SE05X: use defines instead of numbers

pennam · giulcioffi · commit c65a549ca453 · 2022-03-07T12:03:58.000+01:00
diff --git a/libraries/SE05X/src/SE05X.cpp b/libraries/SE05X/src/SE05X.cpp
@@ -19,6 +19,17 @@
 
 #include "SE05X.h"
 
+#define SE05X_EC_KEY_RAW_LENGTH          64
+#define SE05X_EC_KEY_HEADER_LENGTH       27
+#define SE05X_EC_KEY_DER_LENGTH          SE05X_EC_KEY_HEADER_LENGTH + SE05X_EC_KEY_RAW_LENGTH
+#define SE05X_EC_SIGNATURE_RAW_LENGTH    64
+#define SE05X_EC_SIGNATURE_HEADER_LENGTH 6
+#define SE05X_EC_SIGNATURE_DER_LENGTH    SE05X_EC_SIGNATURE_HEADER_LENGTH + SE05X_EC_SIGNATURE_RAW_LENGTH
+#define SE05X_SHA256_LENGTH              32
+#define SE05X_SN_LENGTH                  18
+#define SE05X_DER_BUFFER_SIZE            256
+#define SE05X_TEMP_OBJECT                9999
+
 SE05XClass::SE05XClass()
 : _cipher_type {kSSS_CipherType_EC_NIST_P}
 , _algorithm_type {kAlgorithm_SSS_ECDSA_SHA256}
@@ -34,21 +45,21 @@ SE05XClass::~SE05XClass()
 
 static void getECKeyXyValuesFromDER(byte* derKey, size_t derLen, byte* rawKey)
 {
-  memcpy(rawKey, &derKey[derLen-64], 64);
+  memcpy(rawKey, &derKey[derLen - SE05X_EC_KEY_RAW_LENGTH], SE05X_EC_KEY_RAW_LENGTH);
 }
 
 static void setECKeyXyVauesInDER(const byte* rawKey, byte* derKey)
 {
-  static const byte ecc_der_header_nist256[27] =
+  static const byte ecc_der_header_nist256[SE05X_EC_KEY_HEADER_LENGTH] =
   {
     0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
     0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
     0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
     0x42, 0x00, 0x04
   };
 
-  memcpy(&derKey[0], &ecc_der_header_nist256[0], 27);
-  memcpy(&derKey[27], &rawKey[0], 64);
+  memcpy(&derKey[0], &ecc_der_header_nist256[0], SE05X_EC_KEY_HEADER_LENGTH);
+  memcpy(&derKey[SE05X_EC_KEY_HEADER_LENGTH], &rawKey[0], SE05X_EC_KEY_RAW_LENGTH);
 }
 
 static void getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen, byte* rawSignature)
@@ -61,32 +72,32 @@ static void getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen, byt
 
   byte * out = rawSignature;
 
-  if(rLen == 32)
+  if(rLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2))
   {
-    memcpy(out, &derSignature[4], 32);
+    memcpy(out, &derSignature[4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));
   }
-  else if ((rLen == 33) && (derSignature[4] == 0))
+  else if ((rLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[4] == 0))
   {
-    memcpy(out, &derSignature[5], 32);
+    memcpy(out, &derSignature[5], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));
   }
 
-  out += 32;
+  out += (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);
 
-  if(sLen == 32)
+  if(sLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2))
   {
-    memcpy(out, &derSignature[3 + rLen + 3], 32);
+    memcpy(out, &derSignature[3 + rLen + 3], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));
   }
-  else if ((sLen == 33) && (derSignature[3 + rLen + 3] == 0))
+  else if ((sLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[3 + rLen + 3] == 0))
   {
-    memcpy(out, &derSignature[3 + rLen + 4], 32);
+    memcpy(out, &derSignature[3 + rLen + 4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));
   }
 }
 
 static void setECSignatureRsValuesInDER(const byte* rawSignature, byte* signature)
 {
-    byte rLen = 32;
-    byte sLen = 32;
-    byte rawSignatureLen = 64;
+    byte rLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);
+    byte sLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);
+    byte rawSignatureLen = SE05X_EC_SIGNATURE_RAW_LENGTH;
 
     signature[0] = 0x30;
     signature[1] = (uint8_t)(rawSignatureLen + 4);
@@ -150,7 +161,7 @@ int SE05XClass::readConfiguration(byte data[])
 String SE05XClass::serialNumber()
 {
     String result = (char*)NULL;
-    byte UID[18];
+    byte UID[SE05X_SN_LENGTH];
     size_t uidLen = 18;
 
