-
Notifications
You must be signed in to change notification settings - Fork 2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
19954: sys/psa_crypto: Ed25519 (EdDSA) support r=benpicco a=mguetschow ### Contribution description - implement [`psa_sign_message()`](https://armmbed.github.io/mbed-crypto/html/api/ops/sign.html#c.psa_sign_message) and [`psa_verify_message()`](https://armmbed.github.io/mbed-crypto/html/api/ops/sign.html#c.psa_verify_message) for the two already supported [`PSA_ALG_ECDSA`](https://armmbed.github.io/mbed-crypto/html/api/ops/sign.html#c.PSA_ALG_ECDSA) algorithms, together with the CryptoCell and `micro-ecc` backends (*not* for the SE backend) - add support for [`PSA_ALG_PURE_EDDSA`](https://armmbed.github.io/mbed-crypto/html/api/ops/sign.html#c.PSA_ALG_PURE_EDDSA), together with the CryptoCell hardware and `c25519` software backend (*not* for the SE backend) - wipe private key data from stack for both ECDSA and EdDSA algorithms using `explicit_bzero()` (opinions from experienced Riot maintainers about usage of `goto` to avoid duplicating that function call before every `return`?) ### Testing procedure - `examples/psa_crypto` has been updated to include EdDSA - successfully tested configurations: - `nrf52840dk` with cryptocell (hardware) and `c25519` (software) backend - `native` with software backend ### Issues/PRs references Thanks `@Einhornhool` for the PSA Crypto framework implementation #18547 which is great to work with! 19966: sys/event: add event_is_queued() r=benpicco a=fabian18 Co-authored-by: Mikolai Gütschow <mikolai.guetschow@tu-dresden.de> Co-authored-by: Fabian Hüßler <fabian.huessler@ml-pa.com>
- Loading branch information
Showing
47 changed files
with
1,291 additions
and
201 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
/* | ||
* Copyright (C) 2023 TU Dresden | ||
* | ||
* This file is subject to the terms and conditions of the GNU Lesser | ||
* General Public License v2.1. See the file LICENSE in the top level | ||
* directory for more details. | ||
*/ | ||
|
||
/** | ||
* @ingroup examples | ||
* @{ | ||
* | ||
* @brief Example functions for EdDSA with PSA Crypto | ||
* | ||
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de> | ||
* | ||
* @} | ||
*/ | ||
#include <stdio.h> | ||
#include <stdint.h> | ||
|
||
#include "psa/crypto.h" | ||
|
||
#define EDDSA_MESSAGE_SIZE (127) | ||
|
||
#define ECC_KEY_SIZE (255) | ||
#define ECC_KEY_TYPE (PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS)) | ||
#define ECC_ALG (PSA_ALG_PURE_EDDSA) | ||
|
||
/** | ||
* @brief Example function to perform an EdDSA operation with the twisted Edwards curve Edwards25519 | ||
* with the PSA Crypto API. | ||
*/ | ||
psa_status_t example_eddsa(void) | ||
{ | ||
psa_key_id_t privkey_id; | ||
psa_key_attributes_t privkey_attr = psa_key_attributes_init(); | ||
psa_key_id_t pubkey_id; | ||
psa_key_attributes_t pubkey_attr = psa_key_attributes_init(); | ||
|
||
psa_key_usage_t usage = PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; | ||
|
||
uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(ECC_KEY_TYPE, ECC_KEY_SIZE)] = { 0 }; | ||
size_t pubkey_length; | ||
uint8_t signature[PSA_SIGN_OUTPUT_SIZE(ECC_KEY_TYPE, ECC_KEY_SIZE, ECC_ALG)]; | ||
size_t sig_length; | ||
uint8_t msg[EDDSA_MESSAGE_SIZE] = { 0x0b }; | ||
|
||
psa_set_key_algorithm(&privkey_attr, ECC_ALG); | ||
psa_set_key_usage_flags(&privkey_attr, usage); | ||
psa_set_key_type(&privkey_attr, ECC_KEY_TYPE); | ||
psa_set_key_bits(&privkey_attr, ECC_KEY_SIZE); | ||
|
||
psa_status_t status = PSA_ERROR_DOES_NOT_EXIST; | ||
|
||
status = psa_generate_key(&privkey_attr, &privkey_id); | ||
if (status != PSA_SUCCESS) { | ||
return status; | ||
} | ||
|
||
status = psa_export_public_key(privkey_id, public_key, sizeof(public_key), &pubkey_length); | ||
if (status != PSA_SUCCESS) { | ||
return status; | ||
} | ||
|
||
psa_set_key_algorithm(&pubkey_attr, ECC_ALG); | ||
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_MESSAGE); | ||
psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length)); | ||
psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(ECC_KEY_TYPE)); | ||
|
||
status = psa_import_key(&pubkey_attr, public_key, pubkey_length, &pubkey_id); | ||
if (status != PSA_SUCCESS) { | ||
return status; | ||
} | ||
|
||
status = psa_sign_message(privkey_id, ECC_ALG, msg, sizeof(msg), signature, sizeof(signature), | ||
&sig_length); | ||
if (status != PSA_SUCCESS) { | ||
return status; | ||
} | ||
|
||
return psa_verify_message(pubkey_id, ECC_ALG, msg, sizeof(msg), signature, sig_length); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.