Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add benchmarks and memory tracking feature to Signature Examples #467

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Add benchmarks and memory tracking feature to Signature Examples #467

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
d704cc4
Add benchmarks and memory tracking feature to Signature Examples.
Dec 6, 2022
e89c992
Moved files in the embedded directory to the embedded/tls directory
Dec 13, 2022
2b2dbe5
fix SP_C64/C32 option (#2)
kojo1 Dec 15, 2022
e7cb667
Fixed for sp_c64.c to be available.
Dec 16, 2022
e36d5e7
Modified Makefile and benchmark variables
Jan 19, 2023
a322264
Add Non-blocking mode (#3)
Gonsix Feb 24, 2023
b6328e5
add wc_encrypt.o as target
miyazakh Oct 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions embedded/signature/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
CC = gcc
#CC = clang
SRCROOT = .
ECCSRCDIRS := $(shell ls -d $(SRCROOT)/ecc_*)
RSASRCDIRS := $(shell ls -d $(SRCROOT)/rsa_*)

all: ecc rsa

ecc:
@for d in $(ECCSRCDIRS); do echo $$d ; $(MAKE) -C $$d CC=$(CC) ; done

rsa:
@for d in $(RSASRCDIRS); do echo $$d ; $(MAKE) -C $$d CC=$(CC) ; done

clean: FORCE
@for d in $(ECCSRCDIRS); do echo $$d ; $(MAKE) -C $$d clean; done
@for d in $(RSASRCDIRS); do echo $$d ; $(MAKE) -C $$d clean; done

FORCE:
.PHONY: FORCE
92 changes: 92 additions & 0 deletions embedded/signature/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
# Signature Examples for Embedded Systems
This directory includes the following examples under the sub-directories.Each has a Makefile and source files to build and execute the example and a README to show how to build and Example output.
|Scheme|Directory|Description|
|---|---|---|
|RSA|rsa_sign_verify|sign/verify signature inline |
||rsa_vfy_only |verify signature|
||rsa_vfy_only_nonblock|verify signature with non-blocking|
|ECDSA|ecc_sign_verify|sign msg and verify signature|
||ecc_vfy_only|verify Signature|
||ecc_vfy_only_nonblock|verify signature with non-blocking|


You can specify a target function of Simple example, Benchemark or Memory track program.It also has options for optimized code for MCU architectures such as Intel x86, ARM64 or a generic code by default, as well as Math library of Single Precision or TFM.

```
$ make <Function> math=<Mathlib> arch=<MCU>
```
## Functions

|Function name|Description|
|---|---|
|Default|Simple Execution|
|mem|Memory Track on heap and stack usage|
|bench|Performance benchmark|

## Math library
|math|Description|
|---|---|
|Default|Generic architecture by pure C language source code|
|sp| SP for generic or specified archtecture|
|tfm|TFM for generic architecture|
## MCU Architectures
NOTE: No architecture specification is required when using TFM.
|arch|Description|
|---|---|
|Default|Generic architecture by pure C language source code|
|c32| SP using 32-bit data type |
|c64| SP using 64-bit data type (default) |
|arm64|SP for ARM64 |
|x64|SP for x86 64bit|


The Makefile is self-contained without libwolfssl. Put your wolfSSL source filesin parallel with wolfssl-examples directory. It is defined by WOLFROOT in Makefile.It compiles only needed files for the target. OBJ and OBJ_xxx macro in Makefiledefine object files for the common and specific target.
Example programs are hard coded for a hash algorithm or signature scheme.Sha256 is for the hash by default. PKCS #1 v1.5 or ECDSA for the signature scheme.You can refer to the following API tables for modifying the examples for other algorithms or schemes.
## Table 1: Hash algorithms for PKCS#1 Signature
|Algorithm|Src File|Macro SW<br>Enable|<br>Disable|Note|
|---|---|---|---|---|
|MD2|md2.c|WOLFSSL_MD2||Only for v1.5 Backward compatibility|
|MD5|md5.c||NO_MD5|Only for v1.5 Backward compatibility|
|SHA1|sha.c||NO_SHA|||SHA256|sha256.c||NO_SHA256|
||SHA384|sha512.c|WOLFSSL_SHA384||Disabled by default|
|SHA512|sha512.c|WOLFSSL_SHA512||Disabled by default|


## Table 2: Hash Algorithm APIs
|Algorithm|<br>Init|API<br>Update|<br>Final|
|---|---|---|---|
|MD2|wc_InitMd2|wc_Md2Update|wc_Md2Final|
|MD5|wc_InitMd5|wc_Md5Update|wc_Md5Final|
|SHA1|wc_InitSha|wc_ShaUpdate|wc_ShaFinal|
|SHA256|wc_InitSha256|wc_Sha256Update|wc_Sha256Final|
|SHA384|wc_initSha384|wc_Sha384Update|wc_Sha384Final|
|SHA512|wc_InitSha512|wc_Sha512Update|wc_Sha512Final|

