wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for NXP SE050 testing with hardware.

Browse Source
This commit is contained in:
David Garske
2021-11-03 12:08:30 -07:00
parent e9fbd94150
commit b84edb5c67
4 changed files with 275 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
wolfcrypt/src/ecc.c
View File

@@ -4720,7 +4720,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = NOT_COMPILED_IN; err = NOT_COMPILED_IN;
} }
#elif defined(WOLFSSL_SE050) #elif defined(WOLFSSL_SE050)
err = se050_ecc_create_key(key, curve_id, keysize); err = se050_ecc_create_key(key, key->dp->id, key->dp->size);
key->type = ECC_PRIVATEKEY; key->type = ECC_PRIVATEKEY;
#elif defined(WOLFSSL_CRYPTOCELL) #elif defined(WOLFSSL_CRYPTOCELL)
@@ -5239,10 +5239,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
(void)rng; (void)rng;
#elif defined(WOLFSSL_SE050) #elif defined(WOLFSSL_SE050)
err = se050_ecc_sign_hash_ex(in, inlen, out, outlen, key); err = se050_ecc_sign_hash_ex(in, inlen, out, outlen, key);
if (err == 0) (void)rng;
err = DecodeECC_DSA_Sig(out, *outlen, r, s);
return err;
#endif #endif
/* Load R and S */ /* Load R and S */
@@ -7032,11 +7029,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
#elif defined(WOLFSSL_KCAPI_ECC) #elif defined(WOLFSSL_KCAPI_ECC)
byte sigRS[MAX_ECC_BYTES*2]; byte sigRS[MAX_ECC_BYTES*2];
#elif defined(WOLFSSL_SE050) #elif defined(WOLFSSL_SE050)
#ifdef WOLFSSL_SMALL_STACK
byte* sigRS = NULL;
#else
byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2]; byte sigRS[ECC_MAX_CRYPTO_HW_SIZE * 2];
#endif
#elif !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC) #elif !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC)
int did_init = 0; int did_init = 0;
ecc_point *mG = NULL, *mQ = NULL; ecc_point *mG = NULL, *mQ = NULL;
@@ -7098,7 +7091,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
} }
#endif #endif
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050)
/* Extract R and S */ /* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]); err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) { if (err != MP_OKAY) {
@@ -7109,6 +7104,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
return err; return err;
} }
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
err = atmel_ecc_verify(hash, sigRS, key->pubkey_raw, res); err = atmel_ecc_verify(hash, sigRS, key->pubkey_raw, res);
if (err != 0) { if (err != 0) {
return err; return err;
@@ -7116,17 +7112,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
(void)hashlen; (void)hashlen;
#elif defined(WOLFSSL_CRYPTOCELL) #elif defined(WOLFSSL_CRYPTOCELL)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) {
return err;
}
err = mp_to_unsigned_bin(s, &sigRS[keySz]);
if (err != MP_OKAY) {
return err;
}
/* truncate if hash is longer than key size */ /* truncate if hash is longer than key size */
if (msgLenInBytes > keySz) { if (msgLenInBytes > keySz) {
msgLenInBytes = keySz; msgLenInBytes = keySz;
@@ -7153,69 +7138,18 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
/* valid signature if we get to this point */ /* valid signature if we get to this point */
*res = 1; *res = 1;
#elif defined(WOLFSSL_SILABS_SE_ACCEL) #elif defined(WOLFSSL_SILABS_SE_ACCEL)
/* Extract R and S */ err = silabs_ecc_verify_hash(&sigRS[0], keySz * 2,
err = mp_to_unsigned_bin(r, &sigRS[0]);
if (err != MP_OKAY) {
return err;
}
err = mp_to_unsigned_bin(s, &sigRS[keySz]);
if (err != MP_OKAY) {
return err;
}
err = silabs_ecc_verify_hash(&sigRS[0], keySz*2,
hash, hashlen, hash, hashlen,
res, key); res, key);
#elif defined(WOLFSSL_KCAPI_ECC) #elif defined(WOLFSSL_KCAPI_ECC)
/* Extract R and S */ err = KcapiEcc_Verify(key, hash, hashlen, sigRS, keySz * 2);
err = mp_to_unsigned_bin(r, &sigRS[0]); if (err == 0) {
if (err != MP_OKAY) { *res = 1;
