Show device private key
This commit is contained in:
parent
752bf50ad3
commit
0c11703cea
@ -14,31 +14,39 @@
|
|||||||
|
|
||||||
#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
|
#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
|
||||||
|
|
||||||
bool crypto_gen_priv_key()
|
static const char *pers = "ecdsa";
|
||||||
|
|
||||||
|
static void seed_ctr_drbg_context(mbedtls_entropy_context *entropy, mbedtls_ctr_drbg_context *ctr_drbg)
|
||||||
{
|
{
|
||||||
// TODO : check if key exists in memory
|
int ret;
|
||||||
|
|
||||||
int ret = 1;
|
mbedtls_entropy_init(entropy);
|
||||||
|
mbedtls_ctr_drbg_init(ctr_drbg);
|
||||||
const char *pers = "ecdsa";
|
|
||||||
|
|
||||||
mbedtls_entropy_context entropy;
|
|
||||||
mbedtls_entropy_init(&entropy);
|
|
||||||
|
|
||||||
mbedtls_pk_context key;
|
|
||||||
mbedtls_pk_init(&key);
|
|
||||||
|
|
||||||
mbedtls_ctr_drbg_context ctr_drbg;
|
|
||||||
mbedtls_ctr_drbg_init(&ctr_drbg);
|
|
||||||
|
|
||||||
printf("Seed Mbedtls\n");
|
printf("Seed Mbedtls\n");
|
||||||
if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
|
if ((ret = mbedtls_ctr_drbg_seed(ctr_drbg, mbedtls_entropy_func, entropy,
|
||||||
(const unsigned char *)pers,
|
(const unsigned char *)pers,
|
||||||
strlen(pers))) != 0)
|
strlen(pers))) != 0)
|
||||||
{
|
{
|
||||||
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
|
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
|
||||||
reboot();
|
reboot();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
bool crypto_gen_priv_key()
|
||||||
|
{
|
||||||
|
// Check if a private key has already been defined for this device
|
||||||
|
if (storage_get_priv_key(NULL) > 0)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
int ret = 1;
|
||||||
|
|
||||||
|
mbedtls_pk_context key;
|
||||||
|
mbedtls_pk_init(&key);
|
||||||
|
|
||||||
|
mbedtls_entropy_context entropy;
|
||||||
|
mbedtls_ctr_drbg_context ctr_drbg;
|
||||||
|
seed_ctr_drbg_context(&entropy, &ctr_drbg);
|
||||||
|
|
||||||
printf("PK info from type\n");
|
printf("PK info from type\n");
|
||||||
if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0)
|
if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0)
|
||||||
@ -70,23 +78,46 @@ bool crypto_gen_priv_key()
|
|||||||
}
|
}
|
||||||
|
|
||||||
storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret);
|
storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret);
|
||||||
|
free(key_buff);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
void crypto_print_priv_key()
|
||||||
* // Show private key
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
|
||||||
|
size_t key_len = storage_get_priv_key(key_buff);
|
||||||
|
assert(key_len > 0);
|
||||||
|
|
||||||
|
mbedtls_pk_context key;
|
||||||
|
mbedtls_pk_init(&key);
|
||||||
|
|
||||||
|
mbedtls_entropy_context entropy;
|
||||||
|
mbedtls_ctr_drbg_context ctr_drbg;
|
||||||
|
seed_ctr_drbg_context(&entropy, &ctr_drbg);
|
||||||
|
|
||||||
|
printf("Parse private key (len = %d)\n", key_len);
|
||||||
|
if ((ret = mbedtls_pk_parse_key(&key, key_buff, key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
|
||||||
|
{
|
||||||
|
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%04x",
|
||||||
|
(unsigned int)-ret);
|
||||||
|
reboot();
|
||||||
|
}
|
||||||
|
|
||||||
printf("Show private key\n");
|
printf("Show private key\n");
|
||||||
unsigned char *key_buff = malloc(16000);
|
unsigned char *out = malloc(16000);
|
||||||
memset(key_buff, 0, 16000);
|
memset(out, 0, 16000);
|
||||||
if ((ret = mbedtls_pk_write_key_pem(&key, key_buff, 16000)) != 0)
|
if ((ret = mbedtls_pk_write_key_pem(&key, out, 16000)) != 0)
|
||||||
{
|
{
|
||||||
mbedtls_printf(" failed\n ! mbedtls_pk_write_key_pem returned -0x%04x",
|
mbedtls_printf(" failed\n ! mbedtls_pk_write_key_pem returned -0x%04x",
|
||||||
(unsigned int)-ret);
|
(unsigned int)-ret);
|
||||||
reboot();
|
reboot();
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("%s", key_buff);
|
printf("%s", out);
|
||||||
|
free(out);
|
||||||
|
|
||||||
free(key_buff);
|
free(key_buff);
|
||||||
printf("done\n");
|
}
|
||||||
*/
|
|
||||||
|
@ -18,6 +18,11 @@ extern "C"
|
|||||||
*/
|
*/
|
||||||
bool crypto_gen_priv_key();
|
bool crypto_gen_priv_key();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Print current device private key
|
||||||
|
*/
|
||||||
|
void crypto_print_priv_key();
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -29,6 +29,8 @@ void app_main(void)
|
|||||||
{
|
{
|
||||||
printf("Generated device private key!\n");
|
printf("Generated device private key!\n");
|
||||||
}
|
}
|
||||||
|
printf("Device private key:\n");
|
||||||
|
crypto_print_priv_key();
|
||||||
|
|
||||||
reboot();
|
reboot();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user