feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Support for crypto hardware on ECC sign using Crypto_EccSign.

Browse Source
This commit is contained in:
David Garske
2017-12-19 12:51:45 -08:00
parent d6472c7f71
commit c0f2a0c77b
2 changed files with 59 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
wolfcrypt/src/ecc.c
View File

@@ -3390,6 +3390,10 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
XMEMSET(key, 0, sizeof(ecc_key));
key->state = ECC_STATE_NONE;
#ifdef PLUTON_CRYPTO_ECC
key->devId = devId;
#endif
#ifdef WOLFSSL_ATECC508A
key->slot = atmel_ecc_alloc();
if (key->slot == ATECC_INVALID_SLOT) {
@@ -3485,41 +3489,61 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
break;
}
#ifdef WOLFSSL_ATECC508A
/* Check args */
if (inlen != ATECC_KEY_SIZE || *outlen < SIGN_RSP_SIZE) {
return ECC_BAD_ARG_E;
}
/* hardware crypto */
#if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC)
#ifdef PLUTON_CRYPTO_ECC
if (key->devId != INVALID_DEVID) /* use hardware */
#endif
{
/* Check args */
if ( inlen != ECC_MAX_CRYPTO_HW_SIZE ||
*outlen < ECC_MAX_CRYPTO_HW_SIZE*2) {
return ECC_BAD_ARG_E;
}
/* Sign: Result is 32-bytes of R then 32-bytes of S */
err = atcatls_sign(key->slot, in, out);
if (err != ATCA_SUCCESS) {
return BAD_COND_E;
}
#if defined(WOLFSSL_ATECC508A)
/* Sign: Result is 32-bytes of R then 32-bytes of S */
err = atcatls_sign(key->slot, in, out);
if (err != ATCA_SUCCESS) {
return BAD_COND_E;
}
#elif defined(PLUTON_CRYPTO_ECC)
/* perform ECC sign */
err = Crypto_EccSign(in, inlen, out, &outlen);
if (err != CRYPTO_RES_SUCCESS) {
return BAD_COND_E;
}
#endif
/* Load R and S */
err = mp_read_unsigned_bin(r, &out[0], ATECC_KEY_SIZE);
if (err != MP_OKAY) {
return err;
}
err = mp_read_unsigned_bin(s, &out[ATECC_KEY_SIZE], ATECC_KEY_SIZE);
if (err != MP_OKAY) {
return err;
}
/* Load R and S */
err = mp_read_unsigned_bin(r, &out[0], ECC_MAX_CRYPTO_HW_SIZE);
if (err != MP_OKAY) {
return err;
}
err = mp_read_unsigned_bin(s, &out[ECC_MAX_CRYPTO_HW_SIZE],
ECC_MAX_CRYPTO_HW_SIZE);
if (err != MP_OKAY) {
return err;
}
/* Check for zeros */
if (mp_iszero(r) || mp_iszero(s)) {
return MP_ZERO_E;
/* Check for zeros */
if (mp_iszero(r) || mp_iszero(s)) {
return MP_ZERO_E;
}
}
#ifdef PLUTON_CRYPTO_ECC
else {
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, r, s);
}
#endif
#else
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, r, s);
#endif
if (err < 0) {
break;
}
#endif /* WOLFSSL_ATECC508A */
FALL_THROUGH;
case ECC_STATE_SIGN_ENCODE:

12
wolfssl/wolfcrypt/ecc.h
View File

@@ -109,7 +109,14 @@ enum {
ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */
ECC_MAX_OID_LEN = 16,
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ)
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
#elif defined(PLUTON_CRYPTO_ECC)
ECC_MAX_CRYPTO_HW_SIZE = 32,
#endif
};
/* Curve Types */
@@ -291,6 +298,9 @@ struct ecc_key {
int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[PUB_KEY_SIZE];
#endif
#ifdef PLUTON_CRYPTO_ECC
int devId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */
mp_int* s;