Skip to content

Commit

Permalink
Merge branch 'main' into at-improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
andreagilardoni authored Nov 21, 2024
2 parents c09ffd6 + 3deddbe commit 2b3843a
Show file tree
Hide file tree
Showing 7 changed files with 94 additions and 69 deletions.
72 changes: 38 additions & 34 deletions libraries/SE05X/src/SE05X.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,6 @@
SE05X_EC_SIGNATURE_RAW_LENGTH

#define SE05X_SHA256_LENGTH 32
#define SE05X_SN_LENGTH 18

#define SE05X_TEMP_OBJECT 9999

Expand Down Expand Up @@ -108,22 +107,35 @@ void SE05XClass::end()
Se05x_API_SessionClose(&_se05x_session);
}

int SE05XClass::serialNumber(byte sn[])
{
return serialNumber(sn, SE05X_SN_LENGTH);
}

int SE05XClass::serialNumber(byte sn[], size_t length)
{
size_t uidLen = length;
const int kSE05x_AppletResID_UNIQUE_ID = 0x7FFF0206;
smStatus_t status;

status = Se05x_API_ReadObject(&_se05x_session, kSE05x_AppletResID_UNIQUE_ID, 0, length, sn, &uidLen);
if (status != SM_OK || length != uidLen) {
SMLOG_E("Error in Se05x_API_ReadObject \n");
return 0;
}
return 1;
}

String SE05XClass::serialNumber()
{
String result = (char*)NULL;
byte UID[SE05X_SN_LENGTH];
size_t uidLen = SE05X_SN_LENGTH;
const int kSE05x_AppletResID_UNIQUE_ID = 0x7FFF0206,

status = Se05x_API_ReadObject(&_se05x_session, kSE05x_AppletResID_UNIQUE_ID, 0, uidLen, UID, &uidLen);
if (status != SM_OK) {
SMLOG_E("Error in Se05x_API_ReadObject \n");
return "";
}
serialNumber(UID, sizeof(UID));

result.reserve(uidLen * 2);
result.reserve(SE05X_SN_LENGTH * 2);

for (size_t i = 0; i < uidLen; i++) {
for (size_t i = 0; i < SE05X_SN_LENGTH; i++) {
byte b = UID[i];

if (b < 16) {
Expand Down Expand Up @@ -168,11 +180,11 @@ int SE05XClass::random(byte data[], size_t length)
smStatus_t status;
uint16_t offset = 0;
uint16_t left = length;

while (left > 0) {
uint16_t chunk = (left > SE05X_MAX_CHUNK_SIZE) ? SE05X_MAX_CHUNK_SIZE : left;
size_t max_buffer = chunk;

status = Se05x_API_GetRandom(&_se05x_session, chunk, (data + offset), &max_buffer);
if (status != SM_OK) {
SMLOG_E("Error in Se05x_API_GetRandom \n");
Expand Down Expand Up @@ -337,7 +349,7 @@ int SE05XClass::beginSHA256()
{
smStatus_t status;
SE05x_CryptoModeSubType_t subtype;

subtype.digest = kSE05x_DigestMode_SHA256;

status = Se05x_API_CreateCryptoObject(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, kSE05x_CryptoContext_DIGEST, subtype);
Expand All @@ -357,7 +369,7 @@ int SE05XClass::beginSHA256()
int SE05XClass::updateSHA256(const byte in[], size_t inLen)
{
smStatus_t status;

status = Se05x_API_DigestUpdate(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, in, inLen);
if (status != SM_OK) {
SMLOG_E("Error in Se05x_API_DigestUpdate \n");
Expand All @@ -374,7 +386,7 @@ int SE05XClass::endSHA256(byte out[], size_t* outLen)
if (*outLen < SE05X_SHA256_LENGTH) {
SMLOG_E("Error in endSHA256 \n");
*outLen = 0;
return 0;
return 0;
}

status = Se05x_API_DigestFinal(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, NULL, 0, out, outLen);
Expand Down Expand Up @@ -530,7 +542,7 @@ int SE05XClass::ecdsaVerify(const byte message[], const byte signature[], const
}

if (!deleteBinaryObject(SE05X_TEMP_OBJECT)) {
SMLOG_E("ecdsaVerify failure deleting temporary object\n");
SMLOG_E("ecdsaVerify failure deleting temporary object\n");
return 0;
}

