wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4066 from dgarske/stm_pka

Browse Source 
Fixes for STM32 PKA with ECC
This commit is contained in:
Sean Parkinson
2021-06-15 08:33:50 +10:00
committed by GitHub
parent 77df7d8630 2ffc0a8392
commit 07784e9f56
4 changed files with 30 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wolfcrypt/src/asn.c
View File

@@ -7706,7 +7706,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
} }
if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa, if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
keySz)) != 0) { keySz)) != 0) {
WOLFSSL_MSG("ASN Key decode error RSA"); WOLFSSL_MSG("ASN Key decode error DSA");
goto exit_cs; goto exit_cs;
} }
if (sigSz != DSA_SIG_SIZE) { if (sigSz != DSA_SIG_SIZE) {

3
wolfcrypt/src/ecc.c
View File

@@ -6818,6 +6818,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
} }
#endif /* !NO_ASN */ #endif /* !NO_ASN */
#if !defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_PSOC6_CRYPTO)
static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s) static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
{ {
int err = MP_OKAY; int err = MP_OKAY;
@@ -6846,6 +6847,8 @@ static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
FREE_CURVE_SPECS(); FREE_CURVE_SPECS();
return err; return err;
} }
#endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */
/** /**
Verify an ECC signature Verify an ECC signature

