Merge pull request #4723 from dgarske/se050
This commit is contained in:
Chris Conlon
GitHub
commit
f72d198778
@ -1471,6 +1471,7 @@ AC_ARG_WITH([se050],
|
||||
CPPFLAGS="$CPPFLAGS -I$trylibse050dir/sss/ex/inc"
|
||||
CPPFLAGS="$CPPFLAGS -I$trylibse050dir/sss/port/default"
|
||||
CPPFLAGS="$CPPFLAGS -I$trylibse050dir/hostlib/hostLib/inc"
|
||||
CPPFLAGS="$CPPFLAGS -I$trylibse050dir/hostlib/hostLib/libCommon/log/"
|
||||
CPPFLAGS="$CPPFLAGS -I$trylibse050dir/hostlib/hostLib/libCommon/infra"
|
||||
|
||||
if test -e "$trylibse050dir/build/sss/libSSS_APIs.a"; then
|
||||
@ -1483,6 +1484,7 @@ AC_ARG_WITH([se050],
|
||||
$trylibse050dir/build/sss/libSSS_APIs.a \
|
||||
$trylibse050dir/build/hostlib/hostLib/se05x/libse05x.a \
|
||||
$trylibse050dir/build/hostlib/hostLib/liba7x_utils.a \
|
||||
$trylibse050dir/build/hostlib/hostLib/libCommon/log/libmwlog.a \
|
||||
$trylibse050dir/build/hostlib/hostLib/libCommon/libsmCom.a $LIB_STATIC_ADD"
|
||||
else
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <fsl_sss_api.h>]], [[ sss_mac_init(0); ]])],[ libse050_linked=yes ],[ libse050_linked=no ])
|
||||
|
||||
@ -300,7 +300,7 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
|
||||
#else
|
||||
#ifdef WOLFSSL_SE050
|
||||
if (!private_key->privSet) {
|
||||
/* use NXP SE050 is private key is not set */
|
||||
/* use NXP SE050: "privSet" is not set */
|
||||
ret = se050_curve25519_shared_secret(private_key, public_key, &o);
|
||||
}
|
||||
else
|
||||
|
||||
@ -1107,6 +1107,10 @@ void se050_ed25519_free_key(ed25519_key* key)
|
||||
status = sss_key_object_get_handle(&newKey, key->keyId);
|
||||
}
|
||||
if (status == kStatus_SSS_Success) {
|
||||
if ((key->flags & WC_ED25519_FLAG_DEC_SIGN) == 0) {
|
||||
/* key was not used for signing, so release it */
|
||||
sss_key_store_erase_key(&host_keystore, &newKey);
|
||||
}
|
||||
sss_key_object_free(&newKey);
|
||||
key->keyId = -1;
|
||||
}
|
||||
@ -1138,6 +1142,9 @@ int se050_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
/* mark that key was used for signing */
|
||||
key->flags |= WC_ED25519_FLAG_DEC_SIGN;
|
||||
|
||||
status = sss_key_store_context_init(&host_keystore, cfg_se050_i2c_pi);
|
||||
if (status == kStatus_SSS_Success) {
|
||||
status = sss_key_store_allocate(&host_keystore, SE050_KEYSTOREID_ED25519);
|
||||
@ -1209,11 +1216,10 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
|
||||
if (status == kStatus_SSS_Success) {
|
||||
keyId = key->keyId;
|
||||
if (keyId <= 0) {
|
||||
byte derBuf[48];
|
||||
word32 derSz = 0, idx = 0;
|
||||
|
||||
ret = wc_Ed25519PublicKeyDecode(derBuf, &idx, key,
|
||||
(word32)sizeof(derBuf));
|
||||
byte derBuf[ED25519_PUB_KEY_SIZE + 12]; /* seq + algo + bitstring */
|
||||
word32 derSz = 0;
|
||||
|
||||
ret = wc_Ed25519PublicKeyToDer(key, derBuf, (word32)sizeof(derBuf), 1);
|
||||
if (ret >= 0) {
|
||||
derSz = ret;
|
||||
ret = 0;
|
||||
@ -1224,7 +1230,7 @@ int se050_ed25519_verify_msg(const byte* signature, word32 signatureLen,
|
||||
if (status == kStatus_SSS_Success) {
|
||||
keyId = se050_allocate_key(SE050_ED25519_KEY);
|
||||
status = sss_key_object_allocate_handle(&newKey, keyId,
|
||||
kSSS_KeyPart_Pair, kSSS_CipherType_EC_TWISTED_ED, keySize,
|
||||
kSSS_KeyPart_Public, kSSS_CipherType_EC_TWISTED_ED, keySize,
|
||||
kKeyObject_Mode_Transient);
|
||||
}
|
||||
if (status == kStatus_SSS_Success) {
|
||||
@ -1360,7 +1366,7 @@ int se050_curve25519_create_key(curve25519_key* key, int keySize)
|
||||
int se050_curve25519_shared_secret(curve25519_key* private_key,
|
||||
curve25519_key* public_key, ECPoint* out)
|
||||
{
|
||||
int ret;
|
||||
int ret = 0;
|
||||
sss_status_t status = kStatus_SSS_Success;
|
||||
sss_key_store_t host_keystore;
|
||||
sss_object_t ref_private_key;
|
||||
@ -1405,7 +1411,7 @@ int se050_curve25519_shared_secret(curve25519_key* private_key,
|
||||
if (status == kStatus_SSS_Success) {
|
||||
keyId = public_key->keyId;
|
||||
if (keyId <= 0) {
|
||||
byte derBuf[SE050_ECC_DER_MAX];
|
||||
byte derBuf[CURVE25519_PUB_KEY_SIZE + 12]; /* seq + algo + bitstring */
|
||||
word32 derSz;
|
||||
|
||||
ret = wc_Curve25519PublicKeyToDer(public_key, derBuf,
|
||||
@ -1528,6 +1534,7 @@ void se050_curve25519_free_key(struct curve25519_key* key)
|
||||
status = sss_key_object_get_handle(&newKey, key->keyId);
|
||||
}
|
||||
if (status == kStatus_SSS_Success) {
|
||||
sss_key_store_erase_key(&host_keystore, &newKey);
|
||||
sss_key_object_free(&newKey);
|
||||
key->keyId = -1;
|
||||
}
|
||||
|
||||
@ -43,6 +43,7 @@
|
||||
#endif
|
||||
|
||||
#define CURVE25519_KEYSIZE 32
|
||||
#define CURVE25519_PUB_KEY_SIZE 32
|
||||
|
||||
#ifdef WOLFSSL_NAMES_STATIC
|
||||
typedef char curve25519_str[12];
|
||||
@ -193,4 +194,3 @@ int wc_curve25519_size(curve25519_key* key);
|
||||
|
||||
#endif /* HAVE_CURVE25519 */
|
||||
#endif /* WOLF_CRYPT_CURVE25519_H */
|
||||
|
||||
|
||||
@ -77,6 +77,12 @@ enum {
|
||||
#define WC_ED25519KEY_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
/* ED25519 Flags */
|
||||
enum {
|
||||
WC_ED25519_FLAG_NONE = 0x00,
|
||||
WC_ED25519_FLAG_DEC_SIGN = 0x01,
|
||||
};
|
||||
|
||||
/* An ED25519 Key */
|
||||
struct ed25519_key {
|
||||
byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
|
||||
@ -88,6 +94,7 @@ struct ed25519_key {
|
||||
#endif
|
||||
#ifdef WOLFSSL_SE050
|
||||
int keyId;
|
||||
word32 flags;
|
||||
#endif
|
||||
word16 pubKeySet:1;
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user