Add ECC508 EC sign support

Author: sandeepmistry

src/BearSSLClient.cpp

@@ -162,9 +162,11 @@ int BearSSLClient::connectSSL(const char* host)
   unsigned char entropy[32];
 
   if (ECC508.begin() && ECC508.random(entropy, sizeof(entropy))) {
-    // ECC508 random success, add custom ECDSA vfry
+    // ECC508 random success, add custom ECDSA vfry and EC sign
     br_ssl_engine_set_ecdsa(&_sc.eng, ecc508_vrfy_asn1);
-    br_x509_minimal_set_ecdsa(&_xc, br_ssl_engine_get_ec(&_sc.eng), br_ssl_engine_get_ecdsa(&_sc.eng));    
+    br_x509_minimal_set_ecdsa(&_xc, br_ssl_engine_get_ec(&_sc.eng), br_ssl_engine_get_ecdsa(&_sc.eng));
+    
+    // br_ssl_client_set_single_ec(&_sc, CHAIN, CHAIN_LEN, &EC, BR_KEYTYPE_KEYX | BR_KEYTYPE_SIGN, BR_KEYTYPE_EC, br_ec_get_default(), ecc508_sign_asn1);
   } else {
     // no ECC508 or random failed, fallback to pseudo random
     for (size_t i = 0; i < sizeof(entropy); i++) {

src/utility/ECC508.cpp

@@ -68,7 +68,30 @@ int ECC508Class::ecdsaVerify(const byte message[], const byte signature[], const
     return 0;
   }
 
-  return verify(signature, pubkey);
+  if (!verify(signature, pubkey)) {
+    return 0;
+  }
+
+  return 1;
+}
+
+int ECC508Class::ecSign(int slot, const byte message[], byte signature[])
+{
+  byte rand[32];
+
+  if (!random(rand, sizeof(rand))) {
+    return 0;
+  }
+
+  if (!challenge(message)) {
+    return 0;
+  }
+
+  if (!sign(slot, signature)) {
+    return 0;
+  }
+
+  return 1;
 }
 
 int ECC508Class::wakeup()
@@ -197,6 +220,28 @@ int ECC508Class::verify(const byte signature[], const byte pubkey[])
   return 1;
 }
 
+int ECC508Class::sign(int slot, byte signature[])
+{
+  if (!wakeup()) {
+    return 0;
+  }
+
+  if (!sendCommand(0x41, 0x80, slot)) {
+    return 0;
+  }
+
+  delay(50);
+
+  if (!receiveResponse(signature, 64)) {
+    return 0;
+  }
+
+  delay(1);
+  idle();
+
+  return 1;
+}
+
 int ECC508Class::sendCommand(uint8_t opcode, uint8_t param1, uint16_t param2, const byte data[], size_t dataLength)
 {
   byte command[8 + dataLength]; // 1 for type, 1 for length, 1 for opcode, 1 for param1, 2 for param2, 2 for crc

src/utility/ECC508.h

@@ -16,6 +16,7 @@ class ECC508Class
   int random(byte data[], size_t length);
 
   int ecdsaVerify(const byte message[], const byte signature[], const byte pubkey[]);
+  int ecSign(int slot, const byte message[], byte signature[]);
 
 private:
   int wakeup();
@@ -25,6 +26,7 @@ class ECC508Class
   int version();
   int challenge(const byte message[]);
   int verify(const byte signature[], const byte pubkey[]);
+  int sign(int slot, byte signature[]);
 
   int sendCommand(uint8_t opcode, uint8_t param1, uint16_t param2, const byte data[] = NULL, size_t dataLength = 0);
   int receiveResponse(void* response, size_t length);

src/utility/ecc508_asn1.h

@@ -3,6 +3,11 @@
 
 #include "bearssl/bearssl.h"
 
+size_t
+ecc508_sign_asn1(const br_ec_impl *impl,
+  const br_hash_class *hf, const void *hash_value,
+  const br_ec_private_key *sk, void *sig);
+
 uint32_t
 ecc508_vrfy_asn1(const br_ec_impl *impl,
   const void *hash, size_t hash_len,

src/utility/ecc508_sign_asn1.cpp

@@ -0,0 +1,28 @@
+#include "ecc508_asn1.h"
+
+#include "ECC508.h"
+
+#define BR_MAX_EC_SIZE   528
+#define ORDER_LEN   ((BR_MAX_EC_SIZE + 7) >> 3)
+
+size_t
+ecc508_sign_asn1(const br_ec_impl * /*impl*/,
+  const br_hash_class * /*hf*/, const void *hash_value,
+  const br_ec_private_key *sk, void *sig)
+{
+  unsigned char rsig[(ORDER_LEN << 1) + 12];
+  size_t sig_len;
+
+  if (sk->curve != BR_EC_secp256r1) {
+    return 0;
+  }
+
+  if (!ECC508.ecSign(0, (const uint8_t*)hash_value, (uint8_t*)rsig)) {
+    return 0;
+  }
+  sig_len = 64;
+
+  sig_len = br_ecdsa_raw_to_asn1(rsig, sig_len);
+  memcpy(sig, rsig, sig_len);
+  return sig_len;
+}