fix(core/prodtest): Fix Optiga metadata version information handling.

[no changelog]
6 months ago · dae02b6ac6
parent a67cbcffc3
commit dae02b6ac6
2 changed files with 6 additions and 3 deletions
--- a/core/embed/prodtest/optiga_prodtest.c
+++ b/core/embed/prodtest/optiga_prodtest.c
@ -509,8 +509,10 @@ void keyfido_write(char *data) {
  // Set change access condition for the FIDO key to Int(0xE0E8), so that we
  // can write the FIDO key using the trust anchor in OID 0xE0E8.
  memzero(&metadata, sizeof(metadata));
-  metadata.change.ptr = (const uint8_t *)"\x21\xe0\xe8";
-  metadata.change.len = 3;
+  metadata.change =
+      (const optiga_metadata_item){(const uint8_t[]){0x21, 0xe0, 0xe8}, 3};
+  metadata.version =
+      (const optiga_metadata_item){(const uint8_t[]){0x00, 0x00}, 2};
  if (!set_metadata(OID_KEY_FIDO, &metadata)) {
    return;
  }
--- a/core/embed/trezorhal/optiga/optiga_commands.c
+++ b/core/embed/trezorhal/optiga/optiga_commands.c
@ -849,7 +849,8 @@ optiga_result optiga_set_priv_key(uint16_t oid, const uint8_t priv_key[32]) {
    if (metadata.version.len != 2) {
      return OPTIGA_ERR_UNEXPECTED;
    }
-    payload_version = (metadata.version.ptr[0] << 8) + metadata.version.ptr[1];
+    payload_version =
+        ((metadata.version.ptr[0] & 0x7f) << 8) + metadata.version.ptr[1];
  }
  payload_version += 1;