Expand Down Expand Up @@ -574,7 +586,7 @@ int SE05XClass::readBinaryObject(int objectId, byte data[], size_t dataMaxLen, s
while (left > 0) {
uint16_t chunk = (left > SE05X_MAX_CHUNK_SIZE) ? SE05X_MAX_CHUNK_SIZE : left;
size_t max_buffer = chunk;

status = Se05x_API_ReadObject(&_se05x_session, objectId, offset, chunk, (data + offset), &max_buffer);
if (status != SM_OK) {
SMLOG_E("Error in Se05x_API_ReadObject \n");
Expand Down Expand Up @@ -621,8 +633,6 @@ int SE05XClass::writeAESKey(int objectId, const byte data[], size_t length)
{
smStatus_t status;
SE05x_Result_t result;
uint16_t offset = 0;
uint16_t size;

status = Se05x_API_CheckObjectExists(&_se05x_session, objectId, &result);
if (status != SM_OK) {
Expand All @@ -635,9 +645,7 @@ int SE05XClass::writeAESKey(int objectId, const byte data[], size_t length)
return 0;
}

uint16_t left = length;

status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 3, objectId, NULL, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_AES);
status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 3, objectId, SE05x_KeyID_KEK_NONE, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_AES);

if (status != SM_OK) {
SMLOG_E("Error in Se05x_API_WriteSymmKey \n");
Expand All @@ -650,9 +658,6 @@ int SE05XClass::writeHMACKey(int objectId, const byte data[], size_t length)
{
smStatus_t status;
SE05x_Result_t result;
uint8_t exists = 0;
uint16_t offset = 0;
uint16_t size;

status = Se05x_API_CheckObjectExists(&_se05x_session, objectId, &result);
if (status != SM_OK) {
Expand All @@ -662,7 +667,6 @@ int SE05XClass::writeHMACKey(int objectId, const byte data[], size_t length)

if (result == kSE05x_Result_SUCCESS) {
SMLOG_E("Object exists \n");
exists = 1;
}

status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 0, objectId, SE05x_KeyID_KEK_NONE, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_HMAC);
Expand Down Expand Up @@ -784,9 +788,9 @@ int SE05XClass::getECKeyXyValuesFromDER(byte* derKey, size_t derLen, byte* rawKe
if(*rawLen < SE05X_EC_KEY_RAW_LENGTH) {
SMLOG_E("Error in getECKeyXyValuesFromDER \n");
*rawLen = 0;
return 0;
return 0;
}

/* XY values are stored in the last 64 bytes of DER buffer */
*rawLen = SE05X_EC_KEY_RAW_LENGTH;
memcpy(rawKey, &derKey[derLen - SE05X_EC_KEY_RAW_LENGTH], SE05X_EC_KEY_RAW_LENGTH);
Expand All @@ -799,15 +803,15 @@ int SE05XClass::setECKeyXyVauesInDER(const byte* rawKey, size_t rawLen, byte* de
if(rawLen != SE05X_EC_KEY_RAW_LENGTH) {
SMLOG_E("Error in setECKeyXyVauesInDER invalid raw key\n");
*derLen = 0;
return 0;
return 0;
}

if(*derLen < SE05X_EC_KEY_DER_LENGTH) {
SMLOG_E("Error in setECKeyXyVauesInDER buffer too small\n");
*derLen = 0;
return 0;
return 0;
}

/* Copy header byte from 0 to 25 */
memcpy(&derKey[0], &ecc_der_header_nist256[0], SE05X_EC_KEY_DER_HEADER_LENGTH);
/* Add format byte */
Expand All @@ -827,13 +831,13 @@ int SE05XClass::getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen,
if ((derLen < SE05X_EC_SIGNATURE_MIN_DER_LENGTH) || (derLen > SE05X_EC_SIGNATURE_MAX_DER_LENGTH)) {
SMLOG_E("Error in getECSignatureRsValuesFromDER invalid signature\n");
*rawLen = 0;
return 0;
return 0;
}

if (*rawLen < SE05X_EC_SIGNATURE_RAW_LENGTH) {
SMLOG_E("Error in getECSignatureRsValuesFromDER buffer too small\n");
*rawLen = 0;
return 0;
return 0;
}

rLen = derSignature[3];
Expand Down Expand Up @@ -868,7 +872,7 @@ int SE05XClass::setECSignatureRsValuesInDER(const byte* rawSignature, size_t raw
{
/**
* Always consider worst case with padding
*
*
* | 0x30 0x46 0x02 0x21 0x00 | R values 32 bytes | 0x02 0x21 0x00 | S values 32 bytes |
*
*/
Expand Down
Loading

0 comments on commit 2b3843a

Please sign in to comment.