Show device private key

This commit is contained in:
Pierre HUBERT 2024-08-15 13:32:01 +02:00
parent 752bf50ad3
commit 0c11703cea
3 changed files with 61 additions and 23 deletions

View File

@ -14,31 +14,39 @@
#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1 #define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
bool crypto_gen_priv_key() static const char *pers = "ecdsa";
static void seed_ctr_drbg_context(mbedtls_entropy_context *entropy, mbedtls_ctr_drbg_context *ctr_drbg)
{ {
// TODO : check if key exists in memory int ret;
int ret = 1; mbedtls_entropy_init(entropy);
mbedtls_ctr_drbg_init(ctr_drbg);
const char *pers = "ecdsa";
mbedtls_entropy_context entropy;
mbedtls_entropy_init(&entropy);
mbedtls_pk_context key;
mbedtls_pk_init(&key);
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ctr_drbg_init(&ctr_drbg);
printf("Seed Mbedtls\n"); printf("Seed Mbedtls\n");
if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, if ((ret = mbedtls_ctr_drbg_seed(ctr_drbg, mbedtls_entropy_func, entropy,
(const unsigned char *)pers, (const unsigned char *)pers,
strlen(pers))) != 0) strlen(pers))) != 0)
{ {
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
reboot(); reboot();
} }
}
bool crypto_gen_priv_key()
{
// Check if a private key has already been defined for this device
if (storage_get_priv_key(NULL) > 0)
return false;
int ret = 1;
mbedtls_pk_context key;
mbedtls_pk_init(&key);
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
seed_ctr_drbg_context(&entropy, &ctr_drbg);
printf("PK info from type\n"); printf("PK info from type\n");
if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0) if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0)
@ -70,23 +78,46 @@ bool crypto_gen_priv_key()
} }
storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret); storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret);
free(key_buff);
return true; return true;
} }
/** void crypto_print_priv_key()
* // Show private key {
int ret;
unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
size_t key_len = storage_get_priv_key(key_buff);
assert(key_len > 0);
mbedtls_pk_context key;
mbedtls_pk_init(&key);
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
seed_ctr_drbg_context(&entropy, &ctr_drbg);
printf("Parse private key (len = %d)\n", key_len);
if ((ret = mbedtls_pk_parse_key(&key, key_buff, key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%04x",
(unsigned int)-ret);
reboot();
}
printf("Show private key\n"); printf("Show private key\n");
unsigned char *key_buff = malloc(16000); unsigned char *out = malloc(16000);
memset(key_buff, 0, 16000); memset(out, 0, 16000);
if ((ret = mbedtls_pk_write_key_pem(&key, key_buff, 16000)) != 0) if ((ret = mbedtls_pk_write_key_pem(&key, out, 16000)) != 0)
{ {
mbedtls_printf(" failed\n ! mbedtls_pk_write_key_pem returned -0x%04x", mbedtls_printf(" failed\n ! mbedtls_pk_write_key_pem returned -0x%04x",
(unsigned int)-ret); (unsigned int)-ret);
reboot(); reboot();
} }
printf("%s", key_buff); printf("%s", out);
free(out);
free(key_buff); free(key_buff);
printf("done\n"); }
*/

View File

@ -18,6 +18,11 @@ extern "C"
*/ */
bool crypto_gen_priv_key(); bool crypto_gen_priv_key();
/**
* Print current device private key
*/
void crypto_print_priv_key();
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

View File

@ -29,6 +29,8 @@ void app_main(void)
{ {
printf("Generated device private key!\n"); printf("Generated device private key!\n");
} }
printf("Device private key:\n");
crypto_print_priv_key();
reboot(); reboot();
} }