wolfSSL
diff --git a/‎embedded/signature/README.md
Lines changed: 87 additions & 0 deletions b/‎embedded/signature/README.md
Lines changed: 87 additions & 0 deletions
diff --git a/‎embedded/signature/ecc-sign-verify/Makefile
Lines changed: 66 additions & 0 deletions b/‎embedded/signature/ecc-sign-verify/Makefile
Lines changed: 66 additions & 0 deletions
diff --git a/‎embedded/signature/ecc-sign-verify/README.md
Lines changed: 133 additions & 0 deletions b/‎embedded/signature/ecc-sign-verify/README.md
Lines changed: 133 additions & 0 deletions
@@ -0,0 +1,87 @@
+# Signature Examples for Embedded Systems
+
+This directory includes the following examples under the sub-directories.Each has a Makefile and source files to build and execute the example and a README to show how to build and Example output.
+
+|Scheme|Directory|Description|
+|---|---|---|
+|RSA|rsa_vfy_only |verify signature|
+||rsa_buffer|sign/verify signature |
+|ECDSA|signature/ecc-sign-verify/ecc_sign_verify.c|sign msg and verify signature|
+
+You can specify a target function of Simple example, Benchemark or Memory track program.It also has options for optimized code for MCU architectures such as Intel x86, ARM64 or a generic code by default, as well as Math library of Single Precision or TFM.
+
+```
+$ make <Function> math=<Mathlib> arch=<MCU>
+```
+
+## Functions
+
+|Function name|Description|
+|---|---|
+|Default|Simple Execution|
+|mem|Memory Track on heap and stack usage|
+|bench|Performance benchmark|
+
+
+## Math library
+|math|Description|
+|---|---|
+|Default|Generic architecture by pure C language source code|
+|sp| SP for specified archtecture|
+|tfm|TFM for generic architecture|
+## MCU Architectures
+NOTE:  No architecture specification is required when using TFM.
+|arch|Description|
+|---|---|
+|Default|Generic architecture by pure C language source code|
+|arm64|SP for ARM64 |
+|x64|SP for x86 64bit|
+
+
+The Makefile is self-contained without libwolfssl. Put your wolfSSL source filesin parallel with wolfssl-examples directory. It is defined by WOLFROOT in Makefile.It compiles only needed files for the target. OBJ and OBJ_xxx macro in Makefiledefine object files for the common and specific target.
+
+Example programs are hard coded for a hash algorithm or signature scheme.Sha256 is for the hash by default. PKCS #1 v1.5 or ECDSA for the signature scheme.You can refer to the following API tables for modifying the examples for other algorithms or schemes.
+
+## Table 1: Hash algorithms for PKCS#1 Signature
+|Algorithm|Src File|Macro SW<br>Enable|<br>Disable|Note|
+|---|---|---|---|---|
+|MD2|md2.c|WOLFSSL_MD2||Only for v1.5 Backward compatibility|
+|MD5|md5.c||NO_MD5|Only for v1.5 Backward compatibility|
+|SHA1|sha.c||NO_SHA|||SHA256|sha256.c||NO_SHA256|
+||SHA384|sha512.c|WOLFSSL_SHA384||Disabled by default|
+|SHA512|sha512.c|WOLFSSL_SHA512||Disabled by default|
+
+
+## Table 2: Hash Algorithm APIs
+|Algorithm|<br>Init|API<br>Update|<br>Final|
+|---|---|---|---|
+|MD2|wc_InitMd2|wc_Md2Update|wc_Md2Final|
+|MD5|wc_InitMd5|wc_Md5Update|wc_Md5Final|
+|SHA1|wc_InitSha|wc_ShaUpdate|wc_ShaFinal|
+|SHA256|wc_InitSha256|wc_Sha256Update|wc_Sha256Final|
+|SHA384|wc_initSha384|wc_Sha384Update|wc_Sha384Final|
+|SHA512|wc_InitSha512|wc_Sha512Update|wc_Sha512Final|
+
+
+## Table 3: RSA Signature APIs
+
+|Padding|API|Description|
+|---|---|---|
+|PKCS #1 v1.5|wc_RsaSSL_Verify|Decrypt input signature to verify|
+||wc_RsaSSL_VerifyInline|The output uses the same byte array as the input|
+|PSS|wc_RsaPSS_Verify|Decrypt input signature to verify with PSS|
+| |wc_RsaPSS_VerifyCheck|Verify the message signed|
+| |wc_RsaPSS_VerifyCheck_ex|with Salt length argument|
+| |wc_RsaPSS_VerifyInline|The output uses the same byte array as the input|
+| |wc_RsaPSS_VerifyCheckInline|Verify the message signed|
+| |wc_RsaPSS_VerifyCheckPadding|Checks the PSS data to ensure that the signature matches|
+| |wc_RsaPSS_VerifyCheckPadding_ex|with Salt length argument|
+
+
+## Table 4: ECC Signature APIs
+
+|Algorithm|API|Hash|
+|---|---|---|
+|ECDSA|wc_ecc_sign_hash|SHA512|
+|Ed25519|wc_ed25519_sign_hash|SHA512|
+|Ed488|wc_ed488_sign_hash|SHAKE256|
@@ -0,0 +1,66 @@
+WOLFROOT = ../../../../wolfssl
+
+CFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os
+ASFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT)
+
+OBJ=\
+	$(WOLFROOT)/wolfcrypt/src/ecc.o\
+	$(WOLFROOT)/wolfcrypt/src/sha256.o\
+	$(WOLFROOT)/wolfcrypt/src/hash.o\
+	$(WOLFROOT)/wolfcrypt/src/random.o\
+	$(WOLFROOT)/wolfcrypt/src/asn.o\
+	$(WOLFROOT)/wolfcrypt/src/wc_port.o\
+	$(WOLFROOT)/wolfcrypt/src/coding.o\
+	$(WOLFROOT)/wolfcrypt/src/memory.o\
+	$(WOLFROOT)/wolfcrypt/src/wolfmath.o\
+
+
+OBJ_SP_C32 := \
+	$(WOLFROOT)/wolfcrypt/src/sp_int.o\
+	$(WOLFROOT)/wolfcrypt/src/sp_c32.o\
+
+OBJ_SP_ARM64 := \
+	$(WOLFROOT)/wolfcrypt/src/sp_int.o\
+	$(WOLFROOT)/wolfcrypt/src/sp_arm64.o\
+
+
+OBJ_SP_X86_64 := \
+	$(WOLFROOT)/wolfcrypt/src/sp_int.o\
+	$(WOLFROOT)/wolfcrypt/src/cpuid.o\
+	$(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\
+	$(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\
+
+OBJ_TFM := \
+	$(WOLFROOT)/wolfcrypt/src/tfm.o\
+
+.PHONY: all clean mem size 
+
+ifeq ($(math) $(arch),sp x64) 
+ASFLAGS+= -DSP_X86_64_FLAG
+OBJ += $(OBJ_SP_X86_64)
+else ifeq ($(math) $(arch),sp arm64)
+CFLAGS += -DSP_ARM64_FLAG
+OBJ += $(OBJ_SP_ARM64)
+else ifeq ($(math), tfm)
+CFLAGS += -DTFM_FLAG
+OBJ += $(OBJ_TFM)
+else 
+CFLAGS += -DSP_FLAG
+OBJ += $(OBJ_SP_C32)
+endif
+
+all : ecc_sign_verify bench
+mem:CFLAGS+= -DDEBUG_MEMORY
+mem: ecc_sign_verify 
+
+ecc_sign_verify: $(OBJ)
+	$(CC) $(CFLAGS) -o ecc_sign_verify ecc_sign_verify.c $(OBJ)
+
+bench: $(OBJ)
+	$(CC) $(CFLAGS) -DBENCHMARK -o bench ecc_sign_verify.c $(OBJ)
+
+clean:
+	rm -f ecc_sign_verify bench $(WOLFROOT)/wolfcrypt/src/*.o
+
+size :
+	size $(OBJ)
@@ -0,0 +1,133 @@
+# Signature Test Example
+
+Demonstrates using a hash digest to sign and verify a signature using ECC
+
+First, set the path to wolfssl directory to variable WOLFROOT in the Makefile.
+## Building
+
+### Build example
+
+```
+make
+```
+
+## Usage
+
+```
+./ecc_sign_verify
+Key size is 112, byteField = 14, maxSigSz = 44
+Successfully verified signature w/ ecc key size 112!
