From 8e3aaa9444e7ac4e06a7a21f9cd8cce000d6aaef Mon Sep 17 00:00:00 2001
From: kubodera_yuichi <kubodera_yuichi@ff987cc8-cf2f-4642-8568-d52cce064691>
Date: Tue, 12 Jan 2010 02:05:38 +0000
Subject: [PATCH] =?UTF-8?q?DSA-SHA1,SHA256=E3=81=AE=E3=83=93=E3=83=AB?=
 =?UTF-8?q?=E3=83=89=E3=82=B9=E3=82=A4=E3=83=83=E3=83=81=E5=AF=BE=E5=BF=9C?=
 =?UTF-8?q?=E3=80=81=20=E3=83=87=E3=83=90=E3=83=83=E3=82=B0=E3=83=97?=
 =?UTF-8?q?=E3=83=AA=E3=83=B3=E3=83=88=E3=81=AE=E3=83=93=E3=83=AB=E3=83=89?=
 =?UTF-8?q?=E3=82=B9=E3=82=A4=E3=83=83=E3=83=81=E5=AF=BE=E5=BF=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@169 ff987cc8-cf2f-4642-8568-d52cce064691
---
 Makefile         |  14 ++++-
 cr_device_cert.c | 150 ++++++++++++++++++++++++++++-------------------
 cr_hsm_code.c    |  15 +++--
 3 files changed, 109 insertions(+), 70 deletions(-)

diff --git a/Makefile b/Makefile
index 7859ef5..a931725 100644
--- a/Makefile
+++ b/Makefile
@@ -7,12 +7,16 @@
 
 #@ÅI“I‚Èƒrƒ‹ƒhƒXƒCƒbƒ`‚ÌÝ’è‚ÍAˆÈ‰º‚Ì’Ê‚èB
 #      DEV_CYGWIN    = FALSE
+#      DEBUG_PRINT   = FALSE
+#      DSA_SHA256    = TRUE
 #      USE_HSM       = TRUE
 #      RESET_HSM     = TRUE
 
-DEV_CYGWIN = FALSE
-USE_HSM    = TRUE
-RESET_HSM  = TRUE
+DEV_CYGWIN  = FALSE
+DEBUG_PRINT = FALSE
+DSA_SHA256  = TRUE
+USE_HSM     = TRUE
+RESET_HSM   = TRUE
 
 ifeq ($(USE_HSM),TRUE)
 
@@ -119,6 +123,10 @@ ifeq ($(USE_DUMMY_KEY),TRUE)
 CFLAGS += -DUSE_DUMMY_KEY
 endif
 
+ifeq ($(DEBUG_PRINT),TRUE)
+CFLAGS += -DDEBUG_PRINT
+endif
+
 ifeq ($(USE_HSM),TRUE)
 CFLAGS  += -DUSE_HSM
 CPPFLAGS+= $(NFAST_CPPFLAGS)
diff --git a/cr_device_cert.c b/cr_device_cert.c
index f38933d..cdf9472 100644
--- a/cr_device_cert.c
+++ b/cr_device_cert.c
@@ -185,11 +185,17 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 
 	memset( &deviceCert, 0, sizeof(deviceCert) );
 
-	// sigType	0x00010005  ECDSA+SHA256
+	// sigType	
+	// 0x00010005	ECDSA+SHA256
+	// 0x00010002	ECDSA+SHA1
 	deviceCert.sigType[0] = 0x00;
 	deviceCert.sigType[1] = 0x01;
 	deviceCert.sigType[2] = 0x00;
+#ifdef DSA_SHA256
 	deviceCert.sigType[3] = 0x05;
+#else
+	deviceCert.sigType[3] = 0x02;
+#endif
 
 	// issuerName
 	for( i = 0; i < sizeof(issuerName); i++ ) {
@@ -222,26 +228,28 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 	// eccSignature
 #ifdef USE_HSM
 
-	// TODO: HSMä½¿ç”¨æ™‚ã®å‡¦ç†ã‚’å®Ÿè£…
-	
 	// ECDSAç½²åä»˜åŠ 
+#ifdef DSA_SHA256
 	u8 sha256Buf[ SHA256_DIGEST_LENGTH ];
-
+	
 	// CR_DeviceCertã®SHA256è¨ˆç®—
 	SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf );
 	DEBUG_PRINT_ARRAY( "sha256(HSM)", (const char *)sha256Buf, 32 );
 	
-	//u8 sha1Buf[ 20 ];	
-	//SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
-	//DEBUG_PRINT_ARRAY( "sha1(HSM)", (const char *)sha1buf, 20 );
-						
 	ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha256Buf, bonding_option );
+#else	// !DSA_SHA256
+	u8 sha1Buf[ 20 ];
+	SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
+	DEBUG_PRINT_ARRAY( "sha1(HSM)", (const char *)sha1buf, 20 );
+	
+	ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha1Buf, bonding_option );
+#endif	// DSA_SHA256
+	
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
 		SetErrorInfo( __FUNCTION__, __LINE__ );
 		return ret_code;
 	}
-
 #else	// !USE_HSM
 	// DERãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã®ECCéµã‚’èª­ã¿è¾¼ã¿
 	{
@@ -263,63 +271,73 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 #endif
 	}
 	// ECDSAç½²åä»˜åŠ 
-	{
-		u8 sha256buf[ SHA256_DIGEST_LENGTH ];
-		u8 ecdsasig[ 0x80 ];
-		const u8 *pECDSAsig = ecdsasig;
-		ECDSA_SIG *sig = NULL;
-		int signLen  = 0;
-		int test_ret = 0;
+#ifdef DSA_SHA256
+	u8 sha256Buf[ SHA256_DIGEST_LENGTH ];
+	u8 ecdsasig[ 0x80 ];
+	const u8 *pECDSAsig = ecdsasig;
+	ECDSA_SIG *sig = NULL;
+	int signLen  = 0;
+	int test_ret = 0;
 
-		// CR_DeviceCertã®SHA256è¨ˆç®—
-		SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256buf );
+	// CR_DeviceCertã®SHA256è¨ˆç®—
+	SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf );
 
-		// ä¸Šä½232bitåˆ†ã§ç½²å
-		memset( ecdsasig, 0, sizeof(ecdsasig) );
-		test_ret = ECDSA_sign( 0, sha256buf, 233/8, ecdsasig, &signLen, NCT2 );
-		if (test_ret == 0) {
-			ret_code = CR_GENID_ERROR_ECDSA_SIGN;
-			SetErrorInfo( __FUNCTION__, __LINE__ );
-			goto end;
-		}
-		DEBUG_PRINT_ARRAY( "ECDSA:", (const char *)ecdsasig, signLen );
+	// ä¸Šä½232bitåˆ†ã§ç½²å
+	memset( ecdsasig, 0, sizeof(ecdsasig) );
+	test_ret = ECDSA_sign( 0, sha256Buf, 233/8, ecdsasig, &signLen, NCT2 );
+#else	// !DSA_SHA256
+	u8 sha1Buf[ 20 ];
+	u8 ecdsasig[ 0x80 ];
+	const u8 *pECDSAsig = ecdsasig;
+	ECDSA_SIG *sig = NULL;
+	int signLen  = 0;
+	int test_ret = 0;
 
-#if 0		
-		// ç½²åãƒ™ãƒªãƒ•ã‚¡ã‚¤
-		ret_code = ECDSA_verify( 0, sha1buf, 20, tempSign, 66, NCT2 );
-	    if( ret_code != 1) {
-			ret_code = CR_GENID_ERROR_ECDSA_VERIFY;
-			SetErrorInfo( __FUNCTION__, __LINE__ );
-			goto end;
-		}
-#endif		
+	// CR_DeviceCertã®SHA1è¨ˆç®—
+	SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
 
-		// DERãƒ‡ã‚³ãƒ¼ãƒ‰ã—ã¦ã€r ã¨ s ã‚’ eccSignature ã«ã‚»ãƒƒãƒˆ
-		sig = d2i_ECDSA_SIG( NULL, &pECDSAsig, signLen );
-		if( sig == NULL ) {
-			ret_code = CR_GENID_ERROR_ECDSA_DEC;
-			SetErrorInfo( __FUNCTION__, __LINE__ );
-			goto end;
-		}
+	// ç½²å
+	memset( ecdsasig, 0, sizeof(ecdsasig) );
+	test_ret = ECDSA_sign( 0, sha1Buf, 20, ecdsasig, &signLen, NCT2 );
+#endif	// DSA_SHA256
+	
+	if (test_ret == 0) {
+		ret_code = CR_GENID_ERROR_ECDSA_SIGN;
+		SetErrorInfo( __FUNCTION__, __LINE__ );
+		goto end;
+	}
+	DEBUG_PRINT_ARRAY( "ECDSA:", (const char *)ecdsasig, signLen );
+
+	// DERãƒ‡ã‚³ãƒ¼ãƒ‰ã—ã¦ã€r ã¨ s ã‚’ eccSignature ã«ã‚»ãƒƒãƒˆ
+	sig = d2i_ECDSA_SIG( NULL, &pECDSAsig, signLen );
+	if( sig == NULL ) {
+		ret_code = CR_GENID_ERROR_ECDSA_DEC;
+		SetErrorInfo( __FUNCTION__, __LINE__ );
+		goto end;
+	}
 #if 0
-		DEBUG_PRINT_ARRAY( "ECDSA.r:", (const char *)sig->r->d, sig->r->dmax * 4);
-		DEBUG_PRINT_ARRAY( "ECDSA.s:", (const char *)sig->s->d, sig->s->dmax * 4 );
+	DEBUG_PRINT_ARRAY( "ECDSA.r:", (const char *)sig->r->d, sig->r->dmax * 4);
+	DEBUG_PRINT_ARRAY( "ECDSA.s:", (const char *)sig->s->d, sig->s->dmax * 4 );
 #endif
 
-		BN2BinWithPadding( sig->r, &deviceCert.eccSignature[  0 ], 30 );
-		BN2BinWithPadding( sig->s, &deviceCert.eccSignature[ 30 ], 30 );
-		memcpy( pDevCertSign, &deviceCert.eccSignature, 60 );
-		if( sig ) ECDSA_SIG_free( sig );
-		if( NCT2 ) EC_KEY_free( NCT2 );
-		NCT2 = NULL;
-
-#ifdef DEBUG_DEVICE_CERT_OUTPUT_FILE
-		DebugFileOutput( device_id, "dgst", sha256buf, 233/8 );
-		DebugFileOutput( device_id, "sign", ecdsasig,  signLen );
-#endif // DEBUG_DEVICE_CERT_OUTPUT_FILE
-	}
+	BN2BinWithPadding( sig->r, &deviceCert.eccSignature[  0 ], 30 );
+	BN2BinWithPadding( sig->s, &deviceCert.eccSignature[ 30 ], 30 );
+	memcpy( pDevCertSign, &deviceCert.eccSignature, 60 );
+	if( sig ) ECDSA_SIG_free( sig );
+	if( NCT2 ) EC_KEY_free( NCT2 );
+	NCT2 = NULL;
+	
 #endif	// USE_HSM
 
+#ifdef DEBUG_DEVICE_CERT_OUTPUT_FILE
+#ifdef DSA_SHA256
+	DebugFileOutput( device_id, "dgst", sha256Buf, 233/8 );
+#else	// !DSA_SHA256
+	DebugFileOutput( device_id, "dgst", sha1Buf, 20 );
+#endif	// DSA_SHA256
+	DebugFileOutput( device_id, "sign", ecdsasig,  signLen );
+#endif // DEBUG_DEVICE_CERT_OUTPUT_FILE
+	
 	// ECDSAç½²åæ¤œè¨¼
 	{
 		// bonding_option ã«ã‚ˆã£ã¦ã€éµã‚’å·®ã—æ›¿ãˆ
@@ -343,7 +361,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			ret_code = CR_GENID_ERROR_ECC_READ_PUBLIC_KEY;
 			goto end;
 		}
-#if 0
+#ifdef DSA_SHA256
 		// TODO: ãƒãƒƒã‚·ãƒ¥å‡¦ç†
 		int i;
 		u8 verifyHash[30];
@@ -355,6 +373,9 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			verifyHash[i] = (sha256Buf[i-1] << 1) | (sha256Buf[i] >> 7);
 		}
 		DEBUG_PRINT_ARRAY( (char*)"verifyHash(HSM)", (const char *)verifyHash, 30 );
+#else	// !DSA_SHA256
+		// do nothing
+#endif	// DSA_SHA256
 		
