2010-08-19 08:09:59 +00:00
|
|
|
extern Thread *blinker_thread;
|
2010-09-08 05:24:12 +00:00
|
|
|
#define EV_LED_ON ((eventmask_t)1)
|
|
|
|
#define EV_LED_OFF ((eventmask_t)2)
|
|
|
|
|
|
|
|
extern Thread *stdout_thread;
|
|
|
|
#define EV_TX_READY ((eventmask_t)1)
|
2010-08-23 05:40:33 +00:00
|
|
|
|
|
|
|
extern void put_byte (uint8_t b);
|
2010-08-30 11:02:22 +00:00
|
|
|
extern void put_byte_with_no_nl (uint8_t b);
|
2010-08-26 10:50:06 +00:00
|
|
|
extern void put_short (uint16_t x);
|
2010-09-05 09:10:54 +00:00
|
|
|
extern void put_word (uint32_t x);
|
2010-09-08 05:24:12 +00:00
|
|
|
extern void put_int (uint32_t x);
|
2010-08-23 07:44:02 +00:00
|
|
|
extern void put_string (const char *s);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern void put_binary (const char *s, int len);
|
2010-08-23 05:40:33 +00:00
|
|
|
|
|
|
|
extern void _write (const char *, int);
|
|
|
|
|
2010-09-05 09:10:54 +00:00
|
|
|
/*
|
|
|
|
* We declare some of libc functions here, because we will
|
|
|
|
* remove dependency on libc in future.
|
|
|
|
*/
|
2010-09-03 15:42:36 +00:00
|
|
|
extern size_t strlen (const char *s);
|
|
|
|
extern int strncmp(const char *s1, const char *s2, size_t n);
|
|
|
|
extern void *memcpy (void *dest, const void *src, size_t n);
|
|
|
|
extern void *memset (void *s, int c, size_t n);
|
|
|
|
extern int memcmp (const void *s1, const void *s2, size_t n);
|
2010-08-23 05:40:33 +00:00
|
|
|
|
2010-09-08 05:24:12 +00:00
|
|
|
#define EV_EXEC_FINISHED ((eventmask_t)2) /* GPG Execution finished */
|
2010-08-19 08:09:59 +00:00
|
|
|
|
2010-09-03 15:42:36 +00:00
|
|
|
/* maximum cmd apdu data is key import 22+4+128+128 (proc_key_import) */
|
2010-08-26 10:50:06 +00:00
|
|
|
#define MAX_CMD_APDU_SIZE (7+282) /* header + data */
|
2010-09-03 15:42:36 +00:00
|
|
|
/* maximum res apdu data is public key 5+9+256+2 (gpg_do_public_key) */
|
|
|
|
#define MAX_RES_APDU_SIZE ((5+9+256)+2) /* Data + status */
|
2010-12-07 05:34:25 +00:00
|
|
|
|
|
|
|
#define ICC_MSG_HEADER_SIZE 10
|
|
|
|
|
|
|
|
#define cmd_APDU (&icc_buffer[ICC_MSG_HEADER_SIZE])
|
|
|
|
#define res_APDU (&icc_buffer[ICC_MSG_HEADER_SIZE])
|
|
|
|
extern int icc_data_size;
|
|
|
|
#define cmd_APDU_size icc_data_size
|
2010-08-23 05:40:33 +00:00
|
|
|
extern int res_APDU_size;
|
2010-08-26 10:50:06 +00:00
|
|
|
|
2010-12-07 05:34:25 +00:00
|
|
|
/* USB buffer size of LL (Low-level): size of single Bulk transaction */
|
|
|
|
#define USB_LL_BUF_SIZE 64
|
|
|
|
|
|
|
|
/*
|
|
|
|
* USB buffer size of USB-ICC driver
|
|
|
|
* (Changing this, dwMaxCCIDMessageLength too !!)
