From 2fabd802d9e140fb08497c6175fcf6b632dda3b3 Mon Sep 17 00:00:00 2001
From: connerwolfssl <conner@wolfssl.com>
Date: Thu, 22 Mar 2018 11:21:33 -0600
Subject: [PATCH] added ecc sign and verify function

---
 wolfCLU/clu_src/sign-verify/clu_sign.c   | 82 ++++++++++++++++++++++-
 wolfCLU/clu_src/sign-verify/clu_verify.c | 84 ++++++++++++++++++++++--
 2 files changed, 161 insertions(+), 5 deletions(-)

diff --git a/wolfCLU/clu_src/sign-verify/clu_sign.c b/wolfCLU/clu_src/sign-verify/clu_sign.c
index a09b6fac..091d6ee3 100644
--- a/wolfCLU/clu_src/sign-verify/clu_sign.c
+++ b/wolfCLU/clu_src/sign-verify/clu_sign.c
@@ -103,6 +103,86 @@ int wolfCLU_sign_data_rsa(byte* data, char* out, word32 dataSz, char* privKey) {
 }
 
 int wolfCLU_sign_data_ecc(byte* data, char* out, word32 fSz, char* privKey) {
+#ifdef HAVE_ECC
+        int ret;
+        int privFileSz;
+        size_t eccKeySz;
+        word32 index = 0;
+        word32 outLen;
+        
+        FILE* privKeyFile;
+        
+        ecc_key key;
+        WC_RNG rng;
+        
+        XMEMSET(&rng, 0, sizeof(rng));
+        XMEMSET(&key, 0, sizeof(key));
+        
+        /* init the ecc key */
+        ret = wc_ecc_init(&key);
+        if (ret != 0) {
+            printf("Failed to initialize ecc key\nRET: %d\n", ret);
+            return ret;
+        }
+        
+        ret = wc_InitRng(&rng);
+        if (ret != 0) {
+            printf("Failed to initialize rng.\nRET: %d\n", ret);
+            return ret;
+        }
 
-        return 0;
+        /* read in and store private key */
+        privKeyFile = fopen(privKey, "rb");
+        fseek(privKeyFile, 0, SEEK_END);
+        privFileSz = ftell(privKeyFile);
+        byte keyBuf[privFileSz];
+        fseek(privKeyFile, 0, SEEK_SET);
+        fread(keyBuf, 1, privFileSz, privKeyFile);
+        fclose(privKeyFile);
+
+        /* retrieving private key and storing in the RsaKey */
+        ret = wc_EccPrivateKeyDecode(keyBuf, &index, &key, privFileSz);
+        if (ret != 0 ) {
+            printf("Failed to decode private key.\nRET: %d\n", ret);
+            return ret;
+        }
+
+        /* setting up output buffer based on key size */
+        byte outBuf[wc_ecc_sig_size(&key)];
+        XMEMSET(&outBuf, 0, sizeof(outBuf));
+        outLen = sizeof(outBuf);
+
+        /* signing input with ecc priv key to produce signature */
+        ret = wc_ecc_sign_hash(data, fSz, outBuf, &outLen, &rng, &key);
+        if (ret < 0) {
+            printf("Failed to sign data with Ecc private key.\nRET: %d\n", ret);
+            return ret;
+        }
+        else {
+            FILE* s;
+            s = fopen(out, "wb");
+            fwrite(outBuf, 1, sizeof(outBuf), s);
+            fclose(s);
+        }
+        
+        return ret;
+#else
+    return NOT_COMPILED_IN;
+#endif
+    }
+/* working example*/
+
+int main() {
+    FILE* f = fopen("./hash.txt", "rb");
+    word32 f_Sz;
+    byte* data;
+    
+    fseek(f, 0, SEEK_END);
+    f_Sz = ftell(f);
+    data = malloc(f_Sz*sizeof(data));
+    fseek(f, 0, SEEK_SET);
+    fread(data, 1, f_Sz, f);
+    fclose(f);
+    wolfCLU_sign_data_ecc(data, "signatureECC.txt", f_Sz, "./myEccKey64.priv");        
 }
+
diff --git a/wolfCLU/clu_src/sign-verify/clu_verify.c b/wolfCLU/clu_src/sign-verify/clu_verify.c
index b1d51055..ac9fc620 100644
--- a/wolfCLU/clu_src/sign-verify/clu_verify.c
+++ b/wolfCLU/clu_src/sign-verify/clu_verify.c
@@ -64,8 +64,7 @@ byte* wolfCLU_generate_public_key(char* privKey, byte* outBuf, int* outBufSz) {
     *outBufSz = ret;
     return outBuf;
 #else
-    *outBufSz = NOT_COMPILED_IN;
-    return outBuf;
+    return NOT_COMPILED_IN;
 #endif
 }
 
