mirror of
https://github.com/polhenarejos/pico-hsm.git
synced 2024-09-20 11:20:08 +00:00
Added PBES2 key derivation with encryption and decryption support.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
parent
0e96753ccb
commit
0cb2e8ec2e
@ -241,6 +241,7 @@ int cmd_cipher_sym() {
|
|||||||
mbedtls_platform_zeroize(kdata, sizeof(kdata));
|
mbedtls_platform_zeroize(kdata, sizeof(kdata));
|
||||||
if (r != 0)
|
if (r != 0)
|
||||||
return SW_EXEC_ERROR();
|
return SW_EXEC_ERROR();
|
||||||
|
res_APDU_size = apdu.ne > 0 ? apdu.ne : apdu.nc;
|
||||||
}
|
}
|
||||||
else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) {
|
else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) {
|
||||||
int iterations = 0, keylen = 0;
|
int iterations = 0, keylen = 0;
|
||||||
@ -265,6 +266,16 @@ int cmd_cipher_sym() {
|
|||||||
mbedtls_md_free(&md_ctx);
|
mbedtls_md_free(&md_ctx);
|
||||||
if (r != 0)
|
if (r != 0)
|
||||||
return SW_EXEC_ERROR();
|
return SW_EXEC_ERROR();
|
||||||
|
res_APDU_size = keylen ? keylen : (apdu.ne ? apdu.ne : apdu.nc);
|
||||||
|
}
|
||||||
|
else if (memcmp(oid, OID_PKCS5_PBES2, oid_len) == 0) {
|
||||||
|
mbedtls_asn1_buf params = { .p = aad, .len = aad_len };
|
||||||
|
int r = mbedtls_pkcs5_pbes2(¶ms, algo == ALGO_EXT_CIPHER_ENCRYPT ? MBEDTLS_PKCS5_ENCRYPT : MBEDTLS_PKCS5_DECRYPT, kdata, key_size, enc, enc_len, res_APDU);
|
||||||
|
mbedtls_platform_zeroize(kdata, sizeof(kdata));
|
||||||
|
if (r != 0) {
|
||||||
|
return SW_WRONG_DATA();
|
||||||
|
}
|
||||||
|
res_APDU_size = enc_len;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
Loading…
Reference in New Issue
Block a user