2022-07-18 NIIBE Yutaka * tool/hub_ctrl.py (find_hubs): Catch the exception. Change the interpreter path to Python3. 2022-07-18 NIIBE Yutaka * chopstx: Update to Chopstx 2.4. * Makefile: Fix for picolibc. * regnual/Makefile: Fix for picolibc. 2022-07-12 NIIBE Yutaka * test/*: Remove. 2022-07-11 NIIBE Yutaka * tests/*: Fix tests for token with KDO required setup. 2022-07-07 NIIBE Yutaka * src/aes.c (FT0, FT1, FT2): Fix for table in ROM. 2022-06-29 NIIBE Yutaka * src/configure (kdf_do): Fix. 2022-06-28 NIIBE Yutaka Remove Data Object definition for internal NR_DO_PRVKEY_*. * src/gnuk.h (NR_DO_PRVKEY_*): Remove. * src/openpgp-do.c (gpg_pw_get_err_counter): Lookup num_prv_keys. (gpg_do_delete_prvkey): Use flash_key_addr, instead of DOs. * src/openpgp.c (gpg_init): Call gpg_data_scan after flash_key_storage_init. 2022-06-20 NIIBE Yutaka * src/flash.c (flash_key_write): Fix for odd size data. 2022-06-17 NIIBE Yutaka * src/flash.c (flash_key_write): Put tag, nonce and DEKs in key store, instead of Data Object. Fix for odd size. * misc/t-gcm-siv.c: New. * src/openpgp-do.c (gpg_get_algo_key_size): Exact size, no round up to order of two. (gpg_do_load_prvkey): Fix for key store. (gpg_do_write_prvkey): Likewise. (gpg_do_chks_prvkey): Likewise. (gpg_do_pubkey_addr): Likewise. (gpg_do_delete_prvkey: Likewise. (get_do_ptr_nr_for_kk): Remove. 2022-06-17 NIIBE Yutaka * src/gnuk.h (gcm_siv_encrypt, gcm_siv_decrypt): New. * src/gcm-siv.c (gcm_siv_encrypt, gcm_siv_decrypt): New. * src/openpgp-do.c (compute_key_data_checksum): Remove. (crypt0, derive_keys, encrypt, decrypt): Remove. (gpg_do_load_prvkey): Use gcm_siv_decrypt. Use pubkey as additional data. (gpg_do_write_prvkey): Use gcm_siv_encrypt. Likewise. 2022-06-17 NIIBE Yutaka Change key store layout in Flash memory. Only a single key in a page at a fixed area. * src/gnuk.h (gpg_get_algo_key_size): New. * src/openpgp-do.c (gpg_get_algo_key_size): New. (gpg_do_pubkey_addr): New. (gpg_do_delete_prvkey): Change the API. * src/flash.c (flash_key_addr): New. (flash_key_release, flash_key_write): Change the API. * src/openpgp.c (cmd_pso): Use gpg_do_pubkey_addr. 2022-06-09 NIIBE Yutaka * src/openpgp-do.c (compute_key_data_checksum): Use POLYVAL. (encrypt, decrypt): Use AEAD by AES-GCM-SIV. 2022-06-08 NIIBE Yutaka * src/gcm-siv.c: New. 2022-06-08 NIIBE Yutaka * src/Makefile: Remove pinpad support. * src/configure (pinpad, hid_card_change): Remove. * src/config.h.in (@PINPAD_DEFINE@, @PINPAD_MORE_DEFINE@) (@HID_CARD_CHANGE_DEFINE@): Remove. * src/gnuk.h (EV_PINPAD_INPUT_DONE): Remove. * src/main.c [PINPAD_CIR_SUPPORT, PINPAD_DND_SUPPORT] (main): Remove pinpad support. * src/openpgp.c [PINPAD_SUPPORT] (get_pinpad_input): Remove. (openpgp_card_thread): Remove pinpad support. * src/pin-cir.c: Remove. * src/pin-dnd.c: Remove. * src/usb-msc.c, src/usb-msc.h: Remove. * src/usb-ccid.c (usb_tx_done): Remove pinpad support. * src/usb_conf.h: Remove pinpad support. * src/usb_ctrl.c: Remove pinpad support. * src/usb_desc.c: Remove pinpad support. 2022-06-08 NIIBE Yutaka * polarssl/*: Remove. 2022-06-08 NIIBE Yutaka * src/aes.c (aes_encrypt): Change the API. (aes_crypt_ctr): New. * src/openpgp-do.c: Use internal AES, instead of PolarSSL. 