bootutil: Improve HKDF code (c412cdfb) · Commits · Wenxi XU / Mcuboot

boot/bootutil/src/encrypted_psa.c

+17 −9

Original line number	Diff line number	Diff line
		@@ -43,6 +43,16 @@ static const uint8_t ec_pubkey_oid[] = MBEDTLS_OID_ISO_IDENTIFIED_ORG \

		#define PRIV_KEY_LEN 32

		/* Partitioning of HKDF derived material, from the exchange derived key */
		/* AES key encryption key */
		#define HKDF_AES_KEY_INDEX 0
		#define HKDF_ASE_KEY_SIZE (BOOT_ENC_KEY_SIZE)
		/* MAC feed */
		#define HKDF_MAC_FEED_INDEX (HKDF_AES_KEY_INDEX + HKDF_ASE_KEY_SIZE)
		#define HKDF_MAC_FEED_SIZE (32) /* This is SHA independent */
		/* Total size */
		#define HKDF_SIZE (HKDF_ASE_KEY_SIZE + HKDF_MAC_FEED_SIZE)

		/* Fixme: This duplicates code from encrypted.c and depends on mbedtls */
		static int
		parse_x25519_enckey(uint8_t *p, uint8_t end, uint8_t *private_key)
		@@ -114,7 +124,7 @@ extern const struct bootutil_key bootutil_enc_key;
		int
		boot_decrypt_key(const uint8_t buf, uint8_t enckey)
		{
		uint8_t derived_key[BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
		uint8_t derived_key[HKDF_SIZE];
		uint8_t *cp;
		uint8_t *cpend;
		uint8_t private_key[PRIV_KEY_LEN];
		@@ -208,7 +218,7 @@ boot_decrypt_key(const uint8_t buf, uint8_t enckey)
		return -1;
		}

		len = BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;
		len = HKDF_SIZE;
		psa_ret = psa_key_derivation_output_bytes(&key_do, derived_key, len);
		psa_cleanup_ret = psa_key_derivation_abort(&key_do);
		if (psa_cleanup_ret != PSA_SUCCESS) {
		@@ -227,13 +237,10 @@ boot_decrypt_key(const uint8_t buf, uint8_t enckey)
		psa_set_key_usage_flags(&kattr, PSA_KEY_USAGE_VERIFY_MESSAGE);
		psa_set_key_algorithm(&kattr, PSA_ALG_HMAC(PSA_ALG_SHA_256));

		/* Import the MAC tag key part of derived key, that is the part that starts
		* after BOOT_ENC_KEY_SIZE and has length of
		* BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE bytes.
		*/
		/* Import the MAC tag key part of derived key */
		psa_ret = psa_import_key(&kattr,
		&derived_key[BOOT_ENC_KEY_SIZE],
		BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE, &kid);
		&derived_key[HKDF_MAC_FEED_INDEX],
		HKDF_MAC_FEED_SIZE, &kid);
		psa_reset_key_attributes(&kattr);
		if (psa_ret != PSA_SUCCESS) {
		memset(derived_key, 0, sizeof(derived_key));
		@@ -262,7 +269,8 @@ boot_decrypt_key(const uint8_t buf, uint8_t enckey)
		psa_set_key_algorithm(&kattr, PSA_ALG_CTR);

		/* Import the AES partition of derived key, the first 16 bytes */
		psa_ret = psa_import_key(&kattr, &derived_key[0], BOOT_ENC_KEY_SIZE, &kid);
		psa_ret = psa_import_key(&kattr, &derived_key[HKDF_AES_KEY_INDEX],
		HKDF_ASE_KEY_SIZE, &kid);
		memset(derived_key, 0, sizeof(derived_key));
		if (psa_ret != PSA_SUCCESS) {
		BOOT_LOG_ERR("AES key import failed %d", psa_ret);

Admin message