return err;
} }
err = mp_to_unsigned_bin(s, &sigRS[key->dp->size]);
if (err != MP_OKAY) {
return err;
}
err = KcapiEcc_Verify(key, hash, hashlen, sigRS, key->dp->size * 2);
#elif defined(WOLFSSL_SE050) #elif defined(WOLFSSL_SE050)
{ err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS, keySz * 2, key, res);
/* Used when following a hardware sign operation */ #endif
int rLeadingZero = mp_leading_bit(r);
int sLeadingZero = mp_leading_bit(s);
int rLen = mp_unsigned_bin_size(r);
int sLen = mp_unsigned_bin_size(s);
word32 signatureLen = rLeadingZero + sLeadingZero +
rLen + sLen + SIG_HEADER_SZ; /* see StoreECC_DSA_Sig */
#ifdef WOLFSSL_SMALL_STACK
sigRS = (byte*)XMALLOC(signatureLen, NULL, DYNAMIC_TYPE_SIGNATURE);
if (sigRS == NULL) {
err = MEMORY_E;
}
#else
if (signatureLen > sizeof(sigRS)) {
err = BUFFER_E;
}
#endif
if (err == 0) {
err = StoreECC_DSA_Sig(sigRS, &signatureLen, r, s);
}
if (err == 0) {
err = se050_ecc_verify_hash_ex(hash, hashlen, sigRS,
signatureLen, key, res);
}
#ifdef WOLFSSL_SMALL_STACK
if (sigRS != NULL) {
XFREE(sigRS, NULL, DYNAMIC_TYPE_SIGNATURE);
sigRS = NULL;
}
#endif
if (err != 0)
return err;
}
#else #else
/* checking if private key with no public part */ /* checking if private key with no public part */
if (key->type == ECC_PRIVATEKEY_ONLY) { if (key->type == ECC_PRIVATEKEY_ONLY) {

281
wolfcrypt/src/port/nxp/se050_port.c
View File

@@ -58,16 +58,21 @@
#endif #endif
struct ecc_key; struct ecc_key;
#include <wolfssl/wolfcrypt/ecc.h> #include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/asn_public.h> #include <wolfssl/wolfcrypt/asn.h>
#ifndef SE050_ECC_DER_MAX #ifndef SE050_ECC_DER_MAX
#define SE050_ECC_DER_MAX 256 #define SE050_ECC_DER_MAX 256
#endif #endif
/* enable for debugging */
/* #define SE050_DEBUG*/
/* enable to factory erase chip */
/* #define WOLFSSL_SE050_FACTORY_RESET */
/* Global variables */ /* Global variables */
static sss_session_t *cfg_se050_i2c_pi; static sss_session_t *cfg_se050_i2c_pi;
static sss_key_store_t *hostKeyStore; static sss_key_store_t *gHostKeyStore;
static sss_key_store_t *keyStore; static sss_key_store_t *gHeyStore;
int wc_se050_set_config(sss_session_t *pSession, sss_key_store_t *pHostKeyStore, int wc_se050_set_config(sss_session_t *pSession, sss_key_store_t *pHostKeyStore,
sss_key_store_t *pKeyStore) sss_key_store_t *pKeyStore)
@@ -75,8 +80,8 @@ int wc_se050_set_config(sss_session_t *pSession, sss_key_store_t *pHostKeyStore,
WOLFSSL_MSG("Setting SE050 session configuration"); WOLFSSL_MSG("Setting SE050 session configuration");
cfg_se050_i2c_pi = pSession; cfg_se050_i2c_pi = pSession;
hostKeyStore = pHostKeyStore; gHostKeyStore = pHostKeyStore;
keyStore = pKeyStore; gHeyStore = pKeyStore;
return 0; return 0;
} }
@@ -101,6 +106,10 @@ int wc_se050_init(const char* portName)
NULL, NULL,
#endif #endif
&pCtx.ks); &pCtx.ks);
#ifdef WOLFSSL_SE050_FACTORY_RESET
ex_sss_boot_factory_reset(&pCtx);
#endif
} }
else { else {
ret = WC_HW_E; ret = WC_HW_E;
@@ -111,7 +120,7 @@ int wc_se050_init(const char* portName)
int se050_allocate_key(int keyType) int se050_allocate_key(int keyType)
{ {
int keyId = 0; int keyId = -1;
static int keyId_allocator = 100; static int keyId_allocator = 100;
switch (keyType) { switch (keyType) {
case SE050_AES_KEY: case SE050_AES_KEY:
@@ -121,6 +130,9 @@ int se050_allocate_key(int keyType)
keyId = keyId_allocator++; keyId = keyId_allocator++;
break; break;
} }
#ifdef SE050_DEBUG
printf("se050_allocate_key: keyId %d\n", keyId);
#endif
return keyId; return keyId;
} }
@@ -131,6 +143,10 @@ int se050_get_random_number(uint32_t count, uint8_t* rand_out)
sss_status_t status; sss_status_t status;
sss_rng_context_t rng; sss_rng_context_t rng;
#ifdef SE050_DEBUG
