diff --git a/.gitmodules b/.gitmodules index b3fdb891..f26ad667 100644 --- a/.gitmodules +++ b/.gitmodules @@ -16,3 +16,6 @@ [submodule "crypto/salty"] path = crypto/salty url = https://github.com/ycrypto/salty.git +[submodule "openpgp"] + path = openpgp + url = https://github.com/solokeys/openpgp.git diff --git a/crypto/libsalty/libsalty-asm.a b/crypto/libsalty/libsalty-asm.a new file mode 100644 index 00000000..095ac803 Binary files /dev/null and b/crypto/libsalty/libsalty-asm.a differ diff --git a/crypto/libsalty/libsalty.a b/crypto/libsalty/libsalty.a new file mode 100644 index 00000000..d0a0e211 Binary files /dev/null and b/crypto/libsalty/libsalty.a differ diff --git a/crypto/libsalty/salty.h b/crypto/libsalty/salty.h new file mode 100644 index 00000000..f284f379 --- /dev/null +++ b/crypto/libsalty/salty.h @@ -0,0 +1,120 @@ +#ifndef salty_h +#define salty_h + +/* Warning, this file is autogenerated by cbindgen. Don't modify this manually. */ + +#include +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define salty_COMPRESSED_Y_LENGTH 32 +#define salty_PUBLICKEY_SERIALIZED_LENGTH 32 +#define salty_SCALAR_LENGTH 32 +#define salty_SECRETKEY_NONCE_LENGTH 32 +#define salty_SECRETKEY_SCALAR_LENGTH 32 +#define salty_SECRETKEY_SEED_LENGTH 32 +#define salty_SECRETKEY_SERIALIZED_LENGTH 32 +#define salty_SHA256_LENGTH 64 +#define salty_SHA512_LENGTH 64 +#define salty_SIGNATURE_SERIALIZED_LENGTH 64 + +/** + * Extensible error type for all `salty` operations. + * + * This enum has a hidden member, to prevent exhaustively checking for errors. + */ +typedef enum { + /** + * Never occurs, simplifies C bindings + */ + NoError = 0, + /** + * Bytes do not correspond to a canonical base field element + */ + NonCanonicalFieldElement, + /** + * Public key bytes invalid + */ + PublicKeyBytesInvalid, + /** + * Signature verification failed + */ + SignatureInvalid, + /** + * Context for prehashed signatures too long + */ + ContextTooLong, + _Extensible, +} salty_Error; + +/** + * Generates a public key from a secret seed. Use to verify signatures. + */ +void salty_public_key(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH], + uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH]); + +/** + * Signs the data, based on the keypair generated from the secret seed. + */ +void salty_sign(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH], + const uint8_t *data_ptr, + uintptr_t data_len, + uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]); + +/** + * Signs the data for a context, based on the keypair generated from the secret seed. + */ +salty_Error salty_sign_with_context(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH], + const uint8_t *data_ptr, + uintptr_t data_len, + const uint8_t *context_ptr, + uintptr_t context_len, + uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]); + +/** + * Signs the prehashed data, based on the keypair generated from the secret seed. + * An optional context can also be passed (this is recommended). + */ +salty_Error salty_sign_prehashed(const uint8_t (*seed)[salty_SECRETKEY_SEED_LENGTH], + const uint8_t (*prehashed_data)[salty_SHA512_LENGTH], + const uint8_t *context_ptr, + uintptr_t context_len, + uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]); + +/** + * Verify a presumed signature on the given data. + */ +salty_Error salty_verify(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH], + const uint8_t *data_ptr, + uintptr_t data_len, + const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]); + +/** + * Verify a presumed signature on the given data for a context. + */ +salty_Error salty_verify_with_context(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH], + const uint8_t *data_ptr, + uintptr_t data_len, + const uint8_t *context_ptr, + uintptr_t context_len, + const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH]); + +/** + * Verify a presumed signature on the given data. + */ +salty_Error salty_verify_prehashed(const uint8_t (*public_key)[salty_PUBLICKEY_SERIALIZED_LENGTH], + const uint8_t (*prehashed_data)[salty_SHA512_LENGTH], + const uint8_t (*signature)[salty_SIGNATURE_SERIALIZED_LENGTH], + const uint8_t *context_ptr, + uintptr_t context_len); + +#ifdef __cplusplus +} +#endif + +#endif /* salty_h */ diff --git a/fido2/device.h b/fido2/device.h index 0c96c732..12319e2d 100644 --- a/fido2/device.h +++ b/fido2/device.h @@ -7,8 +7,27 @@ #ifndef _DEVICE_H #define _DEVICE_H +#include "stdbool.h" #include "storage.h" +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef PUT_TO_SRAM2 +#define PUT_TO_SRAM2 __attribute__((section(".sram2"))) +#endif + +#define COLOR_OFF 0x000000 +#define COLOR_WHITE 0xffffff +#define COLOR_GRAY 0x101010 +#define COLOR_RED 0xff0000 +#define COLOR_GREEN 0x00ff00 +#define COLOR_BLUE 0x0000ff +#define COLOR_YELLOW 0xffff00 +#define COLOR_CYAN 0x00ffff +#define COLOR_MAGENTA 0xff00ff + /** Return a millisecond timestamp. Does not need to be synchronized to anything. * *Optional* to compile, but will not calculate delays correctly without a correct implementation. */ @@ -171,6 +190,12 @@ void ctap_overwrite_rk(int index,CTAP_residentKey * rk); */ void device_wink(); +/** Show color on the led + * + * *Optional*. +*/ +void device_led(uint32_t color); + typedef enum { DEVICE_LOW_POWER_IDLE = 0, DEVICE_LOW_POWER_FAST = 1, @@ -223,4 +248,14 @@ uint16_t device_attestation_cert_der_get_size(); * */ void device_read_aaguid(uint8_t * dst); +/** Sleep. + * @param ms for sleep. + * */ +void delay(uint32_t ms); + +#ifdef __cplusplus +} +#endif + + #endif diff --git a/fido2/log.c b/fido2/log.c index bb9a41ad..42feaa22 100644 --- a/fido2/log.c +++ b/fido2/log.c @@ -52,6 +52,7 @@ struct logtag tagtable[] = { {TAG_NFC_APDU, "NAPDU"}, {TAG_CCID, "CCID"}, {TAG_CM, "CRED_MGMT"}, + {TAG_OPENPGP, "OPGP"} }; diff --git a/fido2/log.h b/fido2/log.h index d415255f..82ac6a95 100644 --- a/fido2/log.h +++ b/fido2/log.h @@ -49,6 +49,7 @@ typedef enum TAG_NFC_APDU = (1 << 20), TAG_CCID = (1 << 21), TAG_CM = (1 << 22), + TAG_OPENPGP = (1 << 23), TAG_NO_TAG = (1UL << 30), TAG_FILENO = (1UL << 31) diff --git a/fido2/util.h b/fido2/util.h index b5bb9b6b..ca04ba10 100644 --- a/fido2/util.h +++ b/fido2/util.h @@ -19,4 +19,16 @@ void dump_hex(uint8_t * buf, int size); #define MAX(a,b) (((a) > (b)) ? (a) : (b)) #endif +#ifndef ABS +#define ABS(a) (((a) > 0) ? (a) : (-a)) +#endif + +#ifndef OPTIMIZATION_O2 +#define OPTIMIZATION_O2 __attribute__((optimize("O2"))) +#endif + +#ifndef OPTIMIZATION_O0 +#define OPTIMIZATION_O0 __attribute__((optimize("O0"))) +#endif + #endif diff --git a/openpgp b/openpgp new file mode 160000 index 00000000..459c7733 --- /dev/null +++ b/openpgp @@ -0,0 +1 @@ +Subproject commit 459c7733b3b9db64cb2a72bc4b3bad0a010b0c39 diff --git a/solo.cflags b/solo.cflags new file mode 100644 index 00000000..68d51653 --- /dev/null +++ b/solo.cflags @@ -0,0 +1 @@ +-std=c17 \ No newline at end of file diff --git a/solo.config b/solo.config new file mode 100644 index 00000000..e0284f42 --- /dev/null +++ b/solo.config @@ -0,0 +1,2 @@ +// Add predefined macros for your project here. For example: +// #define THE_ANSWER 42 diff --git a/solo.creator b/solo.creator new file mode 100644 index 00000000..e94cbbd3 --- /dev/null +++ b/solo.creator @@ -0,0 +1 @@ +[General] diff --git a/solo.cxxflags b/solo.cxxflags new file mode 100644 index 00000000..6435dfce --- /dev/null +++ b/solo.cxxflags @@ -0,0 +1 @@ +-std=c++17 \ No newline at end of file diff --git a/solo.files b/solo.files new file mode 100644 index 00000000..f2d62d8c --- /dev/null +++ b/solo.files @@ -0,0 +1,643 @@ +crypto/aes-gcm/aes_gcm.c +crypto/cifra/extra_vecs/openssl-hash.c +crypto/cifra/src/aes.c +crypto/cifra/src/aes.h +crypto/cifra/src/arm/boot.c +crypto/cifra/src/arm/ext/cutest.h +crypto/cifra/src/arm/main.c +crypto/cifra/src/arm/semihost.c +crypto/cifra/src/arm/semihost.h +crypto/cifra/src/arm/unacl/scalarmult.c +crypto/cifra/src/bitops.h +crypto/cifra/src/blockwise.c +crypto/cifra/src/blockwise.h +crypto/cifra/src/cbcmac.c +crypto/cifra/src/ccm.c +crypto/cifra/src/cf_config.h +crypto/cifra/src/chacha20.c +crypto/cifra/src/chacha20poly1305.c +crypto/cifra/src/chacha20poly1305.h +crypto/cifra/src/chash.c +crypto/cifra/src/chash.h +crypto/cifra/src/cmac.c +crypto/cifra/src/curve25519.c +crypto/cifra/src/curve25519.donna.c +crypto/cifra/src/curve25519.h +crypto/cifra/src/curve25519.naclref.c +crypto/cifra/src/curve25519.tweetnacl.c +crypto/cifra/src/drbg.c +crypto/cifra/src/drbg.h +crypto/cifra/src/eax.c +crypto/cifra/src/ext/cutest.h +crypto/cifra/src/ext/handy.h +crypto/cifra/src/gcm.c +crypto/cifra/src/gf128.c +crypto/cifra/src/gf128.h +crypto/cifra/src/hmac.c +crypto/cifra/src/hmac.h +crypto/cifra/src/modes.c +crypto/cifra/src/modes.h +crypto/cifra/src/norx.c +crypto/cifra/src/norx.h +crypto/cifra/src/ocb.c +crypto/cifra/src/pbkdf2.c +crypto/cifra/src/pbkdf2.h +crypto/cifra/src/poly1305.c +crypto/cifra/src/poly1305.h +crypto/cifra/src/prp.h +crypto/cifra/src/salsa20.c +crypto/cifra/src/salsa20.h +crypto/cifra/src/sha1.c +crypto/cifra/src/sha1.h +crypto/cifra/src/sha2.h +crypto/cifra/src/sha256.c +crypto/cifra/src/sha3.c +crypto/cifra/src/sha3.h +crypto/cifra/src/sha512.c +crypto/cifra/src/tassert.h +crypto/cifra/src/testaes.c +crypto/cifra/src/testchacha20poly1305.c +crypto/cifra/src/testcurve25519.c +crypto/cifra/src/testdrbg.c +crypto/cifra/src/testmodes.c +crypto/cifra/src/testnorx.c +crypto/cifra/src/testpoly1305.c +crypto/cifra/src/testsalsa20.c +crypto/cifra/src/testsha.h +crypto/cifra/src/testsha1.c +crypto/cifra/src/testsha2.c +crypto/cifra/src/testsha3.c +crypto/cifra/src/testutil.h +crypto/libsalty/salty.h +crypto/micro-ecc/test/test_compress.c +crypto/micro-ecc/test/test_compute.c +crypto/micro-ecc/test/test_ecdh.c +crypto/micro-ecc/test/test_ecdsa.c +crypto/micro-ecc/types.h +crypto/micro-ecc/uECC.c +crypto/micro-ecc/uECC.h +crypto/micro-ecc/uECC_vli.h +crypto/sha256/sha256.c +crypto/sha256/sha256.h +crypto/tiny-AES-c/aes.c +crypto/tiny-AES-c/aes.h +crypto/tiny-AES-c/aes.hpp +crypto/tiny-AES-c/test.c +fido2/apdu.c +fido2/apdu.h +fido2/cose_key.h +fido2/crypto.c +fido2/crypto.h +fido2/ctap.c +fido2/ctap.h +fido2/ctap_errors.h +fido2/ctap_parse.c +fido2/ctap_parse.h +fido2/ctaphid.c +fido2/ctaphid.h +fido2/data_migration.c +fido2/data_migration.h +fido2/device.c +fido2/device.h +fido2/example_app.h +fido2/extensions/extensions.c +fido2/extensions/extensions.h +fido2/extensions/solo.c +fido2/extensions/solo.h +fido2/extensions/wallet.c +fido2/extensions/wallet.h +fido2/log.c +fido2/log.h +fido2/storage.h +fido2/stubs.c +fido2/test_power.c +fido2/u2f.c +fido2/u2f.h +fido2/util.c +fido2/util.h +fido2/version.c +fido2/version.h +makeit.cmd +openpgp/Makefile +openpgp/gtest/bstrcheck.cpp +openpgp/gtest/dolcheck.cpp +openpgp/gtest/ptest.cpp +openpgp/gtest/stm32fsheck.cpp +openpgp/gtest/tlvcheck.cpp +openpgp/libs/bearssl/LICENSE.txt +openpgp/libs/bearssl/aes_big_cbcdec.c +openpgp/libs/bearssl/aes_big_cbcenc.c +openpgp/libs/bearssl/aes_big_ctr.c +openpgp/libs/bearssl/aes_big_ctrcbc.c +openpgp/libs/bearssl/aes_big_dec.c +openpgp/libs/bearssl/aes_big_enc.c +openpgp/libs/bearssl/aes_common.c +openpgp/libs/bearssl/aes_ct.c +openpgp/libs/bearssl/aes_ct64.c +openpgp/libs/bearssl/aes_ct64_cbcdec.c +openpgp/libs/bearssl/aes_ct64_cbcenc.c +openpgp/libs/bearssl/aes_ct64_ctr.c +openpgp/libs/bearssl/aes_ct64_ctrcbc.c +openpgp/libs/bearssl/aes_ct64_dec.c +openpgp/libs/bearssl/aes_ct64_enc.c +openpgp/libs/bearssl/aes_ct_cbcdec.c +openpgp/libs/bearssl/aes_ct_cbcenc.c +openpgp/libs/bearssl/aes_ct_ctr.c +openpgp/libs/bearssl/aes_ct_ctrcbc.c +openpgp/libs/bearssl/aes_ct_dec.c +openpgp/libs/bearssl/aes_ct_enc.c +openpgp/libs/bearssl/aes_pwr8.c +openpgp/libs/bearssl/aes_pwr8_cbcdec.c +openpgp/libs/bearssl/aes_pwr8_cbcenc.c +openpgp/libs/bearssl/aes_pwr8_ctr.c +openpgp/libs/bearssl/aes_pwr8_ctrcbc.c +openpgp/libs/bearssl/aes_small_cbcdec.c +openpgp/libs/bearssl/aes_small_cbcenc.c +openpgp/libs/bearssl/aes_small_ctr.c +openpgp/libs/bearssl/aes_small_ctrcbc.c +openpgp/libs/bearssl/aes_small_dec.c +openpgp/libs/bearssl/aes_small_enc.c +openpgp/libs/bearssl/aes_x86ni.c +openpgp/libs/bearssl/aes_x86ni_cbcdec.c +openpgp/libs/bearssl/aes_x86ni_cbcenc.c +openpgp/libs/bearssl/aes_x86ni_ctr.c +openpgp/libs/bearssl/aesctr_drbg.c +openpgp/libs/bearssl/asn1enc.c +openpgp/libs/bearssl/bearssl.h +openpgp/libs/bearssl/bearssl_aead.h +openpgp/libs/bearssl/bearssl_block.h +openpgp/libs/bearssl/bearssl_ec.h +openpgp/libs/bearssl/bearssl_hash.h +openpgp/libs/bearssl/bearssl_hmac.h +openpgp/libs/bearssl/bearssl_kdf.h +openpgp/libs/bearssl/bearssl_pem.h +openpgp/libs/bearssl/bearssl_prf.h +openpgp/libs/bearssl/bearssl_rand.h +openpgp/libs/bearssl/bearssl_rsa.h +openpgp/libs/bearssl/bearssl_ssl.h +openpgp/libs/bearssl/bearssl_x509.h +openpgp/libs/bearssl/ccm.c +openpgp/libs/bearssl/ccopy.c +openpgp/libs/bearssl/chacha20_ct.c +openpgp/libs/bearssl/chacha20_sse2.c +openpgp/libs/bearssl/config.h +openpgp/libs/bearssl/dec16be.c +openpgp/libs/bearssl/dec16le.c +openpgp/libs/bearssl/dec32be.c +openpgp/libs/bearssl/dec32le.c +openpgp/libs/bearssl/dec64be.c +openpgp/libs/bearssl/dec64le.c +openpgp/libs/bearssl/des_ct.c +openpgp/libs/bearssl/des_ct_cbcdec.c +openpgp/libs/bearssl/des_ct_cbcenc.c +openpgp/libs/bearssl/des_support.c +openpgp/libs/bearssl/des_tab.c +openpgp/libs/bearssl/des_tab_cbcdec.c +openpgp/libs/bearssl/des_tab_cbcenc.c +openpgp/libs/bearssl/dig_oid.c +openpgp/libs/bearssl/dig_size.c +openpgp/libs/bearssl/eax.c +openpgp/libs/bearssl/ec_all_m15.c +openpgp/libs/bearssl/ec_all_m31.c +openpgp/libs/bearssl/ec_c25519_i15.c +openpgp/libs/bearssl/ec_c25519_i31.c +openpgp/libs/bearssl/ec_c25519_m15.c +openpgp/libs/bearssl/ec_c25519_m31.c +openpgp/libs/bearssl/ec_curve25519.c +openpgp/libs/bearssl/ec_default.c +openpgp/libs/bearssl/ec_keygen.c +openpgp/libs/bearssl/ec_p256_m15.c +openpgp/libs/bearssl/ec_p256_m31.c +openpgp/libs/bearssl/ec_prime_i15.c +openpgp/libs/bearssl/ec_prime_i31.c +openpgp/libs/bearssl/ec_pubkey.c +openpgp/libs/bearssl/ec_secp256r1.c +openpgp/libs/bearssl/ec_secp384r1.c +openpgp/libs/bearssl/ec_secp521r1.c +openpgp/libs/bearssl/ecdsa_atr.c +openpgp/libs/bearssl/ecdsa_default_sign_asn1.c +openpgp/libs/bearssl/ecdsa_default_sign_raw.c +openpgp/libs/bearssl/ecdsa_default_vrfy_asn1.c +openpgp/libs/bearssl/ecdsa_default_vrfy_raw.c +openpgp/libs/bearssl/ecdsa_i15_bits.c +openpgp/libs/bearssl/ecdsa_i15_sign_asn1.c +openpgp/libs/bearssl/ecdsa_i15_sign_raw.c +openpgp/libs/bearssl/ecdsa_i15_vrfy_asn1.c +openpgp/libs/bearssl/ecdsa_i15_vrfy_raw.c +openpgp/libs/bearssl/ecdsa_i31_bits.c +openpgp/libs/bearssl/ecdsa_i31_sign_asn1.c +openpgp/libs/bearssl/ecdsa_i31_sign_raw.c +openpgp/libs/bearssl/ecdsa_i31_vrfy_asn1.c +openpgp/libs/bearssl/ecdsa_i31_vrfy_raw.c +openpgp/libs/bearssl/ecdsa_rta.c +openpgp/libs/bearssl/enc16be.c +openpgp/libs/bearssl/enc16le.c +openpgp/libs/bearssl/enc32be.c +openpgp/libs/bearssl/enc32le.c +openpgp/libs/bearssl/enc64be.c +openpgp/libs/bearssl/enc64le.c +openpgp/libs/bearssl/encode_ec_pk8der.c +openpgp/libs/bearssl/encode_ec_rawder.c +openpgp/libs/bearssl/encode_rsa_pk8der.c +openpgp/libs/bearssl/encode_rsa_rawder.c +openpgp/libs/bearssl/gcm.c +openpgp/libs/bearssl/ghash_ctmul.c +openpgp/libs/bearssl/ghash_ctmul32.c +openpgp/libs/bearssl/ghash_ctmul64.c +openpgp/libs/bearssl/ghash_pclmul.c +openpgp/libs/bearssl/ghash_pwr8.c +openpgp/libs/bearssl/hkdf.c +openpgp/libs/bearssl/hmac.c +openpgp/libs/bearssl/hmac_ct.c +openpgp/libs/bearssl/hmac_drbg.c +openpgp/libs/bearssl/i15_add.c +openpgp/libs/bearssl/i15_bitlen.c +openpgp/libs/bearssl/i15_decmod.c +openpgp/libs/bearssl/i15_decode.c +openpgp/libs/bearssl/i15_decred.c +openpgp/libs/bearssl/i15_encode.c +openpgp/libs/bearssl/i15_fmont.c +openpgp/libs/bearssl/i15_iszero.c +openpgp/libs/bearssl/i15_moddiv.c +openpgp/libs/bearssl/i15_modpow.c +openpgp/libs/bearssl/i15_modpow2.c +openpgp/libs/bearssl/i15_montmul.c +openpgp/libs/bearssl/i15_mulacc.c +openpgp/libs/bearssl/i15_muladd.c +openpgp/libs/bearssl/i15_ninv15.c +openpgp/libs/bearssl/i15_reduce.c +openpgp/libs/bearssl/i15_rshift.c +openpgp/libs/bearssl/i15_sub.c +openpgp/libs/bearssl/i15_tmont.c +openpgp/libs/bearssl/i31_add.c +openpgp/libs/bearssl/i31_bitlen.c +openpgp/libs/bearssl/i31_decmod.c +openpgp/libs/bearssl/i31_decode.c +openpgp/libs/bearssl/i31_decred.c +openpgp/libs/bearssl/i31_encode.c +openpgp/libs/bearssl/i31_fmont.c +openpgp/libs/bearssl/i31_iszero.c +openpgp/libs/bearssl/i31_moddiv.c +openpgp/libs/bearssl/i31_modpow.c +openpgp/libs/bearssl/i31_modpow2.c +openpgp/libs/bearssl/i31_montmul.c +openpgp/libs/bearssl/i31_mulacc.c +openpgp/libs/bearssl/i31_muladd.c +openpgp/libs/bearssl/i31_ninv31.c +openpgp/libs/bearssl/i31_reduce.c +openpgp/libs/bearssl/i31_rshift.c +openpgp/libs/bearssl/i31_sub.c +openpgp/libs/bearssl/i31_tmont.c +openpgp/libs/bearssl/i32_add.c +openpgp/libs/bearssl/i32_bitlen.c +openpgp/libs/bearssl/i32_decmod.c +openpgp/libs/bearssl/i32_decode.c +openpgp/libs/bearssl/i32_decred.c +openpgp/libs/bearssl/i32_div32.c +openpgp/libs/bearssl/i32_encode.c +openpgp/libs/bearssl/i32_fmont.c +openpgp/libs/bearssl/i32_iszero.c +openpgp/libs/bearssl/i32_modpow.c +openpgp/libs/bearssl/i32_montmul.c +openpgp/libs/bearssl/i32_mulacc.c +openpgp/libs/bearssl/i32_muladd.c +openpgp/libs/bearssl/i32_ninv32.c +openpgp/libs/bearssl/i32_reduce.c +openpgp/libs/bearssl/i32_sub.c +openpgp/libs/bearssl/i32_tmont.c +openpgp/libs/bearssl/i62_modpow2.c +openpgp/libs/bearssl/inner.h +openpgp/libs/bearssl/md5.c +openpgp/libs/bearssl/md5sha1.c +openpgp/libs/bearssl/mgf1.c +openpgp/libs/bearssl/multihash.c +openpgp/libs/bearssl/pemdec.c +openpgp/libs/bearssl/pemenc.c +openpgp/libs/bearssl/poly1305_ctmul.c +openpgp/libs/bearssl/poly1305_ctmul32.c +openpgp/libs/bearssl/poly1305_ctmulq.c +openpgp/libs/bearssl/poly1305_i15.c +openpgp/libs/bearssl/prf.c +openpgp/libs/bearssl/prf_md5sha1.c +openpgp/libs/bearssl/prf_sha256.c +openpgp/libs/bearssl/prf_sha384.c +openpgp/libs/bearssl/rsa_default_keygen.c +openpgp/libs/bearssl/rsa_default_keygen.o +openpgp/libs/bearssl/rsa_default_modulus.c +openpgp/libs/bearssl/rsa_default_modulus.o +openpgp/libs/bearssl/rsa_default_oaep_decrypt.c +openpgp/libs/bearssl/rsa_default_oaep_encrypt.c +openpgp/libs/bearssl/rsa_default_pkcs1_sign.c +openpgp/libs/bearssl/rsa_default_pkcs1_sign.o +openpgp/libs/bearssl/rsa_default_pkcs1_vrfy.c +openpgp/libs/bearssl/rsa_default_pkcs1_vrfy.o +openpgp/libs/bearssl/rsa_default_priv.c +openpgp/libs/bearssl/rsa_default_privexp.c +openpgp/libs/bearssl/rsa_default_pub.c +openpgp/libs/bearssl/rsa_default_pubexp.c +openpgp/libs/bearssl/rsa_i15_keygen.c +openpgp/libs/bearssl/rsa_i15_modulus.c +openpgp/libs/bearssl/rsa_i15_oaep_decrypt.c +openpgp/libs/bearssl/rsa_i15_oaep_encrypt.c +openpgp/libs/bearssl/rsa_i15_pkcs1_sign.c +openpgp/libs/bearssl/rsa_i15_pkcs1_vrfy.c +openpgp/libs/bearssl/rsa_i15_priv.c +openpgp/libs/bearssl/rsa_i15_privexp.c +openpgp/libs/bearssl/rsa_i15_pub.c +openpgp/libs/bearssl/rsa_i15_pubexp.c +openpgp/libs/bearssl/rsa_i31_keygen.c +openpgp/libs/bearssl/rsa_i31_keygen_inner.c +openpgp/libs/bearssl/rsa_i31_modulus.c +openpgp/libs/bearssl/rsa_i31_oaep_decrypt.c +openpgp/libs/bearssl/rsa_i31_oaep_encrypt.c +openpgp/libs/bearssl/rsa_i31_pkcs1_sign.c +openpgp/libs/bearssl/rsa_i31_pkcs1_vrfy.c +openpgp/libs/bearssl/rsa_i31_priv.c +openpgp/libs/bearssl/rsa_i31_privexp.c +openpgp/libs/bearssl/rsa_i31_pub.c +openpgp/libs/bearssl/rsa_i31_pubexp.c +openpgp/libs/bearssl/rsa_i32_oaep_decrypt.c +openpgp/libs/bearssl/rsa_i32_oaep_encrypt.c +openpgp/libs/bearssl/rsa_i32_pkcs1_sign.c +openpgp/libs/bearssl/rsa_i32_pkcs1_vrfy.c +openpgp/libs/bearssl/rsa_i32_priv.c +openpgp/libs/bearssl/rsa_i32_pub.c +openpgp/libs/bearssl/rsa_i62_keygen.c +openpgp/libs/bearssl/rsa_i62_oaep_decrypt.c +openpgp/libs/bearssl/rsa_i62_oaep_encrypt.c +openpgp/libs/bearssl/rsa_i62_pkcs1_sign.c +openpgp/libs/bearssl/rsa_i62_pkcs1_vrfy.c +openpgp/libs/bearssl/rsa_i62_priv.c +openpgp/libs/bearssl/rsa_i62_pub.c +openpgp/libs/bearssl/rsa_oaep_pad.c +openpgp/libs/bearssl/rsa_oaep_unpad.c +openpgp/libs/bearssl/rsa_pkcs1_sig_pad.c +openpgp/libs/bearssl/rsa_pkcs1_sig_unpad.c +openpgp/libs/bearssl/rsa_ssl_decrypt.c +openpgp/libs/bearssl/settings.c +openpgp/libs/bearssl/sha1.c +openpgp/libs/bearssl/sha2big.c +openpgp/libs/bearssl/sha2small.c +openpgp/libs/bearssl/skey_decoder.c +openpgp/libs/bearssl/ssl_ccert_single_ec.c +openpgp/libs/bearssl/ssl_ccert_single_rsa.c +openpgp/libs/bearssl/ssl_client.c +openpgp/libs/bearssl/ssl_client_default_rsapub.c +openpgp/libs/bearssl/ssl_client_full.c +openpgp/libs/bearssl/ssl_engine.c +openpgp/libs/bearssl/ssl_engine_default_aescbc.c +openpgp/libs/bearssl/ssl_engine_default_aesccm.c +openpgp/libs/bearssl/ssl_engine_default_aesgcm.c +openpgp/libs/bearssl/ssl_engine_default_chapol.c +openpgp/libs/bearssl/ssl_engine_default_descbc.c +openpgp/libs/bearssl/ssl_engine_default_ec.c +openpgp/libs/bearssl/ssl_engine_default_ecdsa.c +openpgp/libs/bearssl/ssl_engine_default_rsavrfy.c +openpgp/libs/bearssl/ssl_hashes.c +openpgp/libs/bearssl/ssl_hs_client.c +openpgp/libs/bearssl/ssl_hs_server.c +openpgp/libs/bearssl/ssl_io.c +openpgp/libs/bearssl/ssl_keyexport.c +openpgp/libs/bearssl/ssl_lru.c +openpgp/libs/bearssl/ssl_rec_cbc.c +openpgp/libs/bearssl/ssl_rec_ccm.c +openpgp/libs/bearssl/ssl_rec_chapol.c +openpgp/libs/bearssl/ssl_rec_gcm.c +openpgp/libs/bearssl/ssl_scert_single_ec.c +openpgp/libs/bearssl/ssl_scert_single_rsa.c +openpgp/libs/bearssl/ssl_server.c +openpgp/libs/bearssl/ssl_server_full_ec.c +openpgp/libs/bearssl/ssl_server_full_rsa.c +openpgp/libs/bearssl/ssl_server_mine2c.c +openpgp/libs/bearssl/ssl_server_mine2g.c +openpgp/libs/bearssl/ssl_server_minf2c.c +openpgp/libs/bearssl/ssl_server_minf2g.c +openpgp/libs/bearssl/ssl_server_minr2g.c +openpgp/libs/bearssl/ssl_server_minu2g.c +openpgp/libs/bearssl/ssl_server_minv2g.c +openpgp/libs/bearssl/sysrng.c +openpgp/libs/bearssl/x509_decoder.c +openpgp/libs/bearssl/x509_knownkey.c +openpgp/libs/bearssl/x509_minimal.c +openpgp/libs/bearssl/x509_minimal_full.c +openpgp/libs/stm32fs/stm32fs.cpp +openpgp/libs/stm32fs/stm32fs.h +openpgp/pc/ccid.cpp +openpgp/pc/ccid.h +openpgp/pc/main.cpp +openpgp/pc/opgpdevice.cpp +openpgp/pc/usbip.cpp +openpgp/pc/usbip.h +openpgp/src/apduexecutor.cpp +openpgp/src/apduexecutor.h +openpgp/src/applications/apducommand.cpp +openpgp/src/applications/apducommand.h +openpgp/src/applications/apduconst.h +openpgp/src/applications/application.cpp +openpgp/src/applications/application.h +openpgp/src/applications/applicationstorage.cpp +openpgp/src/applications/applicationstorage.h +openpgp/src/applications/openpgp/cryptoapdu.cpp +openpgp/src/applications/openpgp/cryptoapdu.h +openpgp/src/applications/openpgp/openpgpconst.cpp +openpgp/src/applications/openpgp/openpgpconst.h +openpgp/src/applications/openpgp/openpgpfactory.cpp +openpgp/src/applications/openpgp/openpgpfactory.h +openpgp/src/applications/openpgp/openpgpstruct.cpp +openpgp/src/applications/openpgp/openpgpstruct.h +openpgp/src/applications/openpgp/resetprovider.cpp +openpgp/src/applications/openpgp/resetprovider.h +openpgp/src/applications/openpgp/secureapdu.cpp +openpgp/src/applications/openpgp/secureapdu.h +openpgp/src/applications/openpgp/security.cpp +openpgp/src/applications/openpgp/security.h +openpgp/src/applications/openpgp/userapdu.cpp +openpgp/src/applications/openpgp/userapdu.h +openpgp/src/applications/openpgpapplication.cpp +openpgp/src/applications/openpgpapplication.h +openpgp/src/applications/testapplication.cpp +openpgp/src/applications/testapplication.h +openpgp/src/applications/apducommand.cpp +openpgp/src/applications/apducommand.h +openpgp/src/applications/apduconst.h +openpgp/src/applications/application.cpp +openpgp/src/applications/application.h +openpgp/src/applications/applicationstorage.cpp +openpgp/src/applications/applicationstorage.h +openpgp/src/applications/openpgp/cryptoapdu.cpp +openpgp/src/applications/openpgp/cryptoapdu.h +openpgp/src/applications/openpgp/openpgpconst.cpp +openpgp/src/applications/openpgp/openpgpconst.h +openpgp/src/applications/openpgp/openpgpfactory.cpp +openpgp/src/applications/openpgp/openpgpfactory.h +openpgp/src/applications/openpgp/openpgpstruct.cpp +openpgp/src/applications/openpgp/openpgpstruct.h +openpgp/src/applications/openpgp/resetprovider.cpp +openpgp/src/applications/openpgp/resetprovider.h +openpgp/src/applications/openpgp/secureapdu.cpp +openpgp/src/applications/openpgp/secureapdu.h +openpgp/src/applications/openpgp/security.cpp +openpgp/src/applications/openpgp/security.h +openpgp/src/applications/openpgp/userapdu.cpp +openpgp/src/applications/openpgp/userapdu.h +openpgp/src/applications/openpgpapplication.cpp +openpgp/src/applications/openpgpapplication.h +openpgp/src/applications/testapplication.cpp +openpgp/src/applications/testapplication.h +openpgp/src/cryptolib-mbedtls.cpp +openpgp/src/cryptolib-mbedtls.h +openpgp/src/cryptolib.cpp +openpgp/src/cryptolib.h +openpgp/src/errors.h +openpgp/src/filesystem.cpp +openpgp/src/filesystem.h +openpgp/src/opgpdevice.h +openpgp/src/opgputil.cpp +openpgp/src/opgputil.h +openpgp/src/solofactory.cpp +openpgp/src/solofactory.h +openpgp/src/tlv.cpp +openpgp/src/tlv.h +openpgp/stm32l432/Makefile.lib +openpgp/stm32l432/openpgplib.cpp +openpgp/stm32l432/openpgplib.h +openpgp/stm32l432/opgpdevice.cpp +pc/app.h +pc/device.c +pc/main.c +targets/stm32l432/Makefile +targets/stm32l432/bootloader/bootloader.c +targets/stm32l432/bootloader/bootloader.h +targets/stm32l432/bootloader/main.c +targets/stm32l432/bootloader/pubkey_bootloader.c +targets/stm32l432/bootloader/version_check.c +targets/stm32l432/build/application.mk +targets/stm32l432/build/bootloader.mk +targets/stm32l432/build/common.mk +targets/stm32l432/lib/stm32_hal_legacy.h +targets/stm32l432/lib/stm32l4xx_hal.h +targets/stm32l432/lib/stm32l4xx_hal_conf.h +targets/stm32l432/lib/stm32l4xx_hal_def.h +targets/stm32l432/lib/stm32l4xx_hal_pcd.c +targets/stm32l432/lib/stm32l4xx_hal_pcd.h +targets/stm32l432/lib/stm32l4xx_hal_pcd_ex.c +targets/stm32l432/lib/stm32l4xx_hal_pcd_ex.h +targets/stm32l432/lib/stm32l4xx_hal_tsc.h +targets/stm32l432/lib/stm32l4xx_ll_bus.h +targets/stm32l432/lib/stm32l4xx_ll_cortex.h +targets/stm32l432/lib/stm32l4xx_ll_crs.h +targets/stm32l432/lib/stm32l4xx_ll_exti.c +targets/stm32l432/lib/stm32l4xx_ll_exti.h +targets/stm32l432/lib/stm32l4xx_ll_gpio.c +targets/stm32l432/lib/stm32l4xx_ll_gpio.h +targets/stm32l432/lib/stm32l4xx_ll_iwdg.h +targets/stm32l432/lib/stm32l4xx_ll_pwr.c +targets/stm32l432/lib/stm32l4xx_ll_pwr.h +targets/stm32l432/lib/stm32l4xx_ll_rcc.c +targets/stm32l432/lib/stm32l4xx_ll_rcc.h +targets/stm32l432/lib/stm32l4xx_ll_rng.c +targets/stm32l432/lib/stm32l4xx_ll_rng.h +targets/stm32l432/lib/stm32l4xx_ll_spi.c +targets/stm32l432/lib/stm32l4xx_ll_spi.h +targets/stm32l432/lib/stm32l4xx_ll_system.h +targets/stm32l432/lib/stm32l4xx_ll_tim.c +targets/stm32l432/lib/stm32l4xx_ll_tim.h +targets/stm32l432/lib/stm32l4xx_ll_usart.c +targets/stm32l432/lib/stm32l4xx_ll_usart.h +targets/stm32l432/lib/stm32l4xx_ll_usb.c +targets/stm32l432/lib/stm32l4xx_ll_usb.h +targets/stm32l432/lib/stm32l4xx_ll_utils.c +targets/stm32l432/lib/stm32l4xx_ll_utils.h +targets/stm32l432/lib/usbd/usbd_ccid.c +targets/stm32l432/lib/usbd/usbd_ccid.h +targets/stm32l432/lib/usbd/usbd_cdc.c +targets/stm32l432/lib/usbd/usbd_cdc.h +targets/stm32l432/lib/usbd/usbd_cdc_if.c +targets/stm32l432/lib/usbd/usbd_cdc_if.h +targets/stm32l432/lib/usbd/usbd_composite.c +targets/stm32l432/lib/usbd/usbd_composite.h +targets/stm32l432/lib/usbd/usbd_conf.c +targets/stm32l432/lib/usbd/usbd_conf.h +targets/stm32l432/lib/usbd/usbd_core.c +targets/stm32l432/lib/usbd/usbd_core.h +targets/stm32l432/lib/usbd/usbd_ctlreq.c +targets/stm32l432/lib/usbd/usbd_ctlreq.h +targets/stm32l432/lib/usbd/usbd_def.h +targets/stm32l432/lib/usbd/usbd_desc.c +targets/stm32l432/lib/usbd/usbd_desc.h +targets/stm32l432/lib/usbd/usbd_hid.c +targets/stm32l432/lib/usbd/usbd_hid.h +targets/stm32l432/lib/usbd/usbd_ioreq.c +targets/stm32l432/lib/usbd/usbd_ioreq.h +targets/stm32l432/linker/bootloader_stm32l4xx.ld +targets/stm32l432/linker/bootloader_stm32l4xx_extra.ld +targets/stm32l432/linker/stm32l4xx.ld +targets/stm32l432/linker/stm32l4xx_extra.ld +targets/stm32l432/src/ams.c +targets/stm32l432/src/ams.h +targets/stm32l432/src/app.h +targets/stm32l432/src/attestation.c +targets/stm32l432/src/cmsis/arm_common_tables.h +targets/stm32l432/src/cmsis/arm_const_structs.h +targets/stm32l432/src/cmsis/arm_math.h +targets/stm32l432/src/cmsis/cmsis_armcc.h +targets/stm32l432/src/cmsis/cmsis_armcc_V6.h +targets/stm32l432/src/cmsis/cmsis_gcc.h +targets/stm32l432/src/cmsis/core_cm0.h +targets/stm32l432/src/cmsis/core_cm0plus.h +targets/stm32l432/src/cmsis/core_cm3.h +targets/stm32l432/src/cmsis/core_cm4.h +targets/stm32l432/src/cmsis/core_cm7.h +targets/stm32l432/src/cmsis/core_cmFunc.h +targets/stm32l432/src/cmsis/core_cmInstr.h +targets/stm32l432/src/cmsis/core_cmSimd.h +targets/stm32l432/src/cmsis/core_sc000.h +targets/stm32l432/src/cmsis/core_sc300.h +targets/stm32l432/src/cmsis/stm32l432xx.h +targets/stm32l432/src/cmsis/stm32l442xx.h +targets/stm32l432/src/cmsis/stm32l4xx.h +targets/stm32l432/src/cmsis/system_stm32l4xx.h +targets/stm32l432/src/device.c +targets/stm32l432/src/fifo.c +targets/stm32l432/src/fifo.h +targets/stm32l432/src/flash.c +targets/stm32l432/src/flash.h +targets/stm32l432/src/init.c +targets/stm32l432/src/init.h +targets/stm32l432/src/led.c +targets/stm32l432/src/led.h +targets/stm32l432/src/main.c +targets/stm32l432/src/memory_layout.h +targets/stm32l432/src/nfc.c +targets/stm32l432/src/nfc.h +targets/stm32l432/src/redirect.c +targets/stm32l432/src/rng.c +targets/stm32l432/src/rng.h +targets/stm32l432/src/sense.c +targets/stm32l432/src/sense.h +targets/stm32l432/src/solo.h +targets/stm32l432/src/system_stm32l4xx.c +tinycbor/examples/simplereader.c +tinycbor/src/cbor.h +tinycbor/src/cborencoder.c +tinycbor/src/cborencoder_close_container_checked.c +tinycbor/src/cborerrorstrings.c +tinycbor/src/cborinternal_p.h +tinycbor/src/cborjson.h +tinycbor/src/cborparser.c +tinycbor/src/cborparser_dup_string.c +tinycbor/src/cborpretty.c +tinycbor/src/cborpretty_stdio.c +tinycbor/src/cbortojson.c +tinycbor/src/cborvalidation.c +tinycbor/src/compilersupport_p.h +tinycbor/src/open_memstream.c +tinycbor/src/tinycbor-version.h +tinycbor/src/utf8_p.h +tinycbor/tests/c90/tst_c90.c +tinycbor/tests/cpp/tst_cpp.cpp +tinycbor/tests/encoder/tst_encoder.cpp +tinycbor/tests/parser/tst_parser.cpp +tinycbor/tests/tojson/tst_tojson.cpp +tinycbor/tools/cbordump/cbordump.c +tinycbor/tools/json2cbor/json2cbor.c diff --git a/solo.includes b/solo.includes new file mode 100644 index 00000000..c55ea371 --- /dev/null +++ b/solo.includes @@ -0,0 +1,48 @@ +crypto/cifra/src +crypto/cifra/src/arm +crypto/cifra/src/arm/ext +crypto/cifra/src/ext +crypto/micro-ecc +crypto/sha256 +crypto/tiny-AES-c +fido2 +fido2/extensions +openpgp/libs/mbedtls +openpgp/libs/mbedtls/mbedtls/configs +openpgp/libs/mbedtls/mbedtls/crypto/3rdparty/everest/include/everest +openpgp/libs/mbedtls/mbedtls/crypto/3rdparty/everest/include/everest/kremlib +openpgp/libs/mbedtls/mbedtls/crypto/3rdparty/everest/include/everest/kremlin +openpgp/libs/mbedtls/mbedtls/crypto/3rdparty/everest/include/everest/kremlin/internal +openpgp/libs/mbedtls/mbedtls/crypto/3rdparty/everest/include/everest/vs2010 +openpgp/libs/mbedtls/mbedtls/crypto/configs +openpgp/libs/mbedtls/mbedtls/crypto/doxygen/input +openpgp/libs/mbedtls/mbedtls/crypto/include/mbedtls +openpgp/libs/mbedtls/mbedtls/crypto/include/psa +openpgp/libs/mbedtls/mbedtls/crypto/library +openpgp/libs/mbedtls/mbedtls/crypto/tests +openpgp/libs/mbedtls/mbedtls/crypto/tests/configs +openpgp/libs/mbedtls/mbedtls/doxygen/input +openpgp/libs/mbedtls/mbedtls/include/mbedtls +openpgp/libs/mbedtls/mbedtls/programs/fuzz +openpgp/libs/bearssl +openpgp/libs/stm32fs +openpgp/pc +openpgp/src +openpgp/src/applications +openpgp/src/applications/openpgp +openpgp/stm32l432 +pc +targets/stm32l432/bootloader +targets/stm32l432/lib +targets/stm32l432/lib/usbd +targets/stm32l432/src +targets/stm32l432/src/cmsis +tinycbor/src +. +targets/stm32l432 +openpgp +targets/stm32l432/build +openpgp/src/applications/openpgp +openpgp/src/applications +crypto/libsalty +targets/stm32l432/linker diff --git a/targets/stm32l432/Makefile b/targets/stm32l432/Makefile index 0296ed6f..a0734258 100644 --- a/targets/stm32l432/Makefile +++ b/targets/stm32l432/Makefile @@ -116,3 +116,4 @@ test: $(MAKE) build-hacker $(MAKE) build-debugboot $(MAKE) clean2 + diff --git a/targets/stm32l432/build/application.mk b/targets/stm32l432/build/application.mk index f36e7f40..31d4837f 100644 --- a/targets/stm32l432/build/application.mk +++ b/targets/stm32l432/build/application.mk @@ -19,18 +19,53 @@ SRC += ../../fido2/extensions/wallet.c SRC += ../../crypto/sha256/sha256.c ../../crypto/micro-ecc/uECC.c ../../crypto/tiny-AES-c/aes.c SRC += ../../crypto/cifra/src/sha512.c ../../crypto/cifra/src/blockwise.c +#libsalty +LIBSALTY_PATH = ../../crypto/libsalty +LIBSALTY_LIB = $(LIBSALTY_PATH)/libsalty-asm.a $(LIBSALTY_PATH)/libsalty.a + +# bearSSL +BEARSSL_PATH = ../../openpgp/libs/bearssl/ +_SRCSB = rsa_i15_modulus.c i15_encode.c i15_decode.c i15_mulacc.c i15_bitlen.c \ + rsa_i15_priv.c i15_sub.c i15_add.c i15_reduce.c i15_modpow.c i15_modpow2.c \ + i15_ninv15.c i15_tmont.c i15_fmont.c i15_montmul.c i15_decred.c i15_muladd.c \ + i15_rshift.c ccopy.c rsa_i15_privexp.c i32_div32.c i15_moddiv.c \ + rsa_i31_keygen_inner.c rsa_i15_keygen.c \ + i15_addon.c rsa_default_keygen.c rsa_default_pkcs1_sign.c \ + ec_keygen.c ec_pubkey.c ec_prime_i15.c ec_c25519_m15.c \ + ec_secp256r1.c ec_secp384r1.c ec_secp521r1.c \ + i15_decmod.c i15_iszero.c \ + ecdsa_i15_sign_raw.c ecdsa_i15_bits.c hmac_drbg.c hmac.c sha2small.c enc32be.c dec32be.c \ + aes_ct.c aes_ct_cbcdec.c aes_ct_cbcenc.c aes_ct_dec.c aes_ct_enc.c + +BEARSSL_SRCS = $(foreach var, $(_SRCSB), $(BEARSSL_PATH)$(var)) +SRC += $(BEARSSL_SRCS) + +# OpenPGP +OP_SRC_DIRS := ../../openpgp/stm32l432 \ + ../../openpgp/src \ + ../../openpgp/src/applications \ + ../../openpgp/src/applications/openpgp \ + ../../openpgp/libs/stm32fs +OP_SRC := $(sort $(foreach var, $(OP_SRC_DIRS), $(wildcard $(var)/*.cpp))) +CPP_SRC = $(OP_SRC) + OBJ1=$(SRC:.c=.o) +OBJ1+=$(CPP_SRC:.cpp=.o) OBJ=$(OBJ1:.s=.o) -INC = -Isrc/ -Isrc/cmsis/ -Ilib/ -Ilib/usbd/ +INC = -I. -Isrc/ -Isrc/cmsis/ -Ilib/ -Ilib/usbd/ INC += -I../../fido2/ -I../../fido2/extensions INC += -I../../tinycbor/src -I../../crypto/sha256 -I../../crypto/micro-ecc INC += -I../../crypto/tiny-AES-c INC += -I../../crypto/cifra/src -I../../crypto/cifra/src/ext +INC += -I../../openpgp/stm32l432 -I../../openpgp/src +INC += -I../../openpgp/libs/bearssl +INC += -I../../openpgp/libs/stm32fs +INC += -I../../crypto/libsalty INC += -I../../crypto/salty/c-api -SEARCH=-L../../tinycbor/lib -L../../crypto/salty/c-api +SEARCH=-L../../tinycbor/lib -L../../crypto/salty/c-api -L$(LIBSALTY_PATH) ifndef LDSCRIPT LDSCRIPT=linker/stm32l4xx.ld @@ -50,10 +85,12 @@ endif DEFINES = -DDEBUG_LEVEL=$(DEBUG) -D$(CHIP) -DAES256=1 -DUSE_FULL_LL_DRIVER -DAPP_CONFIG=\"app.h\" $(EXTRA_DEFINES) -CFLAGS=$(INC) -c $(DEFINES) -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -fdata-sections -ffunction-sections \ +CFLAGS=$(INC) -c $(DEFINES) -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -fdata-sections -ffunction-sections \ -fomit-frame-pointer $(HW) -g $(VERSION_FLAGS) -LDFLAGS_LIB=$(HW) $(SEARCH) -specs=nano.specs -specs=nosys.specs -Wl,--gc-sections -lnosys -LDFLAGS=$(HW) $(LDFLAGS_LIB) -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -Wl,-Bstatic -ltinycbor -lsalty +CPPFLAGS=$(INC) -c $(DEFINES) -std=c++17 -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -fdata-sections -ffunction-sections \ + -fomit-frame-pointer $(HW) -g $(VERSION_FLAGS) -fno-exceptions -fno-rtti +LDFLAGS_LIB=$(HW) $(SEARCH) -specs=nano.specs -specs=nosys.specs -Wl,--gc-sections -lnosys -lstdc++ +LDFLAGS=$(HW) $(LDFLAGS_LIB) -T$(LDSCRIPT) -Wl,-Map=$(TARGET).map,--cref -Wl,-Bstatic -ltinycbor -lsalty -Wl,--print-memory-usage $(LIBSALTY_LIB) ECC_CFLAGS = $(CFLAGS) -DuECC_PLATFORM=5 -DuECC_OPTIMIZATION_LEVEL=4 -DuECC_SQUARE_FUNC=1 -DuECC_SUPPORT_COMPRESSED_POINT=0 @@ -66,6 +103,9 @@ all: $(TARGET).elf %.o: %.c $(CC) $^ $(HW) -Os $(CFLAGS) -o $@ +%.o: %.cpp + $(CPP) $^ $(HW) -Os $(CPPFLAGS) -o $@ + ../../crypto/micro-ecc/uECC.o: ../../crypto/micro-ecc/uECC.c $(CC) $^ $(HW) -O3 $(ECC_CFLAGS) -o $@ @@ -80,12 +120,12 @@ all: $(TARGET).elf clean: rm -f *.o src/*.o *.elf bootloader/*.o $(OBJ) - cbor: cd ../../tinycbor/ && make clean - cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \ -LDFLAGS="$(LDFLAGS_LIB)" \ -CFLAGS="$(CFLAGS) -Os -DCBOR_PARSER_MAX_RECURSIONS=3" + cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) LDFLAGS="$(LDFLAGS_LIB)" CFLAGS="$(CFLAGS) -Os -DCBOR_PARSER_MAX_RECURSIONS=3" + +#LDFLAGS="$(LDFLAGS_LIB)" \ +#CFLAGS="$(CFLAGS) -Os -DCBOR_PARSER_MAX_RECURSIONS=3" salty: cd ../../crypto/salty/c-api && cargo clean diff --git a/targets/stm32l432/build/common.mk b/targets/stm32l432/build/common.mk index cf3fe966..1c6e8e10 100644 --- a/targets/stm32l432/build/common.mk +++ b/targets/stm32l432/build/common.mk @@ -1,6 +1,7 @@ include ../../fido2/version.mk CC=$(PREFIX)arm-none-eabi-gcc +CPP=$(PREFIX)arm-none-eabi-g++ CP=$(PREFIX)arm-none-eabi-objcopy SZ=$(PREFIX)arm-none-eabi-size AR=$(PREFIX)arm-none-eabi-ar diff --git a/targets/stm32l432/lib/usbd/usbd_ccid.c b/targets/stm32l432/lib/usbd/usbd_ccid.c index 0a0a7973..0c5fe629 100644 --- a/targets/stm32l432/lib/usbd/usbd_ccid.c +++ b/targets/stm32l432/lib/usbd/usbd_ccid.c @@ -1,10 +1,16 @@ #include +#include #include "usbd_ccid.h" #include "usbd_ctlreq.h" #include "usbd_conf.h" #include "usbd_core.h" #include "log.h" +#include "device.h" + +#ifdef ENABLE_CCID +#include "openpgplib.h" +#endif static uint8_t USBD_CCID_Init (USBD_HandleTypeDef *pdev, uint8_t cfgidx); @@ -24,6 +30,34 @@ static uint8_t USBD_CCID_DataOut (USBD_HandleTypeDef *pdev, static uint8_t USBD_CCID_EP0_RxReady (USBD_HandleTypeDef *pdev); +static bool ICCStateChanged = true; +static bool ICCPowered = false; + +static const uint8_t ATRResponse[] = { + 0x3B, 0xDA, 0x11, 0xFF, 0x81, 0xB1, 0xFE, 0x55, + 0x1F, 0x03, 0x00, 0x31, 0x84, 0x73, 0x80, 0x01, + 0x80, 0x00, 0x90, 0x00, 0xE4 }; + +static const uint8_t ParamsT0Default[] = { + // bmFindexDindex (B7-4 – FI – Index into the table 7 in ISO/IEC 7816-3:1997 selecting a clock rate conversion factor + // B3-0 – DI - Index into the table 8 in ISO/IEC 7816-3:1997 selecting a baud rate conversion factor ) + 0x11, // from TA1 ATR: Fi=372, Di=1, 372 cycles/ETU (10752 bits/s at 4.00 MHz, 13440 bits/s for fMax=5 MHz) + 0x10, // bmTCCKST0 (Checksum: LRC, Convention: direct, ignored by CCID) + 0x00, // bGuardTimeT0 + 0x00, // bWaitingIntegerT0 + 0x00, // bClockStop. 00h = Stopping the Clock is not allowed + }; + +static const uint8_t ParamsT1Default[] = { + 0x11, // Fi=372, Di=1 + 0x10, // Checksum: LRC, Convention: direct, ignored by CCID + 0x00, // No extra guard time + 0x15, // BWI = 1, CWI = 5 + 0x00, // Stopping the Clock is not allowed + 0xFE, // IFSC = 0xFE + 0x00 // NAD + }; + USBD_ClassTypeDef USBD_CCID = { USBD_CCID_Init, @@ -43,7 +77,13 @@ USBD_ClassTypeDef USBD_CCID = NULL, }; -static uint8_t ccidmsg_buf[CCID_DATA_PACKET_SIZE]; +PUT_TO_SRAM2 static uint8_t ccidmsg_buf[CCID_DATA_PACKET_SIZE]; +#ifdef ENABLE_CCID +PUT_TO_SRAM2 static uint8_t usbdata_buf[2048]; +static size_t usbdata_len = 0; +#endif + +static CCID_bulkout_data_t pck; static uint8_t USBD_CCID_Init (USBD_HandleTypeDef *pdev, uint8_t cfgidx) { @@ -215,71 +255,209 @@ static uint8_t USBD_CCID_DataIn (USBD_HandleTypeDef *pdev, uint8_t epnum) return USBD_OK; } -uint8_t USBD_CCID_TransmitPacket(uint8_t * msg, int len) +uint8_t USBD_CCID_TransmitPacket(uint8_t * msg, uint16_t len) { /* Update the packet total length */ Solo_USBD_Device.ep_in[CCID_IN_EP & 0xFU].total_length = len; - while (PCD_GET_EP_TX_STATUS(USB, CCID_IN_EP & 0x0f) == USB_EP_TX_VALID) + while (PCD_GET_EP_TX_STATUS(USB, CCID_IN_EP & 0x0fU) == USB_EP_TX_VALID) ; /* Transmit next packet */ - USBD_LL_Transmit(&Solo_USBD_Device, CCID_IN_EP, msg, - len); + USBD_LL_Transmit(&Solo_USBD_Device, CCID_IN_EP, msg, len); - printf1(TAG_CCID,"<< "); - dump_hex1(TAG_CCID, msg, len); + //printf1(TAG_CCID,"<< "); + //dump_hex1(TAG_CCID, msg, len); return USBD_OK; } - - -void ccid_send_status(CCID_HEADER * c, uint8_t status) +void ccid_send_status(CCID_HEADER * c, uint8_t status, uint8_t error) { - uint8_t msg[CCID_HEADER_SIZE]; - memset(msg,0,sizeof(msg)); - - msg[0] = CCID_SLOT_STATUS_RES; - msg[6] = c->seq; - msg[7] = status; + memset((uint8_t *)&pck, 0, sizeof(pck)); + + pck.bMessageType = CCID_SLOT_STATUS_RES; + pck.bSlot = c->slot; + pck.bSeq = c->seq; + pck.bStatus = status; + pck.bError = error; + + USBD_CCID_TransmitPacket((uint8_t *)&pck, CCID_HEADER_SIZE); +} - USBD_CCID_TransmitPacket(msg, sizeof(msg)); +void ccid_send_data_block(CCID_HEADER * c, uint8_t *data, uint32_t len, uint8_t status, uint8_t error) +{ + memset((uint8_t *)&pck, 0, sizeof(pck)); + + pck.bMessageType = CCID_DATA_BLOCK_RES; + pck.dwLength = len; + pck.bSlot = c->slot; + pck.bSeq = c->seq; + pck.bStatus = status; + pck.bError = error; + + memcpy(pck.abData, data, len); + + if (error != CCID_SLOT_NO_ERROR) { + pck.dwLength = 0; + } + USBD_CCID_TransmitPacket((uint8_t *)&pck, CCID_HEADER_SIZE + pck.dwLength); } -void ccid_send_data_block(CCID_HEADER * c, uint8_t status) +// abData and dwLength comes from old data +void ccid_send_data_block_noclear(CCID_HEADER * c, uint8_t status, uint8_t error) { - uint8_t msg[CCID_HEADER_SIZE]; - memset(msg,0,sizeof(msg)); - - msg[0] = CCID_DATA_BLOCK_RES; - msg[6] = c->seq; - msg[7] = status; + pck.bMessageType = CCID_DATA_BLOCK_RES; + pck.bSlot = c->slot; + pck.bSeq = c->seq; + pck.bStatus = status; + pck.bError = error; + pck.bSpecific = 0; + + if (error != CCID_SLOT_NO_ERROR) { + pck.dwLength = 0; + } - USBD_CCID_TransmitPacket(msg, sizeof(msg)); + USBD_CCID_TransmitPacket((uint8_t *)&pck, CCID_HEADER_SIZE + pck.dwLength); +} +void ccid_send_parameters(CCID_HEADER * c, uint8_t status, uint8_t error) +{ + memset((uint8_t *)&pck, 0, sizeof(pck)); + + pck.bMessageType = CCID_PARAMS_RES; + pck.dwLength = 0; + pck.bSlot = c->slot; + pck.bSeq = c->seq; + pck.bStatus = status; + pck.bError = error; + + /* + bSpecific - Specifies what protocol data structure follows. + 00h = Structure for protocol T=0 + 01h = Structure for protocol T=1 + The following values are reserved for future use. + 80h = Structure for 2-wire protocol + 81h = Structure for 3-wire protocol + 82h = Structure for I2C protocol + */ + pck.bSpecific = 1; + (void)ParamsT0Default; // suppress not using warning + if (error == CCID_SLOT_NO_ERROR) { + pck.dwLength = sizeof(ParamsT1Default); + memcpy(pck.abData, ParamsT1Default, sizeof(ParamsT1Default)); + } + + USBD_CCID_TransmitPacket((uint8_t *)&pck, CCID_HEADER_SIZE + pck.dwLength); } void handle_ccid(uint8_t * msg, int len) { CCID_HEADER * h = (CCID_HEADER *) msg; +#ifdef ENABLE_CCID + uint32_t rlength = 0; +#endif switch(h->type) { case CCID_SLOT_STATUS: - ccid_send_status(h, CCID_STATUS_ON); + //ccid_send_status(h, BM_COMMAND_STATUS_NO_ERROR | (ICCPowered ? BM_ICC_PRESENT_ACTIVE : BM_ICC_NO_ICC_PRESENT), CCID_SLOT_NO_ERROR); + ccid_send_status(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, 0); break; case CCID_POWER_ON: - ccid_send_data_block(h, CCID_STATUS_ON); + if (h->rsvd >= VOLTS_1_8) { + /* The Voltage specified is out of Spec */ + ccid_send_status(h, BM_COMMAND_STATUS_FAILED | BM_ICC_PRESENT_ACTIVE, CCID_SLOTERROR_BAD_POWERSELECT); + return; + } + + ccid_send_data_block(h, (uint8_t *)ATRResponse, sizeof(ATRResponse), BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + ICCPowered = true; + ICCStateChanged = true; break; case CCID_POWER_OFF: - ccid_send_status(h, CCID_STATUS_OFF); + ccid_send_status(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_NO_ICC_PRESENT, 0); + ICCPowered = false; + ICCStateChanged = true; break; + case CCID_GET_PARAMS: + ccid_send_parameters(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + break; + case CCID_RESET_PARAMS: + ccid_send_parameters(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + break; + case CCID_SET_PARAMS: + ccid_send_status(h, BM_COMMAND_STATUS_FAILED | BM_ICC_PRESENT_ACTIVE, CCID_SLOTERROR_CMD_NOT_SUPPORTED); + //ccid_send_parameters(h, BM_COMMAND_STATUS_FAILED | BM_ICC_PRESENT_ACTIVE, 0); // bError field will contain the offset of the "offending" parameter + break; +#ifdef ENABLE_CCID + case CCID_XFR_BLOCK: + pck.dwLength = 0; + pck.bSpecific = 0x00; // bChainParameter + + // chaining... + // wLevelParameter in h->param + // 0x00 - no chaining + if (h->param == 0x00) { + usbdata_len = h->len; + memcpy(usbdata_buf, &msg[CCID_HEADER_SIZE], h->len); + } + // 0x01 - start chaining + if (h->param == 0x01) { + usbdata_len = h->len; + memcpy(usbdata_buf, &msg[CCID_HEADER_SIZE], h->len); + pck.bSpecific = 0x10; // bChainParameter + ccid_send_data_block_noclear(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + break; + } + // 0x02 - finish chaining + if (h->param == 0x02) { + memcpy(&usbdata_buf[usbdata_len], &msg[CCID_HEADER_SIZE], h->len); + usbdata_len += h->len; + } + // 0x03 - continue chaining + if (h->param == 0x03) { + memcpy(&usbdata_buf[usbdata_len], &msg[CCID_HEADER_SIZE], h->len); + usbdata_len += h->len; + pck.bSpecific = 0x10; // bChainParameter + ccid_send_data_block_noclear(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + break; + } + + device_led(COLOR_CYAN); + OpenpgpExchange(usbdata_buf, usbdata_len, pck.abData, &rlength); + pck.dwLength = rlength; + + ccid_send_data_block_noclear(h, BM_COMMAND_STATUS_NO_ERROR | BM_ICC_PRESENT_ACTIVE, CCID_SLOT_NO_ERROR); + device_led(COLOR_OFF); + + if (DoReset) { + device_led(COLOR_RED); + while (PCD_GET_EP_TX_STATUS(USB, CCID_IN_EP & 0x0fU) == USB_EP_TX_VALID) + ; + device_reboot(); + } + break; +#endif default: - ccid_send_status(h, CCID_STATUS_ON); + ccid_send_status(h, BM_COMMAND_STATUS_FAILED | BM_ICC_PRESENT_ACTIVE, CCID_SLOTERROR_CMD_NOT_SUPPORTED); break; } } +uint8_t usb_ccid_int_tx_callback(USBD_HandleTypeDef *pdev, uint8_t epnum) { + uint8_t state = (ICCPowered ? CCID_ICC_PRESENT : CCID_ICC_NOT_PRESENT) | (ICCStateChanged ? CCID_ICC_CHANGE : 0x00); + uint8_t data[] = {CCID_RDR_TO_PC_NOTIFYSLOTCHANGE, state}; + ICCStateChanged = false; + + Solo_USBD_Device.ep_in[CCID_CMD_EP & 0xFU].total_length = sizeof(data); + + while (PCD_GET_EP_TX_STATUS(USB, CCID_CMD_EP & 0x0f) == USB_EP_TX_VALID) + ; + USBD_LL_Transmit(&Solo_USBD_Device, CCID_CMD_EP, data, sizeof(data)); + + return USBD_OK; +} + /** * @brief USBD_CDC_DataOut * Data received on non-control Out endpoint @@ -289,14 +467,13 @@ void handle_ccid(uint8_t * msg, int len) */ uint8_t usb_ccid_recieve_callback(USBD_HandleTypeDef *pdev, uint8_t epnum) { - USBD_CCID_HandleTypeDef *hcdc = (USBD_CCID_HandleTypeDef*) pdev->pClassData; /* Get the received data length */ hcdc->RxLength = USBD_LL_GetRxDataSize (pdev, epnum); - - printf1(TAG_CCID, ">> "); - dump_hex1(TAG_CCID, ccidmsg_buf, hcdc->RxLength); + + //printf1(TAG_CCID, ">> "); + //dump_hex1(TAG_CCID, ccidmsg_buf, hcdc->RxLength); handle_ccid(ccidmsg_buf, hcdc->RxLength); @@ -306,7 +483,6 @@ uint8_t usb_ccid_recieve_callback(USBD_HandleTypeDef *pdev, uint8_t epnum) return USBD_OK; } - /** * @brief USBD_CDC_EP0_RxReady * Handle EP0 Rx Ready event diff --git a/targets/stm32l432/lib/usbd/usbd_ccid.h b/targets/stm32l432/lib/usbd/usbd_ccid.h index 513c7969..596f30ee 100644 --- a/targets/stm32l432/lib/usbd/usbd_ccid.h +++ b/targets/stm32l432/lib/usbd/usbd_ccid.h @@ -14,11 +14,42 @@ typedef struct uint16_t param; } __attribute__((packed)) CCID_HEADER; -#define CCID_IN_EP 0x86U /* EP1 for data IN */ -#define CCID_OUT_EP 0x04U /* EP1 for data OUT */ -#define CCID_CMD_EP 0x85U /* EP2 for CDC commands */ +#define ABDATA_SIZE 261 -#define CCID_DATA_PACKET_SIZE 64 +typedef struct { + uint8_t bMessageType; /* Offset = 0*/ + uint32_t dwLength; /* Offset = 1, The length field (dwLength) is the length + of the message not including the 10-byte header.*/ + uint8_t bSlot; /* Offset = 5*/ + uint8_t bSeq; /* Offset = 6*/ + uint8_t bSpecific_0; /* Offset = 7*/ + uint8_t bSpecific_1; /* Offset = 8*/ + uint8_t bSpecific_2; /* Offset = 9*/ + uint8_t abData [ABDATA_SIZE]; /* Offset = 10, For reference, the absolute + maximum block size for a TPDU T=0 block is 260 bytes + (5 bytes command; 255 bytes data), + or for a TPDU T=1 block is 259 bytes, + or for a short APDU T=1 block is 261 bytes, + or for an extended APDU T=1 block is 65544 bytes.*/ +} __attribute__((packed, aligned(1))) CCID_bulkin_data_t; + +typedef struct { + uint8_t bMessageType; /* Offset = 0*/ + uint32_t dwLength; /* Offset = 1*/ + uint8_t bSlot; /* Offset = 5, Same as Bulk-OUT message */ + uint8_t bSeq; /* Offset = 6, Same as Bulk-OUT message */ + uint8_t bStatus; /* Offset = 7, Slot status as defined in ?? 6.2.6*/ + uint8_t bError; /* Offset = 8, Slot error as defined in ?? 