📄 objkey.c
字号:
if (HAL_EEPROM_READ_BYTE(ADDR_MSK_ATTEMPT) != currentkey_counter ) { HAL_HALT(); return; } gGlobalSem++; /* check key usage */ if ( (currentkey_attributes&KEY_ATTRIBUTE_LOCKED) == KEY_ATTRIBUTE_LOCKED) { BIOS_RESET_CONTEXT(ERR_KEY_LOCKED); return; } gGlobalSem--; /* fix the default cipher algo for PSK/MSK */ BIOS_SETCIPHERALGO(CIPHER_ALGO_ECB_3DES2); /* load MSK/PSK in the key usage area / check CRC / inc gGlobalSem */ BIOS_LOADKEY_FROM_EEPROM(ADDR_MSK,16); gGlobalSem++; return; } #ifdef JAYA_FILESYSTEM if ((tag_life==LIFE_APPLI) || (byKeyNum!=KEY_NUMBER_ANY) ) { LOG3("KEY","Lookup Key: File fid=%.4X byUsage=%.2X KeyNum=%d",fid,byUsage,byKeyNum); /* load and check the KEYs file note: assert gGlobalSem==JSEC_SEM after the call */ BIOS_LOAD_KEYFILE(fid); if (lasterr!=NOERR) return; /* seek the key */ if (__tlv_seek_first_tag(TAG_KEYFORMAT)) { try_next_tag: __load_current_key_header(); /* is it our key ? */ if ( ((currentkey_attributes&byUsage) == byUsage) && ( (currentkey_number == byKeyNum) || (byKeyNum == KEY_NUMBER_ANY) ) ) { /* finish to load the information about the key */ currentkey_lrc = HAL_EEPROM_READ_BYTE(currentkey_addr+KEY_INDEX_LRC); r.bBlock[JAYA_BCRYPTO_KEYCRC] = HAL_EEPROM_READ_BYTE(currentkey_addr+KEY_INDEX_KEY); r.bBlock[JAYA_BCRYPTO_KEYCRC+1] = HAL_EEPROM_READ_BYTE(currentkey_addr+KEY_INDEX_KEY+1); currentkey_type = KEY_TYPE_KEYFILE; LOG3("KEY","... lrc=%.2X CRCLO=%.2X CRCHI=%.2X", currentkey_lrc, r.bBlock[JAYA_BCRYPTO_KEYCRC], r.bBlock[JAYA_BCRYPTO_KEYCRC+1] ); /* check key usage */ if (currentkey_counter == 0) { BIOS_RESET_CONTEXT(ERR_KEY_LOCKED); return; } /* check LRC */ if (__calculate_LRC_of_currentkey()!=currentkey_lrc) { BIOS_RESET_CONTEXT(ERR_INVALID_CRC); return; } gGlobalSem--; /* re-check key usage */ if ( (currentkey_attributes&KEY_ATTRIBUTE_LOCKED) == KEY_ATTRIBUTE_LOCKED) { BIOS_RESET_CONTEXT(ERR_KEY_LOCKED); return; } /* decrement attempt counter NOW ; if necessary */ if ((currentkey_attributes&KEY_MASK_MANAGECOUNTER)!=0) { currentkey_counter--; LOG1("KEY","__bios_lookup_key() change currentkey_counter to %d",currentkey_counter); /* update LRC */ currentkey_lrc = __calculate_LRC_of_currentkey(); /* wrote the information */ HAL_EEPROM_WRITE_BYTE(currentkey_addr+KEY_INDEX_ATTEMPT,currentkey_counter); HAL_EEPROM_WRITE_BYTE(currentkey_addr+KEY_INDEX_LRC,currentkey_lrc); /* is the information correctly written ? */ if (HAL_EEPROM_READ_BYTE(currentkey_addr+KEY_INDEX_ATTEMPT) != currentkey_counter ) { HAL_HALT(); return; } if (HAL_EEPROM_READ_BYTE(currentkey_addr+KEY_INDEX_LRC) != currentkey_lrc) { HAL_HALT(); return; } } /* load body of the file in the key usage area / check CRC / inc