merge dev

README.md

@@ -7,6 +7,8 @@ Additionaly, thanks to the Arduino library [HomeSpan](https://github.com/HomeSpa
 
 ## Overview
 
+Only the PN532 is supported as an NFC module.
+
 - Only the FAST and STANDARD flows are implementated right now, the ATTESTATION flow will be implemented at a later time since STANDARD can be used in most cases
 - Lock State can be received and controlled via MQTT through user-defined topics
 - Any NFC Target that's not identified as homekey will skip the flow and at least at the moment it only just publishes the UID, ATQA and SAK to the same MQTT topic as homekey with the property `homekey` set to false
@@ -17,13 +19,29 @@ The code still needs some working so it's very much a work in progress, but the
 
 Goal of the project is to make it easy to add the homekey functionality to locks that don't support it or to anything for that matter :) .
 
+## Wiring
+
+The current implementation is using SPI for communication.
+
+Pins are the default Arduino pins for SPI which should be as follows:
+
+GPIO18 - SCK
+
+GPIO19 - MISO
+
+GPIO23 - MOSI
+
+GPIO5 - SS
+
 ## Configuration
 
 Currently the WiFi can only be configured from the terminal, though the library [HomeSpan](https://github.com/HomeSpan/HomeSpan) that this is based on also has the option of a hotspot but requires a button so haven't bothered with it.
 
 ### WIFI
 
-To connect it to WiFi, open the serial terminal, press <kbd>W</kbd> + <kbd>Return</kbd>, and now it should start searching for networks and then proceed accordingly.
+To connect it to WiFi there are two options
+- Open the serial terminal, press <kbd>W</kbd> + <kbd>Return</kbd>, and now it should start searching for networks from which to select.
+- Open the serial terminal, press <kbd>A</kbd> to start a temporary Access Point then connect to the Wifi network "HomeSpan-Setup" with the password `homespan` and if you are on a phone it should automatically open up the page where you can configure the Wifi credentials, alternatively you can access the page manually on `http://192.168.4.1/hotspot-detect.html`
 
 ### HomeKit
 

platformio.ini

@@ -18,6 +18,7 @@ framework = arduino, espidf
 monitor_speed = 115200
 monitor_echo = yes
 monitor_filters = 
+	direct
 	esp32_exception_decoder
 	log2file
 lib_ldf_mode = deep
@@ -34,7 +35,7 @@ build_flags =
 	-DCONFIG_LOG_COLORS
 	-std=gnu++17
 build_unflags = 
-	-Os
+	-Osfas
 	-std=gnu++11
 
 [env:debug]

sdkconfig.debug

@@ -841,7 +841,7 @@ CONFIG_LWIP_DNS_SUPPORT_MDNS_QUERIES=y
 # CONFIG_LWIP_L2_TO_L3_COPY is not set
 CONFIG_LWIP_IRAM_OPTIMIZATION=y
 CONFIG_LWIP_TIMERS_ONDEMAND=y
-CONFIG_LWIP_MAX_SOCKETS=14
+CONFIG_LWIP_MAX_SOCKETS=16
 # CONFIG_LWIP_USE_ONLY_LWIP_SELECT is not set
 # CONFIG_LWIP_SO_LINGER is not set
 CONFIG_LWIP_SO_REUSE=y

sdkconfig.defaults

@@ -841,7 +841,7 @@ CONFIG_LWIP_DNS_SUPPORT_MDNS_QUERIES=y
 # CONFIG_LWIP_L2_TO_L3_COPY is not set
 CONFIG_LWIP_IRAM_OPTIMIZATION=y
 CONFIG_LWIP_TIMERS_ONDEMAND=y
-CONFIG_LWIP_MAX_SOCKETS=14
+CONFIG_LWIP_MAX_SOCKETS=16
 # CONFIG_LWIP_USE_ONLY_LWIP_SELECT is not set
 # CONFIG_LWIP_SO_LINGER is not set
 CONFIG_LWIP_SO_REUSE=y

sdkconfig.ota

@@ -842,7 +842,7 @@ CONFIG_LWIP_DNS_SUPPORT_MDNS_QUERIES=y
 # CONFIG_LWIP_L2_TO_L3_COPY is not set
 CONFIG_LWIP_IRAM_OPTIMIZATION=y
 CONFIG_LWIP_TIMERS_ONDEMAND=y
-CONFIG_LWIP_MAX_SOCKETS=14
+CONFIG_LWIP_MAX_SOCKETS=16
 # CONFIG_LWIP_USE_ONLY_LWIP_SELECT is not set
 # CONFIG_LWIP_SO_LINGER is not set
 CONFIG_LWIP_SO_REUSE=y

