It's a major reorganization.

In order to add FIDO2 support, we need to reorganize some USB/CCID calls to specific area (named driver). Thus, pico-hsm-sdk has two drivers: - CCID driver implements APDU over USB/CCID ISO-7816 standard procedures. - HID driver implements APDU over HID. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2026-06-01 02:51:22 +02:00 · 2022-08-30 02:00:11 +02:00
parent 2236501d20
commit 40288a85f1
33 changed files with 1843 additions and 289 deletions
--- a/src/crypto_utils.h
+++ b/src/crypto_utils.h
@@ -0,0 +1,48 @@
+/*
+ * This file is part of the Pico HSM SDK distribution (https://github.com/polhenarejos/pico-hsm-sdk).
+ * Copyright (c) 2022 Pol Henarejos.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _CRYPTO_UTILS_H_
+#define _CRYPTO_UTILS_H_
+
+#include "stdlib.h"
+#include "pico/stdlib.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/md.h"
+
+#define HSM_KEY_RSA                 0x1
+#define HSM_KEY_EC                  0x10
+#define HSM_KEY_AES                 0x100
+#define HSM_KEY_AES_128             0x300
+#define HSM_KEY_AES_192             0x500
+#define HSM_KEY_AES_256             0x900
+
+#define HSM_AES_MODE_CBC            1
+#define HSM_AES_MODE_CFB            2
+
+#define IV_SIZE 16
+
+extern void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]);
+extern void hash_multi(const uint8_t *input, size_t len, uint8_t output[32]);
+extern void hash256(const uint8_t *input, size_t len, uint8_t output[32]);
+extern void generic_hash(mbedtls_md_type_t md, const uint8_t *input, size_t len, uint8_t *output);
+extern int aes_encrypt(const uint8_t *key, const uint8_t *iv, int key_size, int mode, uint8_t *data, int len);
+extern int aes_decrypt(const uint8_t *key, const uint8_t *iv, int key_size, int mode, uint8_t *data, int len);
+extern int aes_encrypt_cfb_256(const uint8_t *key, const uint8_t *iv, uint8_t *data, int len);
+extern int aes_decrypt_cfb_256(const uint8_t *key, const uint8_t *iv, uint8_t *data, int len);
+extern mbedtls_ecp_group_id ec_get_curve_from_prime(const uint8_t *prime, size_t prime_len);
+
+#endif