alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-09-04 23:27:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/enable_support_for_deterministic_mode_and_ecdsa_192_v5.3' into 'release/v5.3'

Browse Source 
Feature/enable support for deterministic mode and ecdsa 192 v5.3

See merge request espressif/esp-idf!40102
This commit is contained in:
Aditya Patwardhan
2025-06-25 14:37:58 +05:30
parent d7ec47f336 0378ed1cc1
commit cddc6685f1
19 changed files with 377 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
components/mbedtls/port/ecdsa/ecdsa_alt.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -335,9 +335,9 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
bool process_again = false;
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
uint16_t deterministic_loop_number = 1;
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
#if !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP
uint16_t deterministic_loop_number __attribute__((unused)) = 1;
#endif /* !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP */
do {
ecdsa_hal_config_t conf = {
@@ -345,10 +345,12 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
.curve = curve,
.sha_mode = ECDSA_Z_USER_PROVIDED,
.sign_type = k_type,
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
.loop_number = deterministic_loop_number++,
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
};
#if !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP
if (ecdsa_ll_is_deterministic_mode_supported()) {
conf.loop_number = deterministic_loop_number++;
}
#endif /* !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP */
if (use_km_key) {
conf.use_km_key = 1;
@@ -373,8 +375,8 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
|| !memcmp(r_le, zeroes, len)
|| !memcmp(s_le, zeroes, len);
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
if (k_type == ECDSA_K_TYPE_DETERMINISITIC) {
#if SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE && !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP
if (ecdsa_ll_is_deterministic_mode_supported() && k_type == ECDSA_K_TYPE_DETERMINISITIC) {
process_again |= !ecdsa_hal_det_signature_k_check();
}
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
@@ -470,12 +472,18 @@ int __wrap_mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
/*
* Check `d` whether it contains the hardware key
*/
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN
if (d->MBEDTLS_PRIVATE(s) == ECDSA_KEY_MAGIC) {
// Use hardware ECDSA peripheral
return esp_ecdsa_sign(grp, r, s, d, buf, blen, ECDSA_K_TYPE_DETERMINISITIC);
} else {
return __real_mbedtls_ecdsa_sign_det_ext(grp, r, s, d, buf, blen, md_alg, f_rng_blind, p_rng_blind);
if (ecdsa_ll_is_deterministic_mode_supported()) {
// Use hardware ECDSA peripheral
return esp_ecdsa_sign(grp, r, s, d, buf, blen, ECDSA_K_TYPE_DETERMINISITIC);
} else {
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
}
}
#endif
// Fallback to software implementation
return __real_mbedtls_ecdsa_sign_det_ext(grp, r, s, d, buf, blen, md_alg, f_rng_blind, p_rng_blind);
}
extern int __real_mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp,
@@ -505,12 +513,18 @@ int __wrap_mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp,
/*
* Check `d` whether it contains the hardware key
*/
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN
if (d->MBEDTLS_PRIVATE(s) == ECDSA_KEY_MAGIC) {
// Use hardware ECDSA peripheral
return esp_ecdsa_sign(grp, r, s, d, buf, blen, ECDSA_K_TYPE_DETERMINISITIC);
} else {
return __real_mbedtls_ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, f_rng_blind, p_rng_blind, NULL);
if (ecdsa_ll_is_deterministic_mode_supported()) {
// Use hardware ECDSA peripheral
return esp_ecdsa_sign(grp, r, s, d, buf, blen, ECDSA_K_TYPE_DETERMINISITIC);
} else {
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
}
}
#endif
// Fallback to software implementation
return __real_mbedtls_ecdsa_sign_det_ext(grp, r, s, d, buf, blen, md_alg, f_rng_blind, p_rng_blind);
}
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
@@ -580,15 +594,22 @@ int __wrap_mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
mbedtls_mpi_init(&r);
mbedtls_mpi_init(&s);
ecdsa_sign_type_t k_type = ECDSA_K_TYPE_TRNG;
#if defined(SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE) && defined(CONFIG_MBEDTLS_ECDSA_DETERMINISTIC)
if (ecdsa_ll_is_deterministic_mode_supported()) {
k_type = ECDSA_K_TYPE_DETERMINISITIC;
}
#endif
/*
* Check `d` whether it contains the hardware key
*/
if (ctx->MBEDTLS_PRIVATE(d).MBEDTLS_PRIVATE(s) == ECDSA_KEY_MAGIC) {
// Use hardware ECDSA peripheral
#if defined(SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE) && defined(CONFIG_MBEDTLS_ECDSA_DETERMINISTIC)
MBEDTLS_MPI_CHK(esp_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &r, &s, &ctx->MBEDTLS_PRIVATE(d), hash, hlen, ECDSA_K_TYPE_DETERMINISITIC));
MBEDTLS_MPI_CHK(esp_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &r, &s, &ctx->MBEDTLS_PRIVATE(d), hash, hlen, k_type));
#else
MBEDTLS_MPI_CHK(esp_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &r, &s, &ctx->MBEDTLS_PRIVATE(d), hash, hlen, ECDSA_K_TYPE_TRNG));
MBEDTLS_MPI_CHK(esp_ecdsa_sign(&ctx->MBEDTLS_PRIVATE(grp), &r, &s, &ctx->MBEDTLS_PRIVATE(d), hash, hlen, k_type));
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
}
@@ -710,7 +731,9 @@ int __wrap_mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp,
const mbedtls_mpi *s,
mbedtls_ecdsa_restart_ctx *rs_ctx)
{
if ((grp->id == MBEDTLS_ECP_DP_SECP192R1 || grp->id == MBEDTLS_ECP_DP_SECP256R1) && blen == ECDSA_SHA_LEN) {
if (((grp->id == MBEDTLS_ECP_DP_SECP192R1 && esp_efuse_is_ecdsa_p192_curve_supported())
|| (grp->id == MBEDTLS_ECP_DP_SECP256R1 && esp_efuse_is_ecdsa_p256_curve_supported()))
&& blen == ECDSA_SHA_LEN) {
return esp_ecdsa_verify(grp, buf, blen, Q, r, s);
} else {
return __real_mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, rs_ctx);

19
components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c
View File

@@ -26,6 +26,11 @@
#if SOC_KEY_MANAGER_SUPPORTED
#include "esp_key_mgr.h"
#endif
#if SOC_ECDSA_SUPPORTED
#include "hal/ecdsa_ll.h"
#endif
#define TEST_ASSERT_MBEDTLS_OK(X) TEST_ASSERT_EQUAL_HEX32(0, -(X))
#if CONFIG_NEWLIB_NANO_FORMAT
@@ -36,6 +41,8 @@
#define NEWLIB_NANO_COMPAT_CAST(int64_t_var) int64_t_var
#endif
__attribute__((unused)) static const char * TAG = "mbedtls_test";
/*
* All the following values are in big endian format, as required by the mbedTLS APIs
*/
@@ -267,12 +274,20 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][efuse_ke
TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][efuse_key]")
{
test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, true, SECP192R1_EFUSE_BLOCK);
if (!ecdsa_ll_is_deterministic_mode_supported()) {
ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported.");
} else {
test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, true, SECP192R1_EFUSE_BLOCK);
}
}
TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][efuse_key]")
{
test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, true, SECP256R1_EFUSE_BLOCK);
if (!ecdsa_ll_is_deterministic_mode_supported()) {
ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported.");
} else {
test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, true, SECP256R1_EFUSE_BLOCK);
}
}
#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */