You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by koutsion
Pages 1
Hello Daniele,
Thank you again for your quick and helpful suggestions!
I tried your suggestions on using the sp_32.c (instead of the assembly implementation) and I got about 2k reduction in my image size.
I am still on the limit of my application requirements. I will check what else I can do to fit everything in.
Thank you again for your valuable tips and support!
I will post again soon!
Kind Regards,
Nikos
Hello again,
I managed to increase the heap needed so the verification runs correctly!
Now I am trying to optimize for code size. Thank you again for your quick and detailed support!
Do you have any tips on further optimizing for code size?
Thank you again and have a nice weekend!
Kind Regards,
Nikos
P.S my latest configuration
#define HAVE_ECC
#define HAVE_ECC_VERIFY
#define ECC_USER_CURVES
#define NO_RSA
#define SINGLE_THREADED
#define NO_MD5
#define NO_OLD_TLS
#define WOLFSSL_NO_PEM
#define WC_NO_RNG
#define NO_ECC_SIGN
#define NO_DSA
#define NO_ASN_TIME
#define NO_PWDBASED
#define NO_ASN
#define NO_ECC_KEY_EXPORT
#define WOLFCRYPT_ONLY
#define WC_NO_HARDEN
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
#define NO_FILESYSTEM
#define WOLFSSL_SMALL_STACK
#include "stdlib.h"
#define XMALLOC_OVERRIDE
#define XMALLOC(n, h, t) malloc(n)
#define XREALLOC(p, n, h, t) realloc(p, n)
#define XFREE(p, h, t) free(p)
// SP_MATH_CONFIG
#define WOLFSSL_SP_MATH
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_SP_SMALL
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_ARM_THUMB_ASMHello Daniele,
Thank you very much for your detailed and fast response!
I was able to build with your recommendations by only using the ecc code.
The problem was this new implementation was using too much STACK. So i reverted to using also HEAP.
Added these into my configuration:
#define WOLFSSL_SMALL_STACK
#include "stdlib.h"
#define XMALLOC_OVERRIDE
#define XMALLOC(n, h, t) malloc(n)
#define XREALLOC(p, n, h, t) realloc(p, n)
#define XFREE(p, h, t) free(p)Removed
#define WOLFSSL_NO_MALLOC
#define WOLFSSL_ECC_NO_SMALL_STACK
#define NO_WOLFSSL_MEMORYMy new configuration is:
#define HAVE_ECC
#define HAVE_ECC_VERIFY
#define ECC_USER_CURVES
#define HAVE_ECC_KEY_IMPORT
#define NO_RSA
#define SINGLE_THREADED
#define NO_FILESYSTEM
#define NO_MD5
#define NO_OLD_TLS
#define WOLFSSL_NO_PEM
#define WC_NO_RNG
#define NO_ECC_SIGN
#define NO_DSA
#define NO_ASN_TIME
#define NO_PWDBASED
#define NO_SKID
#define NO_ASN
#define WOLFCRYPT_ONLY
#define WC_NO_HARDEN
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM7
#define NO_MAIN_DRIVER
#define NO_WRITEV
#if 1
#define WOLFSSL_SMALL_STACK
#include "stdlib.h"
#define XMALLOC_OVERRIDE
#define XMALLOC(n, h, t) malloc(n)
#define XREALLOC(p, n, h, t) realloc(p, n)
#define XFREE(p, h, t) free(p)
#else
#define WOLFSSL_NO_MALLOC
#define WOLFSSL_ECC_NO_SMALL_STACK
#define NO_WOLFSSL_MEMORY
#endif
// SP_MATH_CONFIG
#define WOLFSSL_SP_MATH
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_SP_SMALL
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_ARM_THUMB_ASM
//#define WOLFSSL_SP_ARM_CORTEX_M_ASM
//#define WOLFSSL_SP_NO_MALLOC
//#define WOLFSSL_SP_NO_DYN_STACKI have given about 2K of heap but the verify function returns -125 (out of memory error)
I will check if I can do some more optimizations so that I can be able to run this successfully.
I don't have much stack and/or heap in my usecase.
FYI what I am actually trying to do is checking if I can implement a secure bootloader with wolfssl.
Thank you again for your support.
I will come back with more information once I get it running.
Let me know if you have any additional information or configuration suggestions.
I only need to be able to verify. Do you know if there are things that I could remove and make this more light in terms of code size and stack/heap requirements?
Thank you again!
Kind Regards,
Nikos
Hello everyone,
I am trying to use the wolfcrypt functions in order to be able to verify a signature (along with public key and hash message). I am running my tests on a Cortex-m0 platform.
I am working with the following files:
signature.c
ecc.c
hash.c
sp_int.c
wolfmath.c
sha256.c
sha.c
asn.c
memory.c
integer.c
sp_cortexm.c
My configuration is the following:
#define HAVE_ECC
#define HAVE_ECC_VERIFY
#define ECC_USER_CURVES
#define HAVE_ECC_KEY_IMPORT
#define WOLFSSL_ECC_NO_SMALL_STACK
#define NO_RSA
#define SINGLE_THREADED
#define NO_FILESYSTEM
#define NO_MD5
#define NO_OLD_TLS
#define WOLFSSL_NO_PEM
#define WC_NO_RNG
#define NO_ECC_SIGN
#define NO_DSA
#define NO_ASN_TIME
#define NO_PWDBASED
#define NO_SKID
#define WOLFCRYPT_ONLY
#define NO_WOLFSSL_MEMORY
#define WOLFSSL_NO_MALLOC
#define WC_NO_HARDEN
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
#define NO_MAIN_DRIVER
#define NO_WRITEV
#define WOLFSSL_USER_IO
#define NO_SESSION_CACHE
#define WOLFSSL_SP_MATH
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_SP_ARM_CORTEX_M_ASM
The functions I am testing with are the:
int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz,
byte* out, word32* outlen);
int wc_ecc_import_unsigned(ecc_key* key, const byte* qx, const byte* qy,
const byte* d, int curve_id);
int wc_SignatureVerifyHash(
enum wc_HashType hash_type, enum wc_SignatureType sig_type,
const byte* hash_data, word32 hash_len,
const byte* sig, word32 sig_len,
const void* key, word32 key_len);So what I am trying to do is use the test vectors in the link below to test if my code works.
I am using the following vectors (https://www.ietf.org/rfc/rfc6979.txt A.2.5):
public key: U = xG
Ux = 60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6
Uy = 7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299
message = 'sample'
SHA256 hash_of_message : af2bdbe1aa9b6ec1e2ade1d694f41fc71a831d0268e9891562113d8a62add1bf
r = EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716
s = F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8
So a bit of code now:
uint8_t r[] = {0xEF, 0xD4, 0x8B, 0x2A, 0xAC, 0xB6, 0xA8, 0xFD,
0x11, 0x40, 0xDD, 0x9C, 0xD4, 0x5E, 0x81, 0xD6,
0x9D, 0x2C, 0x87, 0x7B, 0x56, 0xAA, 0xF9, 0x91,
0xC3, 0x4D, 0x0E, 0xA8, 0x4E, 0xAF, 0x37, 0x16,
};
uint8_t s[] = {0xF7, 0xCB, 0x1C, 0x94, 0x2D, 0x65, 0x7C, 0x41,
0xD4, 0x36, 0xC7, 0xA1, 0xB6, 0xE2, 0x9F, 0x65,
0xF3, 0xE9, 0x00, 0xDB, 0xB9, 0xAF, 0xF4, 0x06,
0x4D, 0xC4, 0xAB, 0x2F, 0x84, 0x3A, 0xCD, 0xA8};
uint8_t pubkeyX[] ={0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D, 0x31,
0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D, 0x68,
0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA, 0x6C,
0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F, 0xB6};
uint8_t pubkeyY[] = {0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC, 0x99,
0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC, 0x64,
0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F, 0x51,
0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22, 0x99};
const uint8_t msghash[] = {0xAF, 0x2B, 0xDB, 0xE1, 0xAA, 0x9B, 0x6E, 0xC1,
0xE2, 0xAD, 0xE1, 0xD6, 0x94, 0xF4, 0x1F, 0xC7,
0x1A, 0x83, 0x1D, 0x02, 0x68, 0xE9, 0x89, 0x15,
0x62, 0x11, 0x3D, 0x8A, 0x62, 0xAD, 0xD1, 0xBF};
uint8_t signature_wc[256] = {};
uint32_t signature_wc_size = 256;
ecc_key ecc_pubkey;
int eccret;
// RS raw to sig - Is this correct?
eccret = wc_ecc_rs_raw_to_sig(r, sizeof(r), s, sizeof(s), signature_wc, &signature_wc_size);
// Import the key buffer to the ecc_key structure format
eccret = wc_ecc_import_unsigned(&ecc_pubkey, pubkeyX, pubkeyY, NULL, ECC_SECP256R1);
// Verify
eccret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC, msghash, sizeof(msghash),
signature_wc, signature_wc_size, &ecc_pubkey, sizeof(ecc_pubkey));Verification function returns with -229 error (SIG_VERIFY_E).
I think that I am not doing something correctly with the signature or the key conversions.
Can someone provide some insights on this?
Thank you in advance,
Kind Regards,
Nikos
Pages 1
wolfSSL - Embedded SSL Library → Posts by koutsion
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.015 seconds (95% PHP - 5% DB) with 4 queries