mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Trying to recover MKEK to preserver device private key. If not, all are generated again.

Browse source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-08-24 17:48:50 +02:00
parent 138af5c113
commit 7d7b6b88ba
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/hsm/cmd_initialize.c
View file

@ -115,7 +115,9 @@ int cmd_initialize() {
file_t *tf_kd = search_by_fid(EF_KEY_DOMAIN, NULL, SPECIFY_EF);
if (!tf_kd)
return SW_EXEC_ERROR();
if (store_mkek(NULL) != CCID_OK)
uint8_t mkek[MKEK_SIZE];
int ret_mkek = load_mkek(mkek); //Tries to load MKEK if PIN/SO-PIN are provided before
if (store_mkek(ret_mkek == CCID_OK ? mkek : NULL) != CCID_OK)
return SW_EXEC_ERROR();
if (dkeks) {
if (*dkeks > 0) {
@ -150,7 +152,7 @@ int cmd_initialize() {
if (!fdkey)
return SW_EXEC_ERROR();
int ret = 0;
if (file_get_size(fdkey) == 0 || file_get_data(fdkey) == NULL) {
if (ret_mkek != CCID_OK || file_get_size(fdkey) == 0 || file_get_data(fdkey) == NULL) {
mbedtls_ecdsa_context ecdsa;
mbedtls_ecdsa_init(&ecdsa);
mbedtls_ecp_group_id ec_id = MBEDTLS_ECP_DP_SECP256R1;