 		// TODO: ECDSAç½²åï¼ˆDERï¼‰ã‚’å†æ§‹ç¯‰
 		u8 signBuf[70];
@@ -369,7 +390,9 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 		signBuf[0x23] = 0x1E;
 		memcpy( &signBuf[0x24], &deviceCert.eccSignature[30], 0x1E );	
 		DEBUG_PRINT_ARRAY( (char*)"sign(HSM)", (const char *)signBuf, signLen );
-		
+
+#ifdef DSA_SHA256
+#if 0
 		// ç½²åãƒ™ãƒªãƒ•ã‚¡ã‚¤
 		ret_code = ECDSA_verify( 0, verifyHash, 30, signBuf, signLen, NCT2 );
 		if( ret_code != 1) {
@@ -378,6 +401,15 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			goto end;
 		}
 #endif
+#else	// !DSA_SHA256
+		// ç½²åãƒ™ãƒªãƒ•ã‚¡ã‚¤
+		ret_code = ECDSA_verify( 0, sha1Buf, 20, signBuf, signLen, NCT2 );
+	    if( ret_code != 1) {
+			ret_code = CR_GENID_ERROR_ECDSA_VERIFY;
+			SetErrorInfo( __FUNCTION__, __LINE__ );
+			goto end;
+		}
+#endif	// DSA_SHA256
 	}
 
 	ret_code = CR_GENID_SUCCESS;
diff --git a/cr_hsm_code.c b/cr_hsm_code.c
index 69ffd25..2c8587c 100644
--- a/cr_hsm_code.c
+++ b/cr_hsm_code.c
@@ -899,13 +899,13 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned c
 	cmd.args.sign.flags = 0;	// Cmd_Sign_Args_flags_given_iv_present;
 	cmd.args.sign.key = privKeyid;
 	cmd.args.sign.mech = HSM_SIGN_MECH;
-#if 1
+#ifdef DSA_SHA256
 	cmd.args.sign.plain.type = PlainTextType_Hash32;
 	cmd.args.sign.plain.data.hash32.data = *(M_Hash32*)data_buf;
-#else
+#else	// !DSA_SHA256
 	cmd.args.sign.plain.type = PlainTextType_Hash;
 	cmd.args.sign.plain.data.hash.data = *(M_Hash*)data_buf;
-#endif
+#endif	// DSA_SHA256
 
 	// sign command issue
 	ret_code = NFastApp_Transact( hsmConnection, NULL, &cmd, &reply, NULL );
@@ -935,10 +935,9 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned c
 	DEBUG_PRINT_ARRAY( (char*)"sig r(HSM)", (const char *)rPtr, rLen );
 	DEBUG_PRINT_ARRAY( (char*)"sig s(HSM)", (const char *)sPtr, sLen );
 #endif
-																												
 	
-	// verify
 #if 1
+	// verify
 	struct NFast_Bignum *rBn, *sBn;
 	my_bignumCopy( &rBn, reply.reply.sign.sig.data.ecdsa.r, hsmHandle );
 	my_bignumCopy( &sBn, reply.reply.sign.sig.data.ecdsa.s, hsmHandle );
@@ -952,13 +951,13 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned c
 	cmd.args.verify.flags = 0;
 	cmd.args.verify.key = pubKeyid;
 	cmd.args.verify.mech = HSM_SIGN_MECH;
-#if 1
+#ifdef DSA_SHA256
 	cmd.args.verify.plain.type = PlainTextType_Hash32;
 	cmd.args.verify.plain.data.hash32.data = *(M_Hash32*)data_buf;
-#else
+#else	// !DSA_SHA256
 	cmd.args.verify.plain.type = PlainTextType_Hash;
 	cmd.args.verify.plain.data.hash.data = *(M_Hash*)data_buf;
-#endif
+#endif	// DSA_SHA256
 
 	cmd.args.verify.sig.mech = HSM_SIGN_MECH;
 	cmd.args.verify.sig.data.ecdsa.r = rBn;