     sss_session_prop_get_au8(&_boot_ctx.session, kSSS_SessionProp_UID, UID, &uidLen);
@@ -240,7 +251,7 @@ int SE05XClass::generatePrivateKey(int keyId, byte pubKeyDer[], size_t pubKeyDer
 
 int SE05XClass::generatePrivateKey(int slot, byte publicKey[])
 {
-    byte publicKeyDer[256];
+    byte publicKeyDer[SE05X_DER_BUFFER_SIZE];
     size_t publicKeyDerLen;
 
     if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {
@@ -279,7 +290,7 @@ int SE05XClass::generatePublicKey(int keyId, byte pubKeyDer[], size_t pubKeyDerM
 
 int SE05XClass::generatePublicKey(int slot, byte publicKey[])
 {
-    byte publicKeyDer[256];
+    byte publicKeyDer[SE05X_DER_BUFFER_SIZE];
     size_t publicKeyDerLen;
 
     if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {
@@ -407,14 +418,14 @@ int SE05XClass::Sign(int keyId, const byte hash[], size_t hashLen, byte sig[], s
 
 int SE05XClass::ecSign(int slot, const byte message[], byte signature[])
 {
-    byte signatureDer[256];
+    byte signatureDer[SE05X_DER_BUFFER_SIZE];
     size_t signatureDerLen;
 
     if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {
         return 0;
     }
 
-    if (!Sign(slot, message, 32, signatureDer, sizeof(signatureDer), &signatureDerLen)) {
+    if (!Sign(slot, message, SE05X_SHA256_LENGTH, signatureDer, sizeof(signatureDer), &signatureDerLen)) {
         return 0;
     }
 
@@ -454,24 +465,24 @@ int SE05XClass::Verify(int keyId, const byte hash[], size_t hashLen, const byte
 
 int SE05XClass::ecdsaVerify(const byte message[], const byte signature[], const byte pubkey[])
 {
-    byte pubKeyDER[91];
-    byte signatureDER[70];
+    byte pubKeyDER[SE05X_EC_KEY_DER_LENGTH];
+    byte signatureDER[SE05X_EC_SIGNATURE_DER_LENGTH];
     int  result;
 
     if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {
         return 0;
     }
 
     setECKeyXyVauesInDER(pubkey, pubKeyDER);
-    if (!importPublicKey(0xA5A5, pubKeyDER, sizeof(pubKeyDER))) {
+    if (!importPublicKey(SE05X_TEMP_OBJECT, pubKeyDER, sizeof(pubKeyDER))) {
         return 0;
     }
 
     setECSignatureRsValuesInDER(signature, signatureDER);
 
-    result = Verify(0xA5A5, message, 32, signatureDER, 70);
+    result = Verify(SE05X_TEMP_OBJECT, message, SE05X_SHA256_LENGTH, signatureDER, SE05X_EC_SIGNATURE_DER_LENGTH);
 
-    if (!deleteBinaryObject(0xA5A5)) {
+    if (!deleteBinaryObject(SE05X_TEMP_OBJECT)) {
         return 0;
     }
     return result;

