diff --git a/embedded/signature/Makefile b/embedded/signature/Makefile new file mode 100644 index 000000000..ace1e14fb --- /dev/null +++ b/embedded/signature/Makefile @@ -0,0 +1,20 @@ +CC = gcc +#CC = clang +SRCROOT = . +ECCSRCDIRS := $(shell ls -d $(SRCROOT)/ecc_*) +RSASRCDIRS := $(shell ls -d $(SRCROOT)/rsa_*) + +all: ecc rsa + +ecc: + @for d in $(ECCSRCDIRS); do echo $$d ; $(MAKE) -C $$d CC=$(CC) ; done + +rsa: + @for d in $(RSASRCDIRS); do echo $$d ; $(MAKE) -C $$d CC=$(CC) ; done + +clean: FORCE + @for d in $(ECCSRCDIRS); do echo $$d ; $(MAKE) -C $$d clean; done + @for d in $(RSASRCDIRS); do echo $$d ; $(MAKE) -C $$d clean; done + +FORCE: +.PHONY: FORCE \ No newline at end of file diff --git a/embedded/signature/README.md b/embedded/signature/README.md new file mode 100644 index 000000000..5099fd007 --- /dev/null +++ b/embedded/signature/README.md @@ -0,0 +1,93 @@ +# Signature Examples for Embedded Systems +​ +This directory includes the following examples. Each subdirectory has a Makefile, source files, and a README to show how to build the example, along with expected example output. +​ +|Scheme|Directory|Description| +|---|---|---| +|RSA|rsa_sign_verify|sign/verify signature inline | +||rsa_vfy_only |verify signature| +||rsa_vfy_only_nonblock|verify signature with non-blocking| +|ECDSA|ecc_sign_verify|sign msg and verify signature| +||ecc_vfy_only|verify Signature| +||ecc_vfy_only_nonblock|verify signature with non-blocking| + + +When building each example, you can specify arguments to control the build. Specify a target function to run either a simple example, benchmark, or memory tracking example. Specify an "arch" option to build optimized code for MCU architectures such as Intel x86, ARM64 or a generic code by default. And specify a "math" option to choose an underlying wolfCrypt math library to use, between Single Precision or TFM. + + +``` +$ make math= arch= +``` +​ +## Functions + +|Function name|Description| +|---|---| +|Default|Simple Execution| +|mem|Memory Track on heap and stack usage| +|bench|Performance benchmark| + +## Math library +|math|Description| +|---|---| +|Default|Generic architecture by pure C language source code| +|sp| SP for generic or specified architecture| +|tfm|TFM for generic architecture| +## MCU Architectures +NOTE: No architecture specification is required when using TFM. +|arch|Description| +|---|---| +|Default|Generic architecture by pure C language source code| +|c32| SP using 32-bit data type | +|c64| SP using 64-bit data type (default) | +|arm64|SP for ARM64 | +|x64|SP for x86 64bit| + + +Each Makefile is self-contained to statically link wolfCrypt source files (without using a shared libwolfssl.so). Put your wolfSSL source files in parallel with the wolfssl-examples directory. The location of the primary wolfSSL source directory is defined by WOLFROOT in each Makefile. Each build compiles only the needed files for the target. OBJ and OBJ_xxx macros in each Makefile define object files for the common and specific target. +​ +Example programs are hard coded to use a specific hash algorithm or signature scheme. Sha256 is used for the hash by default. PKCS#1 v1.5 or ECDSA is used for the signature scheme. You can refer to the following API tables for modifying the examples for other algorithms or schemes. + +## Table 1: Hash algorithms for PKCS#1 Signature +|Algorithm|Src File|Macro SW
Enable|
Disable|Note| +|---|---|---|---|---| +|MD2|md2.c|WOLFSSL_MD2||Only for v1.5 Backward compatibility| +|MD5|md5.c||NO_MD5|Only for v1.5 Backward compatibility| +|SHA1|sha.c||NO_SHA|||SHA256|sha256.c||NO_SHA256| +||SHA384|sha512.c|WOLFSSL_SHA384||Disabled by default| +|SHA512|sha512.c|WOLFSSL_SHA512||Disabled by default| + + +## Table 2: Hash Algorithm APIs +|Algorithm|
Init|API
Update|
Final| +|---|---|---|---| +|MD2|wc_InitMd2|wc_Md2Update|wc_Md2Final| +|MD5|wc_InitMd5|wc_Md5Update|wc_Md5Final| +|SHA1|wc_InitSha|wc_ShaUpdate|wc_ShaFinal| +|SHA256|wc_InitSha256|wc_Sha256Update|wc_Sha256Final| +|SHA384|wc_initSha384|wc_Sha384Update|wc_Sha384Final| +|SHA512|wc_InitSha512|wc_Sha512Update|wc_Sha512Final| + +​ +## Table 3: RSA Signature APIs +​ +|Padding|API|Description| +|---|---|---| +|PKCS #1 v1.5|wc_RsaSSL_Verify|Decrypt input signature to verify| +||wc_RsaSSL_VerifyInline|The output uses the same byte array as the input| +|PSS|wc_RsaPSS_Verify|Decrypt input signature to verify with PSS| +| |wc_RsaPSS_VerifyCheck|Verify the message signed| +| |wc_RsaPSS_VerifyCheck_ex|with Salt length argument| +| |wc_RsaPSS_VerifyInline|The output uses the same byte array as the input| +| |wc_RsaPSS_VerifyCheckInline|Verify the message signed| +| |wc_RsaPSS_VerifyCheckPadding|Checks the PSS data to ensure that the signature matches| +| |wc_RsaPSS_VerifyCheckPadding_ex|with Salt length argument| + + +## Table 4: ECC Signature APIs +​ +|Algorithm|API|Hash| +|---|---|---| +|ECDSA|wc_ecc_sign_hash|SHA512| +|Ed25519|wc_ed25519_sign_hash|SHA512| +|Ed488|wc_ed488_sign_hash|SHAKE256| diff --git a/embedded/signature/ecc_sign_verify/Makefile b/embedded/signature/ecc_sign_verify/Makefile new file mode 100644 index 000000000..e1c3a431f --- /dev/null +++ b/embedded/signature/ecc_sign_verify/Makefile @@ -0,0 +1,77 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl + +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ=\ + $(WOLFROOT)/wolfcrypt/src/ecc.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + +.PHONY: all clean mem size bench + +ifeq ($(math) $(arch),sp x64) +ASFLAGS+= -DSP_X86_64_FLAG +CFLAGS += -DSP_X86_64_FLAG +OBJ += $(OBJ_SP_X86_64) +else ifeq ($(math) $(arch),sp arm64) +CFLAGS += -DSP_ARM64_FLAG +OBJ += $(OBJ_SP_ARM64) +else ifeq ($(math) $(arch),sp c64) +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +else ifeq ($(math) $(arch),sp c32) +CFLAGS += -DSP_C32_FLAG +OBJ += $(OBJ_SP_C32) +else ifeq ($(math), tfm) +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) +else +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +endif + +all : ecc_sign_verify bench mem + +ecc_sign_verify: clean $(OBJ) + $(CC) $(CFLAGS) -o ecc_sign_verify ecc_sign_verify.c $(OBJ) + +bench: clean $(OBJ) + $(CC) $(CFLAGS) -DBENCHMARK -o ecc_sign_verify_bench ecc_sign_verify.c $(OBJ) -lpthread + +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o ecc_sign_verify_mem ecc_sign_verify.c $(OBJ) -lpthread +clean: + rm -f ecc_sign_verify ecc_sign_verify_bench ecc_sign_verify_mem $(WOLFROOT)/wolfcrypt/src/*.o + +size : + size $(OBJ) ecc_sign_verify diff --git a/embedded/signature/ecc_sign_verify/README.md b/embedded/signature/ecc_sign_verify/README.md new file mode 100644 index 000000000..9835ff7c5 --- /dev/null +++ b/embedded/signature/ecc_sign_verify/README.md @@ -0,0 +1,133 @@ +# Signature Test Example + +Demonstrates using a hash digest to sign and verify a signature using ECC + +First, set the path to wolfssl directory to variable WOLFROOT in the Makefile. +## Building + +### Build example + +``` +make +``` + +## Usage + +``` +./ecc_sign_verify +Key size is 112, byteField = 14, maxSigSz = 44 +Successfully verified signature w/ ecc key size 112! +Key size is 128, byteField = 16, maxSigSz = 48 +Successfully verified signature w/ ecc key size 128! +Key size is 160, byteField = 20, maxSigSz = 56 +Successfully verified signature w/ ecc key size 160! +Key size is 192, byteField = 24, maxSigSz = 64 +Successfully verified signature w/ ecc key size 192! +Key size is 224, byteField = 28, maxSigSz = 72 +Successfully verified signature w/ ecc key size 224! +Key size is 239, byteField = 36, maxSigSz = 88 +Successfully verified signature w/ ecc key size 239! +Key size is 256, byteField = 32, maxSigSz = 80 +Successfully verified signature w/ ecc key size 256! +Key size is 320, byteField = 40, maxSigSz = 96 +Successfully verified signature w/ ecc key size 320! +Key size is 384, byteField = 48, maxSigSz = 112 +Successfully verified signature w/ ecc key size 384! +Key size is 512, byteField = 64, maxSigSz = 144 +Successfully verified signature w/ ecc key size 512! +Key size is 521, byteField = 66, maxSigSz = 148 +Successfully verified signature w/ ecc key size 521! +``` + +NOTE: Also an option to dump out the signatures. For more verbose output + uncomment define in example "SHOW_SIGS_IN_EXAMPLE" + + + +# Signature verification Benchmark + +You can generate benchmark program to compare the speed of signature verification between TFM and SP +### SP +Faster math library + +If you build for x86_64 system: +``` +make bench math=sp arch=x64 +``` +else if Aarch64 system: +``` +make bench math=sp arch=arm64 +``` +then a benchmark program is generated. +### TFM + +``` +make bench math=tfm +``` +NOTE: When using TFM, No Architecture specification is required. + +## Example Output +- built with the option `math=sp arch=arm64` +``` +./ecc_sign_verify_bench +--------------------------------------------------------------- +Enabled WOLFSSL_SP_ARM64 +--------------------------------------------------------------- +Running ECC Sign Verify Benchmarks... +ECC Key Size 112 1275.78 Cycles/sec +ECC Key Size 128 1351.68 Cycles/sec +ECC Key Size 160 1368.65 Cycles/sec +ECC Key Size 192 1382.20 Cycles/sec +ECC Key Size 224 1385.06 Cycles/sec +ECC Key Size 239 1401.38 Cycles/sec +ECC Key Size 256 12830.67 Cycles/sec +ECC Key Size 320 626.52 Cycles/sec +ECC Key Size 384 634.85 Cycles/sec +ECC Key Size 512 279.71 Cycles/sec +ECC Key Size 521 279.15 Cycles/sec +``` + +# Tracking memory +To see a stack and heap memory usage. + +``` +make mem +``` +## Example Output +``` +./ecc_sign_verify_mem +Key size is 112, byteField = 14 +Successfully verified signature w/ ecc key size 112! +Key size is 128, byteField = 16 +Successfully verified signature w/ ecc key size 128! +Key size is 160, byteField = 20 +Successfully verified signature w/ ecc key size 160! +Key size is 192, byteField = 24 +Successfully verified signature w/ ecc key size 192! +Key size is 224, byteField = 28 +Successfully verified signature w/ ecc key size 224! +Key size is 239, byteField = 30 +Successfully verified signature w/ ecc key size 239! +Key size is 256, byteField = 32 +Successfully verified signature w/ ecc key size 256! +Key size is 320, byteField = 40 +Successfully verified signature w/ ecc key size 320! +Key size is 384, byteField = 48 +Successfully verified signature w/ ecc key size 384! +Key size is 512, byteField = 64 +Successfully verified signature w/ ecc key size 512! +Key size is 521, byteField = 66 +Successfully verified signature w/ ecc key size 521! + +total Allocs = 422 +total Deallocs = 422 +total Bytes = 195047 +peak Bytes = 5557 +current Bytes = 0 +stack used = 14448 +``` + + +Best wishes in all your testing! + +- The wolfSSL Team diff --git a/embedded/signature/ecc_sign_verify/ecc_sign_verify.c b/embedded/signature/ecc_sign_verify/ecc_sign_verify.c new file mode 100644 index 000000000..5108d17bc --- /dev/null +++ b/embedded/signature/ecc_sign_verify/ecc_sign_verify.c @@ -0,0 +1,233 @@ +/* ecc_sign_verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* uncomment to show signatures */ +/* #define SHOW_SIGS_IN_EXAMPLE */ + +#define HEAP_HINT NULL +#define ECC_KEY_SIZE_112 112 +#define ECC_KEY_SIZE_128 128 +#define ECC_KEY_SIZE_160 160 +#define ECC_KEY_SIZE_192 192 +#define ECC_KEY_SIZE_224 224 +#define ECC_KEY_SIZE_239 239 +#define ECC_KEY_SIZE_256 256 +#define ECC_KEY_SIZE_320 320 +#define ECC_KEY_SIZE_384 384 +#define ECC_KEY_SIZE_512 512 +#define ECC_KEY_SIZE_521 521 +#define BYTE_SZ 8 +#define CHECK_RET(a, b, eLabel, msg) { \ + if (a != b) { \ + printf("failed %s\n", msg); \ + printf("ret = %d\n", a); \ + goto eLabel; \ + } \ + } + +int do_sig_ver_test(int eccKeySz); + +#ifdef SHOW_SIGS_IN_EXAMPLE + static void hexdump(const void *buffer, word32 len, byte cols); +#endif + +int ecc_sign_verify(void) +{ + int ret = 0; +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + ret = do_sig_ver_test(ECC_KEY_SIZE_112); + CHECK_RET(ret, 0, finished, "112 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_128); + CHECK_RET(ret, 0, finished, "128 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_160); + CHECK_RET(ret, 0, finished, "160 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_192); + CHECK_RET(ret, 0, finished, "192 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_224); + CHECK_RET(ret, 0, finished, "224 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_239); + CHECK_RET(ret, 0, finished, "239 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_256); + CHECK_RET(ret, 0, finished, "256 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_320); + CHECK_RET(ret, 0, finished, "320 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_384); + CHECK_RET(ret, 0, finished, "384 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_512); + CHECK_RET(ret, 0, finished, "512 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_521); + CHECK_RET(ret, 0, finished, "521 test"); + +finished: +#ifdef DEBUG_MEMORY + printf("\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret; +} + +int do_sig_ver_test(int eccKeySz) +{ + /* sha256 hash of the string "A 32-bit string to test signing" */ + unsigned char hash[32] = { + 0x3b, 0x07, 0x54, 0x5c, 0xfd, 0x4f, 0xb7, 0xb5, + 0xaf, 0xa7, 0x7a, 0x25, 0x33, 0xa5, 0x50, 0x70, + 0x4a, 0x65, 0x3e, 0x72, 0x7e, 0xcd, 0xd4, 0x5b, + 0x1b, 0x36, 0x96, 0x96, 0xca, 0x4f, 0x9b, 0x6f + }; + int ret; + ecc_key key; + byte* sig = NULL; // get rid of this magic number + WC_RNG rng; + int verified = 0; + +/* Variables for Benchmark */ +double start_time, total_time; +#ifndef BENCH_TIME_SEC + #define BENCH_TIME_SEC 1 +#endif + int count; + /* + * for odd curve sizes account for mod EG: + * Case 1) curve field of 256: + * (256/8) + (256%8 != 0 ? 1:0) == 32 + 0 = 32 + * + * Case 2) curve field of 521: + * (521/8 = 65.125 (rounds to 65) + (521%8 != 0 ? 1:0) == + 65 + 1 = 66 + * + * Algorithm: (C / B) + (C % B != 0 ? 