Fixed sign/verify inconsistencies.

.clang-format

@@ -0,0 +1,136 @@
+---
+Language:        Cpp
+AccessModifierOffset: -4
+AlignAfterOpenBracket: Align
+AlignConsecutiveMacros: true
+AlignConsecutiveAssignments: true
+AlignConsecutiveDeclarations: true
+AlignEscapedNewlines: Left
+AlignOperands:   true
+AlignTrailingComments: true
+AllowAllArgumentsOnNextLine: true
+AllowAllConstructorInitializersOnNextLine: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: Never
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: None
+AllowShortLambdasOnASingleLine: All
+AllowShortIfStatementsOnASingleLine: Never
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterDefinitionReturnType: TopLevel
+AlwaysBreakAfterReturnType: TopLevelDefinitions
+AlwaysBreakBeforeMultilineStrings: true
+AlwaysBreakTemplateDeclarations: Yes
+BinPackArguments: false
+BinPackParameters: false
+BraceWrapping:
+  AfterCaseLabel:  false
+  AfterClass:      true
+  AfterControlStatement: true
+  AfterEnum:       true
+  AfterFunction:   true
+  AfterNamespace:  false
+  AfterObjCDeclaration: true
+  AfterStruct:     true
+  AfterUnion:      true
+  AfterExternBlock: true
+  BeforeCatch:     true
+  BeforeElse:      true
+  IndentBraces:    false
+  SplitEmptyFunction: true
+  SplitEmptyRecord: true
+  SplitEmptyNamespace: true
+BreakBeforeBinaryOperators: All
+BreakBeforeBraces: Custom
+BreakBeforeInheritanceComma: false
+BreakInheritanceList: BeforeComma
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializersBeforeComma: false
+BreakConstructorInitializers: BeforeComma
+BreakAfterJavaFieldAnnotations: true
+BreakStringLiterals: true
+ColumnLimit:     80
+CommentPragmas:  '^ IWYU pragma:'
+CompactNamespaces: false
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
+Cpp11BracedListStyle: false
+DeriveLineEnding: true
+DerivePointerAlignment: false
+DisableFormat:   false
+ExperimentalAutoDetectBinPacking: false
+FixNamespaceComments: false
+ForEachMacros:
+  - foreach
+  - Q_FOREACH
+  - BOOST_FOREACH
+IncludeBlocks:   Preserve
+IncludeCategories:
+  - Regex:           '^"(llvm|llvm-c|clang|clang-c)/'
+    Priority:        2
+    SortPriority:    0
+  - Regex:           '^(<|"(gtest|gmock|isl|json)/)'
+    Priority:        3
+    SortPriority:    0
+  - Regex:           '.*'
+    Priority:        1
+    SortPriority:    0
+IncludeIsMainRegex: '(Test)?$'
+IncludeIsMainSourceRegex: ''
+IndentCaseLabels: true
+IndentGotoLabels: true
+IndentPPDirectives: None
+IndentWidth:     4
+IndentWrappedFunctionNames: false
+JavaScriptQuotes: Leave
+JavaScriptWrapImports: true
+KeepEmptyLinesAtTheStartOfBlocks: true
+MacroBlockBegin: ''
+MacroBlockEnd:   ''
+MaxEmptyLinesToKeep: 1
+NamespaceIndentation: None
+ObjCBinPackProtocolList: Auto
+ObjCBlockIndentWidth: 4
+ObjCSpaceAfterProperty: true
+ObjCSpaceBeforeProtocolList: false
+PenaltyBreakAssignment: 2
+PenaltyBreakBeforeFirstCallParameter: 19
+PenaltyBreakComment: 300
+PenaltyBreakFirstLessLess: 120
+PenaltyBreakString: 1000
+PenaltyBreakTemplateDeclaration: 10
+PenaltyExcessCharacter: 1000000
+PenaltyReturnTypeOnItsOwnLine: 200
+PointerAlignment: Right
+ReflowComments:  true
+SortIncludes:    false
+SortUsingDeclarations: false
+SpaceAfterCStyleCast: false
+SpaceAfterLogicalNot: false
+SpaceAfterTemplateKeyword: false
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeCpp11BracedList: true
+SpaceBeforeCtorInitializerColon: true
+SpaceBeforeInheritanceColon: true
+SpaceBeforeParens: ControlStatements
+SpaceBeforeRangeBasedForLoopColon: true
+SpaceInEmptyBlock: false
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 1
+SpacesInAngles:  false
+SpacesInConditionalStatement: false
+SpacesInContainerLiterals: false
+SpacesInCStyleCastParentheses: false
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+SpaceBeforeSquareBrackets: false
+Standard:        Latest
+StatementMacros:
+  - Q_UNUSED
+  - QT_REQUIRE_VERSION
+TabWidth:        8
+UseCRLF:         false
+UseTab:          Never
+...
+

