From 818a2af4309aea3a23e81cb2e9ca4272b3407225 Mon Sep 17 00:00:00 2001 From: kubodera_yuichi Date: Fri, 22 Jan 2010 05:58:50 +0000 Subject: [PATCH] =?UTF-8?q?ECDSA=E7=BD=B2=E5=90=8D=E3=81=8COpenSSL-1.0.0-b?= =?UTF-8?q?eta5=E3=81=A7=E6=A4=9C=E8=A8=BC=E6=88=90=E5=8A=9F=E3=81=97?= =?UTF-8?q?=E3=81=9F=E3=81=AE=E3=81=A7=E3=80=81beta5=E3=82=92=E6=A8=99?= =?UTF-8?q?=E6=BA=96=E3=81=A7=E4=BD=BF=E7=94=A8=E3=81=99=E3=82=8B=E3=82=88?= =?UTF-8?q?=E3=81=86=E5=A4=89=E6=9B=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@190 ff987cc8-cf2f-4642-8568-d52cce064691 --- trunk/Makefile | 4 ++-- trunk/Makefile.sharp | 2 +- trunk/cr_device_cert.c | 10 +++++++++- trunk/tools/merge_lib_objs.plx | 4 ++-- trunk/tools/merge_lib_objs_hsm.plx | 4 ++-- 5 files changed, 16 insertions(+), 8 deletions(-) diff --git a/trunk/Makefile b/trunk/Makefile index 46a1153..df52725 100644 --- a/trunk/Makefile +++ b/trunk/Makefile @@ -70,8 +70,8 @@ PROD_DER_KEY_DIR = ./realKey/prod endif # USE_DUMMY_KEY PACKAGE_DIR = ./package -# OPENSSL_DIR = ./openssl-1.0.0-beta2 -OPENSSL_DIR = ./openssl-0.9.8k +OPENSSL_DIR = ./openssl-1.0.0-beta5 +# OPENSSL_DIR = ./openssl-0.9.8k TARGET_LIB = libgenid.a diff --git a/trunk/Makefile.sharp b/trunk/Makefile.sharp index f30cd99..d1d01b8 100644 --- a/trunk/Makefile.sharp +++ b/trunk/Makefile.sharp @@ -1,6 +1,6 @@ # Linux 上でビルドする場合は、DEV_CYGWINをコメントアウトしてください。 -DEV_CYGWIN = TRUE +#DEV_CYGWIN = TRUE TARGET = gen_id diff --git a/trunk/cr_device_cert.c b/trunk/cr_device_cert.c index dc8a8a5..5e21657 100644 --- a/trunk/cr_device_cert.c +++ b/trunk/cr_device_cert.c @@ -230,12 +230,19 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8 // ECDSA鄂イ蜷堺サ伜刈 #ifdef ECDSA_SHA256 u8 sha256Buf[ SHA256_DIGEST_LENGTH ]; + u8 modifyHash[ SHA256_DIGEST_LENGTH ]; // CR_DeviceCert縺ョSHA256險育ョ SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf ); DEBUG_PRINT_ARRAY( "sha256(HSM)", (const char *)sha256Buf, 32 ); - ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha256Buf, bonding_option ); + // HSM 縺ッ蛻繧願ゥー繧√↑縺縺ァ鄂イ蜷阪@縺ヲ縺励∪縺縺ョ縺ァ閾ェ蜑阪〒蜉蟾・縺吶k + memset( modifyHash, 0, sizeof( modifyHash ) ); + modifyHash[2] = sha256Buf[0] >> 7; + for( i = 3; i < SHA256_DIGEST_LENGTH; i++ ) + modifyHash[i] = (sha256Buf[i-3] << 1) | (sha256Buf[i-2] >> 7); + + ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, modifyHash, bonding_option ); #else // !ECDSA_SHA256 u8 sha1Buf[ 20 ]; SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf ); @@ -404,6 +411,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8 printf( "\n" ); printf( "keyType : 0x%08X\n", *(unsigned int*)deviceCert.keyType ); printf( "subject : " ); + for ( i = 0; i < sizeof(deviceCert.subject); i++ ) printf( "%c", deviceCert.subject[i] ); printf( "\n" ); printf( "expiryDate : 0x%08X\n", (unsigned int)deviceCert.expiryDate ); diff --git a/trunk/tools/merge_lib_objs.plx b/trunk/tools/merge_lib_objs.plx index 619dd07..d367459 100644 --- a/trunk/tools/merge_lib_objs.plx +++ b/trunk/tools/merge_lib_objs.plx @@ -5,8 +5,8 @@ my $lib_name = "../libgenid.a"; my @lib_list = ( - "../openssl-0.9.8k/libcrypto.a", - "../openssl-0.9.8k/libssl.a", + "../openssl-1.0.0-beta5/libcrypto.a", + "../openssl-1.0.0-beta5/libssl.a", ); # move work directory diff --git a/trunk/tools/merge_lib_objs_hsm.plx b/trunk/tools/merge_lib_objs_hsm.plx index a721956..30a9763 100644 --- a/trunk/tools/merge_lib_objs_hsm.plx +++ b/trunk/tools/merge_lib_objs_hsm.plx @@ -5,8 +5,8 @@ my $lib_name = "../libgenid.a"; my @lib_list = ( - "../openssl-0.9.8k/libcrypto.a", - "../openssl-0.9.8k/libssl.a", + "../openssl-1.0.0-beta5/libcrypto.a", + "../openssl-1.0.0-beta5/libssl.a", "/opt/nfast/c/ctd/gcc/lib/libnflog.a", "/opt/nfast/c/ctd/gcc/lib/libcutils.a", "/opt/nfast/c/ctd/gcc/lib/libnfstub.a",