Add simple SW implementations for crypto_backend and keystore_backend

Signed-off-by: Jukka Laitinen <jukkax@ssrc.tii.ae>

platforms/common/px4_sw_crypto/CMakeLists.txt

@@ -0,0 +1,44 @@
+############################################################################
+#
+#   Copyright (c) 2021 Technology Innoavation Institute. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name PX4 nor the names of its contributors may be
+#    used to endorse or promote products derived from this software
+#    without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+############################################################################
+
+if (DEFINED PX4_CRYPTO)
+	if (IS_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/${PX4_CRYPTO})
+		add_subdirectory(${PX4_CRYPTO})
+	endif()
+endif()
+
+if (DEFINED PX4_KEYSTORE)
+	if (IS_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/${PX4_KEYSTORE})
+		add_subdirectory(${PX4_KEYSTORE})
+	endif()
+endif()

platforms/common/px4_sw_crypto/stub_keystore/CMakeLists.txt

@@ -0,0 +1,69 @@
+
+############################################################################
+#
+#   Copyright (c) 2021 Technology Innoavation Institute. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name PX4 nor the names of its contributors may be
+#    used to endorse or promote products derived from this software
+#    without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+############################################################################
+
+px4_add_library(keystore_backend stub_keystore.c)
+
+target_include_directories(keystore_backend PUBLIC ${CMAKE_CURRENT_SOURCE_DIR})
+
+if(DEFINED ENV{PUBLIC_KEY0})
+	add_definitions(-DPUBLIC_KEY0=$ENV{PUBLIC_KEY0})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY1})
+	add_definitions(-DPUBLIC_KEY1=$ENV{PUBLIC_KEY1})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY2})
+	add_definitions(-DPUBLIC_KEY2=$ENV{PUBLIC_KEY2})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY3})
+	add_definitions(-DPUBLIC_KEY3=$ENV{PUBLIC_KEY3})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY4})
+	add_definitions(-DPUBLIC_KEY4=$ENV{PUBLIC_KEY4})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY5})
+	add_definitions(-DPUBLIC_KEY5=$ENV{PUBLIC_KEY5})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY6})
+	add_definitions(-DPUBLIC_KEY6=$ENV{PUBLIC_KEY6})
+endif()
+
+if(DEFINED ENV{PUBLIC_KEY7})
+	add_definitions(-DPUBLIC_KEY7=$ENV{PUBLIC_KEY7})
+endif()

platforms/common/px4_sw_crypto/stub_keystore/keystore_backend_definitions.h

@@ -0,0 +1,42 @@
+/****************************************************************************
+ *
+ *   Copyright (c) 2021 Technology Innovation Institute. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ * 3. Neither the name PX4 nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+#pragma once
+
+typedef struct {
+	int handle;
+} keystore_session_handle_t;
+
+/* For the stub_keystore the handle is not used at the moment, so it is always valid */
+
+inline bool keystore_session_handle_valid(keystore_session_handle_t handle) {return handle.handle > 0;}

platforms/common/px4_sw_crypto/stub_keystore/public_key.h

@@ -0,0 +1,113 @@
+/****************************************************************************
+ *
+ *   Copyright (c) 2020 Technology Innovation Institute. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ * 3. Neither the name PX4 nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+/**
+ * @file public_key.h
+ *
+ * File holds public keys for signed firmware.
+ *
+ *
+ */
+
+#pragma once
+
+#define XSTR(x) #x
+#define STR(x) XSTR(x)
+
+#ifndef PUBLIC_KEY0
+#error "At least one key (PUBLIC_KEY0) must be defined"
+#endif
+
+typedef struct {
+	const size_t key_size;
+	const uint8_t *key;
+} persistent_key_t;
+
+/* This constant only exists to calculate size of the
+   key. It will be removed by the linker */
+static const uint8_t public_key0[] = {
+#include STR(PUBLIC_KEY0)
+};
+
+#ifdef PUBLIC_KEY1
+
+static const uint8_t public_key1[] = {
+#include STR(PUBLIC_KEY1)
+};
+#endif
+
+#ifdef PUBLIC_KEY2
+static const uint8_t public_key2[] = {
+#include STR(PUBLIC_KEY2)
+};
+#endif
+
+#ifdef PUBLIC_KEY3
+static const uint8_t public_key3[] = {
+#include STR(PUBLIC_KEY3)
+};
+#endif
+
+
+static const persistent_key_t public_keys[] = {
+	{
+		.key = public_key0,
+		.key_size = sizeof(public_key0)
+	}
+
+#ifdef PUBLIC_KEY1
+	,
+	{
+		.key = public_key1,
+		.key_size = sizeof(public_key1)
+	}
+#endif
+
+#ifdef PUBLIC_KEY2
+	,
+	{
+		.key = public_key2,
+		.key_size = sizeof(public_key2)
+	}
+#endif
+
+#ifdef PUBLIC_KEY3
+	{
+		.key = public_key3,
+		.key_size = sizeof(public_key3)
+	}
+#endif
+
+};
+
+#define NPERSISTENT_KEYS (sizeof(public_keys) / sizeof(persistent_key_t))

