From 79c69a66170128a4c98750cd0bdd8e2ef9d1ae0d Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Sun, 10 Nov 2024 18:56:46 +0100
Subject: [PATCH] OTP key is used to mask the DEK.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/openpgp/openpgp.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/openpgp/openpgp.c b/src/openpgp/openpgp.c
index 2b1c03e..926fbb1 100644
--- a/src/openpgp/openpgp.c
+++ b/src/openpgp/openpgp.c
@@ -32,6 +32,7 @@
 #include "asn1.h"
 #include "usb.h"
 #include "ccid/ccid.h"
+#include "otp.h"
 
 uint8_t PICO_PRODUCT = 3;
 
@@ -317,6 +318,11 @@ int load_dek() {
     if (r != 0) {
         return PICOKEY_EXEC_ERROR;
     }
+    if (otp_key_1) {
+        for (int i = 0; i < 32; i++) {
+            dek[IV_SIZE + i] ^= otp_key_1[i];
+        }
+    }
     return PICOKEY_OK;
 }