diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ed25519.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ed25519.c index e6284936b553..738ec1f576fc 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ed25519.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ed25519.c @@ -9,6 +9,8 @@ #include #include #include +#include "crypmasterregs.h" +#include "hw.h" /* This is the ASCII string with the * PHflag 1 and context size 0 appended as defined in: @@ -249,37 +251,56 @@ int ed25519_verify_internal(const uint8_t *pubkey, const char *message, struct sxhash hashopctx; int status; - status = sx_hash_create(&hashopctx, &sxhashalg_sha2_512, sizeof(hashopctx)); + status = sx_hash_create(&hashopctx, &sxhashalg_sha2_512, sizeof(hashopctx)); if (status != 0) { return status; } if (prehash) { status = sx_hash_feed(&hashopctx, dom2, sizeof(dom2)); + if (status != 0) { return status; } } - status = sx_hash_feed(&hashopctx, signature, SX_ED25519_SZ); - + status = sx_hash_feed(&hashopctx, signature, SX_ED25519_SZ/2); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); if (status != 0) { return status; } - status = sx_hash_feed(&hashopctx, pubkey, SX_ED25519_SZ); + status = sx_hash_feed(&hashopctx, signature+16, SX_ED25519_SZ/2); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); + + if (status != 0) { + return status; + } + status = sx_hash_feed(&hashopctx, pubkey, SX_ED25519_SZ/2); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); + if (status != 0) { + return status; + } + status = sx_hash_feed(&hashopctx, pubkey+16, SX_ED25519_SZ/2); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); if (status != 0) { return status; } status = sx_hash_feed(&hashopctx, message, message_length); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); if (status != 0) { return status; } status = sx_hash_digest(&hashopctx, workmem); + while ((sx_rdreg(REG_STATUS) & REG_STATUS_BUSY_MASK) != 0); + + if (status != 0) { return status; } status = sx_hash_wait(&hashopctx); + + if (status != 0) { return status; } diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/sign.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/sign.c index 36301d9f64f9..a8b81d3dcd9c 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/sign.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/sign.c @@ -190,14 +190,14 @@ static int cracen_signature_prepare_ec_pubkey(struct sitask *t, struct si_sig_pu status = SX_ERR_INCOMPATIBLE_HW; if (IS_ENABLED(PSA_NEED_CRACEN_PURE_EDDSA_TWISTED_EDWARDS)) { - if (alg == PSA_ALG_PURE_EDDSA) { + if (alg == PSA_ALG_PURE_EDDSA || alg == PSA_ALG_ED25519PH) { if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(psa_get_key_type(attributes))) { memcpy(pubkey_buffer, key_buffer, key_buffer_size); return SX_OK; } status = ed25519_create_pubkey(key_buffer, pubkey_buffer); return status; - } + } } if (IS_ENABLED(PSA_NEED_CRACEN_ECDSA_SECP_R1) || diff --git a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake index 774dd1e15d56..7b0e269aeac2 100644 --- a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake +++ b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake @@ -18,4 +18,5 @@ list(APPEND cracen_driver_sources list(APPEND cracen_driver_include_dirs ${CMAKE_CURRENT_LIST_DIR}/include + ${CMAKE_CURRENT_LIST_DIR}/src )