|
|
|
|
*/
|
|
|
|
#define USB_BUF_SIZE ((10 + 10 + MAX_CMD_APDU_SIZE + USB_LL_BUF_SIZE - 1) \
|
|
|
|
/ USB_LL_BUF_SIZE * USB_LL_BUF_SIZE)
|
|
|
|
extern uint8_t icc_buffer[USB_BUF_SIZE];
|
|
|
|
|
2010-08-26 10:50:06 +00:00
|
|
|
#define AC_NONE_AUTHORIZED 0x00
|
|
|
|
#define AC_PSO_CDS_AUTHORIZED 0x01 /* PW1 with 0x81 verified */
|
2010-12-08 06:10:41 +00:00
|
|
|
#define AC_OTHER_AUTHORIZED 0x02 /* PW1 with 0x82 verified */
|
2010-08-26 10:50:06 +00:00
|
|
|
#define AC_ADMIN_AUTHORIZED 0x04 /* PW3 verified */
|
|
|
|
#define AC_NEVER 0x80
|
|
|
|
#define AC_ALWAYS 0xFF
|
|
|
|
|
2010-11-05 07:42:17 +00:00
|
|
|
#define PW_ERR_PW1 0
|
|
|
|
#define PW_ERR_RC 1
|
|
|
|
#define PW_ERR_PW3 2
|
|
|
|
extern int gpg_passwd_locked (uint8_t which);
|
|
|
|
extern void gpg_reset_pw_err_counter (uint8_t which);
|
|
|
|
extern void gpg_increment_pw_err_counter (uint8_t which);
|
|
|
|
|
2010-08-26 10:50:06 +00:00
|
|
|
extern int ac_check_status (uint8_t ac_flag);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern int verify_pso_cds (const uint8_t *pw, int pw_len);
|
2010-12-08 06:10:41 +00:00
|
|
|
extern int verify_other (const uint8_t *pw, int pw_len);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern int verify_admin (const uint8_t *pw, int pw_len);
|
|
|
|
extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known);
|
|
|
|
|
2010-09-04 09:44:01 +00:00
|
|
|
extern void ac_reset_pso_cds (void);
|
2010-12-08 06:10:41 +00:00
|
|
|
extern void ac_reset_other (void);
|
|
|
|
extern void ac_reset_admin (void);
|
2010-12-08 05:10:30 +00:00
|
|
|
extern void ac_fini (void);
|
2010-08-26 10:50:06 +00:00
|
|
|
|
|
|
|
|
|
|
|
extern void write_res_apdu (const uint8_t *p, int len,
|
|
|
|
uint8_t sw1, uint8_t sw2);
|
2010-09-13 02:47:21 +00:00
|
|
|
uint16_t data_objects_number_of_bytes;
|
|
|
|
|
2010-11-08 04:17:30 +00:00
|
|
|
extern void gpg_data_scan (const uint8_t *p);
|
|
|
|
extern void gpg_data_copy (const uint8_t *p);
|
2010-08-26 10:50:06 +00:00
|
|
|
extern void gpg_do_get_data (uint16_t tag);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern void gpg_do_put_data (uint16_t tag, const uint8_t *data, int len);
|
|
|
|
extern void gpg_do_public_key (uint8_t kk_byte);
|
|
|
|
|
2010-08-30 02:39:10 +00:00
|
|
|
|
2010-08-30 11:02:22 +00:00
|
|
|
|
|
|
|
enum kind_of_key {
|
2010-11-30 01:04:30 +00:00
|
|
|
GPG_KEY_FOR_SIGNING = 0,
|
2010-09-09 08:50:34 +00:00
|
|
|
GPG_KEY_FOR_DECRYPTION,