examples/selfhosted/main.c

@@ -612,7 +612,7 @@ wrap_variation_001(void *ex, uint32_t n, uint32_t i, wres_t *res)
 {
     ee_bench_result_t bres;
     n = 0; /* unused */
-    ee_bench_var01(0, &bres);
+    ee_bench_var01(i, &bres);
     res->iter = bres.iter;
     res->dt   = bres.dt;
     /**
@@ -670,8 +670,8 @@ static task_entry_t g_task[] =
     TASK(aes128_ccm_encrypt   ,   52,  1.0f, 0xd82d)
     TASK(aes128_ccm_decrypt   ,  168,  1.0f, 0x9a42)
     TASK(ecdh_p256r1          ,    0,  1.0f, 0)
-    TASK(ecdsa_sign_p256r1    ,   32,  1.0f, 0)
-    TASK(ecdsa_verify_p256r1  ,   32,  1.0f, 1)
+    TASK(ecdsa_sign_p256r1    ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_p256r1  ,    0,  1.0f, 1)
     TASK(sha256               ,   23,  3.0f, 0x2151)
     TASK(sha256               ,   57,  1.0f, 0x3b3c)
     TASK(sha256               ,  384,  1.0f, 0x1d3f)
@@ -687,8 +687,8 @@ static task_entry_t g_task[] =
     TASKEX(sha256             ,        1.0f, 0x5c37, &g_sha_digest_l)
     TASKEX(chachapoly_encrypt ,        1.0f, 0xb645, &g_aead_e_multi_l)
     TASKEX(chachapoly_decrypt ,        1.0f, 0x7b1a, &g_aead_d_multi_l)
-    TASK(ecdsa_sign_ed25519   ,  130,  1.0f, 0)
-    TASK(ecdsa_verify_ed25519 ,   64,  2.0f, 1)
+    TASK(ecdsa_sign_ed25519   ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_ed25519 ,    0,  2.0f, 1)
     TASK(ecdh_x25519          ,    0,  1.0f, 0)
     TASK(nop                  ,    0,  0.0f, 0) /* sic. DSA SHA placeholder */
     /*     Secure Boot, RSA */
@@ -707,8 +707,8 @@ static task_entry_t g_task[] =
     TASKEX(sha256             ,        3.0f, 0xa23c, &g_sha_digest_m)
     TASKEX(aes128_ccm_encrypt ,        1.0f, 0xb9d9, &g_aead_e_multi_m)
     TASKEX(aes128_ccm_decrypt ,        1.0f, 0x7b96, &g_aead_d_multi_m)
-    TASK(ecdsa_sign_p256r1    ,   32,  1.0f, 0)
-    TASK(ecdsa_verify_p256r1  ,   32,  2.0f, 1)
+    TASK(ecdsa_sign_p256r1    ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_p256r1  ,    0,  2.0f, 1)
     TASK(ecdh_p256r1          ,    0,  1.0f, 0)
     TASK(sha256               ,  152,  8.0f, 0xd3ea)
     /*     TLS1.3/GCM */
@@ -718,18 +718,18 @@ static task_entry_t g_task[] =
     TASKEX(sha256             ,        1.0f, 0xa23c, &g_sha_digest_m)
     TASKEX(aes128_gcm_encrypt ,        1.0f, 0x954b, &g_aead_e_multi_m)
     TASKEX(aes128_gcm_decrypt ,        1.0f, 0x7b96, &g_aead_d_multi_m)
-    TASK(ecdsa_sign_p256r1    ,   32,  1.0f, 0)
-    TASK(ecdsa_verify_p256r1  ,   32,  2.0f, 1)
+    TASK(ecdsa_sign_p256r1    ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_p256r1  ,    0,  2.0f, 1)
     TASK(ecdh_p256r1          ,    0,  1.0f, 0)
     TASK(sha256               ,  152,  8.0f, 0xd3ea)
     /*     Secure Boot, RSA */
     TASK(nop                  ,    0,  0.0f, 0) /* math placeholder */
     TASK(sha256               , 2048, 20.0f, 0x39ec)
-    TASK(rsa_verify_2048      ,   32,  1.0f, 1)
+    TASK(rsa_verify_2048      ,    0,  1.0f, 1)
     /*     Secure Boot, ECC */
     TASK(nop                  ,    0,  0.0f, 0) /* math placeholder */
     TASK(sha256               , 2048, 20.0f, 0x39ec)
-    TASK(ecdsa_verify_p256r1  ,   32,  1.0f, 1)
+    TASK(ecdsa_verify_p256r1  ,    0,  1.0f, 1)
     /*   High */
     /*     TLS1.3/CCM */
     TASK(sha384               ,  182, 10.0f, 0x4505)
@@ -738,8 +738,8 @@ static task_entry_t g_task[] =
     TASKEX(sha384             ,        1.0f, 0xa6b6, &g_sha_digest_h)
     TASKEX(aes256_ccm_encrypt ,        1.0f, 0xf16d, &g_aead_e_multi_h)
     TASKEX(aes256_ccm_decrypt ,        1.0f, 0x56f1, &g_aead_d_multi_h)
-    TASK(ecdsa_sign_p384r1    ,   48,  1.0f, 0)
-    TASK(ecdsa_verify_p384r1  ,   48,  2.0f, 1)
+    TASK(ecdsa_sign_p384r1    ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_p384r1  ,    0,  2.0f, 1)
     TASK(ecdh_p384r1          ,    0,  1.0f, 0)
     TASK(sha384               ,  173,  1.0f, 0x7bf9)
     /*     TLS1.3/GCM */
@@ -749,18 +749,18 @@ static task_entry_t g_task[] =
     TASKEX(sha384             ,        1.0f, 0xa6b6, &g_sha_digest_h)
     TASKEX(aes256_gcm_encrypt ,        1.0f, 0x9f97, &g_aead_e_multi_h)
     TASKEX(aes256_gcm_decrypt ,        1.0f, 0x56f1, &g_aead_d_multi_h)
-    TASK(ecdsa_sign_p384r1    ,   48,  1.0f, 0)
-    TASK(ecdsa_verify_p384r1  ,   48,  2.0f, 1)
+    TASK(ecdsa_sign_p384r1    ,    0,  1.0f, 0)
+    TASK(ecdsa_verify_p384r1  ,    0,  2.0f, 1)
     TASK(ecdh_p384r1          ,    0,  1.0f, 0)
     TASK(sha384               ,  173,  1.0f, 0x7bf9)
     /*     Secure Boot, RSA */
     TASK(aes256_ctr_decrypt   , 2048, 20.0f, 0xd203)
     TASK(sha384               , 2048, 20.0f, 0xff90)
-    TASK(rsa_verify_4096      ,   32,  1.0f, 1)
+    TASK(rsa_verify_4096      ,    0,  1.0f, 1)
     /*     Secure Boot, ECC */
     TASK(aes256_ctr_decrypt   , 2048, 20.0f, 0xd203)
     TASK(sha384               , 2048, 20.0f, 0xff90)
-    TASK(ecdsa_verify_p384r1  ,   32,  1.0f, 1)
+    TASK(ecdsa_verify_p384r1  ,    0,  1.0f, 1)
 };
 static const size_t g_numtasks = sizeof(g_task) / sizeof(task_entry_t);
 /* This is how we scale the final score for each group*/
@@ -771,18 +771,18 @@ static struct scalar_tuples
     unsigned int scalar;
     float        score;
 } g_scalars[] = {
-    { "TLSv1.2",                  14, 1000, 0.0f },
-    { "TLSv1.3_Light",           10,   10, 0.0f },
-    { "Boot_Light",        3,    1, 0.0f },
-    { "",                          3,    0, 0.0f },
-    { "TLSv1.3_Med_CCM",       10,   10, 0.0f },
-    { "TLSv1.3_Med_GCM",       10,   10, 0.0f },
+    { "TLSv1.2",           14, 1000, 0.0f },
+    { "TLSv1.3_Light",     10,   10, 0.0f },
+    { "Boot_Light",         3,    1, 0.0f },
+    { "",                   3,    0, 0.0f },
+    { "TLSv1.3_Med_CCM",   10,   10, 0.0f },
+    { "TLSv1.3_Med_GCM",   10,   10, 0.0f },
     { "Boot_Med_RSA",       3,    1, 0.0f },
-    { "Boot_Med_ECC",      3,    1, 0.0f },
+    { "Boot_Med_ECC",       3,    1, 0.0f },
     { "TLSv1.3_Heavy_CCM", 10,   10, 0.0f },
-    { "TLSv1.3_Heavy_GCM",      10,   10, 0.0f },
-    { "Boot_Heavy_RSA",   3,    1, 0.0f },
-    { "Boot_Heavy_ECC",   3,    1, 0.0f },
+    { "TLSv1.3_Heavy_GCM", 10,   10, 0.0f },
+    { "Boot_Heavy_RSA",     3,    1, 0.0f },
+    { "Boot_Heavy_ECC",     3,    1, 0.0f },
     { NULL, 0, 0, 0.0f } /* Done */
 };
 // clang-format on
@@ -877,10 +877,10 @@ main(void)
                     g_task[i].expected_crc,
                     g_task[i].actual_crc);
             }
-#if DEBUG_VERIFY == 0 && CRC_ONLY == 0
             printf("\n");
-#endif
+#if DEBUG_VERIFY == 0
         }
+#endif
     }
 #if DEBUG_VERIFY == 0 && CRC_ONLY == 0
     printf("\nComputing suite scores...\n\n");

examples/selfhosted/profile/wolfssl_th_api/th_ecdsa.c

@@ -15,6 +15,7 @@
 #include <wolfssl/wolfcrypt/ecc.h>
 #include <wolfssl/wolfcrypt/ed25519.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/signature.h>
 
 /* can be set for static memory use */
 #define HEAP_HINT NULL
@@ -92,8 +93,8 @@ th_ecdsa_create(void **pp_context, ee_ecc_group_t group)
 
 ee_status_t
 th_ecdsa_sign(void     *p_context,
-              uint8_t  *p_msg,
-              uint32_t  msglen,
+              uint8_t  *p_hash,
+              uint32_t  hashlen,
               uint8_t  *p_sig,
               uint32_t *p_siglen)
 {
@@ -104,12 +105,19 @@ th_ecdsa_sign(void     *p_context,
     {
         case ECC_SECP256R1:
         case ECC_SECP384R1:
-            CHK1(wc_ecc_sign_hash(
-                p_msg, msglen, p_sig, p_siglen, &(c->rng), &(c->key.ecc)));
+            CHK1(wc_SignatureGenerateHash(WC_HASH_TYPE_SHA256,
+                                          WC_SIGNATURE_TYPE_ECC,
+                                          p_hash,
+                                          hashlen,
+                                          p_sig,
+                                          p_siglen,
+                                          &(c->key.ecc),
+                                          sizeof(ecc_key),
+                                          &(c->rng)));
             break;
         case ECC_X25519:
             CHK1(wc_ed25519_sign_msg(
-                p_msg, msglen, p_sig, p_siglen, &(c->key.ed25519)));
+                p_hash, hashlen, p_sig, p_siglen, &(c->key.ed25519)));
             break;
         default:
             th_printf("e-[th_ecdsa_sign: invalid curve %d]\r\n", c->curve);
@@ -123,8 +131,8 @@ th_ecdsa_sign(void     *p_context,
 
 ee_status_t
 th_ecdsa_verify(void    *p_context,
-                uint8_t *p_msg,
-                uint32_t msglen,
+                uint8_t *p_hash,
+                uint32_t hashlen,
                 uint8_t *p_sig,
                 uint32_t siglen,
                 bool    *p_pass)
@@ -138,12 +146,27 @@ th_ecdsa_verify(void    *p_context,
     {
         case ECC_SECP256R1:
         case ECC_SECP384R1:
-            CHK1(wc_ecc_verify_hash(
-                p_sig, siglen, p_msg, msglen, &verify, &(c->key.ecc)));
+            ret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256,
+                                         WC_SIGNATURE_TYPE_ECC,
+                                         p_hash,
+                                         hashlen,
+                                         p_sig,
+                                         siglen,
+                                         &(c->key.ecc),
+                                         sizeof(ecc_key));
+            if (ret != 0 && ret != SIG_VERIFY_E)
+            {
+                th_printf("e-[wc_SignatureVerifyHash: %d]\r\n", ret);
+                return EE_STATUS_ERROR;
+            }
+            if (ret == 0)
+            {
+                verify = 1;
+            }
             break;
         case ECC_X25519:
             ret = wc_ed25519_verify_msg(
-                p_sig, siglen, p_msg, msglen, &verify, &(c->key.ed25519));
+                p_sig, siglen, p_hash, hashlen, &verify, &(c->key.ed25519));
             if (ret != 0 && ret != SIG_VERIFY_E)
             {
                 th_printf("e-[wc_ed25519_verify_msg: %d]\r\n", ret);
@@ -156,9 +179,6 @@ th_ecdsa_verify(void    *p_context,
     }
     *p_pass = verify == 1;
     return EE_STATUS_OK;
-error:
-    th_printf("e-[th_ecdsa_verify: error: %d]\r\n", ret);
-    return EE_STATUS_ERROR;
 }
 
 ee_status_t