From 94425aadcccbdeb3103636e6ef8b5699e30e8de7 Mon Sep 17 00:00:00 2001 From: sra Date: Fri, 17 Feb 2023 16:42:03 +0100 Subject: [PATCH 1/8] PKI version 2 --- Makefile.defines | 2 + include/os_io_seproxyhal.h | 6 ++ include/os_pki.h | 121 +++++++++++++++++++++++++++++++++++++ include/syscalls.h | 4 ++ src/os_io_seproxyhal.c | 49 +++++++++++++++ src/syscalls.c | 32 ++++++++++ 6 files changed, 214 insertions(+) create mode 100644 include/os_pki.h diff --git a/Makefile.defines b/Makefile.defines index 48c9885ef..9b83c46cd 100644 --- a/Makefile.defines +++ b/Makefile.defines @@ -207,6 +207,8 @@ DEFINES += HAVE_INAPP_BLE_PAIRING DEFINES += HAVE_BATTERY endif +DEFINES += HAVE_LEDGER_PKI + # include builtin CX libs options -include $(BOLOS_SDK)/Makefile.conf.cx diff --git a/include/os_io_seproxyhal.h b/include/os_io_seproxyhal.h index e39528d54..0587289bb 100644 --- a/include/os_io_seproxyhal.h +++ b/include/os_io_seproxyhal.h @@ -85,6 +85,12 @@ unsigned short io_exchange_al(unsigned char channel_and_flags, unsigned short tx // and version unsigned int os_io_seproxyhal_get_app_name_and_version(void); +#if defined(HAVE_LEDGER_PKI) +unsigned int os_io_seproxyhal_pki_load_certificate(uint8_t *buffer, + size_t buffer_len, + uint8_t init); +#endif // HAVE_LEDGER_PKI + // for delegation of Native NFC / USB unsigned char io_event(unsigned char channel); diff --git a/include/os_pki.h b/include/os_pki.h new file mode 100644 index 000000000..2a7a09861 --- /dev/null +++ b/include/os_pki.h @@ -0,0 +1,121 @@ +#pragma once +#if defined(HAVE_LEDGER_PKI) +#include "decorators.h" +#include "errors.h" +#include "lcx_ecfp.h" +#include "ox_ec.h" +#include +#include + +#define CERTIFICATE_FIELD_VAR_LEN (0xFF) +#define CERTIFICATE_FIELD_UNKNOWN_VALUE (0xFFFFFFFF) +#define CERTIFICATE_VALIDITY_INDEX (0x00000001) +#define CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE (0x01) +#define CERTIFICATE_TRUSTED_NAME_MAXLEN (32) + +typedef enum { + CERTIFICATE_TAG_STRUCTURE_TYPE = 0x01, + CERTIFICATE_TAG_VERSION = 0x02, + CERTIFICATE_TAG_VALIDITY = 0x10, + CERTIFICATE_TAG_VALIDITY_INDEX = 0x11, + CERTIFICATE_TAG_CHALLENGE = 0x12, + CERTIFICATE_TAG_SIGNER_KEY_ID = 0x13, + CERTIFICATE_TAG_SIGN_ALGO_ID = 0x14, + CERTIFICATE_TAG_SIGNATURE = 0x15, + CERTIFICATE_TAG_TIME_VALIDITY = 0x16, + CERTIFICATE_TAG_TRUSTED_NAME = 0x20, + CERTIFICATE_TAG_PUBLIC_KEY_ID = 0x30, + CERTIFICATE_TAG_PUBLIC_KEY_USAGE = 0x31, + CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID = 0x32, + CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY = 0x33, + CERTIFICATE_TAG_PK_SIGN_ALGO_ID = 0x34, + CERTIFICATE_TAG_TARGET_DEVICE = 0x35 +} os_pki_tag_t; + +enum { + CERTIFICATE_VERSION_02 = 0x02, + CERTIFICATE_VERSION_UNKNOWN +}; + +enum { + CERTIFICATE_KEY_ID_TEST = 0x0000, + CERTIFICATE_KEY_ID_PERSOV2, + CERTIFICATE_KEY_ID_LEDGER_ROOT_V3, + CERTIFICATE_KEY_ID_PLUGIN_SELECTOR, + CERTIFICATE_KEY_ID_NFT_METADATA, + CERTIFICATE_KEY_ID_PARTNER_METADATA, + CERTIFICATE_KEY_ID_ERC20_METADATA, + CERTIFICATE_KEY_ID_DOMAIN_METADATA, + CERTIFICATE_KEY_ID_UNKNOWN +}; + +enum { + CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256 = 0x00, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3, + CERTIFICATE_SIGN_ALGO_ID_UNKNOWN +}; + +enum { + CERTIFICATE_PUBLIC_KEY_USAGE_GENUINE_CHECK = 0x01, + CERTIFICATE_PUBLIC_KEY_USAGE_EXCHANGE_PAYLOAD, + CERTIFICATE_PUBLIC_KEY_USAGE_NFT_METADATA, + CERTIFICATE_PUBLIC_KEY_USAGE_TRUSTED_NAME, + CERTIFICATE_PUBLIC_KEY_USAGE_BACKUP_PROVIDER, + CERTIFICATE_PUBLIC_KEY_USAGE_RECOVER_ORCHESTRATOR, + CERTIFICATE_PUBLIC_KEY_USAGE_PLUGIN_METADATA, + CERTIFICATE_PUBLIC_KEY_USAGE_COIN_META, + CERTIFICATE_PUBLIC_KEY_USAGE_SEED_ID_AUTH, + CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, +}; + +enum { + CERTIFICATE_TARGET_DEVICE_NANOS = 0x01, + CERTIFICATE_TARGET_DEVICE_NANOX, + CERTIFICATE_TARGET_DEVICE_NANOSP, + CERTIFICATE_TARGET_DEVICE_STAX, + CERTIFICATE_TARGET_DEVICE_UNKNOWN +}; + +typedef struct { + uint32_t value; + uint8_t field_len; +} os_pki_certificate_tag_info_t; + +// clang-format off +static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { + [CERTIFICATE_TAG_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, + [CERTIFICATE_TAG_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, + [CERTIFICATE_TAG_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_TAG_VALIDITY_INDEX] = {CERTIFICATE_VALIDITY_INDEX, 0x04 }, + [CERTIFICATE_TAG_CHALLENGE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_TAG_SIGNER_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_TAG_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, + [CERTIFICATE_TAG_TIME_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_TAG_TRUSTED_NAME] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_TAG_PUBLIC_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_TAG_PUBLIC_KEY_USAGE] = {CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, 0x01 }, + [CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID] = {CX_CURVE_TWISTED_EDWARDS_END, 0x01 }, + [CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY] = {CERTIFICATE_KEY_ID_UNKNOWN, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_TAG_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, + [CERTIFICATE_TAG_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, + [CERTIFICATE_TAG_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, +}; +// clang-format