Mirror/Momentum-Firmware
1
0
Fork 0
mirror of https://github.com/Next-Flip/Momentum-Firmware.git synced 2026-05-10 05:59:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/DarkFlippers/unleashed-firmware into xfw-dev --nobuild

Browse Source
This commit is contained in:
Willy-JL
2023-08-13 02:26:24 +02:00
parent 5e710916d6 ff17f33a36
commit 1e2f2cc784
95 changed files with 1850 additions and 299 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
applications/main/u2f/u2f_data.c
View File

@@ -8,7 +8,7 @@
#define TAG "U2F"
#define U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_FACTORY 2
#define U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE 11
#define U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE FURI_HAL_CRYPTO_ENCLAVE_UNIQUE_KEY_SLOT
#define U2F_CERT_STOCK 0 // Stock certificate, private key is encrypted with factory key
#define U2F_CERT_USER 1 // User certificate, private key is encrypted with unique key
@@ -130,7 +130,7 @@ static bool u2f_data_cert_key_encrypt(uint8_t* cert_key) {
// Generate random IV
furi_hal_random_fill_buf(iv, 16);
if(!furi_hal_crypto_store_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
if(!furi_hal_crypto_enclave_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
return false;
}
@@ -139,7 +139,7 @@ static bool u2f_data_cert_key_encrypt(uint8_t* cert_key) {
FURI_LOG_E(TAG, "Encryption failed");
return false;
}
furi_hal_crypto_store_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
furi_hal_crypto_enclave_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
Storage* storage = furi_record_open(RECORD_STORAGE);
FlipperFormat* flipper_format = flipper_format_file_alloc(storage);
@@ -172,8 +172,8 @@ bool u2f_data_cert_key_load(uint8_t* cert_key) {
uint8_t key_slot = 0;
uint32_t version = 0;
// Check if unique key exists in secure eclave(typo?) and generate it if missing
if(!furi_hal_crypto_verify_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE)) return false;
// Check if unique key exists in secure eclave and generate it if missing
if(!furi_hal_crypto_enclave_ensure_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE)) return false;
FuriString* filetype;
filetype = furi_string_alloc();
@@ -220,7 +220,7 @@ bool u2f_data_cert_key_load(uint8_t* cert_key) {
break;
}
if(!furi_hal_crypto_store_load_key(key_slot, iv)) {
if(!furi_hal_crypto_enclave_load_key(key_slot, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
break;
}
@@ -231,7 +231,7 @@ bool u2f_data_cert_key_load(uint8_t* cert_key) {
FURI_LOG_E(TAG, "Decryption failed");
break;
}
furi_hal_crypto_store_unload_key(key_slot);
furi_hal_crypto_enclave_unload_key(key_slot);
} else {
if(!flipper_format_read_hex(flipper_format, "Data", cert_key, 32)) {
FURI_LOG_E(TAG, "Missing data");
@@ -286,7 +286,7 @@ bool u2f_data_key_load(uint8_t* device_key) {
FURI_LOG_E(TAG, "Missing data");
break;
}
if(!furi_hal_crypto_store_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
if(!furi_hal_crypto_enclave_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
break;
}
@@ -296,7 +296,7 @@ bool u2f_data_key_load(uint8_t* device_key) {
FURI_LOG_E(TAG, "Decryption failed");
break;
}
furi_hal_crypto_store_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
furi_hal_crypto_enclave_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
state = true;
} while(0);
}
@@ -318,7 +318,7 @@ bool u2f_data_key_generate(uint8_t* device_key) {
furi_hal_random_fill_buf(iv, 16);
furi_hal_random_fill_buf(key, 32);
if(!furi_hal_crypto_store_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
if(!furi_hal_crypto_enclave_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
return false;
}
@@ -327,7 +327,7 @@ bool u2f_data_key_generate(uint8_t* device_key) {
FURI_LOG_E(TAG, "Encryption failed");
return false;
}
furi_hal_crypto_store_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
furi_hal_crypto_enclave_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
Storage* storage = furi_record_open(RECORD_STORAGE);
FlipperFormat* flipper_format = flipper_format_file_alloc(storage);
@@ -392,7 +392,7 @@ bool u2f_data_cnt_read(uint32_t* cnt_val) {
FURI_LOG_E(TAG, "Missing data");
break;
}
if(!furi_hal_crypto_store_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
if(!furi_hal_crypto_enclave_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
break;
}
@@ -402,7 +402,7 @@ bool u2f_data_cnt_read(uint32_t* cnt_val) {
FURI_LOG_E(TAG, "Decryption failed");
break;
}
furi_hal_crypto_store_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
furi_hal_crypto_enclave_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
if(cnt.control == U2F_COUNTER_CONTROL_VAL) {
*cnt_val = cnt.counter;
state = true;
@@ -434,7 +434,7 @@ bool u2f_data_cnt_write(uint32_t cnt_val) {
cnt.control = U2F_COUNTER_CONTROL_VAL;
cnt.counter = cnt_val;
if(!furi_hal_crypto_store_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
if(!furi_hal_crypto_enclave_load_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE, iv)) {
FURI_LOG_E(TAG, "Unable to load encryption key");
return false;
}
@@ -443,7 +443,7 @@ bool u2f_data_cnt_write(uint32_t cnt_val) {
FURI_LOG_E(TAG, "Encryption failed");
return false;
}
furi_hal_crypto_store_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
furi_hal_crypto_enclave_unload_key(U2F_DATA_FILE_ENCRYPTION_KEY_SLOT_UNIQUE);
Storage* storage = furi_record_open(RECORD_STORAGE);
FlipperFormat* flipper_format = flipper_format_file_alloc(storage);