45
wolfcrypt/src/port/st/stm32.c
View File

@@ -386,19 +386,19 @@ extern PKA_HandleTypeDef hpka;
* and mp_int has only 31 bytes, we add leading zeros * and mp_int has only 31 bytes, we add leading zeros
* so that result array has 32 bytes, same as modulus (sz). * so that result array has 32 bytes, same as modulus (sz).
*/ */
static int stm32_get_from_mp_int(uint8_t *dst, mp_int *a, int sz) static int stm32_get_from_mp_int(uint8_t *dst, const mp_int *a, int sz)
{ {
int res; int res;
int szbin; int szbin;
int offset; int offset;
if (!a || !dst || (sz < 0)) if (a == NULL || dst == NULL || sz < 0)
return -1; return BAD_FUNC_ARG;
/* check how many bytes are in the mp_int */ /* check how many bytes are in the mp_int */
szbin = mp_unsigned_bin_size(a); szbin = mp_unsigned_bin_size(a);
if ((szbin < 0) || (szbin > sz)) if (szbin < 0 || szbin > sz)
return -1; return BUFFER_E;
/* compute offset from dst */ /* compute offset from dst */
offset = sz - szbin; offset = sz - szbin;
@@ -412,7 +412,7 @@ static int stm32_get_from_mp_int(uint8_t *dst, mp_int *a, int sz)
XMEMSET(dst, 0, offset); XMEMSET(dst, 0, offset);
/* convert mp_int to array of bytes */ /* convert mp_int to array of bytes */
res = mp_to_unsigned_bin(a, dst + offset); res = mp_to_unsigned_bin((mp_int*)a, dst + offset);
return res; return res;
} }
@@ -463,7 +463,6 @@ static const uint8_t stm32_ecc192_order[ECC192_KEYSIZE] = {
0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xDE, 0xF8, 0x36, 0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xDE, 0xF8, 0x36,
0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31
}; };
static const uint32_t stm32_ecc192_cofactor = 1U;
#endif /* ECC192 */ #endif /* ECC192 */
/* P-224 */ /* P-224 */
@@ -500,8 +499,6 @@ static const uint8_t stm32_ecc224_order[ECC224_KEYSIZE] = {
0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
0x5C, 0x5C, 0x2A, 0x3D 0x5C, 0x5C, 0x2A, 0x3D
}; };
static const uint32_t stm32_ecc224_cofactor = 1U;
#endif /* ECC224 */ #endif /* ECC224 */
/* P-256 */ /* P-256 */
@@ -538,8 +535,6 @@ static const uint8_t stm32_ecc256_order[ECC256_KEYSIZE] = {
0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84,
0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
}; };
static const uint32_t stm32_ecc256_cofactor = 1U;
#endif /* ECC256 */ #endif /* ECC256 */
/* P-384 */ /* P-384 */
@@ -586,7 +581,6 @@ static const uint8_t stm32_ecc384_order[ECC384_KEYSIZE] = {
0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A, 0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A,
0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
}; };
static const uint32_t stm32_ecc384_cofactor = 1U;
#endif /* ECC384 */ #endif /* ECC384 */
static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef, static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
@@ -600,7 +594,7 @@ static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
*GenPointX = stm32_ecc256_pointX; *GenPointX = stm32_ecc256_pointX;
*GenPointY = stm32_ecc256_pointY; *GenPointY = stm32_ecc256_pointY;
*coef_sign = &stm32_ecc256_coef_sign; *coef_sign = &stm32_ecc256_coef_sign;
*order = stm32_ecc256_order; if (order) *order = stm32_ecc256_order;
break; break;
#ifdef ECC224 #ifdef ECC224
case 28: case 28:
@@ -609,7 +603,7 @@ static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
*GenPointX = stm32_ecc224_pointX; *GenPointX = stm32_ecc224_pointX;
*GenPointY = stm32_ecc224_pointY; *GenPointY = stm32_ecc224_pointY;
*coef_sign = &stm32_ecc224_coef; *coef_sign = &stm32_ecc224_coef;
*order = stm32_ecc224_order; if (order) *order = stm32_ecc224_order;
break; break;
#endif #endif
#ifdef ECC192 #ifdef ECC192
@@ -619,7 +613,7 @@ static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
*GenPointX = stm32_ecc192_pointX; *GenPointX = stm32_ecc192_pointX;
*GenPointY = stm32_ecc192_pointY; *GenPointY = stm32_ecc192_pointY;
*coef_sign = &stm32_ecc192_coef; *coef_sign = &stm32_ecc192_coef;
*order = stm32_ecc192_order; if (order) *order = stm32_ecc192_order;
break; break;
#endif #endif
#ifdef ECC384 #ifdef ECC384
@@ -629,11 +623,11 @@ static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
*GenPointX = stm32_ecc384_pointX; *GenPointX = stm32_ecc384_pointX;
*GenPointY = stm32_ecc384_pointY; *GenPointY = stm32_ecc384_pointY;
*coef_sign = &stm32_ecc384_coef; *coef_sign = &stm32_ecc384_coef;
*order = stm32_ecc384_order; if (order) *order = stm32_ecc384_order;
break; break;
#endif #endif
default: default:
return -1; return NOT_COMPILED_IN;
} }
return 0; return 0;
} }
@@ -664,7 +658,7 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
uint8_t kbin[STM32_MAX_ECC_SIZE]; uint8_t kbin[STM32_MAX_ECC_SIZE];
uint8_t PtXbin[STM32_MAX_ECC_SIZE]; uint8_t PtXbin[STM32_MAX_ECC_SIZE];
uint8_t PtYbin[STM32_MAX_ECC_SIZE]; uint8_t PtYbin[STM32_MAX_ECC_SIZE];
const uint8_t *prime, *coef, *gen_x, *gen_y, *order; const uint8_t *prime, *coef, *gen_x, *gen_y;
const uint32_t *coef_sign; const uint32_t *coef_sign;
(void)a; (void)a;
(void)heap; (void)heap;
@@ -691,10 +685,9 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
size = (uint8_t)szModulus; size = (uint8_t)szModulus;
/* find STM32_PKA friendly parameters for the selected curve */ /* find STM32_PKA friendly parameters for the selected curve */
if (0 != stm32_get_ecc_specs(&prime, &coef, &coef_sign, &gen_x, &gen_y, &order, size)) { if (0 != stm32_get_ecc_specs(&prime, &coef, &coef_sign, &gen_x, &gen_y, NULL, size)) {
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
} }
(void)order;
pka_mul.modulusSize = szModulus; pka_mul.modulusSize = szModulus;
pka_mul.coefSign = *coef_sign; pka_mul.coefSign = *coef_sign;
@@ -737,6 +730,16 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, heap); return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, heap);
} }
int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct)
{
/* this is handled in hardware, so no projective mapping needed */
(void)P;
(void)modulus;
(void)mp;
(void)ct;
return MP_OKAY;
}
int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key) word32 hashlen, int* res, ecc_key* key)
{ {
@@ -826,7 +829,7 @@ int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
const uint8_t *prime, *coef, *gen_x, *gen_y, *order; const uint8_t *prime, *coef, *gen_x, *gen_y, *order;
const uint32_t *coef_sign; const uint32_t *coef_sign;
XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSASignInTypeDef)); XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSASignInTypeDef));
XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSASignOutTypeDef)); XMEMSET(&pka_ecc_out, 0x00, sizeof(PKA_ECDSASignOutTypeDef));
if (r == NULL || s == NULL || hash == NULL || key == NULL) { if (r == NULL || s == NULL || hash == NULL || key == NULL) {
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;

4
wolfcrypt/src/random.c
View File

@@ -1964,7 +1964,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
((wolfssl_word)&output[i] % sizeof(word32)) != 0 ((wolfssl_word)&output[i] % sizeof(word32)) != 0
) { ) {
/* Single byte at a time */ /* Single byte at a time */
word32 tmpRng = 0; uint32_t tmpRng = 0;
if (HAL_RNG_GenerateRandomNumber(&hrng, &tmpRng) != HAL_OK) { if (HAL_RNG_GenerateRandomNumber(&hrng, &tmpRng) != HAL_OK) {
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
return RAN_BLOCK_E; return RAN_BLOCK_E;
@@ -1973,7 +1973,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
} }
else { else {
/* Use native 32 instruction */ /* Use native 32 instruction */
if (HAL_RNG_GenerateRandomNumber(&hrng, (word32*)&output[i]) != HAL_OK) { if (HAL_RNG_GenerateRandomNumber(&hrng, (uint32_t*)&output[i]) != HAL_OK) {
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
return RAN_BLOCK_E; return RAN_BLOCK_E;
} }