/src/cryptofuzz-heapmath/modules/wolfcrypt/ecdsa_448.cpp

Source
#include "ecdsa_448.h"
#include "module_internal.h"
#include "shared.h"
#include "bn_ops.h"
#include <cryptofuzz/util.h>

extern "C" {
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/curve448.h>
#include <wolfssl/wolfcrypt/ed448.h>
}

namespace cryptofuzz {
namespace module {
namespace wolfCrypt_detail {

#if defined(CRYPTOFUZZ_WOLFCRYPT_ALLOCATION_FAILURES)
    extern bool haveAllocFailure;
#endif

static bool ed448LoadPrivateKey(ed448_key& key, component::Bignum priv, Datasource& ds) {
    bool ret = false;

    uint8_t priv_bytes[ED448_KEY_SIZE];

    CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, priv, priv_bytes, sizeof(priv_bytes)), true);
    CF_CHECK_EQ(wc_ed448_import_private_only(priv_bytes, sizeof(priv_bytes), &key), 0);

    ret = true;
end:
    return ret;
}

static std::optional<std::vector<uint8_t>> ed448GetPublicKeyAsVector(ed448_key& key) {
    std::optional<std::vector<uint8_t>> ret = std::nullopt;
    uint8_t pub_bytes[ED448_PUB_KEY_SIZE];

    WC_CHECK_EQ(wc_ed448_make_public(&key, pub_bytes, sizeof(pub_bytes)), MP_OKAY);

    ret = std::vector<uint8_t>(pub_bytes, pub_bytes + sizeof(pub_bytes));
end:
    return ret;
}

static std::optional<component::ECC_PublicKey> ed448GetPublicKey(ed448_key& key, Datasource& ds) {
    std::optional<component::ECC_PublicKey> ret = std::nullopt;
    std::optional<std::vector<uint8_t>> pubv = std::nullopt;
    std::optional<component::Bignum> pub = std::nullopt;

    CF_CHECK_NE(pubv = ed448GetPublicKeyAsVector(key), std::nullopt);
    CF_CHECK_NE(pub = wolfCrypt_bignum::Bignum::BinToBignum(ds, pubv->data(), pubv->size()), std::nullopt);

    ret = {pub->ToString(), "0"};

end:
    return ret;
}

static bool ed448DerivePublicKey(ed448_key& key) {
    std::optional<std::vector<uint8_t>> pubv = std::nullopt;
    bool ret = false;

    CF_CHECK_NE(pubv = ed448GetPublicKeyAsVector(key), std::nullopt);
    memcpy(key.p, pubv->data(), ED448_PUB_KEY_SIZE);
    key.pubKeySet = 1;

    ret = true;

end:
    return ret;
}

static bool ed448LoadPublicKey(ed448_key& key, component::Bignum pub, Datasource& ds, const bool mustSucceed = false) {
    bool ret = false;

    uint8_t pub_bytes[ED448_PUB_KEY_SIZE];
    CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, pub, pub_bytes, sizeof(pub_bytes), mustSucceed), true);
    CF_CHECK_EQ(wc_ed448_import_public(pub_bytes, sizeof(pub_bytes), &key), 0);

    ret = true;
end:
    return ret;
}

std::optional<component::ECC_PublicKey> OpECC_PrivateToPublic_Curve448(operation::ECC_PrivateToPublic& op) {
    std::optional<component::ECC_PublicKey> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    static const uint8_t basepoint[CURVE448_KEY_SIZE] = {5};

    std::optional<std::vector<uint8_t>> priv_bytes = std::nullopt;
    uint8_t pub_bytes[CURVE448_PUB_KEY_SIZE];

    /* Load private key */
    {
        priv_bytes = util::DecToBin(op.priv.ToTrimmedString(), CURVE448_KEY_SIZE);
        CF_CHECK_NE(priv_bytes, std::nullopt);

        priv_bytes->data()[0] &= 0xFC;
        priv_bytes->data()[55] |= 0x80; static_assert(55 < CURVE448_KEY_SIZE);
    }

    /* Convert to public key */
    {
        CF_CHECK_EQ(curve448(pub_bytes, priv_bytes->data(), basepoint), MP_OKAY);
    }

    /* Convert public key */
    {
        ret = { util::BinToDec(pub_bytes, sizeof(pub_bytes)), "0" };
    }

end:
    wolfCrypt_detail::UnsetGlobalDs();
    return ret;
}

std::optional<component::ECC_PublicKey> OpECC_PrivateToPublic_Ed448(operation::ECC_PrivateToPublic& op) {
    std::optional<component::ECC_PublicKey> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    uint8_t pub_bytes[ED448_PUB_KEY_SIZE];

    ed448_key key;
    bool e448_key_inited = false;

