feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Explicitly log an invalid digest in DS data

Browse Source
This commit is contained in:
Nathan Phillips
2022-12-01 16:45:03 +00:00
parent 057f5cb120
commit 260fd5c5a5
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c
View File

@@ -69,6 +69,7 @@ esp_err_t esp_ds_init_data_ctx(esp_ds_data_ctx_t *ds_data)
return ESP_FAIL; return ESP_FAIL;
} }
s_ds_data = ds_data->esp_ds_data; s_ds_data = ds_data->esp_ds_data;
ESP_LOGD(TAG, "Using DS with key block %u, RSA length %u", ds_data->efuse_key_id, ds_data->rsa_length_bits);
s_esp_ds_hmac_key_id = (hmac_key_id_t) ds_data->efuse_key_id; s_esp_ds_hmac_key_id = (hmac_key_id_t) ds_data->efuse_key_id;
const unsigned rsa_length_int = (ds_data->rsa_length_bits / 32) - 1; const unsigned rsa_length_int = (ds_data->rsa_length_bits / 32) - 1;
@@ -251,7 +252,11 @@ int esp_ds_rsa_sign( void *ctx,
ds_r = esp_ds_finish_sign((void *)signature, esp_ds_ctx); ds_r = esp_ds_finish_sign((void *)signature, esp_ds_ctx);
if (ds_r != ESP_OK) { if (ds_r != ESP_OK) {
ESP_LOGE(TAG, "Error in esp_ds_finish sign, returned %d ", ds_r); if (ds_r == ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST) {
ESP_LOGE(TAG, "Invalid digest in DS data reported by esp_ds_finish_sign");
} else {
ESP_LOGE(TAG, "Error in esp_ds_finish_sign, returned %d ", ds_r);
}
heap_caps_free(signature); heap_caps_free(signature);
return -1; return -1;
} }