diff --git a/ChangeLog b/ChangeLog index 7ee98cd..83c67d4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,19 @@ +2013-02-20 Niibe Yutaka + + * src/openpgp.c (cmd_internal_authenticate): Support ECDSA for + authentication. + + * src/openpgp-do.c (algorithm_attr_ecdsa): New. + (algorithm_attr_rsa): Rename (was: algorithm_attr). + (gpg_do_table): Change for GPG_DO_ALG_AUT. + (gpg_do_write_prvkey): Support ECDSA key for authentication. + (proc_key_import): Likewise. + (gpg_do_public_key): Likewise. + + * src/call-ec_p256.c: New. + * src/Makefile.in: Add call-ec_p256.c. + * src/call-rsa.c (modulus_free): Remove. + 2013-02-19 Niibe Yutaka * regnual/regnual.ld (MEMORY): Fix address of regnual. @@ -54,2481 +70,3 @@ * src/adc_stm32f103.c, src/adc.h: New from NeuG 0.05. * src/random.c: Follow the change of NeuG 0.05. - -2013-02-15 Niibe Yutaka - - * Version 1.0.2. - * src/usb_desc.c (gnukStringSerial): Updated. - -2013-02-14 Niibe Yutaka - - * test/features/002_get_data_static.feature: Value of extended - capabilities changed. - * test/features/402_get_data_static.feature: Ditto. - * test/features/802_get_data_static.feature: Ditto. - - * src/openpgp.c (cmd_write_binary): Move erasing page of update - keys to... - (modify_binary): ...here. - - * src/flash.c (flash_write_binary): Handle removal of update keys. - -2013-02-13 Niibe Yutaka - - * src/openpgp.c (cmd_get_challenge): Handle Le field. - - * src/openpgp-do.c (extended_capabilities): Fix for GET CHALLENGE. - - * src/gnuk.h (CHALLENGE_LEN): Moved here (was: openpgp.c). - - * tool/gnuk_token.py (iso7816_compose): Add Le field. - -2013-01-30 Niibe Yutaka - - * src/openpgp.c (cmd_external_authenticate): Fix off-by-one error. - - * tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Add - KEYNO to the arguments. - - * tool/upgrade_by_passwd.py (main): Explicitly say it's KEYNO. - -2013-01-28 Niibe Yutaka - - * src/openpgp-do.c (gpg_pw_get_retry_counter): New. - * src/openpgp.c (cmd_verify): Implement VERIFY with empty data. - -2013-01-22 Niibe Yutaka - - * tool/pinpadtest.py (Card.cmd_vega_alpha_disable_empty_verify): - New. - (main): call cmd_vega_alpha_disable_empty_verify if it's - COVADIS_VEGA_ALPHA. - -2013-01-21 Niibe Yutaka - - * tool/pageant_proxy_to_gpg.py: New. - * tool/sexp.py: New. - -2013-01-20 Niibe Yutaka - - * tool/gpg_agent.py: New. - -2013-01-11 Niibe Yutaka - - * tool/pinpadtest.py: Add fixed length input. - -2012-12-25 Niibe Yutaka - - * tool/rsa.py: New. - - * tool/rsa_example.key: New. Example RSA key information. - - * tool/upgrade_by_passwd.py: New. - -2012-12-19 Niibe Yutaka - - * src/Makefile.in (USE_OPT): -O3 and -Os (was: -O2). - - * tool/gnuk_token.py (gnuk_token.stop_gnuk, gnuk_token.mem_info) - (gnuk_token.download, gnuk_token.execute) - (gnuk_token.cmd_get_challenge) - (gnuk_token.cmd_external_authenticate): New. - (gnuk_devices_by_vidpid): New. - (regnual): New. - -2012-12-18 Niibe Yutaka - - * test/gnuk.py: Remove. - - * test/features/steps.py: Use tool/gnuk_token.py. - - * tool/gnuk_put_binary_libusb.py: Use gnuk_token.py. - (main): Follow the API change. - - * tool/gnuk_token.py (list_to_string): New. - (gnuk_token.get_string, gnuk_token.increment_seq) - (gnuk_token.reset_device, gnuk_token.release_gnuk): New. - (gnuk_token.icc_power_on): Set self.atr and it's now string. - (gnuk_token.icc_send_cmd): Handle time extension. - (gnuk_token.cmd_get_response): Return string (was: list). - (gnuk_token.cmd_get_data): Return "" when success. - (gnuk_token.cmd_change_reference_data, gnuk_token.cmd_put_data) - (gnuk_token.cmd_put_data_odd) - (gnuk_token.cmd_reset_retry_counter, gnuk_token.cmd_pso) - (gnuk_token.cmd_pso_longdata) - (gnuk_token.cmd_internal_authenticate, gnuk_token.cmd_genkey) - (gnuk_token.cmd_get_public_key): New. - (compare): New. - (get_gnuk_device): New. - -2012-12-14 Niibe Yutaka - - * src/openpgp.c (cmd_change_password): Check password length - for admin less mode. - -2012-12-13 Niibe Yutaka - - * src/openpgp-do.c (gpg_do_put_data): Add GPG_SUCCESS for - completeness (it worked because of lower layer goodness). - -2012-12-12 Niibe Yutaka - - * tool/gnuk_token.py: Add module imports. - - * tool/gnuk_remove_keys.py (main): Fix data object number - for KGTIME_SIG, KGTIME_DEC and KGTIME_AUT. - - * tool/gnuk_remove_keys_libusb.py (main): Likewise. - -2012-12-05 Niibe Yutaka - - * tool/gnuk_remove_keys_libusb.py: New. - * tool/gnuk_token.py: New. - -2012-11-07 Niibe Yutaka - - * src/usb-icc.c (icc_send_data_block_internal): New. - (icc_send_data_block_time_extension): New. - (icc_handle_timeout): Use icc_send_data_block_time_extension. - (icc_send_data_block): Only one argument. - (USBthread): Follow the change. - -2012-11-01 Niibe Yutaka - - * tool/gnuk_upgrade.py (main): New option '-k' to specify keygrip - for non-smartcard key. - (gpg_sign): Support non-smartcard key. - -2012-10-31 Niibe Yutaka - - * tool/get_raw_public_key.py: New. - -2012-10-26 Niibe Yutaka - - * GNUK_USB_DEVICE_ID (Product_STRING): It's considered better not - to include vendor name. Change the name to "Gnuk Token" (was: - FSIJ USB Token). - -2012-10-13 Niibe Yutaka - - * boards/STBEE_MINI/board.c [!DFU_SUPPORT] (hwinit1): Don't run - when "user switch" is pushed. This is for JTAG/SWD debugger. - -2012-09-25 Niibe Yutaka - - * tool/stlinkv2.py (main): Print out option bytes value. - Call reset_sys before blank_check. - -2012-09-18 Niibe Yutaka - - * tool/stlinkv2.py (stlinkv2.option_bytes_erase) - (stlinkv2.flash_erase_all, stlinkv2.flash_erase_page): : Fix - OperationFailure (was OperationError). - (main): Call option_bytes_erase if it's not 0xff. - -2012-09-12 Niibe Yutaka - - * src/sha256.c: Include . - - * src/sha256.h (SHA256_DIGEST_SIZE, SHA256_BLOCK_SIZE): Move - from sha256.c. - -2012-08-29 Niibe Yutaka - - * tool/hub_ctrl.py (__main__): Fix to busnum (was: bunum). - Thanks to Henry Hu. - -2012-08-03 Niibe Yutaka - - * Version 1.0.1. - * src/usb_desc.c (gnukStringSerial): Updated. - * src/main.c (ID_OFFSET): Fix. - -2012-08-02 Niibe Yutaka - - * test/gnuk.py (gnuk_token.get_string): New. - * test/features/991_version_string.feature: New. - -2012-07-21 Niibe Yutaka - - * Version 1.0. - * src/usb_desc.c (gnukStringSerial): Updated. - - Documentation by Sphinx. - * doc/Makefile: New. - * doc/note: Old notes are moved here. - -2012-07-20 Niibe Yutaka - - * test/features/002_get_data_static.feature: Support CERTDO enabled - Gnuk for the test of extended capabilities. - * test/features/802_get_data_static.feature: Ditto. - * test/features/402_get_data_static.feature: Ditto. - -2012-07-10 Niibe Yutaka - - * test/features/*: Add test cases for PW1/PW3 of factory settings. - - * test/features/202_keygen.feature: Add PSO signature test after - keygen. - * test/features/602_keygen.feature: Ditto. - - Bug fix. - * src/openpgp-do.c (gpg_do_write_prvkey): Don't call ac_reset_* - here. - (proc_key_import): But call ac_reset_* here. - (gpg_do_keygen): Load private key for signing. - - * tool/stlinkv2.py (stlinkv2.usb_disconnect): New. - -2012-07-09 Niibe Yutaka - - * src/openpgp.c (cmd_pso): For decryption, return error sooner for - invalid data. - - * tool/stlinkv2.py (stlinkv2.setup_gpio): Fix GPIOB_CRL. - - * test/rsa_keys.py (integer_to_bytes_256): Rename from - integer_to_bytes and it should be exactly 256-byte long. - -2012-07-06 Niibe Yutaka - - * Version 0.21. - * src/usb_desc.c (gnukStringSerial): Updated. - - * boards/FST_01/board.h (VAL_GPIOACRL): Change for SPI flash. - * tool/stlinkv2.py (stlinkv2.setup_gpio): Likewise. - (stlinkv2.spi_flash_init, stlinkv2.spi_flash_select) - (stlinkv2.spi_flash_sendbyte, stlinkv2.spi_flash_read_id): New. - (main): Add SPI flash ROM id check. - -2012-07-05 Niibe Yutaka - - * src/call-rsa.c (rsa_sign, rsa_decrypt): Don't need to setup N. - - * polarssl-0.14.0/library/rsa.c (rsa_check_pubkey) - (rsa_check_privkey): Ifdef-out. - - More tests. - * test/*: Add tests for admin-less mode. - * test/features/990_reset_passphrase.feature: This is now for - admin-less mode. - * test/features/970_key_removal.feature: Ditto. - - * src/openpgp.c (cmd_change_password): Call ac_reset_admin when - admin-less mode. - (cmd_reset_user_password): Likewise. - - * src/ac.c (ac_reset_admin, ac_fini): Clear ADMIN_AUTHORIZED. - - Bug fix. - * src/ac.c (verify_admin): Call s2k with ADMIN_AUTHORIZED. - -2012-07-04 Niibe Yutaka - - Bug fixes. - * src/ac.c (verify_admin_0): Compare PW_LEN and BUF_LEN. - - * src/openpgp-do.c (gpg_do_chks_prvkey): Set do_ptr to NULL before - calling flash_do_write (which might cause GC). - (gpg_do_put_data, gpg_do_write_simple): Likewise. - - * src/openpgp.c (cmd_reset_user_password): Write to - DO_KEYSTRING_PW1. - -2012-07-03 Niibe Yutaka - - * test/features/040_passphrase_change.feature: New. - * test/features/203_passphrase_change.feature: New. - * test/features/210_compute_signature.feature: Rename (was: - 203_compute_signature.feature) - * test/features/211_decryption.feature: Rename (was: - 204_decryption.feature) - -2012-07-02 Niibe Yutaka - - * tool/stlinkv2.py (stlinkv2.__init__): Don't call setAltInterface. - -2012-06-30 Niibe Yutaka - - * src/openpgp.c (s2k): New. - (resetcode_s2k): Remove. - (cmd_reset_user_password, cmd_change_password): Use s2k (was: - sha256 directly or resetcode_s2k). - * src/openpgp-do.c (proc_resetting_code, gpg_do_write_prvkey): - Likewise. - * src/ac.c (verify_user_0, verify_admin): Likewise. - -2012-06-29 Niibe Yutaka - - * regnual/Makefile: Don't copy usb_lld.c. - -2012-06-28 Niibe Yutaka - - * test/features/204_decryption.feature: New. - * test/features/203_compute_signature.feature: New. - * test/features/202_keygen.feature: New. - * test/features/201_setup_passphrase.feature: New. - * test/features/200_key_removal.feature: New. - - * test/rsa_keys.py (verify_signature): New. - (encrypt_with_pubkey): New. - - * test/gnuk.py (gnuk_token): New method: increment_seq. - (gnuk_token.icc_send_cmd): Handle timeout. - (gnuk_token.cmd_genkey): New. - (gnuk_token.cmd_get_public_key): New. - -2012-06-27 Niibe Yutaka - - * test/features/101_decryption.feature: New. - * test/features/100_compute_signature.feature: New. - - * src/openpgp-do.c (gpg_do_chks_prvkey): Call flash_do_release before - flash_do_write. - (gpg_do_write_prvkey): Bug fix when GC occurs. - - * src/openpgp.c (cmd_change_password): Support resetting to - factory setting of PW3. - - * src/openpgp-do.c (gpg_do_write_prvkey): Don't reset signagure - counter here. - (proc_key_import): But reset here. - Call ac_reset_* when key is imported. - -2012-06-26 Niibe Yutaka - - * test: New. - -2012-06-25 Niibe Yutaka - - * tool/usb_strings.py: New. - -2012-06-22 Niibe Yutaka - - * tool/stlinkv2.py (stlinkv2.blank_check): Add blank check of - Flash ROM. - -2012-06-21 Niibe Yutaka - - * tool/asm-thumb/blank_check.S: New. - -2012-06-20 Niibe Yutaka - - ST-Link/V2 flash ROM writer. - * tool/stlinkv2.py: New. - * tool/asm-thumb/opt_bytes_write.S: New. - * tool/asm-thumb/flash_write.S: New. - -2012-06-19 Niibe Yutaka - - * Version 0.20. - - * src/usb_desc.c (gnukStringSerial): Updated. - -2012-06-18 Niibe Yutaka - - LED display output change. - * src/main.c (MAIN_TIMEOUT_INTERVAL): New. - (LED_TIMEOUT_INTERVAL, etc.): New values. - (main_mode, display_interaction): Remove. - (led_inverted, emit_led): New. - (display_status_code): Use emit_led. - (led_blink): Use LED_* for SPEC. - (main, fatal): New LED display output. - * src/gnuk.h (LED_ONESHOT, LED_TWOSHOTS, LED_SHOW_STATUS) - (LED_START_COMMAND, LED_FINISH_COMMAND, LED_FATAL): New semantics. - (main_thread): Remove. - * src/openpgp-do.c (gpg_do_keygen): Don't touch LED here. - * src/openpgp.c (get_pinpad_input): Call led_blink. - (cmd_pso, cmd_internal_authenticate): Don't touch LED here. - (GPGthread): Call led_blink. - * src/pin-cir.c (pinpad_getline): Change arg of led_blink. - * src/pin-dnd.c (pinpad_getline): Ditto. - * src/usb-icc.c (icc_handle_timeout): Ditto. - (icc_send_status): Call led_blink. - * src/usb_ctrl.c (gnuk_usb_event): Don't touch LED here. - -2012-06-16 Niibe Yutaka - - Use SHA256 format for "external authenticate". - * tool/gnuk_upgrade.py (gpg_sign): SHA256 sign by "SCD PKAUTH". - (main): Not specify keygrip, but always use key for authentication. - * src/call-rsa.c (rsa_verify): It is SHA256 format (was: SHA1). - * src/openpgp.c (cmd_get_challenge): Don't add chip-id prefix. - (cmd_external_authenticate): Likewise. - -2012-06-15 Niibe Yutaka - - * src/random.c (random_bytes_free): Clear out random bytes. - - More protection improvements. - * src/random.c (RANDOM_BYTES_LENGTH): It's 32 now (was: 16). - * src/gnuk.h (struct key_data_internal): Remove check, random, - magic. Add checksum. - (struct prvkey_data): Remove crm_encrypted. Add iv and - checksum_encrypted. - * src/openpgp-do.c (encrypt, decrypt): Add IV argument. - (encrypt_dek, decrypt_dek): New. It's in ECB mode. - (compute_key_data_checksum): New. - (gpg_do_load_prvkey): Handle initial vector and checksum. - Use decrypt_dek to decrypt DEK. Clear DEK after use. - (calc_check32):Remove. - (gpg_do_write_prvkey): Use encrypt_dek to encrypt DEK. - (gpg_do_chks_prvkey): Likewise. - - * polarssl-0.14.0/include/polarssl/aes.h (aes_crypt_cbc) - * polarssl-0.14.0/library/aes.c (aes_crypt_cbc): ifdef-out. - - * src/configure (--enable-pinpad): Deprecate DND. - -2012-06-14 Niibe Yutaka - - Protection improvement. - * src/openpgp.c (resetcode_s2k): New. - (cmd_reset_user_password): Use resetcode_s2k. - * src/openpgp-do.c (proc_resetting_code): Likewise. - - * src/sha256.c (sha256_finish): Clear out CTX at the end. - - * src/call-rsa.c (rsa_sign, rsa_decrypt, rsa_verify): Use - mpi_lset (was: mpi_read_string). - * polarssl-0.14.0/library/bignum.c (mpi_get_digit) - (mpi_read_string): ifdef-out. - - KDF is now SHA-256 (was: SHA1). - * src/sha256.c: New file. Based on the implementation by Dr Brian - Gladman. - * src/openpgp.c (cmd_change_password, cmd_reset_user_password): - Use sha256. - * src/openpgp-do.c (proc_resetting_code, gpg_do_write_prvkey): Likewise. - * src/ac.c (verify_user_0, calc_md, verify_admin): Likewise. - * src/crypt.mk (CRYPTSRC): Add sha256.c, removing sha1.c. - * src/gnuk.h (KEYSTRING_MD_SIZE): It's 32 for SHA-256. - -2012-06-13 Niibe Yutaka - - Bug fixes. - * src/main.c (display_interaction): Assign to main_mode. - * src/openpgp.c (cmd_change_password): Bug fix for admin less mode - to admin full mode. Variable who_old should be admin_authorized. - - Key generation is configure option. - * src/configure (keygen): Add --enable-keygen option. - * src/Makefile.in (UDEFS): Add definition of KEYGEN_SUPPORT. - * src/call-rsa.c [KEYGEN_SUPPORT] (rsa_genkey): Conditionalize. - * src/random.c [KEYGEN_SUPPORT] (random_byte): Ditto. - * src/openpgp.c [KEYGEN_SUPPORT] (cmd_pgp_gakp): Ditto. - * src/openpgp-do.c [KEYGEN_SUPPORT] (gpg_do_keygen): Ditto. - * polarssl-0.14.0/include/polarssl/config.h: Ditto. - * polarssl-0.14.0/library/bignum.c [POLARSSL_GENPRIME] - (mpi_inv_mod): Unconditionalize. - -2012-06-08 Niibe Yutaka - - * polarssl-0.14.0/library/bignum.c (mpi_cmp_mpi): Bug fix. - Though it doesn't matter for Gnuk usage. - - Emit LED light while computation (or asking user input). - * src/usb-icc.c (icc_handle_timeout): Call led_blink. - * src/openpgp.c (cmd_pso, cmd_internal_authenticate): Call - LED_WAIT_MODE, LED_STATUS_MODE to show "it's under computation". - * src/openpgp-do.c (gpg_do_keygen): Ditto. - * src/gnuk.h (LED_WAIT_MODE): Rename (was: LED_INPUT_MODE). - * src/main.c (display_interaction): Change the behavior of LED, - now, it's mostly ON (was: mostly OFF). - -2012-06-07 Niibe Yutaka - - * src/openpgp.c (cmd_internal_authenticate): Add check for input - length. - - Implement key generation. - * src/openpgp.c (cmd_pgp_gakp): Call gpg_do_keygen. - * src/openpgp-do.c (proc_key_import): Call with modulus = NULL. - (gpg_do_keygen): New function. - (gpg_reset_digital_signature_counter): New function. - (gpg_do_write_prvkey): New argument MODULUS. Call - gpg_reset_digital_signature_counter. - * src/call-rsa.c (rsa_genkey): New function. - * src/random.c (random_byte): New function. - - PolarSSL modification. - * polarssl-0.14.0/library/rsa.c (rsa_gen_key): Don't set D, DP, - DQ, and QP. It's only for key generation. - * polarssl-0.14.0/library/rsa.c (rsa_gen_key, rsa_pkcs1_encrypt): - Change f_rng function return type. - * polarssl-0.14.0/include/polarssl/rsa.h: Likewise. - * polarssl-0.14.0/library/bignum.c (mpi_is_prime, mpi_gen_prime): - Change f_rng function return type. - * polarssl-0.14.0/include/polarssl/bignum.h: Likewise. - -2012-06-06 Niibe Yutaka - - * Version 0.19. - - * src/usb_desc.c (gnukStringSerial): Updated. - - * regnual/regnual.c (fetch): Better implementation. - -2012-06-05 Niibe Yutaka - - Firmware update key handling. - * tool/gnuk_put_binary.py (GnukToken.cmd_get_response): Handle - larger data such as card holder certificate. - (GnukToken.cmd_write_binary): Bug fix for cert do write. - (GnukToken.cmd_read_binary): New. - (main): Support firmware update key. - - Take advantage of the Thumb-2 "rbit" instruction. - * regnual/regnual.c (fetch): Reverse bits. - * src/usb_ctrl.c (rbit): New. Deleted reverse32. - (download_check_crc32): Use rbit. - * tool/gnuk_upgrade.py (crc32): Just use binascii.crc32. - (crctab): Remove. - -2012-06-04 Niibe Yutaka - - Card holder certificate data object bug fixes. - * tool/gnuk_put_binary_libusb.py (gnuk_token.cmd_get_response): - Handle larger data such as card holder certificate. - * src/flash.c (flash_write_binary): Bug fix. Call - flash_check_blank with p + offset. - * src/gnuk.h (FLASH_CH_CERTIFICATE_SIZE): Define here (was: flash.c). - - Implement CRC32 check for firmware update. - * src/usb_ctrl.c (download_check_crc32): New. - * regnual/regnual.c (calc_crc32): New. - (regnual_ctrl_write_finish): Call calc_crc32. - * tool/gnuk_upgrade.py (crc32): New. - (regnual.download): Check crc32code. - - * regnual/regnual.c (regnual_ctrl_write_finish): Bug fix. - -2012-06-01 Niibe Yutaka - - Support firmware update with public key authentication. - * tool/gnuk_upgrade.py (gpg_sign): New. - * tool/gnuk_put_binary_libusb.py (main): Support firmware update - key registration. - - Update of reGNUal. - * regnual/regnual.c (main): Follow the change of usb_lld_init. - (regnual_config_desc): Include interface descriptor. - (usb-strings.c.inc): Change the file name. - * regnual/Makefile (regnual.o): Depend on sys.h. - * src/configure (usb-strings.c.inc): ifdef-out - gnuk_revision_detail and gnuk_config_options (for reGNUal). - * src/usb_desc.c (USB_STRINGS_FOR_GNUK): Define. - - USB bug fixes. - * src/usb_ctrl.c (gnuk_usb_event): Bug fix for handling - USB_EVENT_CONFIG. Do nothing when current_conf == value. - * src/usb_lld.c (std_clear_feature): Bug fix. Always clear DTOG. - (usb_lld_init): New argument for FEATURE. - -2012-05-31 Niibe Yutaka - - * polarssl-0.14.0/library/rsa.c (rsa_pkcs1_verify): BUF size is - 256 (was: 1024). - * src/call-rsa.c (rsa_verify): It's SIG_RSA_SHA1. - * src/openpgp.c (cmd_external_authenticate): Follow the change of - rsa_verify. - - Support "firmware update" keys. - * src/flash.c (flash_write_binary): Support update keys. - * src/gnuk.h (FILEID_UPDATE_KEY_0, FILEID_UPDATE_KEY_1) - (FILEID_UPDATE_KEY_2,FILEID_UPDATE_KEY_3): New. - * src/gnuk.ld.in (_updatekey_store): New. - * src/openpgp.c (FILE_EF_UPDATE_KEY_0, FILE_EF_UPDATE_KEY_1) - (FILE_EF_UPDATE_KEY_2, FILE_EF_UPDATE_KEY_3): New. - (gpg_get_firmware_update_key): New. - (cmd_read_binary): Support update keys and certificate. - (modify_binary): New. - (cmd_update_binary, cmd_write_binary): Use modify_binary. - (cmd_external_authenticate): Support up to four keys. - - Version string of system service is now USB string. - * src/sys.h (unique_device_id): Define here, not as system - service. - * src/sys.c (sys_version): Version string for system service. - * src/usb_desc.c (String_Descriptors): Add sys_version. - * src/usb_conf.h (NUM_STRING_DESC): 7 (was: 6). - * src/gnuk.ld.in (.sys.version): New section. - -2012-05-30 Niibe Yutaka - - * src/openpgp.c (CHALLENGE_LEN): New. - (cmd_external_authenticate): Authentication by response with - public key. - (cmd_get_challenge): 16-byte is enough for challenge. - -2012-05-29 Niibe Yutaka - - * src/call-rsa.c (rsa_verify): New function. - - * polarssl-0.14.0/include/polarssl/rsa.h (rsa_pkcs1_verify) - * polarssl-0.14.0/library/rsa.c (rsa_pkcs1_verify): Fix API. - - * src/usb_conf.h (NUM_STRING_DESC): Incremented to 6 (was: 4). - * src/configure: Generate strings for revision detail and config - options. - * src/usb_desc.c (gnuk_revision_detail, gnuk_config_options): New. - - * src/main.c (main) [DFU_SUPPORT]: Kill DFU and install .sys. - - * src/config.h.in (FLASH_PAGE_SIZE): New. - * src/configure: Support FLASH_PAGE_SIZE for config.h - * boards/*/board.h (FLASH_PAGE_SIZE): Remove. - * src/flash.c (FLASH_PAGE_SIZE): Remove. - - * src/sys.c (reset): Don't depend if DFU_SUPPORT or not. - (flash_erase_all_and_exec): Rename and change the argument. - * src/gnuk.ld.in (__flash_start__): Real flash ROM address, - regardless of DFU_SUPPORT. - * src/main.c (main): Call flash_erase_all_and_exec with SRAM - address. - - * polarssl-0.14.0/library/aes.c (FT0, FT1, FT2): Specify sections - in detail, so that addresses won't be affected by compiler. - * src/gnuk.ld.in (.sys): Define sections in detail. - - * boards/STBEE_MINI/board.h (SET_USB_CONDITION, GPIO_USB) - (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) - (FLASH_PAGE_SIZE): New. - * boards/STBEE_MINI/board.c (USB_Cable_Config, set_led): Remove. - - * boards/STBEE/board.h (SET_USB_CONDITION, GPIO_USB, IOPORT_USB) - (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. - * boards/STBEE/board.c (USB_Cable_Config, set_led): Remove. - - * boards/CQ_STARM/board.h (SET_USB_CONDITION) - (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. - * boards/CQ_STARM/board.c (USB_Cable_Config, set_led): Remove. - -2012-05-28 Niibe Yutaka - - * boards/*/board.c (hwinit0): Removed... - * boards/common/hwinit.c (hwinit0): ... and define here. - (hwinit0) [DFU_SUPPORT]: Don't set SCB->VTOR here. - * src/sys.c (reset) [DFU_SUPPORT]: Set SCB->VTOR here. - (flash_write): Range check. - - * polarssl-0.14.0/library/aes.c (FT0, FT1, FT2): Specify the - section ".sys", so that we will have more room for flash ROM. - * src/gnuk.ld.in (.sys): Add alignment settings. - - * tool/gnuk_upgrade.py (main): First 4096-byte of Gnuk is system - block. Don't send it to reGNUal. - - * regnual/sys.c (entry): Fix clearing BSS. It is called with all - interrupts disabled. - - * regnual/regnual.ld (_flash_start): It's 0x08001000 now, because - there is system block now (was: 0x08000000). - -2012-05-26 Niibe Yutaka - - * src/sys.c (reset): Set SCR->VCR here. - -2012-05-25 Niibe Yutaka - - * src/gnuk.ld.in (.sys): New section. - - * boards/OLIMEX_STM32_H103/board.h (SET_USB_CONDITION, GPIO_USB) - (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) - (FLASH_PAGE_SIZE): New. - * boards/OLIMEX_STM32_H103/board.c (USB_Cable_Config, set_led): - Remove. - - * boards/STM32_PRIMER2/board.h (SET_USB_CONDITION, GPIO_USB) - (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) - (FLASH_PAGE_SIZE): New. - * boards/STM32_PRIMER2/board.c (USB_Cable_Config, set_led): - Remove. - - * boards/FST_01_00/board.h (SET_USB_CONDITION, GPIO_USB) - (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) - (FLASH_PAGE_SIZE): New. - * boards/FST_01_00/board.c (USB_Cable_Config, set_led): Remove. - - * boards/FST_01/board.h (SET_USB_CONDITION, GPIO_USB, IOPORT_USB) - (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. - * boards/FST_01/board.c (USB_Cable_Config, set_led): Remove. - - * regnual/sys-stm8s-discovery.h, sys-stbee.h: Remove. - - * boards/STM8S_DISCOVERY/board.h (SET_USB_CONDITION) - (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. - * boards/STM8S_DISCOVERY/board.c (USB_Cable_Config, set_led): - Remove. - - * regnual/Makefile: Add -I ../src to CFLAGS. - - * regnual/regnual.ld (vector): New. - - * regnual/sys.c: Remove implementation, but jump to vector by sys.h. - - * src/Makefile.in: Follow change of files. - - * src/configure: Undo changes of 2012-05-22. - - * boards/common/hw_config.c: Remove. Mov function to sys.c. - * src/flash.c: Move functions to sys.c. - * src/sys.c: New. - - * src/main.c (main): Call flash_mass_erase_and_exec. - - * src/usb_lld.c: Include sys.h. - - * src/usb_lld_sys.c: Remove. Move interrupt handler to... - * src/usb_ctrl.c: ... this file. - - * regnual/sys.c (clock_init, gpio_init, flash_unlock): Removed. - (entry): Rename (was: reset). - -2012-05-24 Niibe Yutaka - - * src/main.c (good_bye): Care LSB of function pointer. - (flash_mass_erase_and_exec): Implemented in C. - -2012-05-23 Niibe Yutaka - - * regnual/sys-stm8s-discovery.h: New. - - * src/main.c (flash_mass_erase_and_exec, good_bye): New. - (main): Call good_bye. - - * tool/gnuk_upgrade.py (regnual.protect): New. - (main): Call regnual.protect(). - - * regnual/regnual.c (regnual_setup): Don't call flash_write here. - (regnual_ctrl_write_finish): But call here. - (USB_REGNUAL_RESULT): New. - - * regnual/sys.c (flash_protect): New. - -2012-05-22 Niibe Yutaka - - * src/configure (../regnual/sys.h): Create symblic link. - - * src/usb_ctrl.c: Rename (was: usb_prop.c). - - * regnual/types.h, regnual/sys.c, regnual/regnual.ld: New. - * regnual/regnual.c, regnual/Makefile: New. - * regnual/sys-stbee.h: New. - - * src/usb_lld.c: Support FREE_STANDING environment as well as - under ChibiOS/RT. - (usb_lld_init): Call usb_lld_sys_init. Don't call user defined - method. Call usb_lld_set_configuration. - (usb_lld_shutdown): Call usb_lld_sys_shutdown. - (Vector90): Move to usb_lld_sys.c. - (usb_interrupt_handler): Export to global. - - * src/usb_lld_sys.c: New. - - * src/usb_prop.c (Device_Method): Remove gnuk_device_init. - (gnuk_device_init): Remove. - -2012-05-19 Niibe Yutaka - - * src/usb_lld.c (handle_datastage_in): Bug fix, erable RX when - sending ZLP. It will be possible to get OUT transaction soon - after IN transaction. - -2012-05-18 Niibe Yutaka - - * src/usb_lld.c (handle_datastage_out): Fix rx copying. - (handle_setup0): Bug fix not stalling TX, it will be possible - to go IN transaction, soon after OUT transaction. - - * src/usb_lld.h (USB_SETUP_SET, USB_SETUP_GET): New. - (usb_device_method.ctrl_write_finish): New. - (usb_device_method.setup): Merge setup_with_data, and - setup_with_nodata. - - * src/usb_lld.c (usb_lld_shutdown, usb_lld_prepare_shutdown): New. - (handle_setup0): Call ->setup. - (handle_in0): Call ->ctrl_write_finish. - - * src/usb_prop.c (vcom_port_data_setup): Merge - vcom_port_setup_with_nodata. - (download_check_crc32): New. - (gnuk_setup): Merge gnuk_setup_with_data and - gnuk_setup_with_nodata. - (gnuk_ctrl_write_finish): New. - -2012-05-17 Niibe Yutaka - - * tool/gnuk_upgrade.py: New tool. - - * src/gnuk.h (ICC_STATE_EXITED, ICC_STATE_EXEC_REQUESTED): New. - - * src/openpgp.c (INS_EXTERNAL_AUTHENTICATE) - (cmd_external_authenticate): New. - (INS_GET_CHALLENGE, cmd_get_challenge): New. - - * src/usb-icc.c (USBthread): Finish the thread with - ICC_STATE_EXITED, after EXTERNAL_AUTHENTICATE. - - * src/usb_prop.c (gnuk_setup_endpoints_for_interface): Add STOP - argument. - (gnuk_usb_event): Disable all endpoints when configure(0). - (vcom_port_data_setup): Check direction and support - USB_CDC_REQ_SET_LINE_CODING. - (vcom_port_setup_with_nodata): Check direction. - (gnuk_setup_with_data): Check direction and add FSIJ_GNUK device - requests. - (gnuk_setup_with_nodata): Likewise. - - * src/usb_lld.c (LAST_OUT_DATA): Remove. - (handle_datastage_out): Cleanup and call st103_ep_set_rxtx_status. - (handle_datastage_in): Call st103_ep_set_rxtx_status and - st103_ep_set_tx_status. - (handle_setup0): Likewise. - (handle_out0): Remove LAST_OUT_DATA. - (std_none, std_get_status, std_clear_feature, std_set_feature) - (std_set_address, std_get_descriptor, std_get_configuration) - (std_set_configuration, std_get_interface, std_set_interface): - Check direction. - (handle_setup0): Add length for setup_with_data. - -2012-05-16 Niibe Yutaka - - * tool/gnuk_put_binary.py (main): Fix fileid. - * tool/gnuk_put_binary_libusb.py: Ditto. - - * src/openpgp.c (FILE_EF_RANDOM): Remove. - (cmd_update_binary, cmds): ifdef CERTDO_SUPPORT. - (cmd_write_binary): Fix fileid. - - * src/flash.c (flash_check_blank): Always enable. - (flash_erase_binary): ifdef CERTDO_SUPPORT. - (flash_write_binary): Call flash_check_blank. - -2012-05-15 Niibe Yutaka - - * Version 0.18. - - * src/usb_desc.c (gnukStringSerial): Updated. - - * src/main.c (EP3_IN_Callback, EP5_OUT_Callback): Move from - usb_endp.c. - - * src/usb_endp.c: Remove. - -2012-05-14 Niibe Yutaka - - * tool/gnuk_remove_keys.py: New. - - * src/openpgp-do.c (proc_key_import): Fix checking extended header. - - * src/hardclock.c: Remove. - - * src/usb_prop.c (MSC_INTERFACE_NO): New. - (gnuk_setup_endpoints_for_interface): Cleanup with MSC_INTERFACE_NO. - (gnuk_setup_with_data, gnuk_setup_with_nodata): Likewise. - - * src/usb-msc.c: Rename from usb_msc.c. - - * src/usb-msc.h: Rename from usb_msc.h. - - * src/Makefile.in: Follow the rename of usb-msc.c and remove of - hardclock.c. - - * src/pin-dnd.c, src/usb_prop.c: Follow the rename of usb-msc.h. - -2012-05-12 Niibe Yutaka - - * src/usb_msc.c (ep6_out): Rename (was: ep7_out). - (usb_start_receive): Use ep6_out and ENDP6. - (EP6_OUT_Callback): Rename (was: EP7_OUT_Callback). - Use ep6_out and ENDP6. - (msc_handle_command): Use ep6_out and ENDP6. - - * src/main.c (main): Wait USB reset. - - * src/usb-icc.c (EP1_OUT_Callback): Rename from EP2_OUT_Callback. - (USBthread): Use ENDP1 for both of epi_init and epo_init. - - * src/usb_conf.h (ENDP1_RXADDR, ENDP2_TXADDR, ENDP6_RXADDR): New. - (ENDP3_TXADDR, ENDP4_TXADDR, ENDP5_RXADDR): New value. - (ENDP7_RXADDR): Remove. - - * src/usb_desc.c (gnukConfigDescriptor): Use endpoint OUT1 (was - IN2), endpoint OUT6 (IN7). - - * src/usb_prop.c (gnuk_setup_endpoints_for_interface): Use ENDP1 - and ENDP6 for both directions. - -2012-05-11 Niibe Yutaka - - * src/configure (--vidpid): New mandatory option. - - * GNUK_USB_DEVICE_ID: New file. - - * src/usb_desc.c (gnukDeviceDescriptor): Include - usb-vid-pid-ver.c.inc. - (gnukStringVendor, gnukStringProduct): Remove. It's in the - file, usb-string-vender-product.c.inc. - - * src/Makefile.in (distclean): Delete *.inc. - - * src/usb_prop.c (vcom_port_setup_with_nodata) Rename. - (vcom_port_data_setup): Rename and fix return value. - - * src/usb-cdc.h (VIRTUAL_COM_PORT_DATA_SIZE) - (VIRTUAL_COM_PORT_INT_SIZE): New. - - * src/main.c (#include): Add usb-cdc.h. - * src/usb_desc.c (#include): Add usb-cdc.h. - * src/usb_endp.c (#include): Add usb_lld.h. - - * src/configure ($help): Add FST_01. - -2012-05-10 Niibe Yutaka - - * STM32_USB-FS-Device_Driver, Virtual_COM_Port: Remove. - - * src/usb_lld.c (#include): Don't include usb_lib.h. - (RECIPIENT, REG_BASE PMA_ADDR, CNTR, ISTR, FNR, DADDR, BTABLE) - (ISTR_CTR, ISTR_DOVR, ISTR_ERR, ISTR_WKUP, ISTR_SUSP, ISTR_RESET) - (ISTR_SOF, ISTR_ESOF, ISTR_DIR, ISTR_EP_ID, CLR_CTR, CLR_DOVR) - (CLR_ERR, CLR_WKUP, CLR_SUSP, CLR_RESET, CLR_SOF, CLR_ESOF) - (CNTR_CTRM, CNTR_DOVRM, CNTR_ERRM, CNTR_WKUPM, CNTR_SUSPM) - (CNTR_RESETM, CNTR_SOFM, CNTR_ESOFM, CNTR_RESUME, CNTR_FSUSP) - (CNTR_LPMODE, CNTR_PDWN, CNTR_FRES, DADDR_EF, DADDR_ADD) - (EP_CTR_RX, EP_DTOG_RX, EPRX_STAT, EP_SETUP, EP_T_FIELD, EP_KIND) - (EP_CTR_TX, EP_DTOG_TX, EPTX_STAT, EPADDR_FIELD, EPREG_MASK) - (EP_TX_DIS, EP_TX_STALL, EP_TX_NAK, EP_TX_VALID, EPTX_DTOG1) - (EPTX_DTOG2, EP_RX_DIS, EP_RX_STALL, EP_RX_NAK, EP_RX_VALID) - (EPRX_DTOG1, EPRX_DTOG2): New. Compatible to ST's USB-FS-Device_Lib. - (CH_IRQ_HANDLER): Call usb_interrupt_handler (was: USB_Istr). - (EP1_IN_Callback, EP2_IN_Callback, EP3_IN_Callback) - (EP4_IN_Callback, EP5_IN_Callback, EP6_IN_Callback) - (EP7_IN_Callback, EP1_OUT_Callback, EP2_OUT_Callback) - (EP3_OUT_Callback, EP4_OUT_Callback, EP5_OUT_Callback) - (EP6_OUT_Callback, EP7_OUT_Callback): New. Implement here. - Compatible to ST's USB-FS-Device_Lib. - (USB_MAX_PACKET_SIZE): New. - (GET_STATUS, CLEAR_FEATURE, RESERVED1, SET_FEATURE, RESERVED2) - (SET_ADDRESS, GET_DESCRIPTOR, SET_DESCRIPTOR, GET_CONFIGURATION) - (SET_CONFIGURATION, GET_INTERFACE, SET_INTERFACE) - (SYNCH_FRAME,TOTAL_REQUEST): New for USB control transfer. - (enum CONTROL_STATE): New for state machine of control pipe. - (enum FEATURE_SELECTOR): New. - (struct DATA_INFO, struct CONTROL_INFO, struct DEVICE_INFO): New. - (ctrl_p, dev_p, data_p, Control_Info, Device_Info, Data_Info): - New. - (usb_lld_stall_tx, usb_lld_stall_rx) - (usb_lld_tx_data_len, usb_lld_txcpy, usb_lld_tx_enable) - (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) - (usb_lld_rxcpy): Move from usb_lld.h and not inline. - (usb_lld_reset, usb_lld_setup_endpoint) - (usb_lld_set_configuration, usb_lld_current_configuration) - (usb_lld_set_feature, usb_lld_set_data_to_send): New. - (usb_lld_to_pmabuf, usb_lld_from_pmabuf): Clean up. - (usb_lld_init): New implementation. - (st103_set_btable, st103_get_istr, st103_set_istr, st103_set_cntr) - (st103_set_daddr, st103_set_epreg, st103_get_epreg) - (st103_set_tx_addr, st103_get_tx_addr, st103_set_tx_count) - (st103_get_tx_count, st103_set_rx_addr, st103_get_rx_addr) - (st103_set_rx_buf_size, st103_get_rx_count, st103_ep_clear_ctr_rx) - (st103_ep_clear_ctr_tx, st103_ep_set_rxtx_status) - (st103_ep_set_rx_status, st103_ep_get_rx_status) - (st103_ep_set_tx_status, st103_ep_get_tx_status) - (st103_ep_clear_dtog_rx, st103_ep_clear_dtog_tx): New lower-level - functions for USB related registers access. - (usb_interrupt_handler, usb_handle_transfer) - (handle_datastage_out, handle_datastage_in, handle_setup0) - (handle_in0, handle_out0) - (std_none, std_get_status, std_clear_feature, std_set_feature, - std_set_address, std_get_descriptor, std_get_configuration, - std_set_configuration, std_get_interface, std_set_interface) - (std_request_handler): New USB stack implementation. - - * src/usb_lld.h (usb_lld_stall_tx, usb_lld_stall_rx) - (usb_lld_tx_data_len, usb_lld_txcpy, usb_lld_tx_enable) - (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) - (usb_lld_rxcpy): Those are not inline functions anymore. - (USB_DEVICE_DESCRIPTOR_TYPE, USB_CONFIGURATION_DESCRIPTOR_TYPE) - (USB_STRING_DESCRIPTOR_TYPE, USB_INTERFACE_DESCRIPTOR_TYPE) - (USB_ENDPOINT_DESCRIPTOR_TYPE, STANDARD_ENDPOINT_DESC_SIZE) - (ENDP0, ENDP1, ENDP2, ENDP3, ENDP4, ENDP5, ENDP6, ENDP7) - (EP_BULK, EP_CONTROL, EP_ISOCHRONOUS, EP_INTERRUPT) - (DEVICE_RECIPIENT, INTERFACE_RECIPIENT, ENDPOINT_RECIPIENT) - (ENDPOINT_RECIPIENT, OTHER_RECIPIENT) - (DEVICE_DESCRIPTOR, CONFIG_DESCRIPTOR, STRING_DESCRIPTOR) - (INTERFACE_DESCRIPTOR, ENDPOINT_DESCRIPTOR) - (REQUEST_TYPE, STANDARD_REQUEST, CLASS_REQUEST, VENDOR_REQUEST) - (USB_UNSUPPORT, USB_SUCCESS) - (USB_EVENT_RESET, USB_EVENT_ADDRESS, USB_EVENT_CONFIG) - (USB_EVENT_SUSPEND, USB_EVENT_WAKEUP, USB_EVENT_STALL) - (USB_SET_INTERFACE, USB_GET_INTERFACE, USB_QUERY_INTERFACE) - (UNCONNECTED, ATTACHED, POWERED, SUSPENDED, ADDRESSED) - (CONFIGURED, USB_Cable_Config): New. Compatible to ST's - USB-FS-Device_Lib. - (struct Descriptor, struct usb_device_method) - (Device_Descriptor, Config_Descriptor, String_Descriptors) - (STM32_USB_IRQ_PRIORITY, bDeviceState, Device_Method) - (usb_lld_init, usb_lld_reset, usb_lld_setup_endpoint) - (usb_lld_set_configuration, usb_lld_current_configuration) - (usb_lld_set_feature, usb_lld_set_data_to_send): New API. - - * src/usb_prop.c(#include): Only include usb_lld.h for USB. - (SetEPRxCount_allocated_size): Remove. - (struct line_coding, line_coding, Virtual_Com_Port_Data_Setup) - (Virtual_Com_Port_NoData_Setup): Add from usb-cdc-vport.c. - (gnuk_device_init, gnuk_device_reset, gnuk_setup_with_data) - (gnuk_setup_with_nodata): Follow the API change of USB stack. - (gnuk_setup_endpoints_for_interface, gnuk_get_descriptor) - (gnuk_usb_event, gnuk_interface): New. - (gnuk_device_SetConfiguration, gnuk_device_SetInterface) - (gnuk_device_SetDeviceAddress, gnuk_device_Status_In) - (gnuk_device_Status_Out, gnuk_device_GetDeviceDescriptor) - (gnuk_device_GetConfigDescriptor, gnuk_device_GetStringDescriptor) - (gnuk_device_Get_Interface_Setting, gnuk_clock_frequencies) - (gnuk_data_rates, msc_lun_info, Device_Table) - (User_Standard_Requests): Remove. - (Device_Method): Replace Device_Property. - - * src/usb_msc.c (#include): Only include usb_lld.h for USB. - - * src/usb_endp.c (#include): Only include usb_lld.h for USB. - (EP5_OUT_Callback): Follow the API change of USB stack. - - * src/usb_desc.c (#include): Only include usb_lld.h for USB. - Add usb_conf.h. - (Device_Descriptor, Config_Descriptor): Follow the API change - of USB stack. - (String_Descriptors): New, rename from String_Descriptor. - - * src/usb_conf.h (EP_NUM, BTABLE_ADDRESS, IMR_MSK): Remove. - (NUM_STRING_DESC): Add. - - * src/usb-icc.c (#include): Only include usb_lld.h for USB. - - * src/usb-cdc-vport.c, src/usb_prop.h: Remove. - - * src/stmusb.mk, src/vcomport.mk: Remove. - - * src/main.c (#include): Only include usb_lld.h for USB. - (main): Remove call to USB_Init. - - * src/Makefile.in (include): Remove stmusb.mk, vcomport.mk. - (VCOMSRC) [ENABLE_VCOMPORT]: Add. - (INCDIR): Remove STMUSBINCDIR and VCOMDIR. - - * boards/common/hw_config.c (Enter_LowPowerMode) - (Leave_LowPowerMode): Remove. - -2012-02-02 Niibe Yutaka - - * Version 0.17. - - * src/usb_desc.c (gnukStringSerial): Updated. - (gnukConfigDescriptor): Short APDU only. - - * tool/gnuk_put_binary.py (cmd_get_response): New. - (cmd_select_openpgp, cmd_get_data): Call cmd_get_response. - -2012-01-30 Niibe Yutaka - - * src/usb-icc.c (struct ccid): Add chained_cls_ins_p1_p2. - (end_cmd_apdu_head, icc_cmd_apdu_data, icc_handle_data): Add checking - CMD APDU head for command chaining. - -2012-01-20 Niibe Yutaka - - Short APDU only CCID driver. - * STM32_USB-FS-Device_Driver/src/usb_core.c (DataStageOut) - (DataStageIn): Use usb_lld_to_pmabuf and usb_lld_from_pmabuf. - - * src/configure (CERTDO_SUPPORT): Comment fix. - - * src/gnuk.h (struct adpu): expected_res_size has type uint16_t. - (MAX_CMD_APDU_DATA_SIZE, MAX_RES_APDU_DATA_SIZE): New. - (MAX_CMD_APDU_SIZE, MAX_RES_APDU_SIZE, USB_BUF_SIZE): Remove. - (icc_state_p): New. - (set_res_sw): Rename from set_res_apdu. - - * src/call-rsa.c (rsa_decrypt): Use MAX_RES_APDU_DATA_SIZE. - - * src/openpgp.c (set_res_sw): Rename from set_res_apdu. - * src/openpgp.h: Use set_res_sw. - - * src/main.c: Handle icc_state_p. - - * src/openpgp-do.c (historical_bytes): command chaining but short - APDU only. - (extended_capabilities): Change for short APDU only. - - * src/usb-icc.c (USB_BUF_SIZE): Define here (was in gnuk.h). - (struct ep_in, epi_init, struct ep_out, epo_init, endpoint_out) - (endpoint_in, icc_state_p, struct ccid, APDU_STATE_WAIT_COMMAND) - (APDU_STATE_COMMAND_CHAINING, APDU_STATE_COMMAND_RECEIVED) - (APDU_STATE_RESULT, APDU_STATE_RESULT_GET_RESPONSE, ccid_reset) - (ccid_init, CMD_APDU_HEAD_SIZE, apdu_init, notify_tx, no_buf) - (set_sw1sw2, get_sw1sw2, notify_icc, end_icc_rx, end_abdata) - (end_cmd_apdu_head, end_nomore_data, end_cmd_apdu_data) - (nomore_data, INS_GET_RESPONSE, icc_cmd_apdu_data, icc_abdata) - (icc_send_data_block_0x9000, icc_send_data_block_gr, ccid): New. - (icc_data_size, icc_seq, icc_next_p, icc_chain_p, icc_tx_size) - (icc_thread, icc_state, gpg_thread, ICC_RESPONSE_MSG_DATA_SIZE): - Remove. - (EP1_IN_Callback): Rewrite using epi. - (EP2_OUT_Callback): Rewrite using epo. - (icc_prepare_receive): Rewrite using epo and struct ccid. - (ATR): Change ofr short APDU only. - (icc_error, icc_power_on, icc_send_status, icc_power_off) - (icc_send_data_block, icc_send_params, icc_handle_data) - (icc_handle_timeout, USBthread): Rewrite using struct ccid. - - * src/usb_desc.c (gnukConfigDescriptor): dwFeatures: Short APDU - level, dwMaxCCIDMessageLength: 271. - - * src/usb_lld.c (usb_lld_to_pmabuf, usb_lld_from_pmabuf): New. - * src/usb_lld.h (usb_lld_txcpy, void usb_lld_write) Use - usb_lld_to_pmabuf. - (usb_lld_rxcpy): Use usb_lld_from_pmabuf. - - * src/stmusb.mk (usb_mem.c): Remove. - - * gnuk_put_binary.py (cmd_select_openpgp): No response APDU data. - (cmd_verify, cmd_write_binary): Send short APDU. - (__main__): Remove RANDOM_NUMBER_BITS support. - - Bug fix for CERTDO_SUPPORT. - * src/gnuk.ld.in: Add missing alignment for _data_pool (when no - CERTDO_SUPPORT). - -2012-01-19 Niibe Yutaka - - * src/usb-icc.c (icc_handle_data): Handle the case when it only - sends 0x90 and 0x00 correctly. - - * src/openpgp-do.c (gpg_do_get_data): Fix res_apdu_data_len. - -2012-01-18 Niibe Yutaka - - Clean up API between application layer and CCID layer. - * tool/gnuk_put_binary.py, gnuk_put_binary_libusb.py: Don't append - 0x9000 at the data, any more. - * src/usb-icc.c (icc_data_size, icc_buffer, icc_seq): Make them - internal. - (res_APDU_size, res_APDU_pointer): Removed. - (icc_handle_data, USBthread): Follow new API of struct apdu. - * src/call-rsa.c (rsa_sign, rsa_decrypt): Likewise. - * src/openpgp.c (CLS, INS, P1, P2): New. - (set_res_apdu, cmd_verify, cmd_change_password) - (cmd_reset_user_password, cmd_put_data, cmd_pgp_gakp) - (cmd_read_binary, cmd_select_file, cmd_pso) - (cmd_internal_authenticate, cmd_update_binary, cmd_write_binary) - (process_command_apdu, GPGthread): Follow new API of struct apdu. - * src/openpgp-do.c (gpg_do_get_data, gpg_do_public_key): Follow - new API of struct apdu. - * src/gnuk.h (struct apdu, apdu): New. - (cmd_APDU, icc_data_size, cmd_APDU_size, icc_buffer): Removed. - (res_APDU, res_APDU_size): Use members of struct apdu. - -2012-01-16 Niibe Yutaka - - Adopt new USB API. - * src/usb_msc.c (usb_start_transmit): Use usb_lld_write. - (EP6_IN_Callback): Use usb_lld_tx_data_len and usb_lld_write. - (usb_start_receive): Use usb_lld_rx_enable. - (EP7_OUT_Callback): Use usb_lld_rx_data_len, usb_lld_rxcpy - and usb_lld_rx_enable - (msc_handle_command): Use usb_lld_stall_rx and usb_lld_stall_tx. - - * src/usb_lld.h (usb_lld_stall_tx, usb_lld_stall_rx) - (usb_lld_tx_data_len): New. - - * src/main.c (STDOUTthread): Use usb_lld_write. - - * src/usb-icc.c (EP1_IN_Callback, icc_error, icc_power_on) - (icc_send_status, icc_send_data_block, icc_send_params): Use - usb_lld_write (was: USB_SIL_Write). - (EP2_OUT_Callback): Use usb_lld_rx_data_len, usb_lld_rxcpy, - and usb_lld_rx_enable (was: USB_SIL_Read and SetEPRxValid). - (icc_prepare_receive): Use usb_lld_rx_enable. - - * src/stmusb.mk (STMUSBSRC): Dont' include usb_sil.c. - - * src/usb_lld.h (usb_lld_txcpy, usb_lld_tx_enable) - (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) - (usb_lld_rxcpy): New. - - * src/usb_prop.c (SetEPRxCount_allocated_size): Fix the - implementation. (ST's SetEPRxCount is actually meant to - setup allocated size, which is confusing). - (gnuk_device_init): Don't call USB_SIL_Init. - -2012-01-10 Niibe Yutaka - - * src/openpgp.c (GPGthread): Allow INS_RESET_RETRY_COUNTER and - INS_PUT_DATA for pinentry targets. - -2012-01-05 Niibe Yutaka - - * src/openpgp.c (cmd_select_file): Check DF name. - - * tool/pinpadtest.py: Rename from pinpad-test.py. - -2011-12-28 Niibe Yutaka - - * src/usb_prop.c (SetEPRxCount_allocated_size): New. - (gnuk_device_reset): Use SetEPRxCount_allocated_size. - * src/usb_msc.c (usb_start_receive): Don't set RxCount register - here. - * STM32_USB-FS-Device_Driver/src/usb_core.c (Standard_ClearFeature) - (Post0_Process): Don't need to set RxCount register. - - * src/usb_prop.c (msc_lun_info) [PINPAD_DND_SUPPORT]: ifdef-out. - - * src/usb-icc.c (EP2_OUT_Callback): Fix apdu size == 49 bug, - we don't assume host sends ZLP (But accepts ZLP, just in case). - -2011-12-22 Niibe Yutaka - - * src/openpgp-do.c (extended_capabilities) [CERTDO_SUPPORT]: - conditionalize. - -2011-12-21 Niibe Yutaka - - * src/openpgp-do.c (gpg_do_get_data) [CERTDO_SUPPORT]: ifdef out. - - * src/gnuk.ld.in (.gnuk_ch_certificate): Only valid - when --enable-certdo. - - * src/flash.c (flash_check_blank) [CERTDO_SUPPORT]: ifdef out. - (flash_erase_binary) [CERTDO_SUPPORT]: Likewise. - (flash_write_binary) [CERTDO_SUPPORT]: Likewise. - - * src/configure (certdo): New. - (--enable-certdo, --disable-certdo): New options. - Remove cheking for /dev/random. - - * src/config.h.in (@CERTDO_DEFINE@): New. - -2011-12-20 Niibe Yutaka - - * src/usb_msc.c (msc_handle_command): SCSI_START_STOP_UNIT command - with stop/eject/close means cancelling pinentry. - - * src/pin-dnd.c (pinpad_finish_entry, parse_directory_sector): - Implement "cancel". - (pinpad_getline): Likewise. - (msc_scsi_stop): New. - -2011-12-16 Niibe Yutaka - - * tool/gnuk_put_binary_libusb.py (gnuk_token.cmd_select_openpgp): - Fix apdu parameter. - - * tool/gnuk_put_binary.py (GnukToken.cmd_select_openpgp): Ditto. - - * tool/pinpad-test.py: New. - -2011-12-14 Niibe Yutaka - - * Version 0.16. - - * src/usb_desc.c (gnukStringSerial): Updated. - - * boards/STM8S_DISCOVERY/board.h, board.c: Fix for PINPAD_SUPPORT. - * boards/STBEE_MINI/board.h, board.c: Likewise. - * boards/STBEE/board.h, board.c: Likewise. - * boards/FST_01/board.c: Likewise. - -2011-12-13 Niibe Yutaka - - Add pinpad DND support. - * src/Makefile.in (CSRC) [ENABLE_PINPAD]: Add usb_msc.c. - * src/configure (pinpad): Add dnd support. - * src/gnuk.h [PINPAD_DND_SUPPORT]: Add declarations. - * src/main.c (STDOUTthread): Add PUSH packet. - (main) [PINPAD_DND_SUPPORT]: Call msc_init. - * src/usb_conf.h (EP_NUM): Add the case of PINPAD_DND_SUPPORT. - (ENDP6_TXADDR, ENDP7_RXADDR): New. - (ENDP4_TXADDR, ENDP5_RXADDR): Changed for smaller buffer. - * src/usb_desc.c (gnukConfigDescriptor): Add Mass storage device. - * src/usb_msc.c, src/usb_msc.h, src/pin-dnd.c: New. - * src/usb_prop.c: Include "usb_msc.h". - (gnuk_device_reset): Add initialization of ENDP6 and ENDP7. - (gnuk_device_SetInterface): Add initialization of ENDP6 and ENDP7. - (NUM_INTERFACES): Handle cases for PINPAD_DND_SUPPORT. - (msc_lun_info): New. - (gnuk_setup_with_data, gnuk_setup_with_nodata): Handle standard - request for Mass storage device. - * Virtual_COM_Port/usb_desc.h (VIRTUAL_COM_PORT_DATA_SIZE): Since - there isn't enough hardware buffer, smaller value (was: 64). - - * src/ac.c (verify_user_0): Add access argument. - (verify_pso_cds, verify_other, verify_admin_0): Follow the change. - * src/openpgp.c (cmd_change_password): Likewise. - -2011-12-08 Niibe Yutaka - - * src/usb-icc.c: Not include "usb_desc.h". - - * src/usb_endp.c (EP5_OUT_Callback): Fix minor bug. - -2011-12-07 Niibe Yutaka - - * src/usb_desc.c (gnukDeviceDescriptor): Changed bcdUSB = 1.1. - Gnuk device conforms to USB 2.0 full speed device, but when it was - 2.0, some OS informs users, "you can connect the device to 2.0 - compliant hub so that it can have better bandwidth", which is not - the case for full speed device. - - * src/openpgp.c (GPGthread): Handle bConfirmPIN parameter. - - * src/usb-icc.c (icc_handle_data): Pass PC_to_RDR_Secure - information to gpg_thread using memory of cmd_APDU. - -2011-12-01 Niibe Yutaka - - * src/gnuk.h (EV_PINPAD_INPUT_DONE, EV_NOP, EV_CMD_AVAILABLE) - (EV_VERIFY_CMD_AVAILABLE, EV_MODIFY_CMD_AVAILABLE): New. - * src/usb-icc.c (icc_power_off, icc_handle_data): Use EV_NOP, - EV_CMD_AVAILABLE, EV_VERIFY_CMD_AVAILABLE, and EV_MODIFY_CMD_AVAILABLE. - * src/pin-cir.c (cir_timer_interrupt): Use EV_PINPAD_INPUT_DONE. - * src/pin-dial.c (dial_sw_interrupt, pinpad_getline): Ditto. - (EV_SW_PUSH): Remove. - - * src/openpgp.h (GPG_FUNCTION_NOT_SUPPORTED): New. - (GPG_CONDITION_NOT_SATISFIED): New. - * src/openpgp.c (cmd_change_password): Use GPG_FUNCTION_NOT_SUPPORTED. - - * src/openpgp.c (cmd_verify, cmd_change_password) - (cmd_reset_user_password, cmd_put_data): Remove pinpad handling... - (GPGthread): ... and implement pinpad handling here. - -2011-11-29 Niibe Yutaka - - * src/openpgp.c (cmd_put_data) [PINPAD_SUPPORT]: Support pinpad - input (for reset code). - -2011-11-24 Niibe Yutaka - - * Version 0.15. - * src/usb_desc.c (gnukStringSerial): Updated. - -2011-11-22 Niibe Yutaka - - * tool/dfuse.py (DFU_STM32.download, DFU_STM32.verify): Support - unaligned write and hole. - -2011-11-14 Niibe Yutaka - - * boards/FST_01/{mcuconf.h,board.h,board.c}: New. - -2011-11-01 Niibe Yutaka - - * src/pin-dial.c (pinpad_getline): New. - (pin_main): Remove. - - * boards/STBEE_MINI/board.h (TIMx): Define. - boards/STBEE/board.h (TIMx): Ditto. - boards/STM8S_DISCOVERY/board.h: Ditto. - - * src/pin-cir.c (pinpad_getline): New. - (cir_timer_interrupt, cir_ext_interrupt): Use TIMx. - (cir_key_is_backspace, cir_key_is_enter, pin_main, pindisp): - Remove. - (cir_codetable_dell_mr425, cir_codetable_aquos) - (cir_codetable_regza, cir_codetable_bravia, ch_is_backspace) - (ch_is_enter, find_char_codetable, hex, cir_getchar): New. - (cir_timer_interrupt): Don't filter out ADDRESS. - - * src/openpgp.c (get_pinpad_input): Don't invoke thread, - but just call pinpad_getline. - - * src/main.c (display_interaction, display_fatal_code) - (display_status_code, led_blink): New. - (main): Call display_* routine. - (fatal): Notify main thread. - * src/usb_prop.c (gnuk_device_SetConfiguration): Notify main - thread. - - * src/pin-cir.c (pindisp): Remove. - - * boards/FST_01_00: New (for 8MHz FST-01). - - * src/ac.c (calc_md): Fix comparison. - - * src/call-rsa.c (RSA_SIGNATURE_LENGTH): Use KEY_CONTENT_LEN. - (rsa_sign, rsa_decrypt): Likewise. - (modulus_calc): Don't assume it's 2048-bit. - - * src/ac.c (verify_user_0): Fix for non-initialized PW1. - - * src/Makefile.in (MCFLAGS): Override MCFLAGS option for newer - GCC of summon-arm-toolchain to add -mfix-cortex-m3-ldrd. - NOTE: This should not be needed (as -mcpu=cortex-m3 defaults - to -mfix-cortex-m3-ldrd for GCC-proper), but it is needed - to select arm-none-eabi/lib/thumb2/libc.a correctly. - -2011-10-14 NIIBE Yutaka - - * src/gnuk.ld.in (__main_stack_size__): It's 1KB (was 512 byte). - -2011-10-07 NIIBE Yutaka - - * Version 0.14. - * src/usb_desc.c (gnukStringSerial): Updated. - - * src/random.c (random_init): Call neug_prng_reseed. - -2011-10-06 NIIBE Yutaka - - * src/Makefile.in (random_bits): Remove. - - * src/openpgp.c (GPGthread): Remove unused event message. - - * src/main.c (main): Call random_init. - - * src/gnuk.ld.in (__process_stack_size__): Fix. - (.gnuk_random): Removed. - - * src/flash.c (flash_erase_binary, flash_write_binary): Remove - support of random_byte in flash ROM. - - * src/neug.c (adccb): Use old API (was: chEvtSignalFlagsI). - (adccb_err): Remove. - (rng_gen, rng): Add the last argument adccb for adcStartConversion: - This is old API of ADC driver. - (adcgrpcfg): Remove callbacks, add CONT and SWSTART: This is old - API of ADC driver. - (adccb): Remove the first argument: This is old API of ADC driver. - (neug_wait_full): New. - - * ChibiOS_2.0.8/os/hal/platforms/STM32/adc_lld.h (ADC_SAMPLE_1P5): - Add (from new API). - - * src/random.c (random_init): New. - (random_bytes_get, random_bytes_free, get_salt): Use NeuG. - - * src/Makefile.in (CSRC): Add neug.c. - - * src/neug.c: New. Verbatim copy of NeuG/src/random.c. - - * boards/common/mcuconf-common.h (USE_STM32_ADC1): TRUE for NewG RNG. - * src/chconf.h (CH_USE_SEMAPHORES): TRUE as ADC driver requires it. - * src/halconf.h (CH_HAL_USE_ADC); TRUE for NewG RNG. - -2011-07-22 NIIBE Yutaka - - * boards/OLIMEX_STM32_H103/board.h (BOARD_NAME): Fixed. - - * boards/STBEE_MINI/mcuconf.h: Added missing include of - mcuconf-common.h. - -2011-07-04 NIIBE Yutaka - - * ChibiOS_2.0.8/os/ports/GCC/ARMCMx/chcore_v7m.c - (_port_irq_epilogue, _port_switch_from_isr): Apply a patch of 2.2.6. - - * ChibiOS_2.0.8/os/hal/platforms/STM32/adc_lld.h: Apply a patch of - ADC from the branch of ChibiOS_2.0.X. - -2011-06-15 NIIBE Yutaka - - * Version 0.13. - * src/usb_desc.c (gnukStringSerial): Updated. - -2011-06-08 NIIBE Yutaka - - * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] - (MULADDC_1024_CORE, MULADDC_1024_LOOP): New. - * polarssl-0.14.0/library/bignum.c (mpi_mul_hlp): Use - MULADDC_1024_LOOP. - -2011-05-31 NIIBE Yutaka - - * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] - (MULADDC_HUIT, MULADDC_INIT, MULADDC_CORE, MULADDC_STOP): Tweak. - -2011-05-27 NIIBE Yutaka - - * tool/gnuk_put_binary.py (main): Confirm Serial ID is written - correctly. - - * src/openpgp.c (cmd_write_binary): Fix FILE_EF_SERIAL comparison. - - * src/gnuk.ld.in (.gnuk_random, .gnuk_ch_certificate): Put LONG to - have CONTENTS. - - * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] - (MULADDC_HUIT): New. - -2011-05-26 NIIBE Yutaka - - * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] - (MULADDC_INIT): Add ADDS instruction to clear of carry flag. - (MULADDC_CORE): Tune to 6 instructions and less registers. - (MULADDC_STOP): Add ADC instruction to save carry flag. - -2011-05-25 NIIBE Yutaka - - * tool/hub_ctrl.py: New. Port of original C implementation. - -2011-05-16 NIIBE Yutaka - - * src/main.c (main): Call flash_unlock at the beginning. - (device_initialize_once): Don't call flash_unlock here. - * src/flash.c (flash_init): Likewise. - - * src/openpgp.c (cmd_select_file): Don't use write_res_apdu. - (set_res_apdu): Rename from write_res_apdu. Just SW1 and SW2. - -2011-05-13 NIIBE Yutaka - - * Version 0.12. - -2011-05-12 NIIBE Yutaka - - * src/openpgp.c (cmd_pso, cmd_internal_authenticate) - (cmd_update_binary, cmd_write_binary): Don't check pw locked. - - * tool/dfuse.py (DFU_STM32.verify): Add missing colon. - * tool/dfuse.py (get_device): Restrict to STMicro DfuSe. - - * tool/gnuk_put_binary.py (main): Add -p option to enter password. - - * src/ac.c (verify_user_0): New. - (verify_pso_cds, verify_admin_0): Use verify_user_0. - * src/openpgp.c (cmd_change_password): Use verify_user_0. - - * src/random.c (get_salt): Rename from get_random. - (random_bytes_get, random_bytes_free): It's 16-byte. - - * src/ac.c (verify_admin_0): Use PW_ERR_PW1 counter when - authenticated by PW1. - -2011-05-11 NIIBE Yutaka - - * src/ac.c (verify_pso_cds, verify_other): Fail (with no counter - update) if key is not registered yet. - (verify_admin_0): Compare to OPENPGP_CARD_INITIAL_PW3 when empty - PW3 and non-empty PW1 but signing key is not registered yet. - - * tool/gnuk_put_binary.py: New implementation by pyscard. - - * src/main.c (device_initialize_once): New. - * src/usb_prop.c (gnukStringSerial): Move to... - * src/usb_desc.c (gnukStringSerial): here. Bump version to 0.12. - Fill by 0xff. - * src/usb_prop.c (gnuk_device_init) - (gnuk_device_GetStringDescriptor): Don't use RAM for - gnukStringSerial, use ROM like other string descriptor. - * src/usb_desc.c (String_Descriptor): Add gnukStringSerial. - - * src/openpgp-do.c (gpg_get_pw1_lifetime): Make static. - (gpg_do_load_prvkey, gpg_do_write_prvkey): Use kdi. - (gpg_increment_digital_signature_counter): Call gpg_get_pw1_lifetime. - * src/openpgp.c (cmd_pso): Follow the change. - * src/flash.c (keystore_pool): Remove. Use &_keystore_pool. - * src/ac.c (auth_status): Don't assign 0 as it's automatically - cleared. - -2011-05-10 NIIBE Yutaka - - * src/openpgp-do.c (gpg_pw_locked): Rename from gpg_passwd_locked. - (gpg_pw_get_err_counter): Rename from gpg_get_pw_err_counter. - (gpg_pw_reset_err_counter): Rename from gpg_reset_pw_err_counter. - (gpg_pw_increment_err_counter): Rename from gpg_increment_err_counter. - * src/ac.c, src/openpgp.c, src/gnuk.h: Follow the change. - - Bug fixes. - * src/openpgp.c (cmd_reset_user_password, cmd_change_password) - * src/openpgp-do.c (proc_resetting_code): Fix check of return value. - * src/ac.c (ac_fini): Clear keystring_md_pw3. - - Prevent observation of PW3 is emptiness by PW3's error counter. - Support verify_admin by PW1 when PW3 is empty. - * src/ac.c (admin_authorized): New. - (verify_admin_0): Set admin_authorized. - * src/openpgp-do.c (proc_resetting_code): Use admin_authorized. - (gpg_do_write_prvkey): Clear dek_encrypted_3 when keystring_admin - is NULL. - (proc_key_import): Checking admin_authorized, set keystring_admin. - * src/openpgp.c (cmd_reset_user_password): Use admin_authorized. - -2011-04-18 NIIBE Yutaka - - * gnuk.svg: Updated. - -2011-04-15 NIIBE Yutaka - - * Version 0.11. - - * src/usb_prop.c (gnukStringSerial): Updated. - -2011-04-11 NIIBE Yutaka - - * tool/dfuse.py (DFU_STM32.verify): support data size of non-1-KiB. - -2011-02-24 NIIBE Yutaka - - * src/usb_prop.c (gnuk_device_SetInterface): Fix argument to - ClearDTOG_TX. - -2011-02-10 NIIBE Yutaka - - * Version 0.10. - - * src/configure, src/Makefile.in (BOARD_DIR): New. - - * boards/CQ_STARM/board.mk, boards/OLIMEX_STM32_H103/board.mk: - Removed. - * boards/STBEE/board.mk, boards/STBEE_MINI/board.mk: Removed. - * boards/STM32_PRIMER2/board.mk, boards/STM8S_DISCOVERY/board.mk: - Removed. - - * src/Makefile.in (OUTFILES): Don't include random_bits. - -2011-02-09 NIIBE Yutaka - - * src/usb_prop.c (gnukStringSerial): Updated. - - * tool/gnuk_put_binary.py (gnuk_token.__del__): Removed. - Releasing the interface is done in PyUSB. - - * tool/dfuse.py (DFU_STM32.__del__): Removed. - - * src/openpgp.c (cmd_write_binary): Support random bits and card - holder certificate as well. - - * src/openpgp-do.c (do_openpgpcard_aid): Add volatile to prevent - compiler optimization to access AID. - -2011-02-08 NIIBE Yutaka - - * tool/gnuk_put_binary.py: Renamed (was: gnuk_update_binary.py). - (gnuk_token.cmd_write_binary): New. - (main): Support writing serial number. - - * GNUK_SERIAL_NUMBER: Renamed (was: FSIJ_SERIAL_NUMBER). - - * src/config.h.in (@SERIAL_DEFINE@): Removed. - - * src/gnuk.h (FILEID_SERIAL_NO): New. - - * src/openpgp.c (INS_WRITE_BINARY, cmd_write_binary): New. - - * src/configure: Remove --with-fixed-serial support. - - * src/openpgp-do.c (do_openpgpcard_aid): Remove support of - SERIAL_NUMBER_IN_AID. - - * src/flash.c (flash_write_binary): Support FILEID_SERIAL_NO. - -2011-02-04 NIIBE Yutaka - - * tool/gnuk_update_binary.py: Support updating random bits. - - * src/random.c (random_bits_start): Renamed. - (random_bytes_get): Check initial erased state. - - * src/Makefile.in (random-data.o): Removed. - - * src/gnuk.ld.in (.gnuk_random): Don't have .gnuk_random any more. - - * src/flash.c (flash_erase_binary): Support FILEID_RANDOM. - (flash_write_binary): Ditto. - - * src/openpgp.c (cmd_reset_user_password): Fix PINPAD_SUPPORT case - with reset code. - -2011-02-01 NIIBE Yutaka - - * Version 0.9. - - * src/openpgp-do.c (extended_capabilities): Change value for card - holder certificate. - - * src/usb_prop.c (gnuk_device_SetInterface): New. - -2011-01-29 NIIBE Yutaka - - * src/usb_prop.c (gnuk_device_Get_Interface_Setting): Handle the - case where we have multiple interfaces. - -2011-01-28 NIIBE Yutaka - - * tool/gnuk_update_binary.py: New. - - * src/openpgp-do.c (gpg_do_get_data): Fix length adding two for - status word at the end and adding four for the tag and the length. - - * src/usb-icc.c (icc_handle_data): Fix decrementing res_APDU_size. - (icc_power_off): Status should be the one *after* power off. - - * src/openpgp.c (cmd_update_binary): Fix return code. - -2011-01-27 NIIBE Yutaka - - * src/usb-icc.c (res_APDU_pointer): New. - (icc_handle_data, USBthread): Handle res_APDU_pointer. - - * src/openpgp.h (GPG_COMMAND_NOT_ALLOWED): New. - - * src/openpgp.c (INS_UPDATE_BINARY, FILE_EF_CH_CERTIFICATE) - (FILE_EF_RANDOM, cmd_update_binary): New. - (process_command_apdu): Initialize res_APDU_pointer. - - * src/openpgp-do.c (gpg_do_get_data): Handle GPG_DO_CH_CERTIFICATE. - - * src/gnuk.ld.in (.gnuk_ch_certificate): New. - - * src/flash.c (flash_check_blank, flash_erase_binary) - (flash_write_binary): New. - - * src/openpgp-do.c (gpg_do_table): Exclude GPG_DO_CH_CERTIFICATE. - - * src/openpgp.c (cmd_reset_user_password): Add PINPAD_SUPPORT. - - * src/gnuk.ld.in: Fix alignment and filling. - -2011-01-26 NIIBE Yutaka - - * boards/STBEE/mcuconf.h: New. - * boards/STBEE/board.mk: New. - * boards/STBEE/board.h: New. - * boards/STBEE/board.c: New. - - * tool/dfuse.py (DFU_STM32.verify): Add double ll_clear_status. - - * src/configure (target): Add STBEE. - -2011-01-25 NIIBE Yutaka - - * src/openpgp.c (cmd_pso): Support DigestInfo by MD5 (for opensc). - -2011-01-22 NIIBE Yutaka - - * src/openpgp.c (cmd_pgp_gakp): Handle case of non-extended Lc. - (cmd_select_file): Return DF name when FCI is requested. - - * src/openpgp-do.c (copy_do): Don't add tag if not requested. - - * src/gnuk.h (memmove): Add declaration. - -2011-01-21 NIIBE Yutaka - - * src/openpgp-do.c (copy_do): Fix off-by-one error. - - * src/openpgp.c (get_pinpad_input): Ifdef-out PINPAD_SUPPORT. - -2011-01-19 NIIBE Yutaka - - * Version 0.8. - - * src/pin-cir.c (pin_main): Fix typo, call cir_ext_disable. - - * src/usb_prop.c (gnukStringSerial): Updated. - - * src/pin-dial.c: New. - - * boards/STBEE_MINI/board.c (hwinit1): Add PINPAD_DIAL_SUPPORT. - (dial_sw_disable, dial_sw_enable, EXTI2_IRQHandler): New. - - * src/gnuk.h: Add PINPAD_DIAL_SUPPORT. - - * src/usb-icc.c (icc_handle_data): Handle PIN modification. - - * src/usb_desc.c (gnukConfigDescriptor): bPinSupport = 3 when - PINPAD_DIAL_SUPPORT is enabled. - -2011-01-18 NIIBE Yutaka - - * src/pin-cir.c (pin_main): Call cir_ext_disable at the end. - -2011-01-17 NIIBE Yutaka - - * src/gnuk.h (PIN_INPUT_CURRENT, PIN_INPUT_NEW) - (PIN_INPUT_CONFIRM): New. - - * src/pin-cir.c (pin_main): New argument MSG_CODE. - - * src/openpgp.c (get_pinpad_input): New. - (cmd_verify): Use get_pinpad_input. - (cmd_change_password): Added PINPAD_SUPPORT. - - * src/openpgp.c (cmd_nop): Removed. - - * src/config.h.in: ifdef-out (not for ASSEMBLER). - -2011-01-15 NIIBE Yutaka - - * Version 0.7. - - * src/usb-icc.c (icc_handle_data): Bug fix: add break for case - ICC_STATE_SEND. - -2011-01-14 NIIBE Yutaka - - * Version 0.6. - - * src/usb_prop.c (gnukStringSerial): Include version number (again). - - * boards/STM8S_DISCOVERY/board.c (hwinit1): Initialize TIM3 and - remap TIM3. - (cir_ext_disable, cir_ext_enable, EXTI9_5_IRQHandler) - (TIM3_IRQHandler): New. - - * boards/STBEE_MINI/board.h (HAVE_7SEGLED): New. - - * boards/STM8S_DISCOVERY/board.h: Include "config.h". - (VAL_GPIOBODR): PB0 (TIM3_CH3) is pull-down for PINPAD_SUPPORT. - - * src/pin-cir.c (pindisp): Handle the board with no 7 segment - display. - -2011-01-11 NIIBE Yutaka - - * src/openpgp-do.c (do_openpgpcard_aid): Fix length of res_p; - -2011-01-08 NIIBE Yutaka - - * src/usb-icc.c (icc_handle_data): Handle the case of - ICC_STATE_SEND (back again to the implementation of v0.4). - (USBthread): Don't send back larger block (for libccid 1.3.11). - -2011-01-07 NIIBE Yutaka - - * src/openpgp.c (cmd_read_binary): Call gpg_do_get_data for AID. - - * src/openpgp-do.c (gpg_do_get_data): Added new argument WITH_TAG. - - * src/usb_prop.c (gnuk_device_init) - (gnuk_device_GetStringDescriptor): gnukStringSerial with unique - chip ID. - - * src/openpgp-do.c (do_openpgpcard_aid): New. - (openpgpcard_aid): Removed. - - * boards/common/hw_config.c (unique_device_id): New. - -2011-01-06 NIIBE Yutaka - - * src/config.h.in (PINPAD_MORE_DEFINE): Added. - - * src/configure: Requiring bash (for variable substitution), added - PINPAD. - - * src/Makefile.in: Support PINPAD. - - * src/pin-cir.c (cir_timer_interrupt): Support Sharp protocol. - -2011-01-04 NIIBE Yutaka - - * src/chconf.h (CH_USE_DYNAMIC): It's TRUE now. - - * src/usb_desc.c (gnukConfigDescriptor): Added PINPAD_SUPPORT. - - * src/pin-cir.c (cir_timer_interrupt): Added CIR_PERIOD_INHIBIT_CHATTER. - -2010-12-29 NIIBE Yutaka - - * src/pin-cir.c (cir_timer_interrupt): Support Philips RC-5 protocol. - -2010-12-28 NIIBE Yutaka - - * src/pin-cir.c (cir_timer_interrupt): Support Philips RC-6 protocol. - -2010-12-27 NIIBE Yutaka - - * src/pin-cir.c (cir_timer_interrupt): Support Sony protocol. - -2010-12-24 NIIBE Yutaka - - * src/pin-cir.c: New file. - -2010-12-20 NIIBE Yutaka - - * src/openpgp.c (GPGthread): Added PINPAD_SUPPORT. - * boards/STBEE_MINI/mcuconf.h: Simplified. - * boards/STBEE_MINI/board.h: Include config.h. - (PINPAD_SUPPORT): Added. - * boards/STBEE_MINI/board.c (hwinit1): Added PINPAD_SUPPORT. - -2010-12-15 NIIBE Yutaka - - * src/configure (FLASH_SIZE): Without 'k'. - * src/gnuk.ld.in (MEMORY): Append "k" here. - (.gnuk_flash): End point should be aligned too. - - * src/config.h.in (@PINPAD_DEFINE@): New. - * src/Makefile.in (@PINPAD_MAKE_OPTION@): New. - * src/configure (PINPAD_MAKE_OPTION, PINPAD_DEFINE): New. - -2010-12-14 NIIBE Yutaka - - * src/configure (FLASH_PAGE_SIZE): Always set. - -2010-12-13 NIIBE Yutaka - - * Version 0.5. - - * src/usb_desc.c (gnukStringSerial): Updated. - -2010-12-10 NIIBE Yutaka - - * src/usb-cdc-vport.c (Virtual_Com_Port_Data_Setup) - (Virtual_Com_Port_NoData_Setup): No check for class&interface - request. - - * src/usb-icc.c (ATR): Fixed. - - * src/usb_desc.c (/* ICC Descriptor*/): bcdCCID = 1.1. - dwDefaultClock = dwMaximumClock = 3571. - dwFeatures 0x00040842. - - * src/usb_prop.c (gnuk_clock_frequencies, gnuk_data_rates): New. - (gnuk_nothing_todo): Removed. - (gnuk_setup_with_data, gnuk_setup_with_nodata): New. - (Device_Property): Changed to call gnuk_setup_with_data and - gnuk_setup_with_nodata. - -2010-12-09 NIIBE Yutaka - - * src/usb-icc.c (icc_power_off): Set icc_data_size = 0 to specify - no command APDU. Signal GPGThread. - (icc_handle_data, USBthread): Don't signal main thread any more. - - * src/openpgp.c (GPGthread): Only process the command APDU, if any. - - * src/openpgp-do.c (do_tag_to_nr): Don't call fatal. - * src/main.c (fatal_code): New. - (main): Implemented 1-bit LED status display. - (fatal): Added argument CODE. - * src/flash.c (flash_data_pool_allocate): Supply argument FATAL_FLASH. - * src/random.c (random_bytes_get): Supply argument FATAL_RANDOM. - * src/ac.c (auth_status): Added volatile, and remove static. - -2010-12-08 NIIBE Yutaka - - * src/gnuk.h (AC_OTHER_AUTHORIZED): Renamed (was: - AC_PSO_OTHER_AUTHORIZED). - * src/ac.c (ac_reset_other): Renamed (was: ac_reset_pso_other). - (verify_other): Renamed (was: verify_pso_other). - (ac_reset_admin): New. - * src/openpgp.c (cmd_change_password): Call ac_reset_admin. - - * src/main.c (main): Don't create GPGThread here. - * src/usb-icc.c (icc_power_on): But create here, when requested. - (icc_power_off): Terminate GPGThread. - * src/openpgp.c (gpg_init, gpg_fini): New. - (GPGthread): Check chThdShouldTerminate. Call gpg_init and gpg_fini. - -2010-12-07 NIIBE Yutaka - - USB CCID/ICC implementation changes. - * src/usb_desc.c (dwMaxCCIDMessageLength): Updated. - * src/usb-icc.c (EV_TX_FINISHED): New. - (icc_rcv_data, icc_tx_data): Removed. - (icc_buffer, icc_seq): New. - (icc_next_p, icc_chain_p): New. - (icc_tx_ready): Removed. - (EP1_IN_Callback): Handle multiple transactions. - (icc_prepare_receive): New. - (EP2_OUT_Callback): Handle multiple transactions. - (icc_error, icc_send_status): Handle the case of receive in chain. - (icc_power_on, icc_send_params): Specify it's a single transaction. - (icc_send_data_block_filling_header): New. - (icc_send_data_block): Simplify. - (icc_handle_data): Removed the case of ICC_STATE_SEND. - Handle buffer of multiple transactions. - (USBthread): Don't use sending in chain. - * src/gnuk.h (USB_LL_BUF_SIZE): New. - (USB_BUF_SIZE): Now, it's larger value. - * src/configure: Echo for --enable-debug. - * src/call-rsa.c (rsa_sign): Use temp[] buffer as rsa_pkcs1_sign - writes OUTPUT in early stage. - -2010-12-04 NIIBE Yutaka - - * src/flash.c (flash_keystore_release): Reset keystore storage. - -2010-12-03 NIIBE Yutaka - - Keystore management changes. - * src/flash.c (flash_key_alloc): Check FLASH_KEYSTORE_SIZE. - (flash_key_release): Removed. - (flash_keystore_release): New function. - * src/openpgp-do.c (gpg_do_write_prvkey): Make it static. - When there is a key already, return as error. - (proc_key_import): Call flash_keystore_release when all keys removed. - * src/gnuk.ld.in (_keystore_pool): Size of keystore is now 1.5KB. - -2010-11-30 NIIBE Yutaka - - Flash ROM fixes for STM32F10X_HD. - * src/gnuk.ld.in (.gnuk_flash): Use FLASH_PAGE_SIZE. - * src/configure (FLASH_PAGE_SIZE): Defined for gnuk.ld. - * src/flash.c (FLASH_PAGE_SIZE): New define. - (FLASH_DATA_POOL_SIZE): Use FLASH_PAGE_SIZE. - - Import changes of ChibiOS_2.0.8. - * ChibiOS_2.0.8/os/hal/include/pwm.h - * ChibiOS_2.0.8/os/hal/platforms/STM32/pwm_lld.c - * ChibiOS_2.0.8/os/hal/platforms/STM32/pwm_lld.h - * ChibiOS_2.0.8/os/hal/src/pwm.c - * ChibiOS_2.0.8/os/hal/templates/pwm_lld.c - * ChibiOS_2.0.8/os/hal/templates/pwm_lld.h - * ChibiOS_2.0.8/os/kernel/include/ch.h - * ChibiOS_2.0.8/os/kernel/src/chevents.c - * ChibiOS_2.0.8/os/kernel/src/chthreads.c - * ChibiOS_2.0.8/boards/OLIMEX_LPC_P2148/board.h - * ChibiOS_2.0.8/readme.txt - * ChibiOS_2.0.8/test/testdyn.c - * ChibiOS_2.0.8/docs/*/*: Updated. - - New private key management. - * src/ac.c (ac_reset_pso_cds, ac_reset_pso_other): Call - gpg_do_clear_prvkey. - (verify_pso_other): load private keys here. - * src/openpgp-do.c (kd): Keydata for Signing, Decryption, and - Authentication. - (gpg_do_load_prvkey, gpg_do_write_prvkey): Use kd[]. - (gpg_do_clear_prvkey): New function. - * src/openpgp.c (cmd_pso, cmd_internal_authenticate): Use new API - of rsa_sign and rsa_decrypt. - (cmd_pso): Fixed bug of checking return value of gpg_get_pw1_lifetime. - * src/call-rsa.c (rsa_sign): New argument KD. - (rsa_decrypt): Likewise. - - Don't use malloc/free in C library. - * src/stdlib.h (malloc, free): Use chHeapAlloc and chHeapFree. - -2010-11-26 NIIBE Yutaka - - * boards/STM8S_DISCOVERY/*: New. - * src/configure: STM8S_DISCOVERY only has 64KB flash memory. - - * boards/STBEE_MINI/board.h (CPU_WITH_NO_GPIOE): New define. - * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld.c: Use it. - * ChibiOS_2.0.6/os/hal/platforms/STM32/pal_lld.c: Likewise. - * ChibiOS_2.0.6/os/hal/platforms/STM32/pal_lld.h: Likewise. - - * src/openpgp.c (cmd_pso): DigestInfo by SHA224/SHA384/SHA512 is - supported. - -2010-11-22 NIIBE Yutaka - - Import changes of ChibiOS_2.0.6. - * ChibiOS_2.0.6/demos/ARM7-AT91SAM7X-LWIP-GCC/chconf.h - * ChibiOS_2.0.6/os/hal/include/can.h - * ChibiOS_2.0.6/os/hal/platforms/AT91SAM7/hal_lld.c - * ChibiOS_2.0.6/os/hal/platforms/AT91SAM7/serial_lld.c - * ChibiOS_2.0.6/os/hal/platforms/LPC214x/serial_lld.c - * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld_f103.h - * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld_f105_f107.h - * ChibiOS_2.0.6/os/hal/platforms/STM32/pwm_lld.c - * ChibiOS_2.0.6/os/hal/platforms/STM32/serial_lld.h - * ChibiOS_2.0.6/os/hal/platforms/STM32/spi_lld.h - * ChibiOS_2.0.6/os/hal/src/adc.c - * ChibiOS_2.0.6/os/hal/src/spi.c - * ChibiOS_2.0.6/os/kernel/include/ch.h - * ChibiOS_2.0.6/os/kernel/include/chinline.h - * ChibiOS_2.0.6/os/kernel/include/chioch.h - * ChibiOS_2.0.6/os/kernel/include/chstreams.h - * ChibiOS_2.0.6/os/kernel/include/chthreads.h - * ChibiOS_2.0.6/os/kernel/src/chlists.c - * ChibiOS_2.0.6/os/kernel/src/chschd.c - * ChibiOS_2.0.6/os/kernel/src/chthreads.c - * ChibiOS_2.0.6/os/ports/GCC/ARM/rules.mk - * ChibiOS_2.0.6/os/ports/GCC/ARM7/chcore.h - * ChibiOS_2.0.6/os/ports/GCC/ARM7/port.dox - * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v6m.c - * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v6m.h - * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v7m.c - * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v7m.h - * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/old/chcore_v7m.h - * ChibiOS_2.0.6/os/ports/GCC/AVR/chcore.h - * ChibiOS_2.0.6/os/ports/GCC/AVR/port.dox - * ChibiOS_2.0.6/os/ports/GCC/MSP430/chcore.c - * ChibiOS_2.0.6/os/ports/GCC/MSP430/chcore.h - * ChibiOS_2.0.6/os/ports/GCC/MSP430/port.dox - * ChibiOS_2.0.6/os/ports/GCC/PPC/chcore.h - * ChibiOS_2.0.6/os/ports/GCC/PPC/port.dox - * ChibiOS_2.0.6/os/ports/RC/STM8/port.dox - * ChibiOS_2.0.6/os/various/memstreams.h - * ChibiOS_2.0.6/readme.txt - * ChibiOS_2.0.6/docs/*/*: Updated - -2010-11-14 NIIBE Yutaka - - * src/openpgp.c (cmd_pso): DigestInfo by SHA256 is supported. - -2010-11-12 NIIBE Yutaka - - * src/usb_desc.c (gnukConfigDescriptor): Change dwFeatures. - - * src/usb-icc.c (icc_send_params): Always return fixed result. - (icc_handle_data): Support ICC_GET_PARAMS. - -2010-11-10 NIIBE Yutaka - - * src/usb_desc.c (gnukConfigDescriptor): Fix bmAttributes. - -2010-11-09 NIIBE Yutaka - - * Version 0.4. - - * src/usb_desc.c (gnukStringSerial): Updated. - - * ChibiOS_2.0.2/os/hal/platforms/STM32/pal_lld.h (PALConfig): - STBee Mini uses STM32F103CBT6 which expose no GPIO E port. - * ChibiOS_2.0.2/os/hal/platforms/STM32/pal_lld.c (_pal_lld_init): - Likewise. - -2010-11-08 NIIBE Yutaka - - * tool/dump_mem.py: New tool. - - Implement GC for data pool in flash memory. - * src/openpgp-do.c (gpg_write_digital_signature_counter): New. - (gpg_increment_digital_signature_counter): Fix for GC. - (gpg_data_scan): Rename from gpg_do_table_init. - (gpg_data_copy): New function for copying GC. - * src/main.c (main): Call gpg_data_scan with the address which - flash_init returns. - * src/flash.c (flash_erase_page): New function. - (FLASH_DATA_POOL_SIZE): data_pool is 2KiB now. - (flash_data): Put a header (GC generation). - (flash_init): Implement choosing a data pool page. - (flash_data_pool): Removed. - (flash_copying_gc): New function. - (flash_data_pool_allocate): Call flash_copying_gc when full. - (flash_do_write_internal, flash_put_data_internal) - (flash_bool_write_internal, flash_cnt123_write_internal): New - * src/gnuk.ld.in (gnuk_flash): data_pool is 2KiB now. - - Bug fixes. - * src/openpgp.c (cmd_change_password, cmd_reset_user_password): - Write to APDU correctly. - * src/flash.c (flash_warning): Make it public. - * src/openpgp-do.c (do_hist_bytes, do_fp_all, do_cafp_all) - (do_kgtime_all, do_ds_count): Fix return value. - (rw_pw_status): Correctly return value. - (proc_resetting_code): Change func proto. to return success/failure. - (proc_key_import): Ditto. - (gpg_do_put_data): Handle return values. - (gpg_do_write_simple): Don't write to APDU. - -2010-11-05 NIIBE Yutaka - - Bug fixes. - * src/openpgp.c (gpg_change_keystring): Handle - GPG_KEY_FOR_AUTHENTICATION. - * src/openpgp-do.c (gpg_do_write_prvkey): Remove multiple call - of flash_do_release. - - Bug fix. - * src/openpgp-do.c (gpg_do_write_prvkey): Don't hardcode 6, but - use strlen. - - * src/flash.c, src/gnuk.ld.in: Rename "Flash DO Pool" to "Flash - Data Pool", because it's not only DO. - * src/gnuk.h, src/opengpg-do.c: Cleanup. - - Digital Signature Counter implementation improvement. - * src/gnuk.h (NR_DO_DS_COUNT): Removed. - (NR_COUNTER_DS, NR_COUNTER_DS_LSB): New. - * src/openpgp-do.c (do_ds_count_initial_value): Removed. - (gpg_do_increment_digital_signature_counter): Removed. - (digital_signature_counter): New variable. - (do_ds_count, gpg_increment_digital_signature_counter): New functions. - (gpg_do_table): Change the entry for GPG_DO_DS_COUNT as DO_PROC_READ. - (gpg_do_table_init): Handle digital_signature_counter. - * src/flash.c (flash_data_pool_allocate, flash_put_data): New. - - Password status implementation improvement. - * src/gnuk.h (PW_STATUS_PW1, PW_STATUS_RC, PW_STATUS_PW3): Removed. - (PW_ERR_PW1, PW_ERR_RC, PW_ERR_PW3): New define. - (NR_COUNTER_123, NR_BOOL_PW1_LIFETIME): New define. - (NR_NONE, NR_EMPTY): New define. - * src/flash.c (flash_bool_clear, flash_bool_write) - (flash_cnt123_get_value, flash_cnt123_increment) - (flash_cnt123_clear): New functions. - * src/openpgp-do.c (do_pw_status_bytes_template): Removed. - (PW_STATUS_BYTES_TEMPLATE, gpg_do_reset_pw_counter): Removed. - (PASSWORD_ERRORS_MAX, PW_LEN_MAX): New define. - (pw1_lifetime_p, pw_err_counter_p): New variables. - (gpg_get_pw1_lifetime): New function. - (gpg_get_pw_err_counter, gpg_passwd_locked, gpg_reset_pw_counter) - (gpg_increment_pw_counter): New functions. - (rw_pw_status): Use pw1_lifetime_p and pw_err_counter_p. - (gpg_do_table_init): Handle NR_COUNTER_123 and NR_BOOL_PW1_LIFETIME. - * src/ac.c (verify_pso_cds, verify_pso_other, verify_admin_0): - Follow the changes. - * src/openpgp.c (cmd_change_password, cmd_reset_user_password) - (cmd_pso, cmd_internal_authenticate): Likewise. - -2010-11-04 NIIBE Yutaka - - * src/flash.c (flash_warning): New. - (flash_do_pool): Added header for DO pool. - (flash_do_release): Fill zero. - (flash_do_write): Change DO format in flash. - * src/openpgp-do.c (gpg_do_table_init, copy_do_1) - (gpg_do_read_simple): Follow the change of DO format in flash. - - * src/openpgp-do.c (DO_CMP_READ): Renamed. - (cmp_ch_data, cmp_app_data, cmp_ss_temp): Likewise. - (with_tag): Removed static global variable. - (do_hist_bytes, do_fp_all, do_cafp_all, do_kgtime_all) - (rw_pw_status, copy_do_1, copy_do, gpg_do_get_data): Added - with_tag argument. - (gpg_do_put_data): length > 255 will be error. - -2010-11-03 NIIBE Yutaka - - Bug fixes. - * src/ac.c (verify_admin_0): Initialize pwsb earlier. - * src/openpgp-do.c (copy_do_1): Access do_data[0] (was: do_data[1]). - -2010-11-02 NIIBE Yutaka - - DfuSe support. - * tool/dfuse.py (DFU_STM32.download): Put '#' for each 4-KiB. - Added 0-length write to finish download. - Take intel_hex object as argument. - (DFU_STM32.ll_upload_block): New method. - (DFU_STM32.dfuse_read_memory): New method. - (DFU_STM32.verify): New method. - (get_device): Support DFU_STM32PROTOCOL_0 too (for CQ STARM). - - * tool/dfuse.py: Renamed from dfu_stmicroelectronics_extention.py. - -2010-11-01 NIIBE Yutaka - - * tool/intel_hex.py: New file. - * tool/dfu_stmicroelectronics_extention.py: New file. - -2010-10-28 NIIBE Yutaka - - * src/gnuk.h (OPENPGP_CARD_INITIAL_PW3): New. - * src/ac.c (verify_admin_0): Use OPENPGP_CARD_INITIAL_PW3. - -2010-10-23 NIIBE Yutaka - - * Version 0.3. - - * src/usb_desc.c (gnukStringSerial): Updated. - -2010-10-22 NIIBE Yutaka - - * src/gnuk.ld.in (.gnuk_random): Fix description so that - padding with 0xffffffff will be in gnuk.hex. - - * src/openpgp.c (file_selection): Change type (was: int). - (FILE_NONE..FILE_EF_SERIAL): Change the values. - - * src/configure: Added STBee Mini support. - * boards/STBEE_MINI/mcuconf.h: New. - * boards/STBEE_MINI/board.mk: New. - * boards/STBEE_MINI/board.h: New. - * boards/STBEE_MINI/board.c: New. - - * ChibiOS_2.0.2/os/hal/platforms/STM32/hal_lld.c - (pal_default_config): STBee Mini uses STM32F103CBT6 which expose - no GPIO E port. - -2010-10-21 NIIBE Yutaka - - * boards/common/hw_config.c (Get_SerialNum): Removed. - * src/usb_prop.c (gnuk_device_init): Remove calling Get_SerialNum. - * src/usb_desc.c (gnukStringSerial): Updated. - * boards/CQ_STARM/board.c (set_led): Fix polarity. - -2010-10-20 NIIBE Yutaka - - * FSIJ_SERIAL_NUMBER: New. - * src/configure (with_fsij): Added FSIJ serial number support. - * src/config.h.in (@FSIJ_DEFINE@, @SERIAL_NUMBER_FOUR_BYTES@): New. - - * src/configure: Added CQ STARM target. - * boards/CQ_STARM/mcuconf.h: New. - * boards/CQ_STARM/board.mk: New. - * boards/CQ_STARM/board.h: New. - * boards/CQ_STARM/board.c: New. - -2010-10-19 NIIBE Yutaka - - * boards/STM32_PRIMER2/board.mk (BOARDSRC): Use common/hw_config.c. - * boards/OLIMEX_STM32_H103/board.mk (BOARDSRC): Likewise. - - * boards/common/hw_config.c: Move board specific functions to ... - * boards/STM32_PRIMER2/board.c (USB_Cable_Config, set_led): ... here. - * boards/OLIMEX_STM32_H103/board.c (USB_Cable_Config, set_led): Ditto. - - * boards/{OLIMEX_STM32_H103,STM32_PRIMER2}/hw_config.c: Removed. - * boards/common/hw_config.c: New file (was: boards/*/hw_config.c). - - * .gitignore: New file. - -2010-10-16 NIIBE Yutaka - - Implement "INTERNAL AUTHENTICATE" command. - - * src/gnuk.h (BY_USER, BY_RESETCODE, BY_ADMIN): New defines. - (NUM_ALL_PRV_KEYS): Now it's 3 (was: 2). - - * src/openpgp.c (INS_INTERNAL_AUTHENTICATE): New define. - (cmd_internal_authenticate): New function. - (cmds): Added INS_INTERNAL_AUTHENTICATE. - (cmd_change_password): Use BY_USER. - (cmd_reset_user_password): Use BY_USER, BY_RESETCODE, BY_ADMIN. - (cmd_pso): Load GPG_KEY_FOR_DECRYPTION here. - (cmd_pso): Removed adding status word into res_APDU... - * src/call-rsa.c (rsa_sign): and moved adding status word into - res_APDU here. - - * src/ac.c (pw1_keystring): New variable. - (ac_reset_pso_other): Clear pw1_keystring. - (verify_pso_cds): Use BY_USER. - (verify_pso_other): Just check the length of password here, and - defer real check to cmd_pso or cmd_internal_authenticate. - -2010-10-14 NIIBE Yutaka - - Adding 'configure' support. - * src/configure: New file. - * src/Makefile.in: Renamed from src/Makefile. - * src/config.h: Renamed from src/config.h. - * src/gnuk.ld: Renamed from src/gnuk.ld. - - Adding DFU_SUPPORT. - * boards/common/hwinit0.c: New file adding DFU_SUPPORT. - * boards/common/hwinit1.c: New file. - * boards/OLIMEX_STM32_H103/board.c: Include config.h. - Use common/hwinit0.c and common/hwinit1.c. - * boards/STM32_PRIMER2/board.c: Likewise. - -2010-09-16 NIIBE Yutaka - - * src/usb-icc.c (icc_error): New function. - (icc_handle_data): Call icc_error. - Don't go to STATE_START on errors. - -2010-09-13 NIIBE Yutaka - - * Version 0.2. - - * src/openpgp.c (cmd_select_file): Override data of number_of_bytes. - - * src/openpgp-do.c (gpg_do_table_init): Calculate number of byte - which Data Objects consumes. - -2010-09-12 Kaz Kojima - - * src/call-rsa.c (rsa_decrypt): Debug output only when DEBUG. - - * boards/STM32_PRIMER2/hw_config.c (USB_Cable_Config): Fix GPIO. - (set_led): Ditto. - - * boards/STM32_PRIMER2/board.c (hwinit1): Added LED initialization. - -2010-09-11 NIIBE Yutaka - - * src/usb-icc.c (ATR): Fixed. - (icc_send_params): New function. - (icc_handle_data): Handle ICC_SET_PARAMS request. - - * src/random.c (random_bytes_get, random_bytes_free, get_random): - Clear used random bytes. - - * src/flash.c (flash_clear_halfword): New function. - -2010-09-10 NIIBE Yutaka - - * Version 0.1. - - * src/usb_desc.c (gnukStringSerial): Change the value so that - libccid doesn't get confused. - - * src/openpgp.c (gpg_change_keystring): Support key for decryption - as well. - (cmd_read_binary): Use openpgpcard_aid. - (cmd_pso): call ac_reset_pso_other. - - * src/openpgp-do.c (openpgpcard_aid): Renamed from aid, and exported. - (do_ds_count_initial_value): New const variable. - (num_prv_keys): New variable. - (gpg_do_write_prvkey): Remove contents of keystring only if - ++num_prv_keys == NUM_ALL_PRV_KEYS. - (gpg_do_chks_prvkey): Call flash_do_release. - (gpg_do_table_init): Initialize with do_ds_count_initial_value. - Initialize num_prv_keys. - (gpg_do_write_simple): Support removing DO. - (gpg_do_increment_digital_signature_counter): Call flash_do_release. - - * src/gnuk.h (NUM_ALL_PRV_KEYS): New definition. - (OPENPGP_CARD_INITIAL_PW1): New definition. - (enum kind_of_key): Rename. - - * src/ac.c (ac_reset_pso_cds): New function. - -2010-09-09 Kaz Kojima - - * boards/STM32_PRIMER2/{board.c,board.h,board.mk,hw_config.c,mcuconf.h}: - New files. - - * boards/OLIMEX_STM32_H103/{mcuconf.h,hw_config.c}: Moved from src. - - * src/main.c (main): Use set_led instead of palClearPad directly. - -2010-09-08 NIIBE Yutaka - - * src/ac.c (calc_md): Make SHA1 variable auto. - - * src/debug.c (put_int): New. - - * src/gnuk.ld (__process_stack_size__): Removed. - - * src/main.c (STDOUTthread): Use Event. - (main): Make LED ON during command execution, blink usually. - - * src/openpgp-do.c (encrypt, decrypt): Make AES variables auto. - (gpg_do_table): GPG_DO_ALG_AUT is NULL. - - * src/openpgp.c (cmd_pso): Bug fix for extended Lc. - - * src/usb-icc.c (icc_power_off): Make LED ON during command - execution. - (USB_ICC_TIMEOUT): Longer value (was: 1000). - - * src/usb_desc.c (gnukConfigDescriptor): Fix bcdCCID value. - - * src/vcomport.mk (VCOMSRC): Use our own usb_endp.c. - - * src/usb_desc.c (gnukConfigDescriptor): ICC Descriptor is - Revision 1.0. - - * polarssl-0.14.0/include/polarssl/config.h: Commend out - POLARSSL_SELF_TEST. - - * polarssl-0.14.0/library/rsa.c (rsa_private): Don't check input, - so that we don't access ctx->N. - (rsa_pkcs1_decrypt): size of BUF is enough as 256. - - * polarssl-0.14.0/library/sha1.c (sha1_file): #if-out to avoid - stdio of libc. - - * polarssl-0.14.0/library/bignum.c (mpi_write_hlp) - (mpi_write_string, mpi_read_file, mpi_read_file): #if-out to avoid - stdio of libc. - -2010-09-07 NIIBE Yutaka - - * gnuk.svg: New file. - -2010-09-06 NIIBE Yutaka - - * Initial version 0.0. diff --git a/ChangeLog-1_0 b/ChangeLog-1_0 new file mode 100644 index 0000000..84b5bc6 --- /dev/null +++ b/ChangeLog-1_0 @@ -0,0 +1,2477 @@ +2013-02-15 Niibe Yutaka + + * Version 1.0.2. + * src/usb_desc.c (gnukStringSerial): Updated. + +2013-02-14 Niibe Yutaka + + * test/features/002_get_data_static.feature: Value of extended + capabilities changed. + * test/features/402_get_data_static.feature: Ditto. + * test/features/802_get_data_static.feature: Ditto. + + * src/openpgp.c (cmd_write_binary): Move erasing page of update + keys to... + (modify_binary): ...here. + + * src/flash.c (flash_write_binary): Handle removal of update keys. + +2013-02-13 Niibe Yutaka + + * src/openpgp.c (cmd_get_challenge): Handle Le field. + + * src/openpgp-do.c (extended_capabilities): Fix for GET CHALLENGE. + + * src/gnuk.h (CHALLENGE_LEN): Moved here (was: openpgp.c). + + * tool/gnuk_token.py (iso7816_compose): Add Le field. + +2013-01-30 Niibe Yutaka + + * src/openpgp.c (cmd_external_authenticate): Fix off-by-one error. + + * tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Add + KEYNO to the arguments. + + * tool/upgrade_by_passwd.py (main): Explicitly say it's KEYNO. + +2013-01-28 Niibe Yutaka + + * src/openpgp-do.c (gpg_pw_get_retry_counter): New. + * src/openpgp.c (cmd_verify): Implement VERIFY with empty data. + +2013-01-22 Niibe Yutaka + + * tool/pinpadtest.py (Card.cmd_vega_alpha_disable_empty_verify): + New. + (main): call cmd_vega_alpha_disable_empty_verify if it's + COVADIS_VEGA_ALPHA. + +2013-01-21 Niibe Yutaka + + * tool/pageant_proxy_to_gpg.py: New. + * tool/sexp.py: New. + +2013-01-20 Niibe Yutaka + + * tool/gpg_agent.py: New. + +2013-01-11 Niibe Yutaka + + * tool/pinpadtest.py: Add fixed length input. + +2012-12-25 Niibe Yutaka + + * tool/rsa.py: New. + + * tool/rsa_example.key: New. Example RSA key information. + + * tool/upgrade_by_passwd.py: New. + +2012-12-19 Niibe Yutaka + + * src/Makefile.in (USE_OPT): -O3 and -Os (was: -O2). + + * tool/gnuk_token.py (gnuk_token.stop_gnuk, gnuk_token.mem_info) + (gnuk_token.download, gnuk_token.execute) + (gnuk_token.cmd_get_challenge) + (gnuk_token.cmd_external_authenticate): New. + (gnuk_devices_by_vidpid): New. + (regnual): New. + +2012-12-18 Niibe Yutaka + + * test/gnuk.py: Remove. + + * test/features/steps.py: Use tool/gnuk_token.py. + + * tool/gnuk_put_binary_libusb.py: Use gnuk_token.py. + (main): Follow the API change. + + * tool/gnuk_token.py (list_to_string): New. + (gnuk_token.get_string, gnuk_token.increment_seq) + (gnuk_token.reset_device, gnuk_token.release_gnuk): New. + (gnuk_token.icc_power_on): Set self.atr and it's now string. + (gnuk_token.icc_send_cmd): Handle time extension. + (gnuk_token.cmd_get_response): Return string (was: list). + (gnuk_token.cmd_get_data): Return "" when success. + (gnuk_token.cmd_change_reference_data, gnuk_token.cmd_put_data) + (gnuk_token.cmd_put_data_odd) + (gnuk_token.cmd_reset_retry_counter, gnuk_token.cmd_pso) + (gnuk_token.cmd_pso_longdata) + (gnuk_token.cmd_internal_authenticate, gnuk_token.cmd_genkey) + (gnuk_token.cmd_get_public_key): New. + (compare): New. + (get_gnuk_device): New. + +2012-12-14 Niibe Yutaka + + * src/openpgp.c (cmd_change_password): Check password length + for admin less mode. + +2012-12-13 Niibe Yutaka + + * src/openpgp-do.c (gpg_do_put_data): Add GPG_SUCCESS for + completeness (it worked because of lower layer goodness). + +2012-12-12 Niibe Yutaka + + * tool/gnuk_token.py: Add module imports. + + * tool/gnuk_remove_keys.py (main): Fix data object number + for KGTIME_SIG, KGTIME_DEC and KGTIME_AUT. + + * tool/gnuk_remove_keys_libusb.py (main): Likewise. + +2012-12-05 Niibe Yutaka + + * tool/gnuk_remove_keys_libusb.py: New. + * tool/gnuk_token.py: New. + +2012-11-07 Niibe Yutaka + + * src/usb-icc.c (icc_send_data_block_internal): New. + (icc_send_data_block_time_extension): New. + (icc_handle_timeout): Use icc_send_data_block_time_extension. + (icc_send_data_block): Only one argument. + (USBthread): Follow the change. + +2012-11-01 Niibe Yutaka + + * tool/gnuk_upgrade.py (main): New option '-k' to specify keygrip + for non-smartcard key. + (gpg_sign): Support non-smartcard key. + +2012-10-31 Niibe Yutaka + + * tool/get_raw_public_key.py: New. + +2012-10-26 Niibe Yutaka + + * GNUK_USB_DEVICE_ID (Product_STRING): It's considered better not + to include vendor name. Change the name to "Gnuk Token" (was: + FSIJ USB Token). + +2012-10-13 Niibe Yutaka + + * boards/STBEE_MINI/board.c [!DFU_SUPPORT] (hwinit1): Don't run + when "user switch" is pushed. This is for JTAG/SWD debugger. + +2012-09-25 Niibe Yutaka + + * tool/stlinkv2.py (main): Print out option bytes value. + Call reset_sys before blank_check. + +2012-09-18 Niibe Yutaka + + * tool/stlinkv2.py (stlinkv2.option_bytes_erase) + (stlinkv2.flash_erase_all, stlinkv2.flash_erase_page): : Fix + OperationFailure (was OperationError). + (main): Call option_bytes_erase if it's not 0xff. + +2012-09-12 Niibe Yutaka + + * src/sha256.c: Include . + + * src/sha256.h (SHA256_DIGEST_SIZE, SHA256_BLOCK_SIZE): Move + from sha256.c. + +2012-08-29 Niibe Yutaka + + * tool/hub_ctrl.py (__main__): Fix to busnum (was: bunum). + Thanks to Henry Hu. + +2012-08-03 Niibe Yutaka + + * Version 1.0.1. + * src/usb_desc.c (gnukStringSerial): Updated. + * src/main.c (ID_OFFSET): Fix. + +2012-08-02 Niibe Yutaka + + * test/gnuk.py (gnuk_token.get_string): New. + * test/features/991_version_string.feature: New. + +2012-07-21 Niibe Yutaka + + * Version 1.0. + * src/usb_desc.c (gnukStringSerial): Updated. + + Documentation by Sphinx. + * doc/Makefile: New. + * doc/note: Old notes are moved here. + +2012-07-20 Niibe Yutaka + + * test/features/002_get_data_static.feature: Support CERTDO enabled + Gnuk for the test of extended capabilities. + * test/features/802_get_data_static.feature: Ditto. + * test/features/402_get_data_static.feature: Ditto. + +2012-07-10 Niibe Yutaka + + * test/features/*: Add test cases for PW1/PW3 of factory settings. + + * test/features/202_keygen.feature: Add PSO signature test after + keygen. + * test/features/602_keygen.feature: Ditto. + + Bug fix. + * src/openpgp-do.c (gpg_do_write_prvkey): Don't call ac_reset_* + here. + (proc_key_import): But call ac_reset_* here. + (gpg_do_keygen): Load private key for signing. + + * tool/stlinkv2.py (stlinkv2.usb_disconnect): New. + +2012-07-09 Niibe Yutaka + + * src/openpgp.c (cmd_pso): For decryption, return error sooner for + invalid data. + + * tool/stlinkv2.py (stlinkv2.setup_gpio): Fix GPIOB_CRL. + + * test/rsa_keys.py (integer_to_bytes_256): Rename from + integer_to_bytes and it should be exactly 256-byte long. + +2012-07-06 Niibe Yutaka + + * Version 0.21. + * src/usb_desc.c (gnukStringSerial): Updated. + + * boards/FST_01/board.h (VAL_GPIOACRL): Change for SPI flash. + * tool/stlinkv2.py (stlinkv2.setup_gpio): Likewise. + (stlinkv2.spi_flash_init, stlinkv2.spi_flash_select) + (stlinkv2.spi_flash_sendbyte, stlinkv2.spi_flash_read_id): New. + (main): Add SPI flash ROM id check. + +2012-07-05 Niibe Yutaka + + * src/call-rsa.c (rsa_sign, rsa_decrypt): Don't need to setup N. + + * polarssl-0.14.0/library/rsa.c (rsa_check_pubkey) + (rsa_check_privkey): Ifdef-out. + + More tests. + * test/*: Add tests for admin-less mode. + * test/features/990_reset_passphrase.feature: This is now for + admin-less mode. + * test/features/970_key_removal.feature: Ditto. + + * src/openpgp.c (cmd_change_password): Call ac_reset_admin when + admin-less mode. + (cmd_reset_user_password): Likewise. + + * src/ac.c (ac_reset_admin, ac_fini): Clear ADMIN_AUTHORIZED. + + Bug fix. + * src/ac.c (verify_admin): Call s2k with ADMIN_AUTHORIZED. + +2012-07-04 Niibe Yutaka + + Bug fixes. + * src/ac.c (verify_admin_0): Compare PW_LEN and BUF_LEN. + + * src/openpgp-do.c (gpg_do_chks_prvkey): Set do_ptr to NULL before + calling flash_do_write (which might cause GC). + (gpg_do_put_data, gpg_do_write_simple): Likewise. + + * src/openpgp.c (cmd_reset_user_password): Write to + DO_KEYSTRING_PW1. + +2012-07-03 Niibe Yutaka + + * test/features/040_passphrase_change.feature: New. + * test/features/203_passphrase_change.feature: New. + * test/features/210_compute_signature.feature: Rename (was: + 203_compute_signature.feature) + * test/features/211_decryption.feature: Rename (was: + 204_decryption.feature) + +2012-07-02 Niibe Yutaka + + * tool/stlinkv2.py (stlinkv2.