printf("se050_get_random_number: %p (%d)\n", rand_out, count);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
@@ -292,6 +308,7 @@ int se050_aes_set_key(Aes* aes, const byte* key, word32 keylen,
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &newKey);
sss_key_object_free(&newKey); sss_key_object_free(&newKey);
} }
ret = WC_HW_E; ret = WC_HW_E;
@@ -398,8 +415,9 @@ void se050_aes_free(Aes* aes)
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_object_get_handle(&keyObject, aes->keyId); status = sss_key_object_get_handle(&keyObject, aes->keyId);
aes->keyId = 0; aes->keyId = -1;
} }
sss_key_store_erase_key(&host_keystore, &keyObject);
sss_key_object_free(&keyObject); sss_key_object_free(&keyObject);
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
@@ -454,6 +472,11 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
int keySize; int keySize;
int keySizeBits; int keySizeBits;
#ifdef SE050_DEBUG
printf("se050_ecc_sign_hash_ex: key %p, in %p (%d), out %p (%d), keyId %d\n",
key, in, inLen, out, *outLen, key->keyId);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
@@ -461,19 +484,15 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
/* truncate if digest is larger than 64 */
if (inLen > 64)
inLen = 64;
keySize = key->dp->size; keySize = key->dp->size;
keySizeBits = keySize * 8; keySizeBits = keySize * 8;
if (keySizeBits > SSS_MAX_ECC_BITS) if (keySizeBits > SSS_MAX_ECC_BITS)
keySizeBits = SSS_MAX_ECC_BITS; keySizeBits = SSS_MAX_ECC_BITS;
/* truncate if digest is larger than key size */
if (inLen > (word32)keySize)
inLen = (word32)keySize;
if (inLen == 20) if (inLen == 20)
algorithm = kAlgorithm_SSS_SHA1; algorithm = kAlgorithm_SSS_SHA1;
else if (inLen == 28) else if (inLen == 28)
@@ -484,6 +503,17 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
algorithm = kAlgorithm_SSS_SHA384; algorithm = kAlgorithm_SSS_SHA384;
else if (inLen == 64) else if (inLen == 64)
algorithm = kAlgorithm_SSS_SHA512; algorithm = kAlgorithm_SSS_SHA512;
else {
/* not supported curve key size */
return ECC_CURVE_OID_E;
}
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
/* mark that key was used for signing */
key->flags |= WC_ECC_FLAG_DEC_SIGN;
status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
@@ -499,25 +529,45 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi,
&newKey, algorithm, kMode_SSS_Sign); &newKey, algorithm, kMode_SSS_Sign);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
size_t outLenSz = (size_t)*outLen; byte sigBuf[ECC_MAX_SIG_SIZE];
status = sss_asymmetric_sign_digest(&ctx_asymm, (uint8_t *)in, size_t sigSz = sizeof(sigBuf);
inLen, out, &outLenSz); status = sss_asymmetric_sign_digest(&ctx_asymm, (uint8_t*)in,
*outLen = (word32)outLenSz; inLen, sigBuf, &sigSz);
if (status == kStatus_SSS_Success) {
/* SE050 returns ASN.1 encoded signature */
word32 rLen = keySize, sLen = keySize;
ret = DecodeECC_DSA_Sig_Bin(sigBuf, (word32)sigSz,
out, &rLen,
out+keySize, &sLen);
if (ret != 0) {
status = kStatus_SSS_Fail;
}
}
} }
sss_asymmetric_context_free(&ctx_asymm); sss_asymmetric_context_free(&ctx_asymm);
} }
if (status != kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
ret = 0;
}
else {
if (ret == 0)
ret = WC_HW_E; ret = WC_HW_E;
} }
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ecc_sign_hash_ex: ret %d, outLen %d\n", ret, *outLen);
#endif
(void)outLen; /* caller sets outLen */
return ret; return ret;
} }
int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature, int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* sigRS,
word32 signatureLen, struct ecc_key* key, int* res) word32 sigRSLen, struct ecc_key* key, int* res)
{ {
int ret = 0; int ret = 0;
sss_status_t status; sss_status_t status;
@@ -525,23 +575,33 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
sss_object_t newKey; sss_object_t newKey;
