deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

works now again

Browse Source
This commit is contained in:
NIIBE Yutaka
2010-09-04 18:44:01 +09:00
parent e59ca762a9
commit b65ff2851a
19 changed files with 378 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
STM32_USB-FS-Device_Driver/inc/usb_init.h
View File

@@ -34,12 +34,12 @@ extern uint8_t EPindex;
extern DEVICE_INFO* pInformation; extern DEVICE_INFO* pInformation;
/* Points to the DEVICE_PROP structure of current device */ /* Points to the DEVICE_PROP structure of current device */
/* The purpose of this register is to speed up the execution */ /* The purpose of this register is to speed up the execution */
extern DEVICE_PROP* pProperty; extern const DEVICE_PROP* pProperty;
/* Temporary save the state of Rx & Tx status. */ /* Temporary save the state of Rx & Tx status. */
/* Whenever the Rx or Tx state is changed, its value is saved */ /* Whenever the Rx or Tx state is changed, its value is saved */
/* in this variable first and will be set to the EPRB or EPRA */ /* in this variable first and will be set to the EPRB or EPRA */
/* at the end of interrupt process */ /* at the end of interrupt process */
extern USER_STANDARD_REQUESTS *pUser_Standard_Requests; extern const USER_STANDARD_REQUESTS *pUser_Standard_Requests;
extern uint16_t SaveState ; extern uint16_t SaveState ;
extern uint16_t wInterrupt_Mask; extern uint16_t wInterrupt_Mask;

2
STM32_USB-FS-Device_Driver/src/usb_core.c
View File

@@ -255,7 +255,7 @@ RESULT Standard_ClearFeature(void)
} }
else if (Type_Rec == (STANDARD_REQUEST | ENDPOINT_RECIPIENT)) else if (Type_Rec == (STANDARD_REQUEST | ENDPOINT_RECIPIENT))
{/*EndPoint Clear Feature*/ {/*EndPoint Clear Feature*/
DEVICE* pDev; const DEVICE* pDev;
uint32_t Related_Endpoint; uint32_t Related_Endpoint;
uint32_t wIndex0; uint32_t wIndex0;
uint32_t rEP; uint32_t rEP;

4
STM32_USB-FS-Device_Driver/src/usb_init.c
View File

@@ -29,7 +29,7 @@
DEVICE_INFO *pInformation; DEVICE_INFO *pInformation;
/* Points to the DEVICE_PROP structure of current device */ /* Points to the DEVICE_PROP structure of current device */
/* The purpose of this register is to speed up the execution */ /* The purpose of this register is to speed up the execution */
DEVICE_PROP *pProperty; const DEVICE_PROP *pProperty;
/* Temporary save the state of Rx & Tx status. */ /* Temporary save the state of Rx & Tx status. */
/* Whenever the Rx or Tx state is changed, its value is saved */ /* Whenever the Rx or Tx state is changed, its value is saved */
/* in this variable first and will be set to the EPRB or EPRA */ /* in this variable first and will be set to the EPRB or EPRA */
@@ -37,7 +37,7 @@ DEVICE_PROP *pProperty;
uint16_t SaveState ; uint16_t SaveState ;
uint16_t wInterrupt_Mask; uint16_t wInterrupt_Mask;
DEVICE_INFO Device_Info; DEVICE_INFO Device_Info;
USER_STANDARD_REQUESTS *pUser_Standard_Requests; const USER_STANDARD_REQUESTS *pUser_Standard_Requests;
/* Extern variables ----------------------------------------------------------*/ /* Extern variables ----------------------------------------------------------*/
/* Private function prototypes -----------------------------------------------*/ /* Private function prototypes -----------------------------------------------*/

6
Virtual_COM_Port/usb_endp.c
View File

@@ -40,7 +40,7 @@ uint32_t count_in = 0;
* Output : None. * Output : None.
* Return : None. * Return : None.
*******************************************************************************/ *******************************************************************************/
void EP1_IN_Callback(void) void EP3_IN_Callback(void)
{ {
count_in = 0; count_in = 0;
} }
@@ -52,10 +52,10 @@ void EP1_IN_Callback(void)
* Output : None. * Output : None.
* Return : None. * Return : None.
*******************************************************************************/ *******************************************************************************/
void EP3_OUT_Callback(void) void EP5_OUT_Callback(void)
{ {
/* Get the received data buffer and update the counter */ /* Get the received data buffer and update the counter */
count_out = USB_SIL_Read(EP3_OUT, buffer_out); count_out = USB_SIL_Read(EP5_OUT, buffer_out);
#ifndef STM32F10X_CL #ifndef STM32F10X_CL
/* Enable the receive of data on EP3 */ /* Enable the receive of data on EP3 */

4
Virtual_COM_Port/usb_istr.c
View File

@@ -67,7 +67,7 @@ __IO uint8_t bIntPackSOF = 0; /* SOFs received between 2 consecutive packets */
/* Private function prototypes -----------------------------------------------*/ /* Private function prototypes -----------------------------------------------*/
/* Private functions ---------------------------------------------------------*/ /* Private functions ---------------------------------------------------------*/
/* function pointers to non-control endpoints service routines */ /* function pointers to non-control endpoints service routines */
void (*pEpInt_IN[7])(void) = void (*const pEpInt_IN[7])(void) =
{ {
EP1_IN_Callback, EP1_IN_Callback,
EP2_IN_Callback, EP2_IN_Callback,
@@ -78,7 +78,7 @@ void (*pEpInt_IN[7])(void) =
EP7_IN_Callback, EP7_IN_Callback,
}; };
void (*pEpInt_OUT[7])(void) = void (*const pEpInt_OUT[7])(void) =
{ {
EP1_OUT_Callback, EP1_OUT_Callback,
EP2_OUT_Callback, EP2_OUT_Callback,

11
src/Makefile
View File

@@ -1,5 +1,12 @@
# Makefile for Gnuk # Makefile for Gnuk
#
#
ENABLE_DEBUG=1
ifneq ($(ENABLE_DEBUG),)
ENABLE_VCOMPORT=1
endif
############################################################################## ##############################################################################
# Build global options # Build global options
@@ -140,7 +147,11 @@ CPPWARN = -Wall -Wextra
# #
# List all default C defines here, like -D_DEBUG=1 # List all default C defines here, like -D_DEBUG=1
ifeq ($(ENABLE_DEBUG),)
DDEFS = -DCORTEX_USE_BASEPRI=TRUE DDEFS = -DCORTEX_USE_BASEPRI=TRUE
else
DDEFS = -DCORTEX_USE_BASEPRI=TRUE -DDEBUG
endif
# List all default ASM defines here, like -D_DEBUG=1 # List all default ASM defines here, like -D_DEBUG=1
DADEFS = DADEFS =

2
src/ac.c
View File

@@ -54,7 +54,7 @@ verify_pso_cds (const uint8_t *pw, int pw_len)
} }
void void
reset_pso_cds (void) ac_reset_pso_cds (void)
{ {
auth_status &= ~AC_PSO_CDS_AUTHORIZED; auth_status &= ~AC_PSO_CDS_AUTHORIZED;
} }

3
src/config.h
View File

@@ -1,6 +1,3 @@
#define DEBUG 1
/* #undef DEBUG */
#ifdef DEBUG #ifdef DEBUG
#define ENABLE_VIRTUAL_COM_PORT 1 #define ENABLE_VIRTUAL_COM_PORT 1
#endif #endif

4
src/gnuk.h
View File

@@ -48,7 +48,7 @@ extern int verify_pso_other (const uint8_t *pw, int pw_len);
extern int verify_admin (const uint8_t *pw, int pw_len); extern int verify_admin (const uint8_t *pw, int pw_len);
extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known); extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known);
extern void reset_pso_cds (void); extern void ac_reset_pso_cds (void);
@@ -164,3 +164,5 @@ extern uint32_t get_random (void);
extern void random_init (void); extern void random_init (void);
extern uint32_t hardclock (void); extern uint32_t hardclock (void);
extern void gpg_do_reset_pw_counter (uint8_t which);

