dearsky/pico-openpgp
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 15 Wiki Activity

Upgrade pico keys sdk.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2024-11-09 00:36:21 +01:00
parent 442caa2716
commit 2747083672
4 changed files with 85 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pico-keys-sdk

Submodule pico-keys-sdk updated: 84c3efd782...5bce3e4c83

4
src/openpgp/management.c
View File

@@ -39,7 +39,7 @@ int man_select(app_t *a, uint8_t force) {
res_APDU_size = strlen((char *) res_APDU);
apdu.ne = res_APDU_size;
init_piv();
return CCID_OK;
return PICOKEY_OK;
}
INITIALIZER( man_ctor ) {
@@ -47,7 +47,7 @@ INITIALIZER( man_ctor ) {
}
int man_unload() {
return CCID_OK;
return PICOKEY_OK;
}
bool cap_supported(uint16_t cap) {

144
src/openpgp/openpgp.c
View File

@@ -291,13 +291,13 @@ extern bool has_pwpiv;
extern uint8_t session_pwpiv[32];
int load_dek() {
if (!has_pw1 && !has_pw2 && !has_pw3 && !has_pwpiv) {
return CCID_NO_LOGIN;
return PICOKEY_NO_LOGIN;
}
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
if (!tf) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
int r = CCID_OK;
int r = PICOKEY_OK;
if (has_pw1 || has_pw2) {
memcpy(dek, file_get_data(tf), IV_SIZE + 32);
r = aes_decrypt_cfb_256(session_pw1, dek, dek + IV_SIZE, 32);
@@ -313,9 +313,9 @@ int load_dek() {
r = aes_decrypt_cfb_256(session_pwpiv, dek, dek + IV_SIZE, 32);
}
if (r != 0) {
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
return CCID_OK;
return PICOKEY_OK;
}
void release_dek() {
@@ -324,7 +324,7 @@ void release_dek() {
int dek_encrypt(uint8_t *data, size_t len) {
int r;
if ((r = load_dek()) != CCID_OK) {
if ((r = load_dek()) != PICOKEY_OK) {
return r;
}
r = aes_encrypt_cfb_256(dek + IV_SIZE, dek, data, len);
@@ -334,7 +334,7 @@ int dek_encrypt(uint8_t *data, size_t len) {
int dek_decrypt(uint8_t *data, size_t len) {
int r;
if ((r = load_dek()) != CCID_OK) {
if ((r = load_dek()) != PICOKEY_OK) {
return r;
}
r = aes_decrypt_cfb_256(dek + IV_SIZE, dek, data, len);
@@ -360,7 +360,7 @@ int openpgp_unload() {
algo_aut = EF_ALGO_PRIV3;
pk_dec = EF_PK_DEC;
pk_aut = EF_PK_AUT;
return CCID_OK;
return PICOKEY_OK;
}
extern char __StackLimit;
@@ -390,7 +390,7 @@ int openpgp_select_aid(app_t *a, uint8_t force) {
res_APDU[res_APDU_size++] = ((heap_left >> 0) & 0xff);
res_APDU[1] += 8;
apdu.ne = res_APDU_size;
return CCID_OK;
return PICOKEY_OK;
}
INITIALIZER( openpgp_ctor ) {
@@ -479,32 +479,32 @@ int inc_sig_count() {
}
file_t *ef = search_by_fid(EF_SIG_COUNT, NULL, SPECIFY_ANY);
if (!ef || !ef->data) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
uint8_t *p = file_get_data(ef);
uint32_t counter = (p[0] << 16) | (p[1] << 8) | p[2];
counter++;
uint8_t q[3] = { (counter >> 16) & 0xff, (counter >> 8) & 0xff, counter & 0xff };
int r = file_put_data(ef, q, sizeof(q));
if (r != CCID_OK) {
return CCID_EXEC_ERROR;
if (r != PICOKEY_OK) {
return PICOKEY_EXEC_ERROR;
}
low_flash_available();
return CCID_OK;
return PICOKEY_OK;
}
int reset_sig_count() {
file_t *ef = search_by_fid(EF_SIG_COUNT, NULL, SPECIFY_ANY);
if (!ef || !ef->data) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
uint8_t q[3] = { 0 };
int r = file_put_data(ef, q, sizeof(q));
if (r != CCID_OK) {
return CCID_EXEC_ERROR;
if (r != PICOKEY_OK) {
return PICOKEY_EXEC_ERROR;
}
