From 669f145a33c3245b9aad4fa6be31d6c83e90b46b Mon Sep 17 00:00:00 2001 From: kubodera_yuichi Date: Tue, 29 Dec 2009 06:41:46 +0000 Subject: [PATCH] =?UTF-8?q?ECDSA=E7=BD=B2=E5=90=8D=E7=94=9F=E6=88=90?= =?UTF-8?q?=E9=96=A2=E6=95=B0=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@128 ff987cc8-cf2f-4642-8568-d52cce064691 --- cr_hsm_code.c | 80 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 66 insertions(+), 14 deletions(-) diff --git a/cr_hsm_code.c b/cr_hsm_code.c index 58c3390..0e3b82e 100644 --- a/cr_hsm_code.c +++ b/cr_hsm_code.c @@ -152,11 +152,12 @@ static int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_K // ECDSA key M_KeyID hsmEcdsaPrivkeyidDev, hsmEcdsaPubkeyidDev; M_KeyID hsmEcdsaPrivkeyidProd, hsmEcdsaPubkeyidProd; + const NFKM_KeyIdent hsmEcdsaPrivkeyidentDev = { (char*)"simple", (char*)"nintendo-ctr2-priv-dummy-dev" }; const NFKM_KeyIdent hsmEcdsaPubkeyidentDev = { (char*)"simple", (char*)"nintendo-ctr2-pub-dummy-dev" }; const NFKM_KeyIdent hsmEcdsaPrivkeyidentProd = { (char*)"simple", (char*)"nintendo-ctr2-priv-dummy-prod" }; const NFKM_KeyIdent hsmEcdsaPubkeyidentProd = { (char*)"simple", (char*)"nintendo-ctr2-pub-dummy-prod" }; -int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid, +int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid, NFKM_KeyIdent pubKeyident, M_KeyID *pubKeyid ); // init HSM @@ -249,15 +250,16 @@ int hsm_initialize( void ) // load ecdsa dev keypair ret_code = hsm_ecdsa_load_keypair( hsmEcdsaPrivkeyidentDev, &hsmEcdsaPrivkeyidDev, - hsmEcdsaPubkeyidentDev, &hsmEcdsaPrivkeyidDev ); + hsmEcdsaPubkeyidentDev, &hsmEcdsaPubkeyidDev ); if ( ret_code != CR_GENID_SUCCESS ) { SetErrorInfo( __FUNCTION__, __LINE__ ); return ret_code; } + // load ecdsa prod keypair ret_code = hsm_ecdsa_load_keypair( hsmEcdsaPrivkeyidentProd, &hsmEcdsaPrivkeyidProd, - hsmEcdsaPubkeyidentProd, &hsmEcdsaPrivkeyidProd ); + hsmEcdsaPubkeyidentProd, &hsmEcdsaPubkeyidProd ); if ( ret_code != CR_GENID_SUCCESS ) { SetErrorInfo( __FUNCTION__, __LINE__ ); @@ -498,6 +500,7 @@ int hsm_aes_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u // key set keyid = bonding_option ? hsmAesKeyidDev : hsmAesKeyidProd; + // iv set enc_iv.mech = Mech_RijndaelmCBCpNONE; @@ -641,6 +644,7 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p } end: + NFKM_freekey( hsmHandle, keyinfo, NULL ); return ret_code; @@ -748,15 +752,8 @@ int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid, NFKM_Key *keyinfo = NULL; NFKM_ModuleInfo *moduleinfo = NULL; M_ByteBlock *blobptr = NULL; + M_KeyID tempId; - // find priv key - ret_code = NFKM_findkey( hsmHandle, privKeyident, &keyinfo, NULL ); - if ( ret_code != CR_GENID_SUCCESS ) - { - SetErrorInfo( __FUNCTION__, __LINE__ ); - goto end; - } - // get usable Module moduleinfo = hsmWorld->modules[0]; ret_code = NFKM_getusablemodule( hsmWorld, HSM_MODULE_ID, &moduleinfo ); @@ -766,8 +763,16 @@ int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid, goto end; } + // find priv key + ret_code = NFKM_findkey( hsmHandle, privKeyident, &keyinfo, NULL ); + if ( ret_code != CR_GENID_SUCCESS ) + { + SetErrorInfo( __FUNCTION__, __LINE__ ); + goto end; + } + // load priv key blob - blobptr = &keyinfo->privblob; + blobptr = &(keyinfo->privblob); ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection, moduleinfo->module, blobptr, 0, privKeyid, @@ -780,17 +785,18 @@ int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid, NFKM_freekey( hsmHandle, keyinfo, NULL ); keyinfo = NULL; - + // find pub key ret_code = NFKM_findkey( hsmHandle, pubKeyident, &keyinfo, NULL ); if ( ret_code != CR_GENID_SUCCESS ) { SetErrorInfo( __FUNCTION__, __LINE__ ); goto end; + } // load public key blob - blobptr = &keyinfo->pubblob; + blobptr = &(keyinfo->pubblob); ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection, moduleinfo->module, blobptr, 0, pubKeyid, @@ -807,4 +813,50 @@ end: return ret_code; } // hsm_ecdsa_load_keypair +int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, int data_size, unsigned char bonding_option ) +{ + int ret_code = CR_GENID_SUCCESS; + + M_KeyID keyid; + M_Command cmd; + M_Reply reply; + + memset( &cmd, 0, sizeof( cmd ) ); + memset( &reply, 0, sizeof( reply ) ); + + // key set + keyid = bonding_option ? hsmEcdsaPrivkeyidDev : hsmEcdsaPrivkeyidProd; + + // sign command set + cmd.cmd = Cmd_Sign; + cmd.args.sign.flags = 0; // Cmd_Sign_Args_flags_given_iv_present; + cmd.args.sign.key = keyid; + cmd.args.sign.mech = HSM_SIGN_MECH; + cmd.args.sign.plain.type = PlainTextType_Bytes; + cmd.args.sign.plain.data.bytes.data.len = data_size; + cmd.args.sign.plain.data.bytes.data.ptr = data_buf; + + // sign command issue + ret_code = NFastApp_Transact( hsmConnection, NULL, &cmd, &reply, NULL ); + if ( ret_code != CR_GENID_SUCCESS ) + { + SetErrorInfo( __FUNCTION__, __LINE__ ); + return ret_code; + } + ret_code = reply.status; + if ( ret_code != CR_GENID_SUCCESS ) + { + SetErrorInfo( __FUNCTION__, __LINE__ ); + return ret_code; + } + + // buffer copy + //memcpy( dst_buf, reply.reply.decrypt.plain.data.bytes.data.ptr, size ); + + //NFastApp_Free_Command( hsmHandle, NULL, NULL, &cmd ); // 何故かアボートする + NFastApp_Free_Reply( hsmHandle, NULL, NULL, &reply ); + + return CR_GENID_SUCCESS; +} // hsm_ecdsa_sign + #endif // USE_HSM