6.2.6*/ + uint8_t bSpecific; /* Offset = 9*/ + uint8_t abData[ABDATA_SIZE]; /* Offset = 10*/ + uint16_t u16SizeToSend; +} __attribute__((packed, aligned(1))) CCID_bulkout_data_t; + +#define CCID_IN_EP 0x86U /* EP1 for data IN */ +#define CCID_OUT_EP 0x04U /* EP1 for data OUT */ +#define CCID_CMD_EP 0x85U /* EP2 for CDC commands */ + +#define CCID_DATA_PACKET_SIZE 64 #define CCID_SET_PARAMS 0x61 #define CCID_POWER_ON 0x62 @@ -36,6 +67,79 @@ typedef struct #define CCID_SLOT_STATUS_RES 0x81 #define CCID_PARAMS_RES 0x82 +/* 6.3 Interrupt-IN Messages */ +#define CCID_RDR_TO_PC_NOTIFYSLOTCHANGE 0x50 +#define CCID_RDR_TO_PC_HARDWAREERROR 0x51 + +/* 6.3.1 RDR_to_PC_NotifySlotChange */ +#define CCID_ICC_NOT_PRESENT 0x00 +#define CCID_ICC_PRESENT 0x01 +#define CCID_ICC_CHANGE 0x02 +#define CCID_ICC_INSERTED_EVENT (ICC_PRESENT+ICC_CHANGE) + +/* Command status for USB Bulk In Messages : bmCommandStatus */ +#define BM_ICC_PRESENT_ACTIVE 0x00 +#define BM_ICC_PRESENT_INACTIVE 0x01 +#define BM_ICC_NO_ICC_PRESENT 0x02 + +#define BM_COMMAND_STATUS_OFFSET 0x06 +#define BM_COMMAND_STATUS_NO_ERROR (0x00 << BM_COMMAND_STATUS_OFFSET) +#define BM_COMMAND_STATUS_FAILED (0x01 << BM_COMMAND_STATUS_OFFSET) +#define BM_COMMAND_STATUS_TIME_EXTN (0x02 << BM_COMMAND_STATUS_OFFSET) + +/* ERROR CODES for USB Bulk In Messages : bError */ +#define CCID_SLOT_NO_ERROR 0x81 +#define CCID_SLOTERROR_UNKNOWN 0x82 + +/* +Failure of a command +The CCID cannot parse one parameter or the ICC is not supporting one parameter. +Then the Slot Error register contains the index of the first bad parameter as a +positive number (1-127). For instance, if the CCID receives an ICC command to +an unimplemented slot, then the Slot Error register shall be set to +‘5’ (index of bSlot field). */ +#define CCID_SLOTERROR_BAD_LENTGH 0x01 +#define CCID_SLOTERROR_BAD_SLOT 0x05 +#define CCID_SLOTERROR_BAD_POWERSELECT 0x07 +#define CCID_SLOTERROR_BAD_PROTOCOLNUM 0x07 +#define CCID_SLOTERROR_BAD_CLOCKCOMMAND 0x07 +#define CCID_SLOTERROR_BAD_ABRFU_3B 0x07 +#define CCID_SLOTERROR_BAD_BMCHANGES 0x07 +#define CCID_SLOTERROR_BAD_BFUNCTION_MECHANICAL 0x07 +#define CCID_SLOTERROR_BAD_ABRFU_2B 0x08 +#define CCID_SLOTERROR_BAD_LEVELPARAMETER 0x08 +#define CCID_SLOTERROR_BAD_FIDI 0x0A +#define CCID_SLOTERROR_BAD_T01CONVCHECKSUM 0x0B +#define CCID_SLOTERROR_BAD_GUARDTIME 0x0C +#define CCID_SLOTERROR_BAD_WAITINGINTEGER 0x0D +#define CCID_SLOTERROR_BAD_CLOCKSTOP 0x0E +#define CCID_SLOTERROR_BAD_IFSC 0x0F +#define CCID_SLOTERROR_BAD_NAD 0x10 +#define CCID_SLOTERROR_BAD_DWLENGTH 0x08 /* Used in PC_to_RDR_XfrBlock*/ +/* Table 6.2-2 Slot error register when bmCommandStatus = 1 (BM_COMMAND_STATUS_FAILED) */ +#define CCID_SLOTERROR_CMD_ABORTED 0xFF +#define CCID_SLOTERROR_ICC_MUTE 0xFE +#define CCID_SLOTERROR_XFR_PARITY_ERROR 0xFD +#define CCID_SLOTERROR_XFR_OVERRUN 0xFC +#define CCID_SLOTERROR_HW_ERROR 0xFB +#define CCID_SLOTERROR_BAD_ATR_TS 0xF8 +#define CCID_SLOTERROR_BAD_ATR_TCK 0xF7 +#define CCID_SLOTERROR_ICC_PROTOCOL_NOT_SUPPORTED 0xF6 +#define CCID_SLOTERROR_ICC_CLASS_NOT_SUPPORTED 0xF5 +#define CCID_SLOTERROR_PROCEDURE_BYTE_CONFLICT 0xF4 +#define CCID_SLOTERROR_DEACTIVATED_PROTOCOL 0xF3 +#define CCID_SLOTERROR_BUSY_WITH_AUTO_SEQUENCE 0xF2 +#define CCID_SLOTERROR_PIN_TIMEOUT 0xF0 +#define CCID_SLOTERROR_PIN_CANCELLED 0xEF +#define CCID_SLOTERROR_CMD_SLOT_BUSY 0xE0 +#define CCID_SLOTERROR_CMD_NOT_SUPPORTED 0x00 + +/* CCID rev 1.1, p.27 */ +#define VOLTS_AUTO 0x00 +#define VOLTS_5_0 0x01 +#define VOLTS_3_0 0x02 +#define VOLTS_1_8 0x03 + extern USBD_ClassTypeDef USBD_CCID; typedef struct @@ -54,5 +158,6 @@ typedef struct USBD_CCID_HandleTypeDef; uint8_t usb_ccid_recieve_callback(USBD_HandleTypeDef *pdev, uint8_t epnum); +uint8_t usb_ccid_int_tx_callback(USBD_HandleTypeDef *pdev, uint8_t epnum); #endif diff --git a/targets/stm32l432/lib/usbd/usbd_composite.c b/targets/stm32l432/lib/usbd/usbd_composite.c index b1de7d27..041feb54 100644 --- a/targets/stm32l432/lib/usbd/usbd_composite.c +++ b/targets/stm32l432/lib/usbd/usbd_composite.c @@ -253,7 +253,7 @@ __ALIGN_BEGIN uint8_t COMPOSITE_CDC_HID_DESCRIPTOR[COMPOSITE_CDC_HID_DESCRIPTOR_ * Auto activaction of ICC : 0x00004 * Automatic conf. based on ATR : 0x00002 * */ - 0x0f, 0x01, 0, 0, /* dwMaxCCIDMessageLength: 271 */ + 0x40, 0x00, 0, 0, /* dwMaxCCIDMessageLength: WAS:271 NOW:64*/ 0xff, /* bClassGetResponse: 0xff */ 0x00, /* bClassEnvelope: 0 */ 0, 0, /* wLCDLayout: 0 */ diff --git a/targets/stm32l432/lib/usbd/usbd_conf.c b/targets/stm32l432/lib/usbd/usbd_conf.c index bd3c442b..5417b871 100644 --- a/targets/stm32l432/lib/usbd/usbd_conf.c +++ b/targets/stm32l432/lib/usbd/usbd_conf.c @@ -140,7 +140,13 @@ void HAL_PCD_DataOutStageCallback(PCD_HandleTypeDef *hpcd, uint8_t epnum) // From device --> host void HAL_PCD_DataInStageCallback(PCD_HandleTypeDef *hpcd, uint8_t epnum) { - USBD_LL_DataInStage((USBD_HandleTypeDef*)hpcd->pData, epnum, hpcd->IN_ep[epnum].xfer_buff); +#ifdef ENABLE_CCID + if (epnum == (CCID_CMD_EP & 0x0fU)) { + usb_ccid_int_tx_callback((USBD_HandleTypeDef*)hpcd->pData, epnum); + return; + } +#endif + USBD_LL_DataInStage((USBD_HandleTypeDef*)hpcd->pData, epnum, hpcd->IN_ep[epnum].xfer_buff); } /** diff --git a/targets/stm32l432/linker/stm32l4xx.ld b/targets/stm32l432/linker/stm32l4xx.ld index d982f4de..91d3213b 100644 --- a/targets/stm32l432/linker/stm32l4xx.ld +++ b/targets/stm32l432/linker/stm32l4xx.ld @@ -10,7 +10,7 @@ ENTRY(Reset_Handler) /* End of RAM */ _estack = 0x2000c000; -_MIN_STACK_SIZE = 0x400; +_MIN_STACK_SIZE = 0x1000; /* len | 20 KB/10p| 196KB-8-8/98p | 2kB/1p | 38 KB/19p | @@ -89,5 +89,42 @@ SECTIONS . = . + _MIN_STACK_SIZE; . = ALIGN(8); } > ram + + .sram2 : + { + *(.sram2) + } > sram2 + + /* C++ Static constructors/destructors, also used for __attribute__ + * ((constructor)) and the likes */ + .preinit_array : + { + . = ALIGN(4); + _spreinit_array = .; + KEEP (*(.preinit_array)) + KEEP (*(.preinit_array*)) + _epreinit_array = .; + . = ALIGN(4); + } > flash + .init_array : + { + . = ALIGN(4); + _sinit_array = .; + KEEP (*(.init_array)) + KEEP (*(.init_array*)) + _einit_array = .; + . = ALIGN(4); + } > flash + + .fini_array : + { + . = ALIGN(4); + _sfini_array = .; + KEEP (*(.fini_array)) + KEEP (*(.fini_array*)) + _efini_array = .; + . = ALIGN(4); + } > flash + } diff --git a/targets/stm32l432/src/app.h b/targets/stm32l432/src/app.h index fa3d3806..a04e589d 100644 --- a/targets/stm32l432/src/app.h +++ b/targets/stm32l432/src/app.h @@ -20,7 +20,7 @@ #endif // Enable the CCID USB interface -// #define ENABLE_CCID +#define ENABLE_CCID #define NON_BLOCK_PRINTING 0 diff --git a/targets/stm32l432/src/device.c b/targets/stm32l432/src/device.c index f2443888..0fde15a2 100644 --- a/targets/stm32l432/src/device.c +++ b/targets/stm32l432/src/device.c @@ -177,6 +177,10 @@ void delay(uint32_t ms) void device_reboot(void) { + device_led(COLOR_MAGENTA); + delay(100U); + printf1(TAG_RED, "-- reset --\n"); + delay(100U); NVIC_SystemReset(); } @@ -482,6 +486,9 @@ void heartbeat(void) } +void device_led(uint32_t color) { + led_rgb(color); +} static int authenticator_is_backup_initialized(void) { diff --git a/targets/stm32l432/src/flash.c b/targets/stm32l432/src/flash.c index 3a5c8d6f..691cb893 100644 --- a/targets/stm32l432/src/flash.c +++ b/targets/stm32l432/src/flash.c @@ -12,6 +12,7 @@ #include APP_CONFIG #include "flash.h" #include "log.h" +#include "util.h" #include "device.h" static void flash_lock(void) @@ -82,7 +83,7 @@ void flash_erase_page(uint8_t page) __disable_irq(); // Wait if flash is busy - while (FLASH->SR & (1<<16)) + while (FLASH->SR & FLASH_SR_BSY) ; flash_unlock(); @@ -93,11 +94,11 @@ void flash_erase_page(uint8_t page) FLASH->CR |= (page<<3) | (1<<1); // Go! - FLASH->CR |= (1<<16); - while (FLASH->SR & (1<<16)) + FLASH->CR |= FLASH_CR_STRT; + while (FLASH->SR & FLASH_SR_BSY) ; - if(FLASH->SR & (1<<1)) + if(FLASH->SR & FLASH_SR_OPERR) { printf2(TAG_ERR,"erase NOT successful %lx\r\n", FLASH->SR); } @@ -108,21 +109,25 @@ void flash_erase_page(uint8_t page) void flash_write_dword(uint32_t addr, uint64_t data) { + // check if we try to write the same data + if (data == *((uint64_t *)addr)) + return; + __disable_irq(); - while (FLASH->SR & (1<<16)) + while (FLASH->SR & FLASH_SR_BSY) ; FLASH->SR = FLASH->SR; // Select