@@ -624,7 +624,7 @@ static int cmd_asym_keygen() {
624624 if (!has_mgm ) {
625625 return SW_SECURITY_STATUS_NOT_SATISFIED ();
626626 }
627- if (key_ref == 0x9E ) {
627+ if (key_ref == 0x93 ) {
628628 key_ref = EF_PIV_KEY_RETIRED18 ;
629629 }
630630 else if (key_ref == 0xF9 ) {
@@ -749,6 +749,32 @@ static int cmd_set_mgmkey() {
749749 return SW_OK ();
750750}
751751
752+ #define IS_RETIRED (x ) ((x) >= EF_PIV_KEY_RETIRED1 && (x) <= EF_PIV_KEY_RETIRED20)
753+ #define IS_ACTIVE (x ) ((x) >= EF_PIV_KEY_AUTHENTICATION && (x) <= EF_PIV_KEY_CARDAUTH)
754+ static int cmd_move_key () {
755+ if (apdu .nc != 0 ) {
756+ return SW_WRONG_LENGTH ();
757+ }
758+ uint8_t to = P1 (apdu ), from = P2 (apdu );
759+ if ((!IS_RETIRED (from ) && !IS_ACTIVE (from )) || (!IS_RETIRED (to ) && !IS_ACTIVE (to ))) {
760+ return SW_INCORRECT_P1P2 ();
761+ }
762+ if (from == 0x93 ) {
763+ from = EF_PIV_KEY_RETIRED18 ;
764+ }
765+ if (to == 0x93 ) {
766+ to = EF_PIV_KEY_RETIRED18 ;
767+ }
768+ file_t * efs , * efd ;
769+ if (!(efs = search_by_fid (from , NULL , SPECIFY_EF )) || !(efd = search_by_fid (to , NULL , SPECIFY_EF ))) {
770+ return SW_FILE_NOT_FOUND ();
771+ }
772+ flash_write_data_to_file (efd , file_get_data (efs ), file_get_size (efs ));
773+ flash_clear_file (efs );
774+ low_flash_available ();
775+ return SW_OK ();
776+ }
777+
752778#define INS_VERIFY 0x20
753779#define INS_VERSION 0xFD
754780#define INS_SELECT 0xA4
@@ -760,6 +786,7 @@ static int cmd_set_mgmkey() {
760786#define INS_ASYM_KEYGEN 0x47
761787#define INS_PUT_DATA 0xDB
762788#define INS_SET_MGMKEY 0xFF
789+ #define INS_MOVE_KEY 0xF6
763790
764791static const cmd_t cmds [] = {
765792 { INS_VERSION , cmd_version },
@@ -772,6 +799,7 @@ static const cmd_t cmds[] = {
772799 { INS_ASYM_KEYGEN , cmd_asym_keygen },
773800 { INS_PUT_DATA , cmd_put_data },
774801 { INS_SET_MGMKEY , cmd_set_mgmkey },
802+ { INS_MOVE_KEY , cmd_move_key },
775803 { 0x00 , 0x0 }
776804};
777805
0 commit comments