コード修正、HSM環境でもビルドスイッチの切替を確認

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@170 ff987cc8-cf2f-4642-8568-d52cce064691
2025-11-02 00:11:04 -04:00 · 2010-01-12 02:25:38 +00:00 · 2010-01-12 02:25:38 +00:00 · ca0d97fa46
commit ca0d97fa46
parent 8e3aaa9444
4 changed files with 12 additions and 9 deletions
--- a/4
+++ b/4
@ -126,6 +126,10 @@ endif
 ifeq ($(DEBUG_PRINT),TRUE)
 CFLAGS += -DDEBUG_PRINT
 endif
 ifeq ($(DSA_SHA256),TRUE)
 CFLAGS += -DDSA_SHA256
 endif
 ifeq ($(USE_HSM),TRUE)
 CFLAGS  += -DUSE_HSM
--- a/cr_device_cert.c
+++ b/cr_device_cert.c
@ -186,8 +186,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 	memset( &deviceCert, 0, sizeof(deviceCert) );
 	// sigType	
-	// 0x00010005	ECDSA+SHA256
+	// 0x00010005	ECDSA+SHA256, 0x00010002	ECDSA+SHA1
 	// 0x00010002	ECDSA+SHA1
 	deviceCert.sigType[0] = 0x00;
 	deviceCert.sigType[1] = 0x01;
 	deviceCert.sigType[2] = 0x00;
@ -240,7 +239,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 #else	// !DSA_SHA256
 	u8 sha1Buf[ 20 ];
 	SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
-	DEBUG_PRINT_ARRAY( "sha1(HSM)", (const char *)sha1buf, 20 );
+	DEBUG_PRINT_ARRAY( "sha1(HSM)", (const char *)sha1Buf, 20 );
 	ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha1Buf, bonding_option );
 #endif	// DSA_SHA256
--- a/cr_hsm_code.c
+++ b/cr_hsm_code.c
@ -898,11 +898,12 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned c
 	cmd.cmd = Cmd_Sign;
 	cmd.args.sign.flags = 0;	// Cmd_Sign_Args_flags_given_iv_present;
 	cmd.args.sign.key = privKeyid;
 	cmd.args.sign.mech = HSM_SIGN_MECH;
 #ifdef DSA_SHA256
 	cmd.args.sign.mech = Mech_ECDSAhSHA256;
 	cmd.args.sign.plain.type = PlainTextType_Hash32;
 	cmd.args.sign.plain.data.hash32.data = *(M_Hash32*)data_buf;
 #else	// !DSA_SHA256
 	cmd.args.sign.mech = Mech_ECDSA;
 	cmd.args.sign.plain.type = PlainTextType_Hash;
 	cmd.args.sign.plain.data.hash.data = *(M_Hash*)data_buf;
 #endif	// DSA_SHA256
@ -950,16 +951,17 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned c
 	cmd.cmd = Cmd_Verify;
 	cmd.args.verify.flags = 0;
 	cmd.args.verify.key = pubKeyid;
 	cmd.args.verify.mech = HSM_SIGN_MECH;
 #ifdef DSA_SHA256
 	cmd.args.verify.mech = Mech_ECDSAhSHA256;
 	cmd.args.verify.plain.type = PlainTextType_Hash32;
 	cmd.args.verify.plain.data.hash32.data = *(M_Hash32*)data_buf;
 	cmd.args.verify.sig.mech = Mech_ECDSAhSHA256;
 #else	// !DSA_SHA256
 	cmd.args.verify.mech = Mech_ECDSA;
 	cmd.args.verify.plain.type = PlainTextType_Hash;
 	cmd.args.verify.plain.data.hash.data = *(M_Hash*)data_buf;
 	cmd.args.verify.sig.mech = Mech_ECDSA;
 #endif	// DSA_SHA256
 	cmd.args.verify.sig.mech = HSM_SIGN_MECH;
 	cmd.args.verify.sig.data.ecdsa.r = rBn;
 	cmd.args.verify.sig.data.ecdsa.s = sBn;
 	ret_code = NFastApp_Transact( hsmConnection, NULL, &cmd, &reply, NULL );
--- a/cr_hsm_code.h
+++ b/cr_hsm_code.h
@ -119,8 +119,6 @@ extern "C" {
 #endif
 #define HSM_MODULE_ID	(  1)
 #define HSM_SIGN_MECH	Mech_ECDSAhSHA256
 //#define HSM_SIGN_MECH	Mech_ECDSA
 // functions
 int hsm_initialize( void );