gGlobalSem */ gGlobalSem--; BIOS_LOADKEY_FROM_EEPROM(currentkey_addr+KEY_INDEX_KEY,sizeofkey[((refdata_algo&CIPHER_ALGO_KEYMASK)>>CIPHER_ALGO_KEYSHIFT)]); return; } /* our key */ /* try next key */ if (__tlv_seek_next_tag(TAG_KEYFORMAT)) goto try_next_tag; } /* key not found */ BIOS_RESET_CONTEXT(ERR_KEY_NOT_FOUND); } #endif BIOS_RESET_CONTEXT(ERR_INVALID_KEY);}/* ============================================================================ change a key new key information must be provide in u.bBlock[JAYA_BCRYPTO_INPUT0+...] buffer. key algorithm 1 byte attempt 1 byte key number 1 byte key attribute 1 byte key header LRC 1 byte key value with CRC 2 + n bytes check is done : - MSK/PSK : change in place - new key : must have enough room to add it at the end of the EF_KEYS file. - update key : check version (must be >) / attributes (must be the same) / cipher algo (must be the same) / ... Note1: this function can be used to change pincode ========================================================================= */void __bios_change_key(jword fid){ LOG6("CHANGEKEY"," NEWKEY = algo=%.2X attempt=%.2X usage=%.2X keysize=%d keynum=%d lrc=%.2X", u.bBlock[JAYA_BCRYPTO_INPUT0+0], u.bBlock[JAYA_BCRYPTO_INPUT0+1], u.bBlock[JAYA_BCRYPTO_INPUT0+3], sizeofkey[((CIPHER_ALGO_ECB_3DES2&CIPHER_ALGO_KEYMASK)>>CIPHER_ALGO_KEYSHIFT)], u.bBlock[JAYA_BCRYPTO_INPUT0+2], u.bBlock[JAYA_BCRYPTO_INPUT0+4] ); /* check key usage */ if ( ((u.bBlock[JAYA_BCRYPTO_INPUT0+3]&KEY_MASK_KEYUSAGE) != 0x00) && ((u.bBlock[JAYA_BCRYPTO_INPUT0+3]&KEY_MASK_CHVUSAGE) != 0x00) ) { LOG("CHANGEKEY"," KEY USAGE INCOMPATIBLE (CHV and KEY is not allowed) !"); BIOS_SETERR(ERR_INVALID_FLAG); return; } LOG2("CHANGEKEY"," CRC = %.2X %.2X", u.bBlock[JAYA_BCRYPTO_INPUT0+5], u.bBlock[JAYA_BCRYPTO_INPUT0+6] ); LOG8("CHANGEKEY"," KEYA = %.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X ", u.bBlock[JAYA_BCRYPTO_INPUT0+7], u.bBlock[JAYA_BCRYPTO_INPUT0+8], u.bBlock[JAYA_BCRYPTO_INPUT0+9], u.bBlock[JAYA_BCRYPTO_INPUT0+10], u.bBlock[JAYA_BCRYPTO_INPUT0+11], u.bBlock[JAYA_BCRYPTO_INPUT0+12], u.bBlock[JAYA_BCRYPTO_INPUT0+13], u.bBlock[JAYA_BCRYPTO_INPUT0+14] ); LOG8("CHANGEKEY"," KEYB = %.2X %.2X %.2X %.2X %.2X %.2X %.2X %.2X ", u.bBlock[JAYA_BCRYPTO_INPUT0+15], u.bBlock[JAYA_BCRYPTO_INPUT0+16], u.bBlock[JAYA_BCRYPTO_INPUT0+17], u.bBlock[JAYA_BCRYPTO_INPUT0+18], u.bBlock[JAYA_BCRYPTO_INPUT0+19], u.bBlock[JAYA_BCRYPTO_INPUT0+20], u.bBlock[JAYA_BCRYPTO_INPUT0+21], u.bBlock[JAYA_BCRYPTO_INPUT0+22] ); /* (master key OR pin) verification has been done */ if ( (gSeqVal&SEQVAL_VERIFY) != SEQVAL_VERIFY ) { LOG("KEY","__bios_change_key() : (master key OR pin) verification has not been done !"); BIOS_RESET_CONTEXT(ERR_FAULT); HAL_HALT(); return; } /* fix the key type given P1 parameter OR algo is password */ #ifdef JAYA_COS_PIN if ( (P1 == 0) && (u.bBlock[JAYA_BCRYPTO_INPUT0] != REFDATA_ALGO_PASSWORD)) { #else if ( P1 == 0 ) { #endif /* MSK/PSK changeable only in INIT or PERSO mode */ #ifdef JAYA_FILESYSTEM if ((tag_life!