/**
* @file configCmdScp.c
* @author NXP Semiconductors
* @version 1.0
* @par License
*
* Copyright 2017 NXP
* SPDX-License-Identifier: Apache-2.0
*
* @par Description
* Command handling for 'scp'. Includes optional console handling
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <assert.h>
// project specific include files
#include "sm_types.h"
#include "sm_apdu.h"
#include "tst_sm_util.h"
#include "tst_a71ch_util.h"
#include "probeAxUtil.h"
#include "configCmd.h"
#include "configCli.h"
#include "configState.h"
#include "a71_debug.h"
#include "ax_util.h"
#include "axHostCrypto.h"
#include "tstHostCrypto.h"
#define FLOW_VERBOSE_PROBE_A70
#ifdef FLOW_VERBOSE_PROBE_A70
#define FPRINTF(...) printf (__VA_ARGS__)
#else
#define FPRINTF(...)
#endif
// #define DBG_PROBE_A70
#ifdef DBG_PROBE_A70
#define DBGPRINTF(...) printf (__VA_ARGS__)
#else
#define DBGPRINTF(...)
#endif
#if 0
/**
* A hook for the command line handler to invoke A71 commands
*/
int a7xConfigCmdSetEcc(a71_SecureStorageClass_t ssc, U8 index, eccKeyComponents_t *eccKc, U16 *sw)
{
int error = AX_CLI_EXEC_FAILED;
*sw = a7xCmdSetEcc(ssc, index, eccKc);
if (*sw == SW_OK)
{
error = AX_CLI_EXEC_OK;
}
return error;
}
/**
* API wrapper for set ecc (keypair/pub) command. Can be called from GUI.
*/
U16 a7xCmdSetEcc(a71_SecureStorageClass_t ssc, U8 index, eccKeyComponents_t *eccKc)
{
U16 sw;
switch (ssc)
{
case A71_SSC_KEY_PAIR:
sw = A71_SetEccKeyPair(index, eccKc->pub, eccKc->pubLen, eccKc->priv, eccKc->privLen);
break;
case A71_SSC_PUBLIC_KEY:
sw = A71_SetEccPublicKey(index, eccKc->pub, eccKc->pubLen);
break;
default:
sw = A7X_CONFIG_STATUS_API_ERROR;
break;
}
return sw;
}
#endif
/**
* Clear the SCP03 state on the Host. As a result subsequent APDU commands will be
* sent in the clear.
*/
int a7xConfigCmdScpClearHost()
{
DEV_ClearChannelState();
return a7xConfigSetHostScp03State(AX_SCP03_CHANNEL_OFF);
}
/**
* A hook for the command line handler to invoke A71 commands
*/
int a7xConfigCmdScpFromKeyfile(ax_ScpCmdClass_t cmdClass, U8 keyVersion, char *szFilename, U16 *sw)
{
U8 scp03Enc[AES_KEY_LEN_nBYTE];
U8 scp03Mac[AES_KEY_LEN_nBYTE];
U8 scp03Dek[AES_KEY_LEN_nBYTE];
U8 *currentKeyDek = NULL;
U8 sCounter[3];
U16 sCounterLen = sizeof(sCounter);
int error = AX_CLI_EXEC_FAILED;
error = a7xConfigGetScpKeysFromKeyfile(scp03Enc, scp03Mac, scp03Dek, szFilename);
if (error == AX_CLI_EXEC_OK)
{
error = AX_CLI_EXEC_FAILED;
switch (cmdClass)
{
case AX_SCP_CMD_AUTH:
*sw = SCP_Authenticate(scp03Enc, scp03Mac, scp03Dek, SCP_KEY_SIZE, sCounter, &sCounterLen);
if (*sw == SW_OK)
{
a7xConfigSetHostScp03State(AX_SCP03_CHANNEL_ON);
error = AX_CLI_EXEC_OK;
}
break;
case AX_SCP_CMD_PUT:
*sw = SCP_GP_PutKeys(keyVersion, scp03Enc, scp03Mac, scp03Dek, currentKeyDek, SCP_KEY_SIZE);
if (*sw == SW_OK)
{
error = AX_CLI_EXEC_OK;
}
break;
default:
error = AX_CLI_API_ERROR;
break;
}
}
return error;
}
/**
* Get scp keys from keyfile. Can be called from GUI.
*/
int a7xConfigGetScpKeysFromKeyfile(U8 *enc, U8 *mac, U8 *dek, char *szKeyFile)
{
int nRet = AX_CLI_EXEC_FAILED;
U8 hexArray[AES_KEY_LEN_nBYTE];
char szLine[AX_LINE_MAX];
char keyToken[128];
unsigned int idx;
FILE *fHandle = NULL;
int fEnc = 0;
int fMac = 0;
int fDek = 0;
// Open the file
fHandle = fopen(szKeyFile, "r");
if (fHandle == NULL)
{
printf("Failed to open file %s for reading", szKeyFile);
return AX_CLI_FILE_OPEN_FAILED;
}
while (fgets(szLine, AX_LINE_MAX, fHandle) != NULL)
{
DBGPRINTF("%s\n", szLine);
// Filter out lines STARTING with the comment '#' sign
for (idx=0; idx<strlen(szLine); idx++) {
if (!isspace(szLine[idx])) {
break;
}
}
if (szLine[idx] == '#') { continue; }
// Remove all contents from the command line starting with '#'
for (idx=0; idx<strlen(szLine); idx++) {
if (szLine[idx] == '#') {
szLine[idx] = '\0';
break;
}
}
nRet = axCliGetKeyFixedLenHexValueFromLine(keyToken, sizeof(keyToken), hexArray, sizeof(hexArray), szLine);
if (nRet != AX_CLI_EXEC_OK) {
break;
}
if (!strcmp(keyToken, "ENC")) {
if (fEnc == 0) {
memcpy(enc, hexArray, sizeof(hexArray));
fEnc = 1;
}
else {
// Duplicate key value
nRet = AX_CLI_FILE_FORMAT_ERROR;
break;
}
}
else if (!strcmp(keyToken, "MAC")) {
if (fMac == 0) {
memcpy(mac, hexArray, sizeof(hexArray));
fMac = 1;
}
else {
// Duplicate key value
nRet = AX_CLI_FILE_FORMAT_ERROR;
break;
}
}
else if (!strcmp(keyToken, "DEK")) {
if (fDek == 0) {
memcpy(dek, hexArray, sizeof(hexArray));
fDek = 1;
}
else {
// Duplicate key value
nRet = AX_CLI_FILE_FORMAT_ERROR;
break;
}
}
else {
printf("Unknown key name: %s\n", keyToken);
nRet = AX_CLI_FILE_FORMAT_ERROR;
break;
}
}
fclose(fHandle);
// Ensure we have a value for all keys
if ( (nRet != AX_CLI_EXEC_OK) || (fEnc != 1) || (fMac != 1) || (fDek !=1 ) ) {
nRet = AX_CLI_FILE_FORMAT_ERROR;
}
return nRet;
}