Merge pull request #4974 from kareem-wolfssl/iotsafe

IOTSafe workarounds
2022-03-28 13:49:44 -07:00
parent 25d5a624d2 52902f1d37
commit 12349f39e6
2 changed files with 39 additions and 4 deletions
--- a/IDE/iotsafe/user_settings.h
+++ b/IDE/iotsafe/user_settings.h
@ -110,6 +110,7 @@ static inline long XTIME(long *x) { return jiffies;}
 #define WOLFSSL_SP_SMALL
 #define WOLFSSL_HAVE_SP_DH
 #define WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_RSA
 #define SP_WORD_SIZE 32

 /* ECC */
--- a/wolfcrypt/src/port/iotsafe/iotsafe.c
+++ b/wolfcrypt/src/port/iotsafe/iotsafe.c
@ -440,9 +440,13 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
 {
    char *resp;
    int ret;
-    char *filesz_s;
-    int file_sz = 0;
    uint16_t off = 0;
+#ifdef IOTSAFE_NO_GETDATA
+    int file_sz = max_size;
+#else
+    int file_sz = 0;
+    char *filesz_s;
+
    iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GETDATA,
            IOTSAFE_GETDATA_FILE, 0);
    iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_FILE_ID, file_id_sz, file_id);
@ -471,6 +475,7 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
        WOLFSSL_MSG("iotsafe_readfile: insufficient space in buffer");
        return -1;
    }
+#endif

    while (off < file_sz) {
        byte off_p1, off_p2;
@ -488,11 +493,29 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
                return -1;
            }
            off += ret/2;
+#ifdef IOTSAFE_NO_GETDATA
+            if (XSTRNCMP(&resp[ret-4], "0000", 4) == 0) {
+                /* Strip trailing zeros */
+                int idx = 0;
+                for (idx = 0; idx < off-1; idx+=2) {
+                    if (content[idx] == 0 && content[idx+1] == 0) {
+                        off = idx;
+#ifdef DEBUG_IOTSAFE
+                        WOLFSSL_MSG("Stripped trailing zeros from cert buffer.");
+                        WOLFSSL_BUFFER(content, off);
+#endif
+                        break;
+                    }
+                }
+                break;
+            }
+#endif
        } else {
            WOLFSSL_MSG("IoTSafe: Error reading file.");
            return -1;
        }
    }
+
    return off;
 }

@ -859,7 +882,17 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
            byte sig_hdr[3];
            if (hex_to_bytes(resp, sig_hdr, 3) < 0) {
               ret = BAD_FUNC_ARG;
-            } else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
+            }
+#ifdef IOTSAFE_SIG_8BIT_LENGTH
+            else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
+                       (sig_hdr[1] == 2 * IOTSAFE_ECC_KSIZE)) {
+                XSTRNCPY(R, resp + 4, IOTSAFE_ECC_KSIZE * 2);
+                XSTRNCPY(S, resp + 4 + IOTSAFE_ECC_KSIZE * 2,
+                        IOTSAFE_ECC_KSIZE * 2);
+                ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
+            }
+#endif
+            else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
                       (sig_hdr[1] == 0) &&
                       (sig_hdr[2] == 2 * IOTSAFE_ECC_KSIZE)) {
                XSTRNCPY(R, resp + 6, IOTSAFE_ECC_KSIZE * 2);
@ -868,9 +901,10 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
                ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
            } else {
                ret = WC_HW_E;
+                WOLFSSL_MSG("Invalid response from EC sign update");
            }
        } else {
-            WOLFSSL_MSG("Invalid response from EC sign update");
+            WOLFSSL_MSG("Invalid/no response from EC sign update");
        }

        /* Terminate sign/sign session. */