|
2010-08-30 11:02:22 +00:00
|
|
|
GPG_KEY_FOR_AUTHENTICATION,
|
|
|
|
};
|
|
|
|
|
2010-11-08 04:17:30 +00:00
|
|
|
extern const uint8_t *flash_init (void);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern void flash_do_release (const uint8_t *);
|
2010-09-05 09:10:54 +00:00
|
|
|
extern const uint8_t *flash_do_write (uint8_t nr, const uint8_t *data, int len);
|
|
|
|
extern uint8_t *flash_key_alloc (void);
|
2010-12-03 08:35:22 +00:00
|
|
|
extern void flash_keystore_release (void);
|
2010-11-05 07:42:17 +00:00
|
|
|
extern void flash_set_data_pool_last (const uint8_t *p);
|
2010-09-09 16:25:44 +00:00
|
|
|
extern void flash_clear_halfword (uint32_t addr);
|
2010-11-05 07:42:17 +00:00
|
|
|
extern void flash_increment_counter (uint8_t counter_tag_nr);
|
|
|
|
extern void flash_reset_counter (uint8_t counter_tag_nr);
|
2010-08-30 11:02:22 +00:00
|
|
|
|
|
|
|
#define KEY_MAGIC_LEN 8
|
2010-09-03 15:42:36 +00:00
|
|
|
#define KEY_CONTENT_LEN 256 /* p and q */
|
2010-08-30 11:02:22 +00:00
|
|
|
#define GNUK_MAGIC "Gnuk KEY"
|
|
|
|
|
2010-09-03 15:42:36 +00:00
|
|
|
/* encrypted data content */
|
2010-08-30 11:02:22 +00:00
|
|
|
struct key_data {
|
2010-09-03 15:42:36 +00:00
|
|
|
uint8_t data[KEY_CONTENT_LEN]; /* p and q */
|
2010-08-30 11:02:22 +00:00
|
|
|
uint32_t check;
|
2010-09-03 15:42:36 +00:00
|
|
|
uint32_t random;
|
|
|
|
char magic[KEY_MAGIC_LEN];
|
|
|
|
};
|
|
|
|
|
|
|
|
#define ADDITIONAL_DATA_SIZE 16
|
|
|
|
#define DATA_ENCRYPTION_KEY_SIZE 16
|
|
|
|
struct prvkey_data {
|
|
|
|
const uint8_t *key_addr;
|
2010-10-16 00:22:18 +00:00
|
|
|
/*
|
|
|
|
* CRM: [C]heck, [R]andom, and [M]agic in struct key_data
|
|
|
|
*
|
|
|
|
*/
|
2010-09-03 15:42:36 +00:00
|
|
|
uint8_t crm_encrypted[ADDITIONAL_DATA_SIZE];
|
2010-10-16 00:22:18 +00:00
|
|
|
/*
|
|
|
|
* DEK: Data Encryption Key
|
|
|
|
*/
|
|
|
|
uint8_t dek_encrypted_1[DATA_ENCRYPTION_KEY_SIZE]; /* For user */
|
|
|
|
uint8_t dek_encrypted_2[DATA_ENCRYPTION_KEY_SIZE]; /* For resetcode */
|
|
|
|
uint8_t dek_encrypted_3[DATA_ENCRYPTION_KEY_SIZE]; /* For admin */
|
2010-08-30 11:02:22 +00:00
|
|
|
};
|
|
|
|
|
2010-10-16 00:22:18 +00:00
|
|
|
#define BY_USER 1
|
|
|
|
#define BY_RESETCODE 2
|
|
|
|
#define BY_ADMIN 3
|
|
|
|
|
2010-09-03 15:42:36 +00:00
|
|
|
extern int flash_key_write (uint8_t *key_addr, const uint8_t *key_data, const uint8_t *modulus);
|
|
|
|
|
|
|
|
#define KEYSTRING_PASSLEN_SIZE 1
|
|
|
|
