Hi!
I noticed that wiping a RSA key only wipe the private part but not the type field. As a result, any subsequent use of the wiped key doesn't fail with Error no RSA Private Key set in this slot as expected. For example, wiping a RSA key and then sending a OKSIGN results in Error invalid key, key check failed.
When wiping an ECC key the type field is correctly set to 0, and every subsequent use of the key results in Error no ECC Private Key set in this slot.
Code involved
The code to patch, if the described behavior is indeed a bug, is located in okcore.cpp, in the rsa_priv_flash function:
|
if (wipe) |
|
{ |
|
//Copy current flash contents to buffer |
|
okcore_flashget_common(tptr, (unsigned long *)adr, 2048); |
|
//Wipe content from buffer |
|
flash_modify(buffer[5], temp, buffer, MAX_RSA_KEY_SIZE, 1); |
|
//Write buffer to flash |
|
okcore_flashset_common(tptr, (unsigned long *)adr, 2048); |
|
hidprint("Successfully wiped RSA Private Key"); |
|
blink(2); |
|
return; |
|
} |
I think there should be okeeprom_eeset_rsakey(0, (int)buffer[5]); inserted somewhere in this bloc.
Hi!
I noticed that wiping a RSA key only wipe the private part but not the
typefield. As a result, any subsequent use of the wiped key doesn't fail withError no RSA Private Key set in this slotas expected. For example, wiping a RSA key and then sending aOKSIGNresults inError invalid key, key check failed.When wiping an ECC key the
typefield is correctly set to 0, and every subsequent use of the key results inError no ECC Private Key set in this slot.Code involved
The code to patch, if the described behavior is indeed a bug, is located in okcore.cpp, in the
rsa_priv_flashfunction:libraries/onlykey/okcore.cpp
Lines 5097 to 5108 in c8804e3
I think there should be
okeeprom_eeset_rsakey(0, (int)buffer[5]);inserted somewhere in this bloc.