mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-11 16:00:57 +00:00
test(storage): Update storage tests.
This commit is contained in:
parent
183e53d3c2
commit
09ed141a0a
@ -41,6 +41,6 @@
|
||||
/*
|
||||
* Current storage version.
|
||||
*/
|
||||
#define NORCOW_VERSION ((uint32_t)0x00000004)
|
||||
#define NORCOW_VERSION ((uint32_t)0x00000005)
|
||||
|
||||
#endif
|
||||
|
@ -113,7 +113,7 @@ NORCOW_SECTOR_SIZE = 64 * 1024
|
||||
NORCOW_MAGIC = b"NRC2"
|
||||
|
||||
# Norcow version, set in the storage header, but also as an encrypted item.
|
||||
NORCOW_VERSION = b"\x04\x00\x00\x00"
|
||||
NORCOW_VERSION = b"\x05\x00\x00\x00"
|
||||
|
||||
# Norcow magic combined with the version, which is stored as its negation.
|
||||
NORCOW_MAGIC_AND_VERSION = NORCOW_MAGIC + bytes(
|
||||
|
@ -10,17 +10,13 @@ from . import consts, prng
|
||||
def derive_kek_keiv(salt: bytes, pin: str) -> (bytes, bytes):
|
||||
kdf = PBKDF2HMAC(
|
||||
algorithm=hashes.SHA256(),
|
||||
length=consts.KEK_SIZE + consts.KEIV_SIZE,
|
||||
length=consts.KEK_SIZE,
|
||||
salt=bytes(salt),
|
||||
iterations=10000,
|
||||
iterations=20000,
|
||||
backend=default_backend(),
|
||||
)
|
||||
pbkdf_output = kdf.derive(pin.encode())
|
||||
# the first 256b is Key Encryption Key
|
||||
kek = pbkdf_output[: consts.KEK_SIZE]
|
||||
# following with 96b of Initialization Vector
|
||||
keiv = pbkdf_output[consts.KEK_SIZE :]
|
||||
|
||||
kek = kdf.derive(pin.encode())
|
||||
keiv = b"\0" * consts.KEIV_SIZE
|
||||
return kek, keiv
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user