1 /*
2  * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  */
6 
7 /*******************************************************************************
8  * NOTICE
9  * The HAL is not public api, don't use in application code.
10  * See readme.md in soc/README.md
11  ******************************************************************************/
12 
13 #pragma once
14 
15 #include <stdbool.h>
16 #include <stdint.h>
17 #include "hal/ecdsa_types.h"
18 #include "sdkconfig.h"
19 
20 #ifdef __cplusplus
21 extern "C" {
22 #endif
23 
24 #if CONFIG_HAL_ECDSA_GEN_SIG_CM
25 
26 #define ECDSA_SIGN_MAX_DUMMY_OP_COUNT 0x7
27 
28 /* This value defines the maximum dummy operation count for the ECDSA signature countermeasure.
29    Higher the number, better the countermeasure's effectiveness against attacks.
30    At the same time higher number leads to slower performance.
31    After the countermeasure is enabled, hardware ECDSA signature operation
32    shall take time approximately equal to original time multiplied by this number.
33    If you observe that the reduced performance is affecting your use-case then you may try reducing this time to the minimum. */
34 #endif /* CONFIG_HAL_ECDSA_GEN_SIG_CM */
35 /*
36  * ECDSA peripheral config structure
37  */
38 typedef struct {
39     ecdsa_mode_t mode;              /* Mode of operation */
40     ecdsa_curve_t curve;            /* Curve to use for operation */
41     ecdsa_sha_mode_t sha_mode;      /* Source of SHA that needs to be signed */
42     int efuse_key_blk;              /* Efuse block to use as ECDSA key (The purpose of the efuse block must be ECDSA_KEY) */
43 } ecdsa_hal_config_t;
44 
45 /**
46  * @brief Generate ECDSA signature
47  *
48  * @param conf Configuration for ECDSA operation, see ``ecdsa_hal_config_t``
49  * @param hash Hash that is to be signed
50  * @param r_out Buffer that will contain `R` component of ECDSA signature
51  * @param s_out Buffer that will contain `S` component of ECDSA signature
52  * @param len Length of the r_out and s_out buffer (32 bytes for SECP256R1, 24 for SECP192R1)
53  */
54 void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
55                             uint8_t *r_out, uint8_t *s_out, uint16_t len);
56 
57 /**
58  * @brief Verify given ECDSA signature
59  *
60  * @param conf Configuration for ECDSA operation, see ``ecdsa_hal_config_t``
61  * @param hash Hash that was signed
62  * @param r `R` component of ECDSA signature
63  * @param s `S` component of ECDSA signature
64  * @param pub_x X coordinate of public key
65  * @param pub_y Y coordinate of public key
66  * @param len Length of r and s buffer (32 bytes for SECP256R1, 24 for SECP192R1)
67  *
68  * @return - 0, if the signature matches
69  *         - -1, if verification fails
70  */
71 int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, const uint8_t *r, const uint8_t *s,
72                                const uint8_t *pub_x, const uint8_t *pub_y, uint16_t len);
73 
74 /**
75  * @brief Check if the ECDSA operation is successful
76  *
77  * @return - true, if the ECDSA operation is successful
78  *         - false, if the ECDSA operation fails
79  */
80 bool ecdsa_hal_get_operation_result(void);
81 
82 #ifdef __cplusplus
83 }
84 #endif
85