diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 111e9fe87..97f0acf22 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -4720,7 +4720,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, err = NOT_COMPILED_IN; } #elif defined(WOLFSSL_SE050) - err = se050_ecc_create_key(key, curve_id, keysize); + err = se050_ecc_create_key(key, key->dp->id, key->dp->size); key->type = ECC_PRIVATEKEY; #elif defined(WOLFSSL_CRYPTOCELL) @@ -5239,10 +5239,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen, (void)rng; #elif defined(WOLFSSL_SE050) err = se050_ecc_sign_hash_ex(in, inlen, out, outlen, key); - if (err == 0) - err = DecodeECC_DSA_Sig(out, *outlen, r, s); - - return err; + (void)rng; #endif /* Load R and S */ @@ -7032,11 +7029,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, #elif defined(WOLFSSL_KCAPI_ECC) byte sigRS[MAX_ECC_BYTES*2]; #elif defined(WOLFSSL_SE050) - #ifdef WOLFSSL_SMALL_STACK - byte* sigRS = NULL; - #else - byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2]; - #endif + byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2]; #elif !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC) int did_init = 0; ecc_point *mG = NULL, *mQ = NULL; @@ -7098,7 +7091,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, } #endif -#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) +#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \ + defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \ + defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050) /* Extract R and S */ err = mp_to_unsigned_bin(r, &sigRS[0]); if (err != MP_OKAY) { @@ -7109,6 +7104,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, return err; } +#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) err = atmel_ecc_verify(hash, sigRS, key->pubkey_raw, res); if (err != 0) { return err; @@ -7116,17 +7112,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, (void)hashlen; #elif defined(WOLFSSL_CRYPTOCELL) - /* Extract R and S */ - - err = mp_to_unsigned_bin(r, &sigRS[0]); - if (err != MP_OKAY) { - return err; - } - err = mp_to_unsigned_bin(s, &sigRS[keySz]); - if (err != MP_OKAY) { - return err; - } - /* truncate if hash is longer than key size */ if (msgLenInBytes > keySz) { msgLenInBytes = keySz; @@ -7153,69 +7138,18 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, /* valid signature if we get to this point */ *res = 1; #elif defined(WOLFSSL_SILABS_SE_ACCEL) - /* Extract R and S */ - - err = mp_to_unsigned_bin(r, &sigRS[0]); - if (err != MP_OKAY) { - return err; - } - err = mp_to_unsigned_bin(s, &sigRS[keySz]); - if (err != MP_OKAY) { - return err; - } - - err = silabs_ecc_verify_hash(&sigRS[0], keySz*2, + err = silabs_ecc_verify_hash(&sigRS[0], keySz * 2, hash, hashlen, res, key); - #elif defined(WOLFSSL_KCAPI_ECC) - /* Extract R and S */ - err = mp_to_unsigned_bin(r, &sigRS[0]); - if (err != MP_OKAY) { - return err; + err = KcapiEcc_Verify(key, hash, hashlen, sigRS, keySz * 2); + if (err == 0) { + *res = 1; } - err = mp_to_unsigned_bin(s, &sigRS[key->dp->size]); - if (err != MP_OKAY) { - return err; - } - - err = KcapiEcc_Verify(key, hash, hashlen, sigRS, key->dp->size * 2); #elif defined(WOLFSSL_SE050) - { - /* Used when following a hardware sign operation */ - int rLeadingZero = mp_leading_bit(r); - int sLeadingZero = mp_leading_bit(s); - int rLen = mp_unsigned_bin_size(r); - int sLen = mp_unsigned_bin_size(s); - word32 signatureLen = rLeadingZero + sLeadingZero + - rLen + sLen + SIG_HEADER_SZ; /* see StoreECC_DSA_Sig */ + err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS, keySz * 2, key, res); +#endif - #ifdef WOLFSSL_SMALL_STACK - sigRS = (byte*)XMALLOC(signatureLen, NULL, DYNAMIC_TYPE_SIGNATURE); - if (sigRS == NULL) { - err = MEMORY_E; - } - #else - if (signatureLen > sizeof(sigRS)) { - err = BUFFER_E; - } - #endif - if (err == 0) { - err = StoreECC_DSA_Sig(sigRS, &signatureLen, r, s); - } - if (err == 0) { - err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS, - signatureLen, key, res); - } - #ifdef WOLFSSL_SMALL_STACK - if (sigRS != NULL) { - XFREE(sigRS, NULL, DYNAMIC_TYPE_SIGNATURE); - sigRS = NULL; - } - #endif - if (err != 0) - return err; - } #else /* checking if private key with no public part */ if (key->type == ECC_PRIVATEKEY_ONLY) { @@ -8989,7 +8923,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, } } else - #endif + #endif { err = wc_export_int(&key->k, d, dLen, keySz, encType); if (err != MP_OKAY) diff --git a/wolfcrypt/src/port/nxp/se050_port.c b/wolfcrypt/src/port/nxp/se050_port.c index 4a59bad45..7e618bdf7 100644 --- a/wolfcrypt/src/port/nxp/se050_port.c +++ b/wolfcrypt/src/port/nxp/se050_port.c @@ -58,16 +58,21 @@ #endif struct ecc_key; #include -#include +#include #ifndef SE050_ECC_DER_MAX #define SE050_ECC_DER_MAX 256 #endif +/* enable for debugging */ +/* #define SE050_DEBUG*/ +/* enable to factory erase chip */ +/* #define WOLFSSL_SE050_FACTORY_RESET */ + /* Global variables */ static sss_session_t *cfg_se050_i2c_pi; -static sss_key_store_t *hostKeyStore; -static sss_key_store_t *keyStore; +static sss_key_store_t *gHostKeyStore; +static sss_key_store_t *gHeyStore; int wc_se050_set_config(sss_session_t *pSession, sss_key_store_t *pHostKeyStore, sss_key_store_t *pKeyStore) @@ -75,8 +80,8 @@ int wc_se050_set_config(sss_session_t *pSession, sss_key_store_t *pHostKeyStore, WOLFSSL_MSG("Setting SE050 session configuration"); cfg_se050_i2c_pi = pSession; - hostKeyStore = pHostKeyStore; - keyStore = pKeyStore; + gHostKeyStore = pHostKeyStore; + gHeyStore = pKeyStore; return 0; } @@ -101,6 +106,10 @@ int wc_se050_init(const char* portName) NULL, #endif &pCtx.ks); + + #ifdef WOLFSSL_SE050_FACTORY_RESET + ex_sss_boot_factory_reset(&pCtx); + #endif } else { ret = WC_HW_E; @@ -111,7 +120,7 @@ int wc_se050_init(const char* portName) int se050_allocate_key(int keyType) { - int keyId = 0; + int keyId = -1; static int keyId_allocator = 100; switch (keyType) { case SE050_AES_KEY: @@ -121,6 +130,9 @@ int se050_allocate_key(int keyType) keyId = keyId_allocator++; break; } +#ifdef SE050_DEBUG + printf("se050_allocate_key: keyId %d\n", keyId); +#endif return keyId; } @@ -131,6 +143,10 @@ int se050_get_random_number(uint32_t count, uint8_t* rand_out) sss_status_t status; sss_rng_context_t rng; +#ifdef SE050_DEBUG + printf("se050_get_random_number: %p (%d)\n", rand_out, count); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } @@ -292,6 +308,7 @@ int se050_aes_set_key(Aes* aes, const byte* key, word32 keylen, } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &newKey); sss_key_object_free(&newKey); } ret = WC_HW_E; @@ -398,8 +415,9 @@ void se050_aes_free(Aes* aes) } if (status == kStatus_SSS_Success) { status = sss_key_object_get_handle(&keyObject, aes->keyId); - aes->keyId = 0; + aes->keyId = -1; } + sss_key_store_erase_key(&host_keystore, &keyObject); sss_key_object_free(&keyObject); wolfSSL_CryptHwMutexUnLock(); @@ -454,6 +472,11 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, int keySize; int keySizeBits; +#ifdef SE050_DEBUG + printf("se050_ecc_sign_hash_ex: key %p, in %p (%d), out %p (%d), keyId %d\n", + key, in, inLen, out, *outLen, key->keyId); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } @@ -461,19 +484,15 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, return BAD_FUNC_ARG; } - if (wolfSSL_CryptHwMutexLock() != 0) { - return BAD_MUTEX_E; - } - - /* truncate