sdkconfig.release

@@ -842,7 +842,7 @@ CONFIG_LWIP_DNS_SUPPORT_MDNS_QUERIES=y
 # CONFIG_LWIP_L2_TO_L3_COPY is not set
 CONFIG_LWIP_IRAM_OPTIMIZATION=y
 CONFIG_LWIP_TIMERS_ONDEMAND=y
-CONFIG_LWIP_MAX_SOCKETS=14
+CONFIG_LWIP_MAX_SOCKETS=16
 # CONFIG_LWIP_USE_ONLY_LWIP_SELECT is not set
 # CONFIG_LWIP_SO_LINGER is not set
 CONFIG_LWIP_SO_REUSE=y

src/auth/authContext.h

@@ -34,11 +34,10 @@ class HKAuthenticationContext : CommonCryptoUtils
   std::vector<uint8_t> readerIdentifier;
   void Auth0_keying_material(const char *context, const uint8_t *ePub_X, const uint8_t *keyingMaterial, uint8_t *out, size_t outLen);
   void Auth1_keys_generator(uint8_t *persistentKey, uint8_t *volatileKey);
-  void get_shared_key(uint8_t *outBuf, size_t oLen);
   std::tuple<homeKeyIssuer::issuer_t *, homeKeyEndpoint::endpoint_t *> find_endpoint_by_cryptogram(std::vector<uint8_t>& cryptogram);
   void Auth1_keying_material(uint8_t *keyingMaterial, const char *context, uint8_t *out, size_t outLen);
   std::vector<uint8_t> commandFlow(homeKeyReader::CommandFlowStatus status);
-  std::tuple<homeKeyIssuer::issuer_t *, homeKeyEndpoint::endpoint_t *,homeKeyReader::KeyFlow> fast_auth(bool fallbackToStd);
+  std::tuple<homeKeyIssuer::issuer_t *, homeKeyEndpoint::endpoint_t *,homeKeyReader::KeyFlow> fast_auth(uint8_t *data, size_t dataLen);
   std::tuple<homeKeyIssuer::issuer_t *, homeKeyEndpoint::endpoint_t *, DigitalKeySecureContext, std::vector<uint8_t>, homeKeyReader::KeyFlow> std_auth();
 
 public:

src/main.cpp

@@ -69,7 +69,6 @@ struct LockManagement : Service::LockManagement
   {
 
     Serial.print("Configuring LockManagement\n"); // initialization message
-    new Characteristic::Name("Lock Management");
 
     lockControlPoint = new Characteristic::LockControlPoint();
     version = new Characteristic::Version();
@@ -110,7 +109,6 @@ struct LockMechanism : Service::LockMechanism
   LockMechanism() : Service::LockMechanism()
   {
     LOG(I, "Configuring LockMechanism"); // initialization message
-    new Characteristic::Name("NFC Lock");
     lockCurrentState = new Characteristic::LockCurrentState(1, true);
     lockTargetState = new Characteristic::LockTargetState(1, true);
     mqtt.subscribe(
@@ -202,10 +200,10 @@ struct LockMechanism : Service::LockMechanism
           mqtt.publish(MQTT_AUTH_TOPIC, payload.dump().c_str());
         }
       }
+      nfc.inRelease();
       bool deviceStillInField = nfc.readPassiveTargetID(PN532_MIFARE_ISO14443A, uid, &uidLen);
       while (deviceStillInField)
       {
-        nfc.inRelease();
         deviceStillInField = nfc.readPassiveTargetID(PN532_MIFARE_ISO14443A, uid, &uidLen);
         vTaskDelay(100 / portTICK_PERIOD_MS);
       }
@@ -233,7 +231,6 @@ struct NFCAccess : Service::NFCAccess, CommonCryptoUtils
   NFCAccess() : Service::NFCAccess()
   {
     LOG(I, "Configuring NFCAccess"); // initialization message
-    new Characteristic::Name("NFC Access");
     configurationState = new Characteristic::ConfigurationState();
     nfcControlPoint = new Characteristic::NFCAccessControlPoint();
     nfcSupportedConfiguration = new Characteristic::NFCAccessSupportedConfiguration();
@@ -714,7 +711,7 @@ void setup()
     LOG(D, "Issuer ID: %s, Public Key: %s", utils::bufToHexString(issuer.issuerId, sizeof(issuer.issuerId)).c_str(), utils::bufToHexString(issuer.publicKey, sizeof(issuer.publicKey)).c_str());
   }
   homeSpan.enableOTA();
-  homeSpan.begin(Category::Locks, "Test NFC Lock");
+  homeSpan.begin(Category::Locks, "HK Lock");
 
