From 752bf50ad30282709015e968300d79439e4704b0 Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Thu, 15 Aug 2024 13:09:01 +0200
Subject: [PATCH] Write private key

---
 esp32_device/.vscode/settings.json |  3 ++-
 esp32_device/main/constants.h      |  7 ++++++-
 esp32_device/main/crypto.c         | 27 +++++++++++++++++++-------
 esp32_device/main/storage.c        | 31 ++++++++++++++++++++++++++++++
 esp32_device/main/storage.h        | 10 ++++++++++
 5 files changed, 69 insertions(+), 9 deletions(-)

diff --git a/esp32_device/.vscode/settings.json b/esp32_device/.vscode/settings.json
index e28b840..d9b831d 100644
--- a/esp32_device/.vscode/settings.json
+++ b/esp32_device/.vscode/settings.json
@@ -20,6 +20,7 @@
     "ecdsa.h": "c",
     "platform.h": "c",
     "build_info.h": "c",
-    "config_adjust_ssl.h": "c"
+    "config_adjust_ssl.h": "c",
+    "pk.h": "c"
   }
 }
diff --git a/esp32_device/main/constants.h b/esp32_device/main/constants.h
index dcbfeee..ff6bbba 100644
--- a/esp32_device/main/constants.h
+++ b/esp32_device/main/constants.h
@@ -3,4 +3,9 @@
 /**
  * Device name len
  */
-#define DEV_NAME_LEN 10
\ No newline at end of file
+#define DEV_NAME_LEN 10
+
+/**
+ * Private key max length
+ */
+#define PRV_KEY_DER_MAX_BYTES 1500
\ No newline at end of file
diff --git a/esp32_device/main/crypto.c b/esp32_device/main/crypto.c
index 2890ff0..795aecd 100644
--- a/esp32_device/main/crypto.c
+++ b/esp32_device/main/crypto.c
@@ -1,5 +1,7 @@
 #include "crypto.h"
 #include "system.h"
+#include "constants.h"
+#include "storage.h"
 
 #include <string.h>
 #include <mbedtls/build_info.h>
@@ -10,9 +12,6 @@
 #include <mbedtls/sha256.h>
 #include <mbedtls/pk.h>
 
-/*
- * Uncomment to force use of a specific curve
- */
 #define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
 
 bool crypto_gen_priv_key()
@@ -60,7 +59,23 @@ bool crypto_gen_priv_key()
         reboot();
     }
 
-    // Show private key
+    // Export private key
+    printf("Export private key\n");
+    unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
+    if ((ret = mbedtls_pk_write_key_der(&key, key_buff, PRV_KEY_DER_MAX_BYTES)) < 1)
+    {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_write_key_der returned -0x%04x",
+                       (unsigned int)-ret);
+        reboot();
+    }
+
+    storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret);
+
+    return true;
+}
+
+/**
+ * // Show private key
     printf("Show private key\n");
     unsigned char *key_buff = malloc(16000);
     memset(key_buff, 0, 16000);
@@ -74,6 +89,4 @@ bool crypto_gen_priv_key()
     printf("%s", key_buff);
     free(key_buff);
     printf("done\n");
-
-    return true;
-}
\ No newline at end of file
+*/
\ No newline at end of file
diff --git a/esp32_device/main/storage.c b/esp32_device/main/storage.c
index 1fdb4f3..864dc9d 100644
--- a/esp32_device/main/storage.c
+++ b/esp32_device/main/storage.c
@@ -7,6 +7,7 @@
 #define STORAGE_NAMESPACE "storage"
 
 #define DEV_NAME_KEY "dev_name"
+#define PRIVATE_KEY "prikey"
 
 bool storage_init()
 {
@@ -51,5 +52,35 @@ size_t storage_get_dev_name(char *dest)
 
     ESP_ERROR_CHECK(res);
 
+    return len;
+}
+
+void storage_set_priv_key(unsigned char *key, size_t len)
+{
+    nvs_handle_t my_handle;
+
+    ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
+
+    ESP_ERROR_CHECK(nvs_set_blob(my_handle, PRIVATE_KEY, key, len));
+
+    nvs_close(my_handle);
+}
+
+size_t storage_get_priv_key(unsigned char *key)
+{
+    nvs_handle_t my_handle;
+
+    ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
+
+    size_t len = (key == NULL ? 0 : PRV_KEY_DER_MAX_BYTES);
+    esp_err_t res = nvs_get_blob(my_handle, PRIVATE_KEY, key, &len);
+
+    nvs_close(my_handle);
+
+    if (res == ESP_ERR_NVS_NOT_FOUND || len == 0)
+        return 0;
+
+    ESP_ERROR_CHECK(res);
+
     return len;
 }
\ No newline at end of file
diff --git a/esp32_device/main/storage.h b/esp32_device/main/storage.h
index 5df1487..bc07246 100644
--- a/esp32_device/main/storage.h
+++ b/esp32_device/main/storage.h
@@ -27,6 +27,16 @@ extern "C"
      */
     size_t storage_get_dev_name(char *dest);
 
+    /**
+     * Write private key
+     */
+    void storage_set_priv_key(unsigned char *key, size_t len);
+
+    /**
+     * Get current private key
+     */
+    size_t storage_get_priv_key(unsigned char *key);
+
 #ifdef __cplusplus
 }
 #endif