diff --git a/CMakeLists.txt b/CMakeLists.txt
index c9c3b25..509eff6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -97,7 +97,6 @@ endif()
list(APPEND SOURCES
${CMAKE_CURRENT_LIST_DIR}/src/fido/fido.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/files.c
- ${CMAKE_CURRENT_LIST_DIR}/src/fido/kek.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cmd_register.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cmd_authenticate.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cmd_version.c
diff --git a/src/fido/cbor_client_pin.c b/src/fido/cbor_client_pin.c
index cf7a360..a58ceee 100644
--- a/src/fido/cbor_client_pin.c
+++ b/src/fido/cbor_client_pin.c
@@ -37,7 +37,6 @@
#include "random.h"
#include "crypto_utils.h"
#include "apdu.h"
-#include "kek.h"
uint32_t usage_timer = 0, initial_usage_time_limit = 0;
uint32_t max_usage_time_period = 600 * 1000;
diff --git a/src/fido/fido.c b/src/fido/fido.c
index 79d98fe..014eeca 100644
--- a/src/fido/fido.c
+++ b/src/fido/fido.c
@@ -17,7 +17,6 @@
#include "pico_keys.h"
#include "fido.h"
-#include "kek.h"
#include "apdu.h"
#include "ctap.h"
#include "files.h"
@@ -226,9 +225,6 @@ int load_keydev(uint8_t key[32]) {
uint16_t fid_size = file_get_size(ef_keydev);
if (fid_size == 32) {
memcpy(key, file_get_data(ef_keydev), 32);
- if (mkek_decrypt(key, 32) != PICOKEY_OK) {
- return PICOKEY_EXEC_ERROR;
- }
if (otp_key_1 && aes_decrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, key, 32) != PICOKEY_OK) {
return PICOKEY_EXEC_ERROR;
}
@@ -372,7 +368,6 @@ int encrypt_keydev_f1(const uint8_t keydev[32]) {
int scan_files_fido(void) {
ef_keydev = search_by_fid(EF_KEY_DEV, NULL, SPECIFY_EF);
ef_keydev_enc = search_by_fid(EF_KEY_DEV_ENC, NULL, SPECIFY_EF);
- ef_mkek = search_by_fid(EF_MKEK, NULL, SPECIFY_EF);
if (ef_keydev) {
if (!file_has_data(ef_keydev) && !file_has_data(ef_keydev_enc)) {
printf("KEY DEVICE is empty. Generating SECP256R1 curve...");
diff --git a/src/fido/files.c b/src/fido/files.c
index d2280db..fec6491 100644
--- a/src/fido/files.c
+++ b/src/fido/files.c
@@ -21,7 +21,6 @@ file_t file_entries[] = {
{ .fid = 0x3f00, .parent = 0xff, .name = NULL, .type = FILE_TYPE_DF, .data = NULL, .ef_structure = 0, .acl = { 0 } }, // MF
{ .fid = EF_KEY_DEV, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // Device Key
{ .fid = EF_KEY_DEV_ENC, .parent = 0, .name = NULL,.type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // Device Key Enc
- { .fid = EF_MKEK, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // MKEK
{ .fid = EF_EE_DEV, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // End Entity Certificate Device
{ .fid = EF_EE_DEV_EA, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // End Entity Enterprise Attestation Certificate
{ .fid = EF_COUNTER, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = { 0xff } }, // Global counter
@@ -46,4 +45,3 @@ file_t *ef_pin_admin = NULL;
file_t *ef_authtoken = NULL;
file_t *ef_keydev_enc = NULL;
file_t *ef_largeblob = NULL;
-file_t *ef_mkek = NULL;
diff --git a/src/fido/files.h b/src/fido/files.h
index 2e38174..d6d45e6 100644
--- a/src/fido/files.h
+++ b/src/fido/files.h
@@ -22,7 +22,6 @@
#define EF_KEY_DEV 0xCC00
#define EF_KEY_DEV_ENC 0xCC01
-#define EF_MKEK 0xCC0F
#define EF_EE_DEV 0xCE00
#define EF_EE_DEV_EA 0xCE01
#define EF_COUNTER 0xC000
@@ -53,6 +52,5 @@ extern file_t *ef_pin_admin;
extern file_t *ef_authtoken;
extern file_t *ef_keydev_enc;
extern file_t *ef_largeblob;
-extern file_t *ef_mkek;
#endif //_FILES_H_
diff --git a/src/fido/kek.c b/src/fido/kek.c
deleted file mode 100644
index 7277a48..0000000
--- a/src/fido/kek.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * This file is part of the Pico Fido distribution (https://github.com/polhenarejos/pico-fido).
