I am trying to use the cryptocell in the bootloader (bootloader_secure_ble) for verifying dfu packages, but fails in signature verification for the same dfu package, same public key as I used with micro-ecc crypto library, where it works as it should.
Comparing the parameters sent to the respective functions, one can see that the hash is reversed, compared to the call to uECC_verify(..), in the call to CRYS_ECDSA_Verify(..). The rest of the parameters are looking the same way, i.e. public_key and signature.
(Tried to make a quick fix by changing the order of the packet_hash received from nrf_crypto_hash_compute(...), but it did not help - verification still fails.). At the bottom, the parameters are attached.
Small note: Function hash_algorithm_get(...) should return true on success and not NRF_SUCCESS (as the result is used as a boolean value in the dfu code).
What do I need to do to make this work?
/Ola.
Attached the parameters sent to the two crypto calls: crys_error = CRYS_ECDSA_Verify(p_verify_context_user, p_public_key_user, hash_mode, p_signature->p_value, p_signature->length, p_hash->p_value, p_hash->length);
p_verify_context_user = NULL p_public_key_user = { 0x99, 0x3F, 0xB3, 0xC5, 0x95, 0x19, 0x1D, 0x9D, 0xCB, 0x05, 0x20, 0xE6, 0xBC, 0x53, 0x5F, 0x7D, 0x00, 0x16, 0x24, 0x76, 0x08, 0xE4, 0xF4, 0xF2, 0x1B, 0xF1, 0x19, 0x55, 0x3F, 0x59, 0x1A, 0x78, 0x8B, 0x4D, 0x02, 0xA9, 0x78, 0x4F, 0x80, 0x16, 0xC2, 0xA0, 0x7C, 0xF0, 0xF9, 0xA1, 0xB3, 0xEB, 0x76, 0x9A, 0x64, 0x79, 0xA6, 0x77, 0x20, 0x33, 0x46, 0x35, 0x2C, 0xD9, 0xFE, 0x54, 0x05, 0xA6, 0x64, 0x66, 0x71, 0x5F, 0x72, 0x65, 0x71, 0x5F, 0x68, 0x61, 0x6E, 0x64, 0x6C, 0x69, 0x6E, 0x67, 0x00, 0x00, 0x00, 0x00, 0xD0, 0x45, 0x00, 0x20, 0x05, 0x00, 0x00, 0x00, 0x04, 0x05, 0x00, 0x00, 0x7C, 0x46, 0x00, 0x20 }; , hash_mode = p_signature->p_value = { 0x9E, 0xB6, 0x63, 0x57, 0x83, 0xAC, 0x46, 0xC0, 0xA7, 0x8C, 0xAB, 0x8E, 0x0F, 0x95, 0xF1, 0xFB, 0xEF, 0x6E, 0x11, 0x23, 0x9C, 0xFD, 0xDC, 0x99, 0x5F, 0x25, 0x77, 0xB5, 0x97, 0x72, 0x04, 0xAE, 0xEE, 0x41, 0x42, 0xF7, 0x62, 0x08, 0xED, 0x81, 0x42, 0x4F, 0x3B, 0xD9, 0xE5, 0xAB, 0xD1, 0x7F, 0xCE, 0x5E, 0xDA, 0x80, 0x5B, 0xAF, 0xB2, 0x4E, 0xDE, 0x47, 0xF0, 0x3F, 0x49, 0xBF, 0xE0, 0x23, 0x01, 0x05, 0x8C, 0x1F, 0x90, 0xBF, 0x99, 0xD2, 0x03, 0xBA, 0x8B, 0xED, 0x80, 0x94, 0x69, 0xD6, 0x49, 0xAD, 0xB5, 0xE7, 0x4D, 0x23, 0xD1, 0xA8, 0x20, 0x56, 0xD6, 0x68, 0xB1, 0x77, 0xF1, 0x4B, 0x00, 0x00, 0x00, 0x00 }; p_signature->length = 64
