- Generated by
1.16.1
|
CDC Badge OS
Firmware for the CDC Badge v1.0 hardware security key
|
#include <stdint.h>#include <stdbool.h>#include <stddef.h>Go to the source code of this file.
Macros | |
| #define | ALGO_RSA 0x01 |
| #define | ALGO_ECDH 0x12 |
| #define | ALGO_ECDSA 0x13 |
| #define | ALGO_EDDSA 0x16 |
| #define | KEY_SIG 0xB6 |
| #define | KEY_DEC 0xB8 |
| #define | KEY_AUT 0xA4 |
| #define | OPENPGP_PW1_MIN_LEN 6 |
| #define | OPENPGP_PW3_MIN_LEN 8 |
| #define | OPENPGP_PIN_MAX_LEN 32 |
| #define | DO_AID 0x004F |
| #define | DO_HIST_BYTES 0x5F52 |
| #define | DO_CARDHOLDER 0x0065 |
| #define | DO_APP_RELATED 0x006E |
| #define | DO_DISCRET_DO 0x0073 |
| #define | DO_EXT_CAP 0x00C0 |
| #define | DO_ALGO_SIG 0x00C1 |
| #define | DO_ALGO_DEC 0x00C2 |
| #define | DO_ALGO_AUT 0x00C3 |
| #define | DO_PW_STATUS 0x00C4 |
| #define | DO_RC 0x00D3 |
| #define | DO_FP_SIG 0x00C7 |
| #define | DO_FP_DEC 0x00C8 |
| #define | DO_FP_AUT 0x00C9 |
| #define | DO_CA_FP_1 0x00CA |
| #define | DO_CA_FP_2 0x00CB |
| #define | DO_CA_FP_3 0x00CC |
| #define | DO_GEN_TIME_ALL 0x00CD |
| #define | DO_GEN_TIME_SIG 0x00CE |
| #define | DO_GEN_TIME_DEC 0x00CF |
| #define | DO_GEN_TIME_AUT 0x00D0 |
| #define | DO_SIG_COUNT 0x0093 |
| #define | DO_URL 0x5F50 |
| #define | DO_LOGIN 0x005E |
| #define | DO_NAME 0x005B |
| #define | DO_LANG_PREF 0x5F2D |
| #define | DO_SEX 0x5F35 |
| #define | DO_UIF_SIG 0x00D6 |
| #define | DO_UIF_DEC 0x00D7 |
| #define | DO_UIF_AUT 0x00D8 |
| #define | DO_KEY_INFO 0x00DE |
| #define | DO_SEC_TPL 0x007A |
| #define | DO_KDF 0x00F9 |
| #define | DO_AES_KEY 0x00D5 |
| #define | DO_CARDHOLDER_CERT 0x7F21 |
| #define | SW_OK 0x9000 |
| #define | SW_FILE_TERMINATED 0x6285 |
| #define | SW_WRONG_LENGTH 0x6700 |
| #define | SW_SECURITY_NOT_SATISFIED 0x6982 |
| #define | SW_AUTH_METHOD_BLOCKED 0x6983 |
| #define | SW_CONDITIONS_NOT_SATISFIED 0x6985 |
| #define | SW_WRONG_DATA 0x6A80 |
| #define | SW_FILE_NOT_FOUND 0x6A82 |
| #define | SW_INCORRECT_P1P2 0x6A86 |
| #define | SW_REFERENCED_DATA_NOT_FOUND 0x6A88 |
| #define | SW_WRONG_P1P2 0x6B00 |
| #define | SW_INS_NOT_SUPPORTED 0x6D00 |
| #define | SW_CLA_NOT_SUPPORTED 0x6E00 |
| #define | SW_UNKNOWN 0x6F00 |
Functions | |
| bool | openpgp_init (void) |
| int | openpgp_process_apdu (const uint8_t *cmd, size_t cmd_len, uint8_t *resp, size_t resp_max) |
| bool | openpgp_is_selected (void) |
| uint32_t | openpgp_get_sig_count (void) |
| bool | openpgp_set_key_fingerprint (uint8_t key_type, const uint8_t *fingerprint, uint32_t gen_time) |
| void | openpgp_factory_reset (void) |
| bool | openpgp_get_fingerprint (uint8_t key_type, uint8_t *fp_out) |
| Reads the stored OpenPGP v4 fingerprint for a key role. | |
| bool | openpgp_has_any_key (void) |
| Reports whether any of the SIG / DEC / AUT roles has a non-zero fingerprint configured. Acts as the canonical "card has keys" check. | |
| size_t | openpgp_get_cardholder_name (char *out, size_t out_size) |
| Copies the cardholder name (OpenPGP DO 0x5B) into the caller buffer. Format is gpg's "Surname<<Firstname" or empty when unset. | |
| uint32_t | openpgp_get_gen_time (uint8_t key_type) |
| Returns the stored Unix timestamp of key generation, or 0 when unset. | |
| bool | openpgp_set_cardholder_name (const char *name) |
| Sets the cardholder name (OpenPGP DO 0x5B) and persists state. | |
Variables | |
| const uint8_t * | OPENPGP_AID |
| const uint8_t | OPENPGP_AID_LEN |
| #define DO_AES_KEY 0x00D5 |
Definition at line 86 of file openpgp.h.
