RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-01-17 04:52:59 +01:00
Code Releases Activity

examples/psa_crypto: Update example to work with SEs

Browse Source
This commit is contained in:
Lena Boeckmann 2023-10-19 14:12:49 +02:00
parent 130420258c
commit b2e1c69b79
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
examples/psa_crypto/example_ecdsa_p256.c
View File

@ -81,10 +81,13 @@ psa_status_t example_ecdsa_p256(void)
} }
#ifdef SECURE_ELEMENT #ifdef SECURE_ELEMENT
/* Currently there is no support for message signature and verification on secure elements */
psa_set_key_lifetime(&pubkey_attr, lifetime); psa_set_key_lifetime(&pubkey_attr, lifetime);
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_HASH);
#else
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_MESSAGE);
#endif #endif
psa_set_key_algorithm(&pubkey_attr, ECC_ALG); psa_set_key_algorithm(&pubkey_attr, ECC_ALG);
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_MESSAGE);
psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length)); psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length));
psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)); psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1));
@ -99,6 +102,12 @@ psa_status_t example_ecdsa_p256(void)
return status; return status;
} }
#ifdef SECURE_ELEMENT
/* Currently there is only support for hash signature and verification on secure elements,
so we can't verify the message, but only the hash */
return psa_verify_hash(pubkey_id, ECC_ALG, hash, sizeof(hash), signature, sig_length);
#endif
/* verify on original message with internal hashing operation */ /* verify on original message with internal hashing operation */
return psa_verify_message(pubkey_id, ECC_ALG, msg, sizeof(msg), signature, sig_length); return psa_verify_message(pubkey_id, ECC_ALG, msg, sizeof(msg), signature, sig_length);
} }

5
examples/psa_crypto/main.c
View File

@ -24,7 +24,10 @@
extern psa_status_t example_cipher_aes_128(void); extern psa_status_t example_cipher_aes_128(void);
extern psa_status_t example_hmac_sha256(void); extern psa_status_t example_hmac_sha256(void);
extern psa_status_t example_ecdsa_p256(void); extern psa_status_t example_ecdsa_p256(void);
#ifndef SECURE_ELEMENT
extern psa_status_t example_eddsa(void); extern psa_status_t example_eddsa(void);
#endif
#ifdef MULTIPLE_SE #ifdef MULTIPLE_SE
extern psa_status_t example_cipher_aes_128_sec_se(void); extern psa_status_t example_cipher_aes_128_sec_se(void);
@ -61,12 +64,14 @@ int main(void)
printf("ECDSA failed: %s\n", psa_status_to_humanly_readable(status)); printf("ECDSA failed: %s\n", psa_status_to_humanly_readable(status));
} }
#ifndef SECURE_ELEMENT
start = ztimer_now(ZTIMER_USEC); start = ztimer_now(ZTIMER_USEC);
status = example_eddsa(); status = example_eddsa();
printf("EdDSA took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start)); printf("EdDSA took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start));
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
printf("EdDSA failed: %s\n", psa_status_to_humanly_readable(status)); printf("EdDSA failed: %s\n", psa_status_to_humanly_readable(status));
} }
#endif
#ifdef MULTIPLE_SE #ifdef MULTIPLE_SE
puts("Running Examples with secondary SE:"); puts("Running Examples with secondary SE:");