[Bug]: benchmark crash on ECDSA SECP521R1 at sign and verify #9492
Description
Contact Details
Version
v5.8.4-stable
Description
SECP521R1 curve size is 66 bytes.
sing and verify steps use wc_ecc_sign_hash function where inlen argument assigned to (word32)keySize.
keySize = wc_ecc_get_curve_size_from_id(curveId); <- 66
This is not correct, because SHA-512 is used for P-521, and the correct value is 64.
Error:
ECC [ SECP521R1] 528 key gen 2000 ops took 1.044 sec, avg 0.522 ms, 1915.969 ops/sec, 3031364765 cycles 1515682.4 Cycles/op
ECDHE [ SECP521R1] 528 agree 2000 ops took 1.048 sec, avg 0.524 ms, 1908.751 ops/sec, 3042826874 cycles 1521413.4 Cycles/op
ECDSA [ SECP521R1] 528 sign 0 ops took 0.000 sec, avg 0.000 ms, 0.000 ops/sec, 4768 cycles 0.0 Cycles/op
Benchmark ECDSA [ SECP521R1] sign 528 failed: -279
Solution to fix:
diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c
index fbce752e..03745439 100644
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@@ -12196,6 +12196,7 @@ exit_ecdhe:
}
/* ECC Sign */
+ #define DIGEST_SIZE 64 // SHA-512 for P-521
bench_stats_start(&count, &start);
do {
for (times = 0; times < agreeTimes || pending > 0; ) {
@@ -12209,8 +12210,8 @@ exit_ecdhe:
if (genKey[i]->state == 0) {
x[i] = ECC_MAX_SIG_SIZE;
}
-
- ret = wc_ecc_sign_hash(digest[i], (word32)keySize, sig[i],
+
+ ret = wc_ecc_sign_hash(digest[i], DIGEST_SIZE, sig[i],
&x[i], GLOBAL_RNG, genKey[i]);
if (!bench_async_handle(&ret,
@@ -12262,7 +12263,7 @@ exit_ecdsa_sign:
}
ret = wc_ecc_verify_hash(sig[i], x[i], digest[i],
- (word32)keySize, &verify[i],
+ DIGEST_SIZE, &verify[i],
genKey[i]);
if (!bench_async_handle(&ret,
Final result:
wolfSSL version 5.8.4
wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each)
ECC Benchmarks:
ECC [ PRIME239V1] 240 key gen 12400 ops took 1.000 sec, avg 0.081 ms, 12396.134 ops/sec, 2904905383 cycles 234266.6 Cycles/op
ECDHE [ PRIME239V1] 240 agree 12700 ops took 1.007 sec, avg 0.079 ms, 12615.064 ops/sec, 2923551847 cycles 230200.9 Cycles/op
ECDSA [ PRIME239V1] 240 sign 10600 ops took 1.003 sec, avg 0.095 ms, 10569.400 ops/sec, 2912432944 cycles 274757.8 Cycles/op
ECDSA [ PRIME239V1] 240 verify 9100 ops took 1.009 sec, avg 0.111 ms, 9022.859 ops/sec, 2928828132 cycles 321849.2 Cycles/op
ECC [ SECP256R1] 256 key gen 82200 ops took 1.001 sec, avg 0.012 ms, 82113.214 ops/sec, 2907069111 cycles 35365.8 Cycles/op
ECDHE [ SECP256R1] 256 agree 58800 ops took 1.001 sec, avg 0.017 ms, 58716.300 ops/sec, 2908139328 cycles 49458.2 Cycles/op
ECDSA [ SECP256R1] 256 sign 53100 ops took 1.002 sec, avg 0.019 ms, 53003.958 ops/sec, 2909263034 cycles 54788.4 Cycles/op
ECDSA [ SECP256R1] 256 verify 50700 ops took 1.001 sec, avg 0.020 ms, 50668.519 ops/sec, 2905804907 cycles 57313.7 Cycles/op
ECC [ SECP224R1] 224 key gen 12800 ops took 1.000 sec, avg 0.078 ms, 12796.726 ops/sec, 2904743229 cycles 226933.1 Cycles/op
ECDHE [ SECP224R1] 224 agree 13100 ops took 1.007 sec, avg 0.077 ms, 13005.348 ops/sec, 2925133497 cycles 223292.6 Cycles/op
ECDSA [ SECP224R1] 224 sign 11000 ops took 1.005 sec, avg 0.091 ms, 10942.687 ops/sec, 2919211000 cycles 265382.8 Cycles/op
ECDSA [ SECP224R1] 224 verify 9600 ops took 1.009 sec, avg 0.105 ms, 9516.268 ops/sec, 2929552462 cycles 305161.7 Cycles/op
ECC [ SECP384R1] 384 key gen 5500 ops took 1.003 sec, avg 0.182 ms, 5484.837 ops/sec, 2912028865 cycles 529459.8 Cycles/op
ECDHE [ SECP384R1] 384 agree 5500 ops took 1.001 sec, avg 0.182 ms, 5492.874 ops/sec, 2907765811 cycles 528684.7 Cycles/op
ECDSA [ SECP384R1] 384 sign 4800 ops took 1.012 sec, avg 0.211 ms, 4743.325 ops/sec, 2938697887 cycles 612228.7 Cycles/op
ECDSA [ SECP384R1] 384 verify 3900 ops took 1.008 sec, avg 0.258 ms, 3870.829 ops/sec, 2925885736 cycles 750227.1 Cycles/op
ECC [ SECP521R1] 528 key gen 2000 ops took 1.040 sec, avg 0.520 ms, 1922.182 ops/sec, 3021565759 cycles 1510782.9 Cycles/op
ECDHE [ SECP521R1] 528 agree 1900 ops took 1.002 sec, avg 0.527 ms, 1896.498 ops/sec, 2909360804 cycles 1531242.5 Cycles/op
ECDSA [ SECP521R1] 528 sign 1800 ops took 1.008 sec, avg 0.560 ms, 1785.217 ops/sec, 2928047626 cycles 1626693.1 Cycles/op
ECDSA [ SECP521R1] 528 verify 1500 ops took 1.014 sec, avg 0.676 ms, 1478.571 ops/sec, 2946088268 cycles 1964058.8 Cycles/op
Benchmark complete
Reproduction steps
No response