forked from Archive/PX4-Autopilot
Add crypto key generation functions
Signed-off-by: Jukka Laitinen <jukkax@ssrc.tii.ae>
This commit is contained in:
parent
4c6779812d
commit
3db76d88fe
|
@ -73,6 +73,7 @@ size_t keystore_get_key(keystore_session_handle_t handle, uint8_t idx, uint8_t *
|
|||
|
||||
/*
|
||||
* Store a key persistently into the keystore
|
||||
* handle: a handle to an open keystore
|
||||
* idx: key index in keystore
|
||||
* key: pointer to the key
|
||||
* key_size: size of the key
|
||||
|
@ -105,6 +106,17 @@ crypto_session_handle_t crypto_open(px4_crypto_algorithm_t algorithm);
|
|||
|
||||
void crypto_close(crypto_session_handle_t *handle);
|
||||
|
||||
/*
|
||||
* Generate a key
|
||||
* handle: Open handle for the crypto session. The key will be generated for
|
||||
* the crypto algorithm used by this session
|
||||
* idx: The key index, by which the key can be used
|
||||
* persistent: if set to "true", the key will be stored into the keystore
|
||||
*/
|
||||
bool crypto_generate_key(crypto_session_handle_t handle,
|
||||
uint8_t idx,
|
||||
bool persistent);
|
||||
|
||||
/*
|
||||
* Get a key from keystore, possibly encrypted
|
||||
*
|
||||
|
|
|
@ -42,6 +42,7 @@
|
|||
#include <stdbool.h>
|
||||
|
||||
#include <px4_platform_common/crypto_backend.h>
|
||||
#include <px4_random.h>
|
||||
#include <lib/crypto/monocypher/src/optional/monocypher-ed25519.h>
|
||||
#include <tomcrypt.h>
|
||||
|
||||
|
@ -295,6 +296,48 @@ bool crypto_encrypt_data(crypto_session_handle_t handle,
|
|||
return ret;
|
||||
}
|
||||
|
||||
bool crypto_generate_key(crypto_session_handle_t handle,
|
||||
uint8_t idx, bool persistent)
|
||||
{
|
||||
bool ret = false;
|
||||
|
||||
if (idx >= KEY_CACHE_LEN) {
|
||||
return false;
|
||||
}
|
||||
|
||||
switch (handle.algorithm) {
|
||||
case CRYPTO_XCHACHA20:
|
||||
if (key_cache[idx].key_size < 32) {
|
||||
if (key_cache[idx].key_size > 0) {
|
||||
SECMEM_FREE(key_cache[idx].key);
|
||||
key_cache[idx].key_size = 0;
|
||||
}
|
||||
|
||||
key_cache[idx].key = SECMEM_ALLOC(32);
|
||||
}
|
||||
|
||||
if (key_cache[idx].key) {
|
||||
key_cache[idx].key_size = 32;
|
||||
px4_get_secure_random(key_cache[idx].key, 32);
|
||||
ret = true;
|
||||
|
||||
} else {
|
||||
key_cache[idx].key_size = 0;
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret && persistent) {
|
||||
keystore_put_key(handle.keystore_handle, idx, key_cache[idx].key, key_cache[idx].key_size);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
bool crypto_get_encrypted_key(crypto_session_handle_t handle,
|
||||
uint8_t key_idx,
|
||||
uint8_t *key,
|
||||
|
|
Loading…
Reference in New Issue