feat(hal/ecdsa): Add HAL API for operation successful check

2024-10-05 20:47:46 -04:00 · 2024-03-28 17:51:27 +05:30 · 2024-03-28 17:51:27 +05:30 · 95fac15698
commit 95fac15698
parent fc9484785b
5 changed files with 57 additions and 14 deletions
--- a/components/hal/ecdsa_hal.c
+++ b/components/hal/ecdsa_hal.c
@ -40,6 +40,11 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
    }
 }

+bool ecdsa_hal_get_operation_result(void)
+{
+    return ecdsa_ll_get_operation_result();
+}
+
 void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
                            uint8_t *r_out, uint8_t *s_out, uint16_t len)
 {
@ -112,7 +117,7 @@ int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, co
        ;
    }

-    int res = ecdsa_ll_get_verification_result();
+    bool res = ecdsa_hal_get_operation_result();

    return (res ? 0 : -1);
 }
--- a/components/hal/esp32h2/include/hal/ecdsa_ll.h
+++ b/components/hal/esp32h2/include/hal/ecdsa_ll.h
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@ -296,7 +296,7 @@ static inline bool ecdsa_ll_sha_is_busy(void)
 /**
 * @brief Write the ECDSA parameter
 *
- * @param param Parameter to be writen
+ * @param param Parameter to be written
 * @param buf   Buffer containing data
 * @param len   Length of buffer
 */
@ -366,14 +366,12 @@ static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uin
 }

 /**
- * @brief Get result of ECDSA verification operation
+ * @brief Check if the ECDSA operation is successful
 *
- *        This is only valid for ECDSA verify mode
- *
- * @return - 1, if signature verification succeeds
+ * @return - 1, if ECDSA operation succeeds
 *         - 0, otherwise
 */
-static inline int ecdsa_ll_get_verification_result(void)
+static inline int ecdsa_ll_get_operation_result(void)
 {
    return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_OPERATION_RESULT);
 }
--- a/components/hal/include/hal/ecdsa_hal.h
+++ b/components/hal/include/hal/ecdsa_hal.h
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@ -73,6 +73,14 @@ int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, co
 void ecdsa_hal_export_pubkey(ecdsa_hal_config_t *conf, uint8_t *pub_x, uint8_t *pub_y, uint16_t len);
 #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */

+/**
+ * @brief Check if the ECDSA operation is successful
+ *
+ * @return - true, if the ECDSA operation is successful
+ *         - false, if the ECDSA operation fails
+ */
+bool ecdsa_hal_get_operation_result(void);
+
 #ifdef __cplusplus
 }
 #endif
--- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
+++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
@ -97,7 +97,7 @@ static void test_ecdsa_corrupt_data(bool is_p256, uint8_t* sha, uint8_t* r_le, u
        len = 24;
    }

-    // Randomly select a bit and corrupt its correpsonding value
+    // Randomly select a bit and corrupt its corresponding value
    uint16_t r_bit = esp_random() % len * 8;

    printf("Corrupting SHA bit %d...\n", r_bit);
@ -158,9 +158,16 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*

    ecdsa_enable_and_reset();

+    bool process_again = false;
+
    do {
        ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
-    } while(!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len));
+
+        process_again = !ecdsa_hal_get_operation_result()
+                        || !memcmp(r_le, zeroes, len)
+                        || !memcmp(s_le, zeroes, len);
+
+    } while(process_again);

    ecdsa_disable();
 }
@ -179,6 +186,7 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key)
 {
    uint8_t pub_x[32] = {0};
    uint8_t pub_y[32] = {0};
+    uint8_t zeroes[32] = {0};
    uint16_t len;

    ecdsa_hal_config_t conf = {
@ -201,7 +209,17 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key)
    }

    ecdsa_enable_and_reset();
-    ecdsa_hal_export_pubkey(&conf, pub_x, pub_y, len);
+
+    bool process_again = false;
+
+    do {
+        ecdsa_hal_export_pubkey(&conf, pub_x, pub_y, len);
+
+        process_again = !ecdsa_hal_get_operation_result()
+                        || !memcmp(pub_x, zeroes, len)
+                        || !memcmp(pub_y, zeroes, len);
+
+    } while (process_again);

    if (is_p256) {
        TEST_ASSERT_EQUAL_HEX8_ARRAY(ecdsa256_pub_x, pub_x, len);
--- a/components/mbedtls/port/ecdsa/ecdsa_alt.c
+++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c
@ -101,9 +101,16 @@ int esp_ecdsa_load_pubkey(mbedtls_ecp_keypair *keypair, int efuse_blk)

    esp_ecdsa_acquire_hardware();

+    bool process_again = false;
+
    do {
        ecdsa_hal_export_pubkey(&conf, qx_le, qy_le, len);
-    } while (!memcmp(qx_le, zeroes, len) || !memcmp(qy_le, zeroes, len));
+
+        process_again = !ecdsa_hal_get_operation_result()
+                        || !memcmp(qx_le, zeroes, len)
+                        || !memcmp(qy_le, zeroes, len);
+
+    } while (process_again);

    esp_ecdsa_release_hardware();

@ -250,6 +257,8 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s

    esp_ecdsa_acquire_hardware();

+    bool process_again = false;
+
    do {
        ecdsa_hal_config_t conf = {
            .mode = ECDSA_MODE_SIGN_GEN,
@ -260,7 +269,12 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
        };

        ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
-    } while (!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len));
+
+        process_again = !ecdsa_hal_get_operation_result()
+                        || !memcmp(r_le, zeroes, len)
+                        || !memcmp(s_le, zeroes, len);
+
+    } while (process_again);

    esp_ecdsa_release_hardware();