coelner/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2024-09-20 11:20:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVC verification.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-06-09 19:02:22 +02:00
parent 143c2d279b
commit 83a583a33f
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/hsm/cvc.c
View File

@ -293,7 +293,7 @@ const uint8_t *cvc_get_pub(const uint8_t *data, size_t len, size_t *olen) {
return NULL;
}
extern PUK_store puk_store[3];
extern PUK puk_store[MAX_PUK_STORE_ENTRIES];
extern int puk_store_entries;
int puk_store_index(const uint8_t *chr, size_t chr_len) {
@ -311,8 +311,8 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
return CCID_WRONG_DATA;
size_t oid_len = 0, cv_body_len = 0, sig_len = 0;
const uint8_t *oid = cvc_get_field(puk, puk_len, &oid_len, 0x6);
const uint8_t *cv_body = cvc_get_body(ca, ca_len, &cv_body_len);
const uint8_t *sig = cvc_get_sig(ca, ca_len, &sig_len);
const uint8_t *cv_body = cvc_get_body(cert, cert_len, &cv_body_len);
const uint8_t *sig = cvc_get_sig(cert, cert_len, &sig_len);
if (!sig)
return CCID_WRONG_DATA;
if (!cv_body)
@ -446,6 +446,11 @@ int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t c
mbedtls_ecdsa_free(&ecdsa);
return CCID_EXEC_ERROR;
}
ret = mbedtls_ecp_check_pubkey(&ecdsa.grp, &ecdsa.Q);
if (ret != 0) {
mbedtls_ecdsa_free(&ecdsa);
return CCID_EXEC_ERROR;
}
mbedtls_mpi r, s;
mbedtls_mpi_init(&r);
mbedtls_mpi_init(&s);

9
src/hsm/cvc.h
View File

@ -21,19 +21,19 @@
#include <stdlib.h>
#include "pico/stdlib.h"
typedef struct PUK_store {
typedef struct PUK {
const uint8_t *puk;
size_t puk_len;
const uint8_t *car;
size_t car_len;
const uint8_t *chr;
size_t chr_len;
uint8_t up;
const uint8_t *cvcert;
size_t cvcert_len;
} PUK_store;
uint8_t up;
} PUK;
#define MAX_PUK_STORE_ENTRIES 16
#define MAX_PUK_STORE_ENTRIES 4
extern size_t asn1_cvc_cert(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf_len);
extern size_t asn1_cvc_aut(void *rsa_ecdsa, uint8_t key_type, uint8_t *buf, size_t buf_len);
@ -41,5 +41,6 @@ extern const uint8_t *cvc_get_field(const uint8_t *data, size_t len, size_t *ole
extern const uint8_t *cvc_get_car(const uint8_t *data, size_t len, size_t *olen);
extern const uint8_t *cvc_get_chr(const uint8_t *data, size_t len, size_t *olen);
extern const uint8_t *cvc_get_pub(const uint8_t *data, size_t len, size_t *olen);
extern int cvc_verify(const uint8_t *cert, size_t cert_len, const uint8_t *ca, size_t ca_len);
#endif