Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg/micro-ecc/psa_uecc: convert between SEC 1 and micro-ecc public key formats #20676

Merged
merged 2 commits into from
May 22, 2024
Merged

pkg/micro-ecc/psa_uecc: convert between SEC 1 and micro-ecc public key formats #20676

merged 2 commits into from
May 22, 2024

Conversation

LP-HAW
Copy link
Contributor

@LP-HAW LP-HAW commented May 16, 2024

Contribution description

micro-ecc uses the SEC 1 public key format without the 0x04 prefix [1]. This PR adds conversions between SEC 1 and micro-ecc public key formats in the micro-ecc PSA backend driver.

[1]: https://github.com/kmackay/micro-ecc/blob/master/README.md#point-representation

Testing procedure

make -C tests/sys/psa_crypto_ecdsa all test

Issues/PRs references

None

@github-actions github-actions bot added the Area: pkg Area: External package ports label May 16, 2024
@mguetschow
Copy link
Contributor

Thanks, very good catch! How did you find out about that one? If you have some testing data (aka signatures and a matching public key for verify), it would be nice to augment our tests (probably tests/sys/psa_crypto_ecdsa) to make the bug apparent.

@mguetschow mguetschow added Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors) Area: crypto Area: Cryptographic libraries CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR labels May 17, 2024
@riot-ci
Copy link

riot-ci commented May 17, 2024
edited

Murdock results

✔️ PASSED

2ed082a tests/sys/psa_crypto_ecdsa: add test vector

Success Failures Total Runtime
10098 0 10102 15m:06s

Artifacts

@LP-HAW
Copy link
Contributor Author

LP-HAW commented May 18, 2024

it would be nice to augment our tests (probably tests/sys/psa_crypto_ecdsa) to make the bug apparent.

I do not have an ATECC608A but I think the psa_crypto_se_ecdsa test should already fail.

@mguetschow
Copy link
Contributor

it would be nice to augment our tests (probably tests/sys/psa_crypto_ecdsa) to make the bug apparent.

I do not have an ATECC608A but I think the psa_crypto_se_ecdsa test should already fail.

Ah really? I think the tests are currently generating a new keypair and using its public part to verify a selfmade signature - which should currently succeed on both hardware and software backends. Only the interaction between different implementations would be a problem.

So a test which imports a public key and verifies a pre-signed message should have passed on the hardware but not with micro-ecc, which you are fixing here.

@github-actions github-actions bot added the Area: tests Area: tests and testing framework label May 21, 2024
@LP-HAW
Copy link
Contributor Author

LP-HAW commented May 21, 2024

Only the interaction between different implementations would be a problem.

You're right. I just misunderstood the test.

So a test which imports a public key and verifies a pre-signed message

Seems like a good idea. I gave it a try.

mguetschow
mguetschow requested changes May 22, 2024
View reviewed changes
Copy link
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adding the test vector! I can confirm that the test fails on BOARD=native before the bugfix and passes after applying it.

Just a minor note below.

tests/sys/psa_crypto_ecdsa/test_ecdsa_p256_vectors.c Show resolved Hide resolved
mguetschow
mguetschow approved these changes May 22, 2024
View reviewed changes
Copy link
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot! :)

@mguetschow mguetschow enabled auto-merge May 22, 2024 15:10
@mguetschow mguetschow added this pull request to the merge queue May 22, 2024
Merged via the queue into RIOT-OS:master with commit c46d75d May 22, 2024
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mguetschow mguetschow mguetschow approved these changes

@Einhornhool Einhornhool Awaiting requested review from Einhornhool

@leandrolanzieri leandrolanzieri Awaiting requested review from leandrolanzieri leandrolanzieri is a code owner

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

@MichelRottleuthner MichelRottleuthner Awaiting requested review from MichelRottleuthner MichelRottleuthner is a code owner

Assignees
No one assigned
Labels
Area: crypto Area: Cryptographic libraries Area: pkg Area: External package ports Area: tests Area: tests and testing framework CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Type: bug The issue reports a bug / The PR fixes a bug (including spelling errors)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@LP-HAW @mguetschow @riot-ci