Struct lpc55::secure_binary::Keyblob

pub struct Keyblob { /* private fields */ }

For the proprietary use case, firmware inside the “commands” is encrypted. This works by using a “random” encryption key and a “random” HMAC key, both of which are AES-keywrapped with a “secure boot” key encryption key (denoted SBKEK), which is pre-shared with devices that will receive the SB file.

In the non-proprietary use-case (or any situation where only authenticity is of interest, not confidentiality), the SBKEK is known, hence also both dek and mac keys. This means that the dek is totally useless, and the mac key can just as well consist of all zeros too. Therefore, we implement Default for this struct.

Implementations

impl Keyblob

pub const SBKEK: &'static [u8; 32] = b"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"

Conor picked this KEK once, all zeros would work too, but why not 101010….101010 ;)

Trait Implementations

impl Clone for Keyblob

fn clone(&self) -> Keyblob

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Keyblob

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Keyblob

fn default() -> Keyblob

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Keyblob

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
    __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for Keyblob

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>where
    __S: Serializer,

Serialize this value into the given Serde serializer.