From c43006f8c21a6ab67093b5f3ccfa0b778e6a695d Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Thu, 12 Sep 2024 19:01:04 +0200 Subject: [PATCH] Protect keydev if available (only for RP2350). Signed-off-by: Pol Henarejos --- pico-keys-sdk | 2 +- src/fido/cbor.c | 1 + src/fido/cbor_make_credential.c | 7 ++++++- src/fido/cmd_register.c | 8 +++++++- src/fido/fido.c | 12 ++++++++++++ 5 files changed, 27 insertions(+), 3 deletions(-) diff --git a/pico-keys-sdk b/pico-keys-sdk index 9f65a2c..108cfec 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit 9f65a2cfa024b721a6b7c16863e00558ac1a6f88 +Subproject commit 108cfec47c8b72472acbf6d3f8cc50260bfb09bd diff --git a/src/fido/cbor.c b/src/fido/cbor.c index 74c5822..cddde7e 100644 --- a/src/fido/cbor.c +++ b/src/fido/cbor.c @@ -15,6 +15,7 @@ * along with this program. If not, see . */ +#include "pico_keys.h" #if !defined(ENABLE_EMULATION) && !defined(ESP_PLATFORM) #include "pico/stdlib.h" #endif diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 2a99b08..1c3f6e5 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -440,7 +440,12 @@ int cbor_make_credential(const uint8_t *data, size_t len) { if (enterpriseAttestation == 2 || (ka && ka->use_self_attestation == pfalse)) { mbedtls_ecdsa_free(&ekey); mbedtls_ecdsa_init(&ekey); - ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &ekey, file_get_data(ef_keydev), 32); + uint8_t key[32] = {0}; + if (load_keydev(key) != 0) { + CBOR_ERROR(CTAP1_ERR_OTHER); + } + ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &ekey, key, 32); + mbedtls_platform_zeroize(key, sizeof(key)); md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); self_attestation = false; } diff --git a/src/fido/cmd_register.c b/src/fido/cmd_register.c index 325508c..e06df87 100644 --- a/src/fido/cmd_register.c +++ b/src/fido/cmd_register.c @@ -100,7 +100,13 @@ int cmd_register() { return SW_EXEC_ERROR(); } mbedtls_ecdsa_init(&key); - ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, file_get_data(ef_keydev), 32); + uint8_t key_dev[32] = {0}; + ret = load_keydev(key_dev); + if (ret != CCID_OK) { + return SW_EXEC_ERROR(); + } + ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, key_dev, 32); + mbedtls_platform_zeroize(key_dev, sizeof(key_dev)); if (ret != CCID_OK) { mbedtls_ecdsa_free(&key); return SW_EXEC_ERROR(); diff --git a/src/fido/fido.c b/src/fido/fido.c index 7ac7e4e..cac3d3e 100644 --- a/src/fido/fido.c +++ b/src/fido/fido.c @@ -34,6 +34,8 @@ #include "management.h" #include "hid/ctap_hid.h" #include "version.h" +#include "crypto_utils.h" +#include "otp.h" int fido_process_apdu(); int fido_unload(); @@ -178,12 +180,19 @@ int load_keydev(uint8_t *key) { if (has_keydev_dec == false && !file_has_data(ef_keydev)) { return CCID_ERR_MEMORY_FATAL; } + if (has_keydev_dec == true) { memcpy(key, keydev_dec, sizeof(keydev_dec)); } else { memcpy(key, file_get_data(ef_keydev), file_get_size(ef_keydev)); +#ifdef PICO_RP2350 + if (aes_decrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, key, 32) != CCID_OK) { + return CCID_EXEC_ERROR; + } +#endif } + //return mkek_decrypt(key, file_get_size(ef_keydev)); return CCID_OK; } @@ -292,6 +301,9 @@ int scan_files() { if (ret != CCID_OK) { return ret; } +#ifdef PICO_RP2350 + ret = aes_encrypt(otp_key_1, NULL, 32 * 8, PICO_KEYS_AES_MODE_CBC, kdata, 32); +#endif ret = file_put_data(ef_keydev, kdata, (uint16_t)key_size); mbedtls_platform_zeroize(kdata, sizeof(kdata)); mbedtls_ecdsa_free(&ecdsa);