   new SpanUserCommand('D', "Delete Home Key Data", deleteReaderData);
   new SpanUserCommand('L', "Set Log Level", setLogLevel);
@@ -741,11 +738,11 @@ void setup()
   new SpanAccessory();                 // Begin by creating a new Accessory using SpanAccessory(), no arguments needed
   new Service::AccessoryInformation(); // HAP requires every Accessory to implement an AccessoryInformation Service, with the required Identify Characteristic
   new Characteristic::Identify();
-  new Characteristic::Manufacturer();
-  new Characteristic::Model();
+  new Characteristic::Manufacturer("Kodeative");
+  new Characteristic::Model("HomeKey-ESP32");
   new Characteristic::Name("NFC Lock");
-  new Characteristic::SerialNumber();
-  new Characteristic::FirmwareRevision();
+  new Characteristic::SerialNumber("HK-360");
+  new Characteristic::FirmwareRevision("0.1");
   new Characteristic::HardwareFinish();
 
   new LockManagement();

src/util/CommonCryptoUtils.cpp

@@ -1,5 +1,5 @@
 #include <util/CommonCryptoUtils.h>
-#include "CommonCryptoUtils.h"
+#define LOG(x, format, ...) ESP_LOG##x(TAG, "%s > " format , __FUNCTION__ __VA_OPT__(,) __VA_ARGS__)
 
 CommonCryptoUtils::CommonCryptoUtils()
 {
@@ -11,6 +11,63 @@ int CommonCryptoUtils::esp_rng(void *, uint8_t *buf, size_t len)
   return 0;
 }
 
+/**
+ * The function performs an elliptic curve Diffie-Hellman key exchange to compute a shared key between
+ * the reader and the endpoint.
+ *
+ * @param outBuf The `outBuf` parameter is a pointer to a buffer where the computed shared key will be
+ * stored. It should be allocated with enough space to hold `oLen` bytes.
+ * @param oLen oLen is the length of the output buffer (outBuf) where the shared key will be written.
+ */
+void CommonCryptoUtils::get_shared_key(const std::vector<uint8_t> &key1, const std::vector<uint8_t> &key2, uint8_t *outBuf, size_t oLen)
+{
+  mbedtls_ecp_group grp;
+  mbedtls_mpi reader_ephemeral_private_key, shared_key;
+  mbedtls_ecp_point endpoint_ephemeral_public_key;
+
+  mbedtls_ecp_group_init(&grp);
+  mbedtls_mpi_init(&reader_ephemeral_private_key);
+  mbedtls_mpi_init(&shared_key);
+  mbedtls_ecp_point_init(&endpoint_ephemeral_public_key);
+
+  // Initialize the elliptic curve group (e.g., SECP256R1)
+  mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP256R1);
+
+  // Set the reader's ephemeral private key
+  int mpi_read = mbedtls_mpi_read_binary(&reader_ephemeral_private_key, key1.data(), key1.size());
+
+  if(mpi_read != 0){
+    LOG(E, "mpi_read - %s", mbedtls_high_level_strerr(mpi_read));
+    return;
+  }
+
+  // Set the endpoint's ephemeral public key
+  int ecp_read = mbedtls_ecp_point_read_binary(&grp, &endpoint_ephemeral_public_key, key2.data(), key2.size());
+  if(ecp_read != 0){
+    LOG(E, "ecp_read - %s", mbedtls_high_level_strerr(ecp_read));
+    return;
+  }
+
+  // Perform key exchange
+  int ecdh_compute_shared = mbedtls_ecdh_compute_shared(&grp, &shared_key, &endpoint_ephemeral_public_key, &reader_ephemeral_private_key,
+                              esp_rng, NULL);
+  if(ecdh_compute_shared != 0){
+    LOG(E, "ecdh_compute_shared - %s", mbedtls_high_level_strerr(ecdh_compute_shared));
+    return;
+  }
+
+  int mpi_write = mbedtls_mpi_write_binary(&shared_key, outBuf, oLen);
+  if(mpi_write != 0){
+    LOG(E, "mpi_write - %s", mbedtls_high_level_strerr(mpi_write));
+    return;
+  }
+
+  mbedtls_ecp_group_free(&grp);
+  mbedtls_mpi_free(&reader_ephemeral_private_key);
+  mbedtls_mpi_free(&shared_key);
+  mbedtls_ecp_point_free(&endpoint_ephemeral_public_key);
+}
+
 /**
  * The function generates an ephemeral key pair using the secp256r1 elliptic curve and returns the
  * private and public keys as vectors of uint8_t.
@@ -25,22 +82,22 @@ std::tuple<std::vector<uint8_t>, std::vector<uint8_t>> CommonCryptoUtils::genera
   mbedtls_ecp_keypair_init(&ephemeral);
   int gen_key = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, &ephemeral, esp_rng, NULL);
   if(gen_key != 0){
-    ESP_LOGE(TAG, "generateEphemeralKey > gen_key - %s: %s", mbedtls_high_level_strerr(gen_key), mbedtls_low_level_strerr(gen_key));
+    LOG(E, "gen_key - %s", mbedtls_high_level_strerr(gen_key));
     return std::make_tuple(std::vector<uint8_t>(), std::vector<uint8_t>());
   }
   std::vector<uint8_t> bufPriv(mbedtls_mpi_size(&ephemeral.d));
   int mpi_write = mbedtls_mpi_write_binary(&ephemeral.d, bufPriv.data(), bufPriv.capacity());
   if(mpi_write != 0){
-    ESP_LOGE(TAG, "generateEphemeralKey > mpi_write - %s: %s", mbedtls_high_level_strerr(mpi_write), mbedtls_low_level_strerr(mpi_write));
+    LOG(E, "mpi_write - %s", mbedtls_high_level_strerr(mpi_write));
     return std::make_tuple(std::vector<uint8_t>(), std::vector<uint8_t>());
   }
   std::vector<uint8_t> bufPub(MBEDTLS_ECP_MAX_BYTES);
   size_t olen = 0;
   int ecp_write = mbedtls_ecp_point_write_binary(&ephemeral.grp, &ephemeral.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, bufPub.data(), bufPub.capacity());
   if(!ecp_write){
-    ESP_LOGD(TAG, "Ephemeral Key generated -- private: %s, public: %s", utils::bufToHexString(bufPriv.data(), bufPriv.size()).c_str(), utils::bufToHexString(bufPub.data(), bufPub.size()).c_str());
+    LOG(D, "Ephemeral Key generated -- private: %s, public: %s", utils::bufToHexString(bufPriv.data(), bufPriv.size()).c_str(), utils::bufToHexString(bufPub.data(), bufPub.size()).c_str());
   } else{
-    ESP_LOGE(TAG, "generateEphemeralKey > ecp_write - %s : %s", mbedtls_high_level_strerr(ecp_write), mbedtls_low_level_strerr(ecp_write));
+    LOG(E, "ecp_write - %s", mbedtls_high_level_strerr(ecp_write));
     return std::make_tuple(std::vector<uint8_t>(), std::vector<uint8_t>());
   }
   bufPub.resize(olen);
@@ -67,13 +124,13 @@ std::vector<uint8_t> CommonCryptoUtils::get_x(std::vector<uint8_t> &pubKey)
   mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP256R1);
   int ecp_read = mbedtls_ecp_point_read_binary(&grp, &point, pubKey.data(), pubKey.size());
   if(ecp_read != 0)
-    ESP_LOGE(TAG, "get_x > ecp_read - %s: %s", mbedtls_high_level_strerr(ecp_read), mbedtls_low_level_strerr(ecp_read));
+    LOG(E, "ecp_read - %s", mbedtls_high_level_strerr(ecp_read));
   size_t buffer_size_x = mbedtls_mpi_size(&point.X);
   std::vector<uint8_t> X(buffer_size_x);
   int ecp_write = mbedtls_mpi_write_binary(&point.X, X.data(), buffer_size_x);
   if(ecp_write != 0)
-    ESP_LOGE(TAG, "get_x > ecp_write - %s: %s", mbedtls_high_level_strerr(ecp_write), mbedtls_low_level_strerr(ecp_write));
-  ESP_LOGV(TAG, "PublicKey: %s, X Coordinate: %s", utils::bufToHexString(pubKey.data(), pubKey.size()).c_str(), utils::bufToHexString(X.data(), X.size()).c_str());
+    LOG(E, "ecp_write - %s", mbedtls_high_level_strerr(ecp_write));
+  LOG(V, "PublicKey: %s, X Coordinate: %s", utils::bufToHexString(pubKey.data(), pubKey.size()).c_str(), utils::bufToHexString(X.data(), X.size()).c_str());
   mbedtls_ecp_group_free(&grp);
   mbedtls_ecp_point_free(&point);
   return X;
@@ -98,34 +155,37 @@ std::vector<uint8_t> CommonCryptoUtils::get_x(uint8_t *pubKey, size_t len)
   mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP256R1);
   int ecp_read = mbedtls_ecp_point_read_binary(&grp, &point, pubKey, len);
   if(ecp_read != 0){
-    ESP_LOGE(TAG, "get_x > ecp_read - %s: %s", mbedtls_high_level_strerr(ecp_read), mbedtls_low_level_strerr(ecp_read));
+    LOG(E, "ecp_read - %s", mbedtls_high_level_strerr(ecp_read));
     return std::vector<uint8_t>();
   }
   size_t buffer_size_x = mbedtls_mpi_size(&point.X);
   std::vector<uint8_t> X(buffer_size_x);
   int ecp_write = mbedtls_mpi_write_binary(&point.X, X.data(), buffer_size_x);
   if(ecp_write != 0){
-    ESP_LOGE(TAG, "get_x > ecp_write - %s: %s", mbedtls_high_level_strerr(ecp_write), mbedtls_low_level_strerr(ecp_write));
+    LOG(E, "ecp_write - %s", mbedtls_high_level_strerr(ecp_write));
     return std::vector<uint8_t>();
   }
-  ESP_LOGV(TAG, "PublicKey: %s, X Coordinate: %s", utils::bufToHexString(pubKey, len).c_str(), utils::bufToHexString(X.data(), X.size()).c_str());
+  LOG(V, "PublicKey: %s, X Coordinate: %s", utils::bufToHexString(pubKey, len).c_str(), utils::bufToHexString(X.data(), X.size()).c_str());
   mbedtls_ecp_group_free(&grp);
   mbedtls_ecp_point_free(&point);
   return X;
 }
 