11
src/main.c
View File

@@ -127,8 +127,8 @@ STDOUTthread (void *arg)
p += count_in; p += count_in;
} }
USB_SIL_Write (EP1_IN, buffer_in, count_in); USB_SIL_Write (EP3_IN, buffer_in, count_in);
SetEPTxValid (ENDP1); SetEPTxValid (ENDP3);
while (count_in > 0) while (count_in > 0)
chThdSleepMilliseconds (1); chThdSleepMilliseconds (1);
@@ -144,11 +144,6 @@ STDOUTthread (void *arg)
return 0; return 0;
} }
#else #else
static void
stdout_init (void)
{
}
void void
_write (const char *s, int size) _write (const char *s, int size)
{ {
@@ -189,9 +184,9 @@ main (int argc, char **argv)
usb_lld_init (); usb_lld_init ();
USB_Init(); USB_Init();
#ifdef DEBUG
stdout_init (); stdout_init ();
#ifdef DEBUG
/* /*
* Creates 'stdout' thread. * Creates 'stdout' thread.
*/ */

356
src/openpgp-do.c
View File

@@ -122,7 +122,7 @@ static uint8_t *res_p;
static int with_tag; static int with_tag;
static void copy_do_1 (uint16_t tag, const uint8_t *do_data); static void copy_do_1 (uint16_t tag, const uint8_t *do_data);
static struct do_table_entry *get_do_entry (uint16_t tag); static const struct do_table_entry *get_do_entry (uint16_t tag);
#define GPG_DO_AID 0x004f #define GPG_DO_AID 0x004f
#define GPG_DO_NAME 0x005b #define GPG_DO_NAME 0x005b
@@ -157,6 +157,32 @@ static struct do_table_entry *get_do_entry (uint16_t tag);
#define GPG_DO_HIST_BYTES 0x5f52 #define GPG_DO_HIST_BYTES 0x5f52
#define GPG_DO_CH_CERTIFICATE 0x7f21 #define GPG_DO_CH_CERTIFICATE 0x7f21
#define NUM_DO_OBJS 23
static const uint8_t *do_ptr[NUM_DO_OBJS];
#define NR_DO_PRVKEY_SIG 0
#define NR_DO_PRVKEY_DEC 1
#define NR_DO_PRVKEY_AUT 2
#define NR_DO_KEYSTRING_PW1 3
#define NR_DO_KEYSTRING_RC 4
#define NR_DO_KEYSTRING_PW3 5
#define NR_DO_PW_STATUS 6
#define NR_DO_DS_COUNT 7
#define NR_DO_SEX 8
#define NR_DO_FP_SIG 9
#define NR_DO_FP_DEC 10
#define NR_DO_FP_AUT 11
#define NR_DO_CAFP_1 12
#define NR_DO_CAFP_2 13
#define NR_DO_CAFP_3 14
#define NR_DO_KGTIME_SIG 15
#define NR_DO_KGTIME_DEC 16
#define NR_DO_KGTIME_AUT 17
#define NR_DO_LOGIN_DATA 18
#define NR_DO_URL 19
#define NR_DO_NAME 20
#define NR_DO_LANGUAGE 21
#define NR_DO_CH_CERTIFICATE 22
static void static void
copy_tag (uint16_t tag) copy_tag (uint16_t tag)
{ {
@@ -184,8 +210,7 @@ do_hist_bytes (uint16_t tag)
static int static int
do_fp_all (uint16_t tag) do_fp_all (uint16_t tag)
{ {
struct do_table_entry *do_p; const uint8_t *data;
const uint8_t *do_data;
if (with_tag) if (with_tag)
{ {
@@ -193,26 +218,23 @@ do_fp_all (uint16_t tag)
*res_p++ = SIZE_FP*3; *res_p++ = SIZE_FP*3;
} }
do_p = get_do_entry (GPG_DO_FP_SIG); data = gpg_do_read_simple (GPG_DO_FP_SIG);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
do_p = get_do_entry (GPG_DO_FP_DEC); data = gpg_do_read_simple (GPG_DO_FP_DEC);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
do_p = get_do_entry (GPG_DO_FP_AUT); data = gpg_do_read_simple (GPG_DO_FP_AUT);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
@@ -223,8 +245,7 @@ do_fp_all (uint16_t tag)
static int static int
do_cafp_all (uint16_t tag) do_cafp_all (uint16_t tag)
{ {
struct do_table_entry *do_p; const uint8_t *data;
const uint8_t *do_data;
if (with_tag) if (with_tag)
{ {
@@ -232,26 +253,23 @@ do_cafp_all (uint16_t tag)
*res_p++ = SIZE_FP*3; *res_p++ = SIZE_FP*3;
} }
do_p = get_do_entry (GPG_DO_CAFP_1); data = gpg_do_read_simple (GPG_DO_CAFP_1);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
do_p = get_do_entry (GPG_DO_CAFP_2); data = gpg_do_read_simple (GPG_DO_CAFP_2);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
do_p = get_do_entry (GPG_DO_CAFP_3); data = gpg_do_read_simple (GPG_DO_CAFP_2);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_FP);
memcpy (res_p, &do_data[1], SIZE_FP);
else else
memset (res_p, 0, SIZE_FP); memset (res_p, 0, SIZE_FP);
res_p += SIZE_FP; res_p += SIZE_FP;
@@ -262,8 +280,7 @@ do_cafp_all (uint16_t tag)
static int static int
do_kgtime_all (uint16_t tag) do_kgtime_all (uint16_t tag)
{ {
struct do_table_entry *do_p; const uint8_t *data;
const uint8_t *do_data;
if (with_tag) if (with_tag)
{ {
@@ -271,26 +288,23 @@ do_kgtime_all (uint16_t tag)
*res_p++ = SIZE_KGTIME*3; *res_p++ = SIZE_KGTIME*3;
} }
do_p = get_do_entry (GPG_DO_KGTIME_SIG); data = gpg_do_read_simple (GPG_DO_KGTIME_SIG);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_KGTIME);
memcpy (res_p, &do_data[1], SIZE_KGTIME);
else else
memset (res_p, 0, SIZE_KGTIME); memset (res_p, 0, SIZE_KGTIME);
res_p += SIZE_KGTIME; res_p += SIZE_KGTIME;
do_p = get_do_entry (GPG_DO_KGTIME_DEC); data = gpg_do_read_simple (GPG_DO_KGTIME_DEC);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_KGTIME);
memcpy (res_p, &do_data[1], SIZE_KGTIME);
else else
memset (res_p, 0, SIZE_KGTIME); memset (res_p, 0, SIZE_KGTIME);
res_p += SIZE_KGTIME; res_p += SIZE_KGTIME;
do_p = get_do_entry (GPG_DO_KGTIME_AUT); data = gpg_do_read_simple (GPG_DO_KGTIME_AUT);
do_data = (const uint8_t *)do_p->obj; if (data)
if (do_data) memcpy (res_p, data, SIZE_KGTIME);
memcpy (res_p, &do_data[1], SIZE_KGTIME);
else else
memset (res_p, 0, SIZE_KGTIME); memset (res_p, 0, SIZE_KGTIME);
res_p += SIZE_KGTIME; res_p += SIZE_KGTIME;
@@ -300,27 +314,25 @@ do_kgtime_all (uint16_t tag)
static int static int
rw_pw_status (uint16_t tag, const uint8_t *data, int len, int is_write) rw_pw_status (uint16_t tag, const uint8_t *data, int len, int is_write)
{ {
struct do_table_entry *do_p; const uint8_t *do_data = do_ptr[NR_DO_PW_STATUS];
if (is_write) if (is_write)
{ {
const uint8_t *do_data;
uint8_t pwsb[SIZE_PW_STATUS_BYTES]; uint8_t pwsb[SIZE_PW_STATUS_BYTES];
(void)len; (void)len;
do_p = get_do_entry (GNUK_DO_PW_STATUS);
do_data = (const uint8_t *)do_p->obj;
if (do_data) if (do_data)
{ {
memcpy (pwsb, &do_data[1], SIZE_PW_STATUS_BYTES); memcpy (pwsb, &do_data[1], SIZE_PW_STATUS_BYTES);
flash_do_release (do_p->obj); flash_do_release (do_data);
} }
else else
memcpy (pwsb, PW_STATUS_BYTES_TEMPLATE, SIZE_PW_STATUS_BYTES); memcpy (pwsb, PW_STATUS_BYTES_TEMPLATE, SIZE_PW_STATUS_BYTES);
pwsb[0] = data[0]; pwsb[0] = data[0];
do_p->obj = flash_do_write (tag, pwsb, SIZE_PW_STATUS_BYTES); do_ptr[NR_DO_PW_STATUS]
if (do_p->obj) = flash_do_write (tag, pwsb, SIZE_PW_STATUS_BYTES);
