arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-08-02 11:58:32 +00:00
Code Issues Releases Wiki Activity

fixup! feat(core): Implement OPTIGA provisioning in prodtest.

Browse Source
This commit is contained in:
Andrew Kozlik 2023-08-07 10:57:09 +02:00
parent 04c5d1bed7
commit c77f1114a6
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/embed/prodtest/main.c
View File

@ -975,7 +975,10 @@ static void keyfido_write(char *data) {
// Decrypt the FIDO attestation key. // Decrypt the FIDO attestation key.
uint8_t fido_key[32] = {0}; uint8_t fido_key[32] = {0};
uint8_t iv[16] = {0};
// The IV is intentionally all-zero, which is not a problem, because the
// encryption key is unique for each ciphertext.
uint8_t iv[AES_BLOCK_SIZE] = {0};
aes_ret = aes_cbc_decrypt(&data_bytes[CIPHERTEXT_OFFSET], fido_key, aes_ret = aes_cbc_decrypt(&data_bytes[CIPHERTEXT_OFFSET], fido_key,
sizeof(fido_key), iv, &ctx); sizeof(fido_key), iv, &ctx);
memzero(&ctx, sizeof(ctx)); memzero(&ctx, sizeof(ctx));