Referenced by cmd_put_data().
| #define DO_AID 0x004F |
Definition at line 45 of file openpgp.h.
Referenced by build_do_app_related(), and cmd_get_data().
| #define DO_ALGO_AUT 0x00C3 |
Definition at line 53 of file openpgp.h.
Referenced by build_do_app_related(), cmd_get_data(), cmd_put_data(), and put_data_algo_attr().
| #define DO_ALGO_DEC 0x00C2 |
Definition at line 52 of file openpgp.h.
Referenced by build_do_app_related(), cmd_get_data(), cmd_put_data(), and put_data_algo_attr().
| #define DO_ALGO_SIG 0x00C1 |
Definition at line 51 of file openpgp.h.
Referenced by build_do_app_related(), cmd_get_data(), cmd_put_data(), and put_data_algo_attr().
| #define DO_APP_RELATED 0x006E |
Definition at line 48 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_CA_FP_1 0x00CA |
Definition at line 59 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_CA_FP_2 0x00CB |
Definition at line 60 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_CA_FP_3 0x00CC |
Definition at line 61 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_CARDHOLDER 0x0065 |
Definition at line 47 of file openpgp.h.
Referenced by build_do_cardholder(), and cmd_get_data().
| #define DO_CARDHOLDER_CERT 0x7F21 |
Definition at line 87 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_EXT_CAP 0x00C0 |
Definition at line 50 of file openpgp.h.
Referenced by build_do_app_related(), and cmd_get_data().
| #define DO_FP_AUT 0x00C9 |
Definition at line 58 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_FP_DEC 0x00C8 |
Definition at line 57 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_FP_SIG 0x00C7 |
Definition at line 56 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_GEN_TIME_AUT 0x00D0 |
Definition at line 73 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_GEN_TIME_DEC 0x00CF |
Definition at line 72 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_GEN_TIME_SIG 0x00CE |
Definition at line 71 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_HIST_BYTES 0x5F52 |
Definition at line 46 of file openpgp.h.
Referenced by build_do_app_related(), and cmd_get_data().
| #define DO_KDF 0x00F9 |
Definition at line 85 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_KEY_INFO 0x00DE |
Definition at line 83 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_LANG_PREF 0x5F2D |
Definition at line 78 of file openpgp.h.
Referenced by build_do_cardholder(), cmd_get_data(), and find_put_data_desc().
| #define DO_LOGIN 0x005E |
Definition at line 76 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define DO_NAME 0x005B |
Definition at line 77 of file openpgp.h.
Referenced by build_do_cardholder(), cmd_get_data(), and find_put_data_desc().
| #define DO_PW_STATUS 0x00C4 |
Definition at line 54 of file openpgp.h.
Referenced by build_do_app_related(), and cmd_get_data().
| #define DO_RC 0x00D3 |
Definition at line 55 of file openpgp.h.
Referenced by cmd_put_data().
| #define DO_SEC_TPL 0x007A |
Definition at line 84 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_SEX 0x5F35 |
Definition at line 79 of file openpgp.h.
Referenced by build_do_cardholder(), cmd_get_data(), and cmd_put_data().
| #define DO_SIG_COUNT 0x0093 |
Definition at line 74 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_UIF_AUT 0x00D8 |
Definition at line 82 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_UIF_DEC 0x00D7 |
Definition at line 81 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_UIF_SIG 0x00D6 |
Definition at line 80 of file openpgp.h.
