75 lines
2.4 KiB
C++
75 lines
2.4 KiB
C++
// Copyright 2021 The Pigweed Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
|
// use this file except in compliance with the License. You may obtain a copy of
|
|
// the License at
|
|
//
|
|
// https://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
// License for the specific language governing permissions and limitations under
|
|
// the License.
|
|
#define PW_LOG_MODULE_NAME "ECDSA-UECC"
|
|
#define PW_LOG_LEVEL PW_LOG_LEVEL_WARN
|
|
|
|
#include "pw_crypto/ecdsa.h"
|
|
#include "pw_log/log.h"
|
|
#include "uECC.h"
|
|
|
|
namespace pw::crypto::ecdsa {
|
|
|
|
constexpr size_t kP256CurveOrderBytes = 32;
|
|
|
|
Status VerifyP256Signature(ConstByteSpan public_key,
|
|
ConstByteSpan digest,
|
|
ConstByteSpan signature) {
|
|
const uint8_t* public_key_bytes =
|
|
reinterpret_cast<const uint8_t*>(public_key.data());
|
|
const uint8_t* digest_bytes = reinterpret_cast<const uint8_t*>(digest.data());
|
|
const uint8_t* signature_bytes =
|
|
reinterpret_cast<const uint8_t*>(signature.data());
|
|
|
|
uECC_Curve curve = uECC_secp256r1();
|
|
|
|
// Supports SEC 1 uncompressed form (04||X||Y) only.
|
|
if (public_key.size() != (2 * kP256CurveOrderBytes + 1) ||
|
|
public_key_bytes[0] != 0x04) {
|
|
PW_LOG_DEBUG("Bad public key format");
|
|
return Status::InvalidArgument();
|
|
}
|
|
|
|
// Make sure the public key is on the curve.
|
|
if (!uECC_valid_public_key(public_key_bytes + 1, curve)) {
|
|
return Status::InvalidArgument();
|
|
}
|
|
|
|
// Signature expected in raw format (r||s)
|
|
if (signature.size() != kP256CurveOrderBytes * 2) {
|
|
PW_LOG_DEBUG("Bad signature format");
|
|
return Status::InvalidArgument();
|
|
}
|
|
|
|
// Digests must be at least 32 bytes. Digests longer than 32
|
|
// bytes are truncated to 32 bytes.
|
|
if (digest.size() < kP256CurveOrderBytes) {
|
|
PW_LOG_DEBUG("Digest is too short");
|
|
return Status::InvalidArgument();
|
|
}
|
|
|
|
// Verify the signature.
|
|
if (!uECC_verify(public_key_bytes + 1,
|
|
digest_bytes,
|
|
digest.size(),
|
|
signature_bytes,
|
|
curve)) {
|
|
PW_LOG_DEBUG("Signature verification failed");
|
|
return Status::Unauthenticated();
|
|
}
|
|
|
|
return OkStatus();
|
|
}
|
|
|
|
} // namespace pw::crypto::ecdsa
|