feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4974 from kareem-wolfssl/iotsafe

Browse Source 
IOTSafe workarounds
This commit is contained in:
David Garske
2022-03-28 13:49:44 -07:00
committed by GitHub
parent 25d5a624d2 52902f1d37
commit 12349f39e6
2 changed files with 39 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
IDE/iotsafe/user_settings.h
View File

@ -110,6 +110,7 @@ static inline long XTIME(long *x) { return jiffies;}
#define WOLFSSL_SP_SMALL #define WOLFSSL_SP_SMALL
#define WOLFSSL_HAVE_SP_DH #define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC #define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_HAVE_SP_RSA
#define SP_WORD_SIZE 32 #define SP_WORD_SIZE 32
/* ECC */ /* ECC */

42
wolfcrypt/src/port/iotsafe/iotsafe.c
View File

@ -440,9 +440,13 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
{ {
char *resp; char *resp;
int ret; int ret;
char *filesz_s;
int file_sz = 0;
uint16_t off = 0; uint16_t off = 0;
#ifdef IOTSAFE_NO_GETDATA
int file_sz = max_size;
#else
int file_sz = 0;
char *filesz_s;
iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GETDATA, iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GETDATA,
IOTSAFE_GETDATA_FILE, 0); IOTSAFE_GETDATA_FILE, 0);
iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_FILE_ID, file_id_sz, file_id); iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_FILE_ID, file_id_sz, file_id);
@ -471,6 +475,7 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
WOLFSSL_MSG("iotsafe_readfile: insufficient space in buffer"); WOLFSSL_MSG("iotsafe_readfile: insufficient space in buffer");
return -1; return -1;
} }
#endif
while (off < file_sz) { while (off < file_sz) {
byte off_p1, off_p2; byte off_p1, off_p2;
@ -488,11 +493,29 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
return -1; return -1;
} }
off += ret/2; off += ret/2;
#ifdef IOTSAFE_NO_GETDATA
if (XSTRNCMP(&resp[ret-4], "0000", 4) == 0) {
/* Strip trailing zeros */
int idx = 0;
for (idx = 0; idx < off-1; idx+=2) {
if (content[idx] == 0 && content[idx+1] == 0) {
off = idx;
#ifdef DEBUG_IOTSAFE
WOLFSSL_MSG("Stripped trailing zeros from cert buffer.");
WOLFSSL_BUFFER(content, off);
#endif
break;
}
}
break;
}
#endif
} else { } else {
WOLFSSL_MSG("IoTSafe: Error reading file."); WOLFSSL_MSG("IoTSafe: Error reading file.");
return -1; return -1;
} }
} }
return off; return off;
} }
@ -859,7 +882,17 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
byte sig_hdr[3]; byte sig_hdr[3];
if (hex_to_bytes(resp, sig_hdr, 3) < 0) { if (hex_to_bytes(resp, sig_hdr, 3) < 0) {
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
} else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) && }
#ifdef IOTSAFE_SIG_8BIT_LENGTH
else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
(sig_hdr[1] == 2 * IOTSAFE_ECC_KSIZE)) {
XSTRNCPY(R, resp + 4, IOTSAFE_ECC_KSIZE * 2);
XSTRNCPY(S, resp + 4 + IOTSAFE_ECC_KSIZE * 2,
IOTSAFE_ECC_KSIZE * 2);
ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
}
#endif
else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
(sig_hdr[1] == 0) && (sig_hdr[1] == 0) &&
(sig_hdr[2] == 2 * IOTSAFE_ECC_KSIZE)) { (sig_hdr[2] == 2 * IOTSAFE_ECC_KSIZE)) {
XSTRNCPY(R, resp + 6, IOTSAFE_ECC_KSIZE * 2); XSTRNCPY(R, resp + 6, IOTSAFE_ECC_KSIZE * 2);
@ -868,9 +901,10 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
ret = wc_ecc_rs_to_sig(R, S, signature, sigLen); ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
} else { } else {
ret = WC_HW_E; ret = WC_HW_E;
WOLFSSL_MSG("Invalid response from EC sign update");
} }
} else { } else {
WOLFSSL_MSG("Invalid response from EC sign update"); WOLFSSL_MSG("Invalid/no response from EC sign update");
} }
/* Terminate sign/sign session. */ /* Terminate sign/sign session. */