1:0) + * + * This remainder is a natural result of the calculation: + * Algorithm: (C / (B-1)) / (B) + */ + int byteField = (eccKeySz + (BYTE_SZ - 1)) / BYTE_SZ; + word32 maxSigSz = ECC_MAX_SIG_SIZE; +#ifndef BENCHMARK + printf("Key size is %d, byteField = %d\n", eccKeySz, byteField); +#endif + sig = (byte*) XMALLOC(maxSigSz * sizeof(byte), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + + if (sig == NULL) { + printf("Failed to allocate sig buff\n"); + return -1001; + } + ret = wc_InitRng(&rng); + CHECK_RET(ret, 0, key_done, "wc_InitRng()"); + +#ifdef BENCHMARK + count = 0; + start_time = current_time(1); + + while( (double)BENCH_TIME_SEC > (total_time = current_time(0) - start_time ) ){ +#endif + ret = wc_ecc_init(&key); + CHECK_RET(ret, 0, sig_done, "wc_ecc_init()"); + + ret = wc_ecc_make_key(&rng, byteField, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_make_key()"); + ret = wc_ecc_sign_hash(hash, sizeof(hash), sig, &maxSigSz, &rng, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_sign_hash()"); + + #ifdef SHOW_SIGS_IN_EXAMPLE + hexdump(sig, maxSigSz, 16); + #endif + + ret = wc_ecc_verify_hash(sig, maxSigSz, hash, sizeof(hash), + &verified, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_verify_hash()"); + CHECK_RET(verified, 1, rng_done, "verification check"); + verified = 0; + maxSigSz = ECC_MAX_SIG_SIZE; +#ifdef BENCHMARK + count++; + } + printf("ECC Key Size %d %9.2f Cycles/sec\n", eccKeySz, count/total_time); +#else + printf("Successfully verified signature w/ ecc key size %d!\n", eccKeySz); +#endif + +rng_done: + wc_FreeRng(&rng); +key_done: + wc_ecc_free(&key); +sig_done: + XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return ret; +} + +#ifdef SHOW_SIGS_IN_EXAMPLE +static void hexdump(const void *buffer, word32 len, byte cols) +{ + word32 i; + + for (i = 0; i < len + ((len % cols) ? (cols - len % cols) : 0); i++) { + /* print hex data */ + if (i < len) + printf("%02X ", ((byte*)buffer)[i] & 0xFF); + + if (i % cols == (cols - 1)) + printf("\n"); + } +} +#endif + +int main() +{ +#ifdef BENCHMARK + printf("---------------------------------------------------------------\n"); +#if defined(SP_C64_FLAG) + printf("Enabled 64-bit SP \n"); +#elif defined(SP_C32_FLAG) + printf("Enabled 32-bit SP \n"); +#elif defined(SP_X86_64_FLAG) + printf("Enabled SP for x86_64\n"); +#elif defined(SP_ARM64_FLAG) + printf("Enabled SP for Arm64\n"); +#elif defined(TFM_FLAG) + printf("Enabled TFM \n"); +#endif + printf("---------------------------------------------------------------\n"); + printf("Running ECC Sign Verify Benchmarks...\n"); +#endif /* BENCHMARK */ + +#ifdef DEBUG_MEMORY + return StackSizeCheck(NULL, (thread_func)ecc_sign_verify); +#else + return ecc_sign_verify(); +#endif +} diff --git a/embedded/signature/ecc_sign_verify/user_settings.h b/embedded/signature/ecc_sign_verify/user_settings.h new file mode 100644 index 000000000..b60f0c356 --- /dev/null +++ b/embedded/signature/ecc_sign_verify/user_settings.h @@ -0,0 +1,80 @@ +#define WOLFCRYPT_ONLY +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_HARDEN +#define NO_RSA +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + +/* ecc */ +#define HAVE_ECC +#define HAVE_ALL_CURVES + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT + #undef BENCHMARK +#endif + + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 32 + #undef USE_FAST_MATH +#endif + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_ECC + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif + +#ifdef BENCHMARK + #undef DEBUG_MEMORY +#endif \ No newline at end of file diff --git a/embedded/signature/ecc_vfy_only/Makefile b/embedded/signature/ecc_vfy_only/Makefile new file mode 100644 index 000000000..083ab2610 --- /dev/null +++ b/embedded/signature/ecc_vfy_only/Makefile @@ -0,0 +1,78 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl + +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ=\ + $(WOLFROOT)/wolfcrypt/src/ecc.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + +.PHONY: all clean mem size bench + +ifeq ($(math) $(arch),sp x64) +ASFLAGS+= -DSP_X86_64_FLAG +CFLAGS += -DSP_X86_64_FLAG +OBJ += $(OBJ_SP_X86_64) +else ifeq ($(math) $(arch),sp arm64) +CFLAGS += -DSP_ARM64_FLAG +OBJ += $(OBJ_SP_ARM64) +else ifeq ($(math) $(arch),sp c64) +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +else ifeq ($(math) $(arch),sp c32) +CFLAGS += -DSP_C32_FLAG +OBJ += $(OBJ_SP_C32) +else ifeq ($(math), tfm) +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) +else +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +endif + +all : ecc_verify bench mem + + +ecc_verify: clean $(OBJ) + $(CC) $(CFLAGS) -o ecc_verify ecc_verify.c $(OBJ) + +bench: clean $(OBJ) + $(CC) $(CFLAGS) -DBENCHMARK -o ecc_verify_bench ecc_verify.c $(OBJ) + +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o ecc_verify_mem ecc_verify.c $(OBJ) -lpthread +clean: + rm -f ecc_verify ecc_verify_bench ecc_verify_mem $(WOLFROOT)/wolfcrypt/src/*.o + +size : + size $(OBJ) ecc_verify diff --git a/embedded/signature/ecc_vfy_only/ecc_pubKey.h b/embedded/signature/ecc_vfy_only/ecc_pubKey.h new file mode 100644 index 000000000..0afe2c9e7 --- /dev/null +++ b/embedded/signature/ecc_vfy_only/ecc_pubKey.h @@ -0,0 +1,150 @@ +unsigned char ecc_PublicKey_112[] = { + 0x04, 0x67, 0xa6, 0xdc, 0x12, 0x25, 0xdb, 0x81, + 0x5c, 0x67, 0x7c, 0xbf, 0x55, 0x3b, 0xd9, 0x51, + 0xb1, 0x61, 0xb4, 0x88, 0xb8, 0x6c, 0xa5, 0x4a, + 0xb0, 0xe8, 0x79, 0x15, 0x4a, 0xfc, 0x6f, 0x01, + 0x6b, 0xc0, 0xc5, 0xdd, 0xc2, 0xe3, 0x59, 0xda, + 0x18, 0x82, 0x46, 0xa4, 0x32, 0xb5, 0x6d, 0x3b, + 0xd1, 0x91, 0xcc, 0x19, 0xb7, 0xab, 0x8d, 0x99, + 0xad, +}; + +unsigned char ecc_PublicKey_128[] = { + 0x04, 0x0f, 0x31, 0xea, 0x92, 0x1d, 0x84, 0xcf, + 0xce, 0xe1, 0xe5, 0x0b, 0x13, 0xda, 0xd3, 0xb2, + 0xb0, 0x57, 0x0c, 0x02, 0xdb, 0x50, 0xaa, 0xaa, + 0x65, 0x47, 0x6c, 0x2a, 0x41, 0xd4, 0x01, 0x72, + 0xdb, 0xd3, 0xcf, 0x42, 0x81, 0x7c, 0x05, 0x67, + 0x6e, 0x2a, 0x0a, 0x03, 0x0f, 0x91, 0x2b, 0x3b, + 0xe3, 0x48, 0x87, 0xb3, 0xb3, 0x70, 0x58, 0x17, + 0xed, +}; + +unsigned char ecc_PublicKey_160[] = { + 0x04, 0xf8, 0x93, 0xf7, 0xf7, 0x1f, 0xc6, 0x56, + 0x8c, 0x40, 0x11, 0x14, 0x74, 0xf5, 0x98, 0xa8, + 0x12, 0xc3, 0xba, 0x06, 0x9e, 0x6d, 0xdc, 0x1b, + 0xd3, 0x94, 0x9c, 0xf0, 0xc1, 0x99, 0x4e, 0x83, + 0xe9, 0x42, 0x53, 0xcd, 0x8d, 0x26, 0x5a, 0x01, + 0x4f, 0x82, 0x06, 0x42, 0x83, 0x65, 0x3c, 0x9e, + 0xd5, 0x2d, 0x73, 0x52, 0xbc, 0x49, 0x1b, 0x99, + 0x5c, +}; + +unsigned char ecc_PublicKey_192[] = { + 0x04, 0xf7, 0xea, 0x10, 0xc6, 0x43, 0xba, 0xbb, + 0x21, 0x14, 0x93, 0x11, 0xfe, 0x1a, 0x68, 0x59, + 0x23, 0x71, 0x52, 0xde, 0x47, 0x08, 0x04, 0xd1, + 0x77, 0xe4, 0x6f, 0x1f, 0x48, 0x4e, 0x8b, 0x92, + 0x1a, 0xb9, 0xe9, 0x61, 0xf4, 0x3c, 0x1b, 0xcd, + 0xe7, 0xaf, 0xc8, 0x59, 0x64, 0x9f, 0x80, 0x7e, + 0x4e, 0x72, 0x98, 0x15, 0x18, 0x60, 0x01, 0x77, + 0x8d, +}; + +unsigned char ecc_PublicKey_224[] = { + 0x04, 0xf1, 0x25, 0xec, 0xac, 0x14, 0x47, 0x35, + 0xcf, 0x32, 0x1a, 0xd2, 0x31, 0x60, 0xf6, 0x6b, + 0xb6, 0x8c, 0x02, 0xd1, 0x46, 0xfa, 0xa6, 0xe3, + 0xd9, 0xfd, 0x96, 0xbe, 0x44, 0x79, 0xc8, 0xbb, + 0x0f, 0x41, 0xc6, 0x3d, 0x52, 0xd2, 0x8b, 0xc7, + 0xe1, 0xfb, 0x03, 0x01, 0x07, 0x11, 0xaa, 0xba, + 0xf9, 0x57, 0x90, 0x5f, 0xc2, 0xaf, 0x20, 0xe2, + 0xd7, +}; + +unsigned char ecc_PublicKey_239[] = { + 0x04, 0x01, 0xc2, 0x14, 0xbf, 0x8c, 0x36, 0x9c, + 0x9d, 0xca, 0xb1, 0x20, 0xc8, 0x36, 0x45, 0x37, + 0x79, 0x60, 0x97, 0xe9, 0x57, 0xc3, 0x1e, 0x86, + 0xd1, 0x15, 0xc1, 0x57, 0xf1, 0x78, 0x91, 0x4e, + 0x69, 0x8f, 0xee, 0xf3, 0xb2, 0xcd, 0xae, 0x00, + 0x4e, 0x67, 0x47, 0x61, 0xab, 0xdd, 0x04, 0x79, + 0x0b, 0xf9, 0xeb, 0x4b, 0x70, 0xa3, 0x22, 0xa0, + 0xce, 0xb3, 0xc2, 0xd3, 0xd2, +}; + +unsigned char ecc_PublicKey_256[] = { + 0x04, 0x80, 0xc7, 0xb7, 0x97, 0xe3, 0xc6, 0x63, + 0x34, 0xcc, 0x72, 0x19, 0xb0, 0x3f, 0x4b, 0xe0, + 0x68, 0x3e, 0xba, 0x8c, 0x0e, 0x60, 0xb0, 0xef, + 0xfb, 0x6a, 0xb5, 0x5d, 0xaa, 0xaa, 0x27, 0x3b, + 0x5d, 0x4c, 0x2d, 0x58, 0x0f, 0x96, 0x75, 0xe0, + 0xe7, 0x5a, 0xab, 0xa0, 0xe9, 0x6a, 0x6a, 0x5f, + 0xa7, 0xd7, 0x5d, 0xb1, 0x1a, 0x8b, 0x3b, 0x74, + 0xcd, 0x75, 0x51, 0xa6, 0x89, 0xd4, 0x3d, 0x00, + 0xeb, +}; + +unsigned char ecc_PublicKey_320[] = { + 0x04, 0x5b, 0xf1, 0x32, 0x17, 0xf3, 0x63, 0x82, + 0xfc, 0x1c, 0x93, 0xca, 0x30, 0x7d, 0x22, 0xf6, + 0x97, 0xc9, 0x2d, 0x54, 0x35, 0x11, 0x77, 0x9c, + 0x3f, 0x44, 0x37, 0x9f, 0x8b, 0x82, 0x8d, 0x50, + 0x68, 0x2d, 0x0d, 0x1a, 0x19, 0x6d, 0xfc, 0xac, + 0xde, 0xc1, 0x81, 0x13, 0x90, 0x31, 0xcc, 0x0f, + 0x00, 0xa2, 0xf6, 0x7b, 0xc3, 0x51, 0x05, 0x46, + 0x67, 0xd3, 0x91, 0xb7, 0xaa, 0xdd, 0xb9, 0x87, + 0x03, 0x4e, 0x21, 0xd0, 0xa0, 0xfa, 0x31, 0x93, + 0x04, 0xc8, 0xea, 0xc5, 0x71, 0x4b, 0x0f, 0x98, + 0x4d, 0x16, 0x69, 0xe9, 0xc7, 0xda, 0xff, 0xfa, + 0xe1, 0xf0, 0xa5, 0xdd, 0x36, 0xf2, 0x04, 0x62, + 0xa6, +}; + +unsigned char ecc_PublicKey_384[] = { + 0x04, 0x51, 0xb3, 0x72, 0xda, 0xd2, 0xd7, 0x81, + 0x53, 0xe3, 0x4e, 0xa1, 0x27, 0x9a, 0x91, 0x42, + 0x8a, 0x29, 0x62, 0x7c, 0x8f, 0x49, 0x47, 0x47, + 0x4c, 0x0e, 0x23, 0x09, 0xf5, 0x13, 0x56, 0x08, + 0x2d, 0x54, 0xc3, 0xac, 0x05, 0xc4, 0x1f, 0x16, + 0x27, 0xd0, 0x4c, 0x3b, 0xed, 0xa0, 0x74, 0x62, + 0xe3, 0x1b, 0xa3, 0xd5, 0xf2, 0xf2, 0x5d, 0x6a, + 0x87, 0xa2, 0xf4, 0x09, 0x9a, 0x87, 0xee, 0xab, + 0x20, 0xe7, 0x42, 0xd2, 0x6d, 0x1b, 0x1c, 0x75, + 0x69, 0x46, 0x2e, 0x8c, 0x00, 0xe5, 0xd7, 0xc5, + 0xc4, 0xfb, 0x46, 0xe7, 0xf8, 0xc1, 0x25, 0x7c, + 0x94, 0x30, 0xd0, 0xd5, 0xdb, 0x8d, 0xe3, 0x15, + 0xc8, +}; + +unsigned char ecc_PublicKey_512[] = { + 0x04, 0x01, 0x5c, 0x37, 0xe0, 0x37, 0x3b, 0xad, + 0x8a, 0xfe, 0x3c, 0x52, 0x5d, 0xe7, 0xab, 0x77, + 0x39, 0x67, 0x94, 0x6c, 0x2a, 0x3f, 0xee, 0x95, + 0x19, 0x8d, 0xcc, 0xdc, 0xad, 0x62, 0x50, 0x97, + 0x79, 0xeb, 0xde, 0x70, 0xed, 0x2d, 0x44, 0x8f, + 0xcf, 0x1d, 0x49, 0x46, 0x32, 0x96, 0xe3, 0xb6, + 0xc5, 0x61, 0x4c, 0xfd, 0xcb, 0x65, 0x1f, 0x04, + 0x97, 0x39, 0x54, 0x46, 0xde, 0x54, 0x2f, 0x0a, + 0x51, 0xd5, 0xe6, 0x01, 0x1e, 0x78, 0x20, 0x15, + 0x1c, 0xb3, 0x6f, 0x14, 0x8f, 0x2f, 0x95, 0x9c, + 0x40, 0xea, 0x12, 0x52, 0x5a, 0xce, 0x7c, 0x43, + 0x28, 0x22, 0x31, 0x00, 0xcb, 0xbf, 0x86, 0x56, + 0xdc, 0x72, 0xa4, 0x49, 0x75, 0x80, 0xa4, 0x17, + 0xde, 0xa6, 0xf8, 0x3b, 0x39, 0x88, 0xd0, 0x8b, + 0x4e, 0x44, 0x69, 0x39, 0x7a, 0xcc, 0xcc, 0xc7, + 0x15, 0x1e, 0x6c, 0x76, 0xf2, 0x8d, 0x1b, 0x6c, + 0x64, 0x0a, 0x4c, 0x29, 0x35, +}; + + +unsigned char ecc_PublicKey_521[] = { + 0x04, 0x00, 0xf9, 0x56, 0xfb, 0x6c, 0x5a, 0x3d, + 0xc4, 0xf3, 0xb8, 0x07, 0x19, 0x2f, 0x93, 0x07, + 0x3c, 0x30, 0x7b, 0xd9, 0x9c, 0x11, 0xe8, 0xda, + 0xbe, 0x1b, 0x1b, 0xa3, 0xf2, 0x81, 0xf9, 0xd0, + 0x47, 0x0d, 0x06, 0xa4, 0x47, 0xa0, 0x8b, 0xca, + 0x0f, 0x0a, 0x3a, 0xda, 0x68, 0x38, 0x67, 0x5d, + 0x11, 0x77, 0xf8, 0x2f, 0x28, 0x0f, 0x31, 0xe5, + 0x26, 0xf5, 0x88, 0x2a, 0x79, 0x5f, 0xce, 0x55, + 0xe9, 0x71, 0x4c, 0x00, 0x9e, 0xfc, 0x7d, 0x00, + 0x04, 0xb8, 0x89, 0x04, 0xfc, 0x06, 0x38, 0x3f, + 0x9f, 0x0a, 0x80, 0x7f, 0x6b, 0x4c, 0xd2, 0x61, + 0x69, 0x00, 0x7f, 0x9c, 0x7c, 0x9b, 0xab, 0xa6, + 0x9c, 0x71, 0xa9, 0x15, 0x63, 0x4a, 0x03, 0xe8, + 0x96, 0xbb, 0x79, 0x6a, 0x50, 0xa6, 0xd0, 0xdf, + 0x66, 0xf5, 0xc8, 0xfa, 0x22, 0x94, 0xe0, 0x72, + 0xa6, 0x15, 0x94, 0x1e, 0x3b, 0x47, 0x36, 0x8e, + 0xcb, 0x10, 0x15, 0x27, 0x5b, +}; diff --git a/embedded/signature/ecc_vfy_only/ecc_verify.c b/embedded/signature/ecc_vfy_only/ecc_verify.c new file mode 100644 index 000000000..b46e2e819 --- /dev/null +++ b/embedded/signature/ecc_vfy_only/ecc_verify.c @@ -0,0 +1,239 @@ +/* ecc_verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "signature.h" + +#define HEAP_HINT NULL +#define ECC_KEY_SIZE_112 112 +#define ECC_KEY_SIZE_128 128 +#define ECC_KEY_SIZE_160 160 +#define ECC_KEY_SIZE_192 192 +#define ECC_KEY_SIZE_224 224 +#define ECC_KEY_SIZE_239 239 +#define ECC_KEY_SIZE_256 256 +#define ECC_KEY_SIZE_320 320 +#define ECC_KEY_SIZE_384 384 +#define ECC_KEY_SIZE_512 512 +#define ECC_KEY_SIZE_521 521 +#define BYTE_SZ 8 + +int idx_key(int keysize); + +#define CHECK_RET(a, b, eLabel, msg) { \ + if (a != b) { \ + printf("failed %s\n", msg); \ + printf("ret = %d\n", a); \ + goto eLabel; \ + } \ + } + +int do_sig_ver_test(int eccKeySz); + +int ecc_verify(void) +{ + int ret = 0; +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + ret = do_sig_ver_test(ECC_KEY_SIZE_112); + CHECK_RET(ret, 0, finished, "112 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_128); + CHECK_RET(ret, 0, finished, "128 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_160); + CHECK_RET(ret, 0, finished, "160 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_192); + CHECK_RET(ret, 0, finished, "192 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_224); + CHECK_RET(ret, 0, finished, "224 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_239); + CHECK_RET(ret, 0, finished, "239 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_256); + CHECK_RET(ret, 0, finished, "256 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_320); + CHECK_RET(ret, 0, finished, "320 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_384); + CHECK_RET(ret, 0, finished, "384 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_512); + CHECK_RET(ret, 0, finished, "512 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_521); + CHECK_RET(ret, 0, finished, "521 test"); + +finished: +#ifdef DEBUG_MEMORY + printf("\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret; +} + +int do_sig_ver_test(int eccKeySz) +{ + /* sha256 hash of the string "A 32-bit string to test signing" */ + unsigned char hash[32] = { + 0x3b, 0x07, 0x54, 0x5c, 0xfd, 0x4f, 0xb7, 0xb5, + 0xaf, 0xa7, 0x7a, 0x25, 0x33, 0xa5, 0x50, 0x70, + 0x4a, 0x65, 0x3e, 0x72, 0x7e, 0xcd, 0xd4, 0x5b, + 0x1b, 0x36, 0x96, 0x96, 0xca, 0x4f, 0x9b, 0x6f + }; + int ret; + ecc_key key; + byte* sig = NULL; // get rid of this magic number + WC_RNG rng; + int verified = 0; + word32 sig_size; + int key_size; + unsigned char *pKeybuff; + +/* Variables for Benchmark */ + double start_time, total_time; + int count; +#ifndef BENCH_TIME_SEC + #define BENCH_TIME_SEC 1 +#endif + /* + * for odd curve sizes account for mod EG: + * Case 1) curve field of 256: + * (256/8) + (256%8 != 0 ? 1:0) == 32 + 0 = 32 + * + * Case 2) curve field of 521: + * (521/8 = 65.125 (rounds to 65) + (521%8 != 0 ? 1:0) == + 65 + 1 = 66 + * + * Algorithm: (C / B) + (C % B != 0 ? 1:0) + * + * This remainder is a natural result of the calculation: + * Algorithm: (C / (B-1)) / (B) + */ + int byteField = (eccKeySz + (BYTE_SZ - 1)) / BYTE_SZ; + word32 maxSigSz = ECC_MAX_SIG_SIZE; +#ifndef BENCHMARK + printf("Key size is %d, byteField = %d\n", eccKeySz, byteField); +#endif + + ret = wc_InitRng(&rng); + CHECK_RET(ret, 0, key_done, "wc_InitRng()"); + +#ifdef BENCHMARK + count = 0; + start_time = current_time(1); + + while((double)BENCH_TIME_SEC > (total_time = current_time(0) - start_time)){ +#endif + ret = wc_ecc_init(&key); + CHECK_RET(ret, 0, sig_done, "wc_ecc_init()"); + + /* Import signature and ecc_key */ + sig = sig_keys[idx_key(eccKeySz)].sig; + sig_size = sig_keys[idx_key(eccKeySz)].sig_size; + pKeybuff = sig_keys[idx_key(eccKeySz)].pubkey; + key_size = sig_keys[idx_key(eccKeySz)].key_size; + + ret = wc_ecc_import_x963(pKeybuff, key_size, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_import_x963()"); + + ret = wc_ecc_verify_hash(sig, sig_size, hash, sizeof(hash), + &verified, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_verify_hash()"); + CHECK_RET(verified, 1, rng_done, "verification check"); + verified = 0; + maxSigSz = ECC_MAX_SIG_SIZE; +#ifdef BENCHMARK + count++; + } + printf("ECC Key Size %d %9.2f Cycles/sec\n", eccKeySz, count/total_time); +#else + printf("Successfully verified signature w/ ecc key size %d!\n", eccKeySz); +#endif /* BENCHMARK */ + +rng_done: + wc_FreeRng(&rng); +key_done: + wc_ecc_free(&key); +sig_done: + return ret; +} + +int main() +{ +#ifdef BENCHMARK + printf("---------------------------------------------------------------\n"); +#if defined(SP_C64_FLAG) + printf("Enabled 64-bit SP \n"); +#elif defined(SP_C32_FLAG) + printf("Enabled 32-bit SP \n"); +#elif defined(SP_X86_64_FLAG) + printf("Enabled SP for x86_64\n"); +#elif defined(SP_ARM64_FLAG) + printf("Enabled SP for Arm64\n"); +#elif defined(TFM_FLAG) + printf("Enabled TFM \n"); +#endif + printf("---------------------------------------------------------------\n"); + printf("Running ECC Sign Verify Benchmarks...\n"); +#endif /* BENCHMARK */ + +#ifdef DEBUG_MEMORY + return StackSizeCheck(NULL, (thread_func)ecc_verify); +#else + return ecc_verify(); +#endif +} + +int idx_key(int keysize){ + switch(keysize){ + case ECC_KEY_SIZE_112: + return 0; + case ECC_KEY_SIZE_128: + return 1; + case ECC_KEY_SIZE_160: + return 2; + case ECC_KEY_SIZE_192: + return 3; + case ECC_KEY_SIZE_224: + return 4; + case ECC_KEY_SIZE_239: + return 5; + case ECC_KEY_SIZE_256: + return 6; + case ECC_KEY_SIZE_320: + return 7; + case ECC_KEY_SIZE_384: + return 8; + case ECC_KEY_SIZE_512: + return 9; + case ECC_KEY_SIZE_521: + return 10; + default: + return -1; + } +} diff --git a/embedded/signature/ecc_vfy_only/signature.h b/embedded/signature/ecc_vfy_only/signature.h new file mode 100644 index 000000000..e311cebef --- /dev/null +++ b/embedded/signature/ecc_vfy_only/signature.h @@ -0,0 +1,178 @@ +#include "ecc_pubKey.h" + +byte ecc_signature_112[] = { + 0x30, 0x3e, 0x02, 0x1d, 0x00, 0xdc, 0xef, 0xcc, + 0x1a, 0xe9, 0x97, 0x44, 0xf4, 0x85, 0xad, 0xef, + 0x88, 0x6e, 0x77, 0x2b, 0x27, 0x7b, 0xd5, 0xcd, + 0xfb, 0x47, 0x43, 0x40, 0x1a, 0x53, 0x2f, 0xc4, + 0x0b, 0x02, 0x1d, 0x00, 0x8e, 0x34, 0xbb, 0xf4, + 0x59, 0xef, 0xa0, 0x6b, 0x8c, 0xda, 0x00, 0xca, + 0xcb, 0xb4, 0x75, 0xdb, 0x37, 0x7e, 0x8e, 0xe1, + 0x7a, 0xc2, 0xd5, 0x3c, 0xb5, 0xbc, 0x33, 0xcd, +}; + +byte ecc_signature_128[] = { + 0x30, 0x3c, 0x02, 0x1c, 0x23, 0x41, 0xf0, 0xe2, + 0x0f, 0x72, 0xbb, 0xe0, 0x8b, 0x42, 0xf8, 0xba, + 0xba, 0x81, 0xcb, 0xb2, 0xf9, 0xc6, 0x45, 0x44, + 0xfa, 0x8d, 0x8a, 0x33, 0x8d, 0xea, 0x34, 0xf0, + 0x02, 0x1c, 0x5f, 0x5e, 0x67, 0xad, 0x32, 0xee, + 0x90, 0xf1, 0x40, 0x6d, 0x34, 0x8e, 0x66, 0xd2, + 0x94, 0x1e, 0x28, 0xb3, 0xaa, 0x32, 0x10, 0x46, + 0x1c, 0xf7, 0x58, 0x1b, 0xf7, 0x4b, +}; + +byte ecc_signature_160[] = { + 0x30, 0x3d, 0x02, 0x1c, 0x18, 0x8e, 0xc8, 0x08, + 0xe3, 0x0e, 0xf5, 0x7c, 0xe4, 0x32, 0xc9, 0x5d, + 0xe8, 0xab, 0xb4, 0x3c, 0x99, 0x18, 0xa8, 0x7f, + 0xba, 0x10, 0x49, 0x52, 0x63, 0xc6, 0x52, 0x58, + 0x02, 0x1d, 0x00, 0xc1, 0x5f, 0xe0, 0x17, 0xbb, + 0x16, 0x19, 0x52, 0xed, 0xb1, 0xde, 0x30, 0x1b, + 0x49, 0x87, 0x37, 0x8a, 0x24, 0xf9, 0x11, 0x50, + 0x9f, 0xaf, 0xa5, 0x18, 0x3c, 0xa3, 0x26, +}; + +byte ecc_signature_192[] = { + 0x30, 0x3c, 0x02, 0x1c, 0x09, 0x75, 0x75, 0x9d, + 0xdb, 0x69, 0x5d, 0xba, 0x02, 0x31, 0xb9, 0x44, + 0xc0, 0x22, 0xeb, 0x9c, 0xb3, 0xd0, 0x9a, 0xc3, + 0x59, 0x2b, 0xdf, 0x23, 0x23, 0x46, 0x32, 0x0b, + 0x02, 0x1c, 0x1f, 0x3f, 0x73, 0x55, 0xbc, 0x29, + 0xa7, 0xa9, 0xd8, 0x3a, 0x9c, 0x3b, 0x97, 0x14, + 0xa5, 0x12, 0x10, 0x4e, 0x6f, 0x1c, 0xa3, 0xa8, + 0xee, 0x6e, 0x47, 0x28, 0xf2, 0x36, +}; + +byte ecc_signature_224[] = { + 0x30, 0x3d, 0x02, 0x1c, 0x52, 0x7b, 0x2e, 0xcb, + 0x6a, 0x99, 0x0f, 0x56, 0xdf, 0x9f, 0xdc, 0x14, + 0xe5, 0xe9, 0x5c, 0x95, 0x7f, 0xed, 0x91, 0x1b, + 0x48, 0xb1, 0x31, 0x41, 0xe0, 0xcb, 0x45, 0xc5, + 0x02, 0x1d, 0x00, 0x9c, 0x62, 0xab, 0x1c, 0xb4, + 0xc5, 0x01, 0xea, 0x31, 0x40, 0x6e, 0x45, 0x77, + 0x29, 0xd6, 0x50, 0xc3, 0x52, 0x3c, 0x8c, 0xe6, + 0x7a, 0x38, 0xae, 0x73, 0xd6, 0xf1, 0x95, +}; + +byte ecc_signature_239[] = { + 0x30, 0x40, 0x02, 0x1e, 0x06, 0x22, 0x6e, 0x25, + 0x61, 0x98, 0xaa, 0x01, 0xd8, 0xfa, 0x43, 0x2d, + 0x7e, 0x7e, 0x22, 0x36, 0x1e, 0x7d, 0x7b, 0xcd, + 0xe2, 0x9f, 0x8d, 0x00, 0xa9, 0xd8, 0xf4, 0xbb, + 0x96, 0x27, 0x02, 0x1e, 0x50, 0x18, 0xa2, 0x90, + 0x0b, 0x43, 0x31, 0xab, 0x0d, 0xc8, 0x52, 0x59, + 0x99, 0x7f, 0x31, 0xbc, 0xac, 0xc7, 0x2b, 0x15, + 0x83, 0x7c, 0x19, 0xd6, 0xed, 0x04, 0x16, 0xe0, + 0xb3, 0x29, +}; + +byte ecc_signature_256[] = { + 0x30, 0x44, 0x02, 0x20, 0x14, 0xc7, 0xa9, 0x91, + 0x47, 0xf5, 0x0d, 0x31, 0x5a, 0x05, 0x4d, 0x7b, + 0x49, 0x40, 0x2f, 0x0e, 0x03, 0xc8, 0x61, 0x99, + 0xa4, 0xdf, 0x83, 0x68, 0xcb, 0x9f, 0xa7, 0x7a, + 0xd9, 0xd4, 0x3c, 0x20, 0x02, 0x20, 0x05, 0xa1, + 0x0d, 0xd8, 0xfd, 0x0b, 0x83, 0x4f, 0xcb, 0x0b, + 0x47, 0x60, 0x60, 0x04, 0xa9, 0xe3, 0x57, 0x46, + 0x5b, 0x34, 0x30, 0xb3, 0xc9, 0x9a, 0x8d, 0xd0, + 0x8f, 0xda, 0x9f, 0xb0, 0xb6, 0x86, +}; + +byte ecc_signature_320[] = { + 0x30, 0x66, 0x02, 0x31, 0x00, 0xb5, 0xaf, 0x8d, + 0x19, 0x3e, 0x3c, 0x15, 0x6c, 0xdc, 0x0b, 0xb9, + 0x64, 0x77, 0x60, 0x60, 0xab, 0x55, 0x2a, 0x4f, + 0x99, 0x23, 0x7c, 0x79, 0x2f, 0xf7, 0x6c, 0x86, + 0xfd, 0x81, 0x49, 0x6e, 0x76, 0x02, 0xe7, 0xb4, + 0x55, 0x0e, 0xff, 0xe8, 0x59, 0xd7, 0x10, 0x4c, + 0x6a, 0xd4, 0x4a, 0x4b, 0xad, 0x02, 0x31, 0x00, + 0xc2, 0x41, 0x36, 0x0e, 0x70, 0xeb, 0x2d, 0x30, + 0x22, 0x6d, 0x1d, 0x05, 0xe3, 0x65, 0xcb, 0x3b, + 0x9d, 0x34, 0x4e, 0xe6, 0x9f, 0x3f, 0xf1, 0xc6, + 0x1c, 0x85, 0xbc, 0x23, 0x6b, 0x2c, 0xa5, 0x02, + 0xbe, 0x4f, 0xd0, 0x87, 0x58, 0x54, 0x9f, 0xaf, + 0x4f, 0x6d, 0x31, 0xed, 0xf1, 0x5b, 0x3d, 0xf5, +}; + +byte ecc_signature_384[] = { + 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xc0, 0x45, + 0x1c, 0x8c, 0x9a, 0xb1, 0x8e, 0xd2, 0xb9, 0xce, + 0xb7, 0x00, 0x77, 0x38, 0xb9, 0x1d, 0x85, 0x77, + 0x7d, 0x3b, 0xff, 0x12, 0x0c, 0x27, 0x2c, 0xe7, + 0x6f, 0xf4, 0x45, 0xb5, 0x4c, 0x74, 0x06, 0x73, + 0x34, 0x95, 0xb8, 0x17, 0x88, 0xfe, 0x7d, 0x93, + 0x30, 0x9b, 0x70, 0x92, 0x24, 0x02, 0x31, 0x00, + 0xca, 0xfd, 0x25, 0x9e, 0xf2, 0xd7, 0x4e, 0xfc, + 0xc6, 0xfc, 0x38, 0x0a, 0xb7, 0x6a, 0xa5, 0x43, + 0x00, 0xa1, 0xc4, 0x94, 0xc9, 0xa3, 0x40, 0xf9, + 0x54, 0x54, 0x68, 0xbe, 0xc8, 0x0c, 0x0e, 0xbb, + 0x9c, 0x75, 0xa7, 0x25, 0xdb, 0x09, 0x30, 0x50, + 0xff, 0xd1, 0x7f, 0x57, 0x24, 0xbe, 0x2a, 0x19, +}; + +byte ecc_signature_512[] = { + 0x30, 0x81, 0x88, 0x02, 0x42, 0x00, 0xe0, 0x47, + 0xb7, 0x44, 0x33, 0x90, 0xe0, 0x33, 0x1c, 0xd7, + 0x32, 0x67, 0x3d, 0x89, 0xa4, 0x69, 0xee, 0x1a, + 0x0c, 0x10, 0x10, 0xaa, 0x99, 0xf6, 0xb6, 0xde, + 0x59, 0x5c, 0xbb, 0xb1, 0x2a, 0xb0, 0xe9, 0x50, + 0x06, 0x3e, 0x00, 0x24, 0xc1, 0x44, 0x9c, 0x39, + 0xfe, 0x63, 0x7f, 0x42, 0x6e, 0xa4, 0xf7, 0xb8, + 0x70, 0x53, 0x59, 0xda, 0xeb, 0x61, 0xa1, 0x6e, + 0x63, 0xc7, 0x82, 0xa2, 0xbb, 0x0c, 0x5d, 0x02, + 0x42, 0x01, 0x25, 0x5a, 0xac, 0xcc, 0x39, 0x04, + 0x63, 0x37, 0xce, 0x3f, 0xf7, 0x58, 0x98, 0xb2, + 0x62, 0x24, 0x14, 0xd9, 0x0e, 0x8b, 0xfb, 0x6c, + 0xdb, 0x6b, 0x05, 0xa9, 0x25, 0x90, 0xdb, 0x16, + 0x55, 0x78, 0x96, 0x46, 0x47, 0x66, 0xb2, 0x3b, + 0xcf, 0x16, 0x74, 0x40, 0xc0, 0x3c, 0x7a, 0x77, + 0x50, 0xe8, 0xc6, 0xb7, 0x6d, 0x7f, 0x81, 0xf2, + 0xf6, 0xca, 0x5c, 0x29, 0x8b, 0xa5, 0x4d, 0xd0, + 0x23, 0x86, 0x70, +}; + +byte ecc_signature_521[] = { + 0x30, 0x81, 0x87, 0x02, 0x41, 0x26, 0x39, 0x68, + 0xd0, 0x3d, 0xd4, 0x82, 0xe0, 0x53, 0x23, 0x4c, + 0x3c, 0x0e, 0x2f, 0xd8, 0xdb, 0x8c, 0x38, 0x04, + 0x3d, 0x8c, 0x71, 0xcf, 0xd6, 0x9f, 0x46, 0x80, + 0x68, 0x36, 0xe8, 0x23, 0x94, 0xcf, 0xf0, 0x5a, + 0x93, 0xd1, 0xc4, 0xb6, 0x89, 0x4f, 0x8e, 0x7b, + 0xf8, 0x13, 0x69, 0x0c, 0xc2, 0x11, 0xbd, 0x30, + 0x7b, 0x11, 0x0d, 0x60, 0x80, 0xd6, 0xd7, 0x7a, + 0xc3, 0x9f, 0xb2, 0x25, 0x20, 0xa2, 0x02, 0x42, + 0x00, 0xe1, 0x16, 0x64, 0x20, 0x33, 0x98, 0xfd, + 0x6b, 0xd8, 0x91, 0x5a, 0x83, 0xb7, 0x79, 0x82, + 0x7d, 0x39, 0xd6, 0x83, 0x49, 0x13, 0x10, 0x26, + 0x2f, 0x6c, 0x1e, 0x38, 0x10, 0x13, 0xd8, 0xeb, + 0x6f, 0x82, 0xbb, 0x4a, 0xed, 0x6e, 0x53, 0xbb, + 0xc8, 0x7c, 0xba, 0xe9, 0xac, 0xa9, 0xbe, 0xfd, + 0xe7, 0x6b, 0x80, 0x76, 0x6c, 0x1a, 0x31, 0x63, + 0x47, 0x91, 0x01, 0x9e, 0x15, 0x29, 0x1b, 0xea, + 0x3a, 0x69, +}; + + +typedef struct { + byte *sig; + word32 sig_size; + unsigned char *pubkey; + int key_size; +} sig_key; + +sig_key sig_keys[11] = { + {ecc_signature_112, sizeof(ecc_signature_112), ecc_PublicKey_112, sizeof(ecc_PublicKey_112)}, + {ecc_signature_128, sizeof(ecc_signature_128), ecc_PublicKey_128, sizeof(ecc_PublicKey_128)}, + {ecc_signature_160, sizeof(ecc_signature_160), ecc_PublicKey_160, sizeof(ecc_PublicKey_160)}, + {ecc_signature_192, sizeof(ecc_signature_192), ecc_PublicKey_192, sizeof(ecc_PublicKey_192)}, + {ecc_signature_224, sizeof(ecc_signature_224), ecc_PublicKey_224, sizeof(ecc_PublicKey_224)}, + {ecc_signature_239, sizeof(ecc_signature_239), ecc_PublicKey_239, sizeof(ecc_PublicKey_239)}, + {ecc_signature_256, sizeof(ecc_signature_256), ecc_PublicKey_256, sizeof(ecc_PublicKey_256)}, + {ecc_signature_320, sizeof(ecc_signature_320), ecc_PublicKey_320, sizeof(ecc_PublicKey_320)}, + {ecc_signature_384, sizeof(ecc_signature_384), ecc_PublicKey_384, sizeof(ecc_PublicKey_384)}, + {ecc_signature_512, sizeof(ecc_signature_512), ecc_PublicKey_512, sizeof(ecc_PublicKey_512)}, + {ecc_signature_521, sizeof(ecc_signature_521), ecc_PublicKey_521, sizeof(ecc_PublicKey_521)}, +}; + + diff --git a/embedded/signature/ecc_vfy_only/user_settings.h b/embedded/signature/ecc_vfy_only/user_settings.h new file mode 100644 index 000000000..3976a1e2b --- /dev/null +++ b/embedded/signature/ecc_vfy_only/user_settings.h @@ -0,0 +1,82 @@ +#define WOLFCRYPT_ONLY +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_HARDEN +#define NO_RSA +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + +/* ecc */ +#define HAVE_ECC +#define HAVE_ALL_CURVES + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT + #undef BENCHMARK +#endif + + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 32 + #undef USE_FAST_MATH +#endif + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_ECC + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif + +#ifdef BENCHMARK + #undef DEBUG_MEMORY +#endif + + diff --git a/embedded/signature/ecc_vfy_only_nonblock/Makefile b/embedded/signature/ecc_vfy_only_nonblock/Makefile new file mode 100644 index 000000000..c2b93e3a0 --- /dev/null +++ b/embedded/signature/ecc_vfy_only_nonblock/Makefile @@ -0,0 +1,78 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl + +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ=\ + $(WOLFROOT)/wolfcrypt/src/ecc.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + + +ifeq ($(math) $(arch),sp x64) +ASFLAGS+= -DSP_X86_64_FLAG +CFLAGS += -DSP_X86_64_FLAG +OBJ += $(OBJ_SP_X86_64) +else ifeq ($(math) $(arch),sp arm64) +CFLAGS += -DSP_ARM64_FLAG +OBJ += $(OBJ_SP_ARM64) +else ifeq ($(math) $(arch),sp c64) +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +else ifeq ($(math) $(arch),sp c32) +CFLAGS += -DSP_C32_FLAG +OBJ += $(OBJ_SP_C32) +else ifeq ($(math), tfm) +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) +else +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +endif + +.PHONY: all clean size mem + + +all : ecc_verify_nonblock mem + + + +ecc_verify_nonblock: clean $(OBJ) + $(CC) $(CFLAGS) -o ecc_verify_nonblock ecc_verify_nonblock.c $(OBJ) + +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o ecc_verify_nonblock_mem ecc_verify_nonblock.c $(OBJ) -lpthread +clean: + rm -f ecc_verify_nonblock ecc_verify_nonblock_mem $(WOLFROOT)/wolfcrypt/src/*.o + +size : + size $(OBJ) ecc_verify_nonblock diff --git a/embedded/signature/ecc_vfy_only_nonblock/ecc_pubKey.h b/embedded/signature/ecc_vfy_only_nonblock/ecc_pubKey.h new file mode 100644 index 000000000..05d023d7e --- /dev/null +++ b/embedded/signature/ecc_vfy_only_nonblock/ecc_pubKey.h @@ -0,0 +1,170 @@ +/* ecc_pubkey.h + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +unsigned char ecc_PublicKey_112[] = { + 0x04, 0x67, 0xa6, 0xdc, 0x12, 0x25, 0xdb, 0x81, + 0x5c, 0x67, 0x7c, 0xbf, 0x55, 0x3b, 0xd9, 0x51, + 0xb1, 0x61, 0xb4, 0x88, 0xb8, 0x6c, 0xa5, 0x4a, + 0xb0, 0xe8, 0x79, 0x15, 0x4a, 0xfc, 0x6f, 0x01, + 0x6b, 0xc0, 0xc5, 0xdd, 0xc2, 0xe3, 0x59, 0xda, + 0x18, 0x82, 0x46, 0xa4, 0x32, 0xb5, 0x6d, 0x3b, + 0xd1, 0x91, 0xcc, 0x19, 0xb7, 0xab, 0x8d, 0x99, + 0xad, +}; + +unsigned char ecc_PublicKey_128[] = { + 0x04, 0x0f, 0x31, 0xea, 0x92, 0x1d, 0x84, 0xcf, + 0xce, 0xe1, 0xe5, 0x0b, 0x13, 0xda, 0xd3, 0xb2, + 0xb0, 0x57, 0x0c, 0x02, 0xdb, 0x50, 0xaa, 0xaa, + 0x65, 0x47, 0x6c, 0x2a, 0x41, 0xd4, 0x01, 0x72, + 0xdb, 0xd3, 0xcf, 0x42, 0x81, 0x7c, 0x05, 0x67, + 0x6e, 0x2a, 0x0a, 0x03, 0x0f, 0x91, 0x2b, 0x3b, + 0xe3, 0x48, 0x87, 0xb3, 0xb3, 0x70, 0x58, 0x17, + 0xed, +}; + +unsigned char ecc_PublicKey_160[] = { + 0x04, 0xf8, 0x93, 0xf7, 0xf7, 0x1f, 0xc6, 0x56, + 0x8c, 0x40, 0x11, 0x14, 0x74, 0xf5, 0x98, 0xa8, + 0x12, 0xc3, 0xba, 0x06, 0x9e, 0x6d, 0xdc, 0x1b, + 0xd3, 0x94, 0x9c, 0xf0, 0xc1, 0x99, 0x4e, 0x83, + 0xe9, 0x42, 0x53, 0xcd, 0x8d, 0x26, 0x5a, 0x01, + 0x4f, 0x82, 0x06, 0x42, 0x83, 0x65, 0x3c, 0x9e, + 0xd5, 0x2d, 0x73, 0x52, 0xbc, 0x49, 0x1b, 0x99, + 0x5c, +}; + +unsigned char ecc_PublicKey_192[] = { + 0x04, 0xf7, 0xea, 0x10, 0xc6, 0x43, 0xba, 0xbb, + 0x21, 0x14, 0x93, 0x11, 0xfe, 0x1a, 0x68, 0x59, + 0x23, 0x71, 0x52, 0xde, 0x47, 0x08, 0x04, 0xd1, + 0x77, 0xe4, 0x6f, 0x1f, 0x48, 0x4e, 0x8b, 0x92, + 0x1a, 0xb9, 0xe9, 0x61, 0xf4, 0x3c, 0x1b, 0xcd, + 0xe7, 0xaf, 0xc8, 0x59, 0x64, 0x9f, 0x80, 0x7e, + 0x4e, 0x72, 0x98, 0x15, 0x18, 0x60, 0x01, 0x77, + 0x8d, +}; + +unsigned char ecc_PublicKey_224[] = { + 0x04, 0xf1, 0x25, 0xec, 0xac, 0x14, 0x47, 0x35, + 0xcf, 0x32, 0x1a, 0xd2, 0x31, 0x60, 0xf6, 0x6b, + 0xb6, 0x8c, 0x02, 0xd1, 0x46, 0xfa, 0xa6, 0xe3, + 0xd9, 0xfd, 0x96, 0xbe, 0x44, 0x79, 0xc8, 0xbb, + 0x0f, 0x41, 0xc6, 0x3d, 0x52, 0xd2, 0x8b, 0xc7, + 0xe1, 0xfb, 0x03, 0x01, 0x07, 0x11, 0xaa, 0xba, + 0xf9, 0x57, 0x90, 0x5f, 0xc2, 0xaf, 0x20, 0xe2, + 0xd7, +}; + +unsigned char ecc_PublicKey_239[] = { + 0x04, 0x01, 0xc2, 0x14, 0xbf, 0x8c, 0x36, 0x9c, + 0x9d, 0xca, 0xb1, 0x20, 0xc8, 0x36, 0x45, 0x37, + 0x79, 0x60, 0x97, 0xe9, 0x57, 0xc3, 0x1e, 0x86, + 