cdc-badge-os/api/AttestationKeyService_8cpp_source.html

#include "cdc_core/AttestationKeyService.h"

#include "cdc_core/Raii.h"

#include "cdc_log.h"

#include <mbedtls/sha256.h>

#include <nvs_flash.h>

#include <nvs.h>

#include <cstring>


static const char* TAG = "AttestKey";

static constexpr const char* NVS_NAMESPACE = "attest";

static constexpr const char* NVS_KEY_PUBHASH = "pubhash";

static constexpr uint32_t RETRY_INTERVAL_MS = 3000;


static constexpr size_t SHA256_DIGEST_SIZE = 32;

static constexpr size_t P256_PUBKEY_RAW_SIZE = 64;


namespace cdc::core {


bool AttestationKeyService::init() {

    if (state_ != ServiceState::UNINITIALIZED) {

        return state_ == ServiceState::INITIALIZED || state_ == ServiceState::STARTED;

    }

    state_ = ServiceState::INITIALIZED;

    return true;

}


bool AttestationKeyService::start() {

    if (state_ == ServiceState::UNINITIALIZED) {

        if (!init()) return false;

    }

    state_ = ServiceState::STARTED;

    if (ensureKey()) {

        ready_ = true;

        LOG_I(TAG, "Attestation key ready");

    }

    return true;

}


void AttestationKeyService::stop() {

    state_ = ServiceState::STOPPED;

}


void AttestationKeyService::onTick(uint32_t nowMs) {

    if (state_ != ServiceState::STARTED || ready_) return;

    if (nowMs - lastAttemptMs_ < RETRY_INTERVAL_MS) return;

    lastAttemptMs_ = nowMs;

    if (ensureKey()) {

        ready_ = true;

        LOG_I(TAG, "Attestation key ready");

    }

}


bool AttestationKeyService::loadStoredHash(uint8_t* out, size_t outLen) {

    if (!out || outLen == 0) return false;

    NvsScope nvs(NVS_NAMESPACE, NVS_READONLY);

    if (!nvs) return false;

    size_t len = outLen;

    esp_err_t err = nvs_get_blob(nvs, NVS_KEY_PUBHASH, out, &len);

    return err == ESP_OK && len == outLen;

}


bool AttestationKeyService::saveStoredHash(const uint8_t* data, size_t len) {

    if (!data || len == 0) return false;

    NvsScope nvs(NVS_NAMESPACE, NVS_READWRITE);

    if (!nvs) return false;

    esp_err_t err = nvs_set_blob(nvs, NVS_KEY_PUBHASH, data, len);

    if (err == ESP_OK) err = nvs.commit();

    return err == ESP_OK;

}


bool AttestationKeyService::ensureKey() {

    if (!secureElement_) {

        LOG_W(TAG, "Secure element not set");

        return false;

    }

    if (!secureElement_->isSessionActive()) {

        if (!secureElement_->sessionStart()) {

            LOG_W(TAG, "Secure element session not active");

            return false;

        }

    }


    uint8_t pubkey[P256_PUBKEY_RAW_SIZE] = {};

    hal::EccCurve curve = hal::EccCurve::P256;

    hal::SeResult res = secureElement_->eccGetPublicKey(ATTESTATION_ECC_SLOT, pubkey, &curve);


    if (res == hal::SeResult::SLOT_EMPTY) {

        LOG_I(TAG, "Attestation slot empty, generating key");

        if (secureElement_->eccGenerate(ATTESTATION_ECC_SLOT, hal::EccCurve::P256) !=

            hal::SeResult::OK) {

            LOG_E(TAG, "Failed to generate attestation key");

            return false;

        }

        res = secureElement_->eccGetPublicKey(ATTESTATION_ECC_SLOT, pubkey, &curve);

    }


    if (res != hal::SeResult::OK) {

        LOG_W(TAG, "Attestation key read failed: %d", static_cast<int>(res));

        return false;

    }


    if (curve != hal::EccCurve::P256) {

        LOG_W(TAG, "Attestation key wrong curve, regenerating");

        secureElement_->eccDelete(ATTESTATION_ECC_SLOT);

        if (secureElement_->eccGenerate(ATTESTATION_ECC_SLOT, hal::EccCurve::P256) !=

            hal::SeResult::OK) {

            LOG_E(TAG, "Failed to regenerate attestation key");

            return false;

        }

        res = secureElement_->eccGetPublicKey(ATTESTATION_ECC_SLOT, pubkey, &curve);

        if (res != hal::SeResult::OK) return false;

