Refact: Move custom CA functions into CCA module

abonnaudet-ledger · abonnaudet-ledger · commit 27560a4a593f · 2024-10-04T09:42:38.000+02:00
diff --git a/include/cca_public.h b/include/cca_public.h
@@ -0,0 +1,36 @@
+/**
+ * @file cca_public.h
+ * @brief Types and prototypes to interact with the Custom CA module from public user-land.
+ */
+
+#ifndef CCA_PUBLIC_H_
+#define CCA_PUBLIC_H_
+
+#ifdef HAVE_BOLOS_CUSTOMCA
+
+#include "bolos_target.h"
+#include "decorators.h"
+
+/* ----------------------------------------------------------------------- */
+/* -                         CUSTOM CERTIFICATE AUTHORITY                - */
+/* ----------------------------------------------------------------------- */
+
+// Verify the signature is issued from the custom certificate authority
+
+/**
+ * @brief Verify hash signature with custom certificate authority
+ *
+ * @param hash Hash to be verified (32 bytes length).
+ * @param sign Signature to be verified
+ * @param sign_length Signature length
+ * @return bool
+ * @retval Verification OK
+ * @retval Verification not OK
+ *
+ */
+SYSCALL unsigned int cca_verify_custom_ca(unsigned char *hash PLENGTH(32),
+                                          unsigned char *sign PLENGTH(sign_length),
+                                          unsigned int        sign_length);
+
+#endif  // HAVE_BOLOS_CUSTOMCA
+#endif  // CCA_PUBLIC_H_
diff --git a/include/os_customca.h b/include/os_customca.h
diff --git a/include/syscalls.h b/include/syscalls.h
@@ -201,14 +201,14 @@
 #define SYSCALL_os_dashboard_mbx_ID 0x02000150
 
 #ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
-#define SYSCALL_os_bolos_custom_ca_get_info_ID 0x01000CA0
-#define SYSCALL_os_bolos_custom_ca_revoke_ID   0x00000CA1
+#define SYSCALL_cca_get_custom_ca_info_ID 0x01000CA0
+#define SYSCALL_cca_custom_ca_revoke_ID   0x00000CA1
 #endif  // HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
 
 #define SYSCALL_os_bolos_endorsement_revoke_ID 0x010001ED
 
 #ifdef HAVE_BOLOS_CUSTOMCA
-#define SYSCALL_os_customca_verify_ID 0x03000090
+#define SYSCALL_cca_verify_custom_ca_ID 0x03000090
 #endif  // HAVE_BOLOS_CUSTOMCA
 
 #ifdef HAVE_AEM_PIN
diff --git a/src/syscalls.c b/src/syscalls.c
@@ -1738,13 +1738,15 @@ void os_registry_delete_all_apps(void)
 }
 
 #ifdef HAVE_BOLOS_CUSTOMCA
-unsigned int os_customca_verify(unsigned char *hash, unsigned char *sign, unsigned int sign_length)
+unsigned int cca_verify_custom_ca(unsigned char *hash,
+                                  unsigned char *sign,
+                                  unsigned int   sign_length)
 {
     unsigned int parameters[3];
     parameters[0] = (unsigned int) hash;
     parameters[1] = (unsigned int) sign;
     parameters[2] = (unsigned int) sign_length;
-    return (unsigned int) SVC_Call(SYSCALL_os_customca_verify_ID, parameters);
+    return (unsigned int) SVC_Call(SYSCALL_cca_verify_custom_ca_ID, parameters);
 }
 #endif  // HAVE_BOLOS_CUSTOMCA
 