sss_key_store_t host_keystore; sss_key_store_t host_keystore;
sss_algorithm_t algorithm = kAlgorithm_None; sss_algorithm_t algorithm = kAlgorithm_None;
int keyId;
int keySize; int keySize;
int keySizeBits; int keySizeBits;
sss_cipher_type_t curveType; sss_cipher_type_t curveType;
int keyCreated = 0; int keyCreated = 0;
#ifdef SE050_DEBUG
printf("se050_ecc_verify_hash_ex: key %p, hash %p (%d), sig %p (%d)\n",
key, hash, hashLen, sigRS, sigRSLen);
#endif
*res = 0; *res = 0;
(void)sigRSLen;
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
if (wolfSSL_CryptHwMutexLock() != 0) { keySize = key->dp->size;
return BAD_MUTEX_E; keySizeBits = keySize * 8;
} if (keySizeBits > SSS_MAX_ECC_BITS)
keySizeBits = SSS_MAX_ECC_BITS;
curveType = se050_map_curve(key->dp->id);
if (hashLen > 64) /* truncate hash if larger than key size */
hashLen = 64; if (hashLen > (word32)keySize)
hashLen = (word32)keySize;
if (hashLen == 20) if (hashLen == 20)
algorithm = kAlgorithm_SSS_SHA1; algorithm = kAlgorithm_SSS_SHA1;
@@ -553,12 +613,14 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
algorithm = kAlgorithm_SSS_SHA384; algorithm = kAlgorithm_SSS_SHA384;
else if (hashLen == 64) else if (hashLen == 64)
algorithm = kAlgorithm_SSS_SHA512; algorithm = kAlgorithm_SSS_SHA512;
else {
/* not supported curve key size */
return ECC_CURVE_OID_E;
}
keySize = key->dp->size; if (wolfSSL_CryptHwMutexLock() != 0) {
keySizeBits = keySize * 8; return BAD_MUTEX_E;
if (keySizeBits > SSS_MAX_ECC_BITS) }
keySizeBits = SSS_MAX_ECC_BITS;
curveType = se050_map_curve(key->dp->id);
status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
@@ -570,20 +632,22 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
/* this is run when a key was not generated and was instead passed in */ /* this is run when a key was not generated and was instead passed in */
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
if (key->keyId == 0) { keyId = key->keyId;
if (keyId <= 0) {
byte derBuf[SE050_ECC_DER_MAX]; byte derBuf[SE050_ECC_DER_MAX];
word32 derSz; word32 derSz;
ret = wc_EccPublicKeyToDer(key, derBuf, (word32)sizeof(derBuf), 1); ret = wc_EccPublicKeyToDer(key, derBuf, (word32)sizeof(derBuf), 1);
if (ret >= 0) { if (ret >= 0) {
derSz = ret; derSz = ret;
ret = 0;
} }
else { else {
status = kStatus_SSS_Fail; status = kStatus_SSS_Fail;
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
key->keyId = se050_allocate_key(SE050_ECC_KEY); keyId = se050_allocate_key(SE050_ECC_KEY);
status = sss_key_object_allocate_handle(&newKey, key->keyId, status = sss_key_object_allocate_handle(&newKey, keyId,
kSSS_KeyPart_Public, curveType, keySize, kSSS_KeyPart_Public, curveType, keySize,
kKeyObject_Mode_Transient); kKeyObject_Mode_Transient);
} }
@@ -594,7 +658,7 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
} }
} }
else { else {
status = sss_key_object_get_handle(&newKey, key->keyId); status = sss_key_object_get_handle(&newKey, keyId);
} }
} }
@@ -602,21 +666,33 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi,
&newKey, algorithm, kMode_SSS_Verify); &newKey, algorithm, kMode_SSS_Verify);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_asymmetric_verify_digest(&ctx_asymm, (uint8_t *)hash, /* SE050 expects ASN.1 encoded signature */
hashLen, signature, signatureLen); byte sigBuf[ECC_MAX_SIG_SIZE];
word32 sigSz = (word32)sizeof(sigBuf);
ret = StoreECC_DSA_Sig_Bin(sigBuf, &sigSz,
sigRS, keySize,
sigRS+keySize, keySize);
if (ret == 0) {
status = sss_asymmetric_verify_digest(&ctx_asymm,
(uint8_t*)hash, hashLen, sigBuf, sigSz);
}
else {
status = kStatus_SSS_Fail;
}
} }
sss_asymmetric_context_free(&ctx_asymm); sss_asymmetric_context_free(&ctx_asymm);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
key->keyId = keyId;
*res = 1; *res = 1;
ret = 0; ret = 0;
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &newKey);
sss_key_object_free(&newKey); sss_key_object_free(&newKey);
key->keyId = 0;
} }
if (ret == 0) if (ret == 0)
ret = WC_HW_E; ret = WC_HW_E;
@@ -624,6 +700,11 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* signature,
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ecc_verify_hash_ex: key %p, ret %d, res %d\n",
key, ret, *res);
#endif
return ret; return ret;
} }
@@ -634,6 +715,10 @@ void se050_ecc_free_key(struct ecc_key* key)
sss_object_t keyObject; sss_object_t keyObject;
sss_key_store_t host_keystore; sss_key_store_t host_keystore;
#ifdef SE050_DEBUG
printf("se050_ecc_free_key: key %p, keyId %d\n", key, key->keyId);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return; return;
} }
@@ -656,8 +741,12 @@ void se050_ecc_free_key(struct ecc_key* key)
status = sss_key_object_get_handle(&keyObject, key->keyId); status = sss_key_object_get_handle(&keyObject, key->keyId);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
if ((key->flags & WC_ECC_FLAG_DEC_SIGN) == 0) {
/* key was not used for signing, so release it */
sss_key_store_erase_key(&host_keystore, &keyObject);
}
sss_key_object_free(&keyObject); sss_key_object_free(&keyObject);
key->keyId = 0; key->keyId = -1;
} }
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
} }
@@ -676,19 +765,29 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
sss_cipher_type_t curveType; sss_cipher_type_t curveType;
int keyCreated = 0; int keyCreated = 0;
#ifdef SE050_DEBUG
printf("se050_ecc_create_key: key %p, curve %d, keySize %d\n",
key, curve_id, keySize);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
curveType = se050_map_curve(curve_id); curveType = se050_map_curve(curve_id);
keySizeBits = keySize * 8; keySizeBits = keySize * 8;
if (keySizeBits > SSS_MAX_ECC_BITS) if (keySizeBits > SSS_MAX_ECC_BITS)
keySizeBits = SSS_MAX_ECC_BITS; keySizeBits = SSS_MAX_ECC_BITS;
if (keySize == 30) {
/* not supported curve key size */
return ECC_CURVE_OID_E;
}
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC); status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC);
@@ -700,7 +799,7 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
keyId = se050_allocate_key(SE050_ECC_KEY); keyId = se050_allocate_key(SE050_ECC_KEY);
status = sss_key_object_allocate_handle(&keyPair, keyId, status = sss_key_object_allocate_handle(&keyPair, keyId,
kSSS_KeyPart_Pair, curveType, keySizeBits, kSSS_KeyPart_Pair, curveType, keySizeBits,
kKeyObject_Mode_None); kKeyObject_Mode_Transient);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
keyCreated = 1; keyCreated = 1;
@@ -724,6 +823,7 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &keyPair);
sss_key_object_free(&keyPair); sss_key_object_free(&keyPair);
} }
if (ret == 0) if (ret == 0)
@@ -732,6 +832,11 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ecc_create_key: key %p, ret %d, keyId %d\n",
key, ret, key->keyId);
#endif
return ret; return ret;
} }
@@ -753,6 +858,11 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
int keyCreated = 0; int keyCreated = 0;
int deriveKeyCreated = 0; int deriveKeyCreated = 0;
#ifdef SE050_DEBUG
printf("se050_ecc_shared_secret: priv %p, pub %p, out %p (%d)\n",
private_key, public_key, out, *outlen);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
@@ -760,32 +870,32 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
keySize = private_key->dp->size; keySize = private_key->dp->size;
keySizeBits = keySize * 8; keySizeBits = keySize * 8;
if (keySizeBits > SSS_MAX_ECC_BITS) if (keySizeBits > SSS_MAX_ECC_BITS)
keySizeBits = SSS_MAX_ECC_BITS; keySizeBits = SSS_MAX_ECC_BITS;
curveType = se050_map_curve(private_key->dp->id); curveType = se050_map_curve(private_key->dp->id);
if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E;
}
status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi); status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi);
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC); status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ECC);
} }
if (status == kStatus_SSS_Success) {
status = sss_key_object_init(&ref_public_key, &host_keystore);
}
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_object_init(&ref_private_key, &host_keystore); status = sss_key_object_init(&ref_private_key, &host_keystore);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_object_get_handle(&ref_private_key, private_key->keyId); status = sss_key_object_get_handle(&ref_private_key, private_key->keyId);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
if (public_key->keyId <= 0) { status = sss_key_object_init(&ref_public_key, &host_keystore);
}
if (status == kStatus_SSS_Success) {
keyId = public_key->keyId;
if (keyId <= 0) {
byte derBuf[256]; byte derBuf[256];
word32 derSz; word32 derSz;
@@ -793,6 +903,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
(word32)sizeof(derBuf), 1); (word32)sizeof(derBuf), 1);
if (ret >= 0) { if (ret >= 0) {
derSz = ret; derSz = ret;
ret = 0;
} }
else { else {
status = kStatus_SSS_Fail; status = kStatus_SSS_Fail;
@@ -810,12 +921,11 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
} }
} }
else { else {
status = sss_key_object_get_handle(&ref_public_key, status = sss_key_object_get_handle(&ref_public_key, keyId);
public_key->keyId);
} }
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_key_object_init(&deriveKey, hostKeyStore); status = sss_key_object_init(&deriveKey, &host_keystore);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
int keyIdAes = se050_allocate_key(SE050_AES_KEY); int keyIdAes = se050_allocate_key(SE050_AES_KEY);
@@ -823,7 +933,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
status = sss_key_object_allocate_handle(&deriveKey, status = sss_key_object_allocate_handle(&deriveKey,
keyIdAes, keyIdAes,
kSSS_KeyPart_Default, kSSS_KeyPart_Default,
kSSS_CipherType_AES, kSSS_CipherType_Binary,
keySize, keySize,
kKeyObject_Mode_Transient); kKeyObject_Mode_Transient);
} }
@@ -838,7 +948,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
size_t outlenSz = (size_t)*outlen; size_t outlenSz = (size_t)*outlen;
/* derived key export */ /* derived key export */
status = sss_key_store_get_key(hostKeyStore, &deriveKey, out, status = sss_key_store_get_key(&host_keystore, &deriveKey, out,
&outlenSz, &keySizeBits); &outlenSz, &keySizeBits);
*outlen = (word32)outlenSz; *outlen = (word32)outlenSz;
} }
@@ -846,16 +956,18 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
sss_derive_key_context_free(&ctx_derive_key); sss_derive_key_context_free(&ctx_derive_key);
} }
if (deriveKeyCreated) { if (deriveKeyCreated) {
sss_key_store_erase_key(&host_keystore, &deriveKey);
sss_key_object_free(&deriveKey); sss_key_object_free(&deriveKey);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
public_key->keyId = keyId;
ret = 0; ret = 0;
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &public_key);
sss_key_object_free(&public_key); sss_key_object_free(&public_key);
public_key->keyId = 0;
} }
if (ret == 0) if (ret == 0)
ret = WC_HW_E; ret = WC_HW_E;
@@ -863,6 +975,10 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ecc_shared_secret: ret %d, outlen %d\n", ret, *outlen);
#endif
return ret; return ret;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
@@ -879,6 +995,10 @@ int se050_ed25519_create_key(ed25519_key* key)
int keySize = ED25519_KEY_SIZE; int keySize = ED25519_KEY_SIZE;
int keyCreated = 0; int keyCreated = 0;
#ifdef SE050_DEBUG