2022-06-08 NIIBE Yutaka Add an AES 256 implementation. * misc/gen_rijndael_t_table.py: New. * src/Makefile (CSRC): Add aes.c. No add of CRYPTSRC. (INCDIR): No add of CRYPTINCDIR. (CRYPTDIR, CRYPTSRCDIR, CRYPTINCDIR, CRYPTSRC): Remove. * src/aes-t-table.c.in: New. * src/aes.h, src/aes.c: New. 2022-06-08 NIIBE Yutaka * tests/openpgp_card.py: Fix card type detection. 2022-06-07 NIIBE Yutaka Use CTR mode for private key encryption/decryption. * src/openpgp-do.c (crypt): New. 2022-06-07 NIIBE Yutaka Fix tests for selecting key algo for a token. * tests/pubkey_crypto.py (get_PK_Crypto): New. (get_key, get_test_vector): New. * tests/card_test_keygen.py: Update. * tests/card_test_personalize_admin_less_1.py: Update. * tests/card_test_personalize_admin_less_2.py: Update. * tests/card_test_personalize_card_2.py: Update. * tests/card_test_public_key_operations.py: Update. * tests/card_test_public_key_operations_alt.py: Update. * tests/card_test_public_key_operations_kg.py: Update. 2022-05-20 NIIBE Yutaka Fix tests for RSA removal. * tests/pubkey_crypto.py: Load Curve25519. * tests/card_const.py (default_key): Default is Curve25519. 2022-04-25 NIIBE Yutaka Remove RSA support. * src/Makefile (CSRC): Remove call-rsa.c, bignum.c and rsa.c. * src/crypt.mk (CRYPTSRC): Remove rsa.c, bugnum.c and call-rsa.c. * src/call-rsa.c: Remove. * src/flash.c [FLASH_UPGRADE_SUPPORT] (flash_terminate): Remove update key support. [FLASH_UPGRADE_SUPPORT] (flash_write_binary): Remove FILEID_UPDATE_KEY_* support. * src/gnuk-malloc.h: Remove. * src/gnuk.h: Remove FILEID_UPDATE_KEY_*. (rsa_sign, modulus_calc, rsa_decrypt, rsa_verify, rsa_genkey): Remove. * src/gnuk.ld.in (_updatekey_store): Remove. * src/main.c (main): Remove malloc initialization. (gnuk_malloc_init, gnuk_sbrk, remove_from_free_list) (gnuk_malloc, gnuk_free): Remove. * src/openpgp-do.c (OPENPGP_ALGO_RSA): Remove. (algorithm_attr_rsa2k, algorithm_attr_rsa4k): Remove. (gpg_get_algo_attr): Remove RSA support. (get_algo_attr_data_object, gpg_get_algo_attr_key_size): Likewise. (do_alg_info, rw_algorithm_attr, gpg_do_write_prvkey): Likewise. (proc_key_import, gpg_do_public_key, gpg_do_keygen): Likewise. * src/openpgp.c (challenge): Remove. (gpg_get_firmware_update_key): Remove. (cmd_read_binary, modify_binary): Remove FILEID_UPDATE_KEY_* support. (cmd_pso): Remove RSA support. (cmd_internal_authenticate): Remove RSA support. (cmd_external_authenticate): Remove RSA authentication. (cmd_get_challenge): Work independently not related to EXTERNAL_AUTHENTICATE. * tests/rsa-aut.key, tests/rsa-dec.key, tests/rsa-sig.key: Remove. * tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Now, it does no authentication with FILEID_UPDATE_KEY_*. * tool/gnuk_upgrade.py (gpg_sign): Remove. (main): Remove support of specifying FILEID_UPDATE_KEY_*. * tool/upgrade_by_passwd.py (main): Remove support of specifying FILEID_UPDATE_KEY_*. 2022-04-22 NIIBE Yutaka * src/gnuk.h (_regnual_start): Fix type. * src/main.c (main): Fix address for _regnual_start. * src/usb_ctrl.c (mem_info, usb_setup): Follow the change. * src/flash.c (_keystore_pool, _data_pool): Fix type. (FLASH_ADDR_KEY_STORAGE_START, FLASH_ADDR_DATA_STORAGE_START): Follow the change. 2022-03-26 Bertrand Jacquin * regnual/regnual.c (memset): Remove declaration. * regnual/types.h (NULL): Remove. (size_t): Remove. 