From c05a5a31a393920f9f8d572ac7ad13565c687bde Mon Sep 17 00:00:00 2001 From: lagosantol <40164455+lagosantol@users.noreply.github.com> Date: Wed, 20 Dec 2023 11:42:17 +0100 Subject: [PATCH 1/2] Fixed hash algo to be selected based on input instead of being hardcoded. --- extras/tls/mbedtls_alt/ecdsa_se05x.c | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/extras/tls/mbedtls_alt/ecdsa_se05x.c b/extras/tls/mbedtls_alt/ecdsa_se05x.c index 2ec3f733b..2950aa0e4 100644 --- a/extras/tls/mbedtls_alt/ecdsa_se05x.c +++ b/extras/tls/mbedtls_alt/ecdsa_se05x.c @@ -126,6 +126,7 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, smStatus_t status = SM_NOT_OK; SE05x_Result_t result; + SE05x_ECSignatureAlgo_t ecSignAlgo; uint32_t keyID = 0; uint8_t magic_bytes[] = ALT_KEYS_MAGIC; uint8_t buffer[150] = {0}; @@ -166,9 +167,32 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, return -1; } + // decide on the algo based on the input size + // (input being the hash) + switch(blen) { + case 20: + ecSignAlgo = kSE05x_ECSignatureAlgo_SHA; + break; + case 28: + ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_224; + break; + case 32: + ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_256; + break; + case 48: + ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_384; + break; + case 64: + ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_512; + break; + default: + SMLOG_E("Unsupported hash length: %d\r\n", blen); + return -1; + } + SMLOG_I("Using SE05x for ecdsa sign. blen: %d\r\n", blen); status = Se05x_API_ECDSASign( - pSession, keyID, kSE05x_ECSignatureAlgo_SHA_384, (uint8_t *)buf, blen, signature, &signature_len); + pSession, keyID, ecSignAlgo, (uint8_t *)buf, blen, signature, &signature_len); if (status != SM_OK) { SMLOG_E("Error in Se05x_API_ECDSASign\r\n"); return -1; From c04a5cb9deea24cfa41299e78e5605c2ab4b1274 Mon Sep 17 00:00:00 2001 From: pennam Date: Fri, 5 Jan 2024 10:36:28 +0100 Subject: [PATCH 2/2] SSLClient: rebuild libmbedse05x.a to fix signature algo selection --- .../SSLClient/src/cortex-m33/libmbedse05x.a | Bin 6908 -> 7012 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/libraries/SSLClient/src/cortex-m33/libmbedse05x.a b/libraries/SSLClient/src/cortex-m33/libmbedse05x.a index f62c48a63ac05ce74838f319a2213871974b5337..dc492d8d29488f045ea5f4232b31a87005674de6 100644 GIT binary patch delta 998 zcmYk5ZAepL6vxkVx2yB&+UDGxFl#TqCehWo6f3k?4|h?lOhUv$d!ZGvMk=fvjI1D{ zKzX7MNf8K<7QV1A3Bt$^eJNu?ff12JaTTMsu)IOFo@ZU83;**w&pGGbbI#@7U*3<~ z21|4eVtsvmgU37M^yXOG0IY4~Hy<8)v2#5WH=#0N{X|U2rfC%GiNjjO73GnE{MnLF zPhU8E?tJgb6OLeaPtbApWaw0Hu*p$QnhQoZ0c=@L1)$>VzHGLCxCv{> z#o=9eZW)ota62YZeN%pSHu+3`uiPh3^_EzN^hLg_m_<~BlI_xxJe_tJ3X{5p>2#5y zEIFOFQ|rfvq!F4C4Ne+qG5nYhq$&io7)UtJ*!V5M0a>S#%U%XecB|E5qu`FRQgRJ$gZ z`Zi-fc3`%}O0KsHy|zjnvJ0R8qXu(2P(EIb!snXne@HhGI6F7if{ls0Y}g z5;JZ9Xk|129A%_+y^KbHsCs721QWn4V^{s`1Q24ReFTom0x{Ug z9J)fC$`(qF2k@zsRPIxGKxLcCc9oqfyHuV~8B}>zWmsizmKuOa{F0fzmGk6jk(+-= z$BU9>>RrnP&=Hfx&6R0MNU)N979+Yxj#w(u0=a6b!S8AKoux$ delta 896 zcmYk*Ur19?7y$6^-0f~_b8U0pxom~o%zBn!L^8p@F9E%34-crD{W9c z_!QYGQAZIJp(*9qOAp4NgdY0Cj0&U&C5)SB=0e+oYTdIg(uI3}=X~G!?)P!wE;s#Z zyuM4*Co@> z>oX-g5attS1R4%)=vsh<9R!MB~RXB9S;5 z*ZXuw3h6mbY3AurA)tncb)wrGvs3F*+s`PDJCcS5Od$!{Ne__{SUoZ7{QC z454(V@J<|%=5kH&BQ)xa=rebAB7hpI9>6Q>r|tykp&9^ssnWUgR3pHEydR~S0OqL0 z0BJeCOqE7qq`tJyN|l<`Ql&m`s2s%L6J1yUe#j~rsfY#8$QH>OWlLnOvNqXr*$P=+ zwno-1+aT+umL}KDK7@`E7w2S$qzPI{SX%LFX?hanoXnhp+~F$OLrMT2u`A7FT5CiR d@|D}q=A