Merge branch 'p256'

BitBoxSwiss · Dec 3, 2024 · a12e8f8 · a12e8f8
2 parents fe8ee46 + 7304d49
commit a12e8f8
Show file tree

Hide file tree

Showing 367 changed files with 58,821 additions and 1,701 deletions.
diff --git a/src/atecc/atecc.c b/src/atecc/atecc.c
@@ -34,7 +34,8 @@ typedef enum {
     ATECC_SLOT_ROLLKEY = 3,
     ATECC_SLOT_KDF = 4,
     ATECC_SLOT_ATTESTATION = 5,
-    ATECC_SLOT_ECC_UNSAFE_SIGN = 6,
+    // Deprecated as the equivalent does not exist in the Optiga chip.
+    ATECC_SLOT_ECC_UNSAFE_SIGN_DEPRECATED = 6,
     ATECC_SLOT_DATA0 = 9,
     // The other slots are currently not in use.
 } atecc_slot_t;
@@ -631,74 +632,6 @@ bool atecc_random(uint8_t* rand_out)
     return false;
 }
 
-// Length of priv_key must be 32 bytes
-static bool _ecc_write_priv_key(const uint8_t* priv_key)
-{
-    uint8_t atca_priv_key[36] = {0};
-    memcpy(atca_priv_key + 4, priv_key, 32);
-
-    uint8_t encryption_key[32] = {0};
-    UTIL_CLEANUP_32(encryption_key);
-    _interface_functions->get_encryption_key(encryption_key);
-
-    uint8_t nonce_contribution[32] = {0};
-    UTIL_CLEANUP_32(nonce_contribution);
-    _interface_functions->random_32_bytes(nonce_contribution);
-#if NONCE_NUMIN_SIZE > 32
-#error "size mismatch"
-#endif
-
-    ATCA_STATUS result = _authorize_key();
-    if (result != ATCA_SUCCESS) {
-        return false;
-    }
-
-    return atcab_priv_write(
-               ATECC_SLOT_ECC_UNSAFE_SIGN,
-               atca_priv_key,
-               ATECC_SLOT_ENCRYPTION_KEY,
-               encryption_key,
-               nonce_contribution) == ATCA_SUCCESS;
-}
-
-bool atecc_ecc_generate_public_key(uint8_t* priv_key, uint8_t* pub_key)
-{
-    if (!_ecc_write_priv_key(priv_key)) {
-        return false;
-    }
-
-    ATCA_STATUS result = _authorize_key();
-    if (result != ATCA_SUCCESS) {
-        return false;
-    }
-
-    result = atcab_get_pubkey(ATECC_SLOT_ECC_UNSAFE_SIGN, pub_key);
-    if (result != ATCA_SUCCESS) {
-        return false;
-    }
-
-    return true;
-}
-
-bool atecc_ecc_unsafe_sign(const uint8_t* priv_key, const uint8_t* msg, uint8_t* sig)
-{
-    if (!_ecc_write_priv_key(priv_key)) {
-        return false;
-    }
-
-    ATCA_STATUS result = _authorize_key();
-    if (result != ATCA_SUCCESS) {
-        return false;
-    }
-
-    result = atcab_sign(ATECC_SLOT_ECC_UNSAFE_SIGN, msg, sig);
-    if (result != ATCA_SUCCESS) {
-        return false;
-    }
-
-    return true;
-}
-
 #if APP_U2F == 1 || FACTORYSETUP == 1
 // Read a "standard" sized block from a data slot (must be 32 bytes)
 static bool _read_data_slot_block(uint8_t* bytes, uint16_t slot, uint8_t block)

diff --git a/src/atecc/atecc.h b/src/atecc/atecc.h
@@ -98,24 +98,6 @@ USE_RESULT bool atecc_monotonic_increments_remaining(uint32_t* remaining_out);
  */
 USE_RESULT bool atecc_random(uint8_t* rand_out);
 
-/**
- * Generates the matching public key to the provided private key. Will put private key in unsafe
- * ECC slot.
- * @param[in] priv_key Private key (32 bytes).
- * @param[out] pub_key Public key. Format will be the X and Y coordinates in big-endian (64 bytes).
- * @return True if success
- */
-USE_RESULT bool atecc_ecc_generate_public_key(uint8_t* priv_key, uint8_t* pub_key);
-
-/**
- * Sign hash with private key. Will put private key in unsafe ECC slot.
- * @param[in] priv_key Private key to use for signing (32 bytes)
- * @param[in] msg Message to sign (32 bytes)
- * @param[out] sig Signature (64 bytes)
- * @return True if success
- */
-USE_RESULT bool atecc_ecc_unsafe_sign(const uint8_t* priv_key, const uint8_t* msg, uint8_t* sig);
-
 #if APP_U2F == 1 || FACTORYSETUP == 1
 /**
  * Set the u2f counter to `counter`. Should only be used for initialization.

diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock
diff --git a/src/rust/bitbox02-rust-c/Cargo.toml b/src/rust/bitbox02-rust-c/Cargo.toml
@@ -28,6 +28,7 @@ bitbox02-rust = { path = "../bitbox02-rust", optional = true }
 bitbox02 = { path = "../bitbox02", optional = true }
 bitbox02-noise = { path = "../bitbox02-noise", optional = true }
 util = { path = "../util" }
+p256 = { version = "0.13.2", default-features = false, features = ["arithmetic", "ecdsa"], optional = true }
 hex = { workspace = true }
 sha2 = { workspace = true, optional = true }
 sha3 = { workspace = true, optional = true }
@@ -62,7 +63,7 @@ target-c-unit-tests = [
 platform-bitbox02 = []
 
 bootloader = []
-firmware = ["bitbox02-rust", "bitbox02", "bitbox02-noise", "sha2"]
+firmware = ["bitbox02-rust", "bitbox02", "bitbox02-noise", "sha2", "p256"]
 
 # Only to be enabled in Rust unit tests.
 testing = ["bitbox02-rust/testing", "bitbox02/testing"]

diff --git a/src/rust/bitbox02-rust-c/src/lib.rs b/src/rust/bitbox02-rust-c/src/lib.rs
@@ -31,6 +31,8 @@ mod async_usb;
 #[cfg(feature = "firmware")]
 mod noise;
 #[cfg(feature = "firmware")]
+mod p256;
+#[cfg(feature = "firmware")]
 mod sha2;
 #[cfg(feature = "firmware")]
 mod workflow;