From f434d21f4a4be201d7c4fab3d459dec86d807d2c Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Fri, 3 Nov 2023 15:51:05 +0530
Subject: [PATCH] fix(ecdsa): remove unused k_mode from the ECDSA HAL/LL API

For ESP32-H2 case, the hardware k mode is always enforced through
efuse settings (done in startup code).

For ESP32-P4 case, the software k mode is not supported in the peripheral
itself and code was redundant.
---
 components/hal/ecdsa_hal.c                    |  7 +-----
 components/hal/esp32h2/include/hal/ecdsa_ll.h | 23 -------------------
 components/hal/esp32p4/include/hal/ecdsa_ll.h | 23 -------------------
 components/hal/include/hal/ecdsa_hal.h        |  4 +---
 components/hal/include/hal/ecdsa_types.h      |  8 -------
 .../test_apps/crypto/main/ecdsa/test_ecdsa.c  |  4 +---
 components/mbedtls/port/ecdsa/ecdsa_alt.c     |  4 +---
 7 files changed, 4 insertions(+), 69 deletions(-)

diff --git a/components/hal/ecdsa_hal.c b/components/hal/ecdsa_hal.c
index f0681dc830..3737e793ba 100644
--- a/components/hal/ecdsa_hal.c
+++ b/components/hal/ecdsa_hal.c
@@ -30,22 +30,17 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
     ecdsa_ll_set_curve(conf->curve);
 
     if (conf->mode != ECDSA_MODE_EXPORT_PUBKEY) {
-        ecdsa_ll_set_k_mode(conf->k_mode);
         ecdsa_ll_set_z_mode(conf->sha_mode);
     }
 }
 
-void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *k, const uint8_t *hash,
+void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
                             uint8_t *r_out, uint8_t *s_out, uint16_t len)
 {
     if (len != ECDSA_HAL_P192_COMPONENT_LEN && len != ECDSA_HAL_P256_COMPONENT_LEN) {
         HAL_ASSERT(false && "Incorrect length");
     }
 
-    if (conf->k_mode == ECDSA_K_USER_PROVIDED && k == NULL) {
-        HAL_ASSERT(false && "Mismatch in K configuration");
-    }
-
     if (conf->sha_mode == ECDSA_Z_USER_PROVIDED && hash == NULL) {
         HAL_ASSERT(false && "Mismatch in SHA configuration");
     }
diff --git a/components/hal/esp32h2/include/hal/ecdsa_ll.h b/components/hal/esp32h2/include/hal/ecdsa_ll.h
index fc1162603f..3e16b9726c 100644
--- a/components/hal/esp32h2/include/hal/ecdsa_ll.h
+++ b/components/hal/esp32h2/include/hal/ecdsa_ll.h
@@ -23,7 +23,6 @@ typedef enum {
     ECDSA_PARAM_R,
     ECDSA_PARAM_S,
     ECDSA_PARAM_Z,
-    ECDSA_PARAM_K,
     ECDSA_PARAM_QAX,
     ECDSA_PARAM_QAY
 } ecdsa_ll_param_t;
@@ -190,26 +189,6 @@ static inline void ecdsa_ll_set_curve(ecdsa_curve_t curve)
     }
 }
 
-/**
- * @brief Set the source of `K`
- *
- * @param mode Mode of K generation
- */
-static inline void ecdsa_ll_set_k_mode(ecdsa_k_mode_t mode)
-{
-    switch (mode) {
-        case ECDSA_K_USE_TRNG:
-            REG_CLR_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_K);
-            break;
-        case ECDSA_K_USER_PROVIDED:
-            REG_SET_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_K);
-            break;
-        default:
-            HAL_ASSERT(false && "Unsupported curve");
-            break;
-    }
-}
-
 /**
  * @brief Set the source of `Z` (SHA message)
  *
@@ -335,7 +314,6 @@ static inline void ecdsa_ll_write_param(ecdsa_ll_param_t param, const uint8_t *b
         case ECDSA_PARAM_Z:
             reg = ECDSA_Z_MEM;
             break;
-        case ECDSA_PARAM_K:
         case ECDSA_PARAM_QAX:
             reg = ECDSA_QAX_MEM;
             break;
@@ -373,7 +351,6 @@ static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uin
         case ECDSA_PARAM_Z:
             reg = ECDSA_Z_MEM;
             break;
-        case ECDSA_PARAM_K:
         case ECDSA_PARAM_QAX:
             reg = ECDSA_QAX_MEM;
             break;
diff --git a/components/hal/esp32p4/include/hal/ecdsa_ll.h b/components/hal/esp32p4/include/hal/ecdsa_ll.h
index 1d52bd4f9f..b30b078b41 100644
--- a/components/hal/esp32p4/include/hal/ecdsa_ll.h
+++ b/components/hal/esp32p4/include/hal/ecdsa_ll.h
@@ -23,7 +23,6 @@ typedef enum {
     ECDSA_PARAM_R,
     ECDSA_PARAM_S,
     ECDSA_PARAM_Z,
-    ECDSA_PARAM_K,
     ECDSA_PARAM_QAX,
     ECDSA_PARAM_QAY
 } ecdsa_ll_param_t;
@@ -199,26 +198,6 @@ static inline void ecdsa_ll_set_curve(ecdsa_curve_t curve)
     }
 }
 
-/**
- * @brief Set the source of `K`
- *
- * @param mode Mode of K generation
- */
-static inline void ecdsa_ll_set_k_mode(ecdsa_k_mode_t mode)
-{
-    switch (mode) {
-        case ECDSA_K_USE_TRNG:
-            REG_CLR_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_K);
-            break;
-        case ECDSA_K_USER_PROVIDED:
-            REG_SET_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_K);
-            break;
-        default:
-            HAL_ASSERT(false && "Unsupported curve");
-            break;
-    }
-}
-
 /**
  * @brief Set the source of `Z` (SHA message)
  *
@@ -344,7 +323,6 @@ static inline void ecdsa_ll_write_param(ecdsa_ll_param_t param, const uint8_t *b
         case ECDSA_PARAM_Z:
             reg = ECDSA_Z_MEM;
             break;
-        case ECDSA_PARAM_K:
         case ECDSA_PARAM_QAX:
             reg = ECDSA_QAX_MEM;
             break;
@@ -382,7 +360,6 @@ static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uin
         case ECDSA_PARAM_Z:
             reg = ECDSA_Z_MEM;
             break;
-        case ECDSA_PARAM_K:
         case ECDSA_PARAM_QAX:
             reg = ECDSA_QAX_MEM;
             break;
diff --git a/components/hal/include/hal/ecdsa_hal.h b/components/hal/include/hal/ecdsa_hal.h
index 9ce048f9e3..9798160019 100644
--- a/components/hal/include/hal/ecdsa_hal.h
+++ b/components/hal/include/hal/ecdsa_hal.h
@@ -27,7 +27,6 @@ extern "C" {
 typedef struct {
     ecdsa_mode_t mode;              /* Mode of operation */
     ecdsa_curve_t curve;            /* Curve to use for operation */
-    ecdsa_k_mode_t k_mode;          /* Source of K */
     ecdsa_sha_mode_t sha_mode;      /* Source of SHA that needs to be signed */
     int efuse_key_blk;              /* Efuse block to use as ECDSA key (The purpose of the efuse block must be ECDSA_KEY) */
     bool use_km_key;                /* Use an ECDSA key from the Key Manager peripheral */
@@ -37,13 +36,12 @@ typedef struct {
  * @brief Generate ECDSA signature
  *
  * @param conf Configuration for ECDSA operation, see ``ecdsa_hal_config_t``
- * @param k Value of K used internally. Set this to NULL if K is generated by hardware
  * @param hash Hash that is to be signed
  * @param r_out Buffer that will contain `R` component of ECDSA signature
  * @param s_out Buffer that will contain `S` component of ECDSA signature
  * @param len Length of the r_out and s_out buffer (32 bytes for SECP256R1, 24 for SECP192R1)
  */
-void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *k, const uint8_t *hash,
+void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
                             uint8_t *r_out, uint8_t *s_out, uint16_t len);
 
 /**
diff --git a/components/hal/include/hal/ecdsa_types.h b/components/hal/include/hal/ecdsa_types.h
index fa96fbdee7..8ef5636b49 100644
--- a/components/hal/include/hal/ecdsa_types.h
+++ b/components/hal/include/hal/ecdsa_types.h
@@ -26,14 +26,6 @@ typedef enum {
     ECDSA_CURVE_SECP256R1,
 } ecdsa_curve_t;
 
-/**
- * @brief Source of 'K' used internally for generating signature
- */
-typedef enum {
-    ECDSA_K_USE_TRNG,
-    ECDSA_K_USER_PROVIDED,
-} ecdsa_k_mode_t;
-
 /**
  * @brief Source of SHA message that is to be signed/verified
  */
diff --git a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
index 6b9c80c8a5..0c2363bdaa 100644
--- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
+++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
@@ -50,7 +50,6 @@ static int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*
 
     ecdsa_hal_config_t conf = {
         .mode = ECDSA_MODE_SIGN_VERIFY,
-        .k_mode = ECDSA_K_USE_TRNG,
         .sha_mode = ECDSA_Z_USER_PROVIDED,
     };
 
@@ -119,7 +118,6 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*
 
     ecdsa_hal_config_t conf = {
         .mode = ECDSA_MODE_SIGN_GEN,
-        .k_mode = ECDSA_K_USE_TRNG,
         .sha_mode = ECDSA_Z_USER_PROVIDED,
         .use_km_key = use_km_key,
     };
@@ -144,7 +142,7 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*
     ecdsa_enable_and_reset();
 
     do {
-        ecdsa_hal_gen_signature(&conf, NULL, sha_le, r_le, s_le, len);
+        ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
     } while(!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len));
 
     ecdsa_disable();
diff --git a/components/mbedtls/port/ecdsa/ecdsa_alt.c b/components/mbedtls/port/ecdsa/ecdsa_alt.c
index a4bef4dd5e..c0fc7c793b 100644
--- a/components/mbedtls/port/ecdsa/ecdsa_alt.c
+++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c
@@ -244,13 +244,12 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
         ecdsa_hal_config_t conf = {
             .mode = ECDSA_MODE_SIGN_GEN,
             .curve = curve,
-            .k_mode = ECDSA_K_USE_TRNG,
             .sha_mode = ECDSA_Z_USER_PROVIDED,
             .efuse_key_blk = d->MBEDTLS_PRIVATE(n),
             .use_km_key = 0, //TODO: IDF-7992
         };
 
-        ecdsa_hal_gen_signature(&conf, NULL, sha_le, r_le, s_le, len);
+        ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
     } while (!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len));
 
     esp_ecdsa_release_hardware();
@@ -470,7 +469,6 @@ static int esp_ecdsa_verify(mbedtls_ecp_group *grp,
     ecdsa_hal_config_t conf = {
         .mode = ECDSA_MODE_SIGN_VERIFY,
         .curve = curve,
-        .k_mode = ECDSA_K_USE_TRNG,
         .sha_mode = ECDSA_Z_USER_PROVIDED,
     };