 /**
- * The function signSharedInfo signs the given data using the private key and returns the signature in
- * TLV format.
- *
- * @param stdTlv A pointer to an array of uint8_t values representing a TLV (Tag-Length-Value)
- * structure.
- * @param len The `len` parameter represents the length of the `stdTlv` array.
- *
- * @return a std::vector<uint8_t> containing a TLV (Tag-Length-Value) structure. The TLV structure
- * consists of a tag (0x9E) and the signature point (sigPoint) as the value.
+ * The function `signSharedInfo` takes in data and a key, performs a SHA256 hash on the data, and then
+ * signs the hash with the key using the ECDSA algorithm.
+ * 
+ * @param data A pointer to the data that needs to be signed.
+ * @param dataLen The parameter `dataLen` represents the length of the `data` array, which is the input
+ * data that needs to be signed.
+ * @param key The "key" parameter is a pointer to an array of uint8_t values that represents the key
+ * used for signing the data. The "keyLen" parameter specifies the length of the key array.
+ * @param keyLen The parameter `keyLen` represents the length of the key in bytes.
+ * 
+ * @return a std::vector<uint8_t> object, which contains the signature point generated by signing the
+ * shared information using the provided data and key.
  */
-std::vector<uint8_t> CommonCryptoUtils::signSharedInfo(uint8_t *stdTlv, size_t len, uint8_t *privateKey, size_t keyLen)
+std::vector<uint8_t> CommonCryptoUtils::signSharedInfo(const uint8_t *data, const size_t dataLen, const uint8_t *key, const size_t keyLen)
 {
   mbedtls_ecp_keypair keypair;
   mbedtls_ecp_keypair_init(&keypair);
@@ -137,33 +197,33 @@ std::vector<uint8_t> CommonCryptoUtils::signSharedInfo(uint8_t *stdTlv, size_t l
 
   uint8_t hash[32];
 
-  mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), stdTlv, len, hash);
+  mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), data, dataLen, hash);
 
