Skip to content

Making key decryption nicer #2328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Making key decryption nicer #2328

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8b83064
Decrypt_key: One context, common defs
de-nordic May 30, 2025
398b4a7
Hkdf uses size_t
de-nordic May 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 27 additions & 34 deletions boot/bootutil/src/encrypted.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,15 +264,15 @@ parse_x25519_enckey(uint8_t **p, uint8_t *end, uint8_t *private_key)
* @param okm_len On input the requested length; on output the generated length
*/
static int
hkdf(uint8_t *ikm, uint16_t ikm_len, uint8_t *info, uint16_t info_len,
uint8_t *okm, uint16_t *okm_len)
hkdf(const uint8_t *ikm, size_t ikm_len, const uint8_t *info, size_t info_len,
uint8_t *okm, size_t *okm_len)
{
bootutil_hmac_sha256_context hmac;
uint8_t salt[BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
uint8_t prk[BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
uint8_t T[BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
uint16_t off;
uint16_t len;
size_t off;
size_t len;
uint8_t counter;
bool first;
int rc;
Expand Down Expand Up @@ -406,28 +406,27 @@ int
boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
{
#if defined(MCUBOOT_ENCRYPT_RSA)
bootutil_rsa_context rsa;
uint8_t *cp;
uint8_t *cpend;
size_t olen;
bootutil_rsa_context pk_ctx;
#endif
#if defined(MCUBOOT_ENCRYPT_EC256)
bootutil_ecdh_p256_context ecdh_p256;
bootutil_ecdh_p256_context pk_ctx;
#endif
#if defined(MCUBOOT_ENCRYPT_X25519)
bootutil_ecdh_x25519_context ecdh_x25519;
bootutil_ecdh_x25519_context pk_ctx;
#endif
#if defined(MCUBOOT_ENCRYPT_EC256) || defined(MCUBOOT_ENCRYPT_X25519)
bootutil_hmac_sha256_context hmac;
bootutil_aes_ctr_context aes_ctr;
uint8_t tag[BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
uint8_t shared[SHARED_KEY_LEN];
uint8_t derived_key[BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];
uint8_t *cp;
uint8_t *cpend;
uint8_t private_key[PRIV_KEY_LEN];
uint8_t counter[BOOT_ENC_BLOCK_SIZE];
uint16_t len;
#endif
#if !defined(MCUBOOT_ENCRYPT_KW)
uint8_t *cp;
uint8_t *cpend;
size_t len;
#endif
struct bootutil_key *bootutil_enc_key = NULL;
int rc = -1;
Expand All @@ -441,21 +440,23 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
return rc;
}

#if defined(MCUBOOT_ENCRYPT_RSA)

bootutil_rsa_init(&rsa);
#if !defined(MCUBOOT_ENCRYPT_KW)
cp = (uint8_t *)bootutil_enc_key->key;
cpend = cp + *bootutil_enc_key->len;
#endif

#if defined(MCUBOOT_ENCRYPT_RSA)
bootutil_rsa_init(&pk_ctx);

/* The enckey is encrypted through RSA so for decryption we need the private key */
rc = bootutil_rsa_parse_private_key(&rsa, &cp, cpend);
rc = bootutil_rsa_parse_private_key(&pk_ctx, &cp, cpend);
if (rc) {
bootutil_rsa_drop(&rsa);
bootutil_rsa_drop(&pk_ctx);
return rc;
}

rc = bootutil_rsa_oaep_decrypt(&rsa, &olen, buf, enckey, BOOT_ENC_KEY_SIZE);
bootutil_rsa_drop(&rsa);
rc = bootutil_rsa_oaep_decrypt(&pk_ctx, &len, buf, enckey, BOOT_ENC_KEY_SIZE);
bootutil_rsa_drop(&pk_ctx);
if (rc) {
return rc;
}
Expand All @@ -470,10 +471,6 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
#endif /* defined(MCUBOOT_ENCRYPT_KW) */

#if defined(MCUBOOT_ENCRYPT_EC256)

cp = (uint8_t *)bootutil_enc_key->key;
cpend = cp + *bootutil_enc_key->len;

/*
* Load the stored EC256 decryption private key
*/
Expand All @@ -486,21 +483,17 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
/*
* First "element" in the TLV is the curve point (public key)
*/
bootutil_ecdh_p256_init(&ecdh_p256);
bootutil_ecdh_p256_init(&pk_ctx);

rc = bootutil_ecdh_p256_shared_secret(&ecdh_p256, &buf[EC_PUBK_INDEX], private_key, shared);
bootutil_ecdh_p256_drop(&ecdh_p256);
rc = bootutil_ecdh_p256_shared_secret(&pk_ctx, &buf[EC_PUBK_INDEX], private_key, shared);
bootutil_ecdh_p256_drop(&pk_ctx);
if (rc != 0) {
return -1;
}

#endif /* defined(MCUBOOT_ENCRYPT_EC256) */

#if defined(MCUBOOT_ENCRYPT_X25519)

cp = (uint8_t *)bootutil_enc_key->key;
cpend = cp + *bootutil_enc_key->len;

/*
* Load the stored X25519 decryption private key
*/
Expand All @@ -514,10 +507,10 @@ boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)
* First "element" in the TLV is the curve point (public key)
*/

bootutil_ecdh_x25519_init(&ecdh_x25519);
bootutil_ecdh_x25519_init(&pk_ctx);

rc = bootutil_ecdh_x25519_shared_secret(&ecdh_x25519, &buf[EC_PUBK_INDEX], private_key, shared);
bootutil_ecdh_x25519_drop(&ecdh_x25519);
rc = bootutil_ecdh_x25519_shared_secret(&pk_ctx, &buf[EC_PUBK_INDEX], private_key, shared);
bootutil_ecdh_x25519_drop(&pk_ctx);
if (!rc) {
return -1;
}
Expand Down
Loading