From c9eacc4a3d8192bc8f8a208659833b58384fd153 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Sat, 1 Apr 2023 01:05:09 +0200
Subject: [PATCH] Added support for challenge-response HMAC SHA1.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/fido/otp.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/fido/otp.c b/src/fido/otp.c
index 2a1f5c3..d2aebf4 100644
--- a/src/fido/otp.c
+++ b/src/fido/otp.c
@@ -356,6 +356,16 @@ int cmd_otp() {
 #endif
         res_APDU_size = 4;
     }
+    else if (p1 == 0x30 || p1 == 0x38) {
+        file_t *ef = search_dynamic_file(p1 == 0x30 ? EF_OTP_SLOT1 : EF_OTP_SLOT2);
+        if (file_has_data(ef)) {
+            otp_config_t *otp_config = (otp_config_t *)file_get_data(ef);
+            int ret = mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), otp_config->aes_key, KEY_SIZE, apdu.data, 8, res_APDU);
+            if (ret == 0) {
+                res_APDU_size = 20;
+            }
+        }
+    }
     return SW_OK();
 }