From dae02b6ac6bdce922e8b5a2aeffb3ad7cb124958 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Wed, 13 Dec 2023 23:05:50 +0100 Subject: [PATCH] fix(core/prodtest): Fix Optiga metadata version information handling. [no changelog] --- core/embed/prodtest/optiga_prodtest.c | 6 ++++-- core/embed/trezorhal/optiga/optiga_commands.c | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/core/embed/prodtest/optiga_prodtest.c b/core/embed/prodtest/optiga_prodtest.c index 71980ecdbf..b8efdeee6e 100644 --- a/core/embed/prodtest/optiga_prodtest.c +++ b/core/embed/prodtest/optiga_prodtest.c @@ -509,8 +509,10 @@ void keyfido_write(char *data) { // Set change access condition for the FIDO key to Int(0xE0E8), so that we // can write the FIDO key using the trust anchor in OID 0xE0E8. memzero(&metadata, sizeof(metadata)); - metadata.change.ptr = (const uint8_t *)"\x21\xe0\xe8"; - metadata.change.len = 3; + metadata.change = + (const optiga_metadata_item){(const uint8_t[]){0x21, 0xe0, 0xe8}, 3}; + metadata.version = + (const optiga_metadata_item){(const uint8_t[]){0x00, 0x00}, 2}; if (!set_metadata(OID_KEY_FIDO, &metadata)) { return; } diff --git a/core/embed/trezorhal/optiga/optiga_commands.c b/core/embed/trezorhal/optiga/optiga_commands.c index 0e69ac40ef..c62363da62 100644 --- a/core/embed/trezorhal/optiga/optiga_commands.c +++ b/core/embed/trezorhal/optiga/optiga_commands.c @@ -849,7 +849,8 @@ optiga_result optiga_set_priv_key(uint16_t oid, const uint8_t priv_key[32]) { if (metadata.version.len != 2) { return OPTIGA_ERR_UNEXPECTED; } - payload_version = (metadata.version.ptr[0] << 8) + metadata.version.ptr[1]; + payload_version = + ((metadata.version.ptr[0] & 0x7f) << 8) + metadata.version.ptr[1]; } payload_version += 1;