc3 */ -/* 8-bit int or Boolean objects: Recorded in flash memory by 1-halfword (2-byte) */ +/* + * Boolean object, small enum, or 8-bit integer: + * Recorded in flash memory by 1-halfword (2-byte) + */ /* * Representation of Boolean object: * 0: No record in flash memory @@ -340,7 +341,20 @@ extern uint8_t admin_authorized; */ #define NR_BOOL_PW1_LIFETIME 0xf0 /* - * NR_BOOL_SOMETHING, NR_UINT_SOMETHING could be here... Use 0xf? + * Representation of algorithm attribute object: + * RSA-2048: No record in flash memory + * RSA-4096: 0xf?00 + * ECC p256r1: 0xf?01 + * ECC p256k1: 0xf?02 + * ECC Ed25519: 0xf?03 + * ECC Curve25519: 0xf?04 + * where == 1 (signature), 2 (decryption) or 3 (authentication) + */ +#define NR_KEY_ALGO_ATTR_SIG 0xf1 +#define NR_KEY_ALGO_ATTR_DEC 0xf2 +#define NR_KEY_ALGO_ATTR_AUT 0xf3 +/* + * NR_UINT_SOMETHING could be here... Use 0xf[456789abcd] */ /* 123-counters: Recorded in flash memory by 2-halfword (4-byte). */ /* @@ -371,6 +385,8 @@ extern const uint8_t openpgpcard_aid[14]; void flash_bool_clear (const uint8_t **addr_p); const uint8_t *flash_bool_write (uint8_t nr); +void flash_enum_clear (const uint8_t **addr_p); +const uint8_t *flash_enum_write (uint8_t nr, uint8_t v); int flash_cnt123_get_value (const uint8_t *p); void flash_cnt123_increment (uint8_t which, const uint8_t **addr_p); void flash_cnt123_clear (const uint8_t **addr_p); @@ -379,6 +395,7 @@ void flash_warning (const char *msg); void flash_put_data_internal (const uint8_t *p, uint16_t hw); void flash_bool_write_internal (const uint8_t *p, int nr); +void flash_enum_write_internal (const uint8_t *p, int nr, uint8_t v); void flash_cnt123_write_internal (const uint8_t *p, int which, int v); void flash_do_write_internal (const uint8_t *p, int nr, const uint8_t *data, int len); diff --git a/src/openpgp-do.c b/src/openpgp-do.c index 4ad61c7..0fe9273 100644 --- a/src/openpgp-do.c +++ b/src/openpgp-do.c @@ -294,7 +294,7 @@ static const struct do_table_entry *get_do_entry (uint16_t tag); static const uint8_t *do_ptr[NR_DO__LAST__]; -static uint8_t +static int do_tag_to_nr (uint16_t tag) { switch (tag) @@ -328,7 +328,7 @@ do_tag_to_nr (uint16_t tag) case GPG_DO_LANGUAGE: return NR_DO_LANGUAGE; default: - return NR_NONE; + return -1; } } @@ -710,7 +710,7 @@ int gpg_do_load_prvkey (enum kind_of_key kk, int who, const uint8_t *keystring) { uint8_t nr = get_do_ptr_nr_for_kk (kk); - const uint8_t *do_data = do_ptr[nr - NR_DO__FIRST__]; + const uint8_t *do_data = do_ptr[nr]; const uint8_t *key_addr; uint8_t dek[DATA_ENCRYPTION_KEY_SIZE]; const uint8_t *iv; @@ -750,13 +750,13 @@ static void gpg_do_delete_prvkey (enum kind_of_key kk) { uint8_t nr = get_do_ptr_nr_for_kk (kk); - const uint8_t *do_data = do_ptr[nr - NR_DO__FIRST__]; + const uint8_t *do_data = do_ptr[nr]; uint8_t *key_addr; if (do_data == NULL) return; - do_ptr[nr - NR_DO__FIRST__] = NULL; + do_ptr[nr] = NULL; flash_do_release (do_data); key_addr = kd[kk].key_addr; kd[kk].key_addr = NULL; @@ -986,7 +986,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, memset (pd->dek_encrypted_3, 0, DATA_ENCRYPTION_KEY_SIZE); p = flash_do_write (nr, (const uint8_t *)pd, sizeof (struct prvkey_data)); - do_ptr[nr - NR_DO__FIRST__] = p; + do_ptr[nr] = p; random_bytes_free (dek); memset (pd, 0, sizeof (struct prvkey_data)); @@ -1020,7 +1020,7 @@ gpg_do_chks_prvkey (enum kind_of_key kk, int who_new, const uint8_t *new_ks) { uint8_t nr = get_do_ptr_nr_for_kk (kk); - const uint8_t *do_data = do_ptr[nr - NR_DO__FIRST__]; + const uint8_t *do_data = do_ptr[nr]; uint8_t dek[DATA_ENCRYPTION_KEY_SIZE]; struct prvkey_data *pd; const uint8_t *p; @@ -1065,9 +1065,9 @@ gpg_do_chks_prvkey (enum kind_of_key kk, if (update_needed) { flash_do_release (do_data); - do_ptr[nr - NR_DO__FIRST__] = NULL; + do_ptr[nr] = NULL; p = flash_do_write (nr, (const uint8_t *)pd, sizeof (struct prvkey_data)); - do_ptr[nr - NR_DO__FIRST__] = p; + do_ptr[nr] = p; } memset (pd, 0, sizeof (struct prvkey_data)); @@ -1341,7 +1341,7 @@ gpg_data_scan (const uint8_t *p_start) if (nr < 0x80) { /* It's Data Object */ - do_ptr[nr - NR_DO__FIRST__] = p; + do_ptr[nr] = p; p += second_byte + 1; /* second_byte has length */ if (((uint32_t)p & 1)) @@ -1379,17 +1379,17 @@ gpg_data_scan (const uint8_t *p_start) flash_set_data_pool_last (p); num_prv_keys = 0; - if (do_ptr[NR_DO_PRVKEY_SIG - NR_DO__FIRST__] != NULL) + if (do_ptr[NR_DO_PRVKEY_SIG] != NULL) num_prv_keys++; - if (do_ptr[NR_DO_PRVKEY_DEC - NR_DO__FIRST__] != NULL) + if (do_ptr[NR_DO_PRVKEY_DEC] != NULL) num_prv_keys++; - if (do_ptr[NR_DO_PRVKEY_AUT - NR_DO__FIRST__] != NULL) + if (do_ptr[NR_DO_PRVKEY_AUT] != NULL) num_prv_keys++; data_objects_number_of_bytes = 0; - for (i = NR_DO__FIRST__; i < NR_DO__LAST__; i++) - if (do_ptr[i - NR_DO__FIRST__] != NULL) - data_objects_number_of_bytes += *do_ptr[i - NR_DO__FIRST__]; + for (i = 0; i < NR_DO__LAST__; i++) + if (do_ptr[i] != NULL) + data_objects_number_of_bytes += *do_ptr[i]; if (dsc_l10_p == NULL) dsc_l10 = 0; @@ -1441,14 +1441,14 @@ gpg_data_copy (const uint8_t *p_start) } data_objects_number_of_bytes = 0; - for (i = NR_DO__FIRST__; i < NR_DO__LAST__; i++) - if (do_ptr[i - NR_DO__FIRST__] != NULL) + for (i = 0; i < NR_DO__LAST__; i++) + if (do_ptr[i] != NULL) { - const uint8_t *do_data = do_ptr[i - NR_DO__FIRST__]; + const uint8_t *do_data = do_ptr[i]; int len = do_data[0]; flash_do_write_internal (p, i, &do_data[1], len); - do_ptr[i - NR_DO__FIRST__] = p + 1; + do_ptr[i] = p + 1; p += 2 + ((len + 1) & ~1); data_objects_number_of_bytes += len; } @@ -1658,9 +1658,9 @@ gpg_do_put_data (uint16_t tag, const uint8_t *data, int len) GPG_MEMORY_FAILURE (); else { - uint8_t nr = do_tag_to_nr (tag); + int nr = do_tag_to_nr (tag); - if (nr == NR_NONE) + if (nr < 0) GPG_MEMORY_FAILURE (); else { @@ -1796,7 +1796,7 @@ gpg_do_read_simple (uint8_t nr) { const uint8_t *do_data; - do_data = do_ptr[nr - NR_DO__FIRST__]; + do_data = do_ptr[nr]; if (do_data == NULL) return NULL; @@ -1808,7 +1808,7 @@ gpg_do_write_simple (uint8_t nr, const uint8_t *data, int size) { const uint8_t **do_data_p; - do_data_p = (const uint8_t **)&do_ptr[nr - NR_DO__FIRST__]; + do_data_p = (const uint8_t **)&do_ptr[nr]; if (*do_data_p) flash_do_release (*do_data_p);