0xd1, 0x15, 0xc1, 0x57, 0xf1, 0x78, 0x91, 0x4e, + 0x69, 0x8f, 0xee, 0xf3, 0xb2, 0xcd, 0xae, 0x00, + 0x4e, 0x67, 0x47, 0x61, 0xab, 0xdd, 0x04, 0x79, + 0x0b, 0xf9, 0xeb, 0x4b, 0x70, 0xa3, 0x22, 0xa0, + 0xce, 0xb3, 0xc2, 0xd3, 0xd2, +}; + +unsigned char ecc_PublicKey_256[] = { + 0x04, 0x80, 0xc7, 0xb7, 0x97, 0xe3, 0xc6, 0x63, + 0x34, 0xcc, 0x72, 0x19, 0xb0, 0x3f, 0x4b, 0xe0, + 0x68, 0x3e, 0xba, 0x8c, 0x0e, 0x60, 0xb0, 0xef, + 0xfb, 0x6a, 0xb5, 0x5d, 0xaa, 0xaa, 0x27, 0x3b, + 0x5d, 0x4c, 0x2d, 0x58, 0x0f, 0x96, 0x75, 0xe0, + 0xe7, 0x5a, 0xab, 0xa0, 0xe9, 0x6a, 0x6a, 0x5f, + 0xa7, 0xd7, 0x5d, 0xb1, 0x1a, 0x8b, 0x3b, 0x74, + 0xcd, 0x75, 0x51, 0xa6, 0x89, 0xd4, 0x3d, 0x00, + 0xeb, +}; + +unsigned char ecc_PublicKey_320[] = { + 0x04, 0x5b, 0xf1, 0x32, 0x17, 0xf3, 0x63, 0x82, + 0xfc, 0x1c, 0x93, 0xca, 0x30, 0x7d, 0x22, 0xf6, + 0x97, 0xc9, 0x2d, 0x54, 0x35, 0x11, 0x77, 0x9c, + 0x3f, 0x44, 0x37, 0x9f, 0x8b, 0x82, 0x8d, 0x50, + 0x68, 0x2d, 0x0d, 0x1a, 0x19, 0x6d, 0xfc, 0xac, + 0xde, 0xc1, 0x81, 0x13, 0x90, 0x31, 0xcc, 0x0f, + 0x00, 0xa2, 0xf6, 0x7b, 0xc3, 0x51, 0x05, 0x46, + 0x67, 0xd3, 0x91, 0xb7, 0xaa, 0xdd, 0xb9, 0x87, + 0x03, 0x4e, 0x21, 0xd0, 0xa0, 0xfa, 0x31, 0x93, + 0x04, 0xc8, 0xea, 0xc5, 0x71, 0x4b, 0x0f, 0x98, + 0x4d, 0x16, 0x69, 0xe9, 0xc7, 0xda, 0xff, 0xfa, + 0xe1, 0xf0, 0xa5, 0xdd, 0x36, 0xf2, 0x04, 0x62, + 0xa6, +}; + +unsigned char ecc_PublicKey_384[] = { + 0x04, 0x51, 0xb3, 0x72, 0xda, 0xd2, 0xd7, 0x81, + 0x53, 0xe3, 0x4e, 0xa1, 0x27, 0x9a, 0x91, 0x42, + 0x8a, 0x29, 0x62, 0x7c, 0x8f, 0x49, 0x47, 0x47, + 0x4c, 0x0e, 0x23, 0x09, 0xf5, 0x13, 0x56, 0x08, + 0x2d, 0x54, 0xc3, 0xac, 0x05, 0xc4, 0x1f, 0x16, + 0x27, 0xd0, 0x4c, 0x3b, 0xed, 0xa0, 0x74, 0x62, + 0xe3, 0x1b, 0xa3, 0xd5, 0xf2, 0xf2, 0x5d, 0x6a, + 0x87, 0xa2, 0xf4, 0x09, 0x9a, 0x87, 0xee, 0xab, + 0x20, 0xe7, 0x42, 0xd2, 0x6d, 0x1b, 0x1c, 0x75, + 0x69, 0x46, 0x2e, 0x8c, 0x00, 0xe5, 0xd7, 0xc5, + 0xc4, 0xfb, 0x46, 0xe7, 0xf8, 0xc1, 0x25, 0x7c, + 0x94, 0x30, 0xd0, 0xd5, 0xdb, 0x8d, 0xe3, 0x15, + 0xc8, +}; + +unsigned char ecc_PublicKey_512[] = { + 0x04, 0x01, 0x5c, 0x37, 0xe0, 0x37, 0x3b, 0xad, + 0x8a, 0xfe, 0x3c, 0x52, 0x5d, 0xe7, 0xab, 0x77, + 0x39, 0x67, 0x94, 0x6c, 0x2a, 0x3f, 0xee, 0x95, + 0x19, 0x8d, 0xcc, 0xdc, 0xad, 0x62, 0x50, 0x97, + 0x79, 0xeb, 0xde, 0x70, 0xed, 0x2d, 0x44, 0x8f, + 0xcf, 0x1d, 0x49, 0x46, 0x32, 0x96, 0xe3, 0xb6, + 0xc5, 0x61, 0x4c, 0xfd, 0xcb, 0x65, 0x1f, 0x04, + 0x97, 0x39, 0x54, 0x46, 0xde, 0x54, 0x2f, 0x0a, + 0x51, 0xd5, 0xe6, 0x01, 0x1e, 0x78, 0x20, 0x15, + 0x1c, 0xb3, 0x6f, 0x14, 0x8f, 0x2f, 0x95, 0x9c, + 0x40, 0xea, 0x12, 0x52, 0x5a, 0xce, 0x7c, 0x43, + 0x28, 0x22, 0x31, 0x00, 0xcb, 0xbf, 0x86, 0x56, + 0xdc, 0x72, 0xa4, 0x49, 0x75, 0x80, 0xa4, 0x17, + 0xde, 0xa6, 0xf8, 0x3b, 0x39, 0x88, 0xd0, 0x8b, + 0x4e, 0x44, 0x69, 0x39, 0x7a, 0xcc, 0xcc, 0xc7, + 0x15, 0x1e, 0x6c, 0x76, 0xf2, 0x8d, 0x1b, 0x6c, + 0x64, 0x0a, 0x4c, 0x29, 0x35, +}; + + +unsigned char ecc_PublicKey_521[] = { + 0x04, 0x00, 0xf9, 0x56, 0xfb, 0x6c, 0x5a, 0x3d, + 0xc4, 0xf3, 0xb8, 0x07, 0x19, 0x2f, 0x93, 0x07, + 0x3c, 0x30, 0x7b, 0xd9, 0x9c, 0x11, 0xe8, 0xda, + 0xbe, 0x1b, 0x1b, 0xa3, 0xf2, 0x81, 0xf9, 0xd0, + 0x47, 0x0d, 0x06, 0xa4, 0x47, 0xa0, 0x8b, 0xca, + 0x0f, 0x0a, 0x3a, 0xda, 0x68, 0x38, 0x67, 0x5d, + 0x11, 0x77, 0xf8, 0x2f, 0x28, 0x0f, 0x31, 0xe5, + 0x26, 0xf5, 0x88, 0x2a, 0x79, 0x5f, 0xce, 0x55, + 0xe9, 0x71, 0x4c, 0x00, 0x9e, 0xfc, 0x7d, 0x00, + 0x04, 0xb8, 0x89, 0x04, 0xfc, 0x06, 0x38, 0x3f, + 0x9f, 0x0a, 0x80, 0x7f, 0x6b, 0x4c, 0xd2, 0x61, + 0x69, 0x00, 0x7f, 0x9c, 0x7c, 0x9b, 0xab, 0xa6, + 0x9c, 0x71, 0xa9, 0x15, 0x63, 0x4a, 0x03, 0xe8, + 0x96, 0xbb, 0x79, 0x6a, 0x50, 0xa6, 0xd0, 0xdf, + 0x66, 0xf5, 0xc8, 0xfa, 0x22, 0x94, 0xe0, 0x72, + 0xa6, 0x15, 0x94, 0x1e, 0x3b, 0x47, 0x36, 0x8e, + 0xcb, 0x10, 0x15, 0x27, 0x5b, +}; diff --git a/embedded/signature/ecc_vfy_only_nonblock/ecc_verify_nonblock.c b/embedded/signature/ecc_vfy_only_nonblock/ecc_verify_nonblock.c new file mode 100644 index 000000000..66cff1833 --- /dev/null +++ b/embedded/signature/ecc_vfy_only_nonblock/ecc_verify_nonblock.c @@ -0,0 +1,249 @@ +/* ecc_verify_nonblock.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "signature.h" + +#define HEAP_HINT NULL +#define ECC_KEY_SIZE_112 112 +#define ECC_KEY_SIZE_128 128 +#define ECC_KEY_SIZE_160 160 +#define ECC_KEY_SIZE_192 192 +#define ECC_KEY_SIZE_224 224 +#define ECC_KEY_SIZE_239 239 +#define ECC_KEY_SIZE_256 256 +#define ECC_KEY_SIZE_320 320 +#define ECC_KEY_SIZE_384 384 +#define ECC_KEY_SIZE_512 512 +#define ECC_KEY_SIZE_521 521 +#define BYTE_SZ 8 + +int idx_key(int keysize); + +#define CHECK_RET(a, b, eLabel, msg) { \ + if (a != b) { \ + printf("failed %s\n", msg); \ + printf("ret = %d\n", a); \ + goto eLabel; \ + } \ + } + +int do_sig_ver_test(int eccKeySz); + +int ecc_verify(void) +{ + int ret = 0; +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + ret = do_sig_ver_test(ECC_KEY_SIZE_112); + CHECK_RET(ret, 0, finished, "112 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_128); + CHECK_RET(ret, 0, finished, "128 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_160); + CHECK_RET(ret, 0, finished, "160 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_192); + CHECK_RET(ret, 0, finished, "192 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_224); + CHECK_RET(ret, 0, finished, "224 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_239); + CHECK_RET(ret, 0, finished, "239 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_256); + CHECK_RET(ret, 0, finished, "256 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_320); + CHECK_RET(ret, 0, finished, "320 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_384); + CHECK_RET(ret, 0, finished, "384 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_512); + CHECK_RET(ret, 0, finished, "512 test"); + ret = do_sig_ver_test(ECC_KEY_SIZE_521); + CHECK_RET(ret, 0, finished, "521 test"); + +finished: +#ifdef DEBUG_MEMORY + printf("\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret; +} + +int do_sig_ver_test(int eccKeySz) +{ + /* sha256 hash of the string "A 32-bit string to test signing" */ + unsigned char hash[32] = { + 0x3b, 0x07, 0x54, 0x5c, 0xfd, 0x4f, 0xb7, 0xb5, + 0xaf, 0xa7, 0x7a, 0x25, 0x33, 0xa5, 0x50, 0x70, + 0x4a, 0x65, 0x3e, 0x72, 0x7e, 0xcd, 0xd4, 0x5b, + 0x1b, 0x36, 0x96, 0x96, 0xca, 0x4f, 0x9b, 0x6f + }; + int ret; + ecc_key key; + byte* sig = NULL; // get rid of this magic number + WC_RNG rng; + int verified = 0; + word32 sig_size; + int key_size; + unsigned char *pKeybuff; + +#ifdef NONBLOCK + ecc_nb_ctx_t nb_ctx; + double total_blk_time; + double pre_returned_t; /* previous recent returned time */ + double returned_t; /* most recent returned time */ + double max_t = -1.0; /* Maximum blocking time */ + double min_t = __DBL_MAX__; /* Minimum blocking time */ + double blocking_t; /* current blocking time */ + int blk_count; + +#endif + /* + * for odd curve sizes account for mod EG: + * Case 1) curve field of 256: + * (256/8) + (256%8 != 0 ? 1:0) == 32 + 0 = 32 + * + * Case 2) curve field of 521: + * (521/8 = 65.125 (rounds to 65) + (521%8 != 0 ? 1:0) == + 65 + 1 = 66 + * + * Algorithm: (C / B) + (C % B != 0 ? 1:0) + * + * This remainder is a natural result of the calculation: + * Algorithm: (C / (B-1)) / (B) + */ + int byteField = (eccKeySz + (BYTE_SZ - 1)) / BYTE_SZ; + word32 maxSigSz = ECC_MAX_SIG_SIZE; + + printf("Key size is %d, byteField = %d\n", eccKeySz, byteField); + + ret = wc_InitRng(&rng); + CHECK_RET(ret, 0, key_done, "wc_InitRng()"); + ret = wc_ecc_init(&key); + CHECK_RET(ret, 0, sig_done, "wc_ecc_init()"); + /* Import signature and ecc_key */ + sig = sig_keys[idx_key(eccKeySz)].sig; + sig_size = sig_keys[idx_key(eccKeySz)].sig_size; + pKeybuff = sig_keys[idx_key(eccKeySz)].pubkey; + key_size = sig_keys[idx_key(eccKeySz)].key_size; + + ret = wc_ecc_import_x963(pKeybuff, key_size, &key); + CHECK_RET(ret, 0, rng_done, "wc_ecc_import_x963()"); +#ifdef NONBLOCK + ret = wc_ecc_set_nonblock(&key, &nb_ctx); + CHECK_RET(ret, 0, rng_done, "wc_ecc_set_nonblock()"); + + blk_count = 0; + pre_returned_t = current_time(1); + + do { + + ret = wc_ecc_verify_hash(sig, sig_size, hash, sizeof(hash), + &verified, &key); + returned_t = current_time(0); + blocking_t = returned_t - pre_returned_t; + total_blk_time += blocking_t; + + if ( blocking_t > max_t ){ + max_t = blocking_t; + } + else if ( blocking_t < min_t ){ + min_t = blocking_t; + } + + pre_returned_t = returned_t; + blk_count++; + } while (ret == FP_WOULDBLOCK); +#else + ret = wc_ecc_verify_hash(sig, sig_size, hash, sizeof(hash), + &verified, &key); +#endif /* NONBLOCK */ + + CHECK_RET(ret, 0, rng_done, "wc_ecc_verify_hash()"); + CHECK_RET(verified, 1, rng_done, "verification check"); + verified = 0; + printf("Successfully verified signature w/ ecc key size %d!\n", + eccKeySz); + +#ifdef NONBLOCK + if (eccKeySz >= ECC_KEY_SIZE_256){ + printf("Non-blocking:\n"); + printf(" Total time: %.2f micro sec, Bloking count: %d\n",\ + 1000*1000*total_blk_time, blk_count); + printf(" Max: %2.2f micro sec, Average: %.2f micro sec\n",\ + max_t*1000*1000, 1000*1000*total_blk_time/blk_count ); + } +#endif /* NONBLOCK */ + +rng_done: + wc_FreeRng(&rng); +key_done: + wc_ecc_free(&key); +sig_done: + return ret; +} + +int main() +{ +#ifdef DEBUG_MEMORY + return StackSizeCheck(NULL, (thread_func)ecc_verify); +#else + return ecc_verify(); +#endif +} + +int idx_key(int keysize){ + switch(keysize){ + case ECC_KEY_SIZE_112: + return 0; + case ECC_KEY_SIZE_128: + return 1; + case ECC_KEY_SIZE_160: + return 2; + case ECC_KEY_SIZE_192: + return 3; + case ECC_KEY_SIZE_224: + return 4; + case ECC_KEY_SIZE_239: + return 5; + case ECC_KEY_SIZE_256: + return 6; + case ECC_KEY_SIZE_320: + return 7; + case ECC_KEY_SIZE_384: + return 8; + case ECC_KEY_SIZE_512: + return 9; + case ECC_KEY_SIZE_521: + return 10; + default: + return -1; + } +} diff --git a/embedded/signature/ecc_vfy_only_nonblock/signature.h b/embedded/signature/ecc_vfy_only_nonblock/signature.h new file mode 100644 index 000000000..abc07c53e --- /dev/null +++ b/embedded/signature/ecc_vfy_only_nonblock/signature.h @@ -0,0 +1,198 @@ +/* signature.h + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +#include "ecc_pubKey.h" + +byte ecc_signature_112[] = { + 0x30, 0x3e, 0x02, 0x1d, 0x00, 0xdc, 0xef, 0xcc, + 0x1a, 0xe9, 0x97, 0x44, 0xf4, 0x85, 0xad, 0xef, + 0x88, 0x6e, 0x77, 0x2b, 0x27, 0x7b, 0xd5, 0xcd, + 0xfb, 0x47, 0x43, 0x40, 0x1a, 0x53, 0x2f, 0xc4, + 0x0b, 0x02, 0x1d, 0x00, 0x8e, 0x34, 0xbb, 0xf4, + 0x59, 0xef, 0xa0, 0x6b, 0x8c, 0xda, 0x00, 0xca, + 0xcb, 0xb4, 0x75, 0xdb, 0x37, 0x7e, 0x8e, 0xe1, + 0x7a, 0xc2, 0xd5, 0x3c, 0xb5, 0xbc, 0x33, 0xcd, +}; + +byte ecc_signature_128[] = { + 0x30, 0x3c, 0x02, 0x1c, 0x23, 0x41, 0xf0, 0xe2, + 0x0f, 0x72, 0xbb, 0xe0, 0x8b, 0x42, 0xf8, 0xba, + 0xba, 0x81, 0xcb, 0xb2, 0xf9, 0xc6, 0x45, 0x44, + 0xfa, 0x8d, 0x8a, 0x33, 0x8d, 0xea, 0x34, 0xf0, + 0x02, 0x1c, 0x5f, 0x5e, 0x67, 0xad, 0x32, 0xee, + 0x90, 0xf1, 0x40, 0x6d, 0x34, 0x8e, 0x66, 0xd2, + 0x94, 0x1e, 0x28, 0xb3, 0xaa, 0x32, 0x10, 0x46, + 0x1c, 0xf7, 0x58, 0x1b, 0xf7, 0x4b, +}; + +byte ecc_signature_160[] = { + 0x30, 0x3d, 0x02, 0x1c, 0x18, 0x8e, 0xc8, 0x08, + 0xe3, 0x0e, 0xf5, 0x7c, 0xe4, 0x32, 0xc9, 0x5d, + 0xe8, 0xab, 0xb4, 0x3c, 0x99, 0x18, 0xa8, 0x7f, + 0xba, 0x10, 0x49, 0x52, 0x63, 0xc6, 0x52, 0x58, + 0x02, 0x1d, 0x00, 0xc1, 0x5f, 0xe0, 0x17, 0xbb, + 0x16, 0x19, 0x52, 0xed, 0xb1, 0xde, 0x30, 0x1b, + 0x49, 0x87, 0x37, 0x8a, 0x24, 0xf9, 0x11, 0x50, + 0x9f, 0xaf, 0xa5, 0x18, 0x3c, 0xa3, 0x26, +}; + +byte ecc_signature_192[] = { + 0x30, 0x3c, 0x02, 0x1c, 0x09, 0x75, 0x75, 0x9d, + 0xdb, 0x69, 0x5d, 0xba, 0x02, 0x31, 0xb9, 0x44, + 0xc0, 0x22, 0xeb, 0x9c, 0xb3, 0xd0, 0x9a, 0xc3, + 0x59, 0x2b, 0xdf, 0x23, 0x23, 0x46, 0x32, 0x0b, + 0x02, 0x1c, 0x1f, 0x3f, 0x73, 0x55, 0xbc, 0x29, + 0xa7, 0xa9, 0xd8, 0x3a, 0x9c, 0x3b, 0x97, 0x14, + 0xa5, 0x12, 0x10, 0x4e, 0x6f, 0x1c, 0xa3, 0xa8, + 0xee, 0x6e, 0x47, 0x28, 0xf2, 0x36, +}; + +byte ecc_signature_224[] = { + 0x30, 0x3d, 0x02, 0x1c, 0x52, 0x7b, 0x2e, 0xcb, + 0x6a, 0x99, 0x0f, 0x56, 0xdf, 0x9f, 0xdc, 0x14, + 0xe5, 0xe9, 0x5c, 0x95, 0x7f, 0xed, 0x91, 0x1b, + 0x48, 0xb1, 0x31, 0x41, 0xe0, 0xcb, 0x45, 0xc5, + 0x02, 0x1d, 0x00, 0x9c, 0x62, 0xab, 0x1c, 0xb4, + 0xc5, 0x01, 0xea, 0x31, 0x40, 0x6e, 0x45, 0x77, + 0x29, 0xd6, 0x50, 0xc3, 0x52, 0x3c, 0x8c, 0xe6, + 0x7a, 0x38, 0xae, 0x73, 0xd6, 0xf1, 0x95, +}; + +byte ecc_signature_239[] = { + 0x30, 0x40, 0x02, 0x1e, 0x06, 0x22, 0x6e, 0x25, + 0x61, 0x98, 0xaa, 0x01, 0xd8, 0xfa, 0x43, 0x2d, + 0x7e, 0x7e, 0x22, 0x36, 0x1e, 0x7d, 0x7b, 0xcd, + 0xe2, 0x9f, 0x8d, 0x00, 0xa9, 0xd8, 0xf4, 0xbb, + 0x96, 0x27, 0x02, 0x1e, 0x50, 0x18, 0xa2, 0x90, + 0x0b, 0x43, 0x31, 0xab, 0x0d, 0xc8, 0x52, 0x59, + 0x99, 0x7f, 0x31, 0xbc, 0xac, 0xc7, 0x2b, 0x15, + 0x83, 0x7c, 0x19, 0xd6, 0xed, 0x04, 0x16, 0xe0, + 0xb3, 0x29, +}; + +byte ecc_signature_256[] = { + 0x30, 0x44, 0x02, 0x20, 0x14, 0xc7, 0xa9, 0x91, + 0x47, 0xf5, 0x0d, 0x31, 0x5a, 0x05, 0x4d, 0x7b, + 0x49, 0x40, 0x2f, 0x0e, 0x03, 0xc8, 0x61, 0x99, + 0xa4, 0xdf, 0x83, 0x68, 0xcb, 0x9f, 0xa7, 0x7a, + 0xd9, 0xd4, 0x3c, 0x20, 0x02, 0x20, 0x05, 0xa1, + 0x0d, 0xd8, 0xfd, 0x0b, 0x83, 0x4f, 0xcb, 0x0b, + 0x47, 0x60, 0x60, 0x04, 0xa9, 0xe3, 0x57, 0x46, + 0x5b, 0x34, 0x30, 0xb3, 0xc9, 0x9a, 0x8d, 0xd0, + 0x8f, 0xda, 0x9f, 0xb0, 0xb6, 0x86, +}; + +byte ecc_signature_320[] = { + 0x30, 0x66, 0x02, 0x31, 0x00, 0xb5, 0xaf, 0x8d, + 0x19, 0x3e, 0x3c, 0x15, 0x6c, 0xdc, 0x0b, 0xb9, + 0x64, 0x77, 0x60, 0x60, 0xab, 0x55, 0x2a, 0x4f, + 0x99, 0x23, 0x7c, 0x79, 0x2f, 0xf7, 0x6c, 0x86, + 0xfd, 0x81, 0x49, 0x6e, 0x76, 0x02, 0xe7, 0xb4, + 0x55, 0x0e, 0xff, 0xe8, 0x59, 0xd7, 0x10, 0x4c, + 0x6a, 0xd4, 0x4a, 0x4b, 0xad, 0x02, 0x31, 0x00, + 0xc2, 0x41, 0x36, 0x0e, 0x70, 0xeb, 0x2d, 0x30, + 0x22, 0x6d, 0x1d, 0x05, 0xe3, 0x65, 0xcb, 0x3b, + 0x9d, 0x34, 0x4e, 0xe6, 0x9f, 0x3f, 0xf1, 0xc6, + 0x1c, 0x85, 0xbc, 0x23, 0x6b, 0x2c, 0xa5, 0x02, + 0xbe, 0x4f, 0xd0, 0x87, 0x58, 0x54, 0x9f, 0xaf, + 0x4f, 0x6d, 0x31, 0xed, 0xf1, 0x5b, 0x3d, 0xf5, +}; + +byte ecc_signature_384[] = { + 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xc0, 0x45, + 0x1c, 0x8c, 0x9a, 0xb1, 0x8e, 0xd2, 0xb9, 0xce, + 0xb7, 0x00, 0x77, 0x38, 0xb9, 0x1d, 0x85, 0x77, + 0x7d, 0x3b, 0xff, 0x12, 0x0c, 0x27, 0x2c, 0xe7, + 0x6f, 0xf4, 0x45, 0xb5, 0x4c, 0x74, 0x06, 0x73, + 0x34, 0x95, 0xb8, 0x17, 0x88, 0xfe, 0x7d, 0x93, + 0x30, 0x9b, 0x70, 0x92, 0x24, 0x02, 0x31, 0x00, + 0xca, 0xfd, 0x25, 0x9e, 0xf2, 0xd7, 0x4e, 0xfc, + 0xc6, 0xfc, 0x38, 0x0a, 0xb7, 0x6a, 0xa5, 0x43, + 0x00, 