mirror of
https://github.com/polhenarejos/pico-hsm.git
synced 2024-09-20 11:20:08 +00:00
Fix CVC verification.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
parent
143c2d279b
commit
83a583a33f
@ -293,7 +293,7 @@ const uint8_t *cvc_get_pub(const uint8_t *data, size_t len, size_t *olen) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
extern PUK_store puk_store[3];
|
||||
extern PUK puk_store[MAX_PUK_STORE_ENTRIES];
|
||||
extern int puk_store_entries;
|
||||
|
||||
int puk_store_index(const uint8_t *chr, size_t chr_len) {
|
||||
@ -311,8 +311,8 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
|
||||
return CCID_WRONG_DATA;
|
||||
size_t oid_len = 0, cv_body_len = 0, sig_len = 0;
|
||||
const uint8_t *oid = cvc_get_field(puk, puk_len, &oid_len, 0x6);
|
||||
const uint8_t *cv_body = cvc_get_body(ca, ca_len, &cv_body_len);
|
||||
const uint8_t *sig = cvc_get_sig(ca, ca_len, &sig_len);
|
||||
const uint8_t *cv_body = cvc_get_body(cert, cert_len, &cv_body_len);
|
||||
const uint8_t *sig = cvc_get_sig(cert, cert_len, &sig_len);
|
||||
if (!sig)
|
||||
return CCID_WRONG_DATA;
|
||||
if (!cv_body)
|
||||
@ -446,6 +446,11 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
|
||||
mbedtls_ecdsa_free(&ecdsa);
|
||||
return CCID_EXEC_ERROR;
|
||||
}
|
||||
ret = mbedtls_ecp_check_pubkey(&ecdsa.grp, &ecdsa.Q);
|
||||
if (ret != 0) {
|
||||
mbedtls_ecdsa_free(&ecdsa);
|
||||
return CCID_EXEC_ERROR;
|
||||
}
|
||||
mbedtls_mpi r, s;
|
||||
mbedtls_mpi_init(&r);
|
||||
mbedtls_mpi_init(&s);
|
||||
|
@ -21,19 +21,19 @@
|
||||
#include <stdlib.h>
|
||||
#include "pico/stdlib.h"
|
||||
|
||||
typedef struct PUK_store {
|
||||
typedef struct PUK {
|
||||
const uint8_t *puk;
|
||||
size_t puk_len;
|
||||
const uint8_t *car;
|
||||
size_t car_len;
|
||||
const uint8_t *chr;
|
||||
size_t chr_len;
|
||||
uint8_t up;
|
||||
const uint8_t *cvcert;
|
||||
size_t cvcert_len;
|
||||
} PUK_store;
|
||||
uint8_t up;
|
||||
} PUK;
|
||||
|
||||
#define MAX_PUK_STORE_ENTRIES 16
|
||||
#define MAX_PUK_STORE_ENTRIES 4
|
||||
|
||||
extern size_t asn1_cvc_cert(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf_len);
|
||||
extern size_t asn1_cvc_aut(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf_len);
|
||||
@ -41,5 +41,6 @@ extern const uint8_t *cvc_get_field(const uint8_t *data, size_t len, size_t *ole
|
||||
extern const uint8_t *cvc_get_car(const uint8_t *data, size_t len, size_t *olen);
|
||||
extern const uint8_t *cvc_get_chr(const uint8_t *data, size_t len, size_t *olen);
|
||||
extern const uint8_t *cvc_get_pub(const uint8_t *data, size_t len, size_t *olen);
|
||||
extern int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t ca_len);
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user