if (do_ptr[NR_DO_PW_STATUS])
GPG_SUCCESS (); GPG_SUCCESS ();
else else
GPG_MEMORY_FAILURE(); GPG_MEMORY_FAILURE();
@@ -329,10 +341,6 @@ rw_pw_status (uint16_t tag, const uint8_t *data, int len, int is_write)
} }
else else
{ {
const uint8_t *do_data;
do_p = get_do_entry (GNUK_DO_PW_STATUS);
do_data = (const uint8_t *)do_p->obj;
if (do_data) if (do_data)
{ {
if (with_tag) if (with_tag)
@@ -363,9 +371,6 @@ proc_resetting_code (const uint8_t *data, int len)
const uint8_t *newpw; const uint8_t *newpw;
int newpw_len; int newpw_len;
int r; int r;
uint8_t pwsb[SIZE_PW_STATUS_BYTES];
struct do_table_entry *do_p;
const uint8_t *do_data;
newpw_len = len; newpw_len = len;
newpw = data; newpw = data;
@@ -388,21 +393,7 @@ proc_resetting_code (const uint8_t *data, int len)
GPG_SUCCESS (); GPG_SUCCESS ();
/* Reset RC counter in GNUK_DO_PW_STATUS */ /* Reset RC counter in GNUK_DO_PW_STATUS */
do_p = get_do_entry (GNUK_DO_PW_STATUS); gpg_do_reset_pw_counter (PW_STATUS_RC);
do_data = (const uint8_t *)do_p->obj;
if (do_data)
{
memcpy (pwsb, &do_data[1], SIZE_PW_STATUS_BYTES);
pwsb[PW_STATUS_RC] = 3;
flash_do_release (do_data);
}
else
{
memcpy (pwsb, PW_STATUS_BYTES_TEMPLATE, SIZE_PW_STATUS_BYTES);
pwsb[5] = 3;
}
gpg_do_write_simple (GNUK_DO_PW_STATUS, pwsb, SIZE_PW_STATUS_BYTES);
} }
static void static void
@@ -446,6 +437,21 @@ get_tag_for_kk (enum kind_of_key kk)
return GNUK_DO_PRVKEY_SIG; return GNUK_DO_PRVKEY_SIG;
} }
static uint8_t
get_do_ptr_nr_for_kk (enum kind_of_key kk)
{
switch (kk)
{
case GPG_KEY_FOR_SIGNATURE:
return NR_DO_PRVKEY_SIG;
case GPG_KEY_FOR_DECRYPT:
return NR_DO_PRVKEY_DEC;
case GPG_KEY_FOR_AUTHENTICATION:
return NR_DO_PRVKEY_AUT;
}
return NR_DO_PRVKEY_SIG;
}
/* /*
* Return 1 on success, * Return 1 on success,
* 0 if none, * 0 if none,
@@ -454,18 +460,18 @@ get_tag_for_kk (enum kind_of_key kk)
int int
gpg_do_load_prvkey (enum kind_of_key kk, int who, const uint8_t *keystring) gpg_do_load_prvkey (enum kind_of_key kk, int who, const uint8_t *keystring)
{ {
uint16_t tag = get_tag_for_kk (kk); uint8_t nr = get_do_ptr_nr_for_kk (kk);
struct do_table_entry *do_p = get_do_entry (tag); const uint8_t *do_data = do_ptr[nr];
uint8_t *key_addr; uint8_t *key_addr;
uint8_t dek[DATA_ENCRYPTION_KEY_SIZE]; uint8_t dek[DATA_ENCRYPTION_KEY_SIZE];
if (do_p->obj == NULL) if (do_data == NULL)
return 0; return 0;
key_addr = *(uint8_t **)&((uint8_t *)do_p->obj)[1]; key_addr = *(uint8_t **)&(do_data)[1];
memcpy (kd.data, key_addr, KEY_CONTENT_LEN); memcpy (kd.data, key_addr, KEY_CONTENT_LEN);
memcpy (((uint8_t *)&kd.check), ((uint8_t *)do_p->obj)+5, ADDITIONAL_DATA_SIZE); memcpy (((uint8_t *)&kd.check), do_data+5, ADDITIONAL_DATA_SIZE);
memcpy (dek, ((uint8_t *)do_p->obj)+5+16*who, DATA_ENCRYPTION_KEY_SIZE); memcpy (dek, do_data+5+16*who, DATA_ENCRYPTION_KEY_SIZE);
decrypt (keystring, dek, DATA_ENCRYPTION_KEY_SIZE); decrypt (keystring, dek, DATA_ENCRYPTION_KEY_SIZE);
decrypt (dek, (uint8_t *)&kd, sizeof (struct key_data)); decrypt (dek, (uint8_t *)&kd, sizeof (struct key_data));
@@ -492,14 +498,14 @@ int
gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
const uint8_t *keystring) const uint8_t *keystring)
{ {
uint16_t tag = get_tag_for_kk (kk);
uint8_t nr = get_do_ptr_nr_for_kk (kk);
const uint8_t *p; const uint8_t *p;
int r; int r;
struct do_table_entry *do_p;
const uint8_t *modulus; const uint8_t *modulus;
struct prvkey_data *pd; struct prvkey_data *pd;
uint8_t *key_addr; uint8_t *key_addr;
uint8_t *dek; uint8_t *dek;
uint16_t tag = get_tag_for_kk (kk);
const uint8_t *ks_pw1 = gpg_do_read_simple (GNUK_DO_KEYSTRING_PW1); const uint8_t *ks_pw1 = gpg_do_read_simple (GNUK_DO_KEYSTRING_PW1);
const uint8_t *ks_rc = gpg_do_read_simple (GNUK_DO_KEYSTRING_RC); const uint8_t *ks_rc = gpg_do_read_simple (GNUK_DO_KEYSTRING_RC);
@@ -553,7 +559,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
pd->key_addr = key_addr; pd->key_addr = key_addr;
memcpy (pd->crm_encrypted, (uint8_t *)&kd.check, ADDITIONAL_DATA_SIZE); memcpy (pd->crm_encrypted, (uint8_t *)&kd.check, ADDITIONAL_DATA_SIZE);
reset_pso_cds (); ac_reset_pso_cds ();
if (ks_pw1) if (ks_pw1)
{ {
memcpy (pd->dek_encrypted_1, dek, DATA_ENCRYPTION_KEY_SIZE); memcpy (pd->dek_encrypted_1, dek, DATA_ENCRYPTION_KEY_SIZE);
@@ -587,8 +593,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
encrypt (keystring, pd->dek_encrypted_3, DATA_ENCRYPTION_KEY_SIZE); encrypt (keystring, pd->dek_encrypted_3, DATA_ENCRYPTION_KEY_SIZE);
p = flash_do_write (tag, (const uint8_t *)pd, sizeof (struct prvkey_data)); p = flash_do_write (tag, (const uint8_t *)pd, sizeof (struct prvkey_data));
do_p = get_do_entry (tag); do_ptr[nr] = p;
do_p->obj = p;
dek_free (dek); dek_free (dek);
free (pd); free (pd);
@@ -604,20 +609,21 @@ gpg_do_chks_prvkey (enum kind_of_key kk,
int who_new, const uint8_t *new_ks) int who_new, const uint8_t *new_ks)
{ {
uint16_t tag = get_tag_for_kk (kk); uint16_t tag = get_tag_for_kk (kk);
struct do_table_entry *do_p = get_do_entry (tag); uint8_t nr = get_do_ptr_nr_for_kk (kk);
const uint8_t *do_data = do_ptr[nr];
uint8_t dek[DATA_ENCRYPTION_KEY_SIZE]; uint8_t dek[DATA_ENCRYPTION_KEY_SIZE];
struct prvkey_data *pd; struct prvkey_data *pd;
const uint8_t *p; const uint8_t *p;
uint8_t *dek_p; uint8_t *dek_p;
if (do_p->obj == NULL) if (do_data == NULL)
return 0; /* No private key */ return 0; /* No private key */
pd = (struct prvkey_data *)malloc (sizeof (struct prvkey_data)); pd = (struct prvkey_data *)malloc (sizeof (struct prvkey_data));
if (pd == NULL) if (pd == NULL)
return -1; return -1;
memcpy (pd, &((uint8_t *)do_p->obj)[1], sizeof (struct prvkey_data)); memcpy (pd, &(do_data)[1], sizeof (struct prvkey_data));
dek_p = ((uint8_t *)pd) + 4 + ADDITIONAL_DATA_SIZE + DATA_ENCRYPTION_KEY_SIZE * (who_old - 1); dek_p = ((uint8_t *)pd) + 4 + ADDITIONAL_DATA_SIZE + DATA_ENCRYPTION_KEY_SIZE * (who_old - 1);
memcpy (dek, dek_p, DATA_ENCRYPTION_KEY_SIZE); memcpy (dek, dek_p, DATA_ENCRYPTION_KEY_SIZE);
decrypt (old_ks, dek, DATA_ENCRYPTION_KEY_SIZE); decrypt (old_ks, dek, DATA_ENCRYPTION_KEY_SIZE);
@@ -626,7 +632,7 @@ gpg_do_chks_prvkey (enum kind_of_key kk,