printf("se050_ed25519_create_key: %p\n", key);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
@@ -912,6 +1032,7 @@ int se050_ed25519_create_key(ed25519_key* key)
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &newKey);
sss_key_object_free(&newKey); sss_key_object_free(&newKey);
} }
ret = WC_HW_E; ret = WC_HW_E;
@@ -919,6 +1040,10 @@ int se050_ed25519_create_key(ed25519_key* key)
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ed25519_create_key: ret %d, keyId %d\n", ret, key->keyId);
#endif
return ret; return ret;
} }
@@ -928,6 +1053,10 @@ void se050_ed25519_free_key(ed25519_key* key)
sss_object_t newKey; sss_object_t newKey;
sss_key_store_t host_keystore; sss_key_store_t host_keystore;
#ifdef SE050_DEBUG
printf("se050_ed25519_free_key: %p, id %d\n", key, key->keyId);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return; return;
} }
@@ -952,7 +1081,7 @@ void se050_ed25519_free_key(ed25519_key* key)
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
sss_key_object_free(&newKey); sss_key_object_free(&newKey);
key->keyId = 0; key->keyId = -1;
} }
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
} }
@@ -966,8 +1095,10 @@ int se050_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
sss_key_store_t host_keystore; sss_key_store_t host_keystore;
sss_object_t newKey; sss_object_t newKey;
inLen = 64; #ifdef SE050_DEBUG
*outLen = 64; printf("se050_ed25519_sign_msg: key %p, in %p (%d), out %p (%d), keyId %d\n",
key, in, inLen, out, *outLen, key->keyId);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
@@ -1009,6 +1140,10 @@ int se050_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ed25519_sign_msg: ret %d, outLen %d\n", ret, *outLen);
#endif
return ret; return ret;
} }
@@ -1025,6 +1160,11 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
int keySize = ED25519_KEY_SIZE; int keySize = ED25519_KEY_SIZE;
int keyCreated = 0; int keyCreated = 0;
#ifdef SE050_DEBUG
printf("se050_ed25519_verify_msg: key %p, sig %p (%d), msg %p (%d)\n",
key, signature, signatureLen, msg, msgLen);
#endif
if (cfg_se050_i2c_pi == NULL) { if (cfg_se050_i2c_pi == NULL) {
return WC_HW_E; return WC_HW_E;
} }
@@ -1041,7 +1181,8 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
status = sss_key_object_init(&newKey, &host_keystore); status = sss_key_object_init(&newKey, &host_keystore);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
if (key->keyId == 0) { keyId = key->keyId;
if (keyId <= 0) {
byte derBuf[48]; byte derBuf[48];
word32 derSz = 0, idx = 0; word32 derSz = 0, idx = 0;
@@ -1049,6 +1190,7 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
(word32)sizeof(derBuf)); (word32)sizeof(derBuf));
if (ret >= 0) { if (ret >= 0) {
derSz = ret; derSz = ret;
ret = 0;
} }
else { else {
status = kStatus_SSS_Fail; status = kStatus_SSS_Fail;
@@ -1066,22 +1208,20 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
} }
} }
else { else {
status = sss_key_object_get_handle(&newKey, key->keyId); status = sss_key_object_get_handle(&newKey, keyId);
} }
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi, status = sss_asymmetric_context_init(&ctx_asymm, cfg_se050_i2c_pi,
&newKey, kAlgorithm_SSS_SHA512, kMode_SSS_Verify); &newKey, kAlgorithm_SSS_SHA512, kMode_SSS_Verify);
}
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
status = sss_se05x_asymmetric_verify( status = sss_se05x_asymmetric_verify(
(sss_se05x_asymmetric_t*)&ctx_asymm, (uint8_t*)msg, msgLen, (sss_se05x_asymmetric_t*)&ctx_asymm, (uint8_t*)msg, msgLen,
(uint8_t*)signature, (size_t)signatureLen); (uint8_t*)signature, (size_t)signatureLen);
} }
sss_asymmetric_context_free(&ctx_asymm); sss_asymmetric_context_free(&ctx_asymm);
}
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
key->keyId = keyId; key->keyId = keyId;
@@ -1090,6 +1230,7 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