=LIFE_INIT) && (tag_life!=LIFE_PERSO)) { LOG("KEY","__bios_change_key() : MSK/PSK changeable only in INIT or PERSO mode !"); BIOS_SETERR(ERR_INVALID_KEY); return; } #endif /* be sure we have the right cipher algo */ if (u.bBlock[JAYA_BCRYPTO_INPUT0] != CIPHER_ALGO_ECB_3DES2) { LOG("KEY","__bios_change_key() : For MSK/PSK, algo must be CIPHER_ALGO_ECB_3DES2 !"); BIOS_SETERR(ERR_INVALID_ALGO); return; } /* write the new PSK/MSK : attempt counter + CRC + MSK */ HAL_EEPROM_WRITE_BYTE(ADDR_MSK_ATTEMPT,u.bBlock[JAYA_BCRYPTO_INPUT0+1]); HAL_EEPROM_WRITE(ADDR_MSK,&u.bBlock[JAYA_BCRYPTO_INPUT0+5],sizeofkey[((CIPHER_ALGO_ECB_3DES2&CIPHER_ALGO_KEYMASK)>>CIPHER_ALGO_KEYSHIFT)]+2); } else { /* EF_KEY keyfile can be changed during INIT, PERSO or APPLI mode */ #ifdef JAYA_FILESYSTEM /* load and check the KEYs file */ BIOS_LOAD_KEYFILE(fid); if (lasterr!=NOERR) return; /* seek the key : if key found, update it ! */ if (__tlv_seek_first_tag(TAG_KEYFORMAT)) { try_next_tag: __load_current_key_header(); /* is it our key ? */ if ( ((currentkey_attributes&u.bBlock[JAYA_BCRYPTO_INPUT0+3]) != 0 /* could be: u.bBlock[JAYA_BCRYPTO_INPUT0+3]*/) /* byUsage : at least one attributs in common / this is a design choice ! note that this behaviour could be used to block a key passing KEY_ATTRIBUTE_LOCKED in the new key attribut ! */ && ( (currentkey_number == u.bBlock[JAYA_BCRYPTO_INPUT0+2]) || (u.bBlock[JAYA_BCRYPTO_INPUT0+2] == KEY_NUMBER_ANY) ) /* byKeyNum */ ) { TLV_UPDATE_INPLACE_TAG( TAG_KEYFORMAT, sizeofkey[((u.bBlock[JAYA_BCRYPTO_INPUT0]&CIPHER_ALGO_KEYMASK)>>CIPHER_ALGO_KEYSHIFT)]+2+5, &u.bBlock[JAYA_BCRYPTO_INPUT0+0] ); goto success; } /* our key */ /* try next key */ if (__tlv_seek_next_tag(TAG_KEYFORMAT)) goto try_next_tag; } /* key not found : have enough space to add the new TLV at the end ? Try it ! */ TLV_APPEND_INPLACE_TAG( TAG_KEYFORMAT, sizeofkey[((u.bBlock[JAYA_BCRYPTO_INPUT0]&CIPHER_ALGO_KEYMASK)>>CIPHER_ALGO_KEYSHIFT)]+2+5, &u.bBlock[JAYA_BCRYPTO_INPUT0+0] ); #else /* no filesystem -> only MSK/PSK usable */ BIOS_RESET_CONTEXT(ERR_INVALID_KEY); return; #endif }success: BIOS_RESET_CONTEXT(SUCCESS);}/* ========================================================================= That's all folks ! ========================================================================= */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -