Merge branch 'arduino:main' into main

jowin202 · web-flow · commit 6bddeb0bfe84 · 2024-01-16T10:07:51.000+01:00
diff --git a/extras/tls/mbedtls_alt/ecdsa_se05x.c b/extras/tls/mbedtls_alt/ecdsa_se05x.c
@@ -126,6 +126,7 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp,
 
     smStatus_t status = SM_NOT_OK;
     SE05x_Result_t result;
+    SE05x_ECSignatureAlgo_t ecSignAlgo;
     uint32_t keyID          = 0;
     uint8_t magic_bytes[]   = ALT_KEYS_MAGIC;
     uint8_t buffer[150]     = {0};
@@ -166,9 +167,32 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp,
         return -1;
     }
 
+    // decide on the algo based on the input size
+    // (input being the hash) 
+    switch(blen) {
+        case 20:
+            ecSignAlgo = kSE05x_ECSignatureAlgo_SHA;
+            break;
+        case 28:
+            ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_224;
+            break;
+        case 32:
+            ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_256;
+            break;
+        case 48:
+            ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_384;
+            break;
+        case 64:
+            ecSignAlgo = kSE05x_ECSignatureAlgo_SHA_512;
+            break;
+        default:
+            SMLOG_E("Unsupported hash length: %d\r\n",  blen);
+            return -1;
+    }
+
     SMLOG_I("Using SE05x for ecdsa sign. blen: %d\r\n", blen);
     status = Se05x_API_ECDSASign(
-        pSession, keyID, kSE05x_ECSignatureAlgo_SHA_384, (uint8_t *)buf, blen, signature, &signature_len);
+        pSession, keyID, ecSignAlgo, (uint8_t *)buf, blen, signature, &signature_len);
     if (status != SM_OK) {
         SMLOG_E("Error in Se05x_API_ECDSASign\r\n");
         return -1;
diff --git a/libraries/SSLClient/src/SSLClient.cpp b/libraries/SSLClient/src/SSLClient.cpp
@@ -377,7 +377,12 @@ void SSLClient::setEccSlot(int KeySlot, const byte cert[], int certLen) {
         0x83, 0xA3, 0x5E, 0x5B, 0x64, 0x1D, 0x29, 0xED, 0x85
     };
 
-    key[28] = KeySlot;
+    // store the KeySlot in BigEndian before the 64 bit magic word (0xA5A6B5B6A5A6B5B6)
+    // as per https://github.com/NXPPlugNTrust/nano-package?tab=readme-ov-file#mbedtls-alt-files
+    key[25] = (KeySlot & 0xFF000000) >> 24;
+    key[26] = (KeySlot & 0x00FF0000) >> 16;
+    key[27] = (KeySlot & 0x0000FF00) >>  8;
+    key[28] = (KeySlot & 0x000000FF) >>  0;
 
     if ((ret = mbedtls_pem_write_buffer("-----BEGIN EC PRIVATE KEY-----\n",
                                         "-----END EC PRIVATE KEY-----\n",
diff --git a/libraries/SSLClient/src/cortex-m33/libmbedse05x.a b/libraries/SSLClient/src/cortex-m33/libmbedse05x.a
diff --git a/libraries/WiFiS3/src/Modem.cpp b/libraries/WiFiS3/src/Modem.cpp
@@ -256,6 +256,7 @@ bool ModemClass::buf_read(const string &prompt, string &data_res) {
                break;
             } 
             else if (string::npos != data_res.rfind(RESULT_ERROR)) {
+               found = true;
                data_res.substr(0, data_res.length() - (sizeof(RESULT_ERROR) - 1));
                res = false;
                break;
diff --git a/platform.txt b/platform.txt
@@ -14,15 +14,19 @@ compiler.warning_flags.default=
 compiler.warning_flags.more=-Wall
 compiler.warning_flags.all=-Wall -Wextra
 
+compiler.optimization_flags=-Os
+compiler.optimization_flags.release=-Os
+compiler.optimization_flags.debug=-Og
+
 compiler.path={build.compiler_path}
 compiler.c.cmd={build.crossprefix}gcc
-compiler.c.flags=-c {compiler.warning_flags} -Os -g3 -nostdlib {build.defines} -MMD -std=gnu11 -mcpu={build.mcu} {build.float-abi} {build.fpu} -fmessage-length=0 -fsigned-char -ffunction-sections -fdata-sections -fmessage-length=0 -fno-builtin
+compiler.c.flags=-c {compiler.warning_flags} {compiler.optimization_flags} -g3 -nostdlib {build.defines} -MMD -std=gnu11 -mcpu={build.mcu} {build.float-abi} {build.fpu} -fmessage-length=0 -fsigned-char -ffunction-sections -fdata-sections -fmessage-length=0 -fno-builtin
 compiler.c.elf.cmd={build.crossprefix}g++
 compiler.c.elf.flags=-Wl,--gc-sections --specs=nosys.specs {compiler.warning_flags} -mcpu={build.mcu} {build.float-abi} {build.fpu}
 compiler.S.cmd={build.crossprefix}g++
-compiler.S.flags=-c -g -x assembler-with-cpp -Os -mcpu={build.mcu} {build.float-abi} {build.fpu} -fsigned-char -ffunction-sections -fdata-sections
+compiler.S.flags=-c -g -x assembler-with-cpp {compiler.optimization_flags} -mcpu={build.mcu} {build.float-abi} {build.fpu} -fsigned-char -ffunction-sections -fdata-sections
 compiler.cpp.cmd={build.crossprefix}g++
-compiler.cpp.flags=-c {compiler.warning_flags} -Os -g3 -fno-use-cxa-atexit -fno-rtti -fno-exceptions -MMD -nostdlib {build.defines} -MMD -std=gnu++17 -mcpu={build.mcu} {build.float-abi} {build.fpu} -fsigned-char -ffunction-sections -fdata-sections -fmessage-length=0 -fno-builtin
+compiler.cpp.flags=-c {compiler.warning_flags} {compiler.optimization_flags} -g3 -fno-use-cxa-atexit -fno-rtti -fno-exceptions -MMD -nostdlib {build.defines} -MMD -std=gnu++17 -mcpu={build.mcu} {build.float-abi} {build.fpu} -fsigned-char -ffunction-sections -fdata-sections -fmessage-length=0 -fno-builtin
 compiler.ar.cmd={build.crossprefix}ar
 compiler.ar.flags=rcs
 compiler.ar.extra_flags=

Original file line number	Diff line number	Diff line change
`@@ -256,6 +256,7 @@ bool ModemClass::buf_read(const string &prompt, string &data_res) {`
`256`	`256`	`break;`
`257`	`257`	`}`
`258`	`258`	`else if (string::npos != data_res.rfind(RESULT_ERROR)) {`
	`259`	`+ found = true;`
`259`	`260`	`data_res.substr(0, data_res.length() - (sizeof(RESULT_ERROR) - 1));`
`260`	`261`	`res = false;`
`261`	`262`	`break;`