__init__): Don't call setAltInterface. + +2012-06-30 Niibe Yutaka + + * src/openpgp.c (s2k): New. + (resetcode_s2k): Remove. + (cmd_reset_user_password, cmd_change_password): Use s2k (was: + sha256 directly or resetcode_s2k). + * src/openpgp-do.c (proc_resetting_code, gpg_do_write_prvkey): + Likewise. + * src/ac.c (verify_user_0, verify_admin): Likewise. + +2012-06-29 Niibe Yutaka + + * regnual/Makefile: Don't copy usb_lld.c. + +2012-06-28 Niibe Yutaka + + * test/features/204_decryption.feature: New. + * test/features/203_compute_signature.feature: New. + * test/features/202_keygen.feature: New. + * test/features/201_setup_passphrase.feature: New. + * test/features/200_key_removal.feature: New. + + * test/rsa_keys.py (verify_signature): New. + (encrypt_with_pubkey): New. + + * test/gnuk.py (gnuk_token): New method: increment_seq. + (gnuk_token.icc_send_cmd): Handle timeout. + (gnuk_token.cmd_genkey): New. + (gnuk_token.cmd_get_public_key): New. + +2012-06-27 Niibe Yutaka + + * test/features/101_decryption.feature: New. + * test/features/100_compute_signature.feature: New. + + * src/openpgp-do.c (gpg_do_chks_prvkey): Call flash_do_release before + flash_do_write. + (gpg_do_write_prvkey): Bug fix when GC occurs. + + * src/openpgp.c (cmd_change_password): Support resetting to + factory setting of PW3. + + * src/openpgp-do.c (gpg_do_write_prvkey): Don't reset signagure + counter here. + (proc_key_import): But reset here. + Call ac_reset_* when key is imported. + +2012-06-26 Niibe Yutaka + + * test: New. + +2012-06-25 Niibe Yutaka + + * tool/usb_strings.py: New. + +2012-06-22 Niibe Yutaka + + * tool/stlinkv2.py (stlinkv2.blank_check): Add blank check of + Flash ROM. + +2012-06-21 Niibe Yutaka + + * tool/asm-thumb/blank_check.S: New. + +2012-06-20 Niibe Yutaka + + ST-Link/V2 flash ROM writer. + * tool/stlinkv2.py: New. + * tool/asm-thumb/opt_bytes_write.S: New. + * tool/asm-thumb/flash_write.S: New. + +2012-06-19 Niibe Yutaka + + * Version 0.20. + + * src/usb_desc.c (gnukStringSerial): Updated. + +2012-06-18 Niibe Yutaka + + LED display output change. + * src/main.c (MAIN_TIMEOUT_INTERVAL): New. + (LED_TIMEOUT_INTERVAL, etc.): New values. + (main_mode, display_interaction): Remove. + (led_inverted, emit_led): New. + (display_status_code): Use emit_led. + (led_blink): Use LED_* for SPEC. + (main, fatal): New LED display output. + * src/gnuk.h (LED_ONESHOT, LED_TWOSHOTS, LED_SHOW_STATUS) + (LED_START_COMMAND, LED_FINISH_COMMAND, LED_FATAL): New semantics. + (main_thread): Remove. + * src/openpgp-do.c (gpg_do_keygen): Don't touch LED here. + * src/openpgp.c (get_pinpad_input): Call led_blink. + (cmd_pso, cmd_internal_authenticate): Don't touch LED here. + (GPGthread): Call led_blink. + * src/pin-cir.c (pinpad_getline): Change arg of led_blink. + * src/pin-dnd.c (pinpad_getline): Ditto. + * src/usb-icc.c (icc_handle_timeout): Ditto. + (icc_send_status): Call led_blink. + * src/usb_ctrl.c (gnuk_usb_event): Don't touch LED here. + +2012-06-16 Niibe Yutaka + + Use SHA256 format for "external authenticate". + * tool/gnuk_upgrade.py (gpg_sign): SHA256 sign by "SCD PKAUTH". + (main): Not specify keygrip, but always use key for authentication. + * src/call-rsa.c (rsa_verify): It is SHA256 format (was: SHA1). + * src/openpgp.c (cmd_get_challenge): Don't add chip-id prefix. + (cmd_external_authenticate): Likewise. + +2012-06-15 Niibe Yutaka + + * src/random.c (random_bytes_free): Clear out random bytes. + + More protection improvements. + * src/random.c (RANDOM_BYTES_LENGTH): It's 32 now (was: 16). + * src/gnuk.h (struct key_data_internal): Remove check, random, + magic. Add checksum. + (struct prvkey_data): Remove crm_encrypted. Add iv and + checksum_encrypted. + * src/openpgp-do.c (encrypt, decrypt): Add IV argument. + (encrypt_dek, decrypt_dek): New. It's in ECB mode. + (compute_key_data_checksum): New. + (gpg_do_load_prvkey): Handle initial vector and checksum. + Use decrypt_dek to decrypt DEK. Clear DEK after use. + (calc_check32):Remove. + (gpg_do_write_prvkey): Use encrypt_dek to encrypt DEK. + (gpg_do_chks_prvkey): Likewise. + + * polarssl-0.14.0/include/polarssl/aes.h (aes_crypt_cbc) + * polarssl-0.14.0/library/aes.c (aes_crypt_cbc): ifdef-out. + + * src/configure (--enable-pinpad): Deprecate DND. + +2012-06-14 Niibe Yutaka + + Protection improvement. + * src/openpgp.c (resetcode_s2k): New. + (cmd_reset_user_password): Use resetcode_s2k. + * src/openpgp-do.c (proc_resetting_code): Likewise. + + * src/sha256.c (sha256_finish): Clear out CTX at the end. + + * src/call-rsa.c (rsa_sign, rsa_decrypt, rsa_verify): Use + mpi_lset (was: mpi_read_string). + * polarssl-0.14.0/library/bignum.c (mpi_get_digit) + (mpi_read_string): ifdef-out. + + KDF is now SHA-256 (was: SHA1). + * src/sha256.c: New file. Based on the implementation by Dr Brian + Gladman. + * src/openpgp.c (cmd_change_password, cmd_reset_user_password): + Use sha256. + * src/openpgp-do.c (proc_resetting_code, gpg_do_write_prvkey): Likewise. + * src/ac.c (verify_user_0, calc_md, verify_admin): Likewise. + * src/crypt.mk (CRYPTSRC): Add sha256.c, removing sha1.c. + * src/gnuk.h (KEYSTRING_MD_SIZE): It's 32 for SHA-256. + +2012-06-13 Niibe Yutaka + + Bug fixes. + * src/main.c (display_interaction): Assign to main_mode. + * src/openpgp.c (cmd_change_password): Bug fix for admin less mode + to admin full mode. Variable who_old should be admin_authorized. + + Key generation is configure option. + * src/configure (keygen): Add --enable-keygen option. + * src/Makefile.in (UDEFS): Add definition of KEYGEN_SUPPORT. + * src/call-rsa.c [KEYGEN_SUPPORT] (rsa_genkey): Conditionalize. + * src/random.c [KEYGEN_SUPPORT] (random_byte): Ditto. + * src/openpgp.c [KEYGEN_SUPPORT] (cmd_pgp_gakp): Ditto. + * src/openpgp-do.c [KEYGEN_SUPPORT] (gpg_do_keygen): Ditto. + * polarssl-0.14.0/include/polarssl/config.h: Ditto. + * polarssl-0.14.0/library/bignum.c [POLARSSL_GENPRIME] + (mpi_inv_mod): Unconditionalize. + +2012-06-08 Niibe Yutaka + + * polarssl-0.14.0/library/bignum.c (mpi_cmp_mpi): Bug fix. + Though it doesn't matter for Gnuk usage. + + Emit LED light while computation (or asking user input). + * src/usb-icc.c (icc_handle_timeout): Call led_blink. + * src/openpgp.c (cmd_pso, cmd_internal_authenticate): Call + LED_WAIT_MODE, LED_STATUS_MODE to show "it's under computation". + * src/openpgp-do.c (gpg_do_keygen): Ditto. + * src/gnuk.h (LED_WAIT_MODE): Rename (was: LED_INPUT_MODE). + * src/main.c (display_interaction): Change the behavior of LED, + now, it's mostly ON (was: mostly OFF). + +2012-06-07 Niibe Yutaka + + * src/openpgp.c (cmd_internal_authenticate): Add check for input + length. + + Implement key generation. + * src/openpgp.c (cmd_pgp_gakp): Call gpg_do_keygen. + * src/openpgp-do.c (proc_key_import): Call with modulus = NULL. + (gpg_do_keygen): New function. + (gpg_reset_digital_signature_counter): New function. + (gpg_do_write_prvkey): New argument MODULUS. Call + gpg_reset_digital_signature_counter. + * src/call-rsa.c (rsa_genkey): New function. + * src/random.c (random_byte): New function. + + PolarSSL modification. + * polarssl-0.14.0/library/rsa.c (rsa_gen_key): Don't set D, DP, + DQ, and QP. It's only for key generation. + * polarssl-0.14.0/library/rsa.c (rsa_gen_key, rsa_pkcs1_encrypt): + Change f_rng function return type. + * polarssl-0.14.0/include/polarssl/rsa.h: Likewise. + * polarssl-0.14.0/library/bignum.c (mpi_is_prime, mpi_gen_prime): + Change f_rng function return type. + * polarssl-0.14.0/include/polarssl/bignum.h: Likewise. + +2012-06-06 Niibe Yutaka + + * Version 0.19. + + * src/usb_desc.c (gnukStringSerial): Updated. + + * regnual/regnual.c (fetch): Better implementation. + +2012-06-05 Niibe Yutaka + + Firmware update key handling. + * tool/gnuk_put_binary.py (GnukToken.cmd_get_response): Handle + larger data such as card holder certificate. + (GnukToken.cmd_write_binary): Bug fix for cert do write. + (GnukToken.cmd_read_binary): New. + (main): Support firmware update key. + + Take advantage of the Thumb-2 "rbit" instruction. + * regnual/regnual.c (fetch): Reverse bits. + * src/usb_ctrl.c (rbit): New. Deleted reverse32. + (download_check_crc32): Use rbit. + * tool/gnuk_upgrade.py (crc32): Just use binascii.crc32. + (crctab): Remove. + +2012-06-04 Niibe Yutaka + + Card holder certificate data object bug fixes. + * tool/gnuk_put_binary_libusb.py (gnuk_token.cmd_get_response): + Handle larger data such as card holder certificate. + * src/flash.c (flash_write_binary): Bug fix. Call + flash_check_blank with p + offset. + * src/gnuk.h (FLASH_CH_CERTIFICATE_SIZE): Define here (was: flash.c). + + Implement CRC32 check for firmware update. + * src/usb_ctrl.c (download_check_crc32): New. + * regnual/regnual.c (calc_crc32): New. + (regnual_ctrl_write_finish): Call calc_crc32. + * tool/gnuk_upgrade.py (crc32): New. + (regnual.download): Check crc32code. + + * regnual/regnual.c (regnual_ctrl_write_finish): Bug fix. + +2012-06-01 Niibe Yutaka + + Support firmware update with public key authentication. + * tool/gnuk_upgrade.py (gpg_sign): New. + * tool/gnuk_put_binary_libusb.py (main): Support firmware update + key registration. + + Update of reGNUal. + * regnual/regnual.c (main): Follow the change of usb_lld_init. + (regnual_config_desc): Include interface descriptor. + (usb-strings.c.inc): Change the file name. + * regnual/Makefile (regnual.o): Depend on sys.h. + * src/configure (usb-strings.c.inc): ifdef-out + gnuk_revision_detail and gnuk_config_options (for reGNUal). + * src/usb_desc.c (USB_STRINGS_FOR_GNUK): Define. + + USB bug fixes. + * src/usb_ctrl.c (gnuk_usb_event): Bug fix for handling + USB_EVENT_CONFIG. Do nothing when current_conf == value. + * src/usb_lld.c (std_clear_feature): Bug fix. Always clear DTOG. + (usb_lld_init): New argument for FEATURE. + +2012-05-31 Niibe Yutaka + + * polarssl-0.14.0/library/rsa.c (rsa_pkcs1_verify): BUF size is + 256 (was: 1024). + * src/call-rsa.c (rsa_verify): It's SIG_RSA_SHA1. + * src/openpgp.c (cmd_external_authenticate): Follow the change of + rsa_verify. + + Support "firmware update" keys. + * src/flash.c (flash_write_binary): Support update keys. + * src/gnuk.h (FILEID_UPDATE_KEY_0, FILEID_UPDATE_KEY_1) + (FILEID_UPDATE_KEY_2,FILEID_UPDATE_KEY_3): New. + * src/gnuk.ld.in (_updatekey_store): New. + * src/openpgp.c (FILE_EF_UPDATE_KEY_0, FILE_EF_UPDATE_KEY_1) + (FILE_EF_UPDATE_KEY_2, FILE_EF_UPDATE_KEY_3): New. + (gpg_get_firmware_update_key): New. + (cmd_read_binary): Support update keys and certificate. + (modify_binary): New. + (cmd_update_binary, cmd_write_binary): Use modify_binary. + (cmd_external_authenticate): Support up to four keys. + + Version string of system service is now USB string. + * src/sys.h (unique_device_id): Define here, not as system + service. + * src/sys.c (sys_version): Version string for system service. + * src/usb_desc.c (String_Descriptors): Add sys_version. + * src/usb_conf.h (NUM_STRING_DESC): 7 (was: 6). + * src/gnuk.ld.in (.sys.version): New section. + +2012-05-30 Niibe Yutaka + + * src/openpgp.c (CHALLENGE_LEN): New. + (cmd_external_authenticate): Authentication by response with + public key. + (cmd_get_challenge): 16-byte is enough for challenge. + +2012-05-29 Niibe Yutaka + + * src/call-rsa.c (rsa_verify): New function. + + * polarssl-0.14.0/include/polarssl/rsa.h (rsa_pkcs1_verify) + * polarssl-0.14.0/library/rsa.c (rsa_pkcs1_verify): Fix API. + + * src/usb_conf.h (NUM_STRING_DESC): Incremented to 6 (was: 4). + * src/configure: Generate strings for revision detail and config + options. + * src/usb_desc.c (gnuk_revision_detail, gnuk_config_options): New. + + * src/main.c (main) [DFU_SUPPORT]: Kill DFU and install .sys. + + * src/config.h.in (FLASH_PAGE_SIZE): New. + * src/configure: Support FLASH_PAGE_SIZE for config.h + * boards/*/board.h (FLASH_PAGE_SIZE): Remove. + * src/flash.c (FLASH_PAGE_SIZE): Remove. + + * src/sys.c (reset): Don't depend if DFU_SUPPORT or not. + (flash_erase_all_and_exec): Rename and change the argument. + * src/gnuk.ld.in (__flash_start__): Real flash ROM address, + regardless of DFU_SUPPORT. + * src/main.c (main): Call flash_erase_all_and_exec with SRAM + address. + + * polarssl-0.14.0/library/aes.c (FT0, FT1, FT2): Specify sections + in detail, so that addresses won't be affected by compiler. + * src/gnuk.ld.in (.sys): Define sections in detail. + + * boards/STBEE_MINI/board.h (SET_USB_CONDITION, GPIO_USB) + (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) + (FLASH_PAGE_SIZE): New. + * boards/STBEE_MINI/board.c (USB_Cable_Config, set_led): Remove. + + * boards/STBEE/board.h (SET_USB_CONDITION, GPIO_USB, IOPORT_USB) + (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. + * boards/STBEE/board.c (USB_Cable_Config, set_led): Remove. + + * boards/CQ_STARM/board.h (SET_USB_CONDITION) + (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. + * boards/CQ_STARM/board.c (USB_Cable_Config, set_led): Remove. + +2012-05-28 Niibe Yutaka + + * boards/*/board.c (hwinit0): Removed... + * boards/common/hwinit.c (hwinit0): ... and define here. + (hwinit0) [DFU_SUPPORT]: Don't set SCB->VTOR here. + * src/sys.c (reset) [DFU_SUPPORT]: Set SCB->VTOR here. + (flash_write): Range check. + + * polarssl-0.14.0/library/aes.c (FT0, FT1, FT2): Specify the + section ".sys", so that we will have more room for flash ROM. + * src/gnuk.ld.in (.sys): Add alignment settings. + + * tool/gnuk_upgrade.py (main): First 4096-byte of Gnuk is system + block. Don't send it to reGNUal. + + * regnual/sys.c (entry): Fix clearing BSS. It is called with all + interrupts disabled. + + * regnual/regnual.ld (_flash_start): It's 0x08001000 now, because + there is system block now (was: 0x08000000). + +2012-05-26 Niibe Yutaka + + * src/sys.c (reset): Set SCR->VCR here. + +2012-05-25 Niibe Yutaka + + * src/gnuk.ld.in (.sys): New section. + + * boards/OLIMEX_STM32_H103/board.h (SET_USB_CONDITION, GPIO_USB) + (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) + (FLASH_PAGE_SIZE): New. + * boards/OLIMEX_STM32_H103/board.c (USB_Cable_Config, set_led): + Remove. + + * boards/STM32_PRIMER2/board.h (SET_USB_CONDITION, GPIO_USB) + (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) + (FLASH_PAGE_SIZE): New. + * boards/STM32_PRIMER2/board.c (USB_Cable_Config, set_led): + Remove. + + * boards/FST_01_00/board.h (SET_USB_CONDITION, GPIO_USB) + (IOPORT_USB, SET_LED_CONDITION, GPIO_LED, IOPORT_LED) + (FLASH_PAGE_SIZE): New. + * boards/FST_01_00/board.c (USB_Cable_Config, set_led): Remove. + + * boards/FST_01/board.h (SET_USB_CONDITION, GPIO_USB, IOPORT_USB) + (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. + * boards/FST_01/board.c (USB_Cable_Config, set_led): Remove. + + * regnual/sys-stm8s-discovery.h, sys-stbee.h: Remove. + + * boards/STM8S_DISCOVERY/board.h (SET_USB_CONDITION) + (SET_LED_CONDITION, GPIO_LED, IOPORT_LED, FLASH_PAGE_SIZE): New. + * boards/STM8S_DISCOVERY/board.c (USB_Cable_Config, set_led): + Remove. + + * regnual/Makefile: Add -I ../src to CFLAGS. + + * regnual/regnual.ld (vector): New. + + * regnual/sys.c: Remove implementation, but jump to vector by sys.h. + + * src/Makefile.in: Follow change of files. + + * src/configure: Undo changes of 2012-05-22. + + * boards/common/hw_config.c: Remove. Mov function to sys.c. + * src/flash.c: Move functions to sys.c. + * src/sys.c: New. + + * src/main.c (main): Call flash_mass_erase_and_exec. + + * src/usb_lld.c: Include sys.h. + + * src/usb_lld_sys.c: Remove. Move interrupt handler to... + * src/usb_ctrl.c: ... this file. + + * regnual/sys.c (clock_init, gpio_init, flash_unlock): Removed. + (entry): Rename (was: reset). + +2012-05-24 Niibe Yutaka + + * src/main.c (good_bye): Care LSB of function pointer. + (flash_mass_erase_and_exec): Implemented in C. + +2012-05-23 Niibe Yutaka + + * regnual/sys-stm8s-discovery.h: New. + + * src/main.c (flash_mass_erase_and_exec, good_bye): New. + (main): Call good_bye. + + * tool/gnuk_upgrade.py (regnual.protect): New. + (main): Call regnual.protect(). + + * regnual/regnual.c (regnual_setup): Don't call flash_write here. + (regnual_ctrl_write_finish): But call here. + (USB_REGNUAL_RESULT): New. + + * regnual/sys.c (flash_protect): New. + +2012-05-22 Niibe Yutaka + + * src/configure (../regnual/sys.h): Create symblic link. + + * src/usb_ctrl.c: Rename (was: usb_prop.c). + + * regnual/types.h, regnual/sys.c, regnual/regnual.ld: New. + * regnual/regnual.c, regnual/Makefile: New. + * regnual/sys-stbee.h: New. + + * src/usb_lld.c: Support FREE_STANDING environment as well as + under ChibiOS/RT. + (usb_lld_init): Call usb_lld_sys_init. Don't call user defined + method. Call usb_lld_set_configuration. + (usb_lld_shutdown): Call usb_lld_sys_shutdown. + (Vector90): Move to usb_lld_sys.c. + (usb_interrupt_handler): Export to global. + + * src/usb_lld_sys.c: New. + + * src/usb_prop.c (Device_Method): Remove gnuk_device_init. + (gnuk_device_init): Remove. + +2012-05-19 Niibe Yutaka + + * src/usb_lld.c (handle_datastage_in): Bug fix, erable RX when + sending ZLP. It will be possible to get OUT transaction soon + after IN transaction. + +2012-05-18 Niibe Yutaka + + * src/usb_lld.c (handle_datastage_out): Fix rx copying. + (handle_setup0): Bug fix not stalling TX, it will be possible + to go IN transaction, soon after OUT transaction. + + * src/usb_lld.h (USB_SETUP_SET, USB_SETUP_GET): New. + (usb_device_method.ctrl_write_finish): New. + (usb_device_method.setup): Merge setup_with_data, and + setup_with_nodata. + + * src/usb_lld.c (usb_lld_shutdown, usb_lld_prepare_shutdown): New. + (handle_setup0): Call ->setup. + (handle_in0): Call ->ctrl_write_finish. + + * src/usb_prop.c (vcom_port_data_setup): Merge + vcom_port_setup_with_nodata. + (download_check_crc32): New. + (gnuk_setup): Merge gnuk_setup_with_data and + gnuk_setup_with_nodata. + (gnuk_ctrl_write_finish): New. + +2012-05-17 Niibe Yutaka + + * tool/gnuk_upgrade.py: New tool. + + * src/gnuk.h (ICC_STATE_EXITED, ICC_STATE_EXEC_REQUESTED): New. + + * src/openpgp.c (INS_EXTERNAL_AUTHENTICATE) + (cmd_external_authenticate): New. + (INS_GET_CHALLENGE, cmd_get_challenge): New. + + * src/usb-icc.c (USBthread): Finish the thread with + ICC_STATE_EXITED, after EXTERNAL_AUTHENTICATE. + + * src/usb_prop.c (gnuk_setup_endpoints_for_interface): Add STOP + argument. + (gnuk_usb_event): Disable all endpoints when configure(0). + (vcom_port_data_setup): Check direction and support + USB_CDC_REQ_SET_LINE_CODING. + (vcom_port_setup_with_nodata): Check direction. + (gnuk_setup_with_data): Check direction and add FSIJ_GNUK device + requests. + (gnuk_setup_with_nodata): Likewise. + + * src/usb_lld.c (LAST_OUT_DATA): Remove. + (handle_datastage_out): Cleanup and call st103_ep_set_rxtx_status. + (handle_datastage_in): Call st103_ep_set_rxtx_status and + st103_ep_set_tx_status. + (handle_setup0): Likewise. + (handle_out0): Remove LAST_OUT_DATA. + (std_none, std_get_status, std_clear_feature, std_set_feature) + (std_set_address, std_get_descriptor, std_get_configuration) + (std_set_configuration, std_get_interface, std_set_interface): + Check direction. + (handle_setup0): Add length for setup_with_data. + +2012-05-16 Niibe Yutaka + + * tool/gnuk_put_binary.py (main): Fix fileid. + * tool/gnuk_put_binary_libusb.py: Ditto. + + * src/openpgp.c (FILE_EF_RANDOM): Remove. + (cmd_update_binary, cmds): ifdef CERTDO_SUPPORT. + (cmd_write_binary): Fix fileid. + + * src/flash.c (flash_check_blank): Always enable. + (flash_erase_binary): ifdef CERTDO_SUPPORT. + (flash_write_binary): Call flash_check_blank. + +2012-05-15 Niibe Yutaka + + * Version 0.18. + + * src/usb_desc.c (gnukStringSerial): Updated. + + * src/main.c (EP3_IN_Callback, EP5_OUT_Callback): Move