low_flash_available();
return CCID_OK;
return PICOKEY_OK;
}
int parse_sec_tpl(const file_t *f, int mode) {
@@ -851,21 +851,21 @@ static int cmd_get_data() {
int pin_reset_retries(const file_t *pin, bool force) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
return PICOKEY_ERR_NULL_PARAM;
}
file_t *pw_status = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_EF);
file_t *pw_retries = search_by_fid(EF_PW_RETRIES, NULL, SPECIFY_EF);
if (!pw_status || !pw_retries) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
if (3 + (pin->fid & 0xf) >= file_get_size(pw_status) || (pin->fid & 0xf) >= file_get_size(pw_retries)) {
return CCID_ERR_MEMORY_FATAL;
return PICOKEY_ERR_MEMORY_FATAL;
}
uint8_t p[64];
memcpy(p, file_get_data(pw_status), file_get_size(pw_status));
uint8_t retries = p[3 + (pin->fid & 0xf)];
if (retries == 0 && force == false) { //blocked
return CCID_ERR_BLOCKED;
return PICOKEY_ERR_BLOCKED;
}
uint8_t max_retries = file_get_data(pw_retries)[(pin->fid & 0xf)];
p[3 + (pin->fid & 0xf)] = max_retries;
@@ -876,27 +876,27 @@ int pin_reset_retries(const file_t *pin, bool force) {
int pin_wrong_retry(const file_t *pin) {
if (!pin) {
return CCID_ERR_NULL_PARAM;
return PICOKEY_ERR_NULL_PARAM;
}
file_t *pw_status = search_by_fid(EF_PW_PRIV, NULL, SPECIFY_EF);
if (!pw_status) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
uint8_t p[64];
memcpy(p, file_get_data(pw_status), file_get_size(pw_status));
if (p[3 + (pin->fid & 0xf)] > 0) {
p[3 + (pin->fid & 0xf)] -= 1;
int r = file_put_data(pw_status, p, file_get_size(pw_status));
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return r;
}
low_flash_available();
if (p[3 + (pin->fid & 0xf)] == 0) {
return CCID_ERR_BLOCKED;
return PICOKEY_ERR_BLOCKED;
}
return p[3 + (pin->fid & 0xf)];
}
return CCID_ERR_BLOCKED;
return PICOKEY_ERR_BLOCKED;
}
int check_pin(const file_t *pin, const uint8_t *data, size_t len) {
@@ -916,17 +916,17 @@ int check_pin(const file_t *pin, const uint8_t *data, size_t len) {
}
if (memcmp(file_get_data(pin) + 1, dhash, sizeof(dhash)) != 0) {
int retries;
if ((retries = pin_wrong_retry(pin)) < CCID_OK) {
if ((retries = pin_wrong_retry(pin)) < PICOKEY_OK) {
return SW_PIN_BLOCKED();
}
return set_res_sw(0x63, 0xc0 | retries);
}
int r = pin_reset_retries(pin, false);
if (r == CCID_ERR_BLOCKED) {
if (r == PICOKEY_ERR_BLOCKED) {
return SW_PIN_BLOCKED();
}
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_MEMORY_FAILURE();
}
isUserAuthenticated = true;
@@ -1021,7 +1021,7 @@ static int cmd_put_data() {
int r = 0;
if (fid == EF_RC) {
has_rc = false;
if ((r = load_dek()) != CCID_OK) {
if ((r = load_dek()) != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
uint8_t dhash[33];
@@ -1043,7 +1043,7 @@ static int cmd_put_data() {
else {
r = file_put_data(ef, apdu.data, apdu.nc);
}
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_MEMORY_FAILURE();
}
low_flash_available();
@@ -1062,7 +1062,7 @@ static int cmd_change_pin() {
}
uint8_t pin_len = file_get_data(pw)[0];
uint16_t r = 0;
if ((r = load_dek()) != CCID_OK) {
if ((r = load_dek()) != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
r = check_pin(pw, apdu.data, pin_len);
@@ -1130,7 +1130,7 @@ static int cmd_reset_retry() {
newpin_len = apdu.nc;
}
int r = 0;
if ((r = load_dek()) != CCID_OK) {
