Software APIs
ecdsa_p256_verify.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_ECDSA_P256_VERIFY_H_
6 #define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_ECDSA_P256_VERIFY_H_
7 
8 #include "sw/device/silicon_creator/lib/drivers/hmac.h"
9 #include "sw/device/silicon_creator/lib/drivers/lifecycle.h"
10 #include "sw/device/silicon_creator/lib/error.h"
11 #include "sw/device/silicon_creator/lib/sigverify/ecdsa_p256_key.h"
12 
13 #ifdef __cplusplus
14 extern "C" {
15 #endif // __cplusplus
16 
17 enum {
18  /**
19  * A non-trivial constant chosen such that `kSigverifySpxSuccess ^
20  * kSigverifyEcdsaSuccess = kSigverifyFlashExec`. The derivation of this value
21  * is documented in ecda_p256_verify.c (see `kSigverifyShares` definition).
22  */
23  kSigverifyEcdsaSuccess = 0x2f06b4e0,
24 };
25 
26 /**
27  * Verifies an ECDSA-P256 signature.
28  *
29  * @param signature The signature to verify, little endian.
30  * @param key The public key to use for verification, little endian.
31  * @param act_digest The actual digest of the signed message.
32  * @param[out] flash_exec The partial value to write to the flash_ctrl EXEC
33  * register.
34  * @return The result of the operation.
35  */
36 OT_WARN_UNUSED_RESULT
37 rom_error_t sigverify_ecdsa_p256_verify(const ecdsa_p256_signature_t *signature,
38  const ecdsa_p256_public_key_t *key,
39  const hmac_digest_t *act_digest,
40  uint32_t *flash_exec);
41 
42 /**
43  * Transforms `kSigverifyEcdsaSuccess` into `kErrorOk`.
44  *
45  * Callers should transform the result to a suitable error value if it is not
46  * `kErrorOk` for ease of debugging.
47  *
48  * @param v A value.
49  * @return `kErrorOk` if `v` is `kSigverifyEcdsaSuccess`.
50  */
51 OT_WARN_UNUSED_RESULT
52 inline uint32_t sigverify_ecdsa_p256_success_to_ok(uint32_t v) {
53  return (v << 22 ^ v << 19 ^ v << 3) >> 21;
54 }
55 
56 #ifdef __cplusplus
57 } // extern "C"
58 #endif // __cplusplus
59 
60 #endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_ECDSA_P256_VERIFY_H_
Return to OpenTitan Documentation