dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Added support for AES 512 bit key size.

Browse Source 
AES XTS uses two keys. Therefore, XTS with 2 AES 256 implies 64 bytes key length.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2023-03-19 20:22:40 +01:00
parent 86ce01cac2
commit 1c7bc18161
8 changed files with 42 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/hsm/sc_hsm.c
View File

@@ -491,13 +491,13 @@ uint32_t decrement_key_counter(file_t *fkey) {
int store_keys(void *key_ctx, int type, uint8_t key_id) {
int r, key_size = 0;
uint8_t kdata[4096 / 8]; // worst case
if (type == HSM_KEY_RSA) {
if (type & HSM_KEY_RSA) {
mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) key_ctx;
key_size = mbedtls_mpi_size(&rsa->P) + mbedtls_mpi_size(&rsa->Q);
mbedtls_mpi_write_binary(&rsa->P, kdata, key_size / 2);
mbedtls_mpi_write_binary(&rsa->Q, kdata + key_size / 2, key_size / 2);
}
else if (type == HSM_KEY_EC) {
else if (type & HSM_KEY_EC) {
mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *) key_ctx;
key_size = mbedtls_mpi_size(&ecdsa->d);
kdata[0] = ecdsa->grp.id & 0xff;
@@ -514,6 +514,9 @@ int store_keys(void *key_ctx, int type, uint8_t key_id) {
else if (type == HSM_KEY_AES_256) {
key_size = 32;
}
else if (type == HSM_KEY_AES_512) {
key_size = 64;
}
memcpy(kdata, key_ctx, key_size);
}
else {