platforms/common/px4_sw_crypto/stub_keystore/stub_keystore.c

@@ -0,0 +1,79 @@
+/****************************************************************************
+ *
+ *   Copyright (c) 2021 Technology Innovation Institute. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ * 3. Neither the name PX4 nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+#include <px4_platform_common/crypto_algorithms.h>
+#include <string.h>
+#include <stdbool.h>
+#include "public_key.h"
+#include "keystore_backend_definitions.h"
+/*
+ * For now, this is just a dummy up/down counter for tracking open/close calls
+ */
+static int keystore_open_count = 0;
+
+void keystore_init(void)
+{
+}
+
+keystore_session_handle_t keystore_open(void)
+{
+	keystore_session_handle_t ret;
+	ret.handle = ++keystore_open_count;
+	return ret;
+}
+
+void keystore_close(keystore_session_handle_t *handle)
+{
+	keystore_open_count--;
+	handle->handle = 0;
+}
+
+size_t keystore_get_key(keystore_session_handle_t handle, uint8_t idx, uint8_t *key_buf, size_t key_buf_size)
+{
+	size_t ret = 0;
+
+	if (idx < NPERSISTENT_KEYS) {
+		ret = public_keys[idx].key_size;
+
+		if (key_buf) {
+			if (key_buf_size >= ret) {
+				memcpy(key_buf, public_keys[idx].key, ret);
+
+			} else {
+				ret = 0;
+			}
+		}
+	}
+
+	return ret;
+}

platforms/common/px4_sw_crypto/sw_crypto/CMakeLists.txt

@@ -0,0 +1,48 @@
+
+############################################################################
+#
+#   Copyright (c) 2021 Technology Innoavation Institute. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+# 3. Neither the name PX4 nor the names of its contributors may be
+#    used to endorse or promote products derived from this software
+#    without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+############################################################################
+
+px4_add_library(crypto_backend crypto.c)
+
+target_link_libraries(crypto_backend
+	PUBLIC
+		keystore_backend
+)
+
+target_link_libraries(crypto_backend
+	PRIVATE
+		monocypher
+)
+
+target_include_directories(crypto_backend PUBLIC ${CMAKE_CURRENT_SOURCE_DIR})
+

platforms/common/px4_sw_crypto/sw_crypto/crypto.c

@@ -0,0 +1,182 @@
+/****************************************************************************
+ *
+ *   Copyright (c) 2020 Technology Innovation Institute. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ * 3. Neither the name PX4 nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+/**
+ * @file crypto.c
+ *
+ * Wrapper for the monocypher crypto
+ *
+ */
+
+#include <inttypes.h>
+#include <stdbool.h>
+
+#include <px4_platform_common/crypto_backend.h>
+#include <lib/crypto/monocypher/src/optional/monocypher-ed25519.h>
+
+/* room for 16 keys */
+#define KEY_CACHE_LEN 16
+
+#ifndef SECMEM_ALLOC
+#define SECMEM_ALLOC malloc
+#endif
+
+#ifndef SECMEM_FREE
+#define SECMEM_FREE free
+#endif
+
+/*
+ * For now, this is just a dummy up/down counter for tracking open/close calls
+ */
+static int crypto_open_count = 0;
+
+typedef struct {
+	size_t key_size;
+	uint8_t *key;
+} volatile_key_t;
+
+static volatile_key_t key_cache[KEY_CACHE_LEN];
+
+/* Clear key cache */
+static void clear_key_cache(void)
+{
+	for (int i = 0; i < KEY_CACHE_LEN ; i++) {
+		SECMEM_FREE(key_cache[i].key);
+		key_cache[i].key = NULL;
+		key_cache[i].key_size = 0;
+	}
+}
+
+/* Retrieve a direct pointer to the cached temporary/public key */
+static const uint8_t *crypto_get_key_ptr(keystore_session_handle_t handle, uint8_t key_idx,
+		size_t *len)
+{
+	uint8_t *ret;
+
+	if (key_idx >= KEY_CACHE_LEN) {
+		*len = 0;
+		return NULL;
+	}
+
+	ret = key_cache[key_idx].key;
+
+	/* if the key doesn't exist in the key cache, try to read it in there from keystore */
+	if (ret == NULL) {
+
+		/* First check if the key exists in the keystore and retrieve its length */
+		*len = keystore_get_key(handle, key_idx, NULL, 0);
+
+		if (*len > 0) {
+
+			/* Allocate memory for the key in the cache */
+			ret = SECMEM_ALLOC(*len);
+
+			/* Retrieve the key from the keystore */
+			if (ret) {
+				if (keystore_get_key(handle, key_idx, ret, *len) > 0) {
+					/* Success, store the key in cache */
+					key_cache[key_idx].key_size = *len;
+					key_cache[key_idx].key = ret;
+
+				} else {
+					/* key retrieval failed, free the memory */
+					SECMEM_FREE(ret);
+				}
+			}
+		}
+	}
+
+	*len = key_cache[key_idx].key_size;
+
+	return ret;
+}
+
+
+void crypto_init()
+{
+	keystore_init();
+	clear_key_cache();
+}
+
+crypto_session_handle_t crypto_open(px4_crypto_algorithm_t algorithm)
+{
+	crypto_session_handle_t ret;
+	ret.algorithm = algorithm;
+	ret.keystore_handle = keystore_open();
+
+	if (keystore_session_handle_valid(ret.keystore_handle)) {
+		ret.handle = ++crypto_open_count;
+
+	} else {
+		ret.handle = 0;
+	}
+
+	return ret;
+}
+
+void crypto_close(crypto_session_handle_t *handle)
+{
+	crypto_open_count--;
+	handle->handle = 0;
+	keystore_close(&handle->keystore_handle);
+}
+
+bool crypto_signature_check(crypto_session_handle_t handle,
+			    uint8_t  key_index,
+			    const uint8_t  *signature,
+			    const uint8_t *message,
+			    size_t message_size)
+{
+	bool ret = false;
+	size_t keylen = 0;
+	const uint8_t *public_key;
+
+	if (crypto_session_handle_valid(handle)) {
+		public_key = crypto_get_key_ptr(handle.keystore_handle, key_index, &keylen);
+	}
+
+	if (keylen == 0) {
+		return false;
+	}
+
+	switch (handle.algorithm) {
+	case CRYPTO_ED25519:
+		ret = crypto_ed25519_check(signature, public_key, message, message_size) == 0;
+		break;
+
+	default:
+		ret = false;
+	}
+
+	return ret;
+}

platforms/common/px4_sw_crypto/sw_crypto/crypto_backend_definitions.h

@@ -0,0 +1,46 @@
+/****************************************************************************
+ *
+ *   Copyright (c) 2021 Technology Innovation Institute. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ * 3. Neither the name PX4 nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+#pragma once
+
+#include <stdbool.h>
+#include <keystore_backend_definitions.h>
+
+typedef struct {
+	int handle;
+	px4_crypto_algorithm_t algorithm;
+	uint8_t *nonce;
+	keystore_session_handle_t keystore_handle;
+} crypto_session_handle_t;
+
+static inline bool crypto_session_handle_valid(crypto_session_handle_t handle) {return handle.handle > 0;}