arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-03-05 17:56:10 +00:00
Code Issues Releases Wiki Activity

Use hmac for checking key integrity

Browse Source
This commit is contained in:
Jochen Hoenicke 2016-04-27 12:27:29 +02:00
parent 01ddb3ff66
commit b3bfc64d2f
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
firmware/u2f.c
View File

@ -31,6 +31,7 @@
#include "curves.h"
#include "nist256p1.h"
#include "rng.h"
#include "hmac.h"
#include "u2f/u2f.h"
#include "u2f/u2f_hid.h"
@ -467,11 +468,8 @@ const HDNode *generateKeyHandle(const uint8_t app_id[], uint8_t key_handle[])
// Signature of app_id and random data
memcpy(&keybase[0], app_id, 32);
memcpy(&keybase[32], key_handle, 32);
uint8_t sig[64];
hdnode_sign(node, (uint8_t *)&keybase, sizeof(keybase), sig, NULL);
// Copy 32 bytes of signature into keyhandle
memcpy(&key_handle[32], sig, 32);
hmac_sha256(node->private_key, sizeof(node->private_key),
keybase, sizeof(keybase), &key_handle[32]);
// Done!
return node;
@ -492,10 +490,11 @@ const HDNode *validateKeyHandle(const uint8_t app_id[], const uint8_t key_handle
memcpy(&keybase[32], key_handle, 32);
uint8_t sig[64];
hdnode_sign(node, (uint8_t *)&keybase, sizeof(keybase), sig, NULL);
uint8_t hmac[32];
hmac_sha256(node->private_key, sizeof(node->private_key),
keybase, sizeof(keybase), hmac);
if (memcmp(&key_handle[32], sig, 32) !=0)
if (memcmp(&key_handle[32], hmac, 32) != 0)
return NULL;
// Done!