on + +SYSCALL bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, + uint8_t *certificate PLENGTH(certificate_len), + size_t certificate_len, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_public_key_t *public_key); + +SYSCALL bool os_pki_verify(uint8_t *descriptor_hash PLENGTH(descriptor_hash_len), + size_t descriptor_hash_len, + uint8_t *signature PLENGTH(signature_len), + size_t signature_len); +#endif // HAVE_LEDGER_PKI diff --git a/include/syscalls.h b/include/syscalls.h index 1095dfba8..7ef090241 100644 --- a/include/syscalls.h +++ b/include/syscalls.h @@ -192,6 +192,10 @@ #define SYSCALL_os_allow_protected_ram_ID 0x00000092 #define SYSCALL_os_deny_protected_ram_ID 0x00000093 #define SYSCALL_os_set_ux_time_ms_ID 0x010000a2 +#if defined(HAVE_LEDGER_PKI) +#define SYSCALL_os_pki_load_certificate_ID 0x060000aa +#define SYSCALL_os_pki_verify_ID 0x040000ab +#endif // HAVE_LEDGER_PKI #ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS #define SYSCALL_os_bolos_custom_ca_get_info_ID 0x01000CA0 diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index 276d869eb..7baa70dfa 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -95,6 +95,10 @@ extern USBD_HandleTypeDef USBD_Device; #include "nbgl_serialize.h" #endif +#if defined(HAVE_LEDGER_PKI) +#include "os_pki.h" +#endif // HAVE_LEDGER_PKI + #if !defined(HAVE_BOLOS_NO_DEFAULT_APDU) #define DEFAULT_APDU_CLA 0xB0 #define DEFAULT_APDU_INS_GET_VERSION 0x01 @@ -108,6 +112,11 @@ extern USBD_HandleTypeDef USBD_Device; #endif // DEBUG_OS_STACK_CONSUMPTION #define DEFAULT_APDU_INS_APP_EXIT 0xA7 + +#if defined(HAVE_LEDGER_PKI) +#define DEFAULT_APDU_INS_LOAD_CERTIFICATE 0x06 +#endif // HAVE_LEDGER_PKI + #endif // !HAVE_BOLOS_NO_DEFAULT_APDU void io_seproxyhal_handle_ble_event(void); @@ -1165,6 +1174,36 @@ unsigned int os_io_seproxyhal_get_app_name_and_version(void) return tx_len; } +#if defined(HAVE_LEDGER_PKI) +unsigned int os_io_seproxyhal_pki_load_certificate(uint8_t *buffer, + size_t buffer_len, + uint8_t key_usage) +{ + uint32_t error; + cx_ecfp_public_key_t public_key; + uint8_t trusted_name[CERTIFICATE_TRUSTED_NAME_MAXLEN] = {0}; + size_t trusted_name_len = CERTIFICATE_TRUSTED_NAME_MAXLEN; + uint8_t offset = 0; + + if ((error = os_pki_load_certificate( + key_usage, buffer, buffer_len, trusted_name, &trusted_name_len, &public_key))) { + U2BE_ENCODE(G_io_apdu_buffer, 0, error); + offset = 2; + } + else { + G_io_apdu_buffer[0] = trusted_name_len; + offset++; + memcpy(G_io_apdu_buffer + offset, trusted_name, trusted_name_len); + offset += trusted_name_len; + memcpy(G_io_apdu_buffer + offset, public_key.W, public_key.W_len); + offset += public_key.W_len; + U2BE_ENCODE(G_io_apdu_buffer + offset, 0, SWO_SUCCESS); + offset += 2; + } + return offset; +} +#endif // HAVE_LEDGER_PKI + #if !defined(HAVE_BOLOS_NO_DEFAULT_APDU) // This function is used to process the default APDU commands. static bolos_bool_t io_process_default_apdus(unsigned char *channel, unsigned short *tx_len) @@ -1266,6 +1305,16 @@ static bolos_bool_t io_process_default_apdus(unsigned char *channel, unsigned sh break; #endif // DEBUG_OS_STACK_CONSUMPTION +#if defined(HAVE_LEDGER_PKI) + case DEFAULT_APDU_INS_LOAD_CERTIFICATE: + *tx_len = os_io_seproxyhal_pki_load_certificate(G_io_apdu_buffer + APDU_OFF_LC + 1, + G_io_apdu_buffer[APDU_OFF_LC], + G_io_apdu_buffer[APDU_OFF_P1]); + *channel &= ~IO_FLAGS; + processed = BOLOS_TRUE; + break; +#endif // HAVE_LEDGER_PKI + default: // 'processed' is already initialized. break; diff --git a/src/syscalls.c b/src/syscalls.c index 052ccee9c..61ffdd211 100644 --- a/src/syscalls.c +++ b/src/syscalls.c @@ -1362,6 +1362,38 @@ bolos_bool_t os_perso_seed_cookie(unsigned char *seed_cookie) } #endif // HAVE_SEED_COOKIE +#if defined(HAVE_LEDGER_PKI) +bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, + uint8_t *certificate, + size_t certificate_len, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_public_key_t *public_key) +{ + unsigned int parameters[6]; + parameters[0] = (unsigned int) expected_key_usage; + parameters[1] = (unsigned int) certificate; + parameters[2] = (unsigned int) certificate_len; + parameters[3] = (unsigned int) trusted_name; + parameters[4] = (unsigned int) trusted_name_len; + parameters[5] = (unsigned int) public_key; + return (bolos_err_t) SVC_Call(SYSCALL_os_pki_load_certificate_ID, parameters); +} + +bool os_pki_verify(uint8_t *descriptor_hash, + size_t descriptor_hash_len, + uint8_t *signature, + size_t signature_len) +{ + unsigned int parameters[4]; + parameters[0] = (unsigned int) descriptor_hash; + parameters[1] = (unsigned int) descriptor_hash_len; + parameters[2] = (unsigned int) signature; + parameters[3] = (unsigned int) signature_len; + return (bool) SVC_Call(SYSCALL_os_pki_verify_ID, parameters); +} +#endif // HAVE_LEDGER_PKI + unsigned int os_endorsement_get_code_hash(unsigned char *buffer) { unsigned int parameters[2]; From fd62b51e55cef1a8fc06082911bcd4de967318a8 Mon Sep 17 00:00:00 2001 From: sra Date: Tue, 26 Mar 2024 16:50:59 +0100 Subject: [PATCH 2/8] Add documentation of default commands and PKI functions --- include/os_pki.h | 93 +++++++++++++++++++++++------ include/sdk_apdu_commands.h | 113 ++++++++++++++++++++++++++++++++++++ src/os_io_seproxyhal.c | 22 +------ 3 files changed, 192 insertions(+), 36 deletions(-) create mode 100644 include/sdk_apdu_commands.h diff --git a/include/os_pki.h b/include/os_pki.h index 2a7a09861..f054f3a1a 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -7,36 +7,44 @@ #include #include +/** Certificate field with a variable length */ #define CERTIFICATE_FIELD_VAR_LEN (0xFF) +/** Certificate field with a non predefined value */ #define CERTIFICATE_FIELD_UNKNOWN_VALUE (0xFFFFFFFF) +/** Certificate validity index minimum value */ #define CERTIFICATE_VALIDITY_INDEX (0x00000001) +/** Certificate structure type */ #define CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE (0x01) +/** Maximum certificate trusted name length */ #define CERTIFICATE_TRUSTED_NAME_MAXLEN (32) +/** Certificate tags associated to each certificate field */ typedef enum { - CERTIFICATE_TAG_STRUCTURE_TYPE = 0x01, - CERTIFICATE_TAG_VERSION = 0x02, - CERTIFICATE_TAG_VALIDITY = 0x10, - CERTIFICATE_TAG_VALIDITY_INDEX = 0x11, - CERTIFICATE_TAG_CHALLENGE = 0x12, - CERTIFICATE_TAG_SIGNER_KEY_ID = 0x13, - CERTIFICATE_TAG_SIGN_ALGO_ID = 0x14, - CERTIFICATE_TAG_SIGNATURE = 0x15, - CERTIFICATE_TAG_TIME_VALIDITY = 0x16, - CERTIFICATE_TAG_TRUSTED_NAME = 0x20, - CERTIFICATE_TAG_PUBLIC_KEY_ID = 0x30, - CERTIFICATE_TAG_PUBLIC_KEY_USAGE = 0x31, - CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID = 0x32, - CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY = 0x33, - CERTIFICATE_TAG_PK_SIGN_ALGO_ID = 0x34, - CERTIFICATE_TAG_TARGET_DEVICE = 0x35 + CERTIFICATE_TAG_STRUCTURE_TYPE = 0x01, ///< Structure type + CERTIFICATE_TAG_VERSION = 0x02, ///< Certificate version + CERTIFICATE_TAG_VALIDITY = 0x10, ///< Certificate validity + CERTIFICATE_TAG_VALIDITY_INDEX = 0x11, ///< Certificate validity index + CERTIFICATE_TAG_CHALLENGE = 0x12, ///< Challenge value + CERTIFICATE_TAG_SIGNER_KEY_ID = 0x13, ///< Signer key ID + CERTIFICATE_TAG_SIGN_ALGO_ID = 0x14, ///< Signature algorithm with the signer key + CERTIFICATE_TAG_SIGNATURE = 0x15, ///< Signature + CERTIFICATE_TAG_TIME_VALIDITY = 0x16, ///< Time validity + CERTIFICATE_TAG_TRUSTED_NAME = 0x20, ///< Trusted name + CERTIFICATE_TAG_PUBLIC_KEY_ID = 0x30, ///< Public key ID + CERTIFICATE_TAG_PUBLIC_KEY_USAGE = 0x31, ///< Public key usage + CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID = 0x32, ///< Curve ID on which the public key is defined + CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY = 0x33, ///< Public key in compressed form + CERTIFICATE_TAG_PK_SIGN_ALGO_ID = 0x34, ///< Signature algorithm with the public key + CERTIFICATE_TAG_TARGET_DEVICE = 0x35 ///< Target device } os_pki_tag_t; +/** Certificate version possible values */ enum { - CERTIFICATE_VERSION_02 = 0x02, + CERTIFICATE_VERSION_02 = 0x02, ///< Certificate version 2 CERTIFICATE_VERSION_UNKNOWN }; +/** Certificate key ID possible values */ enum { CERTIFICATE_KEY_ID_TEST = 0x0000, CERTIFICATE_KEY_ID_PERSOV2, @@ -49,6 +57,7 @@ enum { CERTIFICATE_KEY_ID_UNKNOWN }; +/** Signature algorithm possible values */ enum { CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256 = 0x00, CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3, @@ -60,6 +69,7 @@ enum { CERTIFICATE_SIGN_ALGO_ID_UNKNOWN }; +/** Public key usages possible values */ enum { CERTIFICATE_PUBLIC_KEY_USAGE_GENUINE_CHECK = 0x01, CERTIFICATE_PUBLIC_KEY_USAGE_EXCHANGE_PAYLOAD, @@ -73,6 +83,7 @@ enum { CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, }; +/** Target device possible values */ enum { CERTIFICATE_TARGET_DEVICE_NANOS = 0x01, CERTIFICATE_TARGET_DEVICE_NANOX, @@ -81,12 +92,14 @@ enum { CERTIFICATE_TARGET_DEVICE_UNKNOWN }; +/** Structure to store field length and field maximum value */ typedef struct { uint32_t value; uint8_t field_len; } os_pki_certificate_tag_info_t; // clang-format off +/** Array of field length and field maximum value corresponding to each tag */ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { [CERTIFICATE_TAG_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, [CERTIFICATE_TAG_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, @@ -107,6 +120,36 @@ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { }; // clang-format on +/** + * @brief Load a certificate and initialize the public key on success. + * + * @param[in] expected_key_usage Key verification role. + * @param[in] certificate_len Certificate length. + * @param[in] certificate_len Certificate + * @param[out] trusted_name Trusted name from the certificate + * @param[out] trusted_name_len Trusted name length + * @param[out] public_key Initialized public key from the certificate + * + * @return Error code + * @retval 0x0000 Success + * @retval 0x422F Incorrect structure type + * @retval 0x4230 Incorrect certificate version + * @retval 0x4231 Incorrect certificate validity + * @retval 0x4232 Incorrect certificate validity index + * @retval 0x4233 Unknown signer key ID + * @retval 0x4234 Unknown signature algorithm + * @retval 0x4235 Unknown public key ID + * @retval 0x4236 Unknown public key usage + * @retval 0x4237 Incorrect elliptic curve ID + * @retval 0x4238 Incorrect signature algorithm associated to