wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

IOTSafe workarounds: Allow reading files with no GetSize command available, allow sign command response with no padding.

Browse Source
This commit is contained in:
Kareem
2022-03-04 13:57:36 -07:00
parent e6c07a296d
commit e6189a638c
1 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
wolfcrypt/src/port/iotsafe/iotsafe.c
View File

@@ -440,9 +440,13 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
{ {
char *resp; char *resp;
int ret; int ret;
char *filesz_s;
int file_sz = 0;
uint16_t off = 0; uint16_t off = 0;
#ifdef IOTSAFE_NO_GETDATA
int file_sz = max_size;
#else
int file_sz = 0;
char *filesz_s;
iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GETDATA, iotsafe_cmd_start(csim_cmd, IOTSAFE_CLASS, IOTSAFE_INS_GETDATA,
IOTSAFE_GETDATA_FILE, 0); IOTSAFE_GETDATA_FILE, 0);
iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_FILE_ID, file_id_sz, file_id); iotsafe_cmd_add_tlv(csim_cmd, IOTSAFE_TAG_FILE_ID, file_id_sz, file_id);
@@ -471,6 +475,7 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
WOLFSSL_MSG("iotsafe_readfile: insufficient space in buffer"); WOLFSSL_MSG("iotsafe_readfile: insufficient space in buffer");
return -1; return -1;
} }
#endif
while (off < file_sz) { while (off < file_sz) {
byte off_p1, off_p2; byte off_p1, off_p2;
@@ -488,6 +493,11 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
return -1; return -1;
} }
off += ret/2; off += ret/2;
#ifdef IOTSAFE_NO_GETDATA
if (XSTRNCMP(&resp[ret-4], "0000", 4) == 0) {
break;
}
#endif
} else { } else {
WOLFSSL_MSG("IoTSafe: Error reading file."); WOLFSSL_MSG("IoTSafe: Error reading file.");
return -1; return -1;
@@ -859,6 +869,14 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
byte sig_hdr[3]; byte sig_hdr[3];
if (hex_to_bytes(resp, sig_hdr, 3) < 0) { if (hex_to_bytes(resp, sig_hdr, 3) < 0) {
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
#ifdef IOTSAFE_SIGN_NO_PADDING
} else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
(sig_hdr[1] == 2 * IOTSAFE_ECC_KSIZE)) {
XSTRNCPY(R, resp + 4, IOTSAFE_ECC_KSIZE * 2);
XSTRNCPY(S, resp + 4 + IOTSAFE_ECC_KSIZE * 2,
IOTSAFE_ECC_KSIZE * 2);
ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
#endif
} else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) && } else if ((sig_hdr[0] == IOTSAFE_TAG_SIGNATURE_FIELD) &&
(sig_hdr[1] == 0) && (sig_hdr[1] == 0) &&
(sig_hdr[2] == 2 * IOTSAFE_ECC_KSIZE)) { (sig_hdr[2] == 2 * IOTSAFE_ECC_KSIZE)) {
@@ -868,9 +886,10 @@ static int iotsafe_sign_hash(byte *privkey_idx, uint16_t id_size,
ret = wc_ecc_rs_to_sig(R, S, signature, sigLen); ret = wc_ecc_rs_to_sig(R, S, signature, sigLen);
} else { } else {
ret = WC_HW_E; ret = WC_HW_E;
WOLFSSL_MSG("Invalid response from EC sign update");
} }
} else { } else {
WOLFSSL_MSG("Invalid response from EC sign update"); WOLFSSL_MSG("Invalid/no response from EC sign update");
} }
/* Terminate sign/sign session. */ /* Terminate sign/sign session. */