fix keys

canisLupus1313 · Nov 27, 2024 · 43361db · 43361db
1 parent ac33ba9
commit 43361db
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 0 deletions.
diff --git a/src/core/crypto/storage.hpp b/src/core/crypto/storage.hpp
@@ -102,6 +102,7 @@ constexpr KeyRef kActiveDatasetPskcRef        = OPENTHREAD_CONFIG_PSA_ITS_NVM_OF
 constexpr KeyRef kPendingDatasetNetworkKeyRef = OPENTHREAD_CONFIG_PSA_ITS_NVM_OFFSET + 5;
 constexpr KeyRef kPendingDatasetPskcRef       = OPENTHREAD_CONFIG_PSA_ITS_NVM_OFFSET + 6;
 constexpr KeyRef kEcdsaRef                    = OPENTHREAD_CONFIG_PSA_ITS_NVM_OFFSET + 7;
+constexpr KeyRef kPskdRef                     = OPENTHREAD_CONFIG_PSA_ITS_NVM_OFFSET + 8;
 
 /**
  * Determine if a given `KeyRef` is valid or not.

diff --git a/src/core/meshcop/tcat_agent.cpp b/src/core/meshcop/tcat_agent.cpp
@@ -33,6 +33,7 @@
 
 #include "tcat_agent.hpp"
 #include "common/code_utils.hpp"
+#include "crypto/storage.hpp"
 
 #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE
 
@@ -767,13 +768,27 @@ void TcatAgent::CalculateHash(uint64_t aChallenge, const char *aBuf, size_t aBuf
     const mbedtls_asn1_buf &rawKey = Get<Ble::BleSecure>().GetOwnPublicKey();
     Crypto::Key             cryptoKey;
     Crypto::HmacSha256      hmac;
+    Crypto::Storage::KeyRef keyRef;
 
+    SuccessOrExit(Crypto::Storage::ImportKey(keyRef, Crypto::Storage::kKeyTypeHmac,
+                                             Crypto::Storage::kKeyAlgorithmHmacSha256, Crypto::Storage::kUsageSignHash,
+                                             Crypto::Storage::kTypeVolatile, reinterpret_cast<const uint8_t *>(aBuf),
+                                             aBufLen));
+
+#if OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE
+    cryptoKey.SetAsKeyRef(keyRef);
+#else
     cryptoKey.Set(reinterpret_cast<const uint8_t *>(aBuf), static_cast<uint16_t>(aBufLen));
+#endif
 
     hmac.Start(cryptoKey);
     hmac.Update(aChallenge);
     hmac.Update(rawKey.p, static_cast<uint16_t>(rawKey.len));
     hmac.Finish(aHash);
+
+    Crypto::Storage::DestroyKey(keyRef);
+exit:
+    return;
 }
 
 Error TcatAgent::HandleStartThreadInterface(void)

diff --git a/tools/tcat_ble_client/cli/base_commands.py b/tools/tcat_ble_client/cli/base_commands.py
@@ -234,6 +234,7 @@ async def execute_default(self, args, context):
             challenge_size = 8
             challenge = token_bytes(challenge_size)
             pskd = bytes(args[0], 'utf-8')
+            print(str(challenge))
             data = TLV(TcatTLVType.GET_PSKD_HASH.value, challenge).to_bytes()
             response = await bless.send_with_resp(data)
             if not response: