diff --git a/pico-keys-sdk b/pico-keys-sdk index e18f192..71af710 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit e18f192edff7d3dccd325cedc6992da91254ca9d +Subproject commit 71af7105689abebebbcb76cf744d63034ba2cdaf diff --git a/src/fido/cbor.c b/src/fido/cbor.c index 50f7f0f..6acc7b8 100644 --- a/src/fido/cbor.c +++ b/src/fido/cbor.c @@ -210,9 +210,11 @@ CborError COSE_key(mbedtls_ecp_keypair *key, CborEncoder *mapEncoderParent, else if (key->grp.id == MBEDTLS_ECP_DP_CURVE25519) { alg = FIDO2_ALG_ECDH_ES_HKDF_256; } +#ifdef MBEDTLS_EDDSA_C else if (key->grp.id == MBEDTLS_ECP_DP_ED25519) { alg = FIDO2_ALG_EDDSA; } +#endif return COSE_key_params(crv, alg, &key->grp, &key->Q, mapEncoderParent, mapEncoder); } CborError COSE_key_shared(mbedtls_ecdh_context *key, diff --git a/src/fido/cbor_cred_mgmt.c b/src/fido/cbor_cred_mgmt.c index b079258..5469326 100644 --- a/src/fido/cbor_cred_mgmt.c +++ b/src/fido/cbor_cred_mgmt.c @@ -243,11 +243,11 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) { CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED); } - mbedtls_ecdsa_context key; - mbedtls_ecdsa_init(&key); + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); if (fido_load_key((int)cred.curve, cred.id.data, &key) != 0) { credential_free(&cred); - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED); } @@ -335,7 +335,7 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) { CBOR_CHECK(cbor_encode_boolean(&mapEncoder, false)); } credential_free(&cred); - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); } else if (subcommand == 0x06) { if (credentialId.id.present == false) { diff --git a/src/fido/cbor_get_assertion.c b/src/fido/cbor_get_assertion.c index 5838bc9..c0fdecd 100644 --- a/src/fido/cbor_get_assertion.c +++ b/src/fido/cbor_get_assertion.c @@ -548,14 +548,14 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { memcpy(pa, clientDataHash.data, clientDataHash.len); uint8_t hash[64] = {0}, sig[MBEDTLS_ECDSA_MAX_LEN] = {0}; const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); - mbedtls_ecdsa_context ekey; - mbedtls_ecdsa_init(&ekey); + mbedtls_ecp_keypair ekey; + mbedtls_ecp_keypair_init(&ekey); size_t olen = 0; if (selcred) { ret = fido_load_key((int)selcred->curve, selcred->id.data, &ekey); if (ret != 0) { if (derive_key(rp_id_hash, false, selcred->id.data, MBEDTLS_ECP_DP_SECP256R1, &ekey) != 0) { - mbedtls_ecdsa_free(&ekey); + mbedtls_ecp_keypair_free(&ekey); CBOR_ERROR(CTAP1_ERR_OTHER); } } @@ -565,17 +565,20 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { else if (ekey.grp.id == MBEDTLS_ECP_DP_SECP521R1) { md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); } +#ifdef MBEDTLS_EDDSA_C else if (ekey.grp.id == MBEDTLS_ECP_DP_ED25519) { md = NULL; } - +#endif if (md != NULL) { ret = mbedtls_md(md, aut_data, aut_data_len + clientDataHash.len, hash); ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL); } +#ifdef MBEDTLS_EDDSA_C else { ret = mbedtls_eddsa_write_signature(&ekey, aut_data, aut_data_len + clientDataHash.len, sig, sizeof(sig), &olen, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL); } +#endif } else { // Bogus signature diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 6fa52b6..b3ad957 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -221,12 +221,14 @@ int cbor_make_credential(const uint8_t *data, size_t len) { if (curve <= 0) { curve = FIDO2_CURVE_P256K1; } - } + } +#ifdef MBEDTLS_EDDSA_C else if (pubKeyCredParams[i].alg == FIDO2_ALG_EDDSA) { if (curve <= 0) { curve = FIDO2_CURVE_ED25519; } } +#endif else if (pubKeyCredParams[i].alg <= FIDO2_ALG_RS256 && pubKeyCredParams[i].alg >= FIDO2_ALG_RS512) { // pass } @@ -434,9 +436,11 @@ int cbor_make_credential(const uint8_t *data, size_t len) { else if (ekey.grp.id == MBEDTLS_ECP_DP_SECP521R1) { md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); } +#ifdef