    WC_CHECK_EQ(wc_ed448_init(&key), 0);
    e448_key_inited = true;

    /* Load private key */
    {
        const auto priv_bytes = util::DecToBin(op.priv.ToTrimmedString(), ED448_KEY_SIZE);
        CF_CHECK_NE(priv_bytes, std::nullopt);

        WC_CHECK_EQ(wc_ed448_import_private_only(priv_bytes->data(), priv_bytes->size(), &key), 0);
    }

    /* Convert to public key */
    {
        WC_CHECK_EQ(wc_ed448_make_public(&key, pub_bytes, sizeof(pub_bytes)), MP_OKAY);
    }

    /* Convert public key */
    {
        ret = { util::BinToDec(pub_bytes, sizeof(pub_bytes)), "0" };
    }

end:
    if ( e448_key_inited == true ) {
        wc_ed448_free(&key);
    }

    wolfCrypt_detail::UnsetGlobalDs();
    return ret;
}

std::optional<bool> OpECC_ValidatePubkey_Ed448(operation::ECC_ValidatePubkey& op) {
    std::optional<bool> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    ed448_key key;
    bool e448_key_inited = false;

    WC_CHECK_EQ(wc_ed448_init(&key), 0);
    e448_key_inited = true;

    CF_CHECK_EQ(ed448LoadPublicKey(key, op.pub.first, ds), true);

    haveAllocFailure = false;
    ret = wc_ed448_check_key(&key) == 0;
    if ( *ret == false && haveAllocFailure == true ) {
        ret = std::nullopt;
    }

end:
    if ( e448_key_inited == true ) {
        wc_ed448_free(&key);
    }

    wolfCrypt_detail::UnsetGlobalDs();
    return ret;
}

std::optional<bool> OpECC_ValidatePubkey_Curve448(operation::ECC_ValidatePubkey& op) {
    std::optional<bool> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    wolfCrypt_bignum::Bignum pub(ds);
    uint8_t pub_bytes[CURVE448_KEY_SIZE];

    CF_CHECK_EQ(pub.Set(op.pub.first.ToString(ds)), true);
    CF_CHECK_TRUE(pub.ToBin(pub_bytes, sizeof(pub_bytes)));

    haveAllocFailure = false;
    ret = wc_curve448_check_public(pub_bytes, sizeof(pub_bytes), EC448_BIG_ENDIAN) == 0;
    if ( *ret == false && haveAllocFailure == true ) {
        ret = std::nullopt;
    }

end:

    wolfCrypt_detail::UnsetGlobalDs();
    return ret;
}

std::optional<component::ECDSA_Signature> OpECDSA_Sign_ed448(operation::ECDSA_Sign& op) {
    std::optional<component::ECDSA_Signature> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    ed448_key key;
    bool e448_key_inited = false;
    uint8_t sig[ED448_SIG_SIZE];
    word32 sigSz = sizeof(sig);

    WC_CHECK_EQ(wc_ed448_init(&key), 0);
    e448_key_inited = true;

    CF_CHECK_EQ(wolfCrypt_detail::ed448LoadPrivateKey(key, op.priv, ds), true);
    CF_CHECK_EQ(wolfCrypt_detail::ed448DerivePublicKey(key), true);

    /* Sign message */
    WC_CHECK_EQ(wc_ed448_sign_msg(op.cleartext.GetPtr(), op.cleartext.GetSize(), sig, &sigSz, &key, nullptr, 0), MP_OKAY);
    CF_CHECK_EQ(sigSz, ED448_SIG_SIZE);
    static_assert(ED448_SIG_SIZE % 2 == 0);

    {
        std::optional<component::BignumPair> ret_sig;
        std::optional<component::BignumPair> ret_pub;

        CF_CHECK_NE(ret_sig = wolfCrypt_bignum::Bignum::BinToBignumPair(ds, sig, ED448_SIG_SIZE), std::nullopt);
        CF_CHECK_NE(ret_pub = wolfCrypt_detail::ed448GetPublicKey(key, ds), std::nullopt);

        ret = component::ECDSA_Signature(*ret_sig, *ret_pub);
    }

end:
    if ( e448_key_inited == true ) {
        wc_ed448_free(&key);
    }

    wolfCrypt_detail::UnsetGlobalDs();
    return ret;
}

std::optional<bool> OpECDSA_Verify_ed448(operation::ECDSA_Verify& op) {
    std::optional<bool> ret = std::nullopt;
    Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
    wolfCrypt_detail::SetGlobalDs(&ds);

    ed448_key key;
    bool e448_key_inited = false;
    uint8_t ed448sig[ED448_SIG_SIZE];
    int verify;
    bool oneShot = true;
    bool haveEmptyPart = false;

    haveAllocFailure = false;
    ret = false;

