Fix OTP/MKEK secure system.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2025-12-17 08:40:06 +08:00 · 2025-01-08 17:25:04 +01:00
parent 6a67800057
commit 77dd1c4b98
3 changed files with 30 additions and 26 deletions
--- a/2
+++ b/2
--- a/src/fido/fido.c
+++ b/src/fido/fido.c
@@ -322,13 +322,33 @@ int scan_files() {
    else {
        printf("FATAL ERROR: KEY DEV not found in memory!\r\n");
    }
+    if (ef_mkek) { // No encrypted MKEK
+        if (!file_has_data(ef_mkek)) {
+            uint8_t mkek[MKEK_IV_SIZE + MKEK_KEY_SIZE];
+            random_gen(NULL, mkek, sizeof(mkek));
+            file_put_data(ef_mkek, mkek, sizeof(mkek));
+            int ret = aes_encrypt_cfb_256(MKEK_KEY(mkek), MKEK_IV(mkek), file_get_data(ef_keydev), 32);
+            mbedtls_platform_zeroize(mkek, sizeof(mkek));
+            if (ret != 0) {
+                printf("FATAL ERROR: MKEK encryption failed!\r\n");
+            }
+        }
+    }
+    else {
+        printf("FATAL ERROR: MKEK not found in memory!\r\n");
+    }
    ef_certdev = search_by_fid(EF_EE_DEV, NULL, SPECIFY_EF);
    if (ef_certdev) {
        if (!file_has_data(ef_certdev)) {
-            uint8_t cert[2048];
+            uint8_t cert[2048], outk[32];
+            memset(outk, 0, sizeof(outk));
+            int ret = 0;
+            if ((ret = load_keydev(outk)) != 0) {
+                return ret;
+            }
            mbedtls_ecdsa_context key;
            mbedtls_ecdsa_init(&key);
-            int ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, file_get_data(ef_keydev), file_get_size(ef_keydev));
+            ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, outk, sizeof(outk));
            if (ret != 0) {
                mbedtls_ecdsa_free(&key);
                return ret;
@@ -385,21 +405,6 @@ int scan_files() {
        file_put_data(ef_largeblob, (const uint8_t *) "\x80\x76\xbe\x8b\x52\x8d\x00\x75\xf7\xaa\xe9\x8d\x6f\xa5\x7a\x6d\x3c", 17);
    }

-    if (ef_mkek) { // No encrypted MKEK
-        if (!file_has_data(ef_mkek)) {
-            uint8_t mkek[MKEK_IV_SIZE + MKEK_KEY_SIZE];
-            random_gen(NULL, mkek, sizeof(mkek));
-            file_put_data(ef_mkek, mkek, sizeof(mkek));
-            int ret = aes_encrypt_cfb_256(MKEK_KEY(mkek), MKEK_IV(mkek), file_get_data(ef_keydev), 32);
-            mbedtls_platform_zeroize(mkek, sizeof(mkek));
-            if (ret != 0) {
-                printf("FATAL ERROR: MKEK encryption failed!\r\n");
-            }
-        }
-    }
-    else {
-        printf("FATAL ERROR: MKEK not found in memory!\r\n");
-    }
    low_flash_available();
    return PICOKEY_OK;
 }
--- a/src/fido/kek.c
+++ b/src/fido/kek.c
@@ -56,13 +56,9 @@ void mkek_masked(uint8_t *mkek, const uint8_t *mask) {
        }
    }
 }
-#include <stdio.h>
+
 int load_mkek(uint8_t *mkek) {
-    if (paut.in_use == false) {
-        return PICOKEY_NO_LOGIN;
-    }
    file_t *tf = search_file(EF_MKEK);
-    printf("file_size = %d\n", file_get_size(tf));
    if (file_has_data(tf)) {
        memcpy(mkek, file_get_data(tf), MKEK_SIZE);
    }
@@ -78,9 +74,9 @@ int load_mkek(uint8_t *mkek) {
        if (crc32c(MKEK_KEY(mkek), MKEK_KEY_SIZE) != *(uint32_t *) MKEK_CHECKSUM(mkek)) {
            return PICOKEY_WRONG_DKEK;
        }
-    }
-    if (otp_key_1) {
-        mkek_masked(mkek, otp_key_1);
+        if (otp_key_1) {
+            mkek_masked(mkek, otp_key_1);
+        }
    }
    return PICOKEY_OK;
 }
@@ -98,6 +94,9 @@ int store_mkek(const uint8_t *mkek) {
    else {
        memcpy(tmp_mkek, mkek, MKEK_SIZE);
    }
+    if (otp_key_1) {
+        mkek_masked(tmp_mkek, otp_key_1);
+    }
    *(uint32_t *) MKEK_CHECKSUM(tmp_mkek) = crc32c(MKEK_KEY(tmp_mkek), MKEK_KEY_SIZE);
    uint8_t tmp_mkek_pin[MKEK_SIZE];
    memcpy(tmp_mkek_pin, tmp_mkek, MKEK_SIZE);