if ((r = load_dek()) != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
@@ -1148,7 +1148,7 @@ static int cmd_reset_retry() {
dhash[0] = newpin_len;
double_hash_pin(apdu.data + (apdu.nc - newpin_len), newpin_len, dhash + 1);
file_put_data(pw, dhash, sizeof(dhash));
if (pin_reset_retries(pw, true) != CCID_OK) {
if (pin_reset_retries(pw, true) != PICOKEY_OK) {
return SW_MEMORY_FAILURE();
}
low_flash_available();
@@ -1162,13 +1162,13 @@ int store_keys(void *key_ctx, int type, uint16_t key_id, bool use_kek) {
uint8_t kdata[4096 / 8]; //worst
//if (!has_pw3)
// return CCID_NO_LOGIN;
// return PICOKEY_NO_LOGIN;
//file_t *pw3 = search_by_fid(EF_PW3, NULL, SPECIFY_EF);
//if (!pw3)
// return CCID_ERR_FILE_NOT_FOUND;
// return PICOKEY_ERR_FILE_NOT_FOUND;
file_t *ef = search_by_fid(key_id, NULL, SPECIFY_EF);
if (!ef) {
return CCID_ERR_FILE_NOT_FOUND;
return PICOKEY_ERR_FILE_NOT_FOUND;
}
if (type == ALGO_RSA) {
mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) key_ctx;
@@ -1197,19 +1197,19 @@ int store_keys(void *key_ctx, int type, uint16_t key_id, bool use_kek) {
}
if (use_kek) {
r = dek_encrypt(kdata, key_size);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return r;
}
}
//r = aes_encrypt_cfb_256(file_read(pw3->data+2), session_pw3, kdata, key_size);
//if (r != CCID_OK)
//if (r != PICOKEY_OK)
// return r;
r = file_put_data(ef, kdata, key_size);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return r;
}
low_flash_available();
return CCID_OK;
return PICOKEY_OK;
}
int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey, bool use_dek) {
@@ -1217,33 +1217,33 @@ int load_private_key_rsa(mbedtls_rsa_context *ctx, file_t *fkey, bool use_dek) {
uint8_t kdata[4096 / 8];
memcpy(kdata, file_get_data(fkey), key_size);
if (use_dek && dek_decrypt(kdata, key_size) != 0) {
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
if (mbedtls_mpi_read_binary(&ctx->P, kdata, key_size / 2) != 0) {
mbedtls_rsa_free(ctx);
return CCID_WRONG_DATA;
return PICOKEY_WRONG_DATA;
}
if (mbedtls_mpi_read_binary(&ctx->Q, kdata + key_size / 2, key_size / 2) != 0) {
mbedtls_rsa_free(ctx);
return CCID_WRONG_DATA;
return PICOKEY_WRONG_DATA;
}
if (mbedtls_mpi_lset(&ctx->E, 0x10001) != 0) {
mbedtls_rsa_free(ctx);
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
if (mbedtls_rsa_import(ctx, NULL, &ctx->P, &ctx->Q, NULL, &ctx->E) != 0) {
mbedtls_rsa_free(ctx);
return CCID_WRONG_DATA;
return PICOKEY_WRONG_DATA;
}
if (mbedtls_rsa_complete(ctx) != 0) {
mbedtls_rsa_free(ctx);
return CCID_WRONG_DATA;
return PICOKEY_WRONG_DATA;
}
if (mbedtls_rsa_check_privkey(ctx) != 0) {
mbedtls_rsa_free(ctx);
return CCID_WRONG_DATA;
return PICOKEY_WRONG_DATA;
}
return CCID_OK;
return PICOKEY_OK;
}
int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey, bool use_dek) {
@@ -1251,30 +1251,30 @@ int load_private_key_ecdsa(mbedtls_ecdsa_context *ctx, file_t *fkey, bool use_de
uint8_t kdata[67]; //Worst case, 521 bit + 1byte
memcpy(kdata, file_get_data(fkey), key_size);
if (use_dek && dek_decrypt(kdata, key_size) != 0) {
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
mbedtls_ecp_group_id gid = kdata[0];
int r = mbedtls_ecp_read_key(gid, ctx, kdata + 1, key_size - 1);
if (r != 0) {
mbedtls_ecdsa_free(ctx);
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
mbedtls_platform_zeroize(kdata, sizeof(kdata));
r = mbedtls_ecp_mul(&ctx->grp, &ctx->Q, &ctx->d, &ctx->grp.G, random_gen, NULL);
if (r != 0) {
mbedtls_ecdsa_free(ctx);
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
return CCID_OK;
return PICOKEY_OK;
}
int load_aes_key(uint8_t *aes_key, file_t *fkey) {
int key_size = file_get_size(fkey);
memcpy(aes_key, file_get_data(fkey), key_size);
if (dek_decrypt(aes_key, key_size) != 0) {
return CCID_EXEC_ERROR;
return PICOKEY_EXEC_ERROR;
}
return CCID_OK;
return PICOKEY_OK;
}
mbedtls_ecp_group_id get_ec_group_id_from_attr(const uint8_t *algo, size_t algo_len) {
@@ -1359,7 +1359,7 @@ static int cmd_keypair_gen() {
}
uint16_t fid = 0x0;
int r = CCID_OK;
int r = PICOKEY_OK;
if (apdu.data[0] == 0xB6) {
fid = EF_PK_SIG;
}
@@ -1400,7 +1400,7 @@ static int cmd_keypair_gen() {
r = store_keys(&rsa, ALGO_RSA, fid, true);
make_rsa_response(&rsa);
mbedtls_rsa_free(&rsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -1421,7 +1421,7 @@ static int cmd_keypair_gen() {
r = store_keys(&ecdsa, algo[0], fid, true);
make_ecdsa_response(&ecdsa);
mbedtls_ecdsa_free(&ecdsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -1433,7 +1433,7 @@ static int cmd_keypair_gen() {
return SW_REFERENCE_NOT_FOUND();
}
r = file_put_data(pbef, res_APDU, res_APDU_size);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
if (fid == EF_PK_SIG) {
@@ -1447,7 +1447,7 @@ static int cmd_keypair_gen() {
memcpy(aes_key, random_bytes_get(key_size), key_size);
r = store_keys(aes_key, ALGO_AES_256, EF_AES_KEY, true);
/* if storing the key fails, we silently continue */
//if (r != CCID_OK)
//if (r != PICOKEY_OK)
// return SW_EXEC_ERROR();
}
low_flash_available();
@@ -1596,19 +1596,19 @@ static int cmd_pso() {
if (wait_button_pressed(pk_fid == EF_PK_SIG ? EF_UIF_SIG : EF_UIF_DEC) == true) {
return SW_SECURE_MESSAGE_EXEC_ERROR();
}
int r = CCID_OK;
int r = PICOKEY_OK;
int key_size = file_get_size(ef);
if (is_aes) {
uint8_t aes_key[32];
r = load_aes_key(aes_key, ef);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
memset(aes_key, 0, sizeof(aes_key));
return SW_EXEC_ERROR();
}
if (P1(apdu) == 0x80 && P2(apdu) == 0x86) { //decipher
r = aes_decrypt(aes_key, NULL, key_size, PICO_KEYS_AES_MODE_CBC, apdu.data + 1, apdu.nc - 1);
memset(aes_key, 0, sizeof(aes_key));
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
memcpy(res_APDU, apdu.data + 1, apdu.nc - 1);
@@ -1617,7 +1617,7 @@ static int cmd_pso() {
else if (P1(apdu) == 0x86 && P2(apdu) == 0x80) { //encipher
r = aes_encrypt(aes_key, NULL, key_size, PICO_KEYS_AES_MODE_CBC, apdu.data, apdu.nc);
memset(aes_key, 0, sizeof(aes_key));
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
res_APDU[0] = 0x2;
@@ -1630,7 +1630,7 @@ static int cmd_pso() {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
r = load_private_key_rsa(&ctx, ef, true);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_rsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -1669,7 +1669,7 @@ static int cmd_pso() {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
r = load_private_key_ecdsa(&ctx, ef, true);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -1794,12 +1794,12 @@ static int cmd_internal_aut() {
if (wait_button_pressed(EF_UIF_AUT) == true) {
return SW_SECURE_MESSAGE_EXEC_ERROR();
}
int r = CCID_OK;
int r = PICOKEY_OK;