the public key + * @retval 0x4239 Unknown target device + * @retval 0x422D Unknown certificate tag + * @retval 0x3301 Failed to hash data + * @retval 0x422E expected_key_usage doesn't match certificate key usage + * @retval 0x5720 Failed to verify signature + * @retval 0x4118 trusted_name buffer is too small to contain the trusted name + * @retval 0xFFFFFFxx Cryptography-related error + */ SYSCALL bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, uint8_t *certificate PLENGTH(certificate_len), size_t certificate_len, @@ -114,6 +157,22 @@ SYSCALL bolos_err_t os_pki_load_certificate(uint8_t expected_key_u size_t *trusted_name_len, cx_ecfp_public_key_t *public_key); +/** + * @brief Verify a descriptor signature with internal public key. + * + * @details The 'load certificate' command must be sent before this function + * to initialize the internal public key. + * The caller is responsible for computing the descriptor hash prior + * to the verification. + * + * @param[in] descriptor_hash Hash of a descriptor + * @param[in] descriptor_hash_len Length of the descriptor hash + * @param[in] signature Signature over the descriptor + * @param[in] signature_len Signature length + * @return bool + * @retval true Success + * @retval false Failed to verify + */ SYSCALL bool os_pki_verify(uint8_t *descriptor_hash PLENGTH(descriptor_hash_len), size_t descriptor_hash_len, uint8_t *signature PLENGTH(signature_len), diff --git a/include/sdk_apdu_commands.h b/include/sdk_apdu_commands.h new file mode 100644 index 000000000..93076152d --- /dev/null +++ b/include/sdk_apdu_commands.h @@ -0,0 +1,113 @@ +#ifndef SDK_APDU_COMMANDS_H +#define SDK_APDU_COMMANDS_H + +#if !defined(HAVE_BOLOS_NO_DEFAULT_APDU) +/** Instruction class */ +#define DEFAULT_APDU_CLA 0xB0 + +/** + * @brief Instruction code with CLA = 0xB0 to get the version. + * @details If the OS is running, it returns the name "BOLOS" + * and the OS version. If an application is running, + * it returns the application name and its version. + * + * - Command APDU + * |FIELD |LENGTH |VALUE |DESCRIPTION | + * |------|-------|------|------------------| + * |CLA |0x01 |0xB0 |Instruction class | + * |INS |0x01 |0x01 |Instruction code | + * |P1 |0x01 |0x00 |None | + * |P2 |0x01 |0x00 |None | + * |LC |0x01 |0x00 |No data | + * + * - Response APDU + * |DATA |LENGTH |DESCRIPTION | + * |------------|------------|--------------------------------------| + * |NAME_LEN |0x01 |Length of the running process name | + * |NAME |NAME_LEN |Running process (OS or app) | + * |VERSION_LEN |0x01 |Version length of the running process | + * |VERSION |VERSION_LEN |Version of the running process | + * |STATUS_WORD |0x02 |0x9000 on success | + */ +#define DEFAULT_APDU_INS_GET_VERSION 0x01 + +#if defined(HAVE_SEED_COOKIE) +/** + * @brief Instruction code with CLA = 0xB0 to get a hash of + * a public key derived from the seed. + * @details The hash is computed by applying SHA512 + * on the public key derived from the seed + * through a specific path. + * + * - Command APDU + * |FIELD |LENGTH |VALUE |DESCRIPTION | + * |------|-------|------|------------------| + * |CLA |0x01 |0xB0 |Instruction class | + * |INS |0x01 |0x02 |Instruction code | + * |P1 |0x01 |0x00 |None | + * |P2 |0x01 |0x00 |None | + * |LC |0x01 |0x00 |No data | + * + * - Response APDU + * |DATA |LENGTH | DESCRIPTION | + * |------------|-------|--------------------------------| + * |PK_HASH |0x200 | Hash of the derived public key | + * |STATUS_WORD |0x02 | 0x9000 on success | + */ +#define DEFAULT_APDU_INS_GET_SEED_COOKIE 0x02 +#endif + +#if defined(DEBUG_OS_STACK_CONSUMPTION) +#define DEFAULT_APDU_INS_STACK_CONSUMPTION 0x57 +#endif // DEBUG_OS_STACK_CONSUMPTION + +/** + * @brief Instruction code with CLA = 0xB0 to exit + * the running application. + * + * - Command APDU + * |FIELD |LENGTH |VALUE |DESCRIPTION | + * |------|-------|------|------------------| + * |CLA |0x01 |0xB0 |Instruction class | + * |INS |0x01 |0xA7 |Instruction code | + * |P1 |0x01 |0x00 |None | + * |P2 |0x01 |0x00 |None | + * |LC |0x01 |0x00 |No data | + * + * - Response APDU + * |DATA |LENGTH | DESCRIPTION | + * |------------|-------|-------------------| + * |STATUS_WORD |0x02 | 0x9000 on success | + */ +#define DEFAULT_APDU_INS_APP_EXIT 0xA7 + +#if defined(HAVE_LEDGER_PKI) +/** + * @brief Instruction code with CLA = 0xB0 to load a certificate. + * @details + * - Command APDU + * |FIELD |LENGTH |VALUE |DESCRIPTION | + * |------|--------|----------|-------------------| + * |CLA |0x01 |0xB0 |Instruction class | + * |INS |0x01 |0x06 |Instruction code | + * |P1 |0x01 |KEY_USAGE |Key usage | + * |P2 |0x01 |0x00 |None | + * |LC |0x01 |DATA_LEN |DATA length | + * |DATA |0x01 |CERT_LEN |Certificate length | + * |DATA |CERT_LEN|CERT |Certificate | + * + * - Response APDU + * |DATA |LENGTH | DESCRIPTION | + * |-----------------|-----------------|---------------------------------| + * |TRUSTED_NAME_LEN |0x01 | Certificate trusted name length | + * |TRUSTED_NAME |TRUSTED_NAME_LEN | Certificate trusted name | + * |PUBLIC_KEY_LEN |0x01 | Certificate public key length | + * |PUBLIC_KEY |PUBLIC_KEY_LEN | Certificate public key | + * |STATUS_WORD |0x02 | 0x9000 on success | + */ +#define DEFAULT_APDU_INS_LOAD_CERTIFICATE 0x06 +#endif // HAVE_LEDGER_PKI + +#endif // !HAVE_BOLOS_NO_DEFAULT_APDU + +#endif /* SDK_APDU_COMMANDS_H */ diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index 7baa70dfa..a2cdb4ede 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -95,30 +95,14 @@ extern USBD_HandleTypeDef USBD_Device; #include "nbgl_serialize.h" #endif -#if defined(HAVE_LEDGER_PKI) -#include "os_pki.h" -#endif // HAVE_LEDGER_PKI - #if !defined(HAVE_BOLOS_NO_DEFAULT_APDU) -#define DEFAULT_APDU_CLA 0xB0 -#define DEFAULT_APDU_INS_GET_VERSION 0x01 - -#if defined(HAVE_SEED_COOKIE) -#define DEFAULT_APDU_INS_GET_SEED_COOKIE 0x02 -#endif - -#if defined(DEBUG_OS_STACK_CONSUMPTION) -#define DEFAULT_APDU_INS_STACK_CONSUMPTION 0x57 -#endif // DEBUG_OS_STACK_CONSUMPTION - -#define DEFAULT_APDU_INS_APP_EXIT 0xA7 +#include "sdk_apdu_commands.h" +#endif // !HAVE_BOLOS_NO_DEFAULT_APDU #if defined(HAVE_LEDGER_PKI) -#define DEFAULT_APDU_INS_LOAD_CERTIFICATE 0x06 +#include "os_pki.h" #endif // HAVE_LEDGER_PKI -#endif // !HAVE_BOLOS_NO_DEFAULT_APDU - void io_seproxyhal_handle_ble_event(void); unsigned int os_io_seph_recv_and_process(unsigned int dont_process_ux_events); From fecb7dd6a1748423b578f705d328cb8d6c6a809d Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 27 Mar 2024 10:58:04 +0100 Subject: [PATCH 3/8] Enable multiple curve sizes and hash functions --- include/os_pki.h | 36 +++++++++++++++++++++++------------- src/os_io_seproxyhal.c | 10 +++++----- src/syscalls.c | 12 ++++++------ 3 files changed, 34 insertions(+), 24 deletions(-) diff --git a/include/os_pki.h b/include/os_pki.h index f054f3a1a..607914da3 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -59,13 +59,13 @@ enum { /** Signature algorithm possible values */ enum { - CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256 = 0x00, - CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3, - CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK, - CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160, - CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512, - CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK, - CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256 = 0x01, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256 = 0x02, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256 = 0x03, + CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160 = 0x04, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512 = 0x10, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK_256 = 0x11, + CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3_256 = 0x12, CERTIFICATE_SIGN_ALGO_ID_UNKNOWN }; @@ -118,6 +118,16 @@ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { [CERTIFICATE_TAG_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, [CERTIFICATE_TAG_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, }; + +static const cx_md_t C_os_sign_algo_hash_info[] = { + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256] = CX_SHA256, + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256] = CX_SHA3_256, + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256] = CX_KECCAK, + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160, + [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512, + [CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK_256] = CX_KECCAK, + [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3_256] = CX_SHA3_256 +}; // clang-format on /** @@ -150,12 +160,12 @@ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { * @retval 0x4118 trusted_name buffer is too small to contain the trusted name * @retval 0xFFFFFFxx Cryptography-related error */ -SYSCALL bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, - uint8_t *certificate PLENGTH(certificate_len), - size_t certificate_len, - uint8_t *trusted_name, - size_t *trusted_name_len, - cx_ecfp_public_key_t *public_key); +SYSCALL bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, + uint8_t *certificate PLENGTH(certificate_len), + size_t certificate_len, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_384_public_key_t *public_key); /** * @brief Verify a descriptor signature with internal public key. diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index a2cdb4ede..09cb6462a 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -1163,11 +1163,11 @@ unsigned int os_io_seproxyhal_pki_load_certificate(uint8_t *buffer, size_t buffer_len, uint8_t key_usage) { - uint32_t error; - cx_ecfp_public_key_t public_key; - uint8_t trusted_name[CERTIFICATE_TRUSTED_NAME_MAXLEN] = {0}; - size_t trusted_name_len = CERTIFICATE_TRUSTED_NAME_MAXLEN; - uint8_t offset = 0; + uint32_t error; + cx_ecfp_384_public_key_t public_key; + uint8_t trusted_name[CERTIFICATE_TRUSTED_NAME_MAXLEN] = {0}; + size_t trusted_name_len = CERTIFICATE_TRUSTED_NAME_MAXLEN; + uint8_t offset = 0; if ((error = os_pki_load_certificate( key_usage, buffer, buffer_len, trusted_name, &trusted_name_len, &public_key))) { diff --git a/src/syscalls.c b/src/syscalls.c index 61ffdd211..8059199dd 100644 --- a/src/syscalls.c +++ b/src/syscalls.c @@ -1363,12 +1363,12 @@ bolos_bool_t os_perso_seed_cookie(unsigned char *seed_cookie) #endif // HAVE_SEED_COOKIE #if defined(HAVE_LEDGER_PKI) -bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, - uint8_t *certificate, - size_t