MBEDTLS_EDDSA_C else if (ekey.grp.id == MBEDTLS_ECP_DP_ED25519) { md = NULL; } +#endif if (md != NULL) { ret = mbedtls_md(md, aut_data, aut_data_len + clientDataHash.len, hash); } @@ -457,9 +461,11 @@ int cbor_make_credential(const uint8_t *data, size_t len) { if (md != NULL) { ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL); } +#ifdef MBEDTLS_EDDSA_C else { ret = mbedtls_eddsa_write_signature(&ekey, aut_data, aut_data_len + clientDataHash.len, sig, sizeof(sig), &olen, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL); } +#endif mbedtls_ecp_keypair_free(&ekey); if (ret != 0) { CBOR_ERROR(CTAP2_ERR_PROCESSING); diff --git a/src/fido/cmd_authenticate.c b/src/fido/cmd_authenticate.c index 2e7808c..823dce7 100644 --- a/src/fido/cmd_authenticate.c +++ b/src/fido/cmd_authenticate.c @@ -38,8 +38,8 @@ int cmd_authenticate() { return SW_CONDITIONS_NOT_SATISFIED(); } - mbedtls_ecdsa_context key; - mbedtls_ecdsa_init(&key); + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); int ret = 0; uint8_t *tmp_kh = (uint8_t *) calloc(1, req->keyHandleLen); memcpy(tmp_kh, req->keyHandle, req->keyHandleLen); @@ -49,18 +49,18 @@ int cmd_authenticate() { else { ret = derive_key(req->appId, false, req->keyHandle, MBEDTLS_ECP_DP_SECP256R1, &key); if (verify_key(req->appId, req->keyHandle, &key) != 0) { - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); free(tmp_kh); return SW_INCORRECT_PARAMS(); } } free(tmp_kh); if (ret != PICOKEY_OK) { - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); return SW_EXEC_ERROR(); } if (P1(apdu) == CTAP_AUTH_CHECK_ONLY) { - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); return SW_CONDITIONS_NOT_SATISFIED(); } resp->flags = 0; @@ -74,12 +74,12 @@ int cmd_authenticate() { memcpy(sig_base + CTAP_APPID_SIZE + 1 + 4, req->chal, CTAP_CHAL_SIZE); ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), sig_base, sizeof(sig_base), hash); if (ret != 0) { - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); return SW_EXEC_ERROR(); } size_t olen = 0; ret = mbedtls_ecdsa_write_signature(&key, MBEDTLS_MD_SHA256, hash, 32, (uint8_t *) resp->sig, CTAP_MAX_EC_SIG_SIZE, &olen, random_gen, NULL); - mbedtls_ecdsa_free(&key); + mbedtls_ecp_keypair_free(&key); if (ret != 0) { return SW_EXEC_ERROR(); } diff --git a/src/fido/fido.c b/src/fido/fido.c index 9e11385..462112c 100644 --- a/src/fido/fido.c +++ b/src/fido/fido.c @@ -112,12 +112,14 @@ mbedtls_ecp_group_id fido_curve_to_mbedtls(int curve) { else if (curve == FIDO2_CURVE_X448) { return MBEDTLS_ECP_DP_CURVE448; } +#ifdef MBEDTLS_EDDSA_C else if (curve == FIDO2_CURVE_ED25519) { return MBEDTLS_ECP_DP_ED25519; } else if (curve == FIDO2_CURVE_ED448) { return MBEDTLS_ECP_DP_ED448; } +#endif return MBEDTLS_ECP_DP_NONE; } int mbedtls_curve_to_fido(mbedtls_ecp_group_id id) { @@ -139,12 +141,14 @@ int mbedtls_curve_to_fido(mbedtls_ecp_group_id id) { else if (id == MBEDTLS_ECP_DP_CURVE448) { return FIDO2_CURVE_X448; } +#ifdef MBEDTLS_EDDSA_C else if (id == MBEDTLS_ECP_DP_ED25519) { return FIDO2_CURVE_ED25519; } else if (id == MBEDTLS_ECP_DP_ED448) { return FIDO2_CURVE_ED448; } +#endif return 0; } @@ -292,9 +296,11 @@ int derive_key(const uint8_t *app_id, bool new_key, uint8_t *key_handle, int cur if (r != 0) { return r; } +#ifdef MBEDTLS_EDDSA_C if (curve == MBEDTLS_ECP_DP_ED25519) { return mbedtls_ecp_point_edwards(&key->grp, &key->Q, &key->d, random_gen, NULL); } +#endif return mbedtls_ecp_mul(&key->grp, &key->Q, &key->d, &key->grp.G, random_gen, NULL); } mbedtls_platform_zeroize(outk, sizeof(outk)); diff --git a/src/fido/fido.h b/src/fido/fido.h index f29b953..656007a 100644 --- a/src/fido/fido.h +++ b/src/fido/fido.h @@ -28,7 +28,9 @@ #endif #include "mbedtls/ecdsa.h" +#ifdef MBEDTLS_EDDSA_C #include "mbedtls/eddsa.h" +#endif #ifndef ENABLE_EMULATION #include "hid/ctap_hid.h" #else