2021-11-02 NIIBE Yutaka * src/ecc-mont.c (ecdh_compute_public_25519): Fix alignment problem. 2021-11-02 NIIBE Yutaka * tests/: Add tests for ECC curves. Support Yubikey. 2021-10-12 NIIBE Yutaka Add Ed448 and X448 support, removing NIST P-256 support. * src/gnuk.h (ALGO_X448, ALGO_ED448): New. (ecdsa_sign_p256r1, ecc_compute_public_p256r1): Remove. (ecc_check_secret_p256r1, ecdh_decrypt_p256r1): Remove. (ecdh_compute_public_x448, ecdh_decrypt_x448): New. (ed448_sign, ed448_compute_public): New. * src/openpgp-do.c (algorithm_attr_ed448): New. (algorithm_attr_x448): New. (algorithm_attr_p256r1): Remove. (get_algo_attr_data_object): Remove for ALGO_NISTP256R1. Add for ALGO_ED448 and ALGO_X448. (gpg_get_algo_attr_key_size): Likewise. (do_alg_info): Support Ed448 and X448 too. (rw_algorithm_attr): Support Ed448 and X448 too. Remove for NIST P-256. (gpg_do_write_prvkey): Remove for NIST P-256. Add for Ed448 and X448. (proc_key_import): Likewise. (gpg_do_public_key): Likewise. (gpg_do_keygen): Likewise. * src/openpgp.c (ED25519_SIGNATURE_LENGTH): Rename from EDDSA_SIGNATURE_LENGTH. (cmd_pso): Remove for ALGO_NISTP256R1. Add for ALGO_ED448 and ALGO_X448. (cmd_internal_authenticate): Likewise. * src/p448.c, ecc-x448.c, ecc-ed448.c, shake256.c: New. * src/ecc-ed25519.c: Move from ecc-edwards.c. * misc/t-ed25519.c: Move from t-edwards.c. 2021-10-12 NIIBE Yutaka * chopstx: Update to 2.3. 2021-10-11 NIIBE Yutaka * src/configure (kdf_do): It can be overridden, now. 2021-07-01 NIIBE Yutaka * src/configure (CONFIG): Add KDF configuration. 2021-06-10 NIIBE Yutaka * tool/stlinkv2.py: Switch to Python3. * tool/upgrade_by_passwd.py: Fix option handling. 2021-04-30 NIIBE Yutaka * src/openpgp-do.c (rw_algorithm_attr): Fix writing algorithm attribute, which may cause GC. Note that flash_enum_write needs to call flash_enum_clear beforehand. 2021-04-28 Bertrand Jacquin * regnual/regnual.c: Include . 2021-04-01 NIIBE Yutaka * tool/upgrade_by_passwd.py: Check configure target and the config in the device are same target. 2021-03-19 NIIBE Yutaka * tests/openpgp_card.py (is_emulated_gnuk): Add. * tests/skip_if_emulation.py: New. * tests/skip_if_gnuk.py: New. * tests/test_001_personalize_card.py: Skip if emulation. * tests/test_002_personalize_reset.py: Skip if emulation. * tests/test_003_remove_keys.py: Skip if emulation. * tests/test_004_reset_pw3.py: Skip if emulation. * tests/test_005_personalize_admin_less.py: Skip if emulation. * tests/test_006_pso.py: Skip if Gnuk. * tests/test_009_keygen.py: Skip if emulation. * tests/test_021_personalize_admin_less.py: Rewrite. 2021-03-12 NIIBE Yutaka * src/openpgp.c (cmd_pgp_gakp): Fix patch mistake. 2021-03-01 Vincent Pelletier * tests/card_const.py: Add attributes for more algos. * tests/card_test_ansix9p256r1.py: New. * tests/card_test_ansix9p384r1.py: New. * tests/card_test_ansix9p512r1.py: New. * tests/card_test_brainpoolp256r1.py: New. * tests/card_test_brainpoolp384r1.py: New. * tests/card_test_brainpoolp512r1.py: New. * tests/card_test_ed25519.py: New. * tests/card_test_x25519.py: New. * tests/func_pso_auth.py: New. * tests/test_006_pso.py: New. 2021-02-26 NIIBE Yutaka * src/configure (kdf_do_required): Fix typo. * chopstx: Update to 2.2.