} }
else { else {
if (keyCreated) { if (keyCreated) {
sss_key_store_erase_key(&host_keystore, &newKey);
sss_key_object_free(&newKey); sss_key_object_free(&newKey);
} }
if (ret == 0) if (ret == 0)
@@ -1098,6 +1239,10 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
wolfSSL_CryptHwMutexUnLock(); wolfSSL_CryptHwMutexUnLock();
#ifdef SE050_DEBUG
printf("se050_ed25519_verify_msg: ret %d, res %d\n", ret, *res);
#endif
return ret; return ret;
} }

67
wolfcrypt/test/test.c
View File

@@ -22002,6 +22002,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret == ECC_CURVE_OID_E)
goto done; /* catch case, where curve is not supported */
if (ret != 0) if (ret != 0)
ERROR_OUT(-9910, done); ERROR_OUT(-9910, done);
TEST_SLEEP(); TEST_SLEEP();
@@ -22945,7 +22947,7 @@ static int ecc_def_curve_test(WC_RNG *rng)
#else #else
ecc_key key[1]; ecc_key key[1];
#endif #endif
#ifdef WC_NO_RNG #if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
word32 idx = 0; word32 idx = 0;
#endif #endif
@@ -22970,46 +22972,59 @@ static int ecc_def_curve_test(WC_RNG *rng)
#ifndef WC_NO_RNG #ifndef WC_NO_RNG
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key); ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
#else
/* use test ECC key */
ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
(word32)sizeof_ecc_key_der_256);
(void)rng;
#endif
if (ret != 0) { if (ret != 0) {
ret = -10092;
goto done; goto done;
} }
TEST_SLEEP();
#ifndef NO_SIG_WRAPPER #ifndef NO_SIG_WRAPPER
ret = ecc_sig_test(rng, key); ret = ecc_sig_test(rng, key);
if (ret < 0) if (ret < 0)
goto done; goto done;
#endif #endif
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \ TEST_SLEEP();
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_QNX_CAAM) #ifdef HAVE_ECC_DHE
ret = ecc_ssh_test(key, rng);
if (ret < 0)
goto done;
#endif
#else
(void)rng;
#endif /* !WC_NO_RNG */
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)
/* Use test ECC key - ensure real private "d" exists */
#ifdef USE_CERT_BUFFERS_256
ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
sizeof_ecc_key_der_256);
#else
{
XFILE file = XFOPEN("./certs/ecc-key.der", "rb");
byte der[128];
word32 derSz;
if (!file) {
ERROR_OUT(-10093, done);
}
derSz = (word32)XFREAD(der, 1, sizeof(der), file);
XFCLOSE(file);
ret = wc_EccPrivateKeyDecode(der, &idx, key, derSz);
}
#endif
if (ret != 0) {
goto done;
}
ret = ecc_exp_imp_test(key); ret = ecc_exp_imp_test(key);
if (ret < 0) if (ret < 0)
goto done; goto done;
#endif
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_QNX_CAAM)
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)
ret = ecc_mulmod_test(key); ret = ecc_mulmod_test(key);
if (ret < 0) if (ret < 0)
goto done; goto done;
#endif #endif
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
ret = ecc_ssh_test(key, rng);
if (ret < 0)
goto done;
#endif
#endif /* WOLFSSL_ATECC508A */
done: done:
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK

2
wolfssl/wolfcrypt/port/nxp/se050_port.h
View File

@@ -128,7 +128,7 @@ WOLFSSL_LOCAL int se050_ecc_sign_hash_ex(const byte* in, word32 inLen,
byte* out, word32 *outLen, struct ecc_key* key); byte* out, word32 *outLen, struct ecc_key* key);
WOLFSSL_LOCAL int se050_ecc_verify_hash_ex(const byte* hash, word32 hashlen, WOLFSSL_LOCAL int se050_ecc_verify_hash_ex(const byte* hash, word32 hashlen,
byte* signature, word32 signatureLen, struct ecc_key* key, int* res); byte* sigRS, word32 sigRSLen, struct ecc_key* key, int* res);
WOLFSSL_LOCAL int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize); WOLFSSL_LOCAL int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize);
WOLFSSL_LOCAL int se050_ecc_shared_secret(struct ecc_key* private_key, WOLFSSL_LOCAL int se050_ecc_shared_secret(struct ecc_key* private_key,