diff options
Diffstat (limited to 'board/cr50/u2f.c')
-rw-r--r-- | board/cr50/u2f.c | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/board/cr50/u2f.c b/board/cr50/u2f.c index 7c6273823c..7fe1f6484f 100644 --- a/board/cr50/u2f.c +++ b/board/cr50/u2f.c @@ -201,7 +201,8 @@ int u2f_origin_user_keyhandle(const uint8_t *origin, const uint8_t *user, int u2f_origin_user_versioned_keyhandle( const uint8_t *origin, const uint8_t *user, const uint8_t *origin_seed, - uint8_t version, struct u2f_versioned_key_handle *key_handle) + uint8_t version, + struct u2f_versioned_key_handle_header *key_handle_header) { LITE_HMAC_CTX ctx; struct u2f_state *state = get_state(); @@ -209,16 +210,17 @@ int u2f_origin_user_versioned_keyhandle( if (!state) return EC_ERROR_UNKNOWN; - key_handle->version = version; - memcpy(key_handle->origin_seed, origin_seed, P256_NBYTES); + key_handle_header->version = version; + memcpy(key_handle_header->origin_seed, origin_seed, P256_NBYTES); DCRYPTO_HMAC_SHA256_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); HASH_update(&ctx.hash, origin, P256_NBYTES); HASH_update(&ctx.hash, user, P256_NBYTES); HASH_update(&ctx.hash, origin_seed, P256_NBYTES); - HASH_update(&ctx.hash, &version, sizeof(key_handle->version)); + HASH_update(&ctx.hash, &version, sizeof(key_handle_header->version)); - memcpy(key_handle->hmac, DCRYPTO_HMAC_final(&ctx), SHA256_DIGEST_SIZE); + memcpy(key_handle_header->kh_hmac, DCRYPTO_HMAC_final(&ctx), + SHA256_DIGEST_SIZE); return EC_SUCCESS; } @@ -250,6 +252,27 @@ int u2f_origin_user_keypair(const uint8_t *key_handle, size_t key_handle_size, return EC_SUCCESS; } +int u2f_authorization_hmac(const uint8_t *authorization_salt, + const struct u2f_versioned_key_handle_header *header, + const uint8_t *auth_time_secret_hash, uint8_t *hmac) +{ + LITE_HMAC_CTX ctx; + struct u2f_state *state = get_state(); + + if (!state) + return EC_ERROR_UNKNOWN; + + DCRYPTO_HMAC_SHA256_init(&ctx, state->salt_kek, SHA256_DIGEST_SIZE); + HASH_update(&ctx.hash, authorization_salt, U2F_AUTHORIZATION_SALT_SIZE); + HASH_update(&ctx.hash, (uint8_t *)header, + sizeof(struct u2f_versioned_key_handle_header)); + HASH_update(&ctx.hash, auth_time_secret_hash, SHA256_DIGEST_SIZE); + + memcpy(hmac, DCRYPTO_HMAC_final(&ctx), SHA256_DIGEST_SIZE); + + return EC_SUCCESS; +} + int u2f_gen_kek(const uint8_t *origin, uint8_t *kek, size_t key_len) { uint32_t buf[P256_NDIGITS]; |