coelner/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2024-09-20 11:20:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added support for PBKDF2.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-11-14 12:01:27 +01:00
parent 2b2df22d75
commit 0e96753ccb
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
2 changed files with 108 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
src/hsm/cmd_cipher_sym.c
View File

@ -27,6 +27,70 @@
#include "kek.h"
#include "asn1.h"
#include "oid.h"
#include "mbedtls/pkcs5.h"
#include "mbedtls/error.h"
#include "mbedtls/asn1.h"
#include "mbedtls/cipher.h"
#include "mbedtls/oid.h"
/* This is copied from pkcs5.c Mbedtls */
/** Unfortunately it is declared as static, so I cannot call it. **/
static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
int *keylen, mbedtls_md_type_t *md_type )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_asn1_buf prf_alg_oid;
unsigned char *p = params->p;
const unsigned char *end = params->p + params->len;
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
/*
* PBKDF2-params ::= SEQUENCE {
* salt OCTET STRING,
* iterationCount INTEGER,
* keyLength INTEGER OPTIONAL
* prf AlgorithmIdentifier DEFAULT algid-hmacWithSHA1
* }
*
*/
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
salt->p = p;
p += salt->len;
if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if( p == end )
return( 0 );
if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 )
{
if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
}
if( p == end )
return( 0 );
if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) );
if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( p != end )
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
return( 0 );
}
int cmd_cipher_sym() {
int key_id = P1(apdu);
@ -145,7 +209,7 @@ int cmd_cipher_sym() {
else if (algo == ALGO_EXT_CIPHER_DECRYPT)
res_APDU_size = enc_len - 16;
}
else if (memcmp(oid, OID_HMAC, 7) == 0) {
else if (memcmp(oid, OID_DIGEST, 7) == 0) {
const mbedtls_md_info_t *md_info = NULL;
if (memcmp(oid, OID_HMAC_SHA1, oid_len) == 0)
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
@ -160,6 +224,7 @@ int cmd_cipher_sym() {
if (md_info == NULL)
return SW_WRONG_DATA();
int r = mbedtls_md_hmac(md_info, kdata, key_size, apdu.data, apdu.nc, res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
if (r != 0)
return SW_EXEC_ERROR();
res_APDU_size = md_info->size;
@ -177,6 +242,30 @@ int cmd_cipher_sym() {
if (r != 0)
return SW_EXEC_ERROR();
}
else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) {
int iterations = 0, keylen = 0;
mbedtls_asn1_buf salt, params = { .p = enc, .len = enc_len };
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
mbedtls_md_context_t md_ctx;
int r = pkcs5_parse_pbkdf2_params(&params, &salt, &iterations, &keylen, &md_type);
if (r != 0) {
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_DATA();
}
mbedtls_md_init(&md_ctx);
if (mbedtls_md_setup(&md_ctx, mbedtls_md_info_from_type(md_type), 1) != 0) {
mbedtls_md_free(&md_ctx);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
return SW_WRONG_DATA();
}
r = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx, kdata, key_size, salt.p, salt.len, iterations, keylen ? keylen : (apdu.ne ? apdu.ne : apdu.nc), res_APDU);
mbedtls_platform_zeroize(kdata, sizeof(kdata));
mbedtls_md_free(&md_ctx);
if (r != 0)
return SW_EXEC_ERROR();
}
}
else {
mbedtls_platform_zeroize(kdata, sizeof(kdata));

26
src/hsm/oid.h
View File

@ -103,20 +103,30 @@
#define OID_CC_FF_PKA OID_CC_FORMAT "\x03"
#define OID_CC_FF_KDA OID_CC_FORMAT "\x04"
#define OID_PKCS1_RSADSI "\x2A\x86\x48\x86\xF7\x0D"
#define OID_PKCS9_SMIME_ALG OID_PKCS1_RSADSI "\x01\x09\x10\x03"
#define OID_RSADSI "\x2A\x86\x48\x86\xF7\x0D"
#define OID_PKCS OID_RSADSI "\x01"
#define OID_PKCS_5 OID_PKCS "\x05"
#define OID_PKCS5_PBKDF2 OID_PKCS_5 "\x0C"
#define OID_PKCS5_PBES2 OID_PKCS_5 "\x0D"
#define OID_PKCS_9 OID_PKCS "\x09"
#define OID_PKCS9_SMIME_ALG OID_PKCS_9 "\x10\x03"
#define OID_CHACHA20_POLY1305 OID_PKCS9_SMIME_ALG "\x12"
#define OID_HKDF_SHA256 OID_PKCS9_SMIME_ALG "\x1D"
#define OID_HKDF_SHA384 OID_PKCS9_SMIME_ALG "\x1E"
#define OID_HKDF_SHA512 OID_PKCS9_SMIME_ALG "\x1F"
#define OID_HMAC OID_PKCS1_RSADSI "\x02"
#define OID_HMAC_SHA1 OID_HMAC "\x07"
#define OID_HMAC_SHA224 OID_HMAC "\x08"
#define OID_HMAC_SHA256 OID_HMAC "\x09"
#define OID_HMAC_SHA384 OID_HMAC "\x0A"
#define OID_HMAC_SHA512 OID_HMAC "\x0B"
#define OID_DIGEST OID_RSADSI "\x02"
#define OID_HMAC_SHA1 OID_DIGEST "\x07"
#define OID_HMAC_SHA224 OID_DIGEST "\x08"
#define OID_HMAC_SHA256 OID_DIGEST "\x09"
#define OID_HMAC_SHA384 OID_DIGEST "\x0A"
#define OID_HMAC_SHA512 OID_DIGEST "\x0B"
#endif