p_hash->p_value = { 0x01, 0x05, 0x8C, 0x1F, 0x90, 0xBF, 0x99, 0xD2, 0x03, 0xBA, 0x8B, 0xED, 0x80, 0x94, 0x69, 0xD6, 0x49, 0xAD, 0xB5, 0xE7, 0x4D, 0x23, 0xD1, 0xA8, 0x20, 0x56, 0xD6, 0x68, 0xB1, 0x77, 0xF1, 0x4B };
p_hash->length = 32
uECC_verify(p_public_key->p_value, p_hash->p_value, p_hash->length, p_signature->p_value, p_curve);
p_public_key->p_value = { 0x99, 0x3F, 0xB3, 0xC5, 0x95, 0x19, 0x1D, 0x9D, 0xCB, 0x05, 0x20, 0xE6, 0xBC, 0x53, 0x5F, 0x7D, 0x00, 0x16, 0x24, 0x76, 0x08, 0xE4, 0xF4, 0xF2, 0x1B, 0xF1, 0x19, 0x55, 0x3F, 0x59, 0x1A, 0x78, 0x8B, 0x4D, 0x02, 0xA9, 0x78, 0x4F, 0x80, 0x16, 0xC2, 0xA0, 0x7C, 0xF0, 0xF9, 0xA1, 0xB3, 0xEB, 0x76, 0x9A, 0x64, 0x79, 0xA6, 0x77, 0x20, 0x33, 0x46, 0x35, 0x2C, 0xD9, 0xFE, 0x54, 0x05, 0xA6, 0x64, 0x66, 0x71, 0x5F, 0x72, 0x65, 0x71, 0x5F, 0x68, 0x61, 0x6E, 0x64, 0x6C, 0x69, 0x6E, 0x67, 0x00, 0x00, 0x00, 0x00, 0xD0, 0x45, 0x00, 0x20, 0x05, 0x00, 0x00, 0x00, 0x04, 0x05, 0x00, 0x00, 0x7C, 0x46, 0x00, 0x20 };
p_hash->p_value = { 0x4B, 0xF1, 0x77, 0xB1, 0x68, 0xD6, 0x56, 0x20, 0xA8, 0xD1, 0x23, 0x4D, 0xE7, 0xB5, 0xAD, 0x49, 0xD6, 0x69, 0x94, 0x80, 0xED, 0x8B, 0xBA, 0x03, 0xD2, 0x99, 0xBF, 0x90, 0x1F, 0x8C, 0x05, 0x01 }; p_hash->length = 32
p_signature->p_value = { 0x9E, 0xB6, 0x63, 0x57, 0x83, 0xAC, 0x46, 0xC0, 0xA7, 0x8C, 0xAB, 0x8E, 0x0F, 0x95, 0xF1, 0xFB, 0xEF, 0x6E, 0x11, 0x23, 0x9C, 0xFD, 0xDC, 0x99, 0x5F, 0x25, 0x77, 0xB5, 0x97, 0x72, 0x04, 0xAE, 0xEE, 0x41, 0x42, 0xF7, 0x62, 0x08, 0xED, 0x81, 0x42, 0x4F, 0x3B, 0xD9, 0xE5, 0xAB, 0xD1, 0x7F, 0xCE, 0x5E, 0xDA, 0x80, 0x5B, 0xAF, 0xB2, 0x4E, 0xDE, 0x47, 0xF0, 0x3F, 0x49, 0xBF, 0xE0, 0x23, 0x4B, 0xF1, 0x77, 0xB1, 0x68, 0xD6, 0x56, 0x20, 0xA8, 0xD1, 0x23, 0x4D, 0xE7, 0xB5, 0xAD, 0x49, 0xD6, 0x69, 0x94, 0x80, 0xED, 0x8B, 0xBA, 0x03, 0xD2, 0x99, 0xBF, 0x90, 0x1F, 0x8C, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00 }; p_curve = 08 20 00 01 FF FF ...