#define KEYSTRING_SALT_SIZE 8 /* optional */
|
|
|
|
#define KEYSTRING_ITER_SIZE 1 /* optional */
|
|
|
|
#define KEYSTRING_MD_SIZE 20
|
|
|
|
#define KEYSTRING_SIZE_PW1 (KEYSTRING_PASSLEN_SIZE+KEYSTRING_MD_SIZE)
|
|
|
|
#define KEYSTRING_SIZE_RC (KEYSTRING_PASSLEN_SIZE+KEYSTRING_MD_SIZE)
|
|
|
|
#define KEYSTRING_SIZE_PW3 (KEYSTRING_PASSLEN_SIZE+KEYSTRING_SALT_SIZE \
|
|
|
|
+KEYSTRING_ITER_SIZE+KEYSTRING_MD_SIZE)
|
2010-08-30 11:02:22 +00:00
|
|
|
|
2010-11-30 01:04:30 +00:00
|
|
|
extern void gpg_do_clear_prvkey (enum kind_of_key kk);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern int gpg_do_load_prvkey (enum kind_of_key kk, int who, const uint8_t *keystring);
|
|
|
|
extern int gpg_do_chks_prvkey (enum kind_of_key kk,
|
|
|
|
int who_old, const uint8_t *old_ks,
|
|
|
|
int who_new, const uint8_t *new_ks);
|
2010-08-30 11:02:22 +00:00
|
|
|
|
2010-09-03 15:42:36 +00:00
|
|
|
extern int gpg_change_keystring (int who_old, const uint8_t *old_ks,
|
|
|
|
int who_new, const uint8_t *new_ks);
|
2010-08-30 11:02:22 +00:00
|
|
|
|
2010-11-30 01:04:30 +00:00
|
|
|
extern struct key_data kd[3];
|
2010-09-03 15:42:36 +00:00
|
|
|
|
|
|
|
#ifdef DEBUG
|
|
|
|
#define DEBUG_INFO(msg) put_string (msg)
|
2010-09-05 09:10:54 +00:00
|
|
|
#define DEBUG_WORD(w) put_word (w)
|
2010-09-03 15:42:36 +00:00
|
|
|
#define DEBUG_SHORT(h) put_short (h)
|
|
|
|
#define DEBUG_BYTE(b) put_byte (b)
|
|
|
|
#define DEBUG_BINARY(s,len) put_binary ((const char *)s,len)
|
|
|
|
#else
|
|
|
|
#define DEBUG_INFO(msg)
|
2010-09-05 09:10:54 +00:00
|
|
|
#define DEBUG_WORD(w)
|
2010-09-03 15:42:36 +00:00
|
|
|
#define DEBUG_SHORT(h)
|
|
|
|
#define DEBUG_BYTE(b)
|
|
|
|
#define DEBUG_BINARY(s,len)
|
|
|
|
#endif
|
|
|
|
|
2010-11-30 01:04:30 +00:00
|
|
|
extern int rsa_sign (const uint8_t *, uint8_t *, int, struct key_data *);
|
2010-09-03 15:42:36 +00:00
|
|
|
extern const uint8_t *modulus_calc (const uint8_t *, int);
|
|
|
|
extern void modulus_free (const uint8_t *);
|
2010-11-30 01:04:30 +00:00
|
|
|
extern int rsa_decrypt (const uint8_t *, uint8_t *, int, struct key_data *);
|
2010-09-03 15:42:36 +00:00
|
|
|
|
2010-09-05 09:10:54 +00:00
|
|
|
extern const uint8_t *gpg_do_read_simple (uint8_t);
|
|
|
|
extern void gpg_do_write_simple (uint8_t, const uint8_t *, int);
|
2010-11-05 07:42:17 +00:00
|
|
|
extern void gpg_increment_digital_signature_counter (void);
|
2010-09-03 15:42:36 +00:00
|
|
|
|
|
|
|
|
|
|
|
