New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pkg/micro-ecc: Add PSA Crypto Wrappers #18581
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# Copyright (c) 2021 HAW Hamburg | ||
# | ||
# This file is subject to the terms and conditions of the GNU Lesser | ||
# General Public License v2.1. See the file LICENSE in the top level | ||
# directory for more details. | ||
# | ||
|
||
config MODULE_PSA_UECC_P192 | ||
bool | ||
depends on MODULE_PSA_CRYPTO | ||
select MODULE_PSA_UECC | ||
|
||
config MODULE_PSA_UECC_P256 | ||
bool | ||
depends on MODULE_PSA_CRYPTO | ||
select MODULE_PSA_UECC | ||
|
||
config MODULE_PSA_UECC | ||
bool |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
BASE_MODULE := psa_uecc | ||
SUBMODULES := 1 | ||
|
||
include $(RIOTBASE)/Makefile.base |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
/* | ||
* Copyright (C) 2021 HAW Hamburg | ||
* | ||
* This file is subject to the terms and conditions of the GNU Lesser | ||
* General Public License v2.1. See the file LICENSE in the top level | ||
* directory for more details. | ||
*/ | ||
|
||
/** | ||
* @ingroup sys_psa_crypto pkg_micro-ecc | ||
* @{ | ||
* | ||
* @brief Glue code translating between PSA Crypto and the Micro-ECC APIs | ||
* | ||
* @author Lena Boeckmann <lena.boeckmann@haw-hamburg.de> | ||
* | ||
* @} | ||
*/ | ||
|
||
#include "psa/crypto.h" | ||
#include "uECC.h" | ||
|
||
psa_status_t psa_generate_ecc_p192r1_key_pair( const psa_key_attributes_t *attributes, | ||
uint8_t *priv_key_buffer, uint8_t *pub_key_buffer, | ||
size_t *priv_key_buffer_length, | ||
size_t *pub_key_buffer_length) | ||
{ | ||
int ret = 0; | ||
|
||
*priv_key_buffer_length = PSA_BITS_TO_BYTES(attributes->bits); | ||
*pub_key_buffer_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(attributes->type, attributes->bits); | ||
|
||
struct uECC_Curve_t *curve = uECC_secp192r1(); | ||
|
||
ret = uECC_make_key(pub_key_buffer, priv_key_buffer, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
return PSA_SUCCESS; | ||
} | ||
|
||
psa_status_t psa_ecc_p192r1_sign_hash( const psa_key_attributes_t *attributes, | ||
psa_algorithm_t alg, const uint8_t *key_buffer, | ||
size_t key_buffer_size, const uint8_t *hash, | ||
size_t hash_length, uint8_t *signature, | ||
size_t signature_size, size_t *signature_length) | ||
{ | ||
int ret = 0; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We should check that There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Wouldn't it be better to check all the input buffer sizes at a higher level ( |
||
struct uECC_Curve_t *curve = uECC_secp192r1(); | ||
|
||
ret = uECC_sign(key_buffer, hash, hash_length, signature, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
*signature_length = signature_size; | ||
|
||
(void)alg; | ||
(void)attributes; | ||
(void)key_buffer_size; | ||
return PSA_SUCCESS; | ||
} | ||
|
||
psa_status_t psa_ecc_p192r1_verify_hash(const psa_key_attributes_t *attributes, | ||
psa_algorithm_t alg, const uint8_t *key_buffer, | ||
size_t key_buffer_size, const uint8_t *hash, | ||
size_t hash_length, const uint8_t *signature, | ||
size_t signature_length) | ||
{ | ||
int ret = 0; | ||
struct uECC_Curve_t *curve = uECC_secp192r1(); | ||
|
||
ret = uECC_verify(key_buffer, hash, hash_length, signature, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
(void)alg; | ||
(void)attributes; | ||
(void)key_buffer_size; | ||
(void)signature_length; | ||
return PSA_SUCCESS; | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
/* | ||
* Copyright (C) 2021 HAW Hamburg | ||
* | ||
* This file is subject to the terms and conditions of the GNU Lesser | ||
* General Public License v2.1. See the file LICENSE in the top level | ||
* directory for more details. | ||
*/ | ||
|
||
/** | ||
* @ingroup sys_psa_crypto pkg_micro-ecc | ||
* @{ | ||
* | ||
* @brief Glue code translating between PSA Crypto and the Micro-ECC APIs | ||
* | ||
* @author Lena Boeckmann <lena.boeckmann@haw-hamburg.de> | ||
* | ||
* @} | ||
*/ | ||
|
||
#include "psa/crypto.h" | ||
#include "uECC.h" | ||
|
||
psa_status_t psa_generate_ecc_p256r1_key_pair( const psa_key_attributes_t *attributes, | ||
uint8_t *priv_key_buffer, uint8_t *pub_key_buffer, | ||
size_t *priv_key_buffer_length, | ||
size_t *pub_key_buffer_length) | ||
{ | ||
int ret = 0; | ||
|
||
*priv_key_buffer_length = PSA_BITS_TO_BYTES(attributes->bits); | ||
*pub_key_buffer_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(attributes->type, attributes->bits); | ||
|
||
struct uECC_Curve_t *curve = uECC_secp256r1(); | ||
|
||
ret = uECC_make_key(pub_key_buffer, priv_key_buffer, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
return PSA_SUCCESS; | ||
} | ||
|
||
psa_status_t psa_ecc_p256r1_sign_hash( const psa_key_attributes_t *attributes, | ||
psa_algorithm_t alg, const uint8_t *key_buffer, | ||
size_t key_buffer_size, const uint8_t *hash, | ||
size_t hash_length, uint8_t *signature, | ||
size_t signature_size, size_t *signature_length) | ||
{ | ||
int ret = 0; | ||
struct uECC_Curve_t *curve = uECC_secp256r1(); | ||
|
||
ret = uECC_sign(key_buffer, hash, hash_length, signature, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
*signature_length = signature_size; | ||
|
||
(void)alg; | ||
(void)attributes; | ||
(void)key_buffer_size; | ||
return PSA_SUCCESS; | ||
} | ||
|
||
psa_status_t psa_ecc_p256r1_verify_hash(const psa_key_attributes_t *attributes, | ||
psa_algorithm_t alg, const uint8_t *key_buffer, | ||
size_t key_buffer_size, const uint8_t *hash, | ||
size_t hash_length, const uint8_t *signature, | ||
size_t signature_length) | ||
{ | ||
int ret = 0; | ||
struct uECC_Curve_t *curve = uECC_secp256r1(); | ||
|
||
ret = uECC_verify(key_buffer, hash, hash_length, signature, curve); | ||
if (!ret) { | ||
return PSA_ERROR_GENERIC_ERROR; | ||
} | ||
|
||
(void)alg; | ||
(void)attributes; | ||
(void)key_buffer_size; | ||
(void)signature_length; | ||
return PSA_SUCCESS; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a given guarantee from the upper layer that all these pointers will always be valid? Otherwise I'd keep my defensive approach 🛡️ and check them
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The attributes are checked first thing in
psa_crypto.c
and all key buffers come from inside the implementation, not from the user or application. So they'll be valid here =)