0xa1, 0xc4, 0x94, 0xc9, 0xa3, 0x40, 0xf9, + 0x54, 0x54, 0x68, 0xbe, 0xc8, 0x0c, 0x0e, 0xbb, + 0x9c, 0x75, 0xa7, 0x25, 0xdb, 0x09, 0x30, 0x50, + 0xff, 0xd1, 0x7f, 0x57, 0x24, 0xbe, 0x2a, 0x19, +}; + +byte ecc_signature_512[] = { + 0x30, 0x81, 0x88, 0x02, 0x42, 0x00, 0xe0, 0x47, + 0xb7, 0x44, 0x33, 0x90, 0xe0, 0x33, 0x1c, 0xd7, + 0x32, 0x67, 0x3d, 0x89, 0xa4, 0x69, 0xee, 0x1a, + 0x0c, 0x10, 0x10, 0xaa, 0x99, 0xf6, 0xb6, 0xde, + 0x59, 0x5c, 0xbb, 0xb1, 0x2a, 0xb0, 0xe9, 0x50, + 0x06, 0x3e, 0x00, 0x24, 0xc1, 0x44, 0x9c, 0x39, + 0xfe, 0x63, 0x7f, 0x42, 0x6e, 0xa4, 0xf7, 0xb8, + 0x70, 0x53, 0x59, 0xda, 0xeb, 0x61, 0xa1, 0x6e, + 0x63, 0xc7, 0x82, 0xa2, 0xbb, 0x0c, 0x5d, 0x02, + 0x42, 0x01, 0x25, 0x5a, 0xac, 0xcc, 0x39, 0x04, + 0x63, 0x37, 0xce, 0x3f, 0xf7, 0x58, 0x98, 0xb2, + 0x62, 0x24, 0x14, 0xd9, 0x0e, 0x8b, 0xfb, 0x6c, + 0xdb, 0x6b, 0x05, 0xa9, 0x25, 0x90, 0xdb, 0x16, + 0x55, 0x78, 0x96, 0x46, 0x47, 0x66, 0xb2, 0x3b, + 0xcf, 0x16, 0x74, 0x40, 0xc0, 0x3c, 0x7a, 0x77, + 0x50, 0xe8, 0xc6, 0xb7, 0x6d, 0x7f, 0x81, 0xf2, + 0xf6, 0xca, 0x5c, 0x29, 0x8b, 0xa5, 0x4d, 0xd0, + 0x23, 0x86, 0x70, +}; + +byte ecc_signature_521[] = { + 0x30, 0x81, 0x87, 0x02, 0x41, 0x26, 0x39, 0x68, + 0xd0, 0x3d, 0xd4, 0x82, 0xe0, 0x53, 0x23, 0x4c, + 0x3c, 0x0e, 0x2f, 0xd8, 0xdb, 0x8c, 0x38, 0x04, + 0x3d, 0x8c, 0x71, 0xcf, 0xd6, 0x9f, 0x46, 0x80, + 0x68, 0x36, 0xe8, 0x23, 0x94, 0xcf, 0xf0, 0x5a, + 0x93, 0xd1, 0xc4, 0xb6, 0x89, 0x4f, 0x8e, 0x7b, + 0xf8, 0x13, 0x69, 0x0c, 0xc2, 0x11, 0xbd, 0x30, + 0x7b, 0x11, 0x0d, 0x60, 0x80, 0xd6, 0xd7, 0x7a, + 0xc3, 0x9f, 0xb2, 0x25, 0x20, 0xa2, 0x02, 0x42, + 0x00, 0xe1, 0x16, 0x64, 0x20, 0x33, 0x98, 0xfd, + 0x6b, 0xd8, 0x91, 0x5a, 0x83, 0xb7, 0x79, 0x82, + 0x7d, 0x39, 0xd6, 0x83, 0x49, 0x13, 0x10, 0x26, + 0x2f, 0x6c, 0x1e, 0x38, 0x10, 0x13, 0xd8, 0xeb, + 0x6f, 0x82, 0xbb, 0x4a, 0xed, 0x6e, 0x53, 0xbb, + 0xc8, 0x7c, 0xba, 0xe9, 0xac, 0xa9, 0xbe, 0xfd, + 0xe7, 0x6b, 0x80, 0x76, 0x6c, 0x1a, 0x31, 0x63, + 0x47, 0x91, 0x01, 0x9e, 0x15, 0x29, 0x1b, 0xea, + 0x3a, 0x69, +}; + + +typedef struct { + byte *sig; + word32 sig_size; + unsigned char *pubkey; + int key_size; +} sig_key; + +sig_key sig_keys[11] = { + {ecc_signature_112, sizeof(ecc_signature_112), ecc_PublicKey_112, sizeof(ecc_PublicKey_112)}, + {ecc_signature_128, sizeof(ecc_signature_128), ecc_PublicKey_128, sizeof(ecc_PublicKey_128)}, + {ecc_signature_160, sizeof(ecc_signature_160), ecc_PublicKey_160, sizeof(ecc_PublicKey_160)}, + {ecc_signature_192, sizeof(ecc_signature_192), ecc_PublicKey_192, sizeof(ecc_PublicKey_192)}, + {ecc_signature_224, sizeof(ecc_signature_224), ecc_PublicKey_224, sizeof(ecc_PublicKey_224)}, + {ecc_signature_239, sizeof(ecc_signature_239), ecc_PublicKey_239, sizeof(ecc_PublicKey_239)}, + {ecc_signature_256, sizeof(ecc_signature_256), ecc_PublicKey_256, sizeof(ecc_PublicKey_256)}, + {ecc_signature_320, sizeof(ecc_signature_320), ecc_PublicKey_320, sizeof(ecc_PublicKey_320)}, + {ecc_signature_384, sizeof(ecc_signature_384), ecc_PublicKey_384, sizeof(ecc_PublicKey_384)}, + {ecc_signature_512, sizeof(ecc_signature_512), ecc_PublicKey_512, sizeof(ecc_PublicKey_512)}, + {ecc_signature_521, sizeof(ecc_signature_521), ecc_PublicKey_521, sizeof(ecc_PublicKey_521)}, +}; + + diff --git a/embedded/signature/ecc_vfy_only_nonblock/user_settings.h b/embedded/signature/ecc_vfy_only_nonblock/user_settings.h new file mode 100644 index 000000000..6f2d1e651 --- /dev/null +++ b/embedded/signature/ecc_vfy_only_nonblock/user_settings.h @@ -0,0 +1,90 @@ +#define WOLFCRYPT_ONLY +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_HARDEN +#define NO_RSA +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + +/* ecc */ +#define HAVE_ECC +#define HAVE_ALL_CURVES + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT + #undef BENCHMARK +#endif + + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 32 + #undef USE_FAST_MATH +#endif + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_ECC + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_ECC + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif + + + + +#define NONBLOCK +#ifdef NONBLOCK + #define WC_ECC_NONBLOCK + #define WOLFSSL_SP_NONBLOCK + #define WOLFSSL_SP_SMALL + #define WOLFSSL_SP_NO_MALLOC +#endif + +#define WOLFSSL_SP_384 +#define WOLFSSL_SP_521 diff --git a/embedded/signature/include/rsa_priv_2048.h b/embedded/signature/include/rsa_priv_2048.h new file mode 100644 index 000000000..2c9178647 --- /dev/null +++ b/embedded/signature/include/rsa_priv_2048.h @@ -0,0 +1,150 @@ +/* rsa_priv_2048.h + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* This file contains an RSA 2048-bit private key. + * It is the private counterpart to "rsa_pub_2048.h" + */ + +/* RSA private key to sign with. + * Key is PKCS#1 formatted and DER encoded. + */ +static const unsigned char private_key_2048[] = { + 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, + 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, 0x9A, + 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, + 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, + 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, + 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, + 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, 0x1E, + 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, + 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, + 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, + 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, + 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, + 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, + 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, 0xD0, + 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, + 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, + 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, + 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, 0xEF, + 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, 0x03, + 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, + 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, + 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, + 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, + 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, + 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, + 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA2, 0xE6, + 0xD8, 0x5F, 0x10, 0x71, 0x64, 0x08, 0x9E, 0x2E, 0x6D, 0xD1, + 0x6D, 0x1E, 0x85, 0xD2, 0x0A, 0xB1, 0x8C, 0x47, 0xCE, 0x2C, + 0x51, 0x6A, 0xA0, 0x12, 0x9E, 0x53, 0xDE, 0x91, 0x4C, 0x1D, + 0x6D, 0xEA, 0x59, 0x7B, 0xF2, 0x77, 0xAA, 0xD9, 0xC6, 0xD9, + 0x8A, 0xAB, 0xD8, 0xE1, 0x16, 0xE4, 0x63, 0x26, 0xFF, 0xB5, + 0x6C, 0x13, 0x59, 0xB8, 0xE3, 0xA5, 0xC8, 0x72, 0x17, 0x2E, + 0x0C, 0x9F, 0x6F, 0xE5, 0x59, 0x3F, 0x76, 0x6F, 0x49, 0xB1, + 0x11, 0xC2, 0x5A, 0x2E, 0x16, 0x29, 0x0D, 0xDE, 0xB7, 0x8E, + 0xDC, 0x40, 0xD5, 0xA2, 0xEE, 0xE0, 0x1E, 0xA1, 0xF4, 0xBE, + 0x97, 0xDB, 0x86, 0x63, 0x96, 0x14, 0xCD, 0x98, 0x09, 0x60, + 0x2D, 0x30, 0x76, 0x9C, 0x3C, 0xCD, 0xE6, 0x88, 0xEE, 0x47, + 0x92, 0x79, 0x0B, 0x5A, 0x00, 0xE2, 0x5E, 0x5F, 0x11, 0x7C, + 0x7D, 0xF9, 0x08, 0xB7, 0x20, 0x06, 0x89, 0x2A, 0x5D, 0xFD, + 0x00, 0xAB, 0x22, 0xE1, 0xF0, 0xB3, 0xBC, 0x24, 0xA9, 0x5E, + 0x26, 0x0E, 0x1F, 0x00, 0x2D, 0xFE, 0x21, 0x9A, 0x53, 0x5B, + 0x6D, 0xD3, 0x2B, 0xAB, 0x94, 0x82, 0x68, 0x43, 0x36, 0xD8, + 0xF6, 0x2F, 0xC6, 0x22, 0xFC, 0xB5, 0x41, 0x5D, 0x0D, 0x33, + 0x60, 0xEA, 0xA4, 0x7D, 0x7E, 0xE8, 0x4B, 0x55, 0x91, 0x56, + 0xD3, 0x5C, 0x57, 0x8F, 0x1F, 0x94, 0x17, 0x2F, 0xAA, 0xDE, + 0xE9, 0x9E, 0xA8, 0xF4, 0xCF, 0x8A, 0x4C, 0x8E, 0xA0, 0xE4, + 0x56, 0x73, 0xB2, 0xCF, 0x4F, 0x86, 0xC5, 0x69, 0x3C, 0xF3, + 0x24, 0x20, 0x8B, 0x5C, 0x96, 0x0C, 0xFA, 0x6B, 0x12, 0x3B, + 0x9A, 0x67, 0xC1, 0xDF, 0xC6, 0x96, 0xB2, 0xA5, 0xD5, 0x92, + 0x0D, 0x9B, 0x09, 0x42, 0x68, 0x24, 0x10, 0x45, 0xD4, 0x50, + 0xE4, 0x17, 0x39, 0x48, 0xD0, 0x35, 0x8B, 0x94, 0x6D, 0x11, + 0xDE, 0x8F, 0xCA, 0x59, 0x02, 0x81, 0x81, 0x00, 0xEA, 0x24, + 0xA7, 0xF9, 0x69, 0x33, 0xE9, 0x71, 0xDC, 0x52, 0x7D, 0x88, + 0x21, 0x28, 0x2F, 0x49, 0xDE, 0xBA, 0x72, 0x16, 0xE9, 0xCC, + 0x47, 0x7A, 0x88, 0x0D, 0x94, 0x57, 0x84, 0x58, 0x16, 0x3A, + 0x81, 0xB0, 0x3F, 0xA2, 0xCF, 0xA6, 0x6C, 0x1E, 0xB0, 0x06, + 0x29, 0x00, 0x8F, 0xE7, 0x77, 0x76, 0xAC, 0xDB, 0xCA, 0xC7, + 0xD9, 0x5E, 0x9B, 0x3F, 0x26, 0x90, 0x52, 0xAE, 0xFC, 0x38, + 0x90, 0x00, 0x14, 0xBB, 0xB4, 0x0F, 0x58, 0x94, 0xE7, 0x2F, + 0x6A, 0x7E, 0x1C, 0x4F, 0x41, 0x21, 0xD4, 0x31, 0x59, 0x1F, + 0x4E, 0x8A, 0x1A, 0x8D, 0xA7, 0x57, 0x6C, 0x22, 0xD8, 0xE5, + 0xF4, 0x7E, 0x32, 0xA6, 0x10, 0xCB, 0x64, 0xA5, 0x55, 0x03, + 0x87, 0xA6, 0x27, 0x05, 0x8C, 0xC3, 0xD7, 0xB6, 0x27, 0xB2, + 0x4D, 0xBA, 0x30, 0xDA, 0x47, 0x8F, 0x54, 0xD3, 0x3D, 0x8B, + 0x84, 0x8D, 0x94, 0x98, 0x58, 0xA5, 0x02, 0x81, 0x81, 0x00, + 0xD5, 0x38, 0x1B, 0xC3, 0x8F, 0xC5, 0x93, 0x0C, 0x47, 0x0B, + 0x6F, 0x35, 0x92, 0xC5, 0xB0, 0x8D, 0x46, 0xC8, 0x92, 0x18, + 0x8F, 0xF5, 0x80, 0x0A, 0xF7, 0xEF, 0xA1, 0xFE, 0x80, 0xB9, + 0xB5, 0x2A, 0xBA, 0xCA, 0x18, 0xB0, 0x5D, 0xA5, 0x07, 0xD0, + 0x93, 0x8D, 0xD8, 0x9C, 0x04, 0x1C, 0xD4, 0x62, 0x8E, 0xA6, + 0x26, 0x81, 0x01, 0xFF, 0xCE, 0x8A, 0x2A, 0x63, 0x34, 0x35, + 0x40, 0xAA, 0x6D, 0x80, 0xDE, 0x89, 0x23, 0x6A, 0x57, 0x4D, + 0x9E, 0x6E, 0xAD, 0x93, 0x4E, 0x56, 0x90, 0x0B, 0x6D, 0x9D, + 0x73, 0x8B, 0x0C, 0xAE, 0x27, 0x3D, 0xDE, 0x4E, 0xF0, 0xAA, + 0xC5, 0x6C, 0x78, 0x67, 0x6C, 0x94, 0x52, 0x9C, 0x37, 0x67, + 0x6C, 0x2D, 0xEF, 0xBB, 0xAF, 0xDF, 0xA6, 0x90, 0x3C, 0xC4, + 0x47, 0xCF, 0x8D, 0x96, 0x9E, 0x98, 0xA9, 0xB4, 0x9F, 0xC5, + 0xA6, 0x50, 0xDC, 0xB3, 0xF0, 0xFB, 0x74, 0x17, 0x02, 0x81, + 0x80, 0x5E, 0x83, 0x09, 0x62, 0xBD, 0xBA, 0x7C, 0xA2, 0xBF, + 0x42, 0x74, 0xF5, 0x7C, 0x1C, 0xD2, 0x69, 0xC9, 0x04, 0x0D, + 0x85, 0x7E, 0x3E, 0x3D, 0x24, 0x12, 0xC3, 0x18, 0x7B, 0xF3, + 0x29, 0xF3, 0x5F, 0x0E, 0x76, 0x6C, 0x59, 0x75, 0xE4, 0x41, + 0x84, 0x69, 0x9D, 0x32, 0xF3, 0xCD, 0x22, 0xAB, 0xB0, 0x35, + 0xBA, 0x4A, 0xB2, 0x3C, 0xE5, 0xD9, 0x58, 0xB6, 0x62, 0x4F, + 0x5D, 0xDE, 0xE5, 0x9E, 0x0A, 0xCA, 0x53, 0xB2, 0x2C, 0xF7, + 0x9E, 0xB3, 0x6B, 0x0A, 0x5B, 0x79, 0x65, 0xEC, 0x6E, 0x91, + 0x4E, 0x92, 0x20, 0xF6, 0xFC, 0xFC, 0x16, 0xED, 0xD3, 0x76, + 0x0C, 0xE2, 0xEC, 0x7F, 0xB2, 0x69, 0x13, 0x6B, 0x78, 0x0E, + 0x5A, 0x46, 0x64, 0xB4, 0x5E, 0xB7, 0x25, 0xA0, 0x5A, 0x75, + 0x3A, 0x4B, 0xEF, 0xC7, 0x3C, 0x3E, 0xF7, 0xFD, 0x26, 0xB8, + 0x20, 0xC4, 0x99, 0x0A, 0x9A, 0x73, 0xBE, 0xC3, 0x19, 0x02, + 0x81, 0x81, 0x00, 0xBA, 0x44, 0x93, 0x14, 0xAC, 0x34, 0x19, + 0x3B, 0x5F, 0x91, 0x60, 0xAC, 0xF7, 0xB4, 0xD6, 0x81, 0x05, + 0x36, 0x51, 0x53, 0x3D, 0xE8, 0x65, 0xDC, 0xAF, 0x2E, 0xDC, + 0x61, 0x3E, 0xC9, 0x7D, 0xB8, 0x7F, 0x87, 0xF0, 0x3B, 0x9B, + 0x03, 0x82, 0x29, 0x37, 0xCE, 0x72, 0x4E, 0x11, 0xD5, 0xB1, + 0xC1, 0x0C, 0x07, 0xA0, 0x99, 0x91, 0x4A, 0x8D, 0x7F, 0xEC, + 0x79, 0xCF, 0xF1, 0x39, 0xB5, 0xE9, 0x85, 0xEC, 0x62, 0xF7, + 0xDA, 0x7D, 0xBC, 0x64, 0x4D, 0x22, 0x3C, 0x0E, 0xF2, 0xD6, + 0x51, 0xF5, 0x87, 0xD8, 0x99, 0xC0, 0x11, 0x20, 0x5D, 0x0F, + 0x29, 0xFD, 0x5B, 0xE2, 0xAE, 0xD9, 0x1C, 0xD9, 0x21, 0x56, + 0x6D, 0xFC, 0x84, 0xD0, 0x5F, 0xED, 0x10, 0x15, 0x1C, 0x18, + 0x21, 0xE7, 0xC4, 0x3D, 0x4B, 0xD7, 0xD0, 0x9E, 0x6A, 0x95, + 0xCF, 0x22, 0xC9, 0x03, 0x7B, 0x9E, 0xE3, 0x60, 0x01, 0xFC, + 0x2F, 0x02, 0x81, 0x80, 0x11, 0xD0, 0x4B, 0xCF, 0x1B, 0x67, + 0xB9, 0x9F, 0x10, 0x75, 0x47, 0x86, 0x65, 0xAE, 0x31, 0xC2, + 0xC6, 0x30, 0xAC, 0x59, 0x06, 0x50, 0xD9, 0x0F, 0xB5, 0x70, + 0x06, 0xF7, 0xF0, 0xD3, 0xC8, 0x62, 0x7C, 0xA8, 0xDA, 0x6E, + 0xF6, 0x21, 0x3F, 0xD3, 0x7F, 0x5F, 0xEA, 0x8A, 0xAB, 0x3F, + 0xD9, 0x2A, 0x5E, 0xF3, 0x51, 0xD2, 0xC2, 0x30, 0x37, 0xE3, + 0x2D, 0xA3, 0x75, 0x0D, 0x1E, 0x4D, 0x21, 0x34, 0xD5, 0x57, + 0x70, 0x5C, 0x89, 0xBF, 0x72, 0xEC, 0x4A, 0x6E, 0x68, 0xD5, + 0xCD, 0x18, 0x74, 0x33, 0x4E, 0x8C, 0x3A, 0x45, 0x8F, 0xE6, + 0x96, 0x40, 0xEB, 0x63, 0xF9, 0x19, 0x86, 0x3A, 0x51, 0xDD, + 0x89, 0x4B, 0xB0, 0xF3, 0xF9, 0x9F, 0x5D, 0x28, 0x95, 0x38, + 0xBE, 0x35, 0xAB, 0xCA, 0x5C, 0xE7, 0x93, 0x53, 0x34, 0xA1, + 0x45, 0x5D, 0x13, 0x39, 0x65, 0x42, 0x46, 0xA1, 0x9F, 0xCD, + 0xF5, 0xBF +}; diff --git a/embedded/signature/include/rsa_pub_2048.h b/embedded/signature/include/rsa_pub_2048.h new file mode 100644 index 000000000..84457b5c0 --- /dev/null +++ b/embedded/signature/include/rsa_pub_2048.h @@ -0,0 +1,67 @@ +/* rsa_pub_2048.h + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* This file contains an RSA 2048-bit public key. + * It is the public counterpart to "rsa_priv_2048.h" + */ + +/* RSA public key to verify with. + * Key is PKCS#1 formatted and DER encoded. + */ +static const unsigned char public_key_2048[] = { + 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, + 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, + 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, + 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, + 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, + 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, + 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, + 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, + 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, + 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, + 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, + 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, + 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, + 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, + 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, + 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, + 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, + 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, + 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, + 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, + 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, + 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, + 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, + 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, + 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, + 0x6C, 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, + 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, + 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, + 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, + 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, + 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, + 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, + 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, + 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, + 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01 +}; diff --git a/embedded/signature/rsa_sign_verify/Makefile b/embedded/signature/rsa_sign_verify/Makefile new file mode 100644 index 000000000..ae598d3ba --- /dev/null +++ b/embedded/signature/rsa_sign_verify/Makefile @@ -0,0 +1,80 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS=-DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ = \ + $(WOLFROOT)/wolfcrypt/src/rsa.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + + +.PHONY: all clean size mem bench + +ifeq ($(math) $(arch),sp x64) +ASFLAGS+= -DSP_X86_64_FLAG +CFLAGS += -DSP_X86_64_FLAG +OBJ += $(OBJ_SP_X86_64) +else ifeq ($(math) $(arch),sp arm64) +CFLAGS += -DSP_ARM64_FLAG +OBJ += $(OBJ_SP_ARM64) +else ifeq ($(math) $(arch),sp c64) +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +else ifeq ($(math) $(arch),sp c32) +CFLAGS += -DSP_C32_FLAG +OBJ += $(OBJ_SP_C32) +else ifeq ($(math), tfm) +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) +else +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +endif + +all: rsa_sign_verify bench mem +rsa_sign_verify: clean $(OBJ) + $(CC) $(CFLAGS) -o rsa_sign_verify rsa_sign_verify.c $(OBJ) + +bench: clean $(OBJ) + $(CC) $(CFLAGS) -DBENCHMARK -o rsa_sign_verify_bench rsa_sign_verify.c $(OBJ) -lpthread +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o rsa_sign_verify_mem rsa_sign_verify.c $(OBJ) -lpthread + +nonblock: CFLAGS += -DNONBLOCK +nonblock: clean $(OBJ) + $(CC) -DNONBLOCK $(CFLAGS) -DDEBUG_MEMORY -o rsa_sign_verify_nonblock rsa_sign_verify_nonblock.c $(OBJ) -lpthread + +clean: + rm -f rsa_sign_verify rsa_sign_verify_bench rsa_sign_verify_mem rsa_sign_verify_nonblock $(WOLFROOT)/wolfcrypt/src/*.o +size : + size $(OBJ) sign verify diff --git a/embedded/signature/rsa_sign_verify/README.md b/embedded/signature/rsa_sign_verify/README.md new file mode 100644 index 000000000..0357e7ea6 --- /dev/null +++ b/embedded/signature/rsa_sign_verify/README.md @@ -0,0 +1,106 @@ +# RSA Signature Test Example + +### PKCS#1.5 and PSS +To switch from PKCS#1.5 to PSS, `#define PSS_PADDING` in user_settings.h + +Demonstrates using a hash digest to sign and verify a signature using RSA + +First, set the path to wolfssl directory to variable WOLFROOT in Makefile. + +## Building + +### Build example + +``` +make +``` + +### Usage +``` +./verify +``` + +``` +./sign +``` + +# Signature verification Benchmark + +You can generate benchmark program to compare the speed of signature verification between TFM and SP +### SP +Faster math library + +If you build for x86_64 system: +``` +make bench math=sp arch=x64 +``` +else if Aarch64 system: +``` +make bench math=sp arch=arm64 +``` +then a benchmark program is generated. +### TFM + +``` +make bench math=tfm +``` +NOTE: When using TFM, No Architecture specification is required. +## Example Output +- built with the option `math=sp arch=arm64` +``` +./verify_bench +--------------------------------------------------------------- +Enabled WOLFSSL_SP_ARM64 +--------------------------------------------------------------- +Running benchmark... +Please Wait 3.00 seconds +Takes 3.00 Sec for 236782 times, 78927.31 Cycles/sec +Finished Benchmark +``` + + +- built with the option `math=tfm` +``` +./verify_bench +--------------------------------------------------------------- +Enabled TFM +--------------------------------------------------------------- +Running benchmark... +Please Wait 3.00 seconds +Takes 3.00 Sec for 76860 times, 25619.98 Cycles/sec +Finished Benchmark +``` + +# Tracking memory +To see a stack and heap memory usage + +``` +make mem +``` +## Example Output +``` +./verify_mem +Verified +total Allocs = 0 +total Deallocs = 0 +total Bytes = 0 +peak Bytes = 0 +current Bytes = 0 +stack used = 12392 +``` + + +# Non-blocking + +- RSA non-blocking mode only supported using TFM. + +To make Non-blocking RSA, +``` +make nonblock math=tfm +``` +then `rsa_sign_verify_nonblock` is generated. + +Best wishes in all your testing! + +- The wolfSSL Team + diff --git a/embedded/signature/rsa_sign_verify/rsa_sign_verify.c b/embedded/signature/rsa_sign_verify/rsa_sign_verify.c new file mode 100644 index 000000000..475948bbc --- /dev/null +++ b/embedded/signature/rsa_sign_verify/rsa_sign_verify.c @@ -0,0 +1,281 @@ +/* rsa_sign_verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* This file is an example of signing and verifying an RSA signature. + * The signature can be PKCS#1.5 formatted and PSS formatted. + * + * - PKCS#1.5 + * 1. hash -> encSig + * 2. encSig -> signature + * 3. signature -> decSig + * + * - PSS + * 1. hash -> signature + * 2. signature -> decSig + * + * PKCS#1.5 is used for the Signature by default. + * To turning on PSS, define PSS_PADDING + */ + +#include +#include +#include +#include +#include +#include +#include + +#if !defined(WOLFSSL_KEY_GEN) +#include "../include/rsa_priv_2048.h" +#include "../include/rsa_pub_2048.h" +#endif +/* Maximum bound on digest algorithm encoding around digest */ +#define MAX_ENC_ALG_SZ 32 + +/* RSA Key size bits */ +#define RSA_KEY_SIZE 2048 + +#define CHECK_RET(a, b, eLabel, msg) { \ + if (a != b) { \ + printf("failed %s\n", msg); \ + printf("ret = %d\n", a); \ + goto eLabel; \ + } \ + } + +/* Variables to be used in both sign() and verify() */ +byte msg[] = "This is a message."; +byte hash[WC_SHA256_DIGEST_SIZE]; +byte signature[ RSA_KEY_SIZE / 8]; +word32 sigLen; +byte encSig[WC_SHA256_DIGEST_SIZE + MAX_ENC_ALG_SZ]; +word32 encSigLen = 0; +byte decSig[ RSA_KEY_SIZE / 8]; +word32 decSigLen; +RsaKey key; +RsaKey* pKey = NULL; + +int sign() +{ +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + int ret = 0; +#if !defined(WOLFSSL_KEY_GEN) + word32 idx = 0; +#endif + wc_Sha256 sha256; + wc_Sha256* pSha256 = NULL; + WC_RNG rng; + WC_RNG* pRng; + long e = 65537; /* standard value to use for exponent */ + + /* Calculate SHA-256 digest of message */ + ret = wc_InitSha256(&sha256); + CHECK_RET(ret, 0, finish, "wc_InitSha256()"); + pSha256 = &sha256; + ret = wc_Sha256Update(&sha256, msg, sizeof(msg)); + CHECK_RET(ret, 0, finish, "wc_Sha256Update()"); + ret = wc_Sha256Final(&sha256, hash); + CHECK_RET(ret, 0, finish, "wc_Sha256Final()"); + + /* Initialize the RSA key. */ + ret = wc_InitRsaKey(&key, NULL); + CHECK_RET(ret, 0, finish, "wc_InitRng()"); + pKey = &key; + + ret = wc_InitRng(&rng); + CHECK_RET(ret, 0, finish, "wc_InitRng()"); + pRng = &rng; +#if defined(WC_RSA_BLINDING) || defined(PSS_PADDING) + ret = wc_RsaSetRNG(&key, &rng); + CHECK_RET(ret, 0, finish, "wc_RsaSetRNG()"); +#endif + +#if defined(WOLFSSL_KEY_GEN) + /* Generate 2048-bit RSA key*/ + ret = wc_MakeRsaKey(&key, RSA_KEY_SIZE, e, &rng); + CHECK_RET(ret, 0, finish, "wc_MakeRsaKey()"); +#else + /* private key import */ + ret = wc_RsaPrivateKeyDecode(private_key_2048, &idx, &key, + sizeof(private_key_2048)); +#endif + +#ifdef PSS_PADDING + sigLen = wc_RsaPSS_Sign(hash, sizeof(hash), signature, sizeof(signature), + WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng); + if ((int)sigLen < 0) + ret = (int)sigLen; + CHECK_RET(ret, 0, finish, "wc_RsaPSS_Sign()"); +#else /* PKCS#1.5 */ + /* Encode digest with algorithm information as per PKCS#1.5 */ + encSigLen = wc_EncodeSignature(encSig, hash, sizeof(hash), SHA256h); + if ((int)encSigLen < 0) + ret = (int)encSigLen; + CHECK_RET(ret, 0, finish, "wc_EncodeSignature()"); + + sigLen = wc_RsaSSL_Sign(encSig, encSigLen, signature, sigBuffLen, + &key, NULL); + if ((int)sigLen < 0) + ret = (int)sigLen; + CHECK_RET(ret, 0, finish, "wc_RsaSSL_Sign()"); +#endif +/* Generated Rsakey must be released in verify() */ +finish: + if (pSha256 != NULL) + wc_Sha256Free(pSha256); + if (pRng != NULL) + wc_FreeRng(pRng); + +#if defined(DEBUG_MEMORY) + printf("Memory usage : sign() \n"); + printf("=================================\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + + return ret; +} + +/* Verifies the signature with the message and RSA public key. + * Returns 0 on success and 1 otherwise. + */ +int verify() +{ +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + int ret = 0; +/* Variables for benchmark */ +#ifdef BENCHMARK + double start, total_time; +#ifndef BENCH_TIME_SEC + #define BENCH_TIME_SEC 3 +#endif + int count; +#endif + /* Check the RSA Key */ + if (pKey == NULL){ + printf("RSA Key is NULL in verify()\n"); + return -1; + } +#ifdef BENCHMARK + count = 0; + printf("Running benchmark...\n"); + printf("Please Wait %.2f seconds\n", (double)BENCH_TIME_SEC); + start = current_time(0); + while ((double)BENCH_TIME_SEC > (total_time = current_time(0) - start )) { +#endif + /* Verify the signature by decrypting the value. */ + #ifdef PSS_PADDING + decSigLen = wc_RsaPSS_VerifyCheck(signature, sizeof(signature), + decSig, sizeof(decSig), hash, sizeof(hash), + WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key); + if ((int)decSigLen < 0) + ret = (int)decSigLen; + CHECK_RET(ret, 0, finish, "wc_RsaPSS_VerifyCheck()"); + + #else /* PKCS#1.5 */ + decSigLen = wc_RsaSSL_Verify(signature, sizeof(signature), + decSig, sizeof(decSig), &key); + if ((int)decSigLen < 0) + ret = (int)decSigLen; + CHECK_RET(ret, 0, finish, "wc_RsaSSL_Verify()"); + + /* Check the decrypted result matches the encoded digest. */ + if (ret == 0 && encSigLen != decSigLen) + ret = -1; + if (ret == 0 && XMEMCMP(encSig, decSig, encSigLen) != 0) + ret = -1; + if(ret != 0){ + printf("Invalid Signature!\n"); + goto finish; + } + + #endif + +#ifdef BENCHMARK + count++; + } + printf("Takes %1.2f Sec for %d times, %6.2f Cycles/sec\n", + total_time, count, count/total_time); + printf("Finished Benchmark \n"); +#elif defined(DEBUG_MEMORY) + +#else + printf("Verified!\n"); +#endif + +finish: + if (pKey != NULL) + wc_FreeRsaKey(pKey); + +#ifdef DEBUG_MEMORY + printf("\n"); + printf("Memory usage : verify() \n"); + printf("=================================\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret; +} + +int main() +{ + int ret = 0; +#ifdef BENCHMARK + printf("---------------------------------------------------------------\n"); +#if defined(SP_C64_FLAG) + printf("Enabled 64-bit SP \n"); +#elif defined(SP_C32_FLAG) + printf("Enabled 32-bit SP \n"); +#elif defined(SP_X86_64_FLAG) + printf("Enabled SP for x86_64\n"); +#elif defined(SP_ARM64_FLAG) + printf("Enabled SP for Arm64\n"); +#elif defined(TFM_FLAG) + printf("Enabled TFM \n"); +#endif + printf("---------------------------------------------------------------\n"); +#endif /* BENCHMARK */ + +#ifdef DEBUG_MEMORY + ret = StackSizeCheck(NULL, (thread_func)sign); +#else + ret = sign(); +#endif + +/* Check the return value of sign() */ + if(ret != 0) + return ret; + +#ifdef DEBUG_MEMORY + ret = StackSizeCheck(NULL, (thread_func)verify); +#else + ret = verify(); +#endif + return ret; +} diff --git a/embedded/signature/rsa_sign_verify/rsa_sign_verify_nonblock.c b/embedded/signature/rsa_sign_verify/rsa_sign_verify_nonblock.c new file mode 100644 index 000000000..a049bde64 --- /dev/null +++ b/embedded/signature/rsa_sign_verify/rsa_sign_verify_nonblock.c @@ -0,0 +1,268 @@ +/* rsa_sign_verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* This file is an example of signing and verifying an RSA signature. + * The signature can be PKCS#1.5 formatted and PSS formatted. + * + * - PKCS#1.5 + * 1. hash -> encSig + * 2. encSig -> signature + * 3. signature -> decSig + * + * - PSS + * 1. hash -> signature + * 2. signature -> decSig + * + * PKCS#1.5 is used for the Signature by default. + * To turning on PSS, define PSS_PADDING + */ + +#include +#include +#include +#include +#include +#include +#include + +/* Maximum bound on digest algorithm encoding around digest */ +#define MAX_ENC_ALG_SZ 32 + +/* RSA Key size bits */ +#define RSA_KEY_SIZE 2048 + +#define CHECK_RET(a, b, eLabel, msg) { \ + if (a != b) { \ + printf("failed %s\n", msg); \ + printf("ret = %d\n", a); \ + goto eLabel; \ + } \ + } + +#ifndef NONBLOCK + #define NONBLOCK +#endif + +/* Variables to be used in both sign() and verify() */ +byte msg[] = "This is a message."; +byte hash[WC_SHA256_DIGEST_SIZE]; +byte signature[ RSA_KEY_SIZE / 8]; +word32 sigLen; +byte encSig[WC_SHA256_DIGEST_SIZE + MAX_ENC_ALG_SZ]; +word32 encSigLen = 0; +byte decSig[ RSA_KEY_SIZE / 8]; +word32 decSigLen; +RsaKey key; +RsaKey* pKey = NULL; +/* Variables for non-blocking RSA */ +RsaNb nb_ctx; +double total_blk_time; +double pre_returned_t; /* previous recent returned time */ +double returned_t; /* most recent returned time */ +double max_t = -1.0; /* Maximum blocking time */ +double min_t = __DBL_MAX__; /* Minimum blocking time */ +double blocking_t; /* current blocking time */ +int blk_count; + +int sign() +{ +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + int ret = 0; + wc_Sha256 sha256; + wc_Sha256* pSha256 = NULL; + WC_RNG rng; + WC_RNG* pRng; + long e = 65537; /* standard value to use for exponent */ + + /* Calculate SHA-256 digest of message */ + ret = wc_InitSha256(&sha256); + CHECK_RET(ret, 0, finish, "wc_InitSha256()"); + pSha256 = &sha256; + ret = wc_Sha256Update(&sha256, msg, sizeof(msg)); + CHECK_RET(ret, 0, finish, "wc_Sha256Update()"); + ret = wc_Sha256Final(&sha256, hash); + CHECK_RET(ret, 0, finish, "wc_Sha256Final()"); + + /* Initialize the RSA key. */ + ret = wc_InitRsaKey(&key, NULL); + CHECK_RET(ret, 0, finish, "wc_InitRng()"); + pKey = &key; + + ret = wc_InitRng(&rng); + CHECK_RET(ret, 0, finish, "wc_InitRng()"); + pRng = &rng; +#if defined(WC_RSA_BLINDING) || defined(PSS_PADDING) + ret = wc_RsaSetRNG(&key, &rng); + CHECK_RET(ret, 0, finish, "wc_RsaSetRNG()"); +#endif + + /* Generate 2048-bit RSA key*/ + ret = wc_MakeRsaKey(&key, 2048, e, &rng); + CHECK_RET(ret, 0, finish, "wc_MakeRsaKey()"); + + /* Encode digest with algorithm information as per PKCS#1.5 */ + encSigLen = wc_EncodeSignature(encSig, hash, sizeof(hash), SHA256h); + if ((int)encSigLen < 0) + ret = (int)encSigLen; + CHECK_RET(ret, 0, finish, "wc_EncodeSignature()"); +#ifdef PSS_PADDING + sigLen = wc_RsaPSS_Sign(hash, sizeof(hash), signature, sizeof(signature)\ + , WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng); + if ((int)sigLen < 0) + ret = (int)sigLen; + CHECK_RET(ret, 0, finish, "wc_RsaPSS_Sign()"); +#else /* PKCS#1.5 */ + sigLen = wc_RsaSSL_Sign(encSig, encSigLen, signature, sizeof(signature),\ + &key, &rng); + if ((int)sigLen < 0) + ret = (int)sigLen; + CHECK_RET(ret, 0, finish, "wc_RsaSSL_Sign()"); +#endif + +finish: + if (pSha256 != NULL) + wc_Sha256Free(pSha256); + if (pRng != NULL) + wc_FreeRng(pRng); +#if defined(DEBUG_MEMORY) + printf("Memory usage : sign() \n"); + printf("=================================\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret; +} + +int verify_nonblock() +{ +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + int ret = 0; + /* Verify the signature by decrypting the value with non-blocking mode. */ + if (ret == 0){ + ret = wc_RsaSetNonBlock(&key, &nb_ctx); + if (ret != 0) + return ret; + + blk_count = 0; + total_blk_time = 0; + + pre_returned_t = current_time(1); + do { + + #ifdef PSS_PADDING + decSigLen = wc_RsaPSS_Verify(signature, sizeof(signature), + decSig, sizeof(decSig),WC_HASH_TYPE_SHA256, + WC_MGF1SHA256, &key); + + #else /* PKCS#1.5 */ + decSigLen = wc_RsaSSL_Verify(signature, sizeof(signature), + decSig, sizeof(decSig), &key); + #endif + + returned_t = current_time(0); + blocking_t = returned_t - pre_returned_t; + total_blk_time += blocking_t; + + if ( blocking_t > max_t ){ + max_t = blocking_t; + } + else if ( blocking_t < min_t ){ + min_t = blocking_t; + } + + pre_returned_t = returned_t; + blk_count++; + } while (decSigLen == FP_WOULDBLOCK); + } + + /* Verification check */ + #ifdef PSS_PADDING + if ((int)decSigLen < 0) + ret = (int)decSigLen; + CHECK_RET(ret, 0, finish, "wc_RsaPSS_Verify()"); + + ret = wc_RsaPSS_CheckPadding(hash, sizeof(hash), decSig, decSigLen, + WC_HASH_TYPE_SHA256); + CHECK_RET(ret, 0, finish, "Verification Check RSA-PSS"); + #else + if ((int)decSigLen < 0) + ret = (int)decSigLen; + CHECK_RET(ret, 0, finish, "wc_RsaSSL_Verify()"); + /* Check the decrypted result matches the encoded digest. */ + if (ret == 0 && encSigLen != decSigLen) + ret = -1; + if (ret == 0 && XMEMCMP(encSig, decSig, encSigLen) != 0) + ret = -1; + + if(ret != 0){ + printf("Invalid Signature!