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,17 @@`
`19`	`19`
`20`	`20`	`#include "SE05X.h"`
`21`	`21`
	`22`	`+#define SE05X_EC_KEY_RAW_LENGTH 64`
	`23`	`+#define SE05X_EC_KEY_HEADER_LENGTH 27`
	`24`	`+#define SE05X_EC_KEY_DER_LENGTH SE05X_EC_KEY_HEADER_LENGTH + SE05X_EC_KEY_RAW_LENGTH`
	`25`	`+#define SE05X_EC_SIGNATURE_RAW_LENGTH 64`
	`26`	`+#define SE05X_EC_SIGNATURE_HEADER_LENGTH 6`
	`27`	`+#define SE05X_EC_SIGNATURE_DER_LENGTH SE05X_EC_SIGNATURE_HEADER_LENGTH + SE05X_EC_SIGNATURE_RAW_LENGTH`
	`28`	`+#define SE05X_SHA256_LENGTH 32`
	`29`	`+#define SE05X_SN_LENGTH 18`
	`30`	`+#define SE05X_DER_BUFFER_SIZE 256`
	`31`	`+#define SE05X_TEMP_OBJECT 9999`
	`32`	`+`
`22`	`33`	`SE05XClass::SE05XClass()`
`23`	`34`	`: _cipher_type {kSSS_CipherType_EC_NIST_P}`
`24`	`35`	`, _algorithm_type {kAlgorithm_SSS_ECDSA_SHA256}`
`@@ -34,21 +45,21 @@ SE05XClass::~SE05XClass()`
`34`	`45`
`35`	`46`	`static void getECKeyXyValuesFromDER(byte* derKey, size_t derLen, byte* rawKey)`
`36`	`47`	`{`
`37`		`- memcpy(rawKey, &derKey[derLen-64], 64);`
	`48`	`+ memcpy(rawKey, &derKey[derLen - SE05X_EC_KEY_RAW_LENGTH], SE05X_EC_KEY_RAW_LENGTH);`
`38`	`49`	`}`
`39`	`50`
`40`	`51`	`static void setECKeyXyVauesInDER(const byte* rawKey, byte* derKey)`
`41`	`52`	`{`
`42`		`- static const byte ecc_der_header_nist256[27] =`
	`53`	`+ static const byte ecc_der_header_nist256[SE05X_EC_KEY_HEADER_LENGTH] =`
`43`	`54`	`{`
`44`	`55`	`0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,`
`45`	`56`	`0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,`
`46`	`57`	`0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,`
`47`	`58`	`0x42, 0x00, 0x04`
`48`	`59`	`};`
`49`	`60`
`50`		`- memcpy(&derKey[0], &ecc_der_header_nist256[0], 27);`
`51`		`- memcpy(&derKey[27], &rawKey[0], 64);`
	`61`	`+ memcpy(&derKey[0], &ecc_der_header_nist256[0], SE05X_EC_KEY_HEADER_LENGTH);`
	`62`	`+ memcpy(&derKey[SE05X_EC_KEY_HEADER_LENGTH], &rawKey[0], SE05X_EC_KEY_RAW_LENGTH);`
`52`	`63`	`}`
`53`	`64`
`54`	`65`	`static void getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen, byte* rawSignature)`
`@@ -61,32 +72,32 @@ static void getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen, byt`
`61`	`72`
`62`	`73`	`byte * out = rawSignature;`
`63`	`74`
`64`		`- if(rLen == 32)`
	`75`	`+ if(rLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2))`
`65`	`76`	`{`
`66`		`- memcpy(out, &derSignature[4], 32);`
	`77`	`+ memcpy(out, &derSignature[4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));`
`67`	`78`	`}`
`68`		`- else if ((rLen == 33) && (derSignature[4] == 0))`
	`79`	`+ else if ((rLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[4] == 0))`
`69`	`80`	`{`
`70`		`- memcpy(out, &derSignature[5], 32);`
	`81`	`+ memcpy(out, &derSignature[5], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));`
`71`	`82`	`}`
`72`	`83`
`73`		`- out += 32;`
	`84`	`+ out += (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);`
`74`	`85`
`75`		`- if(sLen == 32)`
	`86`	`+ if(sLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2))`
`76`	`87`	`{`
`77`		`- memcpy(out, &derSignature[3 + rLen + 3], 32);`
	`88`	`+ memcpy(out, &derSignature[3 + rLen + 3], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));`
`78`	`89`	`}`
`79`		`- else if ((sLen == 33) && (derSignature[3 + rLen + 3] == 0))`
	`90`	`+ else if ((sLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[3 + rLen + 3] == 0))`
`80`	`91`	`{`
`81`		`- memcpy(out, &derSignature[3 + rLen + 4], 32);`
	`92`	`+ memcpy(out, &derSignature[3 + rLen + 4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2));`
`82`	`93`	`}`
`83`	`94`	`}`
`84`	`95`
`85`	`96`	`static void setECSignatureRsValuesInDER(const byte* rawSignature, byte* signature)`
`86`	`97`	`{`
`87`		`- byte rLen = 32;`
`88`		`- byte sLen = 32;`
`89`		`- byte rawSignatureLen = 64;`
	`98`	`+ byte rLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);`
	`99`	`+ byte sLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2);`
	`100`	`+ byte rawSignatureLen = SE05X_EC_SIGNATURE_RAW_LENGTH;`
`90`	`101`
`91`	`102`	`signature[0] = 0x30;`
`92`	`103`	`signature[1] = (uint8_t)(rawSignatureLen + 4);`
`@@ -150,7 +161,7 @@ int SE05XClass::readConfiguration(byte data[])`
`150`	`161`	`String SE05XClass::serialNumber()`
`151`	`162`	`{`
`152`	`163`	`String result = (char*)NULL;`
`153`		`- byte UID[18];`
	`164`	`+ byte UID[SE05X_SN_LENGTH];`
`154`	`165`	`size_t uidLen = 18;`
`155`	`166`
`156`	`167`	`sss_session_prop_get_au8(&_boot_ctx.session, kSSS_SessionProp_UID, UID, &uidLen);`
`@@ -240,7 +251,7 @@ int SE05XClass::generatePrivateKey(int keyId, byte pubKeyDer[], size_t pubKeyDer`
`240`	`251`
`241`	`252`	`int SE05XClass::generatePrivateKey(int slot, byte publicKey[])`
`242`	`253`	`{`
`243`		`- byte publicKeyDer[256];`
	`254`	`+ byte publicKeyDer[SE05X_DER_BUFFER_SIZE];`
`244`	`255`	`size_t publicKeyDerLen;`
`245`	`256`
`246`	`257`	`if ((_cipher_type != kSSS_CipherType_EC_NIST_P) \|\| (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {`
`@@ -279,7 +290,7 @@ int SE05XClass::generatePublicKey(int keyId, byte pubKeyDer[], size_t pubKeyDerM`
`279`	`290`
`280`	`291`	`int SE05XClass::generatePublicKey(int slot, byte publicKey[])`
`281`	`292`	`{`
`282`		`- byte publicKeyDer[256];`
	`293`	`+ byte publicKeyDer[SE05X_DER_BUFFER_SIZE];`
`283`	`294`	`size_t publicKeyDerLen;`
`284`	`295`
`285`	`296`	`if ((_cipher_type != kSSS_CipherType_EC_NIST_P) \|\| (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {`
`@@ -407,14 +418,14 @@ int SE05XClass::Sign(int keyId, const byte hash[], size_t hashLen, byte sig[], s`
`407`	`418`
`408`	`419`	`int SE05XClass::ecSign(int slot, const byte message[], byte signature[])`
`409`	`420`	`{`
`410`		`- byte signatureDer[256];`
	`421`	`+ byte signatureDer[SE05X_DER_BUFFER_SIZE];`
`411`	`422`	`size_t signatureDerLen;`
`412`	`423`
`413`	`424`	`if ((_cipher_type != kSSS_CipherType_EC_NIST_P) \|\| (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {`
`414`	`425`	`return 0;`
`415`	`426`	`}`
`416`	`427`
`417`		`- if (!Sign(slot, message, 32, signatureDer, sizeof(signatureDer), &signatureDerLen)) {`
	`428`	`+ if (!Sign(slot, message, SE05X_SHA256_LENGTH, signatureDer, sizeof(signatureDer), &signatureDerLen)) {`
`418`	`429`	`return 0;`
`419`	`430`	`}`
`420`	`431`
`@@ -454,24 +465,24 @@ int SE05XClass::Verify(int keyId, const byte hash[], size_t hashLen, const byte`
`454`	`465`
`455`	`466`	`int SE05XClass::ecdsaVerify(const byte message[], const byte signature[], const byte pubkey[])`
`456`	`467`	`{`
`457`		`- byte pubKeyDER[91];`
`458`		`- byte signatureDER[70];`
	`468`	`+ byte pubKeyDER[SE05X_EC_KEY_DER_LENGTH];`
	`469`	`+ byte signatureDER[SE05X_EC_SIGNATURE_DER_LENGTH];`
`459`	`470`	`int result;`
`460`	`471`
`461`	`472`	`if ((_cipher_type != kSSS_CipherType_EC_NIST_P) \|\| (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) {`
`462`	`473`	`return 0;`
`463`	`474`	`}`
`464`	`475`
`465`	`476`	`setECKeyXyVauesInDER(pubkey, pubKeyDER);`
`466`		`- if (!importPublicKey(0xA5A5, pubKeyDER, sizeof(pubKeyDER))) {`
	`477`	`+ if (!importPublicKey(SE05X_TEMP_OBJECT, pubKeyDER, sizeof(pubKeyDER))) {`
`467`	`478`	`return 0;`
`468`	`479`	`}`
`469`	`480`
`470`	`481`	`setECSignatureRsValuesInDER(signature, signatureDER);`
`471`	`482`
`472`		`- result = Verify(0xA5A5, message, 32, signatureDER, 70);`
	`483`	`+ result = Verify(SE05X_TEMP_OBJECT, message, SE05X_SHA256_LENGTH, signatureDER, SE05X_EC_SIGNATURE_DER_LENGTH);`
`473`	`484`
`474`		`- if (!deleteBinaryObject(0xA5A5)) {`
	`485`	`+ if (!deleteBinaryObject(SE05X_TEMP_OBJECT)) {`
`475`	`486`	`return 0;`
`476`	`487`	`}`
`477`	`488`	`return result;`