From 1427c1d48eb0ae1035f844591d14d29ffe1d2d25 Mon Sep 17 00:00:00 2001
From: Conor Patrick <conorpp94@gmail.com>
Date: Tue, 8 Oct 2019 11:34:15 -0400
Subject: [PATCH] add ctap function to overwrite key bytes

---
 fido2/ctap.c | 11 +++++++++++
 fido2/ctap.h |  2 ++
 2 files changed, 13 insertions(+)

diff --git a/fido2/ctap.c b/fido2/ctap.c
index 05770c3..fa3e1e0 100644
--- a/fido2/ctap.c
+++ b/fido2/ctap.c
@@ -1761,7 +1761,18 @@ static void ctap_state_init()
 
     printf1(TAG_STOR, "Generated PIN SALT: ");
     dump_hex1(TAG_STOR, STATE.PIN_SALT, sizeof STATE.PIN_SALT);
+}
 
+/** Overwrite master secret from external source.
+ * @param keybytes an array of KEY_SPACE_BYTES length.
+ * 
+ * This function should only be called from a privilege mode.
+*/
+void ctap_load_external_keys(uint8_t * keybytes){
+    memmove(STATE.key_space, keybytes, KEY_SPACE_BYTES);
+    authenticator_write_state(&STATE, 0);
+    authenticator_write_state(&STATE, 1);
+    crypto_load_master_secret(STATE.key_space);
 }
 
 void ctap_init()
diff --git a/fido2/ctap.h b/fido2/ctap.h
index 015b6be..c12c5b9 100644
--- a/fido2/ctap.h
+++ b/fido2/ctap.h
@@ -361,4 +361,6 @@ extern uint8_t KEY_AGREEMENT_PUB[64];
 
 void lock_device_permanently();
 
+void ctap_load_external_keys(uint8_t * keybytes);
+
 #endif