From 85186042c35614428db862cb905d0974bfab83af Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Thu, 28 Mar 2024 17:51:27 +0530 Subject: [PATCH] feat(hal/ecdsa): Add HAL API for operation successful check --- components/hal/ecdsa_hal.c | 7 +++++- components/hal/esp32h2/include/hal/ecdsa_ll.h | 12 ++++------ components/hal/esp32p4/include/hal/ecdsa_ll.h | 10 ++++---- components/hal/include/hal/ecdsa_hal.h | 10 +++++++- .../test_apps/crypto/main/ecdsa/test_ecdsa.c | 24 ++++++++++++++++--- components/mbedtls/port/ecdsa/ecdsa_alt.c | 18 ++++++++++++-- 6 files changed, 61 insertions(+), 20 deletions(-) diff --git a/components/hal/ecdsa_hal.c b/components/hal/ecdsa_hal.c index 3737e793ba..ce94685db5 100644 --- a/components/hal/ecdsa_hal.c +++ b/components/hal/ecdsa_hal.c @@ -34,6 +34,11 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf) } } +bool ecdsa_hal_get_operation_result(void) +{ + return ecdsa_ll_get_operation_result(); +} + void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, uint8_t *r_out, uint8_t *s_out, uint16_t len) { @@ -106,7 +111,7 @@ int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, co ; } - int res = ecdsa_ll_get_verification_result(); + bool res = ecdsa_hal_get_operation_result(); return (res ? 0 : -1); } diff --git a/components/hal/esp32h2/include/hal/ecdsa_ll.h b/components/hal/esp32h2/include/hal/ecdsa_ll.h index 3e16b9726c..393d5392fc 100644 --- a/components/hal/esp32h2/include/hal/ecdsa_ll.h +++ b/components/hal/esp32h2/include/hal/ecdsa_ll.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -296,7 +296,7 @@ static inline bool ecdsa_ll_sha_is_busy(void) /** * @brief Write the ECDSA parameter * - * @param param Parameter to be writen + * @param param Parameter to be written * @param buf Buffer containing data * @param len Length of buffer */ @@ -366,14 +366,12 @@ static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uin } /** - * @brief Get result of ECDSA verification operation + * @brief Check if the ECDSA operation is successful * - * This is only valid for ECDSA verify mode - * - * @return - 1, if signature verification succeeds + * @return - 1, if ECDSA operation succeeds * - 0, otherwise */ -static inline int ecdsa_ll_get_verification_result(void) +static inline int ecdsa_ll_get_operation_result(void) { return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_OPERATION_RESULT); } diff --git a/components/hal/esp32p4/include/hal/ecdsa_ll.h b/components/hal/esp32p4/include/hal/ecdsa_ll.h index b30b078b41..aab40dcbc2 100644 --- a/components/hal/esp32p4/include/hal/ecdsa_ll.h +++ b/components/hal/esp32p4/include/hal/ecdsa_ll.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -375,14 +375,12 @@ static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uin } /** - * @brief Get result of ECDSA verification operation + * @brief Check if the ECDSA operation is successful * - * This is only valid for ECDSA verify mode - * - * @return - 1, if signature verification succeeds + * @return - 1, if ECDSA operation succeeds * - 0, otherwise */ -static inline int ecdsa_ll_get_verification_result(void) +static inline int ecdsa_ll_get_operation_result(void) { return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_OPERATION_RESULT); } diff --git a/components/hal/include/hal/ecdsa_hal.h b/components/hal/include/hal/ecdsa_hal.h index 9798160019..087bdab05b 100644 --- a/components/hal/include/hal/ecdsa_hal.h +++ b/components/hal/include/hal/ecdsa_hal.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -73,6 +73,14 @@ int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, co void ecdsa_hal_export_pubkey(ecdsa_hal_config_t *conf, uint8_t *pub_x, uint8_t *pub_y, uint16_t len); #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */ +/** + * @brief Check if the ECDSA operation is successful + * + * @return - true, if the ECDSA operation is successful + * - false, if the ECDSA operation fails + */ +bool ecdsa_hal_get_operation_result(void); + #ifdef __cplusplus } #endif diff --git a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c index 0c2363bdaa..1d2ac0fa85 100644 --- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c +++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c @@ -80,7 +80,7 @@ static void test_ecdsa_corrupt_data(bool is_p256, uint8_t* sha, uint8_t* r_le, u len = 24; } - // Randomly select a bit and corrupt its correpsonding value + // Randomly select a bit and corrupt its corresponding value uint16_t r_bit = esp_random() % len * 8; printf("Corrupting SHA bit %d...\n", r_bit); @@ -141,9 +141,16 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* ecdsa_enable_and_reset(); + bool process_again = false; + do { ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len); - } while(!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len)); + + process_again = !ecdsa_hal_get_operation_result() + || !memcmp(r_le, zeroes, len) + || !memcmp(s_le, zeroes, len); + + } while(process_again); ecdsa_disable(); } @@ -162,6 +169,7 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key) { uint8_t pub_x[32] = {0}; uint8_t pub_y[32] = {0}; + uint8_t zeroes[32] = {0}; uint16_t len; ecdsa_hal_config_t conf = { @@ -184,7 +192,17 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key) } ecdsa_enable_and_reset(); - ecdsa_hal_export_pubkey(&conf, pub_x, pub_y, len); + + bool process_again = false; + + do { + ecdsa_hal_export_pubkey(&conf, pub_x, pub_y, len); + + process_again = !ecdsa_hal_get_operation_result() + || !memcmp(pub_x, zeroes, len) + || !memcmp(pub_y, zeroes, len); + + } while (process_again); if (is_p256) { TEST_ASSERT_EQUAL_HEX8_ARRAY(ecdsa256_pub_x, pub_x, len); diff --git a/components/mbedtls/port/ecdsa/ecdsa_alt.c b/components/mbedtls/port/ecdsa/ecdsa_alt.c index c0fc7c793b..a69bb8cc57 100644 --- a/components/mbedtls/port/ecdsa/ecdsa_alt.c +++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c @@ -91,9 +91,16 @@ int esp_ecdsa_load_pubkey(mbedtls_ecp_keypair *keypair, int efuse_blk) esp_ecdsa_acquire_hardware(); + bool process_again = false; + do { ecdsa_hal_export_pubkey(&conf, qx_le, qy_le, len); - } while (!memcmp(qx_le, zeroes, len) || !memcmp(qy_le, zeroes, len)); + + process_again = !ecdsa_hal_get_operation_result() + || !memcmp(qx_le, zeroes, len) + || !memcmp(qy_le, zeroes, len); + + } while (process_again); esp_ecdsa_release_hardware(); @@ -240,6 +247,8 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s esp_ecdsa_acquire_hardware(); + bool process_again = false; + do { ecdsa_hal_config_t conf = { .mode = ECDSA_MODE_SIGN_GEN, @@ -250,7 +259,12 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s }; ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len); - } while (!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len)); + + process_again = !ecdsa_hal_get_operation_result() + || !memcmp(r_le, zeroes, len) + || !memcmp(s_le, zeroes, len); + + } while (process_again); esp_ecdsa_release_hardware();