if (algo[0] == ALGO_RSA) {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
r = load_private_key_rsa(&ctx, ef, true);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_rsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -1815,7 +1815,7 @@ static int cmd_internal_aut() {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
r = load_private_key_ecdsa(&ctx, ef, true);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -1988,7 +1988,7 @@ static int cmd_import_data() {
r = store_keys(&rsa, ALGO_RSA, fid, true);
make_rsa_response(&rsa);
mbedtls_rsa_free(&rsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -2021,7 +2021,7 @@ static int cmd_import_data() {
r = store_keys(&ecdsa, ALGO_ECDSA, fid, true);
make_ecdsa_response(&ecdsa);
mbedtls_ecdsa_free(&ecdsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -2036,7 +2036,7 @@ static int cmd_import_data() {
return SW_REFERENCE_NOT_FOUND();
}
r = file_put_data(pbef, res_APDU, res_APDU_size);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
res_APDU_size = 0; //make_*_response sets a response. we need to overwrite

20
src/openpgp/piv.c
View File

@@ -270,7 +270,7 @@ void init_piv() {
}
int piv_unload() {
return CCID_OK;
return PICOKEY_OK;
}
void select_piv_aid() {
@@ -306,7 +306,7 @@ int piv_select_aid(app_t *a, uint8_t force) {
a->unload = piv_unload;
init_piv();
select_piv_aid();
return CCID_OK;
return PICOKEY_OK;
}
INITIALIZER( piv_ctor ) {
@@ -469,7 +469,7 @@ static int cmd_get_metadata() {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
int r = load_private_key_rsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_rsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -488,7 +488,7 @@ static int cmd_get_metadata() {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
int r = load_private_key_ecdsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -690,7 +690,7 @@ static int cmd_authenticate() {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
int r = load_private_key_rsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_rsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -724,7 +724,7 @@ static int cmd_authenticate() {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
int r = load_private_key_ecdsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -905,7 +905,7 @@ static int cmd_asym_keygen() {
file_put_data(ef, cert + sizeof(cert) - r, r);
r = store_keys(&rsa, ALGO_RSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
mbedtls_rsa_free(&rsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -926,7 +926,7 @@ static int cmd_asym_keygen() {
file_put_data(ef, cert + sizeof(cert) - r, r);
r = store_keys(&ecdsa, ALGO_ECDSA, key_ref == 0x93 ? EF_PIV_KEY_RETIRED18 : key_ref, false);
mbedtls_ecdsa_free(&ecdsa);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
return SW_EXEC_ERROR();
}
}
@@ -1155,7 +1155,7 @@ static int cmd_attestation() {
mbedtls_rsa_context ctx;
mbedtls_rsa_init(&ctx);
r = load_private_key_rsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_rsa_free(&ctx);
return SW_EXEC_ERROR();
}
@@ -1166,7 +1166,7 @@ static int cmd_attestation() {
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
r = load_private_key_ecdsa(&ctx, ef_key, false);
if (r != CCID_OK) {
if (r != PICOKEY_OK) {
mbedtls_ecdsa_free(&ctx);
return SW_EXEC_ERROR();
}