From a0faf5308e5b687b2d35b77ecd5408337eb75e3a Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Tue, 9 Dec 2025 15:49:20 +0100 Subject: [PATCH] Move EDDSA to another branch. Signed-off-by: Pol Henarejos --- pico-keys-sdk | 2 +- src/hsm/cmd_keypair_gen.c | 8 ------ src/hsm/cmd_signature.c | 14 +--------- src/hsm/cvc.c | 39 +++++---------------------- src/hsm/kek.c | 18 +------------ src/hsm/sc_hsm.c | 10 +------ tests/pico-hsm/test_021_key_import.py | 13 +-------- tests/pico-hsm/test_030_signature.py | 10 ------- 8 files changed, 11 insertions(+), 103 deletions(-) diff --git a/pico-keys-sdk b/pico-keys-sdk index d0dea3d..09ec076 160000 --- a/pico-keys-sdk +++ b/pico-keys-sdk @@ -1 +1 @@ -Subproject commit d0dea3d0c5427549ad56c284a2011d5b3eea42e0 +Subproject commit 09ec0767b6a3bd79b2a176fb468e97d9fde28449 diff --git a/src/hsm/cmd_keypair_gen.c b/src/hsm/cmd_keypair_gen.c index 0b984d7..e43f322 100644 --- a/src/hsm/cmd_keypair_gen.c +++ b/src/hsm/cmd_keypair_gen.c @@ -83,14 +83,6 @@ int cmd_keypair_gen() { if (asn1_find_tag(&ctxo, 0x83, &g) != true) { return SW_WRONG_DATA(); } -#ifdef MBEDTLS_EDDSA_C - if (ec_id == MBEDTLS_ECP_DP_CURVE25519 && (g.data[0] != 9)) { - ec_id = MBEDTLS_ECP_DP_ED25519; - } - else if (ec_id == MBEDTLS_ECP_DP_CURVE448 && (g.len != 56 || g.data[0] != 5)) { - ec_id = MBEDTLS_ECP_DP_ED448; - } -#endif } printf("KEYPAIR ECC %d\r\n", ec_id); mbedtls_ecdsa_context ecdsa; diff --git a/src/hsm/cmd_signature.c b/src/hsm/cmd_signature.c index 7169ee0..10260d8 100644 --- a/src/hsm/cmd_signature.c +++ b/src/hsm/cmd_signature.c @@ -20,9 +20,6 @@ #include "asn1.h" #include "mbedtls/oid.h" #include "random.h" -#ifdef MBEDTLS_EDDSA_C -#include "mbedtls/eddsa.h" -#endif extern mbedtls_ecp_keypair hd_context; extern uint8_t hd_keytype; @@ -276,16 +273,7 @@ int cmd_signature() { } size_t olen = 0; uint8_t buf[MBEDTLS_ECDSA_MAX_LEN]; -#ifdef MBEDTLS_EDDSA_C - if (ctx.grp.id == MBEDTLS_ECP_DP_ED25519 || ctx.grp.id == MBEDTLS_ECP_DP_ED448) { - r = mbedtls_eddsa_write_signature(&ctx, apdu.data, apdu.nc, buf, sizeof(buf), &olen, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL); - } - else -#endif - { - r = mbedtls_ecdsa_write_signature(&ctx, md, apdu.data, apdu.nc, buf, MBEDTLS_ECDSA_MAX_LEN, - &olen, random_gen, NULL); - } + r = mbedtls_ecdsa_write_signature(&ctx, md, apdu.data, apdu.nc, buf, MBEDTLS_ECDSA_MAX_LEN, &olen, random_gen, NULL); if (r != 0) { mbedtls_ecp_keypair_free(&ctx); return SW_EXEC_ERROR(); diff --git a/src/hsm/cvc.c b/src/hsm/cvc.c index f7e0e97..67d833c 100644 --- a/src/hsm/cvc.c +++ b/src/hsm/cvc.c @@ -26,9 +26,6 @@ #include "oid.h" #include "mbedtls/md.h" #include "files.h" -#ifdef MBEDTLS_EDDSA_C -#include "mbedtls/eddsa.h" -#endif extern const uint8_t *dev_name; extern uint16_t dev_name_len; @@ -91,11 +88,7 @@ uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecp_keypair *ecdsa, uint8_t *buf, uin uint16_t ctot_size = asn1_len_tag(0x87, (uint16_t)c_size); uint16_t oid_len = asn1_len_tag(0x6, sizeof(oid_ecdsa)); uint16_t tot_len = 0, tot_data_len = 0; - if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY -#ifdef MBEDTLS_EDDSA_C - || mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_EDWARDS -#endif - ) { + if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { tot_data_len = oid_len + ptot_size + otot_size + gtot_size + ytot_size; oid = oid_ri; } @@ -116,11 +109,7 @@ uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecp_keypair *ecdsa, uint8_t *buf, uin //oid *p++ = 0x6; p += format_tlv_len(sizeof(oid_ecdsa), p); memcpy(p, oid, sizeof(oid_ecdsa)); p += sizeof(oid_ecdsa); - if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY -#ifdef MBEDTLS_EDDSA_C - || mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_EDWARDS -#endif - ) { + if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { //p *p++ = 0x81; p += format_tlv_len((uint16_t)p_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.P, p, p_size); p += p_size; @@ -307,15 +296,7 @@ uint16_t asn1_cvc_cert(void *rsa_ecdsa, mbedtls_ecp_keypair *ecdsa = (mbedtls_ecp_keypair *) rsa_ecdsa; mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); -#ifdef MBEDTLS_EDDSA_C - if (ecdsa->grp.id == MBEDTLS_ECP_DP_ED25519 || ecdsa->grp.id == MBEDTLS_ECP_DP_ED448) { - ret = mbedtls_eddsa_sign(&ecdsa->grp, &r, &s, &ecdsa->d, body, body_size, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL); - } - else -#endif - { - ret = mbedtls_ecdsa_sign(&ecdsa->grp, &r, &s, &ecdsa->d, hsh, sizeof(hsh), random_gen, NULL); - } + ret = mbedtls_ecdsa_sign(&ecdsa->grp, &r, &s, &ecdsa->d, hsh, sizeof(hsh), random_gen, NULL); if (ret == 0) { mbedtls_mpi_write_binary(&r, p, key_size / 2); p += key_size / 2; mbedtls_mpi_write_binary(&s, p, key_size / 2); p += key_size / 2; @@ -372,17 +353,9 @@ uint16_t asn1_cvc_aut(void *rsa_ecdsa, mbedtls_mpi r, s; mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); -#ifdef MBEDTLS_EDDSA_C - if (ectx.grp.id == MBEDTLS_ECP_DP_ED25519 || ectx.grp.id == MBEDTLS_ECP_DP_ED448) { - ret = mbedtls_eddsa_sign(&ectx.grp, &r, &s, &ectx.d, body, cvcert_size + outcar_size, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL); - } - else -#endif - { - uint8_t hsh[32]; - hash256(body, cvcert_size + outcar_size, hsh); - ret = mbedtls_ecdsa_sign(&ectx.grp, &r, &s, &ectx.d, hsh, sizeof(hsh), random_gen, NULL); - } + uint8_t hsh[32]; + hash256(body, cvcert_size + outcar_size, hsh); + ret = mbedtls_ecdsa_sign(&ectx.grp, &r, &s, &ectx.d, hsh, sizeof(hsh), random_gen, NULL); mbedtls_ecp_keypair_free(&ectx); if (ret != 0) { mbedtls_mpi_free(&r); diff --git a/src/hsm/kek.c b/src/hsm/kek.c index 1a7b9ad..f0fdb92 100644 --- a/src/hsm/kek.c +++ b/src/hsm/kek.c @@ -664,14 +664,6 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, uint16_t in_le //G len = get_uint16_t_be(kb + ofs); -#ifdef MBEDTLS_EDDSA_C - if (ec_id == MBEDTLS_ECP_DP_CURVE25519 && kb[ofs + 2] != 0x09) { - ec_id = MBEDTLS_ECP_DP_ED25519; - } - else if (ec_id == MBEDTLS_ECP_DP_CURVE448 && (len != 56 || kb[ofs + 2] != 0x05)) { - ec_id = MBEDTLS_ECP_DP_ED448; - } -#endif ofs += len + 2; //d @@ -687,15 +679,7 @@ int dkek_decode_key(uint8_t id, void *key_ctx, const uint8_t *in, uint16_t in_le len = get_uint16_t_be(kb + ofs); ofs += 2; r = mbedtls_ecp_point_read_binary(&ecdsa->grp, &ecdsa->Q, kb + ofs, len); if (r != 0) { -#ifdef MBEDTLS_EDDSA_C - if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_EDWARDS) { - r = mbedtls_ecp_point_edwards(&ecdsa->grp, &ecdsa->Q, &ecdsa->d, random_gen, NULL); - } - else -#endif - { - r = mbedtls_ecp_mul(&ecdsa->grp, &ecdsa->Q, &ecdsa->d, &ecdsa->grp.G, random_gen, NULL); - } + r = mbedtls_ecp_mul(&ecdsa->grp, &ecdsa->Q, &ecdsa->d, &ecdsa->grp.G, random_gen, NULL); if (r != 0) { mbedtls_ecdsa_free(ecdsa); return PICOKEY_EXEC_ERROR; diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c index 59d453e..fe3969a 100644 --- a/src/hsm/sc_hsm.c +++ b/src/hsm/sc_hsm.c @@ -683,15 +683,7 @@ int load_private_key_ec(mbedtls_ecp_keypair *ctx, file_t *fkey) { return PICOKEY_EXEC_ERROR; } mbedtls_platform_zeroize(kdata, sizeof(kdata)); -#ifdef MBEDTLS_EDDSA_C - if (gid == MBEDTLS_ECP_DP_ED25519 || gid == MBEDTLS_ECP_DP_ED448) { - r = mbedtls_ecp_point_edwards(&ctx->grp, &ctx->Q, &ctx->d, random_gen, NULL); - } - else -#endif - { - r = mbedtls_ecp_mul(&ctx->grp, &ctx->Q, &ctx->d, &ctx->grp.G, random_gen, NULL); - } + r = mbedtls_ecp_mul(&ctx->grp, &ctx->Q, &ctx->d, &ctx->grp.G, random_gen, NULL); if (r != 0) { mbedtls_ecp_keypair_free(ctx); return PICOKEY_EXEC_ERROR; diff --git a/tests/pico-hsm/test_021_key_import.py b/tests/pico-hsm/test_021_key_import.py index 4666f7c..9f00e1b 100644 --- a/tests/pico-hsm/test_021_key_import.py +++ b/tests/pico-hsm/test_021_key_import.py @@ -21,7 +21,7 @@ import pytest import hashlib import os from picohsm import DOPrefixes -from cryptography.hazmat.primitives.asymmetric import rsa, ec, x25519, x448, ed25519, ed448 +from cryptography.hazmat.primitives.asymmetric import rsa, ec, x25519, x448 from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat from picohsm.const import DEFAULT_RETRIES, DEFAULT_DKEK_SHARES from const import DEFAULT_DKEK @@ -70,17 +70,6 @@ def test_import_montgomery(device, curve): device.delete_file(DOPrefixes.KEY_PREFIX, keyid) device.delete_file(DOPrefixes.EE_CERTIFICATE_PREFIX, keyid) -@pytest.mark.parametrize( - "curve", [ed25519.Ed25519PrivateKey, ed448.Ed448PrivateKey] -) -def test_import_edwards(device, curve): - pkey = curve.generate() - keyid = device.import_key(pkey) - pubkey = device.public_key(keyid, param=curve) - assert(pubkey.public_bytes(Encoding.Raw, PublicFormat.Raw) == pkey.public_key().public_bytes(Encoding.Raw, PublicFormat.Raw)) - device.delete_file(DOPrefixes.KEY_PREFIX, keyid) - device.delete_file(DOPrefixes.EE_CERTIFICATE_PREFIX, keyid) - @pytest.mark.parametrize( "size", [128, 192, 256] ) diff --git a/tests/pico-hsm/test_030_signature.py b/tests/pico-hsm/test_030_signature.py index 4b44ade..72a91bc 100644 --- a/tests/pico-hsm/test_030_signature.py +++ b/tests/pico-hsm/test_030_signature.py @@ -54,13 +54,3 @@ def test_signature_rsa(device, modulus, scheme): signature = device.sign(keyid=keyid, scheme=scheme, data=data) device.delete_file(DOPrefixes.KEY_PREFIX, keyid) device.verify(pubkey, data, signature, scheme) - -@pytest.mark.parametrize( - "curve", ['ed25519', 'ed448'] -) -def test_signature_edwards(device, curve): - keyid = device.key_generation(KeyType.ECC, curve) - pubkey = device.public_key(keyid=keyid) - signature = device.sign(keyid=keyid, scheme=Algorithm.ALGO_EC_RAW, data=data) - device.delete_file(DOPrefixes.KEY_PREFIX, keyid) - device.verify(pubkey, data, signature)