Arduino/pico-fido
1
0
Fork 1
mirror of https://github.com/polhenarejos/pico-fido.git synced 2025-12-19 02:48:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Enable OTP master key for ESP32-S3.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2024-11-10 01:07:31 +01:00
parent ee80462a4a
commit 730e76af75
1 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/fido/fido.c
View File

@@ -188,11 +188,9 @@ int load_keydev(uint8_t *key) {
} }
else { else {
memcpy(key, file_get_data(ef_keydev), file_get_size(ef_keydev)); memcpy(key, file_get_data(ef_keydev), file_get_size(ef_keydev));
#ifdef PICO_RP2350 if (otp_key_1 && aes_decrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, key, 32) != PICOKEY_OK) {
if (aes_decrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, key, 32) != PICOKEY_OK) {
return PICOKEY_EXEC_ERROR; return PICOKEY_EXEC_ERROR;
} }
#endif
} }
//return mkek_decrypt(key, file_get_size(ef_keydev)); //return mkek_decrypt(key, file_get_size(ef_keydev));
@@ -303,9 +301,9 @@ int scan_files() {
if (ret != PICOKEY_OK) { if (ret != PICOKEY_OK) {
return ret; return ret;
} }
#ifdef PICO_RP2350 if (otp_key_1) {
ret = aes_encrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, kdata, 32); ret = aes_encrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, kdata, 32);
#endif }
ret = file_put_data(ef_keydev, kdata, (uint16_t)key_size); ret = file_put_data(ef_keydev, kdata, (uint16_t)key_size);
mbedtls_platform_zeroize(kdata, sizeof(kdata)); mbedtls_platform_zeroize(kdata, sizeof(kdata));
mbedtls_ecdsa_free(&ecdsa); mbedtls_ecdsa_free(&ecdsa);