Referenced by cmd_get_data().
| #define DO_URL 0x5F50 |
Definition at line 75 of file openpgp.h.
Referenced by cmd_get_data(), and find_put_data_desc().
| #define KEY_AUT 0xA4 |
Definition at line 37 of file openpgp.h.
Referenced by cmd_manage_security_env(), get_ecc_slot_for_key_ref(), get_key_type_for_ref(), gpg_generate_key(), openpgp_get_fingerprint(), openpgp_get_gen_time(), openpgp_set_key_fingerprint(), and update_generation_timestamp().
| #define KEY_DEC 0xB8 |
Definition at line 36 of file openpgp.h.
Referenced by cmd_manage_security_env(), cmd_put_data_odd(), get_ecc_slot_for_key_ref(), get_key_type_for_ref(), gpg_generate_key(), openpgp_get_fingerprint(), openpgp_get_gen_time(), openpgp_set_key_fingerprint(), and update_generation_timestamp().
| #define KEY_SIG 0xB6 |
Definition at line 35 of file openpgp.h.
Referenced by cmd_generate_keypair(), cmd_manage_security_env(), get_ecc_slot_for_key_ref(), get_key_type_for_ref(), gpg_generate_key(), gpg_get_status(), openpgp_get_fingerprint(), openpgp_get_gen_time(), openpgp_set_key_fingerprint(), and update_generation_timestamp().
| #define OPENPGP_PIN_MAX_LEN 32 |
Definition at line 42 of file openpgp.h.
Referenced by __attribute__(), build_do_app_related(), cmd_change_reference_data(), cmd_get_data(), cmd_put_data(), cmd_reset_retry_counter(), cmd_verify(), compute_kdf_hash(), compute_rc_hash(), load_state_from_nvs(), and try_change_pin().
| #define OPENPGP_PW1_MIN_LEN 6 |
Definition at line 40 of file openpgp.h.
Referenced by cmd_change_reference_data(), and cmd_reset_retry_counter().
| #define OPENPGP_PW3_MIN_LEN 8 |
Definition at line 41 of file openpgp.h.
Referenced by cmd_change_reference_data().
| #define SW_AUTH_METHOD_BLOCKED 0x6983 |
Definition at line 94 of file openpgp.h.
Referenced by cmd_change_reference_data(), cmd_reset_retry_counter(), and cmd_verify().
| #define SW_CLA_NOT_SUPPORTED 0x6E00 |
Definition at line 102 of file openpgp.h.
Referenced by openpgp_process_apdu().
| #define SW_CONDITIONS_NOT_SATISFIED 0x6985 |
Definition at line 95 of file openpgp.h.
Referenced by cmd_get_response(), cmd_internal_authenticate(), cmd_manage_security_env(), cmd_pso_cds(), cmd_pso_decipher(), cmd_pso_decipher_aes(), cmd_reset_retry_counter(), and openpgp_process_apdu().
| #define SW_FILE_NOT_FOUND 0x6A82 |
Definition at line 97 of file openpgp.h.
Referenced by cmd_put_data(), cmd_select(), and put_data_algo_attr().
| #define SW_FILE_TERMINATED 0x6285 |
Definition at line 91 of file openpgp.h.
Referenced by openpgp_process_apdu().
| #define SW_INCORRECT_P1P2 0x6A86 |
Definition at line 98 of file openpgp.h.
Referenced by cmd_activate_file(), cmd_change_reference_data(), cmd_get_response(), cmd_internal_authenticate(), cmd_manage_security_env(), cmd_put_data_odd(), cmd_reset_retry_counter(), cmd_terminate_df(), cmd_verify(), and openpgp_process_apdu().
| #define SW_INS_NOT_SUPPORTED 0x6D00 |
Definition at line 101 of file openpgp.h.
Referenced by openpgp_process_apdu().
| #define SW_OK 0x9000 |
Definition at line 90 of file openpgp.h.