if digest is larger than 64 */ - if (inLen > 64) - inLen = 64; - keySize = key->dp->size; keySizeBits = keySize * 8; if (keySizeBits > SSS_MAX_ECC_BITS) keySizeBits = SSS_MAX_ECC_BITS; + /* truncate if digest is larger than key size */ + if (inLen > (word32)keySize) + inLen = (word32)keySize; + if (inLen == 20) algorithm = kAlgorithm_SSS_SHA1; else if (inLen == 28) @@ -484,6 +503,17 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, algorithm = kAlgorithm_SSS_SHA384; else if (inLen == 64) algorithm = kAlgorithm_SSS_SHA512; + else { + /* not supported curve key size */ + return ECC_CURVE_OID_E; + } + + if (wolfSSL_CryptHwMutexLock() != 0) { + return BAD_MUTEX_E; + } + + /* mark that key was used for signing */ + key->flags |= WC_ECC_FLAG_DEC_SIGN; status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); if (status == kStatus_SSS_Success) { @@ -499,25 +529,45 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, &newKey, algorithm, kMode_SSS_Sign); if (status == kStatus_SSS_Success) { - size_t outLenSz = (size_t)*outLen; - status = sss_asymmetric_sign_digest(&ctx_asymm, (uint8_t *)in, - inLen, out, &outLenSz); - *outLen = (word32)outLenSz; + byte sigBuf[ECC_MAX_SIG_SIZE]; + size_t sigSz = sizeof(sigBuf); + status = sss_asymmetric_sign_digest(&ctx_asymm, (uint8_t*)in, + inLen, sigBuf, &sigSz); + if (status == kStatus_SSS_Success) { + /* SE050 returns ASN.1 encoded signature */ + word32 rLen = keySize, sLen = keySize; + ret = DecodeECC_DSA_Sig_Bin(sigBuf, (word32)sigSz, + out, &rLen, + out+keySize, &sLen); + if (ret != 0) { + status = kStatus_SSS_Fail; + } + } } sss_asymmetric_context_free(&ctx_asymm); } - if (status != kStatus_SSS_Success) { - ret = WC_HW_E; + if (status == kStatus_SSS_Success) { + ret = 0; + } + else { + if (ret == 0) + ret = WC_HW_E; } wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ecc_sign_hash_ex: ret %d, outLen %d\n", ret, *outLen); +#endif + + (void)outLen; /* caller sets outLen */ + return ret; } -int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, - word32 signatureLen, struct ecc_key* key, int* res) +int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* sigRS, + word32 sigRSLen, struct ecc_key* key, int* res) { int ret = 0; sss_status_t status; @@ -525,23 +575,33 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, sss_object_t newKey; sss_key_store_t host_keystore; sss_algorithm_t algorithm = kAlgorithm_None; + int keyId; int keySize; int keySizeBits; sss_cipher_type_t curveType; int keyCreated = 0; +#ifdef SE050_DEBUG + printf("se050_ecc_verify_hash_ex: key %p, hash %p (%d), sig %p (%d)\n", + key, hash, hashLen, sigRS, sigRSLen); +#endif + *res = 0; + (void)sigRSLen; if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } - if (wolfSSL_CryptHwMutexLock() != 0) { - return BAD_MUTEX_E; - } + keySize = key->dp->size; + keySizeBits = keySize * 8; + if (keySizeBits > SSS_MAX_ECC_BITS) + keySizeBits = SSS_MAX_ECC_BITS; + curveType = se050_map_curve(key->dp->id); - if (hashLen > 64) - hashLen = 64; + /* truncate hash if larger than key size */ + if (hashLen > (word32)keySize) + hashLen = (word32)keySize; if (hashLen == 20) algorithm = kAlgorithm_SSS_SHA1; @@ -553,12 +613,14 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, algorithm = kAlgorithm_SSS_SHA384; else if (hashLen == 64) algorithm = kAlgorithm_SSS_SHA512; + else { + /* not supported curve key size */ + return ECC_CURVE_OID_E; + } - keySize = key->dp->size; - keySizeBits = keySize * 8; - if (keySizeBits > SSS_MAX_ECC_BITS) - keySizeBits = SSS_MAX_ECC_BITS; - curveType = se050_map_curve(key->dp->id); + if (wolfSSL_CryptHwMutexLock() != 0) { + return BAD_MUTEX_E; + } status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); if (status == kStatus_SSS_Success) { @@ -570,20 +632,22 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, /* this is run when a key was not generated and was instead passed in */ if (status == kStatus_SSS_Success) { - if (key->keyId == 0) { + keyId = key->keyId; + if (keyId <= 0) { byte derBuf[SE050_ECC_DER_MAX]; word32 derSz; ret = wc_EccPublicKeyToDer(key, derBuf, (word32)sizeof(derBuf), 1); if (ret >= 0) { derSz = ret; + ret = 0; } else { status = kStatus_SSS_Fail; } if (status == kStatus_SSS_Success) { - key->keyId = se050_allocate_key(SE050_ECC_KEY); - status = sss_key_object_allocate_handle(&newKey, key->keyId, + keyId = se050_allocate_key(SE050_ECC_KEY); + status = sss_key_object_allocate_handle(&newKey, keyId, kSSS_KeyPart_Public, curveType, keySize, kKeyObject_Mode_Transient); } @@ -594,7 +658,7 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, } } else { - status = sss_key_object_get_handle(&newKey, key->keyId); + status = sss_key_object_get_handle(&newKey, keyId); } } @@ -602,21 +666,33 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, &newKey, algorithm, kMode_SSS_Verify); if (status == kStatus_SSS_Success) { - status = sss_asymmetric_verify_digest(&ctx_asymm, (uint8_t *)hash, - hashLen, signature, signatureLen); + /* SE050 expects ASN.1 encoded signature */ + byte sigBuf[ECC_MAX_SIG_SIZE]; + word32 sigSz = (word32)sizeof(sigBuf); + ret = StoreECC_DSA_Sig_Bin(sigBuf, &sigSz, + sigRS, keySize, + sigRS+keySize, keySize); + if (ret == 0) { + status = sss_asymmetric_verify_digest(&ctx_asymm, + (uint8_t*)hash, hashLen, sigBuf, sigSz); + } + else { + status = kStatus_SSS_Fail; + } } sss_asymmetric_context_free(&ctx_asymm); } if (status == kStatus_SSS_Success) { + key->keyId = keyId; *res = 1; ret = 0; } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &newKey); sss_key_object_free(&newKey); - key->keyId = 0; } if (ret == 0) ret = WC_HW_E; @@ -624,6 +700,11 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ecc_verify_hash_ex: key %p, ret %d, res %d\n", + key, ret, *res); +#endif + return ret; } @@ -634,6 +715,10 @@ void se050_ecc_free_key(struct ecc_key* key) sss_object_t keyObject; sss_key_store_t host_keystore; +#ifdef SE050_DEBUG + printf("se050_ecc_free_key: key %p, keyId %d\n", key, key->keyId); +#endif + if (cfg_se050_i2c_pi == NULL) { return; } @@ -656,8 +741,12 @@ void se050_ecc_free_key(struct ecc_key* key) status = sss_key_object_get_handle(&keyObject, key->keyId); } if (status == kStatus_SSS_Success) { + if ((key->flags & WC_ECC_FLAG_DEC_SIGN) == 0) { + /* key was not used for signing, so release it */ + sss_key_store_erase_key(&host_keystore, &keyObject); + } sss_key_object_free(&keyObject); - key->keyId = 0; + key->keyId = -1; } wolfSSL_CryptHwMutexUnLock(); } @@ -676,19 +765,29 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize) sss_cipher_type_t curveType; int keyCreated = 0; +#ifdef SE050_DEBUG + printf("se050_ecc_create_key: key %p, curve %d, keySize %d\n", + key, curve_id, keySize); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } - if (wolfSSL_CryptHwMutexLock() != 0) { - return BAD_MUTEX_E; - } - curveType = se050_map_curve(curve_id); keySizeBits = keySize * 8; if (keySizeBits > SSS_MAX_ECC_BITS) keySizeBits = SSS_MAX_ECC_BITS; + if (keySize == 30) { + /* not supported curve key size */ + return ECC_CURVE_OID_E; + } + + if (wolfSSL_CryptHwMutexLock() != 0) { + return BAD_MUTEX_E; + } + status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); if (status == kStatus_SSS_Success) { status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC); @@ -700,7 +799,7 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize) keyId = se050_allocate_key(SE050_ECC_KEY); status = sss_key_object_allocate_handle(&keyPair, keyId, kSSS_KeyPart_Pair, curveType, keySizeBits, - kKeyObject_Mode_None); + kKeyObject_Mode_Transient); } if (status == kStatus_SSS_Success) { keyCreated = 1; @@ -724,6 +823,7 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize) } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &keyPair); sss_key_object_free(&keyPair); } if (ret == 0) @@ -732,6 +832,11 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize) wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ecc_create_key: key %p, ret %d, keyId %d\n", + key, ret, key->keyId); +#endif + return ret; } @@ -753,6 +858,11 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, int keyCreated = 0; int deriveKeyCreated = 0; +#ifdef SE050_DEBUG + printf("se050_ecc_shared_secret: priv %p, pub %p, out %p (%d)\n", + private_key, public_key, out, *outlen); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } @@ -760,32 +870,32 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, return BAD_FUNC_ARG; } - if (wolfSSL_CryptHwMutexLock() != 0) { - return BAD_MUTEX_E; - } - keySize = private_key->dp->size; keySizeBits = keySize * 8; if (keySizeBits > SSS_MAX_ECC_BITS) keySizeBits = SSS_MAX_ECC_BITS; curveType = se050_map_curve(private_key->dp->id); + if (wolfSSL_CryptHwMutexLock() != 0) { + return BAD_MUTEX_E; + } + status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); if (status == kStatus_SSS_Success) { status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC); } - if (status == kStatus_SSS_Success) { - status = sss_key_object_init(&ref_public_key, &host_keystore); - } if (status == kStatus_SSS_Success) { status = sss_key_object_init(&ref_private_key, &host_keystore); } if (status == kStatus_SSS_Success) { status = sss_key_object_get_handle(&ref_private_key, private_key->keyId); } - if (status == kStatus_SSS_Success) { - if (public_key->keyId <= 0) { + status = sss_key_object_init(&ref_public_key, &host_keystore); + } + if (status == kStatus_SSS_Success) { + keyId = public_key->keyId; + if (keyId <= 0) { byte derBuf[256]; word32 derSz; @@ -793,6 +903,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, (word32)sizeof(derBuf), 1); if (ret >= 0) { derSz = ret; + ret = 0; } else { status = kStatus_SSS_Fail; @@ -810,12 +921,11 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, } } else { - status = sss_key_object_get_handle(&ref_public_key, - public_key->keyId); + status = sss_key_object_get_handle(&ref_public_key, keyId); } } if (status == kStatus_SSS_Success) { - status = sss_key_object_init(&deriveKey, hostKeyStore); + status = sss_key_object_init(&deriveKey, &host_keystore); } if (status == kStatus_SSS_Success) { int keyIdAes = se050_allocate_key(SE050_AES_KEY); @@ -823,7 +933,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, status = sss_key_object_allocate_handle(&deriveKey, keyIdAes, kSSS_KeyPart_Default, - kSSS_CipherType_AES, + kSSS_CipherType_Binary, keySize, kKeyObject_Mode_Transient); } @@ -838,7 +948,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, if (status == kStatus_SSS_Success) { size_t outlenSz = (size_t)*outlen; /* derived key export */ - status = sss_key_store_get_key(hostKeyStore, &deriveKey, out, + status = sss_key_store_get_key(&host_keystore, &deriveKey, out, &outlenSz, &keySizeBits); *outlen = (word32)outlenSz; } @@ -846,16 +956,18 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, sss_derive_key_context_free(&ctx_derive_key); } if (deriveKeyCreated) { + sss_key_store_erase_key(&host_keystore, &deriveKey); sss_key_object_free(&deriveKey); } if (status == kStatus_SSS_Success) { + public_key->keyId = keyId; ret = 0; } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &public_key); sss_key_object_free(&public_key); - public_key->keyId = 0; } if (ret == 0) ret = WC_HW_E; @@ -863,6 +975,10 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ecc_shared_secret: ret %d, outlen %d\n", ret, *outlen); +#endif + return ret; } #endif /* HAVE_ECC */ @@ -879,6 +995,10 @@ int se050_ed25519_create_key(ed25519_key* key) int keySize = ED25519_KEY_SIZE; int keyCreated = 0; +#ifdef SE050_DEBUG + printf("se050_ed25519_create_key: %p\n", key); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } @@ -912,6 +1032,7 @@ int se050_ed25519_create_key(ed25519_key* key) } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &newKey); sss_key_object_free(&newKey); } ret = WC_HW_E; @@ -919,6 +1040,10 @@ int se050_ed25519_create_key(ed25519_key* key) wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ed25519_create_key: ret %d, keyId %d\n", ret, key->keyId); +#endif + return ret; } @@ -928,6 +1053,10 @@ void se050_ed25519_free_key(ed25519_key* key) sss_object_t newKey; sss_key_store_t host_keystore; +#ifdef SE050_DEBUG + printf("se050_ed25519_free_key: %p, id %d\n", key, key->keyId); +#endif + if (cfg_se050_i2c_pi == NULL) { return; } @@ -952,7 +1081,7 @@ void se050_ed25519_free_key(ed25519_key* key) } if (status == kStatus_SSS_Success) { sss_key_object_free(&newKey); - key->keyId = 0; + key->keyId = -1; } wolfSSL_CryptHwMutexUnLock(); } @@ -966,8 +1095,10 @@ int se050_ed25519_sign_msg(const byte* in, word32 inLen, byte* out, sss_key_store_t host_keystore; sss_object_t newKey; - inLen = 64; - *outLen = 64; +#ifdef SE050_DEBUG + printf("se050_ed25519_sign_msg: key %p, in %p (%d), out %p (%d), keyId %d\n", + key, in, inLen, out, *outLen, key->keyId); +#endif if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; @@ -1009,6 +1140,10 @@ int se050_ed25519_sign_msg(const byte* in, word32 inLen, byte* out, wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ed25519_sign_msg: ret %d, outLen %d\n", ret, *outLen); +#endif + return ret; } @@ -1025,6 +1160,11 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, int keySize = ED25519_KEY_SIZE; int keyCreated = 0; +#ifdef SE050_DEBUG + printf("se050_ed25519_verify_msg: key %p, sig %p (%d), msg %p (%d)\n", + key, signature, signatureLen, msg, msgLen); +#endif + if (cfg_se050_i2c_pi == NULL) { return WC_HW_E; } @@ -1041,7 +1181,8 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, status = sss_key_object_init(&newKey, &host_keystore); } if (status == kStatus_SSS_Success) { - if (key->keyId == 0) { + keyId = key->keyId; + if (keyId <= 0) { byte derBuf[48]; word32 derSz = 0, idx = 0; @@ -1049,6 +1190,7 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, (word32)sizeof(derBuf)); if (ret >= 0) { derSz = ret; + ret = 0; } else { status = kStatus_SSS_Fail; @@ -1066,23 +1208,21 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, } } else { - status = sss_key_object_get_handle(&newKey, key->keyId); + status = sss_key_object_get_handle(&newKey, keyId); } } if (status == kStatus_SSS_Success) { status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, &newKey, kAlgorithm_SSS_SHA512, kMode_SSS_Verify); + if (status == kStatus_SSS_Success) { + status = sss_se05x_asymmetric_verify( + (sss_se05x_asymmetric_t*)&ctx_asymm, (uint8_t*)msg, msgLen, + (uint8_t*)signature, (size_t)signatureLen); + } + sss_asymmetric_context_free(&ctx_asymm); } - if (status == kStatus_SSS_Success) { - status = sss_se05x_asymmetric_verify( - (sss_se05x_asymmetric_t*)&ctx_asymm, (uint8_t*)msg, msgLen, - (uint8_t*)signature, (size_t)signatureLen); - } - - sss_asymmetric_context_free(&ctx_asymm); - if (status == kStatus_SSS_Success) { key->keyId = keyId; *res = 1; @@ -1090,6 +1230,7 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, } else { if (keyCreated) { + sss_key_store_erase_key(&host_keystore, &newKey); sss_key_object_free(&newKey); } if (ret == 0) @@ -1098,6 +1239,10 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen, wolfSSL_CryptHwMutexUnLock(); +#ifdef SE050_DEBUG + printf("se050_ed25519_verify_msg: ret %d, res %d\n", ret, *res); +#endif + return ret; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index e953e8ef5..657e2aa03 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -22002,6 +22002,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount, #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE); #endif + if (ret == ECC_CURVE_OID_E) + goto done; /* catch case, where curve is not supported */ if (ret != 0) ERROR_OUT(-9910, done); TEST_SLEEP(); @@ -22945,7 +22947,7 @@ static int ecc_def_curve_test(WC_RNG *rng) #else ecc_key key[1]; #endif -#ifdef WC_NO_RNG +#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) word32 idx = 0; #endif @@ -22970,46 +22972,59 @@ static int ecc_def_curve_test(WC_RNG *rng) #ifndef WC_NO_RNG ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key); -#if defined(WOLFSSL_ASYNC_CRYPT) + #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE); -#endif -#else - /* use test ECC key */ - ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key, - (word32)sizeof_ecc_key_der_256); - (void)rng; -#endif + #endif if (ret != 0) { - ret = -10092; goto done; } - TEST_SLEEP(); -#ifndef NO_SIG_WRAPPER + #ifndef NO_SIG_WRAPPER ret = ecc_sig_test(rng, key); if (ret < 0) goto done; -#endif -#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \ - !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ - !defined(WOLFSSL_QNX_CAAM) + #endif + TEST_SLEEP(); + + #ifdef HAVE_ECC_DHE + ret = ecc_ssh_test(key, rng); + if (ret < 0) + goto done; + #endif +#else + (void)rng; +#endif /* !WC_NO_RNG */ + +#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) + /* Use test ECC key - ensure real private "d" exists */ + #ifdef USE_CERT_BUFFERS_256 + ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key, + sizeof_ecc_key_der_256); + #else + { + XFILE file = XFOPEN("./certs/ecc-key.der", "rb"); + byte der[128]; + word32 derSz; + if (!file) { + ERROR_OUT(-10093, done); + } + derSz = (word32)XFREAD(der, 1, sizeof(der), file); + XFCLOSE(file); + ret = wc_EccPrivateKeyDecode(der, &idx, key, derSz); + } + #endif + if (ret != 0) { + goto done; + } + ret = ecc_exp_imp_test(key); if (ret < 0) goto done; -#endif -#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ - !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_QNX_CAAM) -#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT) ret = ecc_mulmod_test(key); if (ret < 0) goto done; #endif -#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) - ret = ecc_ssh_test(key, rng); - if (ret < 0) - goto done; -#endif -#endif /* WOLFSSL_ATECC508A */ + done: #ifdef WOLFSSL_SMALL_STACK diff --git a/wolfssl/wolfcrypt/port/nxp/se050_port.h b/wolfssl/wolfcrypt/port/nxp/se050_port.h index 7d8b9a153..65db423c4 100644 --- a/wolfssl/wolfcrypt/port/nxp/se050_port.h +++ b/wolfssl/wolfcrypt/port/nxp/se050_port.h @@ -128,7 +128,7 @@ WOLFSSL_LOCAL int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, word32 *outLen, struct ecc_key* key); WOLFSSL_LOCAL int se050_ecc_verify_hash_ex(const byte* hash, word32 hashlen, - byte* signature, word32 signatureLen, struct ecc_key* key, int* res); + byte* sigRS, word32 sigRSLen, struct ecc_key* key, int* res); WOLFSSL_LOCAL int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize); WOLFSSL_LOCAL int se050_ecc_shared_secret(struct ecc_key* private_key,