\n"); + goto finish; + } + #endif +finish: + if (pKey != NULL) + wc_FreeRsaKey(pKey); +#ifdef DEBUG_MEMORY + printf("\n"); + printf("Memory usage : verify_nonblock() \n"); + printf("=================================\n"); + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + + return ret; +} + +int main() +{ + int ret = 0; +#ifdef DEBUG_MEMORY + ret = StackSizeCheck(NULL, (thread_func)sign); +#else + ret = sign(); +#endif + +/* Check the return value of sign() */ + if(ret != 0) + return ret; + +#ifdef DEBUG_MEMORY + ret = StackSizeCheck(NULL, (thread_func)verify_nonblock); +#else + ret = verify_nonblock(); +#endif + if (ret == 0){ + printf("\nNon-blocking:\n"); + printf("Total time : %.2f micro sec, Blocking count: %d \n",\ + 1000*1000*total_blk_time, blk_count); + printf("Max: %2.2f micro sec, Average: %.2f micro sec\n",\ + max_t*1000*1000, 1000*1000*total_blk_time/blk_count ); + } + return ret; +} diff --git a/embedded/signature/rsa_sign_verify/user_settings.h b/embedded/signature/rsa_sign_verify/user_settings.h new file mode 100644 index 000000000..73db66c05 --- /dev/null +++ b/embedded/signature/rsa_sign_verify/user_settings.h @@ -0,0 +1,93 @@ +#define WOLFCRYPT_ONLY +#define NO_SIG_WRAPPER +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_HARDEN +/* #define WOLFSSL_KEY_GEN */ + +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT +#endif + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #undef USE_FAST_MATH +#endif + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH + +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif /*SP_ARM64_FLAG*/ + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif /*SP_X86_64_FLAG*/ + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_RSA + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif /* TFM_FLAG*/ + +#ifdef BENCHMARK + #undef DEBUG_MEMORY +#endif + +#define PSS_PADDING +#ifdef PSS_PADDING + #define WC_RSA_PSS + #define WC_RSA_BLINDING +#endif + +/* Non-blocking */ +#if defined(NONBLOCK) + #define WC_RSA_NONBLOCK + #define TFM_TIMING_RESISTANT + #define WOLFSSL_SP_NONBLOCK + #define WOLFSSL_SP_SMALL + #define WOLFSSL_SP_NO_MALLOC + #undef BENCHMARK +#endif /* NONBLOCK */ + diff --git a/embedded/signature/rsa_vfy_only/Makefile b/embedded/signature/rsa_vfy_only/Makefile new file mode 100644 index 000000000..9224c4ad2 --- /dev/null +++ b/embedded/signature/rsa_vfy_only/Makefile @@ -0,0 +1,77 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl + +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS=-DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ = \ + $(WOLFROOT)/wolfcrypt/src/rsa.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + + +.PHONY: all clean size bench mem + + +ifeq ($(math) $(arch),sp x64) +ASFLAGS+= -DSP_X86_64_FLAG +CFLAGS += -DSP_X86_64_FLAG +OBJ += $(OBJ_SP_X86_64) +else ifeq ($(math) $(arch),sp arm64) +CFLAGS += -DSP_ARM64_FLAG +OBJ += $(OBJ_SP_ARM64) +else ifeq ($(math) $(arch),sp c64) +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +else ifeq ($(math) $(arch),sp c32) +CFLAGS += -DSP_C32_FLAG +OBJ += $(OBJ_SP_C32) +else ifeq ($(math), tfm) +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) +else +CFLAGS += -DSP_C64_FLAG +OBJ += $(OBJ_SP_C64) +endif + +all: verify bench mem + +verify: clean $(OBJ) + $(CC) $(CFLAGS) -o verify verify.c $(OBJ) +bench: clean $(OBJ) + $(CC) $(CFLAGS) -DBENCHMARK -o verify_bench verify.c $(OBJ) -lpthread +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o verify_mem verify.c $(OBJ) -lpthread +clean: + rm -f verify verify_bench verify_mem $(WOLFROOT)/wolfcrypt/src/*.o +size : + size $(OBJ) verify diff --git a/embedded/signature/rsa_vfy_only/README.md b/embedded/signature/rsa_vfy_only/README.md new file mode 100644 index 000000000..b86914649 --- /dev/null +++ b/embedded/signature/rsa_vfy_only/README.md @@ -0,0 +1,89 @@ +# RSA Signature Test Example + +Demonstrates using a hash digest to sign and verify a signature using RSA + +First, set the path to wolfssl directory to the WOLFROOT in the Makefile. + +## Building + +### Build example + +``` +make +``` + +### Usage +``` +./verify +``` + +# Signature verification Benchmark + +You can generate benchmark program to compare the speed of signature verification between TFM and SP +### SP +Faster math library + +If you build for x86_64 system: +``` +make bench math=sp arch=x64 +``` +else if Aarch64 system: +``` +make bench math=sp arch=arm64 +``` +then a benchmark program is generated. +### TFM + +``` +make bench math=tfm +``` +NOTE: When using TFM, No Architecture specification is required. +## Example Output +- built with the option `math=sp arch=arm64` +``` +./verify_bench +--------------------------------------------------------------- +Enabled WOLFSSL_SP_ARM64 +--------------------------------------------------------------- +Running benchmark... +Please Wait 3.00 seconds +Takes 3.00 Sec for 237053 times, 79017.45 Cycles/sec +Finished Benchmark +``` + + +- built with the option `math=tfm` +``` +./verify_bench +--------------------------------------------------------------- +Enabled TFM +--------------------------------------------------------------- +Running benchmark... +Please Wait 3.00 seconds +Takes 3.00 Sec for 76438 times, 25479.23 Cycles/sec +Finished Benchmark +``` + +# Tracking memory +To see a stack and heap memory usage + +``` +make mem +``` +## Example Output +``` +./verify_mem +Verified +total Allocs = 0 +total Deallocs = 0 +total Bytes = 0 +peak Bytes = 0 +current Bytes = 0 +stack used = 12344 +``` + + +Best wishes in all your testing! + +- The wolfSSL Team + diff --git a/embedded/signature/rsa_vfy_only/user_settings.h b/embedded/signature/rsa_vfy_only/user_settings.h new file mode 100644 index 000000000..7d677ddc2 --- /dev/null +++ b/embedded/signature/rsa_vfy_only/user_settings.h @@ -0,0 +1,77 @@ +#define WOLFCRYPT_ONLY +#define NO_SIG_WRAPPER +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_RSA_PSS +#define WC_NO_HARDEN + +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT +#endif + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 32 + #undef USE_FAST_MATH +#endif /*SP_FLAG*/ + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH + +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif /*SP_ARM64_FLAG*/ + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif /*SP_X86_64_FLAG*/ + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_RSA + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif /* TFM_FLAG*/ + +#ifdef BENCHMARK + #undef DEBUG_MEMORY +#endif diff --git a/embedded/signature/rsa_vfy_only/verify.c b/embedded/signature/rsa_vfy_only/verify.c new file mode 100644 index 000000000..c1c0d239e --- /dev/null +++ b/embedded/signature/rsa_vfy_only/verify.c @@ -0,0 +1,252 @@ +/* verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include +#include +#include +#include +#include + +/* RSA public key to verify with. */ +static const unsigned char public_key_2048_n[] = { + 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, + 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, + 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, + 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, + 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, + 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, + 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, + 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, + 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, + 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, + 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, + 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, + 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, + 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, + 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, + 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, + 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, + 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, + 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, + 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, + 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, + 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, + 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, + 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, + 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, + 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, +}; + +static const unsigned long public_key_2048_e = 0x010001; + +unsigned char msg[] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x6d, 0x65, 0x73, 0x73, + 0x61, 0x67, 0x65, +}; + +unsigned char rsa_sig_2048[] = { + 0x41, 0xeb, 0xf5, 0x5e, 0x97, 0x43, 0xf4, 0xd1, + 0xda, 0xb6, 0x5c, 0x75, 0x57, 0x2c, 0xe1, 0x01, + 0x07, 0xdc, 0x42, 0xc4, 0x2d, 0xe2, 0xb5, 0xc8, + 0x63, 0xe8, 0x45, 0x9a, 0x4a, 0xfa, 0xdf, 0x5e, + 0xa6, 0x08, 0x0a, 0x26, 0x2e, 0xca, 0x2c, 0x10, + 0x7a, 0x15, 0x8d, 0xc1, 0x55, 0xcc, 0x33, 0xdb, + 0xb2, 0xef, 0x8b, 0xa6, 0x4b, 0xef, 0xa1, 0xcf, + 0xd3, 0xe2, 0x5d, 0xac, 0x88, 0x86, 0x62, 0x67, + 0x8b, 0x8c, 0x45, 0x7f, 0x10, 0xad, 0xfa, 0x27, + 0x7a, 0x35, 0x5a, 0xf9, 0x09, 0x78, 0x83, 0xba, + 0x18, 0xcb, 0x3e, 0x8e, 0x08, 0xbe, 0x36, 0xde, + 0xac, 0xc1, 0x77, 0x44, 0xe8, 0x43, 0xdb, 0x52, + 0x23, 0x08, 0x36, 0x8f, 0x74, 0x4a, 0xbd, 0xa3, + 0x3f, 0xc1, 0xfb, 0xd6, 0x45, 0x25, 0x61, 0xe2, + 0x19, 0xcb, 0x0b, 0x28, 0xef, 0xca, 0x0a, 0x3b, + 0x7b, 0x3d, 0xe3, 0x47, 0x46, 0x07, 0x1a, 0x7f, + 0xff, 0x38, 0xfd, 0x59, 0x94, 0x0b, 0xeb, 0x00, + 0xab, 0xcc, 0x8c, 0x48, 0x7b, 0xd6, 0x87, 0xb8, + 0x54, 0xb0, 0x2a, 0x07, 0xcf, 0x44, 0x11, 0xd4, + 0xb6, 0x9a, 0x4e, 0x6d, 0x5c, 0x1a, 0xe3, 0xc7, + 0xf3, 0xc7, 0xcb, 0x8e, 0x82, 0x7d, 0xc8, 0x77, + 0xf0, 0xb6, 0xd0, 0x85, 0xcb, 0xdb, 0xd0, 0xb0, + 0xe0, 0xcf, 0xca, 0x3f, 0x17, 0x46, 0x84, 0xcb, + 0x5b, 0xfe, 0x51, 0x3a, 0xaa, 0x71, 0xad, 0xeb, + 0xf1, 0xed, 0x3f, 0xf8, 0xde, 0xb4, 0xa1, 0x26, + 0xdb, 0xc6, 0x8e, 0x70, 0xd4, 0x58, 0xa8, 0x31, + 0xd8, 0xdb, 0xcf, 0x64, 0x4a, 0x5f, 0x1b, 0x89, + 0x22, 0x03, 0x3f, 0xab, 0xb5, 0x6d, 0x2a, 0x63, + 0x2f, 0x4e, 0x7a, 0xe1, 0x89, 0xb4, 0xf0, 0x9a, + 0xb7, 0xd3, 0xd6, 0x0a, 0x10, 0x67, 0x28, 0x25, + 0x6d, 0xda, 0x92, 0x99, 0x3f, 0x64, 0xa7, 0xea, + 0xe0, 0xdc, 0x7c, 0xe8, 0x41, 0xb0, 0xeb, 0x45, +}; + +void print_buffer(char* name, unsigned char* data, word32 len) +{ + word32 i; + + printf("unsigned char %s[] = {\n", name); + for (i = 0; i < len; i++) { + if ((i % 8) == 0) + printf(" "); + printf(" 0x%02x,", data[i]); + if ((i % 8) == 7) + printf("\n"); + } + if ((i % 8) != 0) + printf("\n"); + printf("};\n"); + +} + + +/* ASN.1 encoding of digest algorithm before hash */ +#define ENC_ALG_SZ 19 + +/* verify entry point. + * + * Verifies the signature with the message and RSA public key. + * Returns 0 on success and 1 otherwise. + */ +int verify() +{ + int ret = 0; + Sha256 sha256; + Sha256* pSha256 = NULL; + RsaKey rsaKey; + RsaKey* pRsaKey = NULL; + unsigned char decSig[sizeof(rsa_sig_2048)]; + word32 decSigLen = 0; + unsigned char encSig[ENC_ALG_SZ + WC_SHA256_DIGEST_SIZE] = { + 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, + 0x00, 0x04, 0x20, 0x00, + }; + +/* Variables for a benchmark*/ + double start, total_time; +#ifndef BENCH_TIME_SEC + #define BENCH_TIME_SEC 3 +#endif + int count; + +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + /* Calculate SHA-256 digest of message */ + if (ret == 0) + ret = wc_InitSha256(&sha256); + if (ret == 0) { + pSha256 = &sha256; + ret = wc_Sha256Update(&sha256, msg, sizeof(msg)); + } + if (ret == 0) + ret = wc_Sha256Final(&sha256, encSig + ENC_ALG_SZ); + + /* Initialize the RSA key and decode the DER encoded public key. */ + if (ret == 0) + ret = wc_InitRsaKey(&rsaKey, NULL); + if (ret == 0) { + pRsaKey = &rsaKey; + + ret = mp_read_unsigned_bin(&rsaKey.n, public_key_2048_n, + sizeof(public_key_2048_n)); + } + if (ret == 0) + ret = mp_set_int(&rsaKey.e, public_key_2048_e); +#ifdef BENCHMARK + count = 0; + printf("Running benchmark...\n"); + printf("Please Wait %.2f seconds\n", (double)BENCH_TIME_SEC); + start = current_time(0);// 1 0 + while( (double)BENCH_TIME_SEC > (total_time = current_time(0) - start ) ){ + if (ret != 0 ) printf("Invalid signature in benchmark\n"); +#endif + /* Verify the signature by decrypting the value. */ + if (ret == 0) { + decSigLen = wc_RsaSSL_Verify(rsa_sig_2048, sizeof(rsa_sig_2048), + decSig, sizeof(decSig), &rsaKey); + if ((int)decSigLen < 0) + ret = (int)decSigLen; + } + + /* Check the decrypted result matches the encoded digest. */ + if (ret == 0 && decSigLen != sizeof(encSig)) + ret = -1; + if (ret == 0 && XMEMCMP(encSig, decSig, decSigLen) != 0) + ret = -1; + +#ifdef BENCHMARK + count++; + } + + printf("Takes %1.2f Sec for %d times, %6.2f Cycles/sec\n", total_time, count, count/total_time); + printf("Finished Benchmark \n"); +#else + printf("Verified\n"); +#endif + + /* Free the data structures */ + if (pRsaKey != NULL) + wc_FreeRsaKey(pRsaKey); + if (pSha256 != NULL) + wc_Sha256Free(pSha256); + +#ifdef DEBUG_MEMORY + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret == 0 ? 