    WC_CHECK_EQ(wc_ed448_init(&key), 0);
    e448_key_inited = true;

    CF_CHECK_EQ(ed448LoadPublicKey(key, op.signature.pub.first, ds, true), true);
    CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, op.signature.signature, ed448sig, sizeof(ed448sig), true), true);

#if defined(WOLFSSL_ED25519_STREAMING_VERIFY)
    try { oneShot = ds.Get<bool>(); } catch ( ... ) { }
#endif

    if ( oneShot == true ) {
        WC_CHECK_EQ(wc_ed448_verify_msg(ed448sig, sizeof(ed448sig), op.cleartext.GetPtr(), op.cleartext.GetSize(), &verify, &key, nullptr, 0), 0);
    } else {
#if !defined(WOLFSSL_ED25519_STREAMING_VERIFY)
        CF_UNREACHABLE();
#else
        const auto parts = util::ToParts(ds, op.cleartext);

        WC_CHECK_EQ(wc_ed448_verify_msg_init(ed448sig, sizeof(ed448sig), &key, (byte)Ed448, nullptr, 0), 0);

        for (const auto& part : parts) {
            if ( part.second == 0 ) {
                haveEmptyPart = true;
            }
            WC_CHECK_EQ(wc_ed448_verify_msg_update(part.first, part.second, &key), 0);
        }

        WC_CHECK_EQ(wc_ed448_verify_msg_final(ed448sig, sizeof(ed448sig), &verify, &key), 0);
#endif
    }

    ret = verify ? true : false;

end:
    if ( e448_key_inited == true ) {
        wc_ed448_free(&key);
    }

    wolfCrypt_detail::UnsetGlobalDs();

    if ( ret && *ret == false ) {
        if ( haveAllocFailure ) {
            ret = std::nullopt;
        } else if ( haveEmptyPart ) {
            ret = std::nullopt;
        } else if ( op.cleartext.IsZero() ) {
            ret = std::nullopt;
        }

    }
    return ret;
}

} /* namespace wolfCrypt_detail */
} /* namespace module */
} /* namespace cryptofuzz */

Coverage Report

Created: 2025-11-16 07:15

Line	Count	Source
1		#include "ecdsa_448.h"
2		#include "module_internal.h"
3		#include "shared.h"
4		#include "bn_ops.h"
5		#include <cryptofuzz/util.h>
6
7		extern "C" {
8		#include <wolfssl/options.h>
9		#include <wolfssl/wolfcrypt/curve448.h>
10		#include <wolfssl/wolfcrypt/ed448.h>
11		}
12
13		namespace cryptofuzz {
14		namespace module {
15		namespace wolfCrypt_detail {
16
17		#if defined(CRYPTOFUZZ_WOLFCRYPT_ALLOCATION_FAILURES)
18		extern bool haveAllocFailure;
19		#endif
20
21	1.70k	static bool ed448LoadPrivateKey(ed448_key& key, component::Bignum priv, Datasource& ds) {
22	1.70k	bool ret = false;
23
24	1.70k	uint8_t priv_bytes[ED448_KEY_SIZE];
25
26	1.70k	CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, priv, priv_bytes, sizeof(priv_bytes)), true);
27	1.63k	CF_CHECK_EQ(wc_ed448_import_private_only(priv_bytes, sizeof(priv_bytes), &key), 0);
28
29	1.63k	ret = true;
30	1.70k	end:
31	1.70k	return ret;
32	1.63k	}
33
34	3.04k	static std::optional<std::vector<uint8_t>> ed448GetPublicKeyAsVector(ed448_key& key) {
35	3.04k	std::optional<std::vector<uint8_t>> ret = std::nullopt;
36	3.04k	uint8_t pub_bytes[ED448_PUB_KEY_SIZE];
37
38	3.04k	WC_CHECK_EQ(wc_ed448_make_public(&key, pub_bytes, sizeof(pub_bytes)), MP_OKAY);
39
40	2.96k	ret = std::vector<uint8_t>(pub_bytes, pub_bytes + sizeof(pub_bytes));
41	3.04k	end:
42	3.04k	return ret;
43	2.96k	}
44
45	1.40k	static std::optional<component::ECC_PublicKey> ed448GetPublicKey(ed448_key& key, Datasource& ds) {
46	1.40k	std::optional<component::ECC_PublicKey> ret = std::nullopt;
47	1.40k	std::optional<std::vector<uint8_t>> pubv = std::nullopt;
48	1.40k	std::optional<component::Bignum> pub = std::nullopt;
49
50	1.40k	CF_CHECK_NE(pubv = ed448GetPublicKeyAsVector(key), std::nullopt);
51	1.39k	CF_CHECK_NE(pub = wolfCrypt_bignum::Bignum::BinToBignum(ds, pubv->data(), pubv->size()), std::nullopt);
52
53	1.38k	ret = {pub->ToString(), "0"};
54
55	1.40k	end:
56	1.40k	return ret;
57	1.38k	}
58
59	1.63k	static bool ed448DerivePublicKey(ed448_key& key) {
60	1.63k	std::optional<std::vector<uint8_t>> pubv = std::nullopt;
61	1.63k	bool ret = false;
62
63	1.63k	CF_CHECK_NE(pubv = ed448GetPublicKeyAsVector(key), std::nullopt);
64	1.56k	memcpy(key.p, pubv->data(), ED448_PUB_KEY_SIZE);
65	1.56k	key.pubKeySet = 1;
66
67	1.56k	ret = true;
68
69	1.63k	end:
70	1.63k	return ret;
71	1.56k	}
72
73	2.64k	static bool ed448LoadPublicKey(ed448_key& key, component::Bignum pub, Datasource& ds, const bool mustSucceed = false) {
74	2.64k	bool ret = false;
75
76	2.64k	uint8_t pub_bytes[ED448_PUB_KEY_SIZE];
77	2.64k	CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, pub, pub_bytes, sizeof(pub_bytes), mustSucceed), true);
78	2.56k	CF_CHECK_EQ(wc_ed448_import_public(pub_bytes, sizeof(pub_bytes), &key), 0);
79
80	2.42k	ret = true;
81	2.64k	end:
82	2.64k	return ret;
83	2.42k	}
84
85	734	std::optional<component::ECC_PublicKey> OpECC_PrivateToPublic_Curve448(operation::ECC_PrivateToPublic& op) {
86	734	std::optional<component::ECC_PublicKey> ret = std::nullopt;
87	734	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
88	734	wolfCrypt_detail::SetGlobalDs(&ds);
89
90	734	static const uint8_t basepoint[CURVE448_KEY_SIZE] = {5};
91
92	734	std::optional<std::vector<uint8_t>> priv_bytes = std::nullopt;
93	734	uint8_t pub_bytes[CURVE448_PUB_KEY_SIZE];
94
95		/* Load private key */
96	734	{
97	734	priv_bytes = util::DecToBin(op.priv.ToTrimmedString(), CURVE448_KEY_SIZE);
98	734	CF_CHECK_NE(priv_bytes, std::nullopt);
99
100	609	priv_bytes->data()[0] &= 0xFC;
101	609	priv_bytes->data()[55] \|= 0x80; static_assert(55 < CURVE448_KEY_SIZE);
102	609	}
103
104		/* Convert to public key */
105	0	{
106	609	CF_CHECK_EQ(curve448(pub_bytes, priv_bytes->data(), basepoint), MP_OKAY);
107	609	}
108
109		/* Convert public key */
110	0	{
111	609	ret = { util::BinToDec(pub_bytes, sizeof(pub_bytes)), "0" };
112	609	}
113
114	734	end:
115	734	wolfCrypt_detail::UnsetGlobalDs();
116	734	return ret;
117	609	}
118
119	363	std::optional<component::ECC_PublicKey> OpECC_PrivateToPublic_Ed448(operation::ECC_PrivateToPublic& op) {
120	363	std::optional<component::ECC_PublicKey> ret = std::nullopt;
121	363	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
122	363	wolfCrypt_detail::SetGlobalDs(&ds);
123
124	363	uint8_t pub_bytes[ED448_PUB_KEY_SIZE];
125
126	363	ed448_key key;
127	363	bool e448_key_inited = false;
128
129	363	WC_CHECK_EQ(wc_ed448_init(&key), 0);
130	363	e448_key_inited = true;
131
132		/* Load private key */
133	363	{
134	363	const auto priv_bytes = util::DecToBin(op.priv.ToTrimmedString(), ED448_KEY_SIZE);
135	363	CF_CHECK_NE(priv_bytes, std::nullopt);
136
137	305	WC_CHECK_EQ(wc_ed448_import_private_only(priv_bytes->data(), priv_bytes->size(), &key), 0);
138	305	}
139
140		/* Convert to public key */
141	0	{
142	305	WC_CHECK_EQ(wc_ed448_make_public(&key, pub_bytes, sizeof(pub_bytes)), MP_OKAY);
143	217	}
144
145		/* Convert public key */
146	0	{
147	217	ret = { util::BinToDec(pub_bytes, sizeof(pub_bytes)), "0" };
148	217	}
149
150	363	end:
151	363	if ( e448_key_inited == true