rvtr/ctr_eFuse
1
Fork 0
mirror of https://github.com/rvtr/ctr_eFuse.git synced 2025-11-02 00:11:04 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

ECDSA署名がOpenSSL-1.0.0-beta5で検証成功したので、beta5を標準で使用するよう変更

Browse Source 
git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@190 ff987cc8-cf2f-4642-8568-d52cce064691
This commit is contained in:
kubodera_yuichi 2010-01-22 05:58:50 +00:00
parent dc84b6c99c
commit 818a2af430
5 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
trunk/Makefile
View File

@ -70,8 +70,8 @@ PROD_DER_KEY_DIR = ./realKey/prod
endif # USE_DUMMY_KEY endif # USE_DUMMY_KEY
PACKAGE_DIR = ./package PACKAGE_DIR = ./package
# OPENSSL_DIR = ./openssl-1.0.0-beta2 OPENSSL_DIR = ./openssl-1.0.0-beta5
OPENSSL_DIR = ./openssl-0.9.8k # OPENSSL_DIR = ./openssl-0.9.8k
TARGET_LIB = libgenid.a TARGET_LIB = libgenid.a

2
trunk/Makefile.sharp
View File

@ -1,6 +1,6 @@
# Linux 上でビルドする場合は、DEV_CYGWINをコメントアウトしてください。 # Linux 上でビルドする場合は、DEV_CYGWINをコメントアウトしてください。
DEV_CYGWIN = TRUE #DEV_CYGWIN = TRUE
TARGET = gen_id TARGET = gen_id

10
trunk/cr_device_cert.c
View File

@ -230,12 +230,19 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
// ECDSA署名付加 // ECDSA署名付加
#ifdef ECDSA_SHA256 #ifdef ECDSA_SHA256
u8 sha256Buf[ SHA256_DIGEST_LENGTH ]; u8 sha256Buf[ SHA256_DIGEST_LENGTH ];
u8 modifyHash[ SHA256_DIGEST_LENGTH ];
// CR_DeviceCertのSHA256計算 // CR_DeviceCertのSHA256計算
SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf ); SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf );
DEBUG_PRINT_ARRAY( "sha256(HSM)", (const char *)sha256Buf, 32 ); DEBUG_PRINT_ARRAY( "sha256(HSM)", (const char *)sha256Buf, 32 );
ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha256Buf, bonding_option ); // HSM は切り詰めないで署名してしまうので自前で加工する
memset( modifyHash, 0, sizeof( modifyHash ) );
modifyHash[2] = sha256Buf[0] >> 7;
for( i = 3; i < SHA256_DIGEST_LENGTH; i++ )
modifyHash[i] = (sha256Buf[i-3] << 1) | (sha256Buf[i-2] >> 7);
ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, modifyHash, bonding_option );
#else // !ECDSA_SHA256 #else // !ECDSA_SHA256
u8 sha1Buf[ 20 ]; u8 sha1Buf[ 20 ];
SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf ); SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
@ -404,6 +411,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
printf( "\n" ); printf( "\n" );
printf( "keyType : 0x%08X\n", *(unsigned int*)deviceCert.keyType ); printf( "keyType : 0x%08X\n", *(unsigned int*)deviceCert.keyType );
printf( "subject : " ); printf( "subject : " );
for ( i = 0; i < sizeof(deviceCert.subject); i++ ) printf( "%c", deviceCert.subject[i] ); for ( i = 0; i < sizeof(deviceCert.subject); i++ ) printf( "%c", deviceCert.subject[i] );
printf( "\n" ); printf( "\n" );
printf( "expiryDate : 0x%08X\n", (unsigned int)deviceCert.expiryDate ); printf( "expiryDate : 0x%08X\n", (unsigned int)deviceCert.expiryDate );

4
trunk/tools/merge_lib_objs.plx
View File

@ -5,8 +5,8 @@ my $lib_name = "../libgenid.a";
my @lib_list = my @lib_list =
( (
"../openssl-0.9.8k/libcrypto.a", "../openssl-1.0.0-beta5/libcrypto.a",
"../openssl-0.9.8k/libssl.a", "../openssl-1.0.0-beta5/libssl.a",
); );
# move work directory # move work directory

4
trunk/tools/merge_lib_objs_hsm.plx
View File

@ -5,8 +5,8 @@ my $lib_name = "../libgenid.a";
my @lib_list = my @lib_list =
( (
"../openssl-0.9.8k/libcrypto.a", "../openssl-1.0.0-beta5/libcrypto.a",
"../openssl-0.9.8k/libssl.a", "../openssl-1.0.0-beta5/libssl.a",
"/opt/nfast/c/ctd/gcc/lib/libnflog.a", "/opt/nfast/c/ctd/gcc/lib/libnflog.a",
"/opt/nfast/c/ctd/gcc/lib/libcutils.a", "/opt/nfast/c/ctd/gcc/lib/libcutils.a",
"/opt/nfast/c/ctd/gcc/lib/libnfstub.a", "/opt/nfast/c/ctd/gcc/lib/libnfstub.a",