certificate_len, - uint8_t *trusted_name, - size_t *trusted_name_len, - cx_ecfp_public_key_t *public_key) +bolos_err_t os_pki_load_certificate(uint8_t expected_key_usage, + uint8_t *certificate, + size_t certificate_len, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_384_public_key_t *public_key) { unsigned int parameters[6]; parameters[0] = (unsigned int) expected_key_usage; From c26c7bac999cf20269c27ad69e5e641ac4ff66db Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 10 Apr 2024 15:12:55 +0200 Subject: [PATCH 4/8] PKI: enable only Ed25519 --- include/os_pki.h | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/include/os_pki.h b/include/os_pki.h index 607914da3..9307fda4f 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -64,8 +64,6 @@ enum { CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256 = 0x03, CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160 = 0x04, CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512 = 0x10, - CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK_256 = 0x11, - CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3_256 = 0x12, CERTIFICATE_SIGN_ALGO_ID_UNKNOWN }; @@ -124,9 +122,7 @@ static const cx_md_t C_os_sign_algo_hash_info[] = { [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256] = CX_SHA3_256, [CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256] = CX_KECCAK, [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160, - [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512, - [CERTIFICATE_SIGN_ALGO_ID_EDDSA_KECCAK_256] = CX_KECCAK, - [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA3_256] = CX_SHA3_256 + [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512 }; // clang-format on From 0dc0c4ade1024733e0819a82a6d4aba29c92ae19 Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 10 Apr 2024 17:20:43 +0200 Subject: [PATCH 5/8] Add a syscall to get PKI info --- include/os_pki.h | 19 +++++++++++++++++++ include/syscalls.h | 1 + src/os_io_seproxyhal.c | 28 ++++++++-------------------- src/syscalls.c | 13 +++++++++++++ 4 files changed, 41 insertions(+), 20 deletions(-) diff --git a/include/os_pki.h b/include/os_pki.h index 9307fda4f..51b96c9f3 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -183,4 +183,23 @@ SYSCALL bool os_pki_verify(uint8_t *descriptor_hash PLENGTH(descriptor_hash_len) size_t descriptor_hash_len, uint8_t *signature PLENGTH(signature_len), size_t signature_len); + +/** + * @brief Get information from the last validated certificate. + * + * @param[out] key_usage Certificate role (expected key usage) + * @param[out] trusted_name Buffer for the trusted name. + * The size of the buffer must be less than + * #CERTIFICATE_TRUSTED_NAME_MAXLEN + * @param[out] trusted_name_len Trusted name length + * @param[out] public_key Certificate public key + * @return Error code + * @retval 0x0000 Success + * @retval 0x4119 trusted_name buffer is too small to contain the trusted name + * @retval 0x3202 Failed to initialize public key + */ +SYSCALL bolos_err_t os_pki_get_info(uint8_t *key_usage, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_384_public_key_t *public_key); #endif // HAVE_LEDGER_PKI diff --git a/include/syscalls.h b/include/syscalls.h index 7ef090241..59f277b2e 100644 --- a/include/syscalls.h +++ b/include/syscalls.h @@ -195,6 +195,7 @@ #if defined(HAVE_LEDGER_PKI) #define SYSCALL_os_pki_load_certificate_ID 0x060000aa #define SYSCALL_os_pki_verify_ID 0x040000ab +#define SYSCALL_os_pki_get_info_ID 0x040000ac #endif // HAVE_LEDGER_PKI #ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index 09cb6462a..11165bbed 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -1163,28 +1163,16 @@ unsigned int os_io_seproxyhal_pki_load_certificate(uint8_t *buffer, size_t buffer_len, uint8_t key_usage) { - uint32_t error; + uint32_t sw; cx_ecfp_384_public_key_t public_key; - uint8_t trusted_name[CERTIFICATE_TRUSTED_NAME_MAXLEN] = {0}; - size_t trusted_name_len = CERTIFICATE_TRUSTED_NAME_MAXLEN; - uint8_t offset = 0; - - if ((error = os_pki_load_certificate( - key_usage, buffer, buffer_len, trusted_name, &trusted_name_len, &public_key))) { - U2BE_ENCODE(G_io_apdu_buffer, 0, error); - offset = 2; - } - else { - G_io_apdu_buffer[0] = trusted_name_len; - offset++; - memcpy(G_io_apdu_buffer + offset, trusted_name, trusted_name_len); - offset += trusted_name_len; - memcpy(G_io_apdu_buffer + offset, public_key.W, public_key.W_len); - offset += public_key.W_len; - U2BE_ENCODE(G_io_apdu_buffer + offset, 0, SWO_SUCCESS); - offset += 2; + + sw = os_pki_load_certificate(key_usage, buffer, buffer_len, NULL, NULL, &public_key); + if (0 == sw) { + sw = SWO_SUCCESS; } - return offset; + explicit_bzero(&public_key, sizeof(cx_ecfp_384_public_key_t)); + U2BE_ENCODE(G_io_apdu_buffer, 0, sw); + return 2; } #endif // HAVE_LEDGER_PKI diff --git a/src/syscalls.c b/src/syscalls.c index 8059199dd..b5df1932a 100644 --- a/src/syscalls.c +++ b/src/syscalls.c @@ -1392,6 +1392,19 @@ bool os_pki_verify(uint8_t *descriptor_hash, parameters[3] = (unsigned int) signature_len; return (bool) SVC_Call(SYSCALL_os_pki_verify_ID, parameters); } + +bolos_err_t os_pki_get_info(uint8_t *key_usage, + uint8_t *trusted_name, + size_t *trusted_name_len, + cx_ecfp_384_public_key_t *public_key) +{ + unsigned int parameters[4]; + parameters[0] = (unsigned int) key_usage; + parameters[1] = (unsigned int) trusted_name; + parameters[2] = (unsigned int) trusted_name_len; + parameters[3] = (unsigned int) public_key; + return (bolos_err_t) SVC_Call(SYSCALL_os_pki_get_info_ID, parameters); +} #endif // HAVE_LEDGER_PKI unsigned int os_endorsement_get_code_hash(unsigned char *buffer) From 226a4f5366067dbd1723b4ba4fff35f86b8ea643 Mon Sep 17 00:00:00 2001 From: sra Date: Fri, 17 May 2024 16:32:59 +0200 Subject: [PATCH 6/8] Add 'depth' field --- include/os_pki.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/os_pki.h b/include/os_pki.h index 51b96c9f3..2c17dc938 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -35,7 +35,8 @@ typedef enum { CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID = 0x32, ///< Curve ID on which the public key is defined CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY = 0x33, ///< Public key in compressed form CERTIFICATE_TAG_PK_SIGN_ALGO_ID = 0x34, ///< Signature algorithm with the public key - CERTIFICATE_TAG_TARGET_DEVICE = 0x35 ///< Target device + CERTIFICATE_TAG_TARGET_DEVICE = 0x35, ///< Target device + CERTIFICATE_TAG_DEPTH = 0x36 ///< Certificate depth } os_pki_tag_t; /** Certificate version possible values */ @@ -115,6 +116,7 @@ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { [CERTIFICATE_TAG_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, [CERTIFICATE_TAG_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, [CERTIFICATE_TAG_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_TAG_DEPTH] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x01 }, }; static const cx_md_t C_os_sign_algo_hash_info[] = { From a2586dc14ad2c3aefba8f32ac8e45bbb116fca96 Mon Sep 17 00:00:00 2001 From: sra Date: Tue, 11 Jun 2024 14:37:37 +0200 Subject: [PATCH 7/8] Reduce C_os_pki_certificate_tag_info size --- include/os_pki.h | 69 +++++++++++++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 24 deletions(-) diff --git a/include/os_pki.h b/include/os_pki.h index 2c17dc938..225380efe 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -10,9 +10,9 @@ /** Certificate field with a variable length */ #define CERTIFICATE_FIELD_VAR_LEN (0xFF) /** Certificate field with a non predefined value */ -#define CERTIFICATE_FIELD_UNKNOWN_VALUE (0xFFFFFFFF) +#define CERTIFICATE_FIELD_UNKNOWN_VALUE (0xFFFF) /** Certificate validity index minimum value */ -#define CERTIFICATE_VALIDITY_INDEX (0x00000001) +#define CERTIFICATE_VALIDITY_INDEX (0x0001) /** Certificate structure type */ #define CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE (0x01) /** Maximum certificate trusted name length */ @@ -93,38 +93,59 @@ enum { /** Structure to store field length and field maximum value */ typedef struct { - uint32_t value; + uint16_t value; uint8_t field_len; } os_pki_certificate_tag_info_t; +/** Indices for #C_os_pki_certificate_tag_info */ +enum { + CERTIFICATE_INFO_INDEX_STRUCTURE_TYPE = 0, + CERTIFICATE_INFO_INDEX_VERSION, + CERTIFICATE_INFO_INDEX_VALIDITY, + CERTIFICATE_INFO_INDEX_VALIDITY_INDEX, + CERTIFICATE_INFO_INDEX_CHALLENGE, + CERTIFICATE_INFO_INDEX_SIGNER_KEY_ID, + CERTIFICATE_INFO_INDEX_SIGN_ALGO_ID, + CERTIFICATE_INFO_INDEX_TIME_VALIDITY, + CERTIFICATE_INFO_INDEX_TRUSTED_NAME, + CERTIFICATE_INFO_INDEX_PUBLIC_KEY_ID, + CERTIFICATE_INFO_INDEX_PUBLIC_KEY_USAGE, + CERTIFICATE_INFO_INDEX_PUBLIC_KEY_CURVE_ID, + CERTIFICATE_INFO_INDEX_COMPRESSED_PUBLIC_KEY, + CERTIFICATE_INFO_INDEX_PK_SIGN_ALGO_ID, + CERTIFICATE_INFO_INDEX_TARGET_DEVICE, + CERTIFICATE_INFO_INDEX_SIGNATURE, + CERTIFICATE_INFO_INDEX_DEPTH +}; + // clang-format off /** Array of field length and field maximum value corresponding to each tag */ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { - [CERTIFICATE_TAG_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, - [CERTIFICATE_TAG_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, - [CERTIFICATE_TAG_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, - [CERTIFICATE_TAG_VALIDITY_INDEX] = {CERTIFICATE_VALIDITY_INDEX, 0x04 }, - [CERTIFICATE_TAG_CHALLENGE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_TAG_SIGNER_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, - [CERTIFICATE_TAG_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, - [CERTIFICATE_TAG_TIME_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, - [CERTIFICATE_TAG_TRUSTED_NAME] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_TAG_PUBLIC_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, - [CERTIFICATE_TAG_PUBLIC_KEY_USAGE] = {CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, 0x01 }, - [CERTIFICATE_TAG_PUBLIC_KEY_CURVE_ID] = {CX_CURVE_TWISTED_EDWARDS_END, 0x01 }, - [CERTIFICATE_TAG_COMPRESSED_PUBLIC_KEY] = {CERTIFICATE_KEY_ID_UNKNOWN, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_TAG_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, - [CERTIFICATE_TAG_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, - [CERTIFICATE_TAG_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_TAG_DEPTH] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x01 }, + [CERTIFICATE_INFO_INDEX_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, + [CERTIFICATE_INFO_INDEX_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_INFO_INDEX_VALIDITY_INDEX] = {CERTIFICATE_VALIDITY_INDEX, 