Referenced by apply_put_data_desc(), apply_response_chaining(), cmd_activate_file(), cmd_change_reference_data(), cmd_generate_keypair(), cmd_get_data(), cmd_get_response(), cmd_internal_authenticate(), cmd_manage_security_env(), cmd_pso_cds(), cmd_pso_decipher(), cmd_pso_decipher_aes(), cmd_put_data(), cmd_put_data_odd(), cmd_reset_retry_counter(), cmd_select(), cmd_terminate_df(), cmd_verify(), generate_dec_key(), generate_hardware_key(), openpgp_process_apdu(), and put_data_algo_attr().
| #define SW_REFERENCED_DATA_NOT_FOUND 0x6A88 |
Definition at line 99 of file openpgp.h.
Referenced by cmd_generate_keypair(), and cmd_get_data().
| #define SW_SECURITY_NOT_SATISFIED 0x6982 |
Definition at line 93 of file openpgp.h.
Referenced by cmd_generate_keypair(), cmd_internal_authenticate(), cmd_pso_cds(), cmd_pso_decipher(), cmd_pso_decipher_aes(), cmd_put_data(), cmd_put_data_odd(), cmd_reset_retry_counter(), and cmd_terminate_df().
| #define SW_UNKNOWN 0x6F00 |
Definition at line 103 of file openpgp.h.
Referenced by cmd_get_data(), cmd_internal_authenticate(), cmd_pso_cds(), cmd_pso_decipher(), cmd_pso_decipher_aes(), cmd_put_data(), cmd_put_data_odd(), cmd_reset_retry_counter(), generate_dec_key(), and generate_hardware_key().
| #define SW_WRONG_DATA 0x6A80 |
Definition at line 96 of file openpgp.h.
Referenced by cmd_manage_security_env(), cmd_pso_cds(), cmd_pso_decipher(), cmd_pso_decipher_aes(), cmd_put_data_odd(), openpgp_process_apdu(), and put_data_algo_attr().
| #define SW_WRONG_LENGTH 0x6700 |
Definition at line 92 of file openpgp.h.
Referenced by apply_put_data_desc(), cmd_change_reference_data(), cmd_internal_authenticate(), cmd_manage_security_env(), cmd_pso_decipher_aes(), cmd_put_data(), cmd_put_data_odd(), cmd_reset_retry_counter(), cmd_verify(), and openpgp_process_apdu().
| void openpgp_factory_reset | ( | void | ) |
Definition at line 2218 of file openpgp.cpp.
References ca_fp_1, ca_fp_2, ca_fp_3, card_terminated, cardholder_lang, cardholder_login, cardholder_name, cardholder_sex, cardholder_url, CDC_CURVE_ED25519, fingerprint_aut, fingerprint_dec, fingerprint_sig, gen_time_aut, gen_time_dec, gen_time_sig, get_se(), gpg_storage_aut_slot(), gpg_storage_clear_session(), gpg_storage_delete_dec_privkey(), gpg_storage_sig_slot(), pin_storage_openpgp_reset(), pw1_verified, pw3_verified, s_rc_hash, s_rc_len, s_rc_retries, s_rc_salt, save_state_to_nvs(), selected_curve_aut, selected_curve_sig, and sig_count.
Referenced by cmd_activate_file(), and gpg_reset().
| size_t openpgp_get_cardholder_name | ( | char * | out, |
| size_t | out_size ) |
Copies the cardholder name (OpenPGP DO 0x5B) into the caller buffer. Format is gpg's "Surname<<Firstname" or empty when unset.
Definition at line 913 of file openpgp.cpp.
References cardholder_name.
Referenced by gpg_get_status().
| bool openpgp_get_fingerprint | ( | uint8_t | key_type, |
| uint8_t * | fp_out ) |
Reads the stored OpenPGP v4 fingerprint for a key role.
| key_type | One of KEY_SIG, KEY_DEC, KEY_AUT. |
| fp_out | 20-byte output buffer. |
Definition at line 890 of file openpgp.cpp.
References fingerprint_aut, fingerprint_dec, fingerprint_sig, KEY_AUT, KEY_DEC, KEY_SIG, and OPENPGP_FINGERPRINT_SIZE.
Referenced by gpg_get_status().
| uint32_t openpgp_get_gen_time | ( | uint8_t | key_type | ) |
Returns the stored Unix timestamp of key generation, or 0 when unset.
| key_type | One of KEY_SIG, KEY_DEC, KEY_AUT. |
Definition at line 922 of file openpgp.cpp.