@@ -1929,19 +1931,20 @@ unsigned int os_deny_protected_flash(void)
 }
 
 #ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS
-bolos_bool_t os_bolos_custom_ca_get_info(customca_data_t *custom_ca)
+
+bolos_bool_t cca_get_custom_ca_info(customca_data_t *custom_ca)
 {
     unsigned int parameters[2];
     parameters[0]    = (unsigned int) custom_ca;
-    bolos_bool_t ret = (bolos_bool_t) SVC_Call(SYSCALL_os_bolos_custom_ca_get_info_ID, parameters);
+    bolos_bool_t ret = (bolos_bool_t) SVC_Call(SYSCALL_cca_get_custom_ca_info_ID, parameters);
     return ret;
 }
 
-void os_bolos_custom_ca_revoke(void)
+void cca_custom_ca_revoke(void)
 {
     unsigned int parameters[1];
     parameters[0] = 0;
-    SVC_Call(SYSCALL_os_bolos_custom_ca_revoke_ID, parameters);
+    SVC_Call(SYSCALL_cca_custom_ca_revoke_ID, parameters);
     return;
 }
 #endif  // HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS

Original file line number	Diff line number	Diff line change
`@@ -1738,13 +1738,15 @@ void os_registry_delete_all_apps(void)`
`1738`	`1738`	`}`
`1739`	`1739`
`1740`	`1740`	`#ifdef HAVE_BOLOS_CUSTOMCA`
`1741`		`-unsigned int os_customca_verify(unsigned char hash, unsigned char sign, unsigned int sign_length)`
	`1741`	`+unsigned int cca_verify_custom_ca(unsigned char *hash,`
	`1742`	`+ unsigned char *sign,`
	`1743`	`+ unsigned int sign_length)`
`1742`	`1744`	`{`
`1743`	`1745`	`unsigned int parameters[3];`
`1744`	`1746`	`parameters[0] = (unsigned int) hash;`
`1745`	`1747`	`parameters[1] = (unsigned int) sign;`
`1746`	`1748`	`parameters[2] = (unsigned int) sign_length;`
`1747`		`- return (unsigned int) SVC_Call(SYSCALL_os_customca_verify_ID, parameters);`
	`1749`	`+ return (unsigned int) SVC_Call(SYSCALL_cca_verify_custom_ca_ID, parameters);`
`1748`	`1750`	`}`
`1749`	`1751`	`#endif // HAVE_BOLOS_CUSTOMCA`
`1750`	`1752`
`@@ -1929,19 +1931,20 @@ unsigned int os_deny_protected_flash(void)`
`1929`	`1931`	`}`
`1930`	`1932`
`1931`	`1933`	`#ifdef HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS`
`1932`		`-bolos_bool_t os_bolos_custom_ca_get_info(customca_data_t *custom_ca)`
	`1934`	`+`
	`1935`	`+bolos_bool_t cca_get_custom_ca_info(customca_data_t *custom_ca)`
`1933`	`1936`	`{`
`1934`	`1937`	`unsigned int parameters[2];`
`1935`	`1938`	`parameters[0] = (unsigned int) custom_ca;`
`1936`		`- bolos_bool_t ret = (bolos_bool_t) SVC_Call(SYSCALL_os_bolos_custom_ca_get_info_ID, parameters);`
	`1939`	`+ bolos_bool_t ret = (bolos_bool_t) SVC_Call(SYSCALL_cca_get_custom_ca_info_ID, parameters);`
`1937`	`1940`	`return ret;`
`1938`	`1941`	`}`
`1939`	`1942`
`1940`		`-void os_bolos_custom_ca_revoke(void)`
	`1943`	`+void cca_custom_ca_revoke(void)`
`1941`	`1944`	`{`
`1942`	`1945`	`unsigned int parameters[1];`
`1943`	`1946`	`parameters[0] = 0;`
`1944`		`- SVC_Call(SYSCALL_os_bolos_custom_ca_revoke_ID, parameters);`
	`1947`	`+ SVC_Call(SYSCALL_cca_custom_ca_revoke_ID, parameters);`
`1945`	`1948`	`return;`
`1946`	`1949`	`}`
`1947`	`1950`	`#endif // HAVE_CUSTOM_CA_DETAILS_IN_SETTINGS`