extern void gpg_set_pw3 (const uint8_t *newpw, int newpw_len);
|
2010-09-05 09:10:54 +00:00
|
|
|
extern void fatal (void) __attribute__ ((noreturn));
|
2010-09-03 15:42:36 +00:00
|
|
|
|
|
|
|
extern uint8_t keystring_md_pw3[KEYSTRING_MD_SIZE];
|
|
|
|
|
2010-11-05 07:42:17 +00:00
|
|
|
/*** Flash memory tag values ***/
|
|
|
|
#define NR_NONE 0x00
|
|
|
|
/* Data objects */
|
|
|
|
/*
|
|
|
|
* Representation of data object:
|
|
|
|
*
|
2010-11-08 01:17:27 +00:00
|
|
|
* <-1 halfword-> <--len/2 halfwords->
|
|
|
|
* <-tag-><-len-> <---data content--->
|
2010-11-05 07:42:17 +00:00
|
|
|
*/
|
|
|
|
#define NR_DO__FIRST__ 0x01
|
|
|
|
#define NR_DO_SEX 0x01
|
|
|
|
#define NR_DO_FP_SIG 0x02
|
|
|
|
#define NR_DO_FP_DEC 0x03
|
|
|
|
#define NR_DO_FP_AUT 0x04
|
|
|
|
#define NR_DO_CAFP_1 0x05
|
|
|
|
#define NR_DO_CAFP_2 0x06
|
|
|
|
#define NR_DO_CAFP_3 0x07
|
|
|
|
#define NR_DO_KGTIME_SIG 0x08
|
|
|
|
#define NR_DO_KGTIME_DEC 0x09
|
|
|
|
#define NR_DO_KGTIME_AUT 0x0a
|
|
|
|
#define NR_DO_LOGIN_DATA 0x0b
|
|
|
|
#define NR_DO_URL 0x0c
|
|
|
|
#define NR_DO_NAME 0x0d
|
|
|
|
#define NR_DO_LANGUAGE 0x0e
|
|
|
|
#define NR_DO_PRVKEY_SIG 0x0f
|
|
|
|
#define NR_DO_PRVKEY_DEC 0x10
|
|
|
|
#define NR_DO_PRVKEY_AUT 0x11
|
|
|
|
#define NR_DO_KEYSTRING_PW1 0x12
|
|
|
|
#define NR_DO_KEYSTRING_RC 0x13
|
|
|
|
#define NR_DO_KEYSTRING_PW3 0x14
|
|
|
|
#define NR_DO__LAST__ 21 /* == 0x15 */
|
2010-11-08 01:17:27 +00:00
|
|
|
/* 14-bit counter for DS: Recorded in flash memory by 1-halfword (2-byte). */
|
2010-11-05 07:42:17 +00:00
|
|
|
/*
|
|
|
|
* Representation of 14-bit counter:
|
|
|
|
* 0: 0x8000
|
|
|
|
* 1: 0x8001
|
|
|
|
* ...
|
|
|
|
* 16383: 0xbfff
|
|
|
|
*/
|
|
|
|
#define NR_COUNTER_DS 0x80 /* ..0xbf */
|
2010-11-08 01:17:27 +00:00
|
|
|
/* 10-bit counter for DS: Recorded in flash memory by 1-halfword (2-byte). */
|
2010-11-05 07:42:17 +00:00
|
|
|
/*
|
|
|
|
* Representation of 10-bit counter:
|
|
|
|
* 0: 0xc000
|
|
|
|
* 1: 0xc001
|
|
|
|
* ...
|
|
|
|
* 1023: 0xc3ff
|
|
|
|
*/
|
|
|
|
#define NR_COUNTER_DS_LSB 0xc0 /* ..0xc3 */
|
2010-11-08 01:17:27 +00:00
|
|
|
/* 8-bit int or Boolean objects: Recorded in flash memory by 1-halfword (2-byte) */
|
2010-11-05 07:42:17 +00:00
|
|
|
/*
|
|
|
|
* Representation of Boolean object:
|
|
|
|
* 0: No record in flash memory
|
|
|
|
* 1: 0xc?00
|
|
|
|
*/
|
|
|
|
#define NR_BOOL_PW1_LIFETIME 0xf0
|
|
|
|
/*
|
|
|
|
* NR_BOOL_SOMETHING, NR_UINT_SOMETHING could be here... Use 0xf?
|
|
|
|
*/
|
2010-11-08 01:17:27 +00:00
|
|
|
/* 123-counters: Recorded in flash memory by 2-halfword (4-byte). */
|
2010-11-05 07:42:17 +00:00
|
|
|
/*
|
|
|
|
* Representation of 123-counters:
|
|
|
|
* 0: No record in flash memory
|
|
|
|
* 1: 0xfe?? 0xffff
|
|
|
|
* 2: 0xfe?? 0xc3c3
|
|
|
|
* 3: 0xfe?? 0x0000
|
|
|
|
* where <counter_id> is placed at second byte <??>
|
|
|
|
*/
|
|
|
|
#define NR_COUNTER_123 0xfe
|
|
|
|
#define NR_EMPTY 0xff
|
2010-09-05 09:10:54 +00:00
|
|
|
|
2010-09-03 15:42:36 +00:00
|
|
|
#define SIZE_PW_STATUS_BYTES 7
|
|
|
|
|
2010-09-05 16:55:29 +00:00
|
|
|
/* 32-byte random bytes */
|
2010-09-04 04:48:26 +00:00
|
|
|
extern uint32_t get_random (void);
|
2010-09-05 16:55:29 +00:00
|
|
|
extern const uint8_t *random_bytes_get (void);
|
|
|
|
extern void random_bytes_free (const uint8_t *);
|
2010-09-03 15:42:36 +00:00
|
|
|
|
|
|
|
extern uint32_t hardclock (void);
|
2010-09-04 09:44:01 +00:00
|
|
|
|
2010-09-09 00:51:09 +00:00
|
|
|
extern void set_led (int);
|
2010-09-09 08:50:34 +00:00
|
|
|
|
2010-10-16 00:22:18 +00:00
|
|
|
#define NUM_ALL_PRV_KEYS 3 /* SIG, DEC and AUT */
|
|
|
|
|
|
|
|
extern uint8_t pw1_keystring[KEYSTRING_SIZE_PW1];
|
2010-09-09 08:50:34 +00:00
|
|
|
|
2010-10-28 00:53:41 +00:00
|
|
|
#if !defined(OPENPGP_CARD_INITIAL_PW1)
|
2010-09-09 08:50:34 +00:00
|
|
|
#define OPENPGP_CARD_INITIAL_PW1 "123456"
|
2010-10-28 00:53:41 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
#if !defined(OPENPGP_CARD_INITIAL_PW3)
|
|
|
|
#define OPENPGP_CARD_INITIAL_PW3 "12345678"
|
|
|
|
#endif
|
2010-09-09 08:50:34 +00:00
|
|
|
|
2010-11-05 07:42:17 +00:00
|
|
|
extern const uint8_t openpgpcard_aid[17] __attribute__ ((aligned (1)));
|
|
|
|
|
|
|
|
extern int gpg_get_pw1_lifetime (void);
|
|
|
|
|
|
|
|
extern void flash_bool_clear (const uint8_t **addr_p);
|
|
|
|
extern const uint8_t *flash_bool_write (uint8_t nr);
|
|
|
|
extern int flash_cnt123_get_value (const uint8_t *p);
|
|
|
|
extern void flash_cnt123_increment (uint8_t which, const uint8_t **addr_p);
|
|
|
|
extern void flash_cnt123_clear (const uint8_t **addr_p);
|
|
|
|
extern void flash_put_data (uint16_t hw);
|
2010-11-08 00:40:31 +00:00
|
|
|
extern void flash_warning (const char *msg);
|
2010-11-08 04:17:30 +00:00
|
|
|
|
|
|
|
extern void flash_put_data_internal (const uint8_t *p, uint16_t hw);
|
|
|
|
extern void flash_bool_write_internal (const uint8_t *p, int nr);
|
|
|
|
extern void flash_cnt123_write_internal (const uint8_t *p, int which, int v);
|
|
|
|
extern void flash_do_write_internal (const uint8_t *p, int nr, const uint8_t *data, int len);
|