Merge pull request #104 from LedgerHQ/cev/issue_101_doc

Issue 101: Improve doc readability
LedgerHQ · Mar 21, 2024 · 4f84034 · 4f84034
2 parents 400ff19 + 2ec0a05
commit 4f84034
Show file tree

Hide file tree

Showing 19 changed files with 1,384 additions and 251 deletions.
diff --git a/Makefile b/Makefile
@@ -30,7 +30,7 @@ APPNAME = OpenPGP
 # Application version
 APPVERSION_M = 2
 APPVERSION_N = 2
-APPVERSION_P = 1
+APPVERSION_P = 2
 APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"
 
 SPECVERSION:="3.3.1"

diff --git a/pytools/gpgapp/gpgcard.py b/pytools/gpgapp/gpgcard.py
@@ -926,9 +926,6 @@ def decode_attributes(self, key: str) -> str:
         if not attributes or len(attributes) == 0:
             return ""
 
-        if attributes[0] not in set(iter(PubkeyAlgo)):
-            return ""
-
         if attributes[0] == PubkeyAlgo.RSA:
             if attributes[5] == 0:
                 fmt = "standard (e, p, q)"
@@ -944,14 +941,12 @@ def decode_attributes(self, key: str) -> str:
             return ret
 
         if attributes[0] == PubkeyAlgo.ECDSA:
-            ret = "ECDSA"
+            return "ECDSA"
         if attributes[0] == PubkeyAlgo.ECDH:
-            ret = "ECDH"
+            return "ECDH"
         if attributes[0] == PubkeyAlgo.EDDSA:
-            ret = "EDDSA"
-        else:
-            ret = ""
-        return ret
+            return "EDDSA"
+        return ""
 
 
     def decode_key(self, key: str) -> dict:

diff --git a/src/gpg_api.h b/src/gpg_api.h
@@ -18,25 +18,39 @@
 #ifndef GPG_API_H
 #define GPG_API_H
 
-void gpg_activate_pinpad(uint8_t enabled);
+/* ----------------------------------------------------------------------- */
+/* ---                              INIT                              ---- */
+/* ----------------------------------------------------------------------- */
 
+void gpg_activate_pinpad(uint8_t enabled);
 unsigned int gpg_oid2curve(unsigned char *oid, unsigned int len);
 unsigned char *gpg_curve2oid(unsigned int cv, unsigned int *len);
 unsigned int gpg_curve2domainlen(unsigned int cv);
 
 void gpg_init(void);
-void gpg_init_ux(void);
 void gpg_install(unsigned char app_state);
-void gpg_install_slot(gpg_key_slot_t *slot);
+
+/* ----------------------------------------------------------------------- */
+/* ---                            DISPATCH                            ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_dispatch(void);
 
+/* ----------------------------------------------------------------------- */
+/* ---                              DATA                              ---- */
+/* ----------------------------------------------------------------------- */
+
 void gpg_apdu_select_data(unsigned int ref, int record);
 int gpg_apdu_get_data(unsigned int ref);
 int gpg_apdu_get_next_data(unsigned int ref);
 int gpg_apdu_put_data(unsigned int ref);
 int gpg_apdu_get_key_data(unsigned int ref);
 int gpg_apdu_put_key_data(unsigned int ref);
 
+/* ----------------------------------------------------------------------- */
+/* ---                              PSO                               ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_pso_derive_slot_seed(int slot, unsigned char *seed);
 int gpg_pso_derive_key_seed(unsigned char *Sn,
                             unsigned char *key_name,
@@ -45,27 +59,48 @@ int gpg_pso_derive_key_seed(unsigned char *Sn,
                             unsigned int Ski_len);
 int gpg_apdu_pso(void);
 int gpg_apdu_internal_authenticate(void);
+
+/* ----------------------------------------------------------------------- */
+/* ---                              GEN                               ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_apdu_gen(void);
+
+/* ----------------------------------------------------------------------- */
+/* ---                           CHALLENGE                            ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_apdu_get_challenge(void);
 
+/* ----------------------------------------------------------------------- */
+/* ---                            SELECT                              ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_apdu_select(void);
 
+/* ----------------------------------------------------------------------- */
+/* ---                              PIN                               ---- */
+/* ----------------------------------------------------------------------- */
+
 int gpg_apdu_verify(void);
 int gpg_apdu_change_ref_data(void);
 int gpg_apdu_reset_retry_counter(void);
 
 gpg_pin_t *gpg_pin_get_pin(int id);
-int gpg_pin_is_blocked(gpg_pin_t *pin);
 int gpg_pin_is_verified(int pinID);
 void gpg_pin_set_verified(int pinID, int verified);
 int gpg_pin_check(gpg_pin_t *pin, int pinID, const unsigned char *pin_val, unsigned int pin_len);
 int gpg_pin_set(gpg_pin_t *pin, unsigned char *pin_val, unsigned int pin_len);
 
+/* ----------------------------------------------------------------------- */
+/* ---                              MSE                               ---- */
+/* ----------------------------------------------------------------------- */
+
 void gpg_mse_reset();
 int gpg_apdu_mse();
 
 /* ----------------------------------------------------------------------- */
-/* ---                                  IO                            ---- */
+/* ---                               IO                               ---- */
 /* ----------------------------------------------------------------------- */
 void gpg_io_discard(int clear);
 void gpg_io_clear(void);

diff --git a/src/gpg_challenge.c b/src/gpg_challenge.c
@@ -18,6 +18,12 @@
 #include "gpg_vars.h"
 #include "cx_errors.h"
 
+/**
+ * Generate a Random Number
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_get_challenge() {
     unsigned int olen;
     cx_err_t error = CX_INTERNAL_ERROR;

diff --git a/src/gpg_data.c b/src/gpg_data.c
@@ -19,12 +19,27 @@
 #include "gpg_ux.h"
 #include "cx_errors.h"
 
+/**
+ * Select a DO (Data Object) in the current template
+ *
+ * @param[in] ref DO tag
+ * @param[in] record Offset of the record
+ *
+ */
 void gpg_apdu_select_data(unsigned int ref, int record) {
     G_gpg_vstate.DO_current = ref;
     G_gpg_vstate.DO_reccord = record;
     G_gpg_vstate.DO_offset = 0;
 }
 
+/**
+ * Read a DO (Data Object) from the card
+ *
+ * @param[in] ref DO tag
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_get_data(unsigned int ref) {
     int sw = SW_UNKNOWN;
 
@@ -211,6 +226,14 @@ int gpg_apdu_get_data(unsigned int ref) {
     return sw;
 }
 
+/**
+ * Read the next instance of the same DO (Data Object) from the card
+ *
+ * @param[in] ref DO tag
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_get_next_data(unsigned int ref) {
     int sw = SW_UNKNOWN;
 
@@ -224,6 +247,14 @@ int gpg_apdu_get_next_data(unsigned int ref) {
     return sw;
 }
 
+/**
+ * Write a DO (Data Object) to the card
+ *
+ * @param[in] ref DO tag
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_put_data(unsigned int ref) {
     unsigned int t, l, sw;
     unsigned int *ptr_l = NULL;
@@ -799,6 +830,15 @@ int gpg_apdu_put_data(unsigned int ref) {
     return error;
 }
 
+/**
+ * Init an encryption key to protect Private Key
+ * Used for Backup/Restore
+ *
+ * @param[out] keyenc aes encryption key
+ *
+ * @return Status Word
+ *
+ */
 static int gpg_init_keyenc(cx_aes_key_t *keyenc) {
     int sw = SW_UNKNOWN;
     unsigned char seed[32];
@@ -821,8 +861,15 @@ static int gpg_init_keyenc(cx_aes_key_t *keyenc) {
     return SW_OK;
 }
 
-// cmd
-// resp  TID API COMPAT len_pub len_priv priv
+/**
+ * Read a Key DO (Data Object) from the card
+ * for Backup
+ *
+ * @param[in] ref DO tag
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_get_key_data(unsigned int ref) {
     cx_aes_key_t keyenc = {0};
     gpg_key_t *keygpg = NULL;
@@ -932,8 +979,15 @@ int gpg_apdu_get_key_data(unsigned int ref) {
     return error;
 }
 
-// cmd   TID API COMPAT len_pub len_priv priv
-// resp  -
+/**
+ * Write a key DO (Data Object) to the card
+ * For Restore
+ *
+ * @param[in] ref DO tag
+ *
+ * @return Status Word
+ *
+ */
 int gpg_apdu_put_key_data(unsigned int ref) {
     cx_aes_key_t keyenc = {0};
     gpg_key_t *keygpg = NULL;

diff --git a/src/gpg_dispatch.c b/src/gpg_dispatch.c
@@ -17,6 +17,13 @@
 
 #include "gpg_vars.h"
 
+/**
+ * Check INS access condition
+ * Verify if the corresponding PW is verified
+ *
+ * @return Status Word
+ *
+ */
 static int gpg_check_access_ins() {
     int sw = SW_UNKNOWN;
 
@@ -92,6 +99,13 @@ static int gpg_check_access_ins() {
     return sw;
 }
 
+/**
+ * Check INS Read access condition
+ * Verify if the corresponding PW is verified
+ *
+ * @return Status Word
+ *
+ */
 static int gpg_check_access_read_DO() {
     int sw = SW_UNKNOWN;
 
@@ -163,6 +177,13 @@ static int gpg_check_access_read_DO() {
     return sw;
 }
 
+/**
+ * Check INS Write access condition
+ * Verify if the corresponding PW is verified
+ *
+ * @return Status Word
+ *
+ */
 static int gpg_check_access_write_DO() {
     int sw = SW_UNKNOWN;
 
@@ -228,7 +249,12 @@ static int gpg_check_access_write_DO() {
     return sw;
 }
 
-/* assume command is fully received */
+/**
+ * APDU Handler: dispatch command
+ *
+ * @return Status Word
+ *
+ */
 int gpg_dispatch() {
     unsigned int tag, t, l;
     int sw = SW_UNKNOWN;