- * Copyright (c) 2022 Pol Henarejos.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, version 3.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-
-#include "pico_keys.h"
-#include "fido.h"
-#include "stdlib.h"
-#if defined(PICO_PLATFORM)
-#include "pico/stdlib.h"
-#endif
-#include "kek.h"
-#include "crypto_utils.h"
-#include "random.h"
-#include "mbedtls/md.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/chachapoly.h"
-#include "files.h"
-#include "otp.h"
-
-uint8_t mkek_mask[MKEK_KEY_SIZE];
-bool has_mkek_mask = false;
-
-static void mkek_masked(uint8_t *mkek, const uint8_t *mask) {
- if (mask) {
- for (int i = 0; i < MKEK_KEY_SIZE; i++) {
- MKEK_KEY(mkek)[i] ^= mask[i];
- }
- }
-}
-
-int load_mkek(uint8_t *mkek) {
- file_t *tf = search_file(EF_MKEK);
- if (file_has_data(tf)) {
- memcpy(mkek, file_get_data(tf), MKEK_SIZE);
- }
-
- if (has_mkek_mask) {
- mkek_masked(mkek, mkek_mask);
- }
- if (file_get_size(tf) == MKEK_SIZE) {
- int ret = aes_decrypt_cfb_256(session_pin, MKEK_IV(mkek), MKEK_KEY(mkek), MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE);
- if (ret != 0) {
- return PICOKEY_EXEC_ERROR;
- }
- uint32_t mkek_checksum = 0;
- memcpy(&mkek_checksum, MKEK_CHECKSUM(mkek), sizeof(mkek_checksum));
- if (crc32c(MKEK_KEY(mkek), MKEK_KEY_SIZE) != mkek_checksum) {
- return PICOKEY_WRONG_DKEK;
- }
- if (otp_key_1) {
- mkek_masked(mkek, otp_key_1);
- }
- }
- return PICOKEY_OK;
-}
-
-void release_mkek(uint8_t *mkek) {
- mbedtls_platform_zeroize(mkek, MKEK_SIZE);
-}
-
-int mkek_decrypt(uint8_t *data, uint16_t len) {
- int r;
- uint8_t mkek[MKEK_SIZE + 4];
- if ((r = load_mkek(mkek)) != PICOKEY_OK) {
- return r;
- }
- r = aes_decrypt_cfb_256(MKEK_KEY(mkek), MKEK_IV(mkek), data, len);
- release_mkek(mkek);
- return r;
-}
diff --git a/src/fido/kek.h b/src/fido/kek.h
deleted file mode 100644
index 9540620..0000000
--- a/src/fido/kek.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * This file is part of the Pico Fido distribution (https://github.com/polhenarejos/pico-fido).
- * Copyright (c) 2022 Pol Henarejos.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, version 3.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-
-#ifndef _KEK_H_
-#define _KEK_H_
-
-#include "crypto_utils.h"
-#if defined(ENABLE_EMULATION) || defined(ESP_PLATFORM)
-#include
-#endif
-
-
-extern int load_mkek(uint8_t *);
-extern int store_mkek(const uint8_t *);
-extern void init_mkek(void);
-extern void release_mkek(uint8_t *);
-extern int mkek_encrypt(uint8_t *data, uint16_t len);
-extern int mkek_decrypt(uint8_t *data, uint16_t len);
-
-#define MKEK_IV_SIZE (IV_SIZE)
-#define MKEK_KEY_SIZE (32)
-#define MKEK_KEY_CS_SIZE (4)
-#define MKEK_SIZE (MKEK_IV_SIZE + MKEK_KEY_SIZE + MKEK_KEY_CS_SIZE)
-#define MKEK_IV(p) (p)
-#define MKEK_KEY(p) (MKEK_IV(p) + MKEK_IV_SIZE)
-#define MKEK_CHECKSUM(p) (MKEK_KEY(p) + MKEK_KEY_SIZE)
-#define DKEK_KEY_SIZE (32)
-
-extern uint8_t mkek_mask[MKEK_KEY_SIZE];
-extern bool has_mkek_mask;
-
-#endif