arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-19 22:18:13 +00:00
Code Issues Releases Wiki Activity

feat(core): Implement Optiga counter operations.

Browse Source
This commit is contained in:
Andrew Kozlik 2023-10-02 20:24:25 +02:00 committed by Andrew Kozlik
parent 1fa2929607
commit 3ca8f26fd0
5 changed files with 78 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/embed/trezorhal/optiga.h
View File

@ -67,4 +67,8 @@ int __wur optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress,
const uint8_t pin_secret[OPTIGA_PIN_SECRET_SIZE],
uint8_t out_secret[OPTIGA_PIN_SECRET_SIZE]);
int __wur optiga_pin_get_fails(uint32_t *ctr);
int __wur optiga_pin_fails_increase(uint32_t count);
#endif

33
core/embed/trezorhal/optiga/optiga.c
View File

@ -631,3 +631,36 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress,
OPTIGA_PIN_SECRET_SIZE, out_secret);
return OPTIGA_SUCCESS;
}
static int optiga_get_counter(uint16_t oid, uint32_t *ctr) {
uint8_t counter[8] = {0};
size_t counter_size = 0;
optiga_result res = optiga_get_data_object(oid, false, counter,
sizeof(counter), &counter_size);
if (res != OPTIGA_SUCCESS) {
return res;
}
if (counter_size != sizeof(counter)) {
return OPTIGA_ERR_SIZE;
}
*ctr = counter[0];
*ctr = (*ctr << 8) + counter[1];
*ctr = (*ctr << 8) + counter[2];
*ctr = (*ctr << 8) + counter[3];
return OPTIGA_SUCCESS;
}
int optiga_pin_get_fails(uint32_t *ctr) {
return optiga_get_counter(OID_PIN_COUNTER, ctr);
}
int optiga_pin_fails_increase(uint32_t count) {
if (count > 0xff) {
return OPTIGA_ERR_PARAM;
}
return optiga_count_data_object(OID_PIN_COUNTER, count);
}

33
core/embed/trezorhal/optiga/optiga_commands.c
View File

@ -338,6 +338,39 @@ optiga_result optiga_set_data_object(uint16_t oid, bool set_metadata,
return ret;
}
/*
* https://github.com/Infineon/optiga-trust-m/blob/develop/documents/OPTIGA%E2%84%A2%20Trust%20M%20Solution%20Reference%20Manual.md#setdataobject
*/
optiga_result optiga_count_data_object(uint16_t oid, uint8_t count) {
if (count == 0) {
return OPTIGA_SUCCESS;
}
tx_size = 9;
if (tx_size > sizeof(tx_buffer)) {
return OPTIGA_ERR_PARAM;
}
uint8_t *ptr = tx_buffer;
*(ptr++) = 0x82; // command code
*(ptr++) = 0x02; // count data object
write_uint16(&ptr, tx_size - 4);
write_uint16(&ptr, oid);
write_uint16(&ptr, 0); // offset
*(ptr++) = count;
optiga_result ret = optiga_execute_command(tx_buffer, tx_size, tx_buffer,
sizeof(tx_buffer), &tx_size);
if (ret != OPTIGA_SUCCESS) {
return ret;
}
ret = process_output_fixedlen(NULL, 0);
return ret;
}
/*
* https://github.com/Infineon/optiga-trust-m/blob/develop/documents/OPTIGA%E2%84%A2%20Trust%20M%20Solution%20Reference%20Manual.md#getrandom
*/

1
core/embed/trezorhal/optiga_commands.h
View File

@ -157,6 +157,7 @@ optiga_result optiga_get_data_object(uint16_t oid, bool get_metadata,
size_t *data_size);
optiga_result optiga_set_data_object(uint16_t oid, bool set_metadata,
const uint8_t *data, size_t data_size);
optiga_result optiga_count_data_object(uint16_t oid, uint8_t count);
optiga_result optiga_get_random(uint8_t *random, size_t random_size);
optiga_result optiga_encrypt_sym(optiga_sym_mode mode, uint16_t oid,
const uint8_t *input, size_t input_size,

7
core/embed/trezorhal/unix/optiga.c
View File

@ -167,3 +167,10 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress,
ui_progress(OPTIGA_PIN_DERIVE_MS);
return OPTIGA_SUCCESS;
}
int optiga_pin_get_fails(uint32_t *ctr) {
*ctr = 0;
return OPTIGA_SUCCESS;
}
int optiga_pin_fails_increase(uint32_t count) { return OPTIGA_SUCCESS; }