Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Endorsement display #369

Merged
merged 4 commits into from
Sep 5, 2023
Merged

Endorsement display #369

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0951995
add new syscall revoke endorsements
PhilippeBonnaz Jun 30, 2023
4fb902d
Rename HAVE_CUSTOM_CA_SETTINGS to HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
PhilippeBonnaz Jul 5, 2023
701c243
Remove HAVE_ENDORSEMENT_DETAILS_IN_SETTINGS flag (always active on al…
PhilippeBonnaz Jul 31, 2023
35be215
Add endorsment revoke prototypes in os_endorsement.h
PhilippeBonnaz Aug 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 11 additions & 2 deletions include/os_endorsement.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,13 @@
/* - ENDORSEMENT FEATURE - */
/* ----------------------------------------------------------------------- */

typedef enum endorsement_revoke_id_e {
ENDORSEMENT_REVOKE_ID_ALL = 0,
ENDORSEMENT_REVOKE_ID_SLOT1 = 1,
ENDORSEMENT_REVOKE_ID_SLOT2 = 2,
ENDORSEMENT_REVOKE_ID_LAST = 3,
} endorsement_revoke_id_t;

#define ENDORSEMENT_MAX_ASN1_LENGTH (1 + 1 + 2 * (1 + 1 + 33))

SYSCALL unsigned int os_endorsement_get_code_hash(unsigned char* buffer PLENGTH(32));
Expand All @@ -16,6 +23,8 @@ SYSCALL unsigned int os_endorsement_key1_get_app_secret(unsigned char* buffer PL
SYSCALL unsigned int os_endorsement_key1_sign_data(unsigned char* src PLENGTH(srcLength), unsigned int srcLength, unsigned char* signature PLENGTH(ENDORSEMENT_MAX_ASN1_LENGTH));
SYSCALL unsigned int os_endorsement_key2_derive_sign_data(unsigned char* src PLENGTH(srcLength), unsigned int srcLength, unsigned char* signature PLENGTH(ENDORSEMENT_MAX_ASN1_LENGTH));

#if (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))
SYSCALL unsigned int os_endorsement_get_metadata(unsigned char index, unsigned char* buffer PLENGTH(8));
#endif // (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))

SYSCALL void os_endorsement_revoke_slot1(void);
SYSCALL void os_endorsement_revoke_slot2(void);
SYSCALL void os_endorsement_revoke_all(void);
8 changes: 4 additions & 4 deletions include/syscalls.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -190,10 +190,12 @@
#define SYSCALL_os_allow_protected_ram_ID 0x00000092
#define SYSCALL_os_deny_protected_ram_ID 0x00000093

#ifdef HAVE_CUSTOM_CA_SETTINGS
#ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
#define SYSCALL_os_bolos_custom_ca_get_info_ID 0x01000CA0
#define SYSCALL_os_bolos_custom_ca_revoke_ID 0x00000CA1
#endif // HAVE_CUSTOM_CA_SETTINGS
#endif // HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS

#define SYSCALL_os_bolos_endorsement_revoke_ID 0x010001ED

#ifndef HAVE_BOLOS_NO_CUSTOMCA
#define SYSCALL_os_customca_verify_ID 0x03000090
Expand All @@ -217,9 +219,7 @@
#define SYSCALL_os_aem_is_pin_validated_ID 0x00000147
#endif // HAVE_AEM_PIN

#if (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))
#define SYSCALL_os_endorsement_get_metadata_ID 0x02000138
#endif // (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))

#if defined(HAVE_VAULT_RECOVERY_ALGO)
#define SYSCALL_os_perso_derive_and_prepare_seed_ID 0x02000137
Expand Down
13 changes: 9 additions & 4 deletions src/syscalls.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1547,7 +1547,7 @@ unsigned int os_deny_protected_flash( void ) {
return (unsigned int) SVC_Call(SYSCALL_os_deny_protected_flash_ID, parameters);
}

#ifdef HAVE_CUSTOM_CA_SETTINGS
#ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
bolos_bool_t os_bolos_custom_ca_get_info(customca_data_t *custom_ca) {
unsigned int parameters[2];
parameters[0] = (unsigned int) custom_ca;
Expand All @@ -1561,7 +1561,14 @@ void os_bolos_custom_ca_revoke(void) {
SVC_Call(SYSCALL_os_bolos_custom_ca_revoke_ID, parameters);
return;
}
#endif //HAVE_CUSTOM_CA_SETTINGS
#endif //HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS

bolos_bool_t os_bolos_endorsement_revoke(uint8_t slot) {
unsigned int parameters[1];
parameters[0] = (unsigned int) slot;
bolos_bool_t ret = SVC_Call(SYSCALL_os_bolos_endorsement_revoke_ID, parameters);
return ret;
}

#ifdef HAVE_MCU_SERIAL_STORAGE
unsigned int os_seph_serial ( unsigned char * serial, unsigned int maxlength ) {
Expand Down Expand Up @@ -1762,14 +1769,12 @@ bolos_bool_t os_aem_is_pin_validated ( void ) {
}
#endif // HAVE_AEM_PIN

#if (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))
unsigned int os_endorsement_get_metadata ( unsigned char index, unsigned char * buffer ) {
unsigned int parameters[2];
parameters[0] = (unsigned int)index;
parameters[1] = (unsigned int)buffer;
return (unsigned int) SVC_Call(SYSCALL_os_endorsement_get_metadata_ID, parameters);
}
#endif // (defined(HAVE_BOLOS_NOTWIPED_ENDORSEMENT) && defined(HAVE_ENDORSEMENTS_DISPLAY))

#if defined(HAVE_LANGUAGE_PACK)
void list_language_packs(UX_LOC_LANGUAGE_PACK_INFO *packs) {
Expand Down