0 : 1; +} + +int main() +{ +#ifdef BENCHMARK + printf("---------------------------------------------------------------\n"); +#if defined(SP_C64_FLAG) + printf("Enabled 64-bit SP \n"); +#elif defined(SP_C32_FLAG) + printf("Enabled 32-bit SP \n"); +#elif defined(SP_X86_64_FLAG) + printf("Enabled SP for x86_64\n"); +#elif defined(SP_ARM64_FLAG) + printf("Enabled SP for Arm64\n"); +#elif defined(TFM_FLAG) + printf("Enabled TFM \n"); +#endif + printf("---------------------------------------------------------------\n"); +#endif /* BENCHMARK */ + +#ifdef DEBUG_MEMORY + return StackSizeCheck(NULL, (thread_func)verify); +#else + + return verify(); +#endif +} diff --git a/embedded/signature/rsa_vfy_only_nonblock/Makefile b/embedded/signature/rsa_vfy_only_nonblock/Makefile new file mode 100644 index 000000000..fb8aace42 --- /dev/null +++ b/embedded/signature/rsa_vfy_only_nonblock/Makefile @@ -0,0 +1,59 @@ +# The path to the wolfssl directory must be set correctly for your environment. +WOLFROOT = ../../../../wolfssl + +CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os +ASFLAGS=-DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) + +OBJ = \ + $(WOLFROOT)/wolfcrypt/src/rsa.o\ + $(WOLFROOT)/wolfcrypt/src/sha256.o\ + $(WOLFROOT)/wolfcrypt/src/hash.o\ + $(WOLFROOT)/wolfcrypt/src/random.o\ + $(WOLFROOT)/wolfcrypt/src/asn.o\ + $(WOLFROOT)/wolfcrypt/src/wc_port.o\ + $(WOLFROOT)/wolfcrypt/src/coding.o\ + $(WOLFROOT)/wolfcrypt/src/memory.o\ + $(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\ + +OBJ_SP_C32 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c32.o\ + +OBJ_SP_C64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_c64.o\ + +OBJ_SP_ARM64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/sp_arm64.o\ + + +OBJ_SP_X86_64 := \ + $(WOLFROOT)/wolfcrypt/src/sp_int.o\ + $(WOLFROOT)/wolfcrypt/src/cpuid.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\ + $(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\ + +OBJ_TFM := \ + $(WOLFROOT)/wolfcrypt/src/wolfmath.o\ + $(WOLFROOT)/wolfcrypt/src/tfm.o\ + + +.PHONY: all clean size mem + + +CFLAGS += -DTFM_FLAG +OBJ += $(OBJ_TFM) + + +all: verify_nonblock mem + +verify_nonblock: clean $(OBJ) + $(CC) $(CFLAGS) -o verify_nonblock verify_nonblock.c $(OBJ) -lpthread + +mem: clean $(OBJ) + $(CC) $(CFLAGS) -DDEBUG_MEMORY -o verify_mem_nonblock verify_nonblock.c $(OBJ) -lpthread +clean: + rm -f verify_nonblock verify_mem_nonblock $(WOLFROOT)/wolfcrypt/src/*.o +size : + size $(OBJ) verify diff --git a/embedded/signature/rsa_vfy_only_nonblock/user_settings.h b/embedded/signature/rsa_vfy_only_nonblock/user_settings.h new file mode 100644 index 000000000..8180909c6 --- /dev/null +++ b/embedded/signature/rsa_vfy_only_nonblock/user_settings.h @@ -0,0 +1,86 @@ +#define WOLFCRYPT_ONLY +#define NO_SIG_WRAPPER +#define WOLFSSL_PUBLIC_MP + +/* hash */ +#define NO_MD4 +#define NO_MD5 +#define NO_SHA + +/* rsa */ +#define WC_NO_RSA_OAEP +#define WC_NO_RSA_PSS +#define WC_NO_HARDEN + +/* sp_int */ +#define NO_DH +#define NO_DSA +#define NO_DES3 +#define NO_AES + +/* asn */ +#define NO_ASN_TIME +#define IGNORE_NAME_CONSTRAINTS +#define WOLFSSL_NO_ASN_STRICT + + +#ifdef DEBUG_MEMORY + #define WOLFSSL_TRACK_MEMORY + #define HAVE_STACK_SIZE + // #define WOLFSSL_DEBUG_MEMORY + // #define WOLFSSL_DEBUG_MEMORY_PRINT +#endif + + +#ifdef SP_C32_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 32 + #undef USE_FAST_MATH +#endif /*SP_FLAG*/ + +#ifdef SP_C64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define SP_WORD_SIZE 64 + #define HAVE___UINT128_T + #undef USE_FAST_MATH + +#endif + +#ifdef SP_ARM64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_ARM64 + #define WOLFSSL_SP_ARM64_ASM +#endif /*SP_ARM64_FLAG*/ + + +#ifdef SP_X86_64_FLAG + #define WOLFSSL_HAVE_SP_RSA + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_X86_64 + #define WOLFSSL_SP_X86_64_ASM +#endif /*SP_X86_64_FLAG*/ + +#ifdef TFM_FLAG + #define USE_FAST_MATH + #undef WOLFSSL_HAVE_SP_RSA + #undef WOLFSSL_SP_ARM64 + #undef WOLFSSL_SP_ARM64_ASM + #undef WOLFSSL_SP_X86_64 + #undef WOLFSSL_SP_X86_64_ASM +#endif /* TFM_FLAG*/ + + +/* Non-blocking */ +#define NONBLOCK + +#if defined(NONBLOCK) + #define WC_RSA_NONBLOCK + #define TFM_TIMING_RESISTANT + #define WOLFSSL_SP_NONBLOCK + #define WOLFSSL_SP_SMALL + #define WOLFSSL_SP_NO_MALLOC + #undef BENCHMARK +#endif /* NONBLOCK */ diff --git a/embedded/signature/rsa_vfy_only_nonblock/verify_nonblock.c b/embedded/signature/rsa_vfy_only_nonblock/verify_nonblock.c new file mode 100644 index 000000000..b1b20e311 --- /dev/null +++ b/embedded/signature/rsa_vfy_only_nonblock/verify_nonblock.c @@ -0,0 +1,257 @@ +/* verify.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include +#include +#include +#include +#include + +/* RSA public key to verify with. */ +static const unsigned char public_key_2048_n[] = { + 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, + 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, + 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, + 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, + 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, + 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, + 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, + 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, + 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, + 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, + 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, + 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, + 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, + 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, + 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, + 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, + 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, + 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, + 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, + 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, + 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, + 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, + 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, + 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, + 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, + 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, +}; + +static const unsigned long public_key_2048_e = 0x010001; + +unsigned char msg[] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x6d, 0x65, 0x73, 0x73, + 0x61, 0x67, 0x65, +}; + +unsigned char rsa_sig_2048[] = { + 0x41, 0xeb, 0xf5, 0x5e, 0x97, 0x43, 0xf4, 0xd1, + 0xda, 0xb6, 0x5c, 0x75, 0x57, 0x2c, 0xe1, 0x01, + 0x07, 0xdc, 0x42, 0xc4, 0x2d, 0xe2, 0xb5, 0xc8, + 0x63, 0xe8, 0x45, 0x9a, 0x4a, 0xfa, 0xdf, 0x5e, + 0xa6, 0x08, 0x0a, 0x26, 0x2e, 0xca, 0x2c, 0x10, + 0x7a, 0x15, 0x8d, 0xc1, 0x55, 0xcc, 0x33, 0xdb, + 0xb2, 0xef, 0x8b, 0xa6, 0x4b, 0xef, 0xa1, 0xcf, + 0xd3, 0xe2, 0x5d, 0xac, 0x88, 0x86, 0x62, 0x67, + 0x8b, 0x8c, 0x45, 0x7f, 0x10, 0xad, 0xfa, 0x27, + 0x7a, 0x35, 0x5a, 0xf9, 0x09, 0x78, 0x83, 0xba, + 0x18, 0xcb, 0x3e, 0x8e, 0x08, 0xbe, 0x36, 0xde, + 0xac, 0xc1, 0x77, 0x44, 0xe8, 0x43, 0xdb, 0x52, + 0x23, 0x08, 0x36, 0x8f, 0x74, 0x4a, 0xbd, 0xa3, + 0x3f, 0xc1, 0xfb, 0xd6, 0x45, 0x25, 0x61, 0xe2, + 0x19, 0xcb, 0x0b, 0x28, 0xef, 0xca, 0x0a, 0x3b, + 0x7b, 0x3d, 0xe3, 0x47, 0x46, 0x07, 0x1a, 0x7f, + 0xff, 0x38, 0xfd, 0x59, 0x94, 0x0b, 0xeb, 0x00, + 0xab, 0xcc, 0x8c, 0x48, 0x7b, 0xd6, 0x87, 0xb8, + 0x54, 0xb0, 0x2a, 0x07, 0xcf, 0x44, 0x11, 0xd4, + 0xb6, 0x9a, 0x4e, 0x6d, 0x5c, 0x1a, 0xe3, 0xc7, + 0xf3, 0xc7, 0xcb, 0x8e, 0x82, 0x7d, 0xc8, 0x77, + 0xf0, 0xb6, 0xd0, 0x85, 0xcb, 0xdb, 0xd0, 0xb0, + 0xe0, 0xcf, 0xca, 0x3f, 0x17, 0x46, 0x84, 0xcb, + 0x5b, 0xfe, 0x51, 0x3a, 0xaa, 0x71, 0xad, 0xeb, + 0xf1, 0xed, 0x3f, 0xf8, 0xde, 0xb4, 0xa1, 0x26, + 0xdb, 0xc6, 0x8e, 0x70, 0xd4, 0x58, 0xa8, 0x31, + 0xd8, 0xdb, 0xcf, 0x64, 0x4a, 0x5f, 0x1b, 0x89, + 0x22, 0x03, 0x3f, 0xab, 0xb5, 0x6d, 0x2a, 0x63, + 0x2f, 0x4e, 0x7a, 0xe1, 0x89, 0xb4, 0xf0, 0x9a, + 0xb7, 0xd3, 0xd6, 0x0a, 0x10, 0x67, 0x28, 0x25, + 0x6d, 0xda, 0x92, 0x99, 0x3f, 0x64, 0xa7, 0xea, + 0xe0, 0xdc, 0x7c, 0xe8, 0x41, 0xb0, 0xeb, 0x45, +}; + +void print_buffer(char* name, unsigned char* data, word32 len) +{ + word32 i; + + printf("unsigned char %s[] = {\n", name); + for (i = 0; i < len; i++) { + if ((i % 8) == 0) + printf(" "); + printf(" 0x%02x,", data[i]); + if ((i % 8) == 7) + printf("\n"); + } + if ((i % 8) != 0) + printf("\n"); + printf("};\n"); + +} + + +/* ASN.1 encoding of digest algorithm before hash */ +#define ENC_ALG_SZ 19 + +/* verify entry point. + * + * Verifies the signature with the message and RSA public key. + * Returns 0 on success and 1 otherwise. + */ +int verify() +{ + int ret = 0; + Sha256 sha256; + Sha256* pSha256 = NULL; + RsaKey rsaKey; + RsaKey* pRsaKey = NULL; + unsigned char decSig[sizeof(rsa_sig_2048)]; + word32 decSigLen = 0; + unsigned char encSig[ENC_ALG_SZ + WC_SHA256_DIGEST_SIZE] = { + 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, + 0x00, 0x04, 0x20, 0x00, + }; + + /* Variables for non-blocking RSA */ + + RsaNb nb_ctx; + double total_blk_time; + double pre_returned_t; /* previous recent returned time */ + double returned_t; /* most recent returned time */ + double max_t = -1.0; /* Maximum blocking time */ + double min_t = __DBL_MAX__; /* Minimum blocking time */ + double blocking_t; /* current blocking time */ + int blk_count; + +#ifdef DEBUG_MEMORY + wolfCrypt_Init(); + InitMemoryTracker(); +#endif + /* Calculate SHA-256 digest of message */ + if (ret == 0) + ret = wc_InitSha256(&sha256); + if (ret == 0) { + pSha256 = &sha256; + ret = wc_Sha256Update(&sha256, msg, sizeof(msg)); + } + if (ret == 0) + ret = wc_Sha256Final(&sha256, encSig + ENC_ALG_SZ); + + /* Initialize the RSA key and decode the DER encoded public key. */ + if (ret == 0) + ret = wc_InitRsaKey(&rsaKey, NULL); + if (ret == 0) { + pRsaKey = &rsaKey; + + ret = mp_read_unsigned_bin(&rsaKey.n, public_key_2048_n, + sizeof(public_key_2048_n)); + } + if (ret == 0) + ret = mp_set_int(&rsaKey.e, public_key_2048_e); + + + /* Verify the signature by decrypting the value with non-blocking mode. */ + if (ret == 0){ + ret = wc_RsaSetNonBlock(&rsaKey, &nb_ctx); + if (ret != 0) + return ret; + + blk_count = 0; + total_blk_time = 0; + + pre_returned_t = current_time(1); + do { + + decSigLen = wc_RsaSSL_Verify(rsa_sig_2048, sizeof(rsa_sig_2048), + decSig, sizeof(decSig), &rsaKey); + + returned_t = current_time(0); + blocking_t = returned_t - pre_returned_t; + total_blk_time += blocking_t; + + if ( blocking_t > max_t ){ + max_t = blocking_t; + } + else if ( blocking_t < min_t ){ + min_t = blocking_t; + } + + pre_returned_t = returned_t; + blk_count++; + } while (decSigLen == FP_WOULDBLOCK); + } + if ((int)decSigLen < 0) + ret = (int)decSigLen; + + /* Check the decrypted result matches the encoded digest. */ + if (ret == 0 && decSigLen != sizeof(encSig)) + ret = -1; + if (ret == 0 && XMEMCMP(encSig, decSig, decSigLen) != 0) + ret = -1; + + + printf("Verified\n"); + + printf("Non-blocking:\n"); + printf(" Total time : %.2f micro sec, Bloking count: %d \n", + 1000 * 1000 * total_blk_time, blk_count); + printf(" Max: %2.2f micro sec, Average: %.2f micro sec\n",\ + max_t * 1000 * 1000, 1000 * 1000 * total_blk_time/blk_count ); + + /* Free the data structures */ + if (pRsaKey != NULL) + wc_FreeRsaKey(pRsaKey); + if (pSha256 != NULL) + wc_Sha256Free(pSha256); + +#ifdef DEBUG_MEMORY + ShowMemoryTracker(); + CleanupMemoryTracker(); + wolfCrypt_Cleanup(); +#endif + return ret == 0 ? 0 : 1; +} + +int main() +{ +#ifdef DEBUG_MEMORY + return StackSizeCheck(NULL, (thread_func)verify); +#else + return verify(); +#endif +} diff --git a/embedded/Makefile b/embedded/tls/Makefile similarity index 100% rename from embedded/Makefile rename to embedded/tls/Makefile diff --git a/embedded/README.md b/embedded/tls/README.md similarity index 100% rename from embedded/README.md rename to embedded/tls/README.md diff --git a/embedded/certs.h b/embedded/tls/certs.h similarity index 100% rename from embedded/certs.h rename to embedded/tls/certs.h diff --git a/embedded/sockets.h b/embedded/tls/sockets.h similarity index 100% rename from embedded/sockets.h rename to embedded/tls/sockets.h diff --git a/embedded/threading.h b/embedded/tls/threading.h similarity index 100% rename from embedded/threading.h rename to embedded/tls/threading.h diff --git a/embedded/tls-client-server.c b/embedded/tls/tls-client-server.c similarity index 100% rename from embedded/tls-client-server.c rename to embedded/tls/tls-client-server.c diff --git a/embedded/tls-info.h b/embedded/tls/tls-info.h similarity index 100% rename from embedded/tls-info.h rename to embedded/tls/tls-info.h diff --git a/embedded/tls-server-size.c b/embedded/tls/tls-server-size.c similarity index 100% rename from embedded/tls-server-size.c rename to embedded/tls/tls-server-size.c diff --git a/embedded/tls-sock-client-ca.c b/embedded/tls/tls-sock-client-ca.c similarity index 100% rename from embedded/tls-sock-client-ca.c rename to embedded/tls/tls-sock-client-ca.c diff --git a/embedded/tls-sock-client.c b/embedded/tls/tls-sock-client.c similarity index 100% rename from embedded/tls-sock-client.c rename to embedded/tls/tls-sock-client.c diff --git a/embedded/tls-sock-server-ca.c b/embedded/tls/tls-sock-server-ca.c similarity index 100% rename from embedded/tls-sock-server-ca.c rename to embedded/tls/tls-sock-server-ca.c diff --git a/embedded/tls-sock-server.c b/embedded/tls/tls-sock-server.c similarity index 100% rename from embedded/tls-sock-server.c rename to embedded/tls/tls-sock-server.c diff --git a/embedded/tls-sock-threaded.c b/embedded/tls/tls-sock-threaded.c similarity index 100% rename from embedded/tls-sock-threaded.c rename to embedded/tls/tls-sock-threaded.c diff --git a/embedded/tls-threaded.c b/embedded/tls/tls-threaded.c similarity index 100% rename from embedded/tls-threaded.c rename to embedded/tls/tls-threaded.c