References gen_time_aut, gen_time_dec, gen_time_sig, KEY_AUT, KEY_DEC, and KEY_SIG.
Referenced by gpg_get_status().
| uint32_t openpgp_get_sig_count | ( | void | ) |
| bool openpgp_has_any_key | ( | void | ) |
Reports whether any of the SIG / DEC / AUT roles has a non-zero fingerprint configured. Acts as the canonical "card has keys" check.
Definition at line 907 of file openpgp.cpp.
References fingerprint_aut, fingerprint_dec, fingerprint_sig, and fp_is_set().
Referenced by gpg_export_pubkey_pem(), gpg_generate_key(), gpg_get_status(), gpg_is_initialized(), and cdc::mod_gpg::rebuildMenu().
| bool openpgp_init | ( | void | ) |
Definition at line 863 of file openpgp.cpp.
References gpg_init(), init_aid_from_mac(), load_state_from_nvs(), LOG_E, LOG_I, pin_storage_openpgp_init(), sig_count, and TAG.
Referenced by ccid_init().
| bool openpgp_is_selected | ( | void | ) |
Definition at line 882 of file openpgp.cpp.
References app_selected.
| int openpgp_process_apdu | ( | const uint8_t * | cmd, |
| size_t | cmd_len, | ||
| uint8_t * | resp, | ||
| size_t | resp_max ) |
Definition at line 2683 of file openpgp.cpp.
References apdu_build_response(), apdu_parse(), apdu_sw(), app_selected, apply_response_chaining(), card_terminated, chain_reset(), cmd_activate_file(), cmd_change_reference_data(), cmd_generate_keypair(), cmd_get_data(), cmd_get_response(), cmd_internal_authenticate(), cmd_manage_security_env(), cmd_pso_cds(), cmd_pso_decipher(), cmd_put_data(), cmd_put_data_odd(), cmd_reset_retry_counter(), cmd_select(), cmd_terminate_df(), cmd_verify(), g_chain_active, g_chain_buffer, g_chain_ins, g_chain_len, g_chain_p1, g_chain_p2, g_resp_pos, g_resp_remaining, INS_ACTIVATE, INS_CHANGE_PIN, INS_GENERATE_KEYPAIR, INS_GET_CHALLENGE, INS_GET_DATA, INS_GET_RESPONSE, INS_INTERNAL_AUTH, INS_MSE, INS_PSO, INS_PUT_DATA, INS_PUT_DATA_ODD, INS_RESET_RETRY, INS_SELECT, INS_TERMINATE, INS_VERIFY, LOG_D, LOG_E, LOG_W, se_random_fill(), SW_CLA_NOT_SUPPORTED, SW_CONDITIONS_NOT_SATISFIED, SW_FILE_TERMINATED, SW_INCORRECT_P1P2, SW_INS_NOT_SUPPORTED, SW_OK, SW_WRONG_DATA, SW_WRONG_LENGTH, and TAG.
Referenced by ccid_process_message().
| bool openpgp_set_cardholder_name | ( | const char * | name | ) |
Sets the cardholder name (OpenPGP DO 0x5B) and persists state.
| name | UTF-8 string; truncated to fit the storage buffer. |
Definition at line 936 of file openpgp.cpp.
References cardholder_name, name, and save_state_to_nvs().
Referenced by gpg_generate_key().
| bool openpgp_set_key_fingerprint | ( | uint8_t | key_type, |
| const uint8_t * | fingerprint, | ||
| uint32_t | gen_time ) |
Definition at line 949 of file openpgp.cpp.
References fingerprint_aut, fingerprint_dec, fingerprint_sig, gen_time_aut, gen_time_dec, gen_time_sig, KEY_AUT, KEY_DEC, KEY_SIG, LOG_E, LOG_I, OPENPGP_FINGERPRINT_SIZE, save_state_to_nvs(), and TAG.
Referenced by gpg_generate_key().
|
extern |
Definition at line 156 of file openpgp.cpp.
Referenced by build_do_app_related(), cmd_get_data(), and cmd_select().
|
extern |
Definition at line 157 of file openpgp.cpp.
Referenced by build_do_app_related(), and cmd_get_data().
1.16.1