+Key size is 128, byteField = 16, maxSigSz = 48
+Successfully verified signature w/ ecc key size 128!
+Key size is 160, byteField = 20, maxSigSz = 56
+Successfully verified signature w/ ecc key size 160!
+Key size is 192, byteField = 24, maxSigSz = 64
+Successfully verified signature w/ ecc key size 192!
+Key size is 224, byteField = 28, maxSigSz = 72
+Successfully verified signature w/ ecc key size 224!
+Key size is 239, byteField = 36, maxSigSz = 88
+Successfully verified signature w/ ecc key size 239!
+Key size is 256, byteField = 32, maxSigSz = 80
+Successfully verified signature w/ ecc key size 256!
+Key size is 320, byteField = 40, maxSigSz = 96
+Successfully verified signature w/ ecc key size 320!
+Key size is 384, byteField = 48, maxSigSz = 112
+Successfully verified signature w/ ecc key size 384!
+Key size is 512, byteField = 64, maxSigSz = 144
+Successfully verified signature w/ ecc key size 512!
+Key size is 521, byteField = 66, maxSigSz = 148
+Successfully verified signature w/ ecc key size 521!
+```
+
+NOTE: Also an option to dump out the signatures. For more verbose output
+      uncomment define in example "SHOW_SIGS_IN_EXAMPLE"
+
+  
+
+# Signature verification Benchmark
+
+You can generate benchmark program to compare the speed of signature verification between TFM and SP
+### SP
+Faster math library
+
+If you build for x86_64 system:
+```
+make bench math=sp arch=x64
+```
+else if Aarch64 system: 
+```
+make bench math=sp arch=arm64
+``` 
+then a benchmark program is generated.
+### TFM
+
+```
+make bench math=tfm
+```
+NOTE: When using TFM, No Architecture specification is required.
+
+## Example Output
+built with the option `math=sp arch=arm64`
+```
+./bench
+---------------------------------------------------------------
+Enabled WOLFSSL_SP_ARM64
+---------------------------------------------------------------
+Running ECC Sign Verify Benchmarks...
+ECC Key Size 112       1275.78 Cycles/sec
+ECC Key Size 128       1351.68 Cycles/sec
+ECC Key Size 160       1368.65 Cycles/sec
+ECC Key Size 192       1382.20 Cycles/sec
+ECC Key Size 224       1385.06 Cycles/sec
+ECC Key Size 239       1401.38 Cycles/sec
+ECC Key Size 256      12830.67 Cycles/sec
+ECC Key Size 320        626.52 Cycles/sec
+ECC Key Size 384        634.85 Cycles/sec
+ECC Key Size 512        279.71 Cycles/sec
+ECC Key Size 521        279.15 Cycles/sec
+```
+
+# Tracking memory
+To see a stack and heap memory usage.
+
+```
+make mem
+```
+## Example Output
+```
+./ecc_sign_verify
+Key size is 112, byteField = 14
+Successfully verified signature w/ ecc key size 112!
+Key size is 128, byteField = 16
+Successfully verified signature w/ ecc key size 128!
+Key size is 160, byteField = 20
+Successfully verified signature w/ ecc key size 160!
+Key size is 192, byteField = 24
+Successfully verified signature w/ ecc key size 192!
+Key size is 224, byteField = 28
+Successfully verified signature w/ ecc key size 224!
+Key size is 239, byteField = 30
+Successfully verified signature w/ ecc key size 239!
+Key size is 256, byteField = 32
+Successfully verified signature w/ ecc key size 256!
+Key size is 320, byteField = 40
+Successfully verified signature w/ ecc key size 320!
+Key size is 384, byteField = 48
+Successfully verified signature w/ ecc key size 384!
+Key size is 512, byteField = 64
+Successfully verified signature w/ ecc key size 512!
+Key size is 521, byteField = 66
+Successfully verified signature w/ ecc key size 521!
+
+total   Allocs   =       522
+total   Deallocs =       522
+total   Bytes    =    225047
+peak    Bytes    =      5161
+current Bytes    =         0
+stack used = 16752
+```
+
+
+Best wishes in all your testing!
+
+- The wolfSSL Team