memcpy (dek_p, dek, DATA_ENCRYPTION_KEY_SIZE); memcpy (dek_p, dek, DATA_ENCRYPTION_KEY_SIZE);
p = flash_do_write (tag, (const uint8_t *)pd, sizeof (struct prvkey_data)); p = flash_do_write (tag, (const uint8_t *)pd, sizeof (struct prvkey_data));
do_p->obj = p; do_ptr[nr] = p;
free (pd); free (pd);
if (p == NULL) if (p == NULL)
@@ -661,18 +667,18 @@ proc_key_import (const uint8_t *data, int len)
if (len <= 22) if (len <= 22)
{ /* Deletion of the key */ { /* Deletion of the key */
uint16_t tag = get_tag_for_kk (kk); uint8_t nr = get_do_ptr_nr_for_kk (kk);
struct do_table_entry *do_p = get_do_entry (tag); const uint8_t *do_data = do_ptr[nr];
if (do_p->obj) if (do_data)
{ {
uint8_t *key_addr = *(uint8_t **)&((uint8_t *)do_p->obj)[1]; uint8_t *key_addr = *(uint8_t **)&do_data[1];
flash_do_release (do_p->obj); flash_do_release (do_data);
flash_key_release (key_addr); flash_key_release (key_addr);
} }
do_p->obj = NULL; do_ptr[nr] = NULL;
GPG_SUCCESS (); GPG_SUCCESS ();
return; return;
} }
@@ -706,35 +712,35 @@ static const uint16_t const cn_app_data[] = {
static const uint16_t const cn_ss_temp[] = { 1, GPG_DO_DS_COUNT }; static const uint16_t const cn_ss_temp[] = { 1, GPG_DO_DS_COUNT };
static struct do_table_entry static const struct do_table_entry
gpg_do_table[] = { gpg_do_table[] = {
/* Pseudo DO (private): not directly user accessible */ /* Pseudo DO (private): not directly user accessible */
{ GNUK_DO_PRVKEY_SIG, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_PRVKEY_SIG, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[0] },
{ GNUK_DO_PRVKEY_DEC, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_PRVKEY_DEC, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[1] },
{ GNUK_DO_PRVKEY_AUT, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_PRVKEY_AUT, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[2] },
{ GNUK_DO_KEYSTRING_PW1, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_KEYSTRING_PW1, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[3] },
{ GNUK_DO_KEYSTRING_PW3, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_KEYSTRING_RC, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[4] },
{ GNUK_DO_KEYSTRING_RC, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_KEYSTRING_PW3, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[5] },
{ GNUK_DO_PW_STATUS, DO_VAR, AC_NEVER, AC_NEVER, NULL }, { GNUK_DO_PW_STATUS, DO_VAR, AC_NEVER, AC_NEVER, &do_ptr[6] },
/* Variable(s): Fixed size, not changeable by user */ /* Variable(s): Fixed size, not changeable by user */
{ GPG_DO_DS_COUNT, DO_VAR, AC_ALWAYS, AC_NEVER, NULL }, { GPG_DO_DS_COUNT, DO_VAR, AC_ALWAYS, AC_NEVER, &do_ptr[7] },
/* Variables: Fixed size */ /* Variables: Fixed size */
{ GPG_DO_SEX, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_SEX, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[8] },
{ GPG_DO_FP_SIG, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_FP_SIG, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[9] },
{ GPG_DO_FP_DEC, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_FP_DEC, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[10] },
{ GPG_DO_FP_AUT, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_FP_AUT, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[11] },
{ GPG_DO_CAFP_1, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_CAFP_1, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[12] },
{ GPG_DO_CAFP_2, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_CAFP_2, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[13] },
{ GPG_DO_CAFP_3, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_CAFP_3, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[14] },
{ GPG_DO_KGTIME_SIG, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_KGTIME_SIG, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[15] },
{ GPG_DO_KGTIME_DEC, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_KGTIME_DEC, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[16] },
{ GPG_DO_KGTIME_AUT, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_KGTIME_AUT, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[17] },
/* Variables: Variable size */ /* Variables: Variable size */
{ GPG_DO_LOGIN_DATA, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_LOGIN_DATA, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[18] },
{ GPG_DO_URL, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_URL, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[19] },
{ GPG_DO_NAME, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_NAME, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[20] },
{ GPG_DO_LANGUAGE, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_LANGUAGE, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[21] },
{ GPG_DO_CH_CERTIFICATE, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, NULL }, { GPG_DO_CH_CERTIFICATE, DO_VAR, AC_ALWAYS, AC_ADMIN_AUTHORIZED, &do_ptr[22] },
/* Pseudo DO READ: calculated */ /* Pseudo DO READ: calculated */
{ GPG_DO_HIST_BYTES, DO_PROC_READ, AC_ALWAYS, AC_NEVER, do_hist_bytes }, { GPG_DO_HIST_BYTES, DO_PROC_READ, AC_ALWAYS, AC_NEVER, do_hist_bytes },
{ GPG_DO_FP_ALL, DO_PROC_READ, AC_ALWAYS, AC_NEVER, do_fp_all }, { GPG_DO_FP_ALL, DO_PROC_READ, AC_ALWAYS, AC_NEVER, do_fp_all },
@@ -775,25 +781,16 @@ extern const uint8_t const do_5f50[];
int int
gpg_do_table_init (void) gpg_do_table_init (void)
{ {
struct do_table_entry *do_p; do_ptr[NR_DO_LOGIN_DATA] = do_5e;
do_ptr[NR_DO_PW_STATUS] = do_pw_status_bytes_template;
do_p = get_do_entry (GPG_DO_LOGIN_DATA); do_ptr[NR_DO_NAME] = do_5b;
do_p->obj = do_5e; do_ptr[NR_DO_LANGUAGE] = do_5f2d;
do_p = get_do_entry (GNUK_DO_PW_STATUS); do_ptr[NR_DO_SEX] = do_5f35;
do_p->obj = do_pw_status_bytes_template; do_ptr[NR_DO_URL] = do_5f50;
do_p = get_do_entry (GPG_DO_NAME);
do_p->obj = do_5b;
do_p = get_do_entry (GPG_DO_LANGUAGE);
do_p->obj = do_5f2d;
do_p = get_do_entry (GPG_DO_SEX);
do_p->obj = do_5f35;
do_p = get_do_entry (GPG_DO_URL);
do_p->obj = do_5f50;
return 0; return 0;
} }
static struct do_table_entry * static const struct do_table_entry *
get_do_entry (uint16_t tag) get_do_entry (uint16_t tag)
{ {
int i; int i;