0x04 }, + [CERTIFICATE_INFO_INDEX_CHALLENGE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_SIGNER_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_INFO_INDEX_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_TIME_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_INFO_INDEX_TRUSTED_NAME] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_USAGE] = {CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_CURVE_ID] = {CX_CURVE_TWISTED_EDWARDS_END, 0x01 }, + [CERTIFICATE_INFO_INDEX_COMPRESSED_PUBLIC_KEY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_DEPTH] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x01 }, }; static const cx_md_t C_os_sign_algo_hash_info[] = { - [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256] = CX_SHA256, - [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256] = CX_SHA3_256, + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256] = CX_SHA256, + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256] = CX_SHA3_256, [CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256] = CX_KECCAK, - [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160, - [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512 + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160, + [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512 }; // clang-format on From 9df9fed648f58be938ae58b8881484415b26737c Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 12 Jun 2024 11:04:44 +0200 Subject: [PATCH 8/8] PKI: EdDSA is supported only for descriptors verification --- include/os_pki.h | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/include/os_pki.h b/include/os_pki.h index 225380efe..236cdf116 100644 --- a/include/os_pki.h +++ b/include/os_pki.h @@ -121,31 +121,30 @@ enum { // clang-format off /** Array of field length and field maximum value corresponding to each tag */ static const os_pki_certificate_tag_info_t C_os_pki_certificate_tag_info[] = { - [CERTIFICATE_INFO_INDEX_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, - [CERTIFICATE_INFO_INDEX_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, - [CERTIFICATE_INFO_INDEX_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, - [CERTIFICATE_INFO_INDEX_VALIDITY_INDEX] = {CERTIFICATE_VALIDITY_INDEX, 0x04 }, - [CERTIFICATE_INFO_INDEX_CHALLENGE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_INFO_INDEX_SIGNER_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, - [CERTIFICATE_INFO_INDEX_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, - [CERTIFICATE_INFO_INDEX_TIME_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, - [CERTIFICATE_INFO_INDEX_TRUSTED_NAME] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, - [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_USAGE] = {CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, 0x01 }, - [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_CURVE_ID] = {CX_CURVE_TWISTED_EDWARDS_END, 0x01 }, - [CERTIFICATE_INFO_INDEX_COMPRESSED_PUBLIC_KEY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_INFO_INDEX_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, - [CERTIFICATE_INFO_INDEX_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, - [CERTIFICATE_INFO_INDEX_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, - [CERTIFICATE_INFO_INDEX_DEPTH] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x01 }, + [CERTIFICATE_INFO_INDEX_STRUCTURE_TYPE] = {CERTIFICATE_STRUCTURE_TYPE_CERTIFICATE, 0x01 }, + [CERTIFICATE_INFO_INDEX_VERSION] = {CERTIFICATE_VERSION_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_INFO_INDEX_VALIDITY_INDEX] = {CERTIFICATE_VALIDITY_INDEX, 0x04 }, + [CERTIFICATE_INFO_INDEX_CHALLENGE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_SIGNER_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_INFO_INDEX_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160, 0x01 }, + [CERTIFICATE_INFO_INDEX_TIME_VALIDITY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x04 }, + [CERTIFICATE_INFO_INDEX_TRUSTED_NAME] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_ID] = {CERTIFICATE_KEY_ID_UNKNOWN, 0x02 }, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_USAGE] = {CERTIFICATE_PUBLIC_KEY_USAGE_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_PUBLIC_KEY_CURVE_ID] = {CX_CURVE_TWISTED_EDWARDS_END, 0x01 }, + [CERTIFICATE_INFO_INDEX_COMPRESSED_PUBLIC_KEY] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_PK_SIGN_ALGO_ID] = {CERTIFICATE_SIGN_ALGO_ID_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_TARGET_DEVICE] = {CERTIFICATE_TARGET_DEVICE_UNKNOWN, 0x01 }, + [CERTIFICATE_INFO_INDEX_SIGNATURE] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, CERTIFICATE_FIELD_VAR_LEN}, + [CERTIFICATE_INFO_INDEX_DEPTH] = {CERTIFICATE_FIELD_UNKNOWN_VALUE, 0x01 }, }; static const cx_md_t C_os_sign_algo_hash_info[] = { [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA256] = CX_SHA256, [CERTIFICATE_SIGN_ALGO_ID_ECDSA_SHA3_256] = CX_SHA3_256, [CERTIFICATE_SIGN_ALGO_ID_ECDSA_KECCAK_256] = CX_KECCAK, - [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160, - [CERTIFICATE_SIGN_ALGO_ID_EDDSA_SHA512] = CX_SHA512 + [CERTIFICATE_SIGN_ALGO_ID_ECDSA_RIPEMD160] = CX_RIPEMD160 }; // clang-format on