From d2278af9ab29cb1f3a3ebb90b64235f840e35d16 Mon Sep 17 00:00:00 2001 From: kubodera_yuichi Date: Tue, 22 Dec 2009 08:22:13 +0000 Subject: [PATCH] =?UTF-8?q?=E3=83=87=E3=83=90=E3=82=A4=E3=82=B9=E8=A8=BC?= =?UTF-8?q?=E6=98=8E=E6=9B=B8=E9=96=A2=E9=80=A3=E3=82=92cr=5Fgenerate=5Fid?= =?UTF-8?q?=E3=81=8B=E3=82=89=E5=88=86=E9=9B=A2(=E3=81=BE=E3=81=A0?= =?UTF-8?q?=E6=AD=A3=E3=81=97=E3=81=8F=E5=8B=95=E3=81=8B=E3=81=AA=E3=81=84?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@31 ff987cc8-cf2f-4642-8568-d52cce064691 --- cr_deviceCert.c | 32 +++++++++--------- cr_generate_id.c | 70 +++------------------------------------- cr_generate_id_private.h | 2 +- 3 files changed, 20 insertions(+), 84 deletions(-) diff --git a/cr_deviceCert.c b/cr_deviceCert.c index fe80b1c..14ac290 100644 --- a/cr_deviceCert.c +++ b/cr_deviceCert.c @@ -131,7 +131,6 @@ #include "ec_lcl.h" // ec_key_st構造体の参照に必要 - #include "cr_generate_id.h" #include "cr_generate_id_private.h" #include "cr_alloc.h" @@ -158,13 +157,12 @@ typedef struct CTR_Device_Cert u8 padding1[ 60 ]; // 0x144 - 0x17F : zero-filled } CTR_Device_Cert; - - -// create CTR Custom cert -static int generate_CTRCustom_cert( CTR_Device_Cert *cert, u32 deviceId, u8 bondingOption, u32 timestamp ) +// create CTR Device cert +int GenerateCTRDeviceCert( EC_POINT *pubKey, u32 deviceId, u8 bondingOption ) { int result = 0; char str[80]; + CTR_Device_Cert cert; if ( sizeof( CTR_Device_Cert ) > 384 ) { @@ -173,27 +171,27 @@ static int generate_CTRCustom_cert( CTR_Device_Cert *cert, u32 deviceId, u8 bond } // sigType - cert->sigType[0] = 0x00; - cert->sigType[1] = 0x01; - cert->sigType[2] = 0x00; - cert->sigType[3] = 0x02; + cert.sigType[0] = 0x00; + cert.sigType[1] = 0x01; + cert.sigType[2] = 0x00; + cert.sigType[3] = 0x02; // issuerName - memcpy( cert->issuerName, issuerNameDev, strlen( issuerNameDev ) ); + memcpy( cert.issuerName, issuerNameDev, strlen( issuerNameDev ) ); // keyType - cert->keyType[0] = 0x00; - cert->keyType[1] = 0x00; - cert->keyType[2] = 0x00; - cert->keyType[3] = 0x01; + cert.keyType[0] = 0x00; + cert.keyType[1] = 0x00; + cert.keyType[2] = 0x00; + cert.keyType[3] = 0x01; // subject : CT + deviceID + BondingOption sprintf( str, "CT%08X%02X", (unsigned int)deviceId, bondingOption ); - memcpy( cert->subject, str, strlen( str ) ); + memcpy( cert.subject, str, strlen( str ) ); // expiryDate #ifdef USE_HSM - result = hsm_get_rtc( &cert->expiryDate ); + result = hsm_get_rtc( &cert.expiryDate ); if ( result != 0 ) { printf( "error(%d) : hsm_get_rtc\n", result ); @@ -204,7 +202,7 @@ static int generate_CTRCustom_cert( CTR_Device_Cert *cert, u32 deviceId, u8 bond struct timeval tv; struct timezone tz; gettimeofday(&tv,&tz); - cert->expiryDate = tv.tv_sec; + cert.expiryDate = tv.tv_sec; } #endif // USE_HSM diff --git a/cr_generate_id.c b/cr_generate_id.c index 037d4ae..fa53b2c 100644 --- a/cr_generate_id.c +++ b/cr_generate_id.c @@ -315,77 +315,15 @@ int cr_generate_id( u32 serial[CR_NUM_OF_SERIAL], u8 id_buf[CR_ID_BUF_SIZE], u8 #endif //-------------------------------------------------------------- - // デバイス証明書生成&署名+証明書期限セット + // デバイス証明書生成 + 署名の付与 + 証明書期限セット //-------------------------------------------------------------- -#if 0 - int padding = ECDSA_SIGN_LENGTH % cert->signature->length; - printf( "padding = %d\n", padding ); - for ( i = 0; i < padding; i++ ) - cr_id_buf->deviceCertSign[i] = 0; - for ( i = 0; i < cert->signature->length; i++ ) - cr_id_buf->deviceCertSign[ i + padding ] = cert->signature->data[i]; - // mistake!! - - // TORIAEZU : create Custom cert - memset( &ctr_dev_cert, 0, sizeof( ctr_dev_cert ) ); - // copy ecpubkey to Custom cert - int len = BN_num_bytes( &my_eckey->pub_key->X ); - u8 *buf = (u8*)malloc( len ); - len = BN_bn2bin( &my_eckey->pub_key->X, buf ); - memcpy( ctr_dev_cert.eccPubKey, buf, len ); - free( buf ); - len = BN_num_bytes( &my_eckey->pub_key->Y ); - buf = (u8*)malloc( len ); - len = BN_bn2bin( &my_eckey->pub_key->Y, buf ); - memcpy( &ctr_dev_cert.eccPubKey[30], buf, len ); - free( buf ); - - // copy sign to Custom cert -//#define SHOW_SIG - u8 *ptr = cert->signature->data; -#ifdef SHOW_SIG - printf( "signature\n" ); - printf( "SEQUENCE : 0x%02X\n", *(ptr++) ); - printf( "ALL_LEN : 0x%02X\n", *(ptr++) ); - printf( "INTEGER : 0x%02X\n", *(ptr++) ); - len = *(ptr++); - printf( "r LEN : 0x%02X\n", len ); - printf( "r :" ); - for ( i = 0; i < len; i++ ) - { - if ( i % 8 == 0 ) printf( "\n" ); - printf( "0x%02X ", *(ptr++) ); + ret_code = GenerateCTRDeviceCert( my_eckey->pub_key, cr_id_buf->serial[0], cr_id_buf->bondingOption ); + if ( ret_code != CR_GENID_SUCCESS ) { + goto end; } - printf( "\n" ); - printf( "INTEGER : 0x%02X\n", *(ptr++) ); - len = *(ptr++); - printf( "s LEN : 0x%02X\n", len ); - printf( "s :" ); - for ( i = 0; i < len; i++ ) - { - if ( i % 8 == 0 ) printf( "\n" ); - printf( "0x%02X ", *(ptr++) ); - } - printf( "\n" ); -#else - ptr += 3; - int r_len = *(ptr++); - for ( i = 0; i < r_len; i++ ) - ctr_dev_cert.eccSignature[i] = *(ptr++); - ptr++; - int s_len = *(ptr++); - for ( i = 0; i < s_len; i++ ) - ctr_dev_cert.eccSignature[i+30] = *(ptr++); - - // create CTR Custom cert - ret_code = generate_CTRCustom_cert( &ctr_dev_cert, - cr_id_buf->serial[0], cr_id_buf->bondingOption ); -#endif #if 0 DEBUG_PRINT_ARRAY( "deviceCertSign:", (const char *)cr_id_buf->deviceCertSign, ECDSA_SIGN_LENGTH ); -#endif - #endif //-------------------------------------------------------------- diff --git a/cr_generate_id_private.h b/cr_generate_id_private.h index 161f458..4d556e3 100644 --- a/cr_generate_id_private.h +++ b/cr_generate_id_private.h @@ -129,7 +129,6 @@ extern "C" { #include #include - #define DEBUG_PRINT 1 #ifdef DEBUG_PRINT @@ -183,6 +182,7 @@ typedef struct { extern int GetTimestamp( u8 *pYear, u8 *pMonth, u8 *pMday, u8 *pHour, u8 *pMin, u8 *pSec, time_t *pTime); extern int GenerateRandom( u8 *pDst, int length ); extern int GenarateECCKeyPair( EC_KEY *pECkey, u8 *pECPrivkey ); +extern int GenerateCTRDeviceCert( EC_POINT *pubKey, u32 deviceId, u8 bondingOption ); extern int EncryptID( unsigned char *dst_buf, unsigned char *org_buf ); extern void DebugPrintArray( char *pStr, const u8 *pData, int length );