@@ -845,7 +842,7 @@ copy_do_1 (uint16_t tag, const uint8_t *do_data)
} }
static int static int
copy_do (struct do_table_entry *do_p) copy_do (const struct do_table_entry *do_p)
{ {
if (do_p == NULL) if (do_p == NULL)
return 0; return 0;
@@ -856,7 +853,6 @@ copy_do (struct do_table_entry *do_p)
switch (do_p->do_type) switch (do_p->do_type)
{ {
case DO_FIXED: case DO_FIXED:
case DO_VAR:
{ {
const uint8_t *do_data = (const uint8_t *)do_p->obj; const uint8_t *do_data = (const uint8_t *)do_p->obj;
if (do_data == NULL) if (do_data == NULL)
@@ -865,6 +861,15 @@ copy_do (struct do_table_entry *do_p)
copy_do_1 (do_p->tag, do_data); copy_do_1 (do_p->tag, do_data);
break; break;
} }
case DO_VAR:
{
const uint8_t *do_data = *(const uint8_t **)do_p->obj;
if (do_data == NULL)
return 0;
else
copy_do_1 (do_p->tag, do_data);
break;
}
case DO_CN_READ: case DO_CN_READ:
{ {
int i; int i;
@@ -881,7 +886,7 @@ copy_do (struct do_table_entry *do_p)
for (i = 0; i < num_components; i++) for (i = 0; i < num_components; i++)
{ {
uint16_t tag0; uint16_t tag0;
struct do_table_entry *do0_p; const struct do_table_entry *do0_p;
tag0 = cn_data[i+1]; tag0 = cn_data[i+1];
do0_p = get_do_entry (tag0); do0_p = get_do_entry (tag0);
@@ -919,7 +924,7 @@ copy_do (struct do_table_entry *do_p)
void void
gpg_do_get_data (uint16_t tag) gpg_do_get_data (uint16_t tag)
{ {
struct do_table_entry *do_p = get_do_entry (tag); const struct do_table_entry *do_p = get_do_entry (tag);
res_p = res_APDU; res_p = res_APDU;
with_tag = 0; with_tag = 0;
@@ -946,7 +951,7 @@ gpg_do_get_data (uint16_t tag)
void void
gpg_do_put_data (uint16_t tag, const uint8_t *data, int len) gpg_do_put_data (uint16_t tag, const uint8_t *data, int len)
{ {
struct do_table_entry *do_p = get_do_entry (tag); const struct do_table_entry *do_p = get_do_entry (tag);
DEBUG_INFO (" "); DEBUG_INFO (" ");
DEBUG_SHORT (tag); DEBUG_SHORT (tag);
@@ -968,18 +973,18 @@ gpg_do_put_data (uint16_t tag, const uint8_t *data, int len)
break; break;
case DO_VAR: case DO_VAR:
{ {
const uint8_t *do_data = (const uint8_t *)do_p->obj; const uint8_t **do_data_p = (const uint8_t **)do_p->obj;
if (do_data) if (*do_data_p)
flash_do_release (do_data); flash_do_release (*do_data_p);
if (len == 0) if (len == 0)
/* make DO empty */ /* make DO empty */
do_p->obj = NULL; *do_data_p = NULL;
else else
{ {
do_p->obj = flash_do_write (tag, data, len); *do_data_p = flash_do_write (tag, data, len);
if (do_p->obj) if (*do_data_p)
GPG_SUCCESS (); GPG_SUCCESS ();
else else
GPG_MEMORY_FAILURE(); GPG_MEMORY_FAILURE();
@@ -1011,22 +1016,23 @@ gpg_do_put_data (uint16_t tag, const uint8_t *data, int len)
void void
gpg_do_public_key (uint8_t kk_byte) gpg_do_public_key (uint8_t kk_byte)
{ {
struct do_table_entry *do_p; const uint8_t *do_data;
uint8_t *key_addr; uint8_t *key_addr;
if (kk_byte == 0xa4) if (kk_byte == 0xb6)
do_p = get_do_entry (GNUK_DO_PRVKEY_AUT); do_data = do_ptr[NR_DO_PRVKEY_SIG];
else if (kk_byte == 0xb8) else if (kk_byte == 0xb8)
do_p = get_do_entry (GNUK_DO_PRVKEY_DEC); do_data = do_ptr[NR_DO_PRVKEY_DEC];
else /* 0xb6 */ else /* 0xa4 */
do_p = get_do_entry (GNUK_DO_PRVKEY_SIG); do_data = do_ptr[NR_DO_PRVKEY_AUT];
if (do_p->obj == NULL)
if (do_data == NULL)
{ {
GPG_NO_RECORD(); GPG_NO_RECORD();
return; return;
} }
key_addr = *(uint8_t **)&((uint8_t *)do_p->obj)[1]; key_addr = *(uint8_t **)&do_data[1];
res_p = res_APDU; res_p = res_APDU;
@@ -1059,11 +1065,11 @@ gpg_do_public_key (uint8_t kk_byte)
const uint8_t * const uint8_t *
gpg_do_read_simple (uint16_t tag) gpg_do_read_simple (uint16_t tag)
{ {
struct do_table_entry *do_p; const struct do_table_entry *do_p;
const uint8_t *do_data; const uint8_t *do_data;
do_p = get_do_entry (tag); do_p = get_do_entry (tag);
do_data = (const uint8_t *)do_p->obj; do_data = *((const uint8_t **)do_p->obj);
if (do_data == NULL) if (do_data == NULL)
return NULL; return NULL;
@@ -1078,16 +1084,16 @@ gpg_do_read_simple (uint16_t tag)
void void
gpg_do_write_simple (uint16_t tag, const uint8_t *data, int size) gpg_do_write_simple (uint16_t tag, const uint8_t *data, int size)
{ {
struct do_table_entry *do_p; const struct do_table_entry *do_p;
const uint8_t *do_data; const uint8_t **do_data_p;
do_p = get_do_entry (tag); do_p = get_do_entry (tag);
do_data = (const uint8_t *)do_p->obj; do_data_p = (const uint8_t **)do_p->obj;
if (do_data) if (*do_data_p)
flash_do_release (do_p->obj); flash_do_release (*do_data_p);
do_p->obj = flash_do_write (tag, data, size); *do_data_p = flash_do_write (tag, data, size);
if (do_p->obj) if (*do_data_p)
GPG_SUCCESS (); GPG_SUCCESS ();
else else
GPG_MEMORY_FAILURE(); GPG_MEMORY_FAILURE();
@@ -1096,13 +1102,11 @@ gpg_do_write_simple (uint16_t tag, const uint8_t *data, int size)
void void
gpg_do_increment_digital_signature_counter (void) gpg_do_increment_digital_signature_counter (void)
{ {
struct do_table_entry *do_p;
const uint8_t *do_data; const uint8_t *do_data;
uint32_t count; uint32_t count;
uint8_t count_data[SIZE_DIGITAL_SIGNATURE_COUNTER]; uint8_t count_data[SIZE_DIGITAL_SIGNATURE_COUNTER];
do_p = get_do_entry (GPG_DO_DS_COUNT); do_data = do_ptr[NR_DO_DS_COUNT];
do_data = (const uint8_t *)do_p->obj;
if (do_data == NULL) /* No object means count 0 */ if (do_data == NULL) /* No object means count 0 */
count = 0; count = 0;
else else
@@ -1113,6 +1117,28 @@ gpg_do_increment_digital_signature_counter (void)
count_data[1] = (count >> 8) & 0xff; count_data[1] = (count >> 8) & 0xff;
count_data[2] = count & 0xff; count_data[2] = count & 0xff;
do_p->obj = flash_do_write (GPG_DO_DS_COUNT, count_data, do_ptr[NR_DO_DS_COUNT] = flash_do_write (GPG_DO_DS_COUNT, count_data,
SIZE_DIGITAL_SIGNATURE_COUNTER); SIZE_DIGITAL_SIGNATURE_COUNTER);
} }
void
gpg_do_reset_pw_counter (uint8_t which)
{
uint8_t pwsb[SIZE_PW_STATUS_BYTES];
const uint8_t *do_data = do_ptr[NR_DO_PW_STATUS];
/* Reset PW1/RC/PW3 counter in GNUK_DO_PW_STATUS */
if (do_data)
{
memcpy (pwsb, &do_data[1], SIZE_PW_STATUS_BYTES);
pwsb[which] = 3;
flash_do_release (do_data);
}
else
{
memcpy (pwsb, PW_STATUS_BYTES_TEMPLATE, SIZE_PW_STATUS_BYTES);
pwsb[which] = 3;
}
gpg_do_write_simple (GNUK_DO_PW_STATUS, pwsb, SIZE_PW_STATUS_BYTES);
}

