Skip to content

Commit 407922b

Browse files
dgarskedgarske
committed
Added ECDHE
1 parent b03db3b commit 407922b

3 files changed

Lines changed: 324 additions & 6 deletions

File tree

stsafe/README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,8 @@ Tests wolfSSL crypto callbacks with STSAFE:
8484
- RNG with STSAFE-A120
8585
- ECC P-256/P-384 key generation via crypto callback
8686
- ECDSA P-256/P-384 sign/verify
87+
- ECDHE P-256 ephemeral key generation
88+
- ECDHE P-256 shared secret computation
8789

8890
```bash
8991
make wolfssl && ./wolfssl_stsafe_test
@@ -94,6 +96,7 @@ make wolfssl && ./wolfssl_stsafe_test
9496
Comprehensive tests with benchmarks:
9597
- RNG benchmark
9698
- ECDSA P-256 benchmark (keygen, sign, verify timing)
99+
- ECDH P-256 key exchange (uses ECDHE ephemeral keys)
97100
- Multiple sequential operations
98101

99102
```bash
@@ -148,6 +151,8 @@ Test Summary: 5 passed, 0 failed
148151
| ECC P-256 KeyGen | ~40 ms | 25 ops/sec |
149152
| ECDSA P-256 Sign | ~51 ms | 19.5 ops/sec |
150153
| ECDSA P-256 Verify | ~79 ms | 12.7 ops/sec |
154+
| ECDHE P-256 KeyGen | ~42 ms | ~24 ops/sec |
155+
| ECDHE P-256 Shared Secret | ~38 ms | ~26 ops/sec |
151156

152157
## Directory Structure
153158

stsafe/wolfssl_stsafe_full_test.c

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -276,6 +276,26 @@ static int test_ecdh_p256(void)
276276
}
277277
printf(" SW Key generated in %.2f ms\n", (end - start) / 1000.0);
278278

279+
/* Set RNG on keys for shared secret computation */
280+
ret = wc_ecc_set_rng(&keyHW, &rng);
281+
if (ret != 0) {
282+
printf(" Error: wc_ecc_set_rng (HW) failed: %d\n", ret);
283+
wc_ecc_free(&keyHW);
284+
wc_ecc_free(&keySW);
285+
wc_FreeRng(&rng);
286+
TEST_FAIL("ECDH P-256 set RNG HW");
287+
return -1;
288+
}
289+
ret = wc_ecc_set_rng(&keySW, &rng);
290+
if (ret != 0) {
291+
printf(" Error: wc_ecc_set_rng (SW) failed: %d\n", ret);
292+
wc_ecc_free(&keyHW);
293+
wc_ecc_free(&keySW);
294+
wc_FreeRng(&rng);
295+
TEST_FAIL("ECDH P-256 set RNG SW");
296+
return -1;
297+
}
298+
279299
/* Compute shared secret using STSAFE (HW priv * SW pub) */
280300
printf(" Computing shared secret (STSAFE: HW priv * SW pub)...\n");
281301
start = get_time_us();
@@ -460,10 +480,8 @@ int main(void)
460480
test_rng_benchmark();
461481
test_ecdsa_p256_benchmark();
462482

463-
/* Note: ECDH requires ephemeral keys via stse_generate_ECDHE_key_pair
464-
* which is not yet implemented in the crypto callback.
465-
* Skipping ECDH test for now. */
466-
printf("\n[SKIP] ECDH P-256 - requires ECDHE key generation (not yet implemented)\n");
483+
/* ECDH test - now uses ECDHE ephemeral keys */
484+
test_ecdh_p256();
467485

468486
test_multiple_operations();
469487

0 commit comments

Comments
 (0)