feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Support for crypto hardware on ECC sign using Crypto_EccSign.

Browse Source
This commit is contained in:
David Garske
2017-12-19 12:51:45 -08:00
parent d6472c7f71
commit c0f2a0c77b
2 changed files with 59 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
wolfcrypt/src/ecc.c
View File

@@ -3390,6 +3390,10 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
XMEMSET(key, 0, sizeof(ecc_key)); XMEMSET(key, 0, sizeof(ecc_key));
key->state = ECC_STATE_NONE; key->state = ECC_STATE_NONE;
#ifdef PLUTON_CRYPTO_ECC
key->devId = devId;
#endif
#ifdef WOLFSSL_ATECC508A #ifdef WOLFSSL_ATECC508A
key->slot = atmel_ecc_alloc(); key->slot = atmel_ecc_alloc();
if (key->slot == ATECC_INVALID_SLOT) { if (key->slot == ATECC_INVALID_SLOT) {
@@ -3485,41 +3489,61 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
break; break;
} }
#ifdef WOLFSSL_ATECC508A /* hardware crypto */
/* Check args */ #if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC)
if (inlen != ATECC_KEY_SIZE || *outlen < SIGN_RSP_SIZE) { #ifdef PLUTON_CRYPTO_ECC
return ECC_BAD_ARG_E; if (key->devId != INVALID_DEVID) /* use hardware */
} #endif
{
/* Check args */
if ( inlen != ECC_MAX_CRYPTO_HW_SIZE ||
*outlen < ECC_MAX_CRYPTO_HW_SIZE*2) {
return ECC_BAD_ARG_E;
}
/* Sign: Result is 32-bytes of R then 32-bytes of S */ #if defined(WOLFSSL_ATECC508A)
err = atcatls_sign(key->slot, in, out); /* Sign: Result is 32-bytes of R then 32-bytes of S */
if (err != ATCA_SUCCESS) { err = atcatls_sign(key->slot, in, out);
return BAD_COND_E; if (err != ATCA_SUCCESS) {
} return BAD_COND_E;
}
#elif defined(PLUTON_CRYPTO_ECC)
/* perform ECC sign */
err = Crypto_EccSign(in, inlen, out, &outlen);
if (err != CRYPTO_RES_SUCCESS) {
return BAD_COND_E;
}
#endif
/* Load R and S */ /* Load R and S */
err = mp_read_unsigned_bin(r, &out[0], ATECC_KEY_SIZE); err = mp_read_unsigned_bin(r, &out[0], ECC_MAX_CRYPTO_HW_SIZE);
if (err != MP_OKAY) { if (err != MP_OKAY) {
return err; return err;
} }
err = mp_read_unsigned_bin(s, &out[ATECC_KEY_SIZE], ATECC_KEY_SIZE); err = mp_read_unsigned_bin(s, &out[ECC_MAX_CRYPTO_HW_SIZE],
if (err != MP_OKAY) { ECC_MAX_CRYPTO_HW_SIZE);
return err; if (err != MP_OKAY) {
} return err;
}
/* Check for zeros */ /* Check for zeros */
if (mp_iszero(r) || mp_iszero(s)) { if (mp_iszero(r) || mp_iszero(s)) {
return MP_ZERO_E; return MP_ZERO_E;
}
} }
#ifdef PLUTON_CRYPTO_ECC
else {
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, r, s);
}
#endif
#else #else
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, r, s); err = wc_ecc_sign_hash_ex(in, inlen, rng, key, r, s);
#endif
if (err < 0) { if (err < 0) {
break; break;
} }
#endif /* WOLFSSL_ATECC508A */
FALL_THROUGH; FALL_THROUGH;
case ECC_STATE_SIGN_ENCODE: case ECC_STATE_SIGN_ENCODE:

12
wolfssl/wolfcrypt/ecc.h
View File

@@ -109,7 +109,14 @@ enum {
ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */ ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */
ECC_MAX_OID_LEN = 16, ECC_MAX_OID_LEN = 16,
ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ) ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ),
/* max crypto hardware size */
#ifdef WOLFSSL_ATECC508A
ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
#elif defined(PLUTON_CRYPTO_ECC)
ECC_MAX_CRYPTO_HW_SIZE = 32,
#endif
}; };
/* Curve Types */ /* Curve Types */
@@ -291,6 +298,9 @@ struct ecc_key {
int slot; /* Key Slot Number (-1 unknown) */ int slot; /* Key Slot Number (-1 unknown) */
byte pubkey_raw[PUB_KEY_SIZE]; byte pubkey_raw[PUB_KEY_SIZE];
#endif #endif
#ifdef PLUTON_CRYPTO_ECC
int devId;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
mp_int* r; /* sign/verify temps */ mp_int* r; /* sign/verify temps */
mp_int* s; mp_int* s;