from + usb_endp.c. + + * src/usb_endp.c: Remove. + +2012-05-14 Niibe Yutaka + + * tool/gnuk_remove_keys.py: New. + + * src/openpgp-do.c (proc_key_import): Fix checking extended header. + + * src/hardclock.c: Remove. + + * src/usb_prop.c (MSC_INTERFACE_NO): New. + (gnuk_setup_endpoints_for_interface): Cleanup with MSC_INTERFACE_NO. + (gnuk_setup_with_data, gnuk_setup_with_nodata): Likewise. + + * src/usb-msc.c: Rename from usb_msc.c. + + * src/usb-msc.h: Rename from usb_msc.h. + + * src/Makefile.in: Follow the rename of usb-msc.c and remove of + hardclock.c. + + * src/pin-dnd.c, src/usb_prop.c: Follow the rename of usb-msc.h. + +2012-05-12 Niibe Yutaka + + * src/usb_msc.c (ep6_out): Rename (was: ep7_out). + (usb_start_receive): Use ep6_out and ENDP6. + (EP6_OUT_Callback): Rename (was: EP7_OUT_Callback). + Use ep6_out and ENDP6. + (msc_handle_command): Use ep6_out and ENDP6. + + * src/main.c (main): Wait USB reset. + + * src/usb-icc.c (EP1_OUT_Callback): Rename from EP2_OUT_Callback. + (USBthread): Use ENDP1 for both of epi_init and epo_init. + + * src/usb_conf.h (ENDP1_RXADDR, ENDP2_TXADDR, ENDP6_RXADDR): New. + (ENDP3_TXADDR, ENDP4_TXADDR, ENDP5_RXADDR): New value. + (ENDP7_RXADDR): Remove. + + * src/usb_desc.c (gnukConfigDescriptor): Use endpoint OUT1 (was + IN2), endpoint OUT6 (IN7). + + * src/usb_prop.c (gnuk_setup_endpoints_for_interface): Use ENDP1 + and ENDP6 for both directions. + +2012-05-11 Niibe Yutaka + + * src/configure (--vidpid): New mandatory option. + + * GNUK_USB_DEVICE_ID: New file. + + * src/usb_desc.c (gnukDeviceDescriptor): Include + usb-vid-pid-ver.c.inc. + (gnukStringVendor, gnukStringProduct): Remove. It's in the + file, usb-string-vender-product.c.inc. + + * src/Makefile.in (distclean): Delete *.inc. + + * src/usb_prop.c (vcom_port_setup_with_nodata) Rename. + (vcom_port_data_setup): Rename and fix return value. + + * src/usb-cdc.h (VIRTUAL_COM_PORT_DATA_SIZE) + (VIRTUAL_COM_PORT_INT_SIZE): New. + + * src/main.c (#include): Add usb-cdc.h. + * src/usb_desc.c (#include): Add usb-cdc.h. + * src/usb_endp.c (#include): Add usb_lld.h. + + * src/configure ($help): Add FST_01. + +2012-05-10 Niibe Yutaka + + * STM32_USB-FS-Device_Driver, Virtual_COM_Port: Remove. + + * src/usb_lld.c (#include): Don't include usb_lib.h. + (RECIPIENT, REG_BASE PMA_ADDR, CNTR, ISTR, FNR, DADDR, BTABLE) + (ISTR_CTR, ISTR_DOVR, ISTR_ERR, ISTR_WKUP, ISTR_SUSP, ISTR_RESET) + (ISTR_SOF, ISTR_ESOF, ISTR_DIR, ISTR_EP_ID, CLR_CTR, CLR_DOVR) + (CLR_ERR, CLR_WKUP, CLR_SUSP, CLR_RESET, CLR_SOF, CLR_ESOF) + (CNTR_CTRM, CNTR_DOVRM, CNTR_ERRM, CNTR_WKUPM, CNTR_SUSPM) + (CNTR_RESETM, CNTR_SOFM, CNTR_ESOFM, CNTR_RESUME, CNTR_FSUSP) + (CNTR_LPMODE, CNTR_PDWN, CNTR_FRES, DADDR_EF, DADDR_ADD) + (EP_CTR_RX, EP_DTOG_RX, EPRX_STAT, EP_SETUP, EP_T_FIELD, EP_KIND) + (EP_CTR_TX, EP_DTOG_TX, EPTX_STAT, EPADDR_FIELD, EPREG_MASK) + (EP_TX_DIS, EP_TX_STALL, EP_TX_NAK, EP_TX_VALID, EPTX_DTOG1) + (EPTX_DTOG2, EP_RX_DIS, EP_RX_STALL, EP_RX_NAK, EP_RX_VALID) + (EPRX_DTOG1, EPRX_DTOG2): New. Compatible to ST's USB-FS-Device_Lib. + (CH_IRQ_HANDLER): Call usb_interrupt_handler (was: USB_Istr). + (EP1_IN_Callback, EP2_IN_Callback, EP3_IN_Callback) + (EP4_IN_Callback, EP5_IN_Callback, EP6_IN_Callback) + (EP7_IN_Callback, EP1_OUT_Callback, EP2_OUT_Callback) + (EP3_OUT_Callback, EP4_OUT_Callback, EP5_OUT_Callback) + (EP6_OUT_Callback, EP7_OUT_Callback): New. Implement here. + Compatible to ST's USB-FS-Device_Lib. + (USB_MAX_PACKET_SIZE): New. + (GET_STATUS, CLEAR_FEATURE, RESERVED1, SET_FEATURE, RESERVED2) + (SET_ADDRESS, GET_DESCRIPTOR, SET_DESCRIPTOR, GET_CONFIGURATION) + (SET_CONFIGURATION, GET_INTERFACE, SET_INTERFACE) + (SYNCH_FRAME,TOTAL_REQUEST): New for USB control transfer. + (enum CONTROL_STATE): New for state machine of control pipe. + (enum FEATURE_SELECTOR): New. + (struct DATA_INFO, struct CONTROL_INFO, struct DEVICE_INFO): New. + (ctrl_p, dev_p, data_p, Control_Info, Device_Info, Data_Info): + New. + (usb_lld_stall_tx, usb_lld_stall_rx) + (usb_lld_tx_data_len, usb_lld_txcpy, usb_lld_tx_enable) + (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) + (usb_lld_rxcpy): Move from usb_lld.h and not inline. + (usb_lld_reset, usb_lld_setup_endpoint) + (usb_lld_set_configuration, usb_lld_current_configuration) + (usb_lld_set_feature, usb_lld_set_data_to_send): New. + (usb_lld_to_pmabuf, usb_lld_from_pmabuf): Clean up. + (usb_lld_init): New implementation. + (st103_set_btable, st103_get_istr, st103_set_istr, st103_set_cntr) + (st103_set_daddr, st103_set_epreg, st103_get_epreg) + (st103_set_tx_addr, st103_get_tx_addr, st103_set_tx_count) + (st103_get_tx_count, st103_set_rx_addr, st103_get_rx_addr) + (st103_set_rx_buf_size, st103_get_rx_count, st103_ep_clear_ctr_rx) + (st103_ep_clear_ctr_tx, st103_ep_set_rxtx_status) + (st103_ep_set_rx_status, st103_ep_get_rx_status) + (st103_ep_set_tx_status, st103_ep_get_tx_status) + (st103_ep_clear_dtog_rx, st103_ep_clear_dtog_tx): New lower-level + functions for USB related registers access. + (usb_interrupt_handler, usb_handle_transfer) + (handle_datastage_out, handle_datastage_in, handle_setup0) + (handle_in0, handle_out0) + (std_none, std_get_status, std_clear_feature, std_set_feature, + std_set_address, std_get_descriptor, std_get_configuration, + std_set_configuration, std_get_interface, std_set_interface) + (std_request_handler): New USB stack implementation. + + * src/usb_lld.h (usb_lld_stall_tx, usb_lld_stall_rx) + (usb_lld_tx_data_len, usb_lld_txcpy, usb_lld_tx_enable) + (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) + (usb_lld_rxcpy): Those are not inline functions anymore. + (USB_DEVICE_DESCRIPTOR_TYPE, USB_CONFIGURATION_DESCRIPTOR_TYPE) + (USB_STRING_DESCRIPTOR_TYPE, USB_INTERFACE_DESCRIPTOR_TYPE) + (USB_ENDPOINT_DESCRIPTOR_TYPE, STANDARD_ENDPOINT_DESC_SIZE) + (ENDP0, ENDP1, ENDP2, ENDP3, ENDP4, ENDP5, ENDP6, ENDP7) + (EP_BULK, EP_CONTROL, EP_ISOCHRONOUS, EP_INTERRUPT) + (DEVICE_RECIPIENT, INTERFACE_RECIPIENT, ENDPOINT_RECIPIENT) + (ENDPOINT_RECIPIENT, OTHER_RECIPIENT) + (DEVICE_DESCRIPTOR, CONFIG_DESCRIPTOR, STRING_DESCRIPTOR) + (INTERFACE_DESCRIPTOR, ENDPOINT_DESCRIPTOR) + (REQUEST_TYPE, STANDARD_REQUEST, CLASS_REQUEST, VENDOR_REQUEST) + (USB_UNSUPPORT, USB_SUCCESS) + (USB_EVENT_RESET, USB_EVENT_ADDRESS, USB_EVENT_CONFIG) + (USB_EVENT_SUSPEND, USB_EVENT_WAKEUP, USB_EVENT_STALL) + (USB_SET_INTERFACE, USB_GET_INTERFACE, USB_QUERY_INTERFACE) + (UNCONNECTED, ATTACHED, POWERED, SUSPENDED, ADDRESSED) + (CONFIGURED, USB_Cable_Config): New. Compatible to ST's + USB-FS-Device_Lib. + (struct Descriptor, struct usb_device_method) + (Device_Descriptor, Config_Descriptor, String_Descriptors) + (STM32_USB_IRQ_PRIORITY, bDeviceState, Device_Method) + (usb_lld_init, usb_lld_reset, usb_lld_setup_endpoint) + (usb_lld_set_configuration, usb_lld_current_configuration) + (usb_lld_set_feature, usb_lld_set_data_to_send): New API. + + * src/usb_prop.c(#include): Only include usb_lld.h for USB. + (SetEPRxCount_allocated_size): Remove. + (struct line_coding, line_coding, Virtual_Com_Port_Data_Setup) + (Virtual_Com_Port_NoData_Setup): Add from usb-cdc-vport.c. + (gnuk_device_init, gnuk_device_reset, gnuk_setup_with_data) + (gnuk_setup_with_nodata): Follow the API change of USB stack. + (gnuk_setup_endpoints_for_interface, gnuk_get_descriptor) + (gnuk_usb_event, gnuk_interface): New. + (gnuk_device_SetConfiguration, gnuk_device_SetInterface) + (gnuk_device_SetDeviceAddress, gnuk_device_Status_In) + (gnuk_device_Status_Out, gnuk_device_GetDeviceDescriptor) + (gnuk_device_GetConfigDescriptor, gnuk_device_GetStringDescriptor) + (gnuk_device_Get_Interface_Setting, gnuk_clock_frequencies) + (gnuk_data_rates, msc_lun_info, Device_Table) + (User_Standard_Requests): Remove. + (Device_Method): Replace Device_Property. + + * src/usb_msc.c (#include): Only include usb_lld.h for USB. + + * src/usb_endp.c (#include): Only include usb_lld.h for USB. + (EP5_OUT_Callback): Follow the API change of USB stack. + + * src/usb_desc.c (#include): Only include usb_lld.h for USB. + Add usb_conf.h. + (Device_Descriptor, Config_Descriptor): Follow the API change + of USB stack. + (String_Descriptors): New, rename from String_Descriptor. + + * src/usb_conf.h (EP_NUM, BTABLE_ADDRESS, IMR_MSK): Remove. + (NUM_STRING_DESC): Add. + + * src/usb-icc.c (#include): Only include usb_lld.h for USB. + + * src/usb-cdc-vport.c, src/usb_prop.h: Remove. + + * src/stmusb.mk, src/vcomport.mk: Remove. + + * src/main.c (#include): Only include usb_lld.h for USB. + (main): Remove call to USB_Init. + + * src/Makefile.in (include): Remove stmusb.mk, vcomport.mk. + (VCOMSRC) [ENABLE_VCOMPORT]: Add. + (INCDIR): Remove STMUSBINCDIR and VCOMDIR. + + * boards/common/hw_config.c (Enter_LowPowerMode) + (Leave_LowPowerMode): Remove. + +2012-02-02 Niibe Yutaka + + * Version 0.17. + + * src/usb_desc.c (gnukStringSerial): Updated. + (gnukConfigDescriptor): Short APDU only. + + * tool/gnuk_put_binary.py (cmd_get_response): New. + (cmd_select_openpgp, cmd_get_data): Call cmd_get_response. + +2012-01-30 Niibe Yutaka + + * src/usb-icc.c (struct ccid): Add chained_cls_ins_p1_p2. + (end_cmd_apdu_head, icc_cmd_apdu_data, icc_handle_data): Add checking + CMD APDU head for command chaining. + +2012-01-20 Niibe Yutaka + + Short APDU only CCID driver. + * STM32_USB-FS-Device_Driver/src/usb_core.c (DataStageOut) + (DataStageIn): Use usb_lld_to_pmabuf and usb_lld_from_pmabuf. + + * src/configure (CERTDO_SUPPORT): Comment fix. + + * src/gnuk.h (struct adpu): expected_res_size has type uint16_t. + (MAX_CMD_APDU_DATA_SIZE, MAX_RES_APDU_DATA_SIZE): New. + (MAX_CMD_APDU_SIZE, MAX_RES_APDU_SIZE, USB_BUF_SIZE): Remove. + (icc_state_p): New. + (set_res_sw): Rename from set_res_apdu. + + * src/call-rsa.c (rsa_decrypt): Use MAX_RES_APDU_DATA_SIZE. + + * src/openpgp.c (set_res_sw): Rename from set_res_apdu. + * src/openpgp.h: Use set_res_sw. + + * src/main.c: Handle icc_state_p. + + * src/openpgp-do.c (historical_bytes): command chaining but short + APDU only. + (extended_capabilities): Change for short APDU only. + + * src/usb-icc.c (USB_BUF_SIZE): Define here (was in gnuk.h). + (struct ep_in, epi_init, struct ep_out, epo_init, endpoint_out) + (endpoint_in, icc_state_p, struct ccid, APDU_STATE_WAIT_COMMAND) + (APDU_STATE_COMMAND_CHAINING, APDU_STATE_COMMAND_RECEIVED) + (APDU_STATE_RESULT, APDU_STATE_RESULT_GET_RESPONSE, ccid_reset) + (ccid_init, CMD_APDU_HEAD_SIZE, apdu_init, notify_tx, no_buf) + (set_sw1sw2, get_sw1sw2, notify_icc, end_icc_rx, end_abdata) + (end_cmd_apdu_head, end_nomore_data, end_cmd_apdu_data) + (nomore_data, INS_GET_RESPONSE, icc_cmd_apdu_data, icc_abdata) + (icc_send_data_block_0x9000, icc_send_data_block_gr, ccid): New. + (icc_data_size, icc_seq, icc_next_p, icc_chain_p, icc_tx_size) + (icc_thread, icc_state, gpg_thread, ICC_RESPONSE_MSG_DATA_SIZE): + Remove. + (EP1_IN_Callback): Rewrite using epi. + (EP2_OUT_Callback): Rewrite using epo. + (icc_prepare_receive): Rewrite using epo and struct ccid. + (ATR): Change ofr short APDU only. + (icc_error, icc_power_on, icc_send_status, icc_power_off) + (icc_send_data_block, icc_send_params, icc_handle_data) + (icc_handle_timeout, USBthread): Rewrite using struct ccid. + + * src/usb_desc.c (gnukConfigDescriptor): dwFeatures: Short APDU + level, dwMaxCCIDMessageLength: 271. + + * src/usb_lld.c (usb_lld_to_pmabuf, usb_lld_from_pmabuf): New. + * src/usb_lld.h (usb_lld_txcpy, void usb_lld_write) Use + usb_lld_to_pmabuf. + (usb_lld_rxcpy): Use usb_lld_from_pmabuf. + + * src/stmusb.mk (usb_mem.c): Remove. + + * gnuk_put_binary.py (cmd_select_openpgp): No response APDU data. + (cmd_verify, cmd_write_binary): Send short APDU. + (__main__): Remove RANDOM_NUMBER_BITS support. + + Bug fix for CERTDO_SUPPORT. + * src/gnuk.ld.in: Add missing alignment for _data_pool (when no + CERTDO_SUPPORT). + +2012-01-19 Niibe Yutaka + + * src/usb-icc.c (icc_handle_data): Handle the case when it only + sends 0x90 and 0x00 correctly. + + * src/openpgp-do.c (gpg_do_get_data): Fix res_apdu_data_len. + +2012-01-18 Niibe Yutaka + + Clean up API between application layer and CCID layer. + * tool/gnuk_put_binary.py, gnuk_put_binary_libusb.py: Don't append + 0x9000 at the data, any more. + * src/usb-icc.c (icc_data_size, icc_buffer, icc_seq): Make them + internal. + (res_APDU_size, res_APDU_pointer): Removed. + (icc_handle_data, USBthread): Follow new API of struct apdu. + * src/call-rsa.c (rsa_sign, rsa_decrypt): Likewise. + * src/openpgp.c (CLS, INS, P1, P2): New. + (set_res_apdu, cmd_verify, cmd_change_password) + (cmd_reset_user_password, cmd_put_data, cmd_pgp_gakp) + (cmd_read_binary, cmd_select_file, cmd_pso) + (cmd_internal_authenticate, cmd_update_binary, cmd_write_binary) + (process_command_apdu, GPGthread): Follow new API of struct apdu. + * src/openpgp-do.c (gpg_do_get_data, gpg_do_public_key): Follow + new API of struct apdu. + * src/gnuk.h (struct apdu, apdu): New. + (cmd_APDU, icc_data_size, cmd_APDU_size, icc_buffer): Removed. + (res_APDU, res_APDU_size): Use members of struct apdu. + +2012-01-16 Niibe Yutaka + + Adopt new USB API. + * src/usb_msc.c (usb_start_transmit): Use usb_lld_write. + (EP6_IN_Callback): Use usb_lld_tx_data_len and usb_lld_write. + (usb_start_receive): Use usb_lld_rx_enable. + (EP7_OUT_Callback): Use usb_lld_rx_data_len, usb_lld_rxcpy + and usb_lld_rx_enable + (msc_handle_command): Use usb_lld_stall_rx and usb_lld_stall_tx. + + * src/usb_lld.h (usb_lld_stall_tx, usb_lld_stall_rx) + (usb_lld_tx_data_len): New. + + * src/main.c (STDOUTthread): Use usb_lld_write. + + * src/usb-icc.c (EP1_IN_Callback, icc_error, icc_power_on) + (icc_send_status, icc_send_data_block, icc_send_params): Use + usb_lld_write (was: USB_SIL_Write). + (EP2_OUT_Callback): Use usb_lld_rx_data_len, usb_lld_rxcpy, + and usb_lld_rx_enable (was: USB_SIL_Read and SetEPRxValid). + (icc_prepare_receive): Use usb_lld_rx_enable. + + * src/stmusb.mk (STMUSBSRC): Dont' include usb_sil.c. + + * src/usb_lld.h (usb_lld_txcpy, usb_lld_tx_enable) + (usb_lld_write, usb_lld_rx_enable, usb_lld_rx_data_len) + (usb_lld_rxcpy): New. + + * src/usb_prop.c (SetEPRxCount_allocated_size): Fix the + implementation. (ST's SetEPRxCount is actually meant to + setup allocated size, which is confusing). + (gnuk_device_init): Don't call USB_SIL_Init. + +2012-01-10 Niibe Yutaka + + * src/openpgp.c (GPGthread): Allow INS_RESET_RETRY_COUNTER and + INS_PUT_DATA for pinentry targets. + +2012-01-05 Niibe Yutaka + + * src/openpgp.c (cmd_select_file): Check DF name. + + * tool/pinpadtest.py: Rename from pinpad-test.py. + +2011-12-28 Niibe Yutaka + + * src/usb_prop.c (SetEPRxCount_allocated_size): New. + (gnuk_device_reset): Use SetEPRxCount_allocated_size. + * src/usb_msc.c (usb_start_receive): Don't set RxCount register + here. + * STM32_USB-FS-Device_Driver/src/usb_core.c (Standard_ClearFeature) + (Post0_Process): Don't need to set RxCount register. + + * src/usb_prop.c (msc_lun_info) [PINPAD_DND_SUPPORT]: ifdef-out. + + * src/usb-icc.c (EP2_OUT_Callback): Fix apdu size == 49 bug, + we don't assume host sends ZLP (But accepts ZLP, just in case). + +2011-12-22 Niibe Yutaka + + * src/openpgp-do.c (extended_capabilities) [CERTDO_SUPPORT]: + conditionalize. + +2011-12-21 Niibe Yutaka + + * src/openpgp-do.c (gpg_do_get_data) [CERTDO_SUPPORT]: ifdef out. + + * src/gnuk.ld.in (.gnuk_ch_certificate): Only valid + when --enable-certdo. + + * src/flash.c (flash_check_blank) [CERTDO_SUPPORT]: ifdef out. + (flash_erase_binary) [CERTDO_SUPPORT]: Likewise. + (flash_write_binary) [CERTDO_SUPPORT]: Likewise. + + * src/configure (certdo): New. + (--enable-certdo, --disable-certdo): New options. + Remove cheking for /dev/random. + + * src/config.h.in (@CERTDO_DEFINE@): New. + +2011-12-20 Niibe Yutaka + + * src/usb_msc.c (msc_handle_command): SCSI_START_STOP_UNIT command + with stop/eject/close means cancelling pinentry. + + * src/pin-dnd.c (pinpad_finish_entry, parse_directory_sector): + Implement "cancel". + (pinpad_getline): Likewise. + (msc_scsi_stop): New. + +2011-12-16 Niibe Yutaka + + * tool/gnuk_put_binary_libusb.py (gnuk_token.cmd_select_openpgp): + Fix apdu parameter. + + * tool/gnuk_put_binary.py (GnukToken.cmd_select_openpgp): Ditto. + + * tool/pinpad-test.py: New. + +2011-12-14 Niibe Yutaka + + * Version 0.16. + + * src/usb_desc.c (gnukStringSerial): Updated. + + * boards/STM8S_DISCOVERY/board.h, board.c: Fix for PINPAD_SUPPORT. + * boards/STBEE_MINI/board.h, board.c: Likewise. + * boards/STBEE/board.h, board.c: Likewise. + * boards/FST_01/board.c: Likewise. + +2011-12-13 Niibe Yutaka + + Add pinpad DND support. + * src/Makefile.in (CSRC) [ENABLE_PINPAD]: Add usb_msc.c. + * src/configure (pinpad): Add dnd support. + * src/gnuk.h [PINPAD_DND_SUPPORT]: Add declarations. + * src/main.c (STDOUTthread): Add PUSH packet. + (main) [PINPAD_DND_SUPPORT]: Call msc_init. + * src/usb_conf.h (EP_NUM): Add the case of PINPAD_DND_SUPPORT. + (ENDP6_TXADDR, ENDP7_RXADDR): New. + (ENDP4_TXADDR, ENDP5_RXADDR): Changed for smaller buffer. + * src/usb_desc.c (gnukConfigDescriptor): Add Mass storage device. + * src/usb_msc.c, src/usb_msc.h, src/pin-dnd.c: New. + * src/usb_prop.c: Include "usb_msc.h". + (gnuk_device_reset): Add initialization of ENDP6 and ENDP7. + (gnuk_device_SetInterface): Add initialization of ENDP6 and ENDP7. + (NUM_INTERFACES): Handle cases for PINPAD_DND_SUPPORT. + (msc_lun_info): New. + (gnuk_setup_with_data, gnuk_setup_with_nodata): Handle standard + request for Mass storage device. + * Virtual_COM_Port/usb_desc.h (VIRTUAL_COM_PORT_DATA_SIZE): Since + there isn't enough hardware buffer, smaller value (was: 64). + + * src/ac.c (verify_user_0): Add access argument. + (verify_pso_cds, verify_other, verify_admin_0): Follow the change. + * src/openpgp.c (cmd_change_password): Likewise. + +2011-12-08 Niibe Yutaka + + * src/usb-icc.c: Not include "usb_desc.h". + + * src/usb_endp.c (EP5_OUT_Callback): Fix minor bug. + +2011-12-07 Niibe Yutaka + + * src/usb_desc.c (gnukDeviceDescriptor): Changed bcdUSB = 1.1. + Gnuk device conforms to USB 2.0 full speed device, but when it was + 2.0, some OS informs users, "you can connect the device to 2.0 + compliant hub so that it can have better bandwidth", which is not + the case for full speed device. + + * src/openpgp.c (GPGthread): Handle bConfirmPIN parameter. + + * src/usb-icc.c (icc_handle_data): Pass PC_to_RDR_Secure + information to gpg_thread using memory of cmd_APDU. + +2011-12-01 Niibe Yutaka + + * src/gnuk.h (EV_PINPAD_INPUT_DONE, EV_NOP, EV_CMD_AVAILABLE) + (EV_VERIFY_CMD_AVAILABLE, EV_MODIFY_CMD_AVAILABLE): New. + * src/usb-icc.c (icc_power_off, icc_handle_data): Use EV_NOP, + EV_CMD_AVAILABLE, EV_VERIFY_CMD_AVAILABLE, and EV_MODIFY_CMD_AVAILABLE. + * src/pin-cir.c (cir_timer_interrupt): Use EV_PINPAD_INPUT_DONE. + * src/pin-dial.c (dial_sw_interrupt, pinpad_getline): Ditto. + (EV_SW_PUSH): Remove. + + * src/openpgp.h (GPG_FUNCTION_NOT_SUPPORTED): New. + (GPG_CONDITION_NOT_SATISFIED): New. + * src/openpgp.c (cmd_change_password): Use GPG_FUNCTION_NOT_SUPPORTED. + + * src/openpgp.c (cmd_verify, cmd_change_password) + (cmd_reset_user_password, cmd_put_data): Remove pinpad handling... + (GPGthread): ... and implement pinpad handling here. + +2011-11-29 Niibe Yutaka + + * src/openpgp.c (cmd_put_data) [PINPAD_SUPPORT]: Support pinpad + input (for reset code). + +2011-11-24 Niibe Yutaka + + * Version 0.15. + * src/usb_desc.c (gnukStringSerial): Updated. + +2011-11-22 Niibe Yutaka + + * tool/dfuse.py (DFU_STM32.download, DFU_STM32.verify): Support + unaligned write and hole. + +2011-11-14 Niibe Yutaka + + * boards/FST_01/{mcuconf.h,board.h,board.c}: New. + +2011-11-01 Niibe Yutaka + + * src/pin-dial.c (pinpad_getline): New. + (pin_main): Remove. + + * boards/STBEE_MINI/board.h (TIMx): Define. + boards/STBEE/board.h (TIMx): Ditto. + boards/STM8S_DISCOVERY/board.h: Ditto. + + * src/pin-cir.c (pinpad_getline): New. + (cir_timer_interrupt, cir_ext_interrupt): Use TIMx. + (cir_key_is_backspace, cir_key_is_enter, pin_main, pindisp): + Remove. + (cir_codetable_dell_mr425, cir_codetable_aquos) + (cir_codetable_regza, cir_codetable_bravia, ch_is_backspace) + (ch_is_enter, find_char_codetable, hex, cir_getchar): New. + (cir_timer_interrupt): Don't filter out ADDRESS. + + * src/openpgp.c (get_pinpad_input): Don't invoke thread, + but just call pinpad_getline. + + * src/main.c (display_interaction, display_fatal_code) + (display_status_code, led_blink): New. + (main): Call display_* routine. + (fatal): Notify main thread. + * src/usb_prop.c (gnuk_device_SetConfiguration): Notify main + thread. + + * src/pin-cir.c (pindisp): Remove. + + * boards/FST_01_00: New (for 8MHz FST-01). + + * src/ac.c (calc_md): Fix comparison. + + * src/call-rsa.c (RSA_SIGNATURE_LENGTH): Use KEY_CONTENT_LEN. + (rsa_sign, rsa_decrypt): Likewise. + (modulus_calc): Don't assume it's 2048-bit. + + * src/ac.c (verify_user_0): Fix for non-initialized PW1. + + * src/Makefile.in (MCFLAGS): Override MCFLAGS option for newer + GCC of summon-arm-toolchain to add -mfix-cortex-m3-ldrd. + NOTE: This should not be needed (as -mcpu=cortex-m3 defaults + to -mfix-cortex-m3-ldrd for GCC-proper), but it is needed + to select arm-none-eabi/lib/thumb2/libc.a correctly. + +2011-10-14 NIIBE Yutaka + + * src/gnuk.ld.in (__main_stack_size__): It's 1KB (was 512 byte). + +2011-10-07 NIIBE Yutaka + + * Version 0.14. + * src/usb_desc.c (gnukStringSerial): Updated. + + * src/random.c (random_init): Call neug_prng_reseed. + +2011-10-06 NIIBE Yutaka + + * src/Makefile.in (random_bits): Remove. + + * src/openpgp.c (GPGthread): Remove unused event message. + + * src/main.c (main): Call random_init. + + * src/gnuk.ld.in (__process_stack_size__): Fix. + (.gnuk_random): Removed. + + * src/flash.c (flash_erase_binary, flash_write_binary): Remove + support of random_byte in flash ROM. + + * src/neug.c (adccb): Use old API (was: chEvtSignalFlagsI). + (adccb_err): Remove. + (rng_gen, rng): Add the last argument adccb for adcStartConversion: + This is old API of ADC driver. + (adcgrpcfg): Remove callbacks, add CONT and SWSTART: This is old + API of ADC driver. + (adccb): Remove the first argument: This is old API of ADC driver. + (neug_wait_full): New. + + * ChibiOS_2.0.8/os/hal/platforms/STM32/adc_lld.h (ADC_SAMPLE_1P5): + Add (from new API). + + * src/random.c (random_init): New. + (random_bytes_get, random_bytes_free, get_salt): Use NeuG. + + * src/Makefile.in (CSRC): Add neug.c. + + * src/neug.c: New. Verbatim copy of NeuG/src/random.c. + + * boards/common/mcuconf-common.h (USE_STM32_ADC1): TRUE for NewG RNG. + * src/chconf.h (CH_USE_SEMAPHORES): TRUE as ADC driver requires it. + * src/halconf.h (CH_HAL_USE_ADC); TRUE for NewG RNG. + +2011-07-22 NIIBE Yutaka + + * boards/OLIMEX_STM32_H103/board.h (BOARD_NAME): Fixed. + + * boards/STBEE_MINI/mcuconf.h: Added missing include of + mcuconf-common.h. + +2011-07-04 NIIBE Yutaka + + * ChibiOS_2.0.8/os/ports/GCC/ARMCMx/chcore_v7m.c + (_port_irq_epilogue, _port_switch_from_isr): Apply a patch of 2.2.6. + + * ChibiOS_2.0.8/os/hal/platforms/STM32/adc_lld.h: Apply a patch of + ADC from the branch of ChibiOS_2.0.X. + +2011-06-15 NIIBE Yutaka + + * Version 0.13. + * src/usb_desc.c (gnukStringSerial): Updated. + +2011-06-08 NIIBE Yutaka + + * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] + (MULADDC_1024_CORE, MULADDC_1024_LOOP): New. + * polarssl-0.14.0/library/bignum.c (mpi_mul_hlp): Use + MULADDC_1024_LOOP. + +2011-05-31 NIIBE Yutaka + + * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] + (MULADDC_HUIT, MULADDC_INIT, MULADDC_CORE, MULADDC_STOP): Tweak. + +2011-05-27 NIIBE Yutaka + + * tool/gnuk_put_binary.py (main): Confirm Serial ID is written + correctly. + + * src/openpgp.c (cmd_write_binary): Fix FILE_EF_SERIAL comparison. + + * src/gnuk.ld.in (.gnuk_random, .gnuk_ch_certificate): Put LONG to + have CONTENTS. + + * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] + (MULADDC_HUIT): New. + +2011-05-26 NIIBE Yutaka + + * polarssl-0.14.0/include/polarssl/bn_mul.h [__arm__] + (MULADDC_INIT): Add ADDS instruction to clear of carry flag. + (MULADDC_CORE): Tune to 6 instructions and less registers. + (MULADDC_STOP): Add ADC instruction to save carry flag. + +2011-05-25 NIIBE Yutaka + + * tool/hub_ctrl.py: New. Port of original C implementation. + +2011-05-16 NIIBE Yutaka + + * src/main.c (main): Call flash_unlock at the beginning. + (device_initialize_once): Don't call flash_unlock here. + * src/flash.c (flash_init): Likewise. + + * src/openpgp.c (cmd_select_file): Don't use write_res_apdu. + (set_res_apdu): Rename from write_res_apdu. Just SW1 and SW2. + +2011-05-13 NIIBE Yutaka + + * Version 0.12. + +2011-05-12 NIIBE Yutaka + + * src/openpgp.c (cmd_pso, cmd_internal_authenticate) + (cmd_update_binary, cmd_write_binary): Don't check pw locked. + + * tool/dfuse.py (DFU_STM32.verify): Add missing colon. + * tool/dfuse.py (get_device): Restrict to STMicro DfuSe. + + * tool/gnuk_put_binary.py (main): Add -p option to enter password. + + * src/ac.c (verify_user_0): New. + (verify_pso_cds, verify_admin_0): Use verify_user_0. + * src/openpgp.c (cmd_change_password): Use verify_user_0. + + * src/random.c (get_salt): Rename from get_random. + (random_bytes_get, random_bytes_free): It's 16-byte. + + * src/ac.c (verify_admin_0): Use PW_ERR_PW1 counter when + authenticated by PW1. + +2011-05-11 NIIBE Yutaka + + * src/ac.c (verify_pso_cds, verify_other): Fail (with no counter + update) if key is not registered yet. + (verify_admin_0): Compare to OPENPGP_CARD_INITIAL_PW3 when empty + PW3 and non-empty PW1 but signing key is not registered yet. + + * tool/gnuk_put_binary.py: New implementation by pyscard. + + * src/main.c (device_initialize_once): New. + * src/usb_prop.c (gnukStringSerial): Move to... + * src/usb_desc.c (gnukStringSerial): here. Bump version to 0.12. + Fill by 0xff. + * src/usb_prop.c (gnuk_device_init) + (gnuk_device_GetStringDescriptor): Don't use RAM for + gnukStringSerial, use ROM like other string descriptor. + * src/usb_desc.c (String_Descriptor): Add gnukStringSerial. + + * src/openpgp-do.c (gpg_get_pw1_lifetime): Make static. + (gpg_do_load_prvkey, gpg_do_write_prvkey): Use kdi. + (gpg_increment_digital_signature_counter): Call gpg_get_pw1_lifetime. + * src/openpgp.c (cmd_pso): Follow the change. + * src/flash.c (keystore_pool): Remove. Use &_keystore_pool. + * src/ac.c (auth_status): Don't assign 0 as it's automatically + cleared. + +2011-05-10 NIIBE Yutaka + + * src/openpgp-do.c (gpg_pw_locked): Rename from gpg_passwd_locked. + (gpg_pw_get_err_counter): Rename from gpg_get_pw_err_counter. + (gpg_pw_reset_err_counter): Rename from gpg_reset_pw_err_counter. + (gpg_pw_increment_err_counter): Rename from gpg_increment_err_counter. + * src/ac.c, src/openpgp.c, src/gnuk.h: Follow the change. + + Bug fixes. + * src/openpgp.c (cmd_reset_user_password, cmd_change_password) + * src/openpgp-do.c (proc_resetting_code): Fix check of return value. + * src/ac.c (ac_fini): Clear keystring_md_pw3. + + Prevent observation of PW3 is emptiness by PW3's error counter. + Support verify_admin by PW1 when PW3 is empty. + * src/ac.c (admin_authorized): New. + (verify_admin_0): Set admin_authorized. + * src/openpgp-do.c (proc_resetting_code): Use admin_authorized. + (gpg_do_write_prvkey): Clear dek_encrypted_3 when keystring_admin + is NULL. + (proc_key_import): Checking admin_authorized, set keystring_admin. + * src/openpgp.c (cmd_reset_user_password): Use admin_authorized. + +2011-04-18 NIIBE Yutaka + + * gnuk.svg: Updated. + +2011-04-15 NIIBE Yutaka + + * Version 0.11. + + * src/usb_prop.c (gnukStringSerial): Updated. + +2011-04-11 NIIBE Yutaka + + * tool/dfuse.py (DFU_STM32.verify): support data size of non-1-KiB. + +2011-02-24 NIIBE Yutaka + + * src/usb_prop.c (gnuk_device_SetInterface): Fix argument to + ClearDTOG_TX. + +2011-02-10 NIIBE Yutaka + + * Version 0.10. + + * src/configure, src/Makefile.in (BOARD_DIR): New. + + * boards/CQ_STARM/board.mk, boards/OLIMEX_STM32_H103/board.mk: + Removed. + * boards/STBEE/board.mk, boards/STBEE_MINI/board.mk: Removed. + * boards/STM32_PRIMER2/board.mk, boards/STM8S_DISCOVERY/board.mk: + Removed. + + * src/Makefile.in (OUTFILES): Don't include random_bits. + +2011-02-09 NIIBE Yutaka + + * src/usb_prop.c (gnukStringSerial): Updated. + + * tool/gnuk_put_binary.py (gnuk_token.__del__): Removed. + Releasing the interface is done in PyUSB. + + * tool/dfuse.py (DFU_STM32.__del__): Removed. + + * src/openpgp.c (cmd_write_binary): Support random bits and card + holder certificate as well. + + * src/openpgp-do.c (do_openpgpcard_aid): Add volatile to prevent + compiler optimization to access AID. + +2011-02-08 NIIBE Yutaka + + * tool/gnuk_put_binary.py: Renamed (was: gnuk_update_binary.py). + (gnuk_token.cmd_write_binary): New. + (main): Support writing serial number. + + * GNUK_SERIAL_NUMBER: Renamed (was: FSIJ_SERIAL_NUMBER). + + * src/config.h.in (@SERIAL_DEFINE@): Removed. + + * src/gnuk.h (FILEID_SERIAL_NO): New. + + * src/openpgp.c (INS_WRITE_BINARY, cmd_write_binary): New. + + * src/configure: Remove --with-fixed-serial support. + + * src/openpgp-do.c (do_openpgpcard_aid): Remove support of + SERIAL_NUMBER_IN_AID. + + * src/flash.c (flash_write_binary): Support FILEID_SERIAL_NO. + +2011-02-04 NIIBE Yutaka + + * tool/gnuk_update_binary.py: Support updating random bits. + + * src/random.c (random_bits_start): Renamed. + (random_bytes_get): Check initial erased state. + + * src/Makefile.in (random-data.o): Removed. + + * src/gnuk.ld.in (.gnuk_random): Don't have .gnuk_random any more. + + * src/flash.c (flash_erase_binary): Support FILEID_RANDOM. + (flash_write_binary): Ditto. + + * src/openpgp.c (cmd_reset_user_password): Fix PINPAD_SUPPORT case + with reset code. + +2011-02-01 NIIBE Yutaka + + * Version 0.9. + + * src/openpgp-do.c (extended_capabilities): Change value for card + holder certificate. + + * src/usb_prop.c (gnuk_device_SetInterface): New. + +2011-01-29 NIIBE Yutaka + + * src/usb_prop.c (gnuk_device_Get_Interface_Setting): Handle the + case where we have multiple interfaces. + +2011-01-28 NIIBE Yutaka + + * tool/gnuk_update_binary.py: New. + + * src/openpgp-do.c (gpg_do_get_data): Fix length adding two for + status word at the end and adding four for the tag and the length. + + * src/usb-icc.c (icc_handle_data): Fix decrementing res_APDU_size. + (icc_power_off): Status should be the one *after* power off. + + * src/openpgp.c (cmd_update_binary): Fix return code. + +2011-01-27 NIIBE Yutaka + + * src/usb-icc.c (res_APDU_pointer): New. + (icc_handle_data, USBthread): Handle res_APDU_pointer. + + * src/openpgp.h (GPG_COMMAND_NOT_ALLOWED): New. + + * src/openpgp.c (INS_UPDATE_BINARY, FILE_EF_CH_CERTIFICATE) + (FILE_EF_RANDOM, cmd_update_binary): New. + (process_command_apdu): Initialize res_APDU_pointer. + + * src/openpgp-do.c (gpg_do_get_data): Handle GPG_DO_CH_CERTIFICATE. + + * src/gnuk.ld.in (.gnuk_ch_certificate): New. + + * src/flash.c (flash_check_blank, flash_erase_binary) + (flash_write_binary): New. + + * src/openpgp-do.c (gpg_do_table): Exclude GPG_DO_CH_CERTIFICATE. + + * src/openpgp.c (cmd_reset_user_password): Add PINPAD_SUPPORT. + + * src/gnuk.ld.in: Fix alignment and filling. + +2011-01-26 NIIBE Yutaka + + * boards/STBEE/mcuconf.h: New. + * boards/STBEE/board.mk: New. + * boards/STBEE/board.h: New. + * boards/STBEE/board.c: New. + + * tool/dfuse.py (DFU_STM32.verify): Add double ll_clear_status. + + * src/configure (target): Add STBEE. + +2011-01-25 NIIBE Yutaka + + * src/openpgp.c (cmd_pso): Support DigestInfo by MD5 (for opensc). + +2011-01-22 NIIBE Yutaka + + * src/openpgp.c (cmd_pgp_gakp): Handle case of non-extended Lc. + (cmd_select_file): Return DF name when FCI is requested. + + * src/openpgp-do.c (copy_do): Don't add tag if not requested. + + * src/gnuk.h (memmove): Add declaration. + +2011-01-21 NIIBE Yutaka + + * src/openpgp-do.c (copy_do): Fix off-by-one error. + + * src/openpgp.c (get_pinpad_input): Ifdef-out PINPAD_SUPPORT. + +2011-01-19 NIIBE Yutaka + + * Version 0.8. + + * src/pin-cir.c (pin_main): Fix typo, call cir_ext_disable. + + * src/usb_prop.c (gnukStringSerial): Updated. + + * src/pin-dial.c: New. + + * boards/STBEE_MINI/board.c (hwinit1): Add PINPAD_DIAL_SUPPORT. + (dial_sw_disable, dial_sw_enable, EXTI2_IRQHandler): New. + + * src/gnuk.h: Add PINPAD_DIAL_SUPPORT. + + * src/usb-icc.c (icc_handle_data): Handle PIN modification. + + * src/usb_desc.c (gnukConfigDescriptor): bPinSupport = 3 when + PINPAD_DIAL_SUPPORT is enabled. + +2011-01-18 NIIBE Yutaka + + * src/pin-cir.c (pin_main): Call cir_ext_disable at the end. + +2011-01-17 NIIBE Yutaka + + * src/gnuk.h (PIN_INPUT_CURRENT, PIN_INPUT_NEW) + (PIN_INPUT_CONFIRM): New. + + * src/pin-cir.c (pin_main): New argument MSG_CODE. + + * src/openpgp.c (get_pinpad_input): New. + (cmd_verify): Use get_pinpad_input. + (cmd_change_password): Added PINPAD_SUPPORT. + + * src/openpgp.c (cmd_nop): Removed. + + * src/config.h.in: ifdef-out (not for ASSEMBLER). + +2011-01-15 NIIBE Yutaka + + * Version 0.7. + + * src/usb-icc.c (icc_handle_data): Bug fix: add break for case + ICC_STATE_SEND. + +2011-01-14 NIIBE Yutaka + + * Version 0.6. + + * src/usb_prop.c (gnukStringSerial): Include version number (again). + + * boards/STM8S_DISCOVERY/board.c (hwinit1): Initialize TIM3 and + remap TIM3. + (cir_ext_disable, cir_ext_enable, EXTI9_5_IRQHandler) + (TIM3_IRQHandler): New. + + * boards/STBEE_MINI/board.h (HAVE_7SEGLED): New. + + * boards/STM8S_DISCOVERY/board.h: Include "config.h". + (VAL_GPIOBODR): PB0 (TIM3_CH3) is pull-down for PINPAD_SUPPORT. + + * src/pin-cir.c (pindisp): Handle the board with no 7 segment + display. + +2011-01-11 NIIBE Yutaka + + * src/openpgp-do.c (do_openpgpcard_aid): Fix length of res_p; + +2011-01-08 NIIBE Yutaka + + * src/usb-icc.c (icc_handle_data): Handle the case of + ICC_STATE_SEND (back again to the implementation of v0.4). + (USBthread): Don't send back larger block (for libccid 1.3.11). + +2011-01-07 NIIBE Yutaka + + * src/openpgp.c (cmd_read_binary): Call gpg_do_get_data for AID. + + * src/openpgp-do.c (gpg_do_get_data): Added new argument WITH_TAG. + + * src/usb_prop.c (gnuk_device_init) + (gnuk_device_GetStringDescriptor): gnukStringSerial with unique + chip ID. + + * src/openpgp-do.c (do_openpgpcard_aid): New. + (openpgpcard_aid): Removed. + + * boards/common/hw_config.c (unique_device_id): New. + +2011-01-06 NIIBE Yutaka + + * src/config.h.in (PINPAD_MORE_DEFINE): Added. + + * src/configure: Requiring bash (for variable substitution), added + PINPAD. + + * src/Makefile.in: Support PINPAD. + + * src/pin-cir.c (cir_timer_interrupt): Support Sharp protocol. + +2011-01-04 NIIBE Yutaka + + * src/chconf.h (CH_USE_DYNAMIC): It's TRUE now. + + * src/usb_desc.c (gnukConfigDescriptor): Added PINPAD_SUPPORT. + + * src/pin-cir.c (cir_timer_interrupt): Added CIR_PERIOD_INHIBIT_CHATTER. + +2010-12-29 NIIBE Yutaka + + * src/pin-cir.c (cir_timer_interrupt): Support Philips RC-5 protocol. + +2010-12-28 NIIBE Yutaka + + * src/pin-cir.c (cir_timer_interrupt): Support Philips RC-6 protocol. + +2010-12-27 NIIBE Yutaka + + * src/pin-cir.c (cir_timer_interrupt): Support Sony protocol. + +2010-12-24 NIIBE Yutaka + + * src/pin-cir.c: New file. + +2010-12-20 NIIBE Yutaka + + * src/openpgp.c (GPGthread): Added PINPAD_SUPPORT. + * boards/STBEE_MINI/mcuconf.h: Simplified. + * boards/STBEE_MINI/board.h: Include config.h. + (PINPAD_SUPPORT): Added. + * boards/STBEE_MINI/board.c (hwinit1): Added PINPAD_SUPPORT. + +2010-12-15 NIIBE Yutaka + + * src/configure (FLASH_SIZE): Without 'k'. + * src/gnuk.ld.in (MEMORY): Append "k" here. + (.gnuk_flash): End point should be aligned too. + + * src/config.h.in (@PINPAD_DEFINE@): New. + * src/Makefile.in (@PINPAD_MAKE_OPTION@): New. + * src/configure (PINPAD_MAKE_OPTION, PINPAD_DEFINE): New. + +2010-12-14 NIIBE Yutaka + + * src/configure (FLASH_PAGE_SIZE): Always set. + +2010-12-13 NIIBE Yutaka + + * Version 0.5. + + * src/usb_desc.c (gnukStringSerial): Updated. + +2010-12-10 NIIBE Yutaka + + * src/usb-cdc-vport.c (Virtual_Com_Port_Data_Setup) + (Virtual_Com_Port_NoData_Setup): No check for class&interface + request. + + * src/usb-icc.c (ATR): Fixed. + + * src/usb_desc.c (/* ICC Descriptor*/): bcdCCID = 1.1. + dwDefaultClock = dwMaximumClock = 3571. + dwFeatures 0x00040842. + + * src/usb_prop.c (gnuk_clock_frequencies, gnuk_data_rates): New. + (gnuk_nothing_todo): Removed. + (gnuk_setup_with_data, gnuk_setup_with_nodata): New. + (Device_Property): Changed to call gnuk_setup_with_data and + gnuk_setup_with_nodata. + +2010-12-09 NIIBE Yutaka + + * src/usb-icc.c (icc_power_off): Set icc_data_size = 0 to specify + no command APDU. Signal GPGThread. + (icc_handle_data, USBthread): Don't signal main thread any more. + + * src/openpgp.c (GPGthread): Only process the command APDU, if any. + + * src/openpgp-do.c (do_tag_to_nr): Don't call fatal. + * src/main.c (fatal_code): New. + (main): Implemented 1-bit LED status display. + (fatal): Added argument CODE. + * src/flash.c (flash_data_pool_allocate): Supply argument FATAL_FLASH. + * src/random.c (random_bytes_get): Supply argument FATAL_RANDOM. + * src/ac.c (auth_status): Added volatile, and remove static. + +2010-12-08 NIIBE Yutaka + + * src/gnuk.h (AC_OTHER_AUTHORIZED): Renamed (was: + AC_PSO_OTHER_AUTHORIZED). + * src/ac.c (ac_reset_other): Renamed (was: ac_reset_pso_other). + (verify_other): Renamed (was: verify_pso_other). + (ac_reset_admin): New. + * src/openpgp.c (cmd_change_password): Call ac_reset_admin. + + * src/main.c (main): Don't create GPGThread here. + * src/usb-icc.c (icc_power_on): But create here, when requested. + (icc_power_off): Terminate GPGThread. + * src/openpgp.c (gpg_init, gpg_fini): New. + (GPGthread): Check chThdShouldTerminate. Call gpg_init and gpg_fini. + +2010-12-07 NIIBE Yutaka + + USB CCID/ICC implementation changes. + * src/usb_desc.c (dwMaxCCIDMessageLength): Updated. + * src/usb-icc.c (EV_TX_FINISHED): New. + (icc_rcv_data, icc_tx_data): Removed. + (icc_buffer, icc_seq): New. + (icc_next_p, icc_chain_p): New. + (icc_tx_ready): Removed. + (EP1_IN_Callback): Handle multiple transactions. + (icc_prepare_receive): New. + (EP2_OUT_Callback): Handle multiple transactions. + (icc_error, icc_send_status): Handle the case of receive in chain. + (icc_power_on, icc_send_params): Specify it's a single transaction. + (icc_send_data_block_filling_header): New. + (icc_send_data_block): Simplify. + (icc_handle_data): Removed the case of ICC_STATE_SEND. + Handle buffer of multiple transactions. + (USBthread): Don't use sending in chain. + * src/gnuk.h (USB_LL_BUF_SIZE): New. + (USB_BUF_SIZE): Now, it's larger value. + * src/configure: Echo for --enable-debug. + * src/call-rsa.c (rsa_sign): Use temp[] buffer as rsa_pkcs1_sign + writes OUTPUT in early stage. + +2010-12-04 NIIBE Yutaka + + * src/flash.c (flash_keystore_release): Reset keystore storage. + +2010-12-03 NIIBE Yutaka + + Keystore management changes. + * src/flash.c (flash_key_alloc): Check FLASH_KEYSTORE_SIZE. + (flash_key_release): Removed. + (flash_keystore_release): New function. + * src/openpgp-do.c (gpg_do_write_prvkey): Make it static. + When there is a key already, return as error. + (proc_key_import): Call flash_keystore_release when all keys removed. + * src/gnuk.ld.in (_keystore_pool): Size of keystore is now 1.5KB. + +2010-11-30 NIIBE Yutaka + + Flash ROM fixes for STM32F10X_HD. + * src/gnuk.ld.in (.gnuk_flash): Use FLASH_PAGE_SIZE. + * src/configure (FLASH_PAGE_SIZE): Defined for gnuk.ld. + * src/flash.c (FLASH_PAGE_SIZE): New define. + (FLASH_DATA_POOL_SIZE): Use FLASH_PAGE_SIZE. + + Import changes of ChibiOS_2.0.8. + * ChibiOS_2.0.8/os/hal/include/pwm.h + * ChibiOS_2.0.8/os/hal/platforms/STM32/pwm_lld.c + * ChibiOS_2.0.8/os/hal/platforms/STM32/pwm_lld.h + * ChibiOS_2.0.8/os/hal/src/pwm.c + * ChibiOS_2.0.8/os/hal/templates/pwm_lld.c + * ChibiOS_2.0.8/os/hal/templates/pwm_lld.h + * ChibiOS_2.0.8/os/kernel/include/ch.h + * ChibiOS_2.0.8/os/kernel/src/chevents.c + * ChibiOS_2.0.8/os/kernel/src/chthreads.c + * ChibiOS_2.0.8/boards/OLIMEX_LPC_P2148/board.h + * ChibiOS_2.0.8/readme.txt + * ChibiOS_2.0.8/test/testdyn.c + * ChibiOS_2.0.8/docs/*/*: Updated. + + New private key management. + * src/ac.c (ac_reset_pso_cds, ac_reset_pso_other): Call + gpg_do_clear_prvkey. + (verify_pso_other): load private keys here. + * src/openpgp-do.c (kd): Keydata for Signing, Decryption, and + Authentication. + (gpg_do_load_prvkey, gpg_do_write_prvkey): Use kd[]. + (gpg_do_clear_prvkey): New function. + * src/openpgp.c (cmd_pso, cmd_internal_authenticate): Use new API + of rsa_sign and rsa_decrypt. + (cmd_pso): Fixed bug of checking return value of gpg_get_pw1_lifetime. + * src/call-rsa.c (rsa_sign): New argument KD. + (rsa_decrypt): Likewise. + + Don't use malloc/free in C library. + * src/stdlib.h (malloc, free): Use chHeapAlloc and chHeapFree. + +2010-11-26 NIIBE Yutaka + + * boards/STM8S_DISCOVERY/*: New. + * src/configure: STM8S_DISCOVERY only has 64KB flash memory. + + * boards/STBEE_MINI/board.h (CPU_WITH_NO_GPIOE): New define. + * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld.c: Use it. + * ChibiOS_2.0.6/os/hal/platforms/STM32/pal_lld.c: Likewise. + * ChibiOS_2.0.6/os/hal/platforms/STM32/pal_lld.h: Likewise. + + * src/openpgp.c (cmd_pso): DigestInfo by SHA224/SHA384/SHA512 is + supported. + +2010-11-22 NIIBE Yutaka + + Import changes of ChibiOS_2.0.6. + * ChibiOS_2.0.6/demos/ARM7-AT91SAM7X-LWIP-GCC/chconf.h + * ChibiOS_2.0.6/os/hal/include/can.h + * ChibiOS_2.0.6/os/hal/platforms/AT91SAM7/hal_lld.c + * ChibiOS_2.0.6/os/hal/platforms/AT91SAM7/serial_lld.c + * ChibiOS_2.0.6/os/hal/platforms/LPC214x/serial_lld.c + * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld_f103.h + * ChibiOS_2.0.6/os/hal/platforms/STM32/hal_lld_f105_f107.h + * ChibiOS_2.0.6/os/hal/platforms/STM32/pwm_lld.c + * ChibiOS_2.0.6/os/hal/platforms/STM32/serial_lld.h + * ChibiOS_2.0.6/os/hal/platforms/STM32/spi_lld.h + * ChibiOS_2.0.6/os/hal/src/adc.c + * ChibiOS_2.0.6/os/hal/src/spi.c + * ChibiOS_2.0.6/os/kernel/include/ch.h + * ChibiOS_2.0.6/os/kernel/include/chinline.h + * ChibiOS_2.0.6/os/kernel/include/chioch.h + * ChibiOS_2.0.6/os/kernel/include/chstreams.h + * ChibiOS_2.0.6/os/kernel/include/chthreads.h + * ChibiOS_2.0.6/os/kernel/src/chlists.c + * ChibiOS_2.0.6/os/kernel/src/chschd.c + * ChibiOS_2.0.6/os/kernel/src/chthreads.c + * ChibiOS_2.0.6/os/ports/GCC/ARM/rules.mk + * ChibiOS_2.0.6/os/ports/GCC/ARM7/chcore.h + * ChibiOS_2.0.6/os/ports/GCC/ARM7/port.dox + * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v6m.c + * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v6m.h + * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v7m.c + * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/chcore_v7m.h + * ChibiOS_2.0.6/os/ports/GCC/ARMCMx/old/chcore_v7m.h + * ChibiOS_2.0.6/os/ports/GCC/AVR/chcore.h + * ChibiOS_2.0.6/os/ports/GCC/AVR/port.dox + * ChibiOS_2.0.6/os/ports/GCC/MSP430/chcore.c + * ChibiOS_2.0.6/os/ports/GCC/MSP430/chcore.h + * ChibiOS_2.0.6/os/ports/GCC/MSP430/port.dox + * ChibiOS_2.0.6/os/ports/GCC/PPC/chcore.h + * ChibiOS_2.0.6/os/ports/GCC/PPC/port.dox + * ChibiOS_2.0.6/os/ports/RC/STM8/port.dox + * ChibiOS_2.0.6/os/various/memstreams.h + * ChibiOS_2.0.6/readme.txt + * ChibiOS_2.0.6/docs/*/*: Updated + +2010-11-14 NIIBE Yutaka + + * src/openpgp.c (cmd_pso): DigestInfo by SHA256 is supported. + +2010-11-12 NIIBE Yutaka + + * src/usb_desc.c (gnukConfigDescriptor): Change dwFeatures. + + * src/usb-icc.c (icc_send_params): Always return fixed result. + (icc_handle_data): Support ICC_GET_PARAMS. + +2010-11-10 NIIBE Yutaka + + * src/usb_desc.c (gnukConfigDescriptor): Fix bmAttributes. + +2010-11-09 NIIBE Yutaka + + * Version 0.4. + + * src/usb_desc.c (gnukStringSerial): Updated. + + * ChibiOS_2.0.2/os/hal/platforms/STM32/pal_lld.h (PALConfig): + STBee Mini uses STM32F103CBT6 which expose no GPIO E port. + * ChibiOS_2.0.2/os/hal/platforms/STM32/pal_lld.c (_pal_lld_init): + Likewise. + +2010-11-08 NIIBE Yutaka + + * tool/dump_mem.py: New tool. + + Implement GC for data pool in flash memory. + * src/openpgp-do.c (gpg_write_digital_signature_counter): New. + (gpg_increment_digital_signature_counter): Fix for GC. + (gpg_data_scan): Rename from gpg_do_table_init. + (gpg_data_copy): New function for copying GC. + * src/main.c (main): Call gpg_data_scan with the address which + flash_init returns. + * src/flash.c (flash_erase_page): New function. + (FLASH_DATA_POOL_SIZE): data_pool is 2KiB now. + (flash_data): Put a header (GC generation). + (flash_init): Implement choosing a data pool page. + (flash_data_pool): Removed. + (flash_copying_gc): New function. + (flash_data_pool_allocate): Call flash_copying_gc when full. + (flash_do_write_internal, flash_put_data_internal) + (flash_bool_write_internal, flash_cnt123_write_internal): New + * src/gnuk.ld.in (gnuk_flash): data_pool is 2KiB now. + + Bug fixes. + * src/openpgp.c (cmd_change_password, cmd_reset_user_password): + Write to APDU correctly. + * src/flash.c (flash_warning): Make it public. + * src/openpgp-do.c (do_hist_bytes, do_fp_all, do_cafp_all) + (do_kgtime_all, do_ds_count): Fix return value. + (rw_pw_status): Correctly return value. + (proc_resetting_code): Change func proto. to return success/failure. + (proc_key_import): Ditto. + (gpg_do_put_data): Handle return values. + (gpg_do_write_simple): Don't write to APDU. + +2010-11-05 NIIBE Yutaka + + Bug fixes. + * src/openpgp.c (gpg_change_keystring): Handle + GPG_KEY_FOR_AUTHENTICATION. + * src/openpgp-do.c (gpg_do_write_prvkey): Remove multiple call + of flash_do_release. + + Bug fix. + * src/openpgp-do.c (gpg_do_write_prvkey): Don't hardcode 6, but + use strlen. + + * src/flash.c, src/gnuk.ld.in: Rename "Flash DO Pool" to "Flash + Data Pool", because it's not only DO. + * src/gnuk.h, src/opengpg-do.c: Cleanup. + + Digital Signature Counter implementation improvement. + * src/gnuk.h (NR_DO_DS_COUNT): Removed. + (NR_COUNTER_DS, NR_COUNTER_DS_LSB): New. + * src/openpgp-do.c (do_ds_count_initial_value): Removed. + (gpg_do_increment_digital_signature_counter): Removed. + (digital_signature_counter): New variable. + (do_ds_count, gpg_increment_digital_signature_counter): New functions. + (gpg_do_table): Change the entry for GPG_DO_DS_COUNT as DO_PROC_READ. + (gpg_do_table_init): Handle digital_signature_counter. + * src/flash.c (flash_data_pool_allocate, flash_put_data): New. + + Password status implementation improvement. + * src/gnuk.h (PW_STATUS_PW1, PW_STATUS_RC, PW_STATUS_PW3): Removed. + (PW_ERR_PW1, PW_ERR_RC, PW_ERR_PW3): New define. + (NR_COUNTER_123, NR_BOOL_PW1_LIFETIME): New define. + (NR_NONE, NR_EMPTY): New define. + * src/flash.c (flash_bool_clear, flash_bool_write) + (flash_cnt123_get_value, flash_cnt123_increment) + (flash_cnt123_clear): New functions. + * src/openpgp-do.c (do_pw_status_bytes_template): Removed. + (PW_STATUS_BYTES_TEMPLATE, gpg_do_reset_pw_counter): Removed. + (PASSWORD_ERRORS_MAX, PW_LEN_MAX): New define. + (pw1_lifetime_p, pw_err_counter_p): New variables. + (gpg_get_pw1_lifetime): New function. + (gpg_get_pw_err_counter, gpg_passwd_locked, gpg_reset_pw_counter) + (gpg_increment_pw_counter): New functions. + (rw_pw_status): Use pw1_lifetime_p and pw_err_counter_p. + (gpg_do_table_init): Handle NR_COUNTER_123 and NR_BOOL_PW1_LIFETIME. + * src/ac.c (verify_pso_cds, verify_pso_other, verify_admin_0): + Follow the changes. + * src/openpgp.c (cmd_change_password, cmd_reset_user_password) + (cmd_pso, cmd_internal_authenticate): Likewise. + +2010-11-04 NIIBE Yutaka + + * src/flash.c (flash_warning): New. + (flash_do_pool): Added header for DO pool. + (flash_do_release): Fill zero. + (flash_do_write): Change DO format in flash. + * src/openpgp-do.c (gpg_do_table_init, copy_do_1) + (gpg_do_read_simple): Follow the change of DO format in flash. + + * src/openpgp-do.c (DO_CMP_READ): Renamed. + (cmp_ch_data, cmp_app_data, cmp_ss_temp): Likewise. + (with_tag): Removed static global variable. + (do_hist_bytes, do_fp_all, do_cafp_all, do_kgtime_all) + (rw_pw_status, copy_do_1, copy_do, gpg_do_get_data): Added + with_tag argument. + (gpg_do_put_data): length > 255 will be error. + +2010-11-03 NIIBE Yutaka + + Bug fixes. + * src/ac.c (verify_admin_0): Initialize pwsb earlier. + * src/openpgp-do.c (copy_do_1): Access do_data[0] (was: do_data[1]). + +2010-11-02 NIIBE Yutaka + + DfuSe support. + * tool/dfuse.py (DFU_STM32.download): Put '#' for each 4-KiB. + Added 0-length write to finish download. + Take intel_hex object as argument. + (DFU_STM32.ll_upload_block): New method. + (DFU_STM32.dfuse_read_memory): New method. + (DFU_STM32.verify): New method. + (get_device): Support DFU_STM32PROTOCOL_0 too (for CQ STARM). + + * tool/dfuse.py: Renamed from dfu_stmicroelectronics_extention.py. + +2010-11-01 NIIBE Yutaka + + * tool/intel_hex.py: New file. + * tool/dfu_stmicroelectronics_extention.py: New file. + +2010-10-28 NIIBE Yutaka + + * src/gnuk.h (OPENPGP_CARD_INITIAL_PW3): New. + * src/ac.c (verify_admin_0): Use OPENPGP_CARD_INITIAL_PW3. + +2010-10-23 NIIBE Yutaka + + * Version 0.3. + + * src/usb_desc.c (gnukStringSerial): Updated. + +2010-10-22 NIIBE Yutaka + + * src/gnuk.ld.in (.gnuk_random): Fix description so that + padding with 0xffffffff will be in gnuk.hex. + + * src/openpgp.c (file_selection): Change type (was: int). + (FILE_NONE..FILE_EF_SERIAL): Change the values. + + * src/configure: Added STBee Mini support. + * boards/STBEE_MINI/mcuconf.h: New. + * boards/STBEE_MINI/board.mk: New. + * boards/STBEE_MINI/board.h: New. + * boards/STBEE_MINI/board.c: New. + + * ChibiOS_2.0.2/os/hal/platforms/STM32/hal_lld.c + (pal_default_config): STBee Mini uses STM32F103CBT6 which expose + no GPIO E port. + +2010-10-21 NIIBE Yutaka + + * boards/common/hw_config.c (Get_SerialNum): Removed. + * src/usb_prop.c (gnuk_device_init): Remove calling Get_SerialNum. + * src/usb_desc.c (gnukStringSerial): Updated. + * boards/CQ_STARM/board.c (set_led): Fix polarity. + +2010-10-20 NIIBE Yutaka + + * FSIJ_SERIAL_NUMBER: New. + * src/configure (with_fsij): Added FSIJ serial number support. + * src/config.h.in (@FSIJ_DEFINE@, @SERIAL_NUMBER_FOUR_BYTES@): New. + + * src/configure: Added CQ STARM target. + * boards/CQ_STARM/mcuconf.h: New. + * boards/CQ_STARM/board.mk: New. + * boards/CQ_STARM/board.h: New. + * boards/CQ_STARM/board.c: New. + +2010-10-19 NIIBE Yutaka + + * boards/STM32_PRIMER2/board.mk (BOARDSRC): Use common/hw_config.c. + * boards/OLIMEX_STM32_H103/board.mk (BOARDSRC): Likewise. + + * boards/common/hw_config.c: Move board specific functions to ... + * boards/STM32_PRIMER2/board.c (USB_Cable_Config, set_led): ... here. + * boards/OLIMEX_STM32_H103/board.c (USB_Cable_Config, set_led): Ditto. + + * boards/{OLIMEX_STM32_H103,STM32_PRIMER2}/hw_config.c: Removed. + * boards/common/hw_config.c: New file (was: boards/*/hw_config.c). + + * .gitignore: New file. + +2010-10-16 NIIBE Yutaka + + Implement "INTERNAL AUTHENTICATE" command. + + * src/gnuk.h (BY_USER, BY_RESETCODE, BY_ADMIN): New defines. + (NUM_ALL_PRV_KEYS): Now it's 3 (was: 2). + + * src/openpgp.c (INS_INTERNAL_AUTHENTICATE): New define. + (cmd_internal_authenticate): New function. + (cmds): Added INS_INTERNAL_AUTHENTICATE. + (cmd_change_password): Use BY_USER. + (cmd_reset_user_password): Use BY_USER, BY_RESETCODE, BY_ADMIN. + (cmd_pso): Load GPG_KEY_FOR_DECRYPTION here. + (cmd_pso): Removed adding status word into res_APDU... + * src/call-rsa.c (rsa_sign): and moved adding status word into + res_APDU here. + + * src/ac.c (pw1_keystring): New variable. + (ac_reset_pso_other): Clear pw1_keystring. + (verify_pso_cds): Use BY_USER. + (verify_pso_other): Just check the length of password here, and + defer real check to cmd_pso or cmd_internal_authenticate. + +2010-10-14 NIIBE Yutaka + + Adding 'configure' support. + * src/configure: New file. + * src/Makefile.in: Renamed from src/Makefile. + * src/config.h: Renamed from src/config.h. + * src/gnuk.ld: Renamed from src/gnuk.ld. + + Adding DFU_SUPPORT. + * boards/common/hwinit0.c: New file adding DFU_SUPPORT. + * boards/common/hwinit1.c: New file. + * boards/OLIMEX_STM32_H103/board.c: Include config.h. + Use common/hwinit0.c and common/hwinit1.c. + * boards/STM32_PRIMER2/board.c: Likewise. + +2010-09-16 NIIBE Yutaka + + * src/usb-icc.c (icc_error): New function. + (icc_handle_data): Call icc_error. + Don't go to STATE_START on errors. + +2010-09-13 NIIBE Yutaka + + * Version 0.2. + + * src/openpgp.c (cmd_select_file): Override data of number_of_bytes. + + * src/openpgp-do.c (gpg_do_table_init): Calculate number of byte + which Data Objects consumes. + +2010-09-12 Kaz Kojima + + * src/call-rsa.c (rsa_decrypt): Debug output only when DEBUG. + + * boards/STM32_PRIMER2/hw_config.c (USB_Cable_Config): Fix GPIO. + (set_led): Ditto. + + * boards/STM32_PRIMER2/board.c (hwinit1): Added LED initialization. + +2010-09-11 NIIBE Yutaka + + * src/usb-icc.c (ATR): Fixed. + (icc_send_params): New function. + (icc_handle_data): Handle ICC_SET_PARAMS request. + + * src/random.c (random_bytes_get, random_bytes_free, get_random): + Clear used random bytes. + + * src/flash.c (flash_clear_halfword): New function. + +2010-09-10 NIIBE Yutaka + + * Version 0.1. + + * src/usb_desc.c (gnukStringSerial): Change the value so that + libccid doesn't get confused. + + * src/openpgp.c (gpg_change_keystring): Support key for decryption + as well. + (cmd_read_binary): Use openpgpcard_aid. + (cmd_pso): call ac_reset_pso_other. + + * src/openpgp-do.c (openpgpcard_aid): Renamed from aid, and exported. + (do_ds_count_initial_value): New const variable. + (num_prv_keys): New variable. + (gpg_do_write_prvkey): Remove contents of keystring only if + ++num_prv_keys == NUM_ALL_PRV_KEYS. + (gpg_do_chks_prvkey): Call flash_do_release. + (gpg_do_table_init): Initialize with do_ds_count_initial_value. + Initialize num_prv_keys. + (gpg_do_write_simple): Support removing DO. + (gpg_do_increment_digital_signature_counter): Call flash_do_release. + + * src/gnuk.h (NUM_ALL_PRV_KEYS): New definition. + (OPENPGP_CARD_INITIAL_PW1): New definition. + (enum kind_of_key): Rename. + + * src/ac.c (ac_reset_pso_cds): New function. + +2010-09-09 Kaz Kojima + + * boards/STM32_PRIMER2/{board.c,board.h,board.mk,hw_config.c,mcuconf.h}: + New files. + + * boards/OLIMEX_STM32_H103/{mcuconf.h,hw_config.c}: Moved from src. + + * src/main.c (main): Use set_led instead of palClearPad directly. + +2010-09-08 NIIBE Yutaka + + * src/ac.c (calc_md): Make SHA1 variable auto. + + * src/debug.c (put_int): New. + + * src/gnuk.ld (__process_stack_size__): Removed. + + * src/main.c (STDOUTthread): Use Event. + (main): Make LED ON during command execution, blink usually. + + * src/openpgp-do.c (encrypt, decrypt): Make AES variables auto. + (gpg_do_table): GPG_DO_ALG_AUT is NULL. + + * src/openpgp.c (cmd_pso): Bug fix for extended Lc. + + * src/usb-icc.c (icc_power_off): Make LED ON during command + execution. + (USB_ICC_TIMEOUT): Longer value (was: 1000). + + * src/usb_desc.c (gnukConfigDescriptor): Fix bcdCCID value. + + * src/vcomport.mk (VCOMSRC): Use our own usb_endp.c. + + * src/usb_desc.c (gnukConfigDescriptor): ICC Descriptor is + Revision 1.0. + + * polarssl-0.14.0/include/polarssl/config.h: Commend out + POLARSSL_SELF_TEST. + + * polarssl-0.14.0/library/rsa.c (rsa_private): Don't check input, + so that we don't access ctx->N. + (rsa_pkcs1_decrypt): size of BUF is enough as 256. + + * polarssl-0.14.0/library/sha1.c (sha1_file): #if-out to avoid + stdio of libc. + + * polarssl-0.14.0/library/bignum.c (mpi_write_hlp) + (mpi_write_string, mpi_read_file, mpi_read_file): #if-out to avoid + stdio of libc. + +2010-09-07 NIIBE Yutaka + + * gnuk.svg: New file. + +2010-09-06 NIIBE Yutaka + + * Initial version 0.0. diff --git a/src/Makefile.in b/src/Makefile.in index ff2cb45..a9f3ee3 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -84,7 +84,7 @@ CSRC = $(PORTSRC) \ main.c usb_stm32f103.c adc_stm32f103.c \ usb_desc.c usb_ctrl.c \ usb-icc.c openpgp.c ac.c openpgp-do.c flash.c \ - bn.c modp256.c jpc.c mod.c ec_p256.c \ + bn.c modp256.c jpc.c mod.c ec_p256.c call-ec_p256.c \ random.c neug.c sys.c ifneq ($(ENABLE_DEBUG),) diff --git a/src/call-ec_p256.c b/src/call-ec_p256.c new file mode 100644 index 0000000..722614b --- /dev/null +++ b/src/call-ec_p256.c @@ -0,0 +1,85 @@ +/* + * call-ec_p256.c - interface between Gnuk and Elliptic curve over GF(p256) + * + * Copyright (C) 2013 Free Software Initiative of Japan + * Author: NIIBE Yutaka + * + * This file is a part of Gnuk, a GnuPG USB Token implementation. + * + * Gnuk is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Gnuk is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + */ + +#include +#include +#include +#include "bn.h" +#include "jpc-ac.h" +#include "ec_p256.h" + +#include "ch.h" +#include "gnuk.h" + +/* We are little endian. */ + +#define ECDSA_BYTE_SIZE 32 + +int +ecdsa_sign (const uint8_t *hash, uint8_t *output, + const struct key_data *kd) +{ + int i; + bn256 r[1], s[1], z[1]; + uint8_t *p; + + p = (uint8_t *)z; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + p[ECDSA_BYTE_SIZE - i - 1] = hash[i]; + + ecdsa (r, s, z, (const bn256 *)kd); + p = (uint8_t *)r; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + *output++ = p[ECDSA_BYTE_SIZE - i - 1]; + p = (uint8_t *)s; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + *output++ = p[ECDSA_BYTE_SIZE - i - 1]; + return 0; +} + +const uint8_t * +ecdsa_compute_public (const uint8_t *key_data) +{ + uint8_t *p0, *p, *p1; + ac q[1]; + bn256 k[1]; + int i; + + p0 = (uint8_t *)malloc (ECDSA_BYTE_SIZE * 2); + if (p0 == NULL) + return NULL; + + p = (uint8_t *)k; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + p[ECDSA_BYTE_SIZE - i - 1] = key_data[i]; + compute_kG (q, k); + p = p0; + p1 = (uint8_t *)q->x; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + *p++ = p1[ECDSA_BYTE_SIZE - i - 1]; + p1 = (uint8_t *)q->y; + for (i = 0; i < ECDSA_BYTE_SIZE; i++) + *p++ = p1[ECDSA_BYTE_SIZE - i - 1]; + + return p0; +} diff --git a/src/call-rsa.c b/src/call-rsa.c index a4638ea..3fdbb54 100644 --- a/src/call-rsa.c +++ b/src/call-rsa.c @@ -107,11 +107,6 @@ modulus_calc (const uint8_t *p, int len) return modulus; } -void -modulus_free (const uint8_t *p) -{ - free ((void *)p); -} int rsa_decrypt (const uint8_t *input, uint8_t *output, int msg_len, diff --git a/src/gnuk.h b/src/gnuk.h index 6b6fe1b..606224a 100644 --- a/src/gnuk.h +++ b/src/gnuk.h @@ -237,12 +237,15 @@ extern struct key_data kd[3]; extern int rsa_sign (const uint8_t *, uint8_t *, int, struct key_data *); extern const uint8_t *modulus_calc (const uint8_t *, int); -extern void modulus_free (const uint8_t *); extern int rsa_decrypt (const uint8_t *, uint8_t *, int, struct key_data *); extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash, const uint8_t *signature); extern const uint8_t *rsa_genkey (void); +extern int ecdsa_sign (const uint8_t *hash, uint8_t *output, + const struct key_data *kd); +extern const uint8_t *ecdsa_compute_public (const uint8_t *key_data); + extern const uint8_t *gpg_do_read_simple (uint8_t); extern void gpg_do_write_simple (uint8_t, const uint8_t *, int); extern void gpg_increment_digital_signature_counter (void); diff --git a/src/openpgp-do.c b/src/openpgp-do.c index 88eae05..08d1509 100644 --- a/src/openpgp-do.c +++ b/src/openpgp-do.c @@ -122,7 +122,7 @@ static const uint8_t extended_capabilities[] __attribute__ ((aligned (1))) = { }; /* Algorithm Attributes */ -static const uint8_t algorithm_attr[] __attribute__ ((aligned (1))) = { +static const uint8_t algorithm_attr_rsa[] __attribute__ ((aligned (1))) = { 6, 0x01, /* RSA */ 0x08, 0x00, /* Length modulus (in bit): 2048 */ @@ -130,6 +130,12 @@ static const uint8_t algorithm_attr[] __attribute__ ((aligned (1))) = { 0x00 /* 0: p&q , 3: CRT with N (not yet supported) */ }; +static const uint8_t algorithm_attr_ecdsa[] __attribute__ ((aligned (1))) = { + 9, + 0x13, /* ECDSA */ + 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 /* OID of NIST curve P-256 */ +}; + #define PW_LEN_MAX 127 /* * Representation of PW1_LIFETIME: @@ -722,7 +728,7 @@ static int8_t num_prv_keys; static int gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, - const uint8_t *keystring_admin, const uint8_t *modulus) + const uint8_t *keystring_admin, const uint8_t *pubkey) { uint8_t nr = get_do_ptr_nr_for_kk (kk); const uint8_t *p; @@ -734,7 +740,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, const uint8_t *ks_pw1; const uint8_t *ks_rc; struct key_data_internal kdi; - int modulus_allocated_here = 0; + int pubkey_allocated_here = 0; uint8_t ks_pw1_len = 0; uint8_t ks_rc_len = 0; @@ -745,23 +751,28 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, /* No replace support, you need to remove it first. */ return -1; - if (key_len != KEY_CONTENT_LEN) + if (kk != GPG_KEY_FOR_AUTHENTICATION && key_len != KEY_CONTENT_LEN) + return -1; + if (kk == GPG_KEY_FOR_AUTHENTICATION && key_len != 32) return -1; pd = (struct prvkey_data *)malloc (sizeof (struct prvkey_data)); if (pd == NULL) return -1; - if (modulus == NULL) + if (pubkey == NULL) { - modulus = modulus_calc (key_data, key_len); - if (modulus == NULL) + if (kk == GPG_KEY_FOR_AUTHENTICATION) + pubkey = ecdsa_compute_public (key_data); + else + pubkey = modulus_calc (key_data, key_len); + if (pubkey == NULL) { free (pd); return -1; } - modulus_allocated_here = 1; + pubkey_allocated_here = 1; } DEBUG_INFO ("Getting keystore address...\r\n"); @@ -769,15 +780,21 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, if (key_addr == NULL) { free (pd); - if (modulus_allocated_here) - modulus_free (modulus); + if (pubkey_allocated_here) + free ((void *)pubkey); return -1; } DEBUG_INFO ("key_addr: "); DEBUG_WORD ((uint32_t)key_addr); - memcpy (kdi.data, key_data, KEY_CONTENT_LEN); + if (kk == GPG_KEY_FOR_AUTHENTICATION) + { + memcpy (kdi.data, key_data, key_len); + memset (kdi.data + key_len, 0, KEY_CONTENT_LEN - key_len); + } + else + memcpy (kdi.data, key_data, KEY_CONTENT_LEN); compute_key_data_checksum (&kdi, 0); dek = random_bytes_get (); /* 32-byte random bytes */ @@ -790,9 +807,9 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, encrypt (dek, iv, (uint8_t *)&kdi, sizeof (struct key_data_internal)); - r = flash_key_write (key_addr, kdi.data, modulus); - if (modulus_allocated_here) - modulus_free (modulus); + r = flash_key_write (key_addr, kdi.data, pubkey); + if (pubkey_allocated_here) + free ((void *)pubkey); if (r < 0) { @@ -895,13 +912,23 @@ gpg_do_chks_prvkey (enum kind_of_key kk, } /* + * RSA: * 4d, xx, xx, xx: Extended Header List * b6 00 (SIG) / b8 00 (DEC) / a4 00 (AUT) * 7f48, xx: cardholder private key template - * 91 xx - * 92 xx xx - * 93 xx xx + * 91 xx: length of E + * 92 xx xx: length of P + * 93 xx xx: length of Q * 5f48, xx xx xx: cardholder private key + * , , + * + * ECDSA: + * 4d, xx: Extended Header List + * a4 00 (AUT) + * 7f48, xx: cardholder private key template + * 91 xx: length of d + * 5f48, xx : cardholder private key + * */ static int proc_key_import (const uint8_t *data, int len) @@ -944,7 +971,8 @@ proc_key_import (const uint8_t *data, int len) ac_reset_other (); } - if (len <= 22) + if ((kk != GPG_KEY_FOR_AUTHENTICATION && len <= 22) + || (kk == GPG_KEY_FOR_AUTHENTICATION && len <= 12)) { /* Deletion of the key */ uint8_t nr = get_do_ptr_nr_for_kk (kk); const uint8_t *do_data = do_ptr[nr - NR_DO__FIRST__]; @@ -972,9 +1000,15 @@ proc_key_import (const uint8_t *data, int len) return 1; } - /* It should starts with 00 01 00 01 (E) */ - /* Skip E, 4-byte */ - r = gpg_do_write_prvkey (kk, &data[26], len - 26, keystring_admin, NULL); + if (kk != GPG_KEY_FOR_AUTHENTICATION) + { /* RSA */ + /* It should starts with 00 01 00 01 (E) */ + /* Skip E, 4-byte */ + r = gpg_do_write_prvkey (kk, &data[26], len - 26, keystring_admin, NULL); + } + else + r = gpg_do_write_prvkey (kk, &data[12], len - 12, keystring_admin, NULL); + if (r < 0) return 0; else @@ -1032,9 +1066,9 @@ gpg_do_table[] = { rw_pw_status }, /* Fixed data */ { GPG_DO_EXTCAP, DO_FIXED, AC_ALWAYS, AC_NEVER, extended_capabilities }, - { GPG_DO_ALG_SIG, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr }, - { GPG_DO_ALG_DEC, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr }, - { GPG_DO_ALG_AUT, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr }, + { GPG_DO_ALG_SIG, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr_rsa }, + { GPG_DO_ALG_DEC, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr_rsa }, + { GPG_DO_ALG_AUT, DO_FIXED, AC_ALWAYS, AC_NEVER, algorithm_attr_ecdsa }, /* Compound data: Read access only */ { GPG_DO_CH_DATA, DO_CMP_READ, AC_ALWAYS, AC_NEVER, cmp_ch_data }, { GPG_DO_APP_DATA, DO_CMP_READ, AC_ALWAYS, AC_NEVER, cmp_app_data }, @@ -1475,26 +1509,42 @@ gpg_do_public_key (uint8_t kk_byte) /* TAG */ *res_p++ = 0x7f; *res_p++ = 0x49; - /* LEN = 9+256 */ - *res_p++ = 0x82; *res_p++ = 0x01; *res_p++ = 0x09; - { - /*TAG*/ /*LEN = 256 */ - *res_p++ = 0x81; *res_p++ = 0x82; *res_p++ = 0x01; *res_p++ = 0x00; - /* 256-byte binary (big endian) */ - memcpy (res_p, key_addr + KEY_CONTENT_LEN, KEY_CONTENT_LEN); - res_p += 256; - } - { - /*TAG*/ /*LEN= 3 */ - *res_p++ = 0x82; *res_p++ = 3; - /* 3-byte E=0x10001 (big endian) */ - *res_p++ = 0x01; *res_p++ = 0x00; *res_p++ = 0x01; + if (kk_byte != 0xa4) + { /* RSA */ + /* LEN = 9+256 */ + *res_p++ = 0x82; *res_p++ = 0x01; *res_p++ = 0x09; - /* Success */ - res_APDU_size = res_p - res_APDU; - GPG_SUCCESS (); - } + { + /*TAG*/ /* LEN = 256 */ + *res_p++ = 0x81; *res_p++ = 0x82; *res_p++ = 0x01; *res_p++ = 0x00; + /* 256-byte binary (big endian) */ + memcpy (res_p, key_addr + KEY_CONTENT_LEN, KEY_CONTENT_LEN); + res_p += 256; + } + { + /*TAG*/ /* LEN= 3 */ + *res_p++ = 0x82; *res_p++ = 3; + /* 3-byte E=0x10001 (big endian) */ + *res_p++ = 0x01; *res_p++ = 0x00; *res_p++ = 0x01; + } + } + else + { /* ECDSA */ + /* LEN = 2+64 */ + *res_p++ = 0x42; + { + /*TAG*/ /* LEN = 64 */ + *res_p++ = 0x81; *res_p++ = 0x40; + /* 64-byte binary (big endian) */ + memcpy (res_p, key_addr + KEY_CONTENT_LEN, 64); + res_p += 64; + } + } + + /* Success */ + res_APDU_size = res_p - res_APDU; + GPG_SUCCESS (); DEBUG_INFO ("done.\r\n"); return; diff --git a/src/openpgp.c b/src/openpgp.c index 6332f5d..5275d15 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -833,6 +833,7 @@ cmd_pso (void) } +#if RSA_AUTH #define MAX_DIGEST_INFO_LEN 102 /* 40% */ static void cmd_internal_authenticate (void) @@ -876,6 +877,54 @@ cmd_internal_authenticate (void) DEBUG_INFO ("INTERNAL AUTHENTICATE done.\r\n"); } +#else +#define ECDSA_P256_HASH_LEN 32 +#define ECDSA_SIGNATURE_LENGTH 64 + +static void +cmd_internal_authenticate (void) +{ + int len = apdu.cmd_apdu_data_len; + int r; + + DEBUG_INFO (" - INTERNAL AUTHENTICATE\r\n"); + + if (P1 (apdu) == 0x00 && P2 (apdu) == 0x00) + { + DEBUG_SHORT (len); + + if (!ac_check_status (AC_OTHER_AUTHORIZED)) + { + DEBUG_INFO ("security error."); + GPG_SECURITY_FAILURE (); + return; + } + + if (len != ECDSA_P256_HASH_LEN) + { + DEBUG_INFO ("wrong hash length."); + GPG_CONDITION_NOT_SATISFIED (); + return; + } + + res_APDU_size = ECDSA_SIGNATURE_LENGTH; + r = ecdsa_sign (apdu.cmd_apdu_data, res_APDU, + &kd[GPG_KEY_FOR_AUTHENTICATION]); + if (r < 0) + GPG_ERROR (); + } + else + { + DEBUG_INFO (" - ??"); + DEBUG_BYTE (P1 (apdu)); + DEBUG_INFO (" - ??"); + DEBUG_BYTE (P2 (apdu)); + GPG_ERROR (); + } + + DEBUG_INFO ("INTERNAL AUTHENTICATE done.\r\n"); +} +#endif #define MBD_OPRATION_WRITE 0 #define MBD_OPRATION_UPDATE 1