    }


    uint8_t hash[SHA256_DIGEST_SIZE] = {};

    mbedtls_sha256(pubkey, sizeof(pubkey), hash, 0);


    uint8_t stored[SHA256_DIGEST_SIZE] = {};

    if (loadStoredHash(stored, sizeof(stored))) {

        if (memcmp(stored, hash, sizeof(hash)) == 0) {

            return true;

        }

        LOG_W(TAG, "Attestation key mismatch, regenerating");

        secureElement_->eccDelete(ATTESTATION_ECC_SLOT);

        if (secureElement_->eccGenerate(ATTESTATION_ECC_SLOT, hal::EccCurve::P256) !=

            hal::SeResult::OK) {

            LOG_E(TAG, "Failed to regenerate attestation key");

            return false;

        }

        res = secureElement_->eccGetPublicKey(ATTESTATION_ECC_SLOT, pubkey, &curve);

        if (res != hal::SeResult::OK) return false;

        mbedtls_sha256(pubkey, sizeof(pubkey), hash, 0);

    }


    if (!saveStoredHash(hash, sizeof(hash))) {

        LOG_W(TAG, "Failed to store attestation key hash");

    }


    return true;

}


} // namespace cdc::core

RETRY_INTERVAL_MS
static constexpr uint32_t RETRY_INTERVAL_MS
Definition AttestationKeyService.cpp:12

P256_PUBKEY_RAW_SIZE
static constexpr size_t P256_PUBKEY_RAW_SIZE
Uncompressed P-256 public key, raw X||Y coordinates (no SEC1 0x04 prefix).
Definition AttestationKeyService.cpp:17

TAG
static const char * TAG
Definition AttestationKeyService.cpp:9

NVS_KEY_PUBHASH
static constexpr const char * NVS_KEY_PUBHASH
Definition AttestationKeyService.cpp:11

AttestationKeyService.h

Raii.h
Shared RAII wrappers for firmware resources.

cdc_log.h
CDC Log: logging over TinyUSB CDC and UART.

LOG_W
#define LOG_W(tag, fmt,...)
Definition cdc_log.h:146

LOG_I
#define LOG_I(tag, fmt,...)
Definition cdc_log.h:147

LOG_E
#define LOG_E(tag, fmt,...)
Definition cdc_log.h:145

cdc::core::AttestationKeyService::start
bool start() override
Starts service, ensures initialized state, and attempts to provision the attestation key synchronousl...
Definition AttestationKeyService.cpp:40

cdc::core::AttestationKeyService::stop
void stop() override
Stops attestation-key background processing.
Definition AttestationKeyService.cpp:55

cdc::core::AttestationKeyService::onTick
void onTick(uint32_t nowMs)
Periodically attempts to ensure attestation key exists and is valid.
Definition AttestationKeyService.cpp:63

cdc::core::AttestationKeyService::init
bool init() override
Initializes service state.
Definition AttestationKeyService.cpp:25

cdc::core::AttestationKeyService::ATTESTATION_ECC_SLOT
static constexpr uint8_t ATTESTATION_ECC_SLOT
Definition AttestationKeyService.h:11

cdc::core::NvsScope
RAII wrapper for an NVS handle.
Definition Raii.h:106

SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
SHA-256 digest output size in bytes (FIPS 180-4).
Definition constants.h:37

curve
uint8_t curve
Definition fido2_storage.cpp:75

NVS_NAMESPACE
#define NVS_NAMESPACE
Definition fido2_storage.cpp:24

cdc::core
Definition AttestationKeyService.h:7

cdc::core::ServiceState::STOPPED
@ STOPPED
Definition IService.h:14

cdc::core::ServiceState::STARTED
@ STARTED
Definition IService.h:13

cdc::core::ServiceState::UNINITIALIZED
@ UNINITIALIZED
Definition IService.h:11

cdc::core::ServiceState::INITIALIZED
@ INITIALIZED
Definition IService.h:12

cdc::core::NVS_NAMESPACE
static constexpr const char * NVS_NAMESPACE
Definition TropicStorage.cpp:14

cdc::hal::SeResult
SeResult
Definition ISecureElement.h:38

cdc::hal::SeResult::SLOT_EMPTY
@ SLOT_EMPTY
Definition ISecureElement.h:42

cdc::hal::SeResult::OK
@ OK
Definition ISecureElement.h:39

cdc::hal::EccCurve
EccCurve
Definition ISecureElement.h:12

cdc::hal::EccCurve::P256
@ P256
Definition ISecureElement.h:13