webadmin/pico-keys-sdk
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-keys-sdk synced 2026-05-28 09:01:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Small tweaks

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2026-05-15 17:15:35 +02:00
parent 6e2a2aef71
commit a9261e34ad
1 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/crypto_utils.c
View File

@@ -120,26 +120,27 @@ int decrypt_with_aad(const uint8_t key[32], const uint8_t *in_buf, size_t in_len
const uint8_t *tag = in_buf + in_len - 16; const uint8_t *tag = in_buf + in_len - 16;
mbedtls_gcm_context gcm; mbedtls_gcm_context gcm;
mbedtls_gcm_init(&gcm);
uint8_t kenc[32]; uint8_t kenc[32];
if (version == PIN_KDF_V2) { if (version == PIN_KDF_V2) {
pin_derive_kenc2(key, kenc); pin_derive_kenc2(key, kenc);
} else if (version == PIN_KDF_V1) { }
else if (version == PIN_KDF_V1) {
pin_derive_kenc(key, kenc); pin_derive_kenc(key, kenc);
} }
else { else {
mbedtls_gcm_free(&gcm);
return PICOKEYS_WRONG_DATA; return PICOKEYS_WRONG_DATA;
} }
int rc = mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, kenc, 256); mbedtls_gcm_init(&gcm);
int ret = mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, kenc, 256);
mbedtls_platform_zeroize(kenc, sizeof(kenc)); mbedtls_platform_zeroize(kenc, sizeof(kenc));
if (rc != 0) { if (ret != 0) {
return rc; return ret;
} }
rc = mbedtls_gcm_auth_decrypt(&gcm, in_len - 16 - 12, nonce, 12, pico_serial_hash, sizeof(pico_serial_hash), tag, 16, ct, out_buf); MBEDTLS_MPI_CHK(mbedtls_gcm_auth_decrypt(&gcm, in_len - 16 - 12, nonce, 12, pico_serial_hash, sizeof(pico_serial_hash), tag, 16, ct, out_buf));
cleanup:
mbedtls_gcm_free(&gcm); mbedtls_gcm_free(&gcm);
return rc; return ret;
} }
// Old functions, kept for compatibility. NOT SECURE, use the new ones above. // Old functions, kept for compatibility. NOT SECURE, use the new ones above.