Skip to content

Commit c412cdf

Browse files
de-nordicde-nordic
committed
bootutil: Improve HKDF code
Provide proper identifiers for size and partitioning of the HKDF output. Signed-off-by: Dominik Ermel <[email protected]>
1 parent 454cae8 commit c412cdf

File tree

1 file changed

+17
-9
lines changed

1 file changed

+17
-9
lines changed

boot/bootutil/src/encrypted_psa.c

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,16 @@ static const uint8_t ec_pubkey_oid[] = MBEDTLS_OID_ISO_IDENTIFIED_ORG \
4343

4444
#define PRIV_KEY_LEN 32
4545

46+
/* Partitioning of HKDF derived material, from the exchange derived key */
47+
/* AES key encryption key */
48+
#define HKDF_AES_KEY_INDEX 0
49+
#define HKDF_ASE_KEY_SIZE (BOOT_ENC_KEY_SIZE)
50+
/* MAC feed */
51+
#define HKDF_MAC_FEED_INDEX (HKDF_AES_KEY_INDEX + HKDF_ASE_KEY_SIZE)
52+
#define HKDF_MAC_FEED_SIZE (32) /* This is SHA independent */
53+
/* Total size */
54+
#define HKDF_SIZE (HKDF_ASE_KEY_SIZE + HKDF_MAC_FEED_SIZE)
55+
4656
/* Fixme: This duplicates code from encrypted.c and depends on mbedtls */
4757
static int
4858
parse_x25519_enckey(uint8_t **p, uint8_t *end, uint8_t *private_key)
@@ -114,7 +124,7 @@ extern const struct bootutil_key bootutil_enc_key;
114124
int
115125
boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
116126
{
117-
uint8_t derived_key[BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
127+
uint8_t derived_key[HKDF_SIZE];
118128
uint8_t *cp;
119129
uint8_t *cpend;
120130
uint8_t private_key[PRIV_KEY_LEN];
@@ -208,7 +218,7 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
208218
return -1;
209219
}
210220

211-
len = BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;
221+
len = HKDF_SIZE;
212222
psa_ret = psa_key_derivation_output_bytes(&key_do, derived_key, len);
213223
psa_cleanup_ret = psa_key_derivation_abort(&key_do);
214224
if (psa_cleanup_ret != PSA_SUCCESS) {
@@ -227,13 +237,10 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
227237
psa_set_key_usage_flags(&kattr, PSA_KEY_USAGE_VERIFY_MESSAGE);
228238
psa_set_key_algorithm(&kattr, PSA_ALG_HMAC(PSA_ALG_SHA_256));
229239

230-
/* Import the MAC tag key part of derived key, that is the part that starts
231-
* after BOOT_ENC_KEY_SIZE and has length of
232-
* BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE bytes.
233-
*/
240+
/* Import the MAC tag key part of derived key */
234241
psa_ret = psa_import_key(&kattr,
235-
&derived_key[BOOT_ENC_KEY_SIZE],
236-
BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE, &kid);
242+
&derived_key[HKDF_MAC_FEED_INDEX],
243+
HKDF_MAC_FEED_SIZE, &kid);
237244
psa_reset_key_attributes(&kattr);
238245
if (psa_ret != PSA_SUCCESS) {
239246
memset(derived_key, 0, sizeof(derived_key));
@@ -262,7 +269,8 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
262269
psa_set_key_algorithm(&kattr, PSA_ALG_CTR);
263270

264271
/* Import the AES partition of derived key, the first 16 bytes */
265-
psa_ret = psa_import_key(&kattr, &derived_key[0], BOOT_ENC_KEY_SIZE, &kid);
272+
psa_ret = psa_import_key(&kattr, &derived_key[HKDF_AES_KEY_INDEX],
273+
HKDF_ASE_KEY_SIZE, &kid);
266274
memset(derived_key, 0, sizeof(derived_key));
267275
if (psa_ret != PSA_SUCCESS) {
268276
BOOT_LOG_ERR("AES key import failed %d", psa_ret);

0 commit comments

Comments
 (0)