diff --git a/components/mbedtls/port/esp_bignum.c b/components/mbedtls/port/esp_bignum.c index eb18988f49..3e1415059c 100644 --- a/components/mbedtls/port/esp_bignum.c +++ b/components/mbedtls/port/esp_bignum.c @@ -32,6 +32,7 @@ #include "esp_log.h" #include "esp_attr.h" #include "bignum_impl.h" +#include "soc/rsa_caps.h" #include @@ -301,7 +302,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi return mbedtls_mpi_lset(Z, 1); } - if (num_words * 32 > 4096) { + if (num_words * 32 > SOC_RSA_MAX_BIT_LEN) { return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; } @@ -403,8 +404,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi multiplication doesn't have the same restriction, so result is simply the number of bits in X plus number of bits in in Y.) */ - if (hw_words * 32 > 2048) { - if (z_words * 32 <= 4096) { + if (hw_words * 32 > SOC_RSA_MAX_BIT_LEN/2) { + if (z_words * 32 <= SOC_RSA_MAX_BIT_LEN) { /* Note: it's possible to use mpi_mult_mpi_overlong for this case as well, but it's very slightly slower and requires a memory allocation. diff --git a/components/soc/soc/esp32/include/soc/rsa_caps.h b/components/soc/soc/esp32/include/soc/rsa_caps.h new file mode 100644 index 0000000000..475dc4fe8b --- /dev/null +++ b/components/soc/soc/esp32/include/soc/rsa_caps.h @@ -0,0 +1,26 @@ +// Copyright 2020 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + + +#define SOC_RSA_MAX_BIT_LEN (4096) + +#ifdef __cplusplus +} +#endif diff --git a/components/soc/soc/esp32s2/include/soc/rsa_caps.h b/components/soc/soc/esp32s2/include/soc/rsa_caps.h new file mode 100644 index 0000000000..475dc4fe8b --- /dev/null +++ b/components/soc/soc/esp32s2/include/soc/rsa_caps.h @@ -0,0 +1,26 @@ +// Copyright 2020 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + + +#define SOC_RSA_MAX_BIT_LEN (4096) + +#ifdef __cplusplus +} +#endif diff --git a/components/soc/soc/esp32s3/include/soc/rsa_caps.h b/components/soc/soc/esp32s3/include/soc/rsa_caps.h new file mode 100644 index 0000000000..475dc4fe8b --- /dev/null +++ b/components/soc/soc/esp32s3/include/soc/rsa_caps.h @@ -0,0 +1,26 @@ +// Copyright 2020 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + + +#define SOC_RSA_MAX_BIT_LEN (4096) + +#ifdef __cplusplus +} +#endif