stse_ecc_establish_shared_secret STSE_ECC_KT_CURVE25519 support #60
Description
In stse_ecc_establish_share_secrete the key_type STSE_ECC_KT_CURVE25519 is explicitely unsupported. However in stsafea_ecc_establish_shared_secret this key_type is explicitely allowed.
I guess there is a typo in the stse_ecc api level, because the service level works with with CURVE25519. I could verify STSAFE120 ECDH with CURVE25519 with openssl on linux hosts. My modification:
stse_ReturnCode_t stse_ecc_establish_shared_secret(
stse_Handler_t *pSTSE,
PLAT_UI8 private_key_slot_number,
stse_ecc_key_type_t key_type,
PLAT_UI8 *pPublic_key,
PLAT_UI8 *pShared_secret) {
stse_ReturnCode_t ret;
/* - Check stsafe handler initialization */
if (pSTSE == NULL) {
return (STSE_API_HANDLER_NOT_INITIALISED);
}
#ifdef STSE_CONF_STSAFE_L_SUPPORT
/* - Check device type */
if (pSTSE->device_type == STSAFE_L010) {
return (STSE_API_INCOMPATIBLE_DEVICE_TYPE);
}
#endif /* STSE_CONF_STSAFE_L_SUPPORT */
if (pPublic_key == NULL || pShared_secret == NULL
// typo? Maybe ED25519 because this is not supported on A120 slot 0xff for ephemerals
//#ifdef STSE_CONF_ECC_CURVE_25519
// || key_type == STSE_ECC_KT_CURVE25519
//#endif /* STSE_CONF_ECC_CURVE_25519 */
) {
return (STSE_SERVICE_INVALID_PARAMETER);
}
ret = stsafea_ecc_establish_shared_secret(pSTSE, private_key_slot_number, key_type, pPublic_key, pShared_secret);
return ret;
}