一端hsm_ecdsa_signを追加した物をコミット

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@129 ff987cc8-cf2f-4642-8568-d52cce064691

cr_device_cert.c

@@ -119,6 +119,14 @@
 
 #ifdef USE_HSM
 #include "cr_hsm_code.h"
+#include "cr_hsm_bignum.h"
+
+// for develop
+#include <openssl/sha.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include "cr_NintendoCTR2_priv_dummy_dev.c"
+#include "cr_NintendoCTR2_priv_dummy_prod.c"
 #else
 // openssl
 #include <openssl/sha.h>
@@ -204,12 +212,27 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 #endif
 
 	// eccSignature
-#ifdef USE_HSM
+//#ifdef USE_HSM
 
 	// TODO: HSM使用時の処理を実装
+	
+	// ECDSA署名付加
+	{
+		u8 sha256buf[ SHA256_DIGEST_LENGTH ];
 
+		// CR_DeviceCertのSHA256計算
+		SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256buf );
+		
+		ret_code = hsm_ecdsa_sign( sha256buf, 233/8, bonding_option );
+		if ( ret_code != CR_GENID_SUCCESS )
+		{
+			SetErrorInfo( __FUNCTION__, __LINE__ );
+			return ret_code;
+		}
+	}
+	
 
-#else	// !USE_HSM
+//#else	// !USE_HSM
 	// DERフォーマットのECC鍵を読み込み
 	{
 		// bonding_option によって、鍵を差し替え
@@ -249,7 +272,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			SetErrorInfo( __FUNCTION__, __LINE__ );
 			goto end;
 		}
-		DEBUG_PRINT_ARRAY( "ECDSA:", (const char *)ecdsasig, signLen );
+		//DEBUG_PRINT_ARRAY( "ECDSA:", (const char *)ecdsasig, signLen );
 
 		// 署名ベリファイ
 		test_ret = ECDSA_verify( 0, sha256buf, 233/8, ecdsasig, signLen, NintendoCTR2 );
@@ -266,7 +289,7 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			SetErrorInfo( __FUNCTION__, __LINE__ );
 			goto end;
 		}
-#if 0
+#if 1
 		DEBUG_PRINT_ARRAY( "ECDSA.r:", (const char *)sig->r->d, sig->r->dmax * 4);
 		DEBUG_PRINT_ARRAY( "ECDSA.s:", (const char *)sig->s->d, sig->s->dmax * 4 );
 #endif
@@ -279,8 +302,9 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 		DebugFileOutput( device_id, "sign", ecdsasig,  signLen );
 #endif // DEBUG_DEVICE_CERT_OUTPUT_FILE
 	}
-#endif	// USE_HSM
+//#endif	// USE_HSM
 
+#if 0
 	if ( cr_print_flag )
 	{
 		int i;
@@ -309,10 +333,11 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 		DebugFileOutput( device_id, "crt", (const u8 *)&deviceCert, sizeof(CR_DeviceCert) );
 #endif // DEBUG_DEVICE_CERT_OUTPUT_FILE
 	}
+#endif	// dump deviceCert
 
 end:
 	if( NintendoCTR2 ) EC_KEY_free( NintendoCTR2 );
-	
+
 	return ret_code;
 }	// generate_CTRCustom_deviceCert
 

cr_hsm_code.c

@@ -500,7 +500,6 @@ int hsm_aes_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u
 	
 	// key set
 	keyid = bonding_option ? hsmAesKeyidDev : hsmAesKeyidProd;
-
 	
 	// iv set
 	enc_iv.mech = Mech_RijndaelmCBCpNONE;
@@ -644,7 +643,6 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p
 	}
 
 end:
-
 	NFKM_freekey( hsmHandle, keyinfo, NULL );
 
 	return ret_code;
@@ -792,7 +790,6 @@ int hsm_ecdsa_load_keypair( NFKM_KeyIdent privKeyident, M_KeyID *privKeyid,
 	{	
 		SetErrorInfo( __FUNCTION__, __LINE__ );
 		goto end;
-
 	}
 	
 	// load public key blob
@@ -813,29 +810,48 @@ end:
 	return ret_code;
 }	// hsm_ecdsa_load_keypair
 
-int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, int data_size, unsigned char bonding_option )
+int hsm_ecdsa_sign( unsigned char *data_buf, int data_size, unsigned char bonding_option )
 {
 	int ret_code = CR_GENID_SUCCESS;
 	
-	M_KeyID keyid;
+	M_KeyID privKeyid, pubKeyid;
 	M_Command cmd;
 	M_Reply reply;
+	struct NFast_Bignum *rBn, *sBn;
+	unsigned char *rPtr, *sPtr;
+	int rLen, sLen;
 
 	memset( &cmd, 0, sizeof( cmd ) );
 	memset( &reply, 0, sizeof( reply ) );
 	
 	// key set
-	keyid = bonding_option ? hsmEcdsaPrivkeyidDev : hsmEcdsaPrivkeyidProd;
+	privKeyid = bonding_option ? hsmEcdsaPrivkeyidDev : hsmEcdsaPrivkeyidProd;
+	pubKeyid = bonding_option ? hsmEcdsaPubkeyidDev : hsmEcdsaPubkeyidProd;
 		
 	// sign command set
 	cmd.cmd = Cmd_Sign;
 	cmd.args.sign.flags = 0;	// Cmd_Sign_Args_flags_given_iv_present;
-	cmd.args.sign.key = keyid;
+	cmd.args.sign.key = privKeyid;
 	cmd.args.sign.mech = HSM_SIGN_MECH;
+#if 1
 	cmd.args.sign.plain.type = PlainTextType_Bytes;
 	cmd.args.sign.plain.data.bytes.data.len = data_size;
 	cmd.args.sign.plain.data.bytes.data.ptr = data_buf;
-	
+#endif
+
+#if 0
+	struct NFast_Bignum *bn;
+	my_bin2bignum( &bn, hsmHandle, data_buf, data_size );
+	cmd.args.sign.plain.type = PlainTextType_Bignum;
+	cmd.args.sign.plain.data.bignum.m = bn;
+#endif
+
+#if 0	
+	M_Hash32 *hash = (M_Hash32*)data_buf;
+	cmd.args.sign.plain.type = PlainTextType_Hash32;
+	cmd.args.sign.plain.data.hash32.data = *hash;
+#endif
+
 	// sign command issue
 	ret_code = NFastApp_Transact( hsmConnection, NULL, &cmd, &reply, NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
@@ -850,9 +866,52 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, int data_s
 		return ret_code;
 	}
 	
-	// buffer copy
-	//memcpy( dst_buf, reply.reply.decrypt.plain.data.bytes.data.ptr, size );
-	
+	// signature bignum -> bin
+	printf ( "sig mech : %d\n", reply.reply.sign.sig.mech );
+	rLen = reply.reply.sign.sig.data.ecdsa.r->nbytes;
+	rPtr = (unsigned char*)malloc( rLen );
+	my_bignum2bin ( rPtr, rLen, hsmHandle, reply.reply.sign.sig.data.ecdsa.r );
+	sLen = reply.reply.sign.sig.data.ecdsa.s->nbytes;
+	sPtr = (unsigned char*)malloc( sLen );
+	my_bignum2bin ( sPtr, sLen, hsmHandle, reply.reply.sign.sig.data.ecdsa.s );
+	my_bignumCopy( &rBn, reply.reply.sign.sig.data.ecdsa.r, hsmHandle );
+	my_bignumCopy( &sBn, reply.reply.sign.sig.data.ecdsa.s, hsmHandle );
+#if 1
+	DEBUG_PRINT_ARRAY( (char*)"sig r(HSM)", (const char *)rPtr, rLen );
+	DEBUG_PRINT_ARRAY( (char*)"sig s(HSM)", (const char *)sPtr, sLen );
+#endif
+								
+	//NFastApp_Free_Command( handle, NULL, NULL, &cmd );
+	NFastApp_Free_Reply( hsmHandle, NULL, NULL, &reply );
+	memset( &cmd, 0, sizeof( cmd ) );
+	memset( &reply, 0, sizeof( reply ) );
+
+	// verify transact
+	cmd.cmd = Cmd_Verify;
+	cmd.args.verify.flags = 0;
+	cmd.args.verify.key = pubKeyid;
+	cmd.args.verify.mech = HSM_SIGN_MECH;
+	cmd.args.verify.plain.type = PlainTextType_Bytes;
+	cmd.args.verify.plain.data.bytes.data.len = data_size;
+	cmd.args.verify.plain.data.bytes.data.ptr = data_buf;
+	cmd.args.verify.sig.mech = HSM_SIGN_MECH;
+	cmd.args.verify.sig.data.ecdsa.r = rBn;
+	cmd.args.verify.sig.data.ecdsa.s = sBn;
+	ret_code = NFastApp_Transact( hsmConnection, NULL, &cmd, &reply, NULL );
+	if ( ret_code != CR_GENID_SUCCESS )
+	{
+		SetErrorInfo( __FUNCTION__, __LINE__ );
+		return ret_code;
+	}
+	ret_code = reply.status;
+	if ( ret_code != CR_GENID_SUCCESS )
+	{
+		SetErrorInfo( __FUNCTION__, __LINE__ );
+		return ret_code;
+	}
+		
+	printf( "ECDSAhSHA256 verify ok\n" );
+
 	//NFastApp_Free_Command( hsmHandle, NULL, NULL, &cmd );	// ‰½ŒÌ‚©ƒAƒ{<7B>[ƒg‚·‚é
 	NFastApp_Free_Reply( hsmHandle, NULL, NULL, &reply );
 	

cr_hsm_code.h

@@ -112,11 +112,14 @@
 #ifndef	_CR_GENERATE_ID_HSM_CODE_H_
 #define	_CR_GENERATE_ID_HSM_CODE_H_
 
+#include "cr_hsm_bignum.h"
+
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 #define HSM_MODULE_ID	(  1)
+#define HSM_SIGN_MECH	Mech_ECDSAhSHA256
 
 // functions
 int hsm_initialize( void );
@@ -128,6 +131,7 @@ int hsm_aes_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u
 int hsm_aes_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option );
 int hsm_rsa_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option );
 int hsm_rsa_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option );
+int hsm_ecdsa_sign( unsigned char *data_buf, int data_size, unsigned char bonding_option );
 
 #ifdef __cplusplus
 }