@@ -158,15 +157,92 @@ int wolfCLU_verify_signature_rsa(byte* sig, char* out, int sigSz, char* keyPath,
     
     return ret;
 #else
-    printf("RSA is not compiled in.\n");
     return NOT_COMPILED_IN;
 #endif
 }
 
 int wolfCLU_verify_signature_ecc(byte* sig, int sigSz, byte* hash, int hashSz, 
                                  char* keyPath) {
+
+#ifdef HAVE_ECC
+    int ret;
+    int keyFileSz;
+    int stat = 0;
+    word32 index = 0;
     
-    return 0;
+    FILE* keyPathFile;
+    ecc_key key;
+    WC_RNG rng;
+    byte* keyBuf;
+    
+    XMEMSET(&rng, 0, sizeof(rng));
+    XMEMSET(&key, 0, sizeof(key));
+    
+    ret = wc_ecc_init(&key);
+    if (ret != 0) {
+        printf("Failed to initialize ecc key.\nRet: %d", ret);
+        return ret;
+    }
+    
+    /* read in and store ecc key */
+    keyPathFile = fopen(keyPath, "rb");
+    fseek(keyPathFile, 0, SEEK_END);
+    keyFileSz = ftell(keyPathFile);
+    keyBuf = malloc(keyFileSz*sizeof(keyBuf));
+    fseek(keyPathFile, 0, SEEK_SET);
+    fread(keyBuf, 1, keyFileSz, keyPathFile);
+    fclose(keyPathFile);
+    
+    /* retrieving public key and storing in the ecc key */
+    ret = wc_EccPublicKeyDecode(keyBuf, &index, &key, keyFileSz);
+    if (ret < 0 ) {
+        printf("Failed to decode public key.\nRET: %d\n", ret);
+        return ret;
+    }
+    
+    ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, &stat, &key);
+    if (ret < 0) {
+        printf("Failed to verify data with RSA public key.\nRET: %d\n", ret);
+        return ret;
+    } else if (stat == 1) {
+        printf("Valid Signature.\n");
+    } else {
+        printf("Invalid Signature.\n");
+    }
+    
+    return ret;
+#else
+    return NOT_COMPILED_IN;
+#endif
 }
 
 int wolfCLU_sign_data_ed25519(byte*, word32, byte*, word32, char*);
+
+/*
+working example*/
+int main() {
+    FILE* f = fopen("./signatureECC.txt", "rb");
+    int f_Sz;
+    byte* data;
+    
+    fseek(f, 0, SEEK_END);
+    f_Sz = ftell(f);
+    data = malloc(f_Sz*sizeof(data));
+    fseek(f, 0, SEEK_SET);
+    fread(data, 1, f_Sz, f);
+    fclose(f);
+    
+    FILE* h = fopen("./hash.txt", "rb");
+    int h_Sz;
+    byte* hash;
+    
+    fseek(h, 0, SEEK_END);
+    h_Sz = ftell(h);
+    hash = malloc(h_Sz*sizeof(hash));
+    fseek(h, 0, SEEK_SET);
+    fread(hash, 1, h_Sz, h);
+    fclose(h);
+    
+    wolfCLU_verify_signature_ecc(data, f_Sz, hash, h_Sz, "./myEccKey64.pub");
+}
+