23
src/openpgp.c
View File

@@ -179,16 +179,21 @@ cmd_change_password (void)
{ {
no_prvkey: no_prvkey:
gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1);
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
} }
else if (r > 0 && who == 1) else if (r > 0 && who == 1)
{ {
gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, 1); gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, 1);
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
} }
else /* r >= 0 && who == 3 */ else /* r >= 0 && who == 3 */
{
gpg_do_reset_pw_counter (PW_STATUS_PW3);
GPG_SUCCESS (); GPG_SUCCESS ();
} }
}
static void static void
cmd_reset_user_password (void) cmd_reset_user_password (void)
@@ -245,11 +250,13 @@ cmd_reset_user_password (void)
if (memcmp (ks_rc+1, old_ks, KEYSTRING_MD_SIZE) != 0) if (memcmp (ks_rc+1, old_ks, KEYSTRING_MD_SIZE) != 0)
goto sec_fail; goto sec_fail;
gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1);
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
} }
else else
{ {
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
} }
} }
@@ -275,11 +282,13 @@ cmd_reset_user_password (void)
else if (r == 0) else if (r == 0)
{ {
gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); gpg_do_write_simple (GNUK_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1);
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
} }
else else
{ {
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_reset_pw_counter (PW_STATUS_PW1);
GPG_SUCCESS (); GPG_SUCCESS ();
} }
} }
@@ -452,7 +461,7 @@ cmd_pso (void)
res_APDU_size = RSA_SIGNATURE_LENGTH + 2; res_APDU_size = RSA_SIGNATURE_LENGTH + 2;
if (pw_status_bytes[0] == 0) if (pw_status_bytes[0] == 0)
reset_pso_cds (); ac_reset_pso_cds ();
gpg_do_increment_digital_signature_counter (); gpg_do_increment_digital_signature_counter ();
} }

59
src/random.c Normal file
View File

@@ -0,0 +1,59 @@
#include "config.h"
#include "ch.h"
#include "gnuk.h"
/*
* XXX: I have tried havege_rand, but it requires too much memory...
*/
/*
* Multiply-with-carry method by George Marsaglia
*/
static uint32_t m_w;
static uint32_t m_z;
uint32_t
get_random (void)
{
m_z = 36969 * (m_z & 65535) + (m_z >> 16);
m_w = 18000 * (m_w & 65535) + (m_w >> 16);
return (m_z << 16) + m_w;
}
void
random_init (void)
{
static uint8_t s = 0;
again:
if ((s & 1))
m_w = (m_w << 8) ^ hardclock ();
else
m_z = (m_z << 8) ^ hardclock ();
s++;
if (m_w == 0 || m_z == 0)
goto again;
}
uint8_t dek[16];
uint8_t *get_data_encryption_key (void)
{
uint32_t r;
r = get_random ();
memcpy (dek, &r, 4);
r = get_random ();
memcpy (dek+4, &r, 4);
r = get_random ();
memcpy (dek+8, &r, 4);
r = get_random ();
memcpy (dek+12, &r, 4);
return dek;
}
void
dek_free (uint8_t *dek)
{
(void)dek;
}

26
src/usb-icc.c
View File

@@ -93,13 +93,13 @@ Thread *icc_thread;
* Tx done * Tx done
*/ */
void void
EP4_IN_Callback (void) EP1_IN_Callback (void)
{ {
if (icc_tx_size == USB_BUF_SIZE) if (icc_tx_size == USB_BUF_SIZE)
{ {
icc_tx_size = 0; icc_tx_size = 0;
USB_SIL_Write (EP4_IN, icc_tx_data, icc_tx_size); USB_SIL_Write (EP1_IN, icc_tx_data, icc_tx_size);
SetEPTxValid (ENDP4); SetEPTxValid (ENDP1);
} }
else else
icc_tx_size = -1; icc_tx_size = -1;
@@ -112,7 +112,7 @@ EP4_IN_Callback (void)
* (modify header's byte order to host order if needed) * (modify header's byte order to host order if needed)
*/ */
void void
EP5_OUT_Callback (void) EP2_OUT_Callback (void)
{ {
int len; int len;
@@ -122,7 +122,7 @@ EP5_OUT_Callback (void)
/* nothing to do */ /* nothing to do */
#endif #endif
len = USB_SIL_Read (EP5_OUT, icc_rcv_data); len = USB_SIL_Read (EP2_OUT, icc_rcv_data);
icc_header = (struct icc_header *)icc_rcv_data; icc_header = (struct icc_header *)icc_rcv_data;
icc_data = &icc_rcv_data[ICC_MSG_DATA_OFFSET]; icc_data = &icc_rcv_data[ICC_MSG_DATA_OFFSET];
@@ -131,7 +131,7 @@ EP5_OUT_Callback (void)
if (icc_data_size < 0) if (icc_data_size < 0)
/* just ignore short invalid packet, enable Rx again */ /* just ignore short invalid packet, enable Rx again */
SetEPRxValid (ENDP5); SetEPRxValid (ENDP2);
else else
/* Notify icc_thread */ /* Notify icc_thread */
chEvtSignalI (icc_thread, EV_RX_DATA_READY); chEvtSignalI (icc_thread, EV_RX_DATA_READY);
@@ -184,8 +184,8 @@ icc_power_on (void)
else else
{ {
icc_tx_size = ICC_MSG_DATA_OFFSET + size_atr; icc_tx_size = ICC_MSG_DATA_OFFSET + size_atr;
USB_SIL_Write (EP4_IN, icc_tx_data, icc_tx_size); USB_SIL_Write (EP1_IN, icc_tx_data, icc_tx_size);
SetEPTxValid (ENDP4); SetEPTxValid (ENDP1);
DEBUG_INFO ("ON\r\n"); DEBUG_INFO ("ON\r\n");
} }
@@ -218,8 +218,8 @@ icc_send_status (void)
else else
{ {
icc_tx_size = ICC_MSG_DATA_OFFSET; icc_tx_size = ICC_MSG_DATA_OFFSET;
USB_SIL_Write (EP4_IN, icc_tx_data, icc_tx_size); USB_SIL_Write (EP1_IN, icc_tx_data, icc_tx_size);
SetEPTxValid (ENDP4); SetEPTxValid (ENDP1);
} }
DEBUG_INFO ("St\r\n"); DEBUG_INFO ("St\r\n");
} }
@@ -265,8 +265,8 @@ icc_send_data_block (uint8_t status, uint8_t error, uint8_t chain,
else else
{ {
icc_tx_size = ICC_MSG_DATA_OFFSET + len; icc_tx_size = ICC_MSG_DATA_OFFSET + len;
USB_SIL_Write (EP4_IN, icc_tx_data, icc_tx_size); USB_SIL_Write (EP1_IN, icc_tx_data, icc_tx_size);
SetEPTxValid (ENDP4); SetEPTxValid (ENDP1);
DEBUG_INFO ("DATA\r\n"); DEBUG_INFO ("DATA\r\n");
} }
} }
@@ -423,7 +423,7 @@ icc_handle_data (void)
break; break;
} }
SetEPRxValid (ENDP5); SetEPRxValid (ENDP2);
return next_state; return next_state;
} }

11
src/usb_conf.h
View File

@@ -21,17 +21,16 @@
#define ENDP0_TXADDR (0x80) #define ENDP0_TXADDR (0x80)
/* EP1 */ /* EP1 */
#define ENDP1_TXADDR (0xC0) #define ENDP1_TXADDR (0xc0)
/* EP2 */ /* EP2 */
#define ENDP2_TXADDR (0x100) #define ENDP2_RXADDR (0x100)
/* EP3 */ /* EP3 */
#define ENDP3_RXADDR (0x110) #define ENDP3_TXADDR (0x140)
/* EP4 */ /* EP4 */
#define ENDP4_TXADDR (0x180) #define ENDP4_TXADDR (0x180)
/* EP5 */ /* EP5 */
#define ENDP5_RXADDR (0x1C0) #define ENDP5_RXADDR (0x190)
#define IMR_MSK (CNTR_CTRM | CNTR_SOFM | CNTR_RESETM ) #define IMR_MSK (CNTR_CTRM | CNTR_SOFM | CNTR_RESETM )

