FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

X-CUBE-CRYPTOLIB cmox_eddsa_verify memory fail

AKole.3
Associate

‎2022-05-30 04:54 AM

Hi everyone!

In our project for stm32f446, we are trying to use X-CUBE-CRYPTOLIB to verify the firmware signature on the device using ED25519. Unfortunately, when trying to call the cmox_eddsa_verify method, we get the CMOX_ECC_ERR_MEMORY_FAIL error. The error occurs when memory is allocated. Tell me how to overcome this, or perhaps we are doing something wrong.

Below is the code

bool FirmwareCrypt::verify(const uint8_t* data, size_t size, const uint8_t* sign, size_t sign_size)
{
    if (!data || !size) 
        return false;
    
    cmox_ecc_handle_t handle;
    uint8_t ecc_buf[ECC_BUF_SIZE// 2048];
    uint32_t fault_check = 0;
    memset((void*)&handle, 0, sizeof(cmox_ecc_handle_t));
    cmox_ecc_construct(&handle, CMOX_ECC256_MATH_FUNCS, ecc_buf, ECC_BUF_SIZE);
    
    cmox_ecc_retval_t ret = cmox_eddsa_verify(&handle, CMOX_ECC_CURVE_ED25519, 
        public_key, PUBLIC_KEY_SIZE, data, size/*~100Kb*/, sign, sign_size, NULL/*&fault_check*/);
    
    if (/*(static_cast<uint32_t>(ret) != fault_check) && */(ret != CMOX_ECC_SUCCESS)) {
        return false;
    }
    
    return true;
}

Labels:
0 Kudos
4 REPLIES 4
Jocelyn RICARD
ST Employee

‎2022-06-29 05:36 AM

Hello @AKole.3​ ,

in the example provided here STM32CubeExpansion_Crypto_V4.0.1\Projects\NUCLEO-G474RE\Applications\ECC\EDDSA_SignVerify\ I can see:

uint8_t Working_Buffer[2200];

So, maybe setting your buffer size with same value will solve your issue

Best regards

Jocelyn

0 Kudos
HMcKi
Associate III
In response to Jocelyn RICARD

‎2024-10-15 03:00 PM

G'day,

Is there any documentation on how to set this buffer to be the appropriate size? This answer leads me to more questions:

  • Is 2200 always safe?
  • If you set it for one curve / memory implementation will it always work if it works once? 
  • I presume it depends on the ECC curve and the lowmem vs highmem option?

Cheers,

Hamish.

 

0 Kudos
Jocelyn RICARD
ST Employee
In response to HMcKi

‎2024-10-16 09:42 AM

Hello @HMcKi ,

if you look at the wiki here you will see the usage of the buffer depending on option used.

So, 2200 looks like a really safe value.

Best regards

Jocelyn

 

0 Kudos
HMcKi
Associate III
In response to Jocelyn RICARD

‎2024-10-22 09:39 PM

Thank you.
0 Kudos
Top