program action - FLASH->CR |= (1<<0); + FLASH->CR |= FLASH_CR_PG; *(volatile uint32_t*)addr = data; *(volatile uint32_t*)(addr+4) = data>>32; - while (FLASH->SR & (1<<16)) + while (FLASH->SR & FLASH_SR_BSY) ; - if(FLASH->SR & (1<<1)) + if(FLASH->SR & FLASH_SR_OPERR) { printf2(TAG_ERR,"program NOT successful %lx\r\n", FLASH->SR); } @@ -136,7 +141,7 @@ void flash_write(uint32_t addr, uint8_t * data, size_t sz) { unsigned int i; uint8_t buf[8]; - while (FLASH->SR & (1<<16)) + while (FLASH->SR & FLASH_SR_BSY) ; flash_unlock(); @@ -156,6 +161,79 @@ void flash_write(uint32_t addr, uint8_t * data, size_t sz) } +uint64_t get_data_block(uint8_t blockn, uint8_t delta, uint8_t *data, size_t sz) { + uint8_t buf[8]; + if ((sz == 0) || (data == NULL) || (blockn > (sz + delta) / 8)) + return 0; + + if (blockn == 0) { + memset(buf, 0xff, sizeof(buf)); + size_t tsize = MIN(sz, ABS(8U - delta)); + memcpy(&buf[delta], data, tsize); + return *(uint64_t*)buf; + } + + if (blockn == (sz + delta) / 8) { + if ((sz + delta) % 8 == 0) + return 0; + memset(buf, 0xff, sizeof(buf)); + size_t tsize = (sz + delta) % 8; + memcpy(buf, &data[blockn * 8 - delta], tsize); + return *(uint64_t*)buf; + } + + memcpy(buf, &data[blockn * 8 - delta], 8); + return *(uint64_t*)buf; +} + +void flash_write_ex(uint32_t addr, uint8_t * data, size_t sz) +{ + uint8_t delta = addr & 0x07; + uint32_t addr_bg = addr & ~(0x07); + uint32_t addr_en = ((addr + sz - 1) & ~(0x07)) + 0x07; + size_t blocks_cnt = (sz + delta + 7) / 8; + + bool needs_erase = false; + + uint32_t blockn = 0; + for (uint32_t block_address = addr_bg; block_address < addr_en; block_address += 8){ + uint64_t d_flash = *(uint64_t *)block_address; + uint64_t d_ram = get_data_block(blockn, delta, data, sz); + blockn++; + + if (d_flash == d_ram) + continue; + + if (d_flash == 0xffffffffffffffffULL) + continue; + + needs_erase = true; + break; + } + + if (!needs_erase) { + while (FLASH->SR & (1<<16)) + ; + flash_unlock(); + + for(uint32_t i = 0; i < blocks_cnt; i++) + flash_write_dword(addr_bg + i * 8, get_data_block(i, delta, data, sz)); + } else { + uint8_t eeprom_data[2048]; + memset(eeprom_data, 0xff, sizeof(eeprom_data)); + uint8_t page = flash_page(addr_bg); + uint32_t p_addr = flash_addr(page); + + memcpy(eeprom_data, (uint8_t *)p_addr, 2048); + memcpy(&eeprom_data[addr - p_addr], data, sz); + + flash_erase_page(page); + + // if we switch off power here - flash will corrupt.... + flash_write(p_addr, eeprom_data, 2048); + } +} + // NOT YET working void flash_write_fast(uint32_t addr, uint32_t * data) { diff --git a/targets/stm32l432/src/flash.h b/targets/stm32l432/src/flash.h index 5da975c3..1e9c6113 100644 --- a/targets/stm32l432/src/flash.h +++ b/targets/stm32l432/src/flash.h @@ -7,15 +7,25 @@ #ifndef _FLASH_H_ #define _FLASH_H_ +#ifdef __cplusplus +extern "C" { +#endif + void flash_erase_page(uint8_t page); void flash_write_dword(uint32_t addr, uint64_t data); void flash_write(uint32_t addr, uint8_t * data, size_t sz); +void flash_write_ex(uint32_t addr, uint8_t * data, size_t sz); void flash_write_fast(uint32_t addr, uint32_t * data); void flash_option_bytes_init(int boot_from_dfu); +#ifdef __cplusplus +} +#endif + #define FLASH_PAGE_SIZE 2048 #define flash_addr(page) (0x08000000 + ((page)*FLASH_PAGE_SIZE)) +#define flash_page(addr) ((addr - 0x08000000) / FLASH_PAGE_SIZE) #define FLASH_PAGE_START 0 #define FLASH_PAGE_END 127 diff --git a/targets/stm32l432/src/led.h b/targets/stm32l432/src/led.h index 54234a53..ab3e325d 100644 --- a/targets/stm32l432/src/led.h +++ b/targets/stm32l432/src/led.h @@ -9,6 +9,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + void led_rgb(uint32_t hex); void led_test_colors(); @@ -17,4 +21,8 @@ void led_test_colors(); #define LED_PIN_R LL_GPIO_PIN_2 #define LED_PORT GPIOA +#ifdef __cplusplus +} +#endif + #endif diff --git a/targets/stm32l432/src/main.c b/targets/stm32l432/src/main.c index 9999e28b..9f73d1a0 100644 --- a/targets/stm32l432/src/main.c +++ b/targets/stm32l432/src/main.c @@ -12,6 +12,7 @@ #include "cbor.h" #include "device.h" +#include "openpgplib.h" #include "ctaphid.h" //#include "bsp.h" #include "util.h" @@ -21,9 +22,27 @@ #if !defined(TEST) +extern void (*_spreinit_array []) (void) __attribute__((weak)); +extern void (*_epreinit_array [])(void) __attribute__((weak)); +extern void (*_sinit_array [])(void) __attribute__((weak)); +extern void (*_einit_array [])(void) __attribute__((weak)); int main(int argc, char *argv[]) { + // Call C++ static initializers. + // ('preinit_array' functions are unlikely if the user + // doesn't define any, I think. But check for them anyways.) + int cpp_count = 0; + int cpp_size = &(_epreinit_array[0]) - &(_spreinit_array[0]); + for (cpp_count = 0; cpp_count < cpp_size; ++cpp_count) { + _spreinit_array[cpp_count](); + } + // ('init_array' sections call static constructors) + cpp_size = &(_einit_array[0]) - &(_sinit_array[0]); + for (cpp_count = 0; cpp_count < cpp_size; ++cpp_count) { + _sinit_array[cpp_count](); + } + uint8_t hidmsg[64]; uint32_t t1 = 0; @@ -40,6 +59,7 @@ int main(int argc, char *argv[]) // TAG_CTAP| //TAG_HID| TAG_U2F| + TAG_OPENPGP| //TAG_PARSE | //TAG_TIME| // TAG_DUMP| @@ -51,6 +71,7 @@ int main(int argc, char *argv[]) ); device_init(argc, argv); + OpenpgpInit(); memset(hidmsg,0,sizeof(hidmsg)); diff --git a/targets/stm32l432/src/memory_layout.h b/targets/stm32l432/src/memory_layout.h index d9682c86..8c0c9b3e 100644 --- a/targets/stm32l432/src/memory_layout.h +++ b/targets/stm32l432/src/memory_layout.h @@ -23,6 +23,13 @@ #define STATE1_PAGE_ADDR (0x08000000 + ((STATE1_PAGE)*PAGE_SIZE)) #define STATE2_PAGE_ADDR (0x08000000 + ((STATE2_PAGE)*PAGE_SIZE)) +// OpenPGP +#define OPENPGP_START_PAGE (PAGES - 19) +#define OPENPGP_START_PAGE_ADDR (0x08000000 + ((OPENPGP_START_PAGE)*PAGE_SIZE)) +#define OPENPGP_NUM_PAGES 4 +#define OPENPGP_END_PAGE (OPENPGP_START_PAGE + OPENPGP_NUM_PAGES - 1) +#define OPENPGP_END_PAGE_ADDR (0x08000000 + ((OPENPGP_END_PAGE + 1)*PAGE_SIZE) - 1) + // Storage of FIDO2 resident keys #define RK_NUM_PAGES 10 #define RK_START_PAGE (PAGES - 14) diff --git a/targets/stm32l432/src/redirect.c b/targets/stm32l432/src/redirect.c index ff30d407..2a69e68b 100644 --- a/targets/stm32l432/src/redirect.c +++ b/targets/stm32l432/src/redirect.c @@ -9,6 +9,7 @@ #include APP_CONFIG #include "fifo.h" +#include "device.h" #if DEBUG_LEVEL>0 @@ -23,25 +24,44 @@ void _putchar(char c) #endif } +PUT_TO_SRAM2 static uint8_t logbuf[1000] = {0}; +PUT_TO_SRAM2 static uint8_t sendbuf[512] = {0}; +PUT_TO_SRAM2 static size_t logbuflen = 0; int _write (int fd, const void *buf, unsigned long int len) { uint8_t * data = (uint8_t *) buf; #if DEBUG_LEVEL>0 - // static uint8_t logbuf[1000] = {0}; - // static int logbuflen = 0; - // if (logbuflen + len > sizeof(logbuf)) { - // int mlen = logbuflen + len - sizeof(logbuf); - // memmove(logbuf, &logbuf[mlen], sizeof(logbuf) - mlen); - // logbuflen -= mlen; - // } - // memcpy(&logbuf[logbuflen], data, len); - // logbuflen += len; + if (len > sizeof(logbuf)) { + len = sizeof(logbuf); + } + + if (logbuflen + len > sizeof(logbuf)) { + size_t mlen = logbuflen + len - sizeof(logbuf); + memmove(logbuf, &logbuf[mlen], sizeof(logbuf) - mlen); + logbuflen -= mlen; + } + memcpy(&logbuf[logbuflen], data, len); + logbuflen += len; + // check if we already sending something + USBD_CDC_HandleTypeDef *hcdc = (USBD_CDC_HandleTypeDef*)Solo_USBD_Device.pClassData; + if (hcdc->TxState != 0) + return 0; + + // USB donest have a send buffer... + size_t sendlen = MIN(logbuflen, sizeof(sendbuf)); + memcpy(sendbuf, logbuf, sendlen); + // Send out USB serial - CDC_Transmit_FS(data, len); - // if (res == USBD_OK) - // logbuflen = 0; + if (CDC_Transmit_FS(sendbuf, sendlen) == USBD_OK) { + if (logbuflen > sendlen) { + memmove(logbuf, &logbuf[sendlen], logbuflen - sendlen); + logbuflen -= sendlen; + } else { + logbuflen = 0; + } + } #endif #ifdef ENABLE_SERIAL_PRINTING // Send out UART serial diff --git a/tinycbor b/tinycbor index 878eb01b..e373de20 160000 --- a/tinycbor +++ b/tinycbor @@ -1 +1 @@ -Subproject commit 878eb01b96c573e353b217439c0f418f69c2ca04 +Subproject commit e373de2067414379f5ba6fcc1df5b1c2cdb89ecb