44
src/usb_desc.c
View File

@@ -2,6 +2,7 @@
* *
*/ */
#include "config.h"
#include "usb_lib.h" #include "usb_lib.h"
#include "usb_desc.h" #include "usb_desc.h"
@@ -28,12 +29,20 @@ static const uint8_t gnukDeviceDescriptor[] = {
0x01 /* bNumConfigurations */ 0x01 /* bNumConfigurations */
}; };
#ifdef ENABLE_VIRTUAL_COM_PORT
#define W_TOTAL_LENGTH (9+9+54+7+7+9+5+5+4+5+7+9+7+7)
#define NUM_INTERFACES 3 /* two for CDC, one for GPG */
#else
#define W_TOTAL_LENGTH (9+9+54+7+7)
#define NUM_INTERFACES 1 /* GPG only */
#endif
/* Configuation Descriptor */ /* Configuation Descriptor */
static const uint8_t gnukConfigDescriptor[] = { static const uint8_t gnukConfigDescriptor[] = {
9, /* bLength: Configuation Descriptor size */ 9, /* bLength: Configuation Descriptor size */
USB_CONFIGURATION_DESCRIPTOR_TYPE, /* bDescriptorType: Configuration */ USB_CONFIGURATION_DESCRIPTOR_TYPE, /* bDescriptorType: Configuration */
9+9+54+7+7+9+5+5+4+5+7+9+7+7, 0x00, /* wTotalLength:no of returned bytes */ W_TOTAL_LENGTH, 0x00, /* wTotalLength:no of returned bytes */
0x03, /* bNumInterfaces: 3 interfaces (two for CDC, one for GPG) */ NUM_INTERFACES, /* bNumInterfaces: */
0x01, /* bConfigurationValue: Configuration value */ 0x01, /* bConfigurationValue: Configuration value */
0x00, /* iConfiguration: Index of string descriptor describing the configuration */ 0x00, /* iConfiguration: Index of string descriptor describing the configuration */
0xC0, /* bmAttributes: self powered */ 0xC0, /* bmAttributes: self powered */
@@ -73,21 +82,21 @@ static const uint8_t gnukConfigDescriptor[] = {
0, 0, /* wLCDLayout: FIXED VALUE */ 0, 0, /* wLCDLayout: FIXED VALUE */
0, /* bPinSupport: No PIN pad */ 0, /* bPinSupport: No PIN pad */
1, /* bMaxCCIDBusySlots: 1 */ 1, /* bMaxCCIDBusySlots: 1 */
/*Endpoint 4 Descriptor*/ /*Endpoint 1 Descriptor*/
7, /* bLength: Endpoint Descriptor size */ 7, /* bLength: Endpoint Descriptor size */
USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */ USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */
0x84, /* bEndpointAddress: (IN4) */ 0x81, /* bEndpointAddress: (IN1) */
0x02, /* bmAttributes: Bulk */ 0x02, /* bmAttributes: Bulk */
USB_ICC_DATA_SIZE, 0x00, /* wMaxPacketSize: */ USB_ICC_DATA_SIZE, 0x00, /* wMaxPacketSize: */
0x00, /* bInterval */ 0x00, /* bInterval */
/*Endpoint 5 Descriptor*/ /*Endpoint 2 Descriptor*/
7, /* bLength: Endpoint Descriptor size */ 7, /* bLength: Endpoint Descriptor size */
USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */ USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */
0x05, /* bEndpointAddress: (OUT5) */ 0x02, /* bEndpointAddress: (OUT2) */
0x02, /* bmAttributes: Bulk */ 0x02, /* bmAttributes: Bulk */
USB_ICC_DATA_SIZE, 0x00, /* wMaxPacketSize: */ USB_ICC_DATA_SIZE, 0x00, /* wMaxPacketSize: */
0x00, /* bInterval */ 0x00, /* bInterval */
#ifdef ENABLE_VIRTUAL_COM_PORT
/* Interface Descriptor */ /* Interface Descriptor */
9, /* bLength: Interface Descriptor size */ 9, /* bLength: Interface Descriptor size */
USB_INTERFACE_DESCRIPTOR_TYPE, /* bDescriptorType: Interface */ USB_INTERFACE_DESCRIPTOR_TYPE, /* bDescriptorType: Interface */
@@ -121,10 +130,10 @@ static const uint8_t gnukConfigDescriptor[] = {
0x06, /* bDescriptorSubtype: Union func desc */ 0x06, /* bDescriptorSubtype: Union func desc */
0x01, /* bMasterInterface: Communication class interface */ 0x01, /* bMasterInterface: Communication class interface */
0x02, /* bSlaveInterface0: Data Class Interface */ 0x02, /* bSlaveInterface0: Data Class Interface */
/*Endpoint 2 Descriptor*/ /*Endpoint 4 Descriptor*/
7, /* bLength: Endpoint Descriptor size */ 7, /* bLength: Endpoint Descriptor size */
USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */ USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */
0x82, /* bEndpointAddress: (IN2) */ 0x84, /* bEndpointAddress: (IN4) */
0x03, /* bmAttributes: Interrupt */ 0x03, /* bmAttributes: Interrupt */
VIRTUAL_COM_PORT_INT_SIZE, 0x00, /* wMaxPacketSize: */ VIRTUAL_COM_PORT_INT_SIZE, 0x00, /* wMaxPacketSize: */
0xFF, /* bInterval: */ 0xFF, /* bInterval: */
@@ -139,20 +148,21 @@ static const uint8_t gnukConfigDescriptor[] = {
0x00, /* bInterfaceSubClass: */ 0x00, /* bInterfaceSubClass: */
0x00, /* bInterfaceProtocol: */ 0x00, /* bInterfaceProtocol: */
0x00, /* iInterface: */ 0x00, /* iInterface: */
/*Endpoint 3 Descriptor*/ /*Endpoint 5 Descriptor*/
7, /* bLength: Endpoint Descriptor size */ 7, /* bLength: Endpoint Descriptor size */
USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */ USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */
0x03, /* bEndpointAddress: (OUT3) */ 0x05, /* bEndpointAddress: (OUT5) */
0x02, /* bmAttributes: Bulk */ 0x02, /* bmAttributes: Bulk */
VIRTUAL_COM_PORT_DATA_SIZE, 0x00, /* wMaxPacketSize: */ VIRTUAL_COM_PORT_DATA_SIZE, 0x00, /* wMaxPacketSize: */
0x00, /* bInterval: ignore for Bulk transfer */ 0x00, /* bInterval: ignore for Bulk transfer */
/*Endpoint 1 Descriptor*/ /*Endpoint 3 Descriptor*/
7, /* bLength: Endpoint Descriptor size */ 7, /* bLength: Endpoint Descriptor size */
USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */ USB_ENDPOINT_DESCRIPTOR_TYPE, /* bDescriptorType: Endpoint */
0x81, /* bEndpointAddress: (IN1) */ 0x83, /* bEndpointAddress: (IN3) */
0x02, /* bmAttributes: Bulk */ 0x02, /* bmAttributes: Bulk */
VIRTUAL_COM_PORT_DATA_SIZE, 0x00, /* wMaxPacketSize: */ VIRTUAL_COM_PORT_DATA_SIZE, 0x00, /* wMaxPacketSize: */
0x00 /* bInterval */ 0x00 /* bInterval */
#endif
}; };
@@ -174,7 +184,7 @@ static const uint8_t gnukStringVendor[] = {
'n', 0 'n', 0
}; };
static const uint8_t gnukStringProduct[VIRTUAL_COM_PORT_SIZ_STRING_PRODUCT] = { static const uint8_t gnukStringProduct[] = {
14*2+2, /* bLength */ 14*2+2, /* bLength */
USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */ USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */
/* Product name: "FSIJ USB Token" */ /* Product name: "FSIJ USB Token" */
@@ -182,13 +192,13 @@ static const uint8_t gnukStringProduct[VIRTUAL_COM_PORT_SIZ_STRING_PRODUCT] = {
' ', 0, 'T', 0, 'o', 0, 'k', 0, 'e', 0, 'n', 0 ' ', 0, 'T', 0, 'o', 0, 'k', 0, 'e', 0, 'n', 0
}; };
static uint8_t gnukStringSerial[] = { static const uint8_t gnukStringSerial[] = {
8, /* bLength */ 8, /* bLength */
USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */ USB_STRING_DESCRIPTOR_TYPE, /* bDescriptorType */
'2', 0, '0', 0, '0', 0 '2', 0, '.', 0, '0', 0
}; };
ONE_DESCRIPTOR Device_Descriptor = { const ONE_DESCRIPTOR Device_Descriptor = {
(uint8_t*)gnukDeviceDescriptor, (uint8_t*)gnukDeviceDescriptor,
sizeof (gnukDeviceDescriptor) sizeof (gnukDeviceDescriptor)
}; };