-  int ecp_read = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &keypair, privateKey, keyLen);
+  int ecp_read = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &keypair, key, keyLen);
   if(ecp_read != 0){
-    ESP_LOGE(TAG, "signSharedInfo > ecp_read - %s: %s", mbedtls_high_level_strerr(ecp_read), mbedtls_low_level_strerr(ecp_read));
+    LOG(E, "ecp_read - %s", mbedtls_high_level_strerr(ecp_read));
     return std::vector<uint8_t>();
   }
   int ecdsa_sign = mbedtls_ecdsa_sign_det_ext(&keypair.grp, &sigMpi1, &sigMpi2, &keypair.d, hash, keyLen, MBEDTLS_MD_SHA256, esp_rng, NULL);
   if(ecdsa_sign != 0){
-    ESP_LOGE(TAG, "signSharedInfo > ecdsa_sign - %s: %s", mbedtls_high_level_strerr(ecdsa_sign), mbedtls_low_level_strerr(ecdsa_sign));
+    LOG(E, "ecdsa_sign - %s", mbedtls_high_level_strerr(ecdsa_sign));
     return std::vector<uint8_t>();
   }
-  uint8_t sigPoint[mbedtls_mpi_size(&sigMpi1) + mbedtls_mpi_size(&sigMpi2)];
-  int ecp_write_1 = mbedtls_mpi_write_binary(&sigMpi1, sigPoint, mbedtls_mpi_size(&sigMpi1));
+  std::vector<uint8_t> sigPoint(mbedtls_mpi_size(&sigMpi1) + mbedtls_mpi_size(&sigMpi2));
+  int ecp_write_1 = mbedtls_mpi_write_binary(&sigMpi1, sigPoint.data(), mbedtls_mpi_size(&sigMpi1));
   if(ecp_write_1 != 0){
-    ESP_LOGE(TAG, "signSharedInfo > ecp_write_1 - %s: %s", mbedtls_high_level_strerr(ecp_write_1), mbedtls_low_level_strerr(ecp_write_1));
+    LOG(E, "ecp_write_1 - %s", mbedtls_high_level_strerr(ecp_write_1));
     return std::vector<uint8_t>();
   }
-  int ecp_write_2 = mbedtls_mpi_write_binary(&sigMpi2, sigPoint + mbedtls_mpi_size(&sigMpi1), mbedtls_mpi_size(&sigMpi2));
+  int ecp_write_2 = mbedtls_mpi_write_binary(&sigMpi2, sigPoint.data() + mbedtls_mpi_size(&sigMpi1), mbedtls_mpi_size(&sigMpi2));
   if(ecp_write_2 != 0){
-    ESP_LOGE(TAG, "signSharedInfo > ecp_write_2 - %s: %s", mbedtls_high_level_strerr(ecp_write_2), mbedtls_low_level_strerr(ecp_write_2));
+    LOG(E, "ecp_write_2 - %s", mbedtls_high_level_strerr(ecp_write_2));
     return std::vector<uint8_t>();
   }
   mbedtls_ecp_keypair_free(&keypair);
   mbedtls_mpi_free(&sigMpi1);
   mbedtls_mpi_free(&sigMpi2);
-  return utils::simple_tlv(0x9E, sigPoint, sizeof(sigPoint));
+  return sigPoint;
 }
 
 std::vector<uint8_t> CommonCryptoUtils::getPublicKey(uint8_t *privKey, size_t len)

src/util/CommonCryptoUtils.h

@@ -20,8 +20,9 @@ class CommonCryptoUtils
 
 public:
   CommonCryptoUtils();
+  void get_shared_key(const std::vector<uint8_t> &key1, const std::vector<uint8_t> &key2, uint8_t *outBuf, size_t oLen);
   std::tuple<std::vector<uint8_t>, std::vector<uint8_t>> generateEphemeralKey();
-  std::vector<uint8_t> signSharedInfo(uint8_t *stdTlv, size_t len, uint8_t *privateKey, size_t keyLen);
+  std::vector<uint8_t> signSharedInfo(const uint8_t *data, const size_t len, const uint8_t *privateKey, const size_t keyLen);
   std::vector<uint8_t> get_x(std::vector<uint8_t> &pubKey);
   std::vector<uint8_t> get_x(uint8_t *pubKey, size_t len);
   std::vector<uint8_t> getPublicKey(uint8_t *privKey, size_t len);