Skip to content

Commit

Permalink
Add a syscall to sign with endorsement key
Browse files Browse the repository at this point in the history
  • Loading branch information
srasoamiaramanana-ledger committed Nov 23, 2023
1 parent 033ef9f commit 6357c14
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 52 deletions.
4 changes: 4 additions & 0 deletions include/os_endorsement.h
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@ SYSCALL unsigned int os_endorsement_key1_sign_data(unsigned char *src PLENGTH(sr
unsigned int srcLength,
unsigned char *signature
PLENGTH(ENDORSEMENT_MAX_ASN1_LENGTH));
SYSCALL unsigned int os_endorsement_key1_sign_without_code_hash(
unsigned char *src PLENGTH(srcLength),
unsigned int srcLength,
unsigned char *signature PLENGTH(ENDORSEMENT_MAX_ASN1_LENGTH));
SYSCALL unsigned int os_endorsement_key2_derive_sign_data(unsigned char *src PLENGTH(srcLength),
unsigned int srcLength,
unsigned char *signature
Expand Down
105 changes: 53 additions & 52 deletions include/syscalls.h
Original file line number Diff line number Diff line change
Expand Up @@ -138,58 +138,59 @@
#define SYSCALL_os_perso_seed_cookie_ID 0x010000a8
#endif // HAVE_SEED_COOKIE

#define SYSCALL_os_endorsement_get_code_hash_ID 0x01000055
#define SYSCALL_os_endorsement_get_public_key_ID 0x03000056
#define SYSCALL_os_endorsement_get_public_key_certificate_ID 0x03000057
#define SYSCALL_os_endorsement_key1_get_app_secret_ID 0x01000058
#define SYSCALL_os_endorsement_key1_sign_data_ID 0x03000059
#define SYSCALL_os_endorsement_key2_derive_sign_data_ID 0x0300005a
#define SYSCALL_os_perso_set_pin_ID 0x0400004c
#define SYSCALL_os_perso_set_current_identity_pin_ID 0x0200004d
#define SYSCALL_os_global_pin_is_validated_ID 0x000000a0
#define SYSCALL_os_global_pin_check_ID 0x020000a1
#define SYSCALL_os_global_pin_invalidate_ID 0x0000005d
#define SYSCALL_os_global_pin_retries_ID 0x0000005e
#define SYSCALL_os_registry_count_ID 0x0000005f
#define SYSCALL_os_registry_get_ID 0x02000122
#define SYSCALL_os_ux_ID 0x01000064
#define SYSCALL_os_lib_call_ID 0x01000067
#define SYSCALL_os_lib_end_ID 0x00000068
#define SYSCALL_os_flags_ID 0x0000006a
#define SYSCALL_os_version_ID 0x0200006b
#define SYSCALL_os_serial_ID 0x0200006c
#define SYSCALL_os_seph_features_ID 0x0000006e
#define SYSCALL_os_seph_version_ID 0x0200006f
#define SYSCALL_os_bootloader_version_ID 0x02000073
#define SYSCALL_os_factory_setting_get_ID 0x0300014c
#define SYSCALL_os_setting_get_ID 0x03000070
#define SYSCALL_os_setting_set_ID 0x03000071
#define SYSCALL_os_get_memory_info_ID 0x01000072
#define SYSCALL_os_registry_get_tag_ID 0x06000123
#define SYSCALL_os_registry_get_current_app_tag_ID 0x03000074
#define SYSCALL_os_registry_delete_app_and_dependees_ID 0x01000124
#define SYSCALL_os_registry_delete_all_apps_ID 0x00000125
#define SYSCALL_os_sched_exec_ID 0x01000126
#define SYSCALL_os_sched_exit_ID 0x0100009a
#define SYSCALL_os_sched_is_running_ID 0x0100009b
#define SYSCALL_os_sched_create_ID 0x0700011b
#define SYSCALL_os_sched_kill_ID 0x01000078
#define SYSCALL_io_seph_send_ID 0x02000083
#define SYSCALL_io_seph_is_status_sent_ID 0x00000084
#define SYSCALL_io_seph_recv_ID 0x03000085
#define SYSCALL_nvm_write_page_ID 0x0100010a
#define SYSCALL_nvm_erase_page_ID 0x01000136
#define SYSCALL_try_context_get_ID 0x00000087
#define SYSCALL_try_context_set_ID 0x0100010b
#define SYSCALL_os_sched_last_status_ID 0x0100009c
#define SYSCALL_os_sched_yield_ID 0x0100009d
#define SYSCALL_os_sched_switch_ID 0x0200009e
#define SYSCALL_os_sched_current_task_ID 0x0000008b
#define SYSCALL_os_allow_protected_flash_ID 0x0000008e
#define SYSCALL_os_deny_protected_flash_ID 0x00000091
#define SYSCALL_os_allow_protected_ram_ID 0x00000092
#define SYSCALL_os_deny_protected_ram_ID 0x00000093
#define SYSCALL_os_set_ux_time_ms_ID 0x010000a2
#define SYSCALL_os_endorsement_get_code_hash_ID 0x01000055
#define SYSCALL_os_endorsement_get_public_key_ID 0x03000056
#define SYSCALL_os_endorsement_get_public_key_certificate_ID 0x03000057
#define SYSCALL_os_endorsement_key1_get_app_secret_ID 0x01000058
#define SYSCALL_os_endorsement_key1_sign_data_ID 0x03000059
#define SYSCALL_os_endorsement_key2_derive_sign_data_ID 0x0300005a
#define SYSCALL_os_endorsement_key1_sign_without_code_hash_ID 0x0300005b
#define SYSCALL_os_perso_set_pin_ID 0x0400004c
#define SYSCALL_os_perso_set_current_identity_pin_ID 0x0200004d
#define SYSCALL_os_global_pin_is_validated_ID 0x000000a0
#define SYSCALL_os_global_pin_check_ID 0x020000a1
#define SYSCALL_os_global_pin_invalidate_ID 0x0000005d
#define SYSCALL_os_global_pin_retries_ID 0x0000005e
#define SYSCALL_os_registry_count_ID 0x0000005f
#define SYSCALL_os_registry_get_ID 0x02000122
#define SYSCALL_os_ux_ID 0x01000064
#define SYSCALL_os_lib_call_ID 0x01000067
#define SYSCALL_os_lib_end_ID 0x00000068
#define SYSCALL_os_flags_ID 0x0000006a
#define SYSCALL_os_version_ID 0x0200006b
#define SYSCALL_os_serial_ID 0x0200006c
#define SYSCALL_os_seph_features_ID 0x0000006e
#define SYSCALL_os_seph_version_ID 0x0200006f
#define SYSCALL_os_bootloader_version_ID 0x02000073
#define SYSCALL_os_factory_setting_get_ID 0x0300014c
#define SYSCALL_os_setting_get_ID 0x03000070
#define SYSCALL_os_setting_set_ID 0x03000071
#define SYSCALL_os_get_memory_info_ID 0x01000072
#define SYSCALL_os_registry_get_tag_ID 0x06000123
#define SYSCALL_os_registry_get_current_app_tag_ID 0x03000074
#define SYSCALL_os_registry_delete_app_and_dependees_ID 0x01000124
#define SYSCALL_os_registry_delete_all_apps_ID 0x00000125
#define SYSCALL_os_sched_exec_ID 0x01000126
#define SYSCALL_os_sched_exit_ID 0x0100009a
#define SYSCALL_os_sched_is_running_ID 0x0100009b
#define SYSCALL_os_sched_create_ID 0x0700011b
#define SYSCALL_os_sched_kill_ID 0x01000078
#define SYSCALL_io_seph_send_ID 0x02000083
#define SYSCALL_io_seph_is_status_sent_ID 0x00000084
#define SYSCALL_io_seph_recv_ID 0x03000085
#define SYSCALL_nvm_write_page_ID 0x0100010a
#define SYSCALL_nvm_erase_page_ID 0x01000136
#define SYSCALL_try_context_get_ID 0x00000087
#define SYSCALL_try_context_set_ID 0x0100010b
#define SYSCALL_os_sched_last_status_ID 0x0100009c
#define SYSCALL_os_sched_yield_ID 0x0100009d
#define SYSCALL_os_sched_switch_ID 0x0200009e
#define SYSCALL_os_sched_current_task_ID 0x0000008b
#define SYSCALL_os_allow_protected_flash_ID 0x0000008e
#define SYSCALL_os_deny_protected_flash_ID 0x00000091
#define SYSCALL_os_allow_protected_ram_ID 0x00000092
#define SYSCALL_os_deny_protected_ram_ID 0x00000093
#define SYSCALL_os_set_ux_time_ms_ID 0x010000a2

#ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
#define SYSCALL_os_bolos_custom_ca_get_info_ID 0x01000CA0
Expand Down
12 changes: 12 additions & 0 deletions src/syscalls.c
Original file line number Diff line number Diff line change
Expand Up @@ -1400,6 +1400,18 @@ unsigned int os_endorsement_key1_sign_data(unsigned char *src,
return (unsigned int) SVC_Call(SYSCALL_os_endorsement_key1_sign_data_ID, parameters);
}

unsigned int os_endorsement_key1_sign_without_code_hash(unsigned char *src,
unsigned int srcLength,
unsigned char *signature)
{
unsigned int parameters[3];
parameters[0] = (unsigned int) src;
parameters[1] = (unsigned int) srcLength;
parameters[2] = (unsigned int) signature;
return (unsigned int) SVC_Call(SYSCALL_os_endorsement_key1_sign_without_code_hash_ID,
parameters);
}

unsigned int os_endorsement_key2_derive_sign_data(unsigned char *src,
unsigned int srcLength,
unsigned char *signature)
Expand Down

0 comments on commit 6357c14

Please sign in to comment.