## Table 3: RSA Signature APIs
|Padding|API|Description|
|---|---|---|
|PKCS #1 v1.5|wc_RsaSSL_Verify|Decrypt input signature to verify|
||wc_RsaSSL_VerifyInline|The output uses the same byte array as the input|
|PSS|wc_RsaPSS_Verify|Decrypt input signature to verify with PSS|
| |wc_RsaPSS_VerifyCheck|Verify the message signed|
| |wc_RsaPSS_VerifyCheck_ex|with Salt length argument|
| |wc_RsaPSS_VerifyInline|The output uses the same byte array as the input|
| |wc_RsaPSS_VerifyCheckInline|Verify the message signed|
| |wc_RsaPSS_VerifyCheckPadding|Checks the PSS data to ensure that the signature matches|
| |wc_RsaPSS_VerifyCheckPadding_ex|with Salt length argument|


## Table 4: ECC Signature APIs
|Algorithm|API|Hash|
|---|---|---|
|ECDSA|wc_ecc_sign_hash|SHA512|
|Ed25519|wc_ed25519_sign_hash|SHA512|
|Ed488|wc_ed488_sign_hash|SHAKE256|
77 changes: 77 additions & 0 deletions embedded/signature/ecc_sign_verify/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# The path to the wolfssl directory must be set correctly for your environment.
WOLFROOT = ../../../../wolfssl

CFLAGS = $(EX_CFLAGS) -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT) -Os
ASFLAGS = -DWOLFSSL_USER_SETTINGS -I. -I$(WOLFROOT)

OBJ=\
$(WOLFROOT)/wolfcrypt/src/ecc.o\
$(WOLFROOT)/wolfcrypt/src/sha256.o\
$(WOLFROOT)/wolfcrypt/src/hash.o\
$(WOLFROOT)/wolfcrypt/src/random.o\
$(WOLFROOT)/wolfcrypt/src/asn.o\
$(WOLFROOT)/wolfcrypt/src/wc_port.o\
$(WOLFROOT)/wolfcrypt/src/coding.o\
$(WOLFROOT)/wolfcrypt/src/memory.o\
$(WOLFROOT)/wolfcrypt/src/wolfmath.o\
$(WOLFROOT)/wolfcrypt/src/wc_encrypt.o\

OBJ_SP_C32 := \
$(WOLFROOT)/wolfcrypt/src/sp_int.o\
$(WOLFROOT)/wolfcrypt/src/sp_c32.o\

OBJ_SP_C64 := \
$(WOLFROOT)/wolfcrypt/src/sp_int.o\
$(WOLFROOT)/wolfcrypt/src/sp_c64.o\

OBJ_SP_ARM64 := \
$(WOLFROOT)/wolfcrypt/src/sp_int.o\
$(WOLFROOT)/wolfcrypt/src/sp_arm64.o\

OBJ_SP_X86_64 := \
$(WOLFROOT)/wolfcrypt/src/sp_int.o\
$(WOLFROOT)/wolfcrypt/src/cpuid.o\
$(WOLFROOT)/wolfcrypt/src/sp_x86_64.o\
$(WOLFROOT)/wolfcrypt/src/sp_x86_64_asm.o\

OBJ_TFM := \
$(WOLFROOT)/wolfcrypt/src/tfm.o\

.PHONY: all clean mem size bench

ifeq ($(math) $(arch),sp x64)
ASFLAGS+= -DSP_X86_64_FLAG
CFLAGS += -DSP_X86_64_FLAG
OBJ += $(OBJ_SP_X86_64)
else ifeq ($(math) $(arch),sp arm64)
CFLAGS += -DSP_ARM64_FLAG
OBJ += $(OBJ_SP_ARM64)
else ifeq ($(math) $(arch),sp c64)
CFLAGS += -DSP_C64_FLAG
OBJ += $(OBJ_SP_C64)
else ifeq ($(math) $(arch),sp c32)
CFLAGS += -DSP_C32_FLAG
OBJ += $(OBJ_SP_C32)
else ifeq ($(math), tfm)
CFLAGS += -DTFM_FLAG
OBJ += $(OBJ_TFM)
else
CFLAGS += -DSP_C64_FLAG
OBJ += $(OBJ_SP_C64)
endif

all : ecc_sign_verify bench mem

ecc_sign_verify: clean $(OBJ)
$(CC) $(CFLAGS) -o ecc_sign_verify ecc_sign_verify.c $(OBJ)

bench: clean $(OBJ)
$(CC) $(CFLAGS) -DBENCHMARK -o ecc_sign_verify_bench ecc_sign_verify.c $(OBJ) -lpthread

mem: clean $(OBJ)
$(CC) $(CFLAGS) -DDEBUG_MEMORY -o ecc_sign_verify_mem ecc_sign_verify.c $(OBJ) -lpthread
clean:
rm -f ecc_sign_verify ecc_sign_verify_bench ecc_sign_verify_mem $(WOLFROOT)/wolfcrypt/src/*.o

size :
size $(OBJ) ecc_sign_verify
133 changes: 133 additions & 0 deletions embedded/signature/ecc_sign_verify/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
# Signature Test Example