47
src/usb_prop.c
View File

@@ -22,7 +22,6 @@
*/ */
#include "config.h" #include "config.h"
#include "usb_lib.h" #include "usb_lib.h"
#include "usb_conf.h" #include "usb_conf.h"
#include "usb_prop.h" #include "usb_prop.h"
@@ -76,7 +75,6 @@ gnuk_device_reset (void)
SetEPRxCount (ENDP0, GNUK_MAX_PACKET_SIZE); SetEPRxCount (ENDP0, GNUK_MAX_PACKET_SIZE);
SetEPRxValid (ENDP0); SetEPRxValid (ENDP0);
#ifdef ENABLE_VIRTUAL_COM_PORT
/* Initialize Endpoint 1 */ /* Initialize Endpoint 1 */
SetEPType (ENDP1, EP_BULK); SetEPType (ENDP1, EP_BULK);
SetEPTxAddr (ENDP1, ENDP1_TXADDR); SetEPTxAddr (ENDP1, ENDP1_TXADDR);
@@ -84,21 +82,21 @@ gnuk_device_reset (void)
SetEPRxStatus (ENDP1, EP_RX_DIS); SetEPRxStatus (ENDP1, EP_RX_DIS);
/* Initialize Endpoint 2 */ /* Initialize Endpoint 2 */
SetEPType (ENDP2, EP_INTERRUPT); SetEPType (ENDP2, EP_BULK);
SetEPTxAddr (ENDP2, ENDP2_TXADDR); SetEPRxAddr (ENDP2, ENDP2_RXADDR);
SetEPRxStatus (ENDP2, EP_RX_DIS); SetEPRxCount (ENDP2, GNUK_MAX_PACKET_SIZE);
SetEPTxStatus (ENDP2, EP_TX_NAK); SetEPRxStatus (ENDP2, EP_RX_VALID);
SetEPTxStatus (ENDP2, EP_TX_DIS);
#ifdef ENABLE_VIRTUAL_COM_PORT
/* Initialize Endpoint 3 */ /* Initialize Endpoint 3 */
SetEPType (ENDP3, EP_BULK); SetEPType (ENDP3, EP_BULK);
SetEPRxAddr (ENDP3, ENDP3_RXADDR); SetEPTxAddr (ENDP3, ENDP3_TXADDR);
SetEPRxCount (ENDP3, VIRTUAL_COM_PORT_DATA_SIZE); SetEPTxStatus (ENDP3, EP_TX_NAK);
SetEPRxStatus (ENDP3, EP_RX_VALID); SetEPRxStatus (ENDP3, EP_RX_DIS);
SetEPTxStatus (ENDP3, EP_TX_DIS);
#endif
/* Initialize Endpoint 4 */ /* Initialize Endpoint 4 */
SetEPType (ENDP4, EP_BULK); SetEPType (ENDP4, EP_INTERRUPT);
SetEPTxAddr (ENDP4, ENDP4_TXADDR); SetEPTxAddr (ENDP4, ENDP4_TXADDR);
SetEPTxStatus (ENDP4, EP_TX_NAK); SetEPTxStatus (ENDP4, EP_TX_NAK);
SetEPRxStatus (ENDP4, EP_RX_DIS); SetEPRxStatus (ENDP4, EP_RX_DIS);
@@ -106,9 +104,10 @@ gnuk_device_reset (void)
/* Initialize Endpoint 5 */ /* Initialize Endpoint 5 */
SetEPType (ENDP5, EP_BULK); SetEPType (ENDP5, EP_BULK);
SetEPRxAddr (ENDP5, ENDP5_RXADDR); SetEPRxAddr (ENDP5, ENDP5_RXADDR);
SetEPRxCount (ENDP5, GNUK_MAX_PACKET_SIZE); SetEPRxCount (ENDP5, VIRTUAL_COM_PORT_DATA_SIZE);
SetEPRxStatus (ENDP5, EP_RX_VALID); SetEPRxStatus (ENDP5, EP_RX_VALID);
SetEPTxStatus (ENDP5, EP_TX_DIS); SetEPTxStatus (ENDP5, EP_TX_DIS);
#endif
/* Set this device to response on default address */ /* Set this device to response on default address */
SetDeviceAddress (0); SetDeviceAddress (0);
@@ -147,13 +146,15 @@ gnuk_device_Status_Out (void)
static uint8_t * static uint8_t *
gnuk_device_GetDeviceDescriptor (uint16_t Length) gnuk_device_GetDeviceDescriptor (uint16_t Length)
{ {
return Standard_GetDescriptorData (Length, &Device_Descriptor); return Standard_GetDescriptorData (Length,
(PONE_DESCRIPTOR)&Device_Descriptor);
} }
static uint8_t * static uint8_t *
gnuk_device_GetConfigDescriptor (uint16_t Length) gnuk_device_GetConfigDescriptor (uint16_t Length)
{ {
return Standard_GetDescriptorData (Length, &Config_Descriptor); return Standard_GetDescriptorData (Length,
(PONE_DESCRIPTOR)&Config_Descriptor);
} }
static uint8_t * static uint8_t *
@@ -164,7 +165,8 @@ gnuk_device_GetStringDescriptor (uint16_t Length)
if (wValue0 > (sizeof (String_Descriptor) / sizeof (ONE_DESCRIPTOR))) if (wValue0 > (sizeof (String_Descriptor) / sizeof (ONE_DESCRIPTOR)))
return NULL; return NULL;
else else
return Standard_GetDescriptorData (Length, &String_Descriptor[wValue0]); return Standard_GetDescriptorData (Length,
(PONE_DESCRIPTOR)&String_Descriptor[wValue0]);
} }
static RESULT static RESULT
@@ -178,6 +180,15 @@ gnuk_device_Get_Interface_Setting (uint8_t Interface, uint8_t AlternateSetting)
return USB_SUCCESS; return USB_SUCCESS;
} }
#if !defined(ENABLE_VIRTUAL_COM_PORT)
static RESULT
gnuk_nothing_todo (uint8_t RequestNo)
{
(void)RequestNo;
return USB_UNSUPPORT;
}
#endif
/* /*
* Interface to USB core * Interface to USB core
*/ */
@@ -191,8 +202,8 @@ const DEVICE_PROP Device_Property = {
Virtual_Com_Port_Data_Setup, Virtual_Com_Port_Data_Setup,
Virtual_Com_Port_NoData_Setup, Virtual_Com_Port_NoData_Setup,
#else #else
NULL, gnuk_nothing_todo,
NULL, gnuk_nothing_todo,
#endif #endif
gnuk_device_Get_Interface_Setting, gnuk_device_Get_Interface_Setting,
gnuk_device_GetDeviceDescriptor, gnuk_device_GetDeviceDescriptor,

6
src/usb_prop.h
View File

@@ -1,7 +1,7 @@
#ifndef __usb_prop_H #ifndef __usb_prop_H
#define __usb_prop_H #define __usb_prop_H
extern ONE_DESCRIPTOR Device_Descriptor; extern const ONE_DESCRIPTOR Device_Descriptor;
extern ONE_DESCRIPTOR Config_Descriptor; extern const ONE_DESCRIPTOR Config_Descriptor;
extern ONE_DESCRIPTOR String_Descriptor[4]; extern const ONE_DESCRIPTOR String_Descriptor[4];
#endif /* __usb_prop_H */ #endif /* __usb_prop_H */

4
src/vcomport.mk
View File

@@ -1,2 +1,6 @@
VCOMDIR = ../Virtual_COM_Port VCOMDIR = ../Virtual_COM_Port
ifeq ($(ENABLE_VCOMPORT),)
VCOMSRC= $(VCOMDIR)/usb_istr.c $(VCOMDIR)/usb_pwr.c
else
VCOMSRC= $(VCOMDIR)/usb_endp.c $(VCOMDIR)/usb_istr.c $(VCOMDIR)/usb_pwr.c VCOMSRC= $(VCOMDIR)/usb_endp.c $(VCOMDIR)/usb_istr.c $(VCOMDIR)/usb_pwr.c
endif