Demonstrates using a hash digest to sign and verify a signature using ECC

First, set the path to wolfssl directory to variable WOLFROOT in the Makefile.
## Building

### Build example

```
make
```

## Usage

```
./ecc_sign_verify
Key size is 112, byteField = 14, maxSigSz = 44
Successfully verified signature w/ ecc key size 112!
Key size is 128, byteField = 16, maxSigSz = 48
Successfully verified signature w/ ecc key size 128!
Key size is 160, byteField = 20, maxSigSz = 56
Successfully verified signature w/ ecc key size 160!
Key size is 192, byteField = 24, maxSigSz = 64
Successfully verified signature w/ ecc key size 192!
Key size is 224, byteField = 28, maxSigSz = 72
Successfully verified signature w/ ecc key size 224!
Key size is 239, byteField = 36, maxSigSz = 88
Successfully verified signature w/ ecc key size 239!
Key size is 256, byteField = 32, maxSigSz = 80
Successfully verified signature w/ ecc key size 256!
Key size is 320, byteField = 40, maxSigSz = 96
Successfully verified signature w/ ecc key size 320!
Key size is 384, byteField = 48, maxSigSz = 112
Successfully verified signature w/ ecc key size 384!
Key size is 512, byteField = 64, maxSigSz = 144
Successfully verified signature w/ ecc key size 512!
Key size is 521, byteField = 66, maxSigSz = 148
Successfully verified signature w/ ecc key size 521!
```

NOTE: Also an option to dump out the signatures. For more verbose output
uncomment define in example "SHOW_SIGS_IN_EXAMPLE"



# Signature verification Benchmark

You can generate benchmark program to compare the speed of signature verification between TFM and SP
### SP
Faster math library

If you build for x86_64 system:
```
make bench math=sp arch=x64
```
else if Aarch64 system:
```
make bench math=sp arch=arm64
```
then a benchmark program is generated.
### TFM

```
make bench math=tfm
```
NOTE: When using TFM, No Architecture specification is required.

## Example Output
- built with the option `math=sp arch=arm64`
```
./ecc_sign_verify_bench
---------------------------------------------------------------
Enabled WOLFSSL_SP_ARM64
---------------------------------------------------------------
Running ECC Sign Verify Benchmarks...
ECC Key Size 112 1275.78 Cycles/sec
ECC Key Size 128 1351.68 Cycles/sec
ECC Key Size 160 1368.65 Cycles/sec
ECC Key Size 192 1382.20 Cycles/sec
ECC Key Size 224 1385.06 Cycles/sec
ECC Key Size 239 1401.38 Cycles/sec
ECC Key Size 256 12830.67 Cycles/sec
ECC Key Size 320 626.52 Cycles/sec
ECC Key Size 384 634.85 Cycles/sec
ECC Key Size 512 279.71 Cycles/sec
ECC Key Size 521 279.15 Cycles/sec
```

# Tracking memory
To see a stack and heap memory usage.

```
make mem
```
## Example Output
```
./ecc_sign_verify_mem
Key size is 112, byteField = 14
Successfully verified signature w/ ecc key size 112!
Key size is 128, byteField = 16
Successfully verified signature w/ ecc key size 128!
Key size is 160, byteField = 20
Successfully verified signature w/ ecc key size 160!
Key size is 192, byteField = 24
Successfully verified signature w/ ecc key size 192!
Key size is 224, byteField = 28
Successfully verified signature w/ ecc key size 224!
Key size is 239, byteField = 30
Successfully verified signature w/ ecc key size 239!
Key size is 256, byteField = 32
Successfully verified signature w/ ecc key size 256!
Key size is 320, byteField = 40
Successfully verified signature w/ ecc key size 320!
Key size is 384, byteField = 48
Successfully verified signature w/ ecc key size 384!
Key size is 512, byteField = 64
Successfully verified signature w/ ecc key size 512!
Key size is 521, byteField = 66
Successfully verified signature w/ ecc key size 521!

total Allocs = 422
total Deallocs = 422
total Bytes = 195047
peak Bytes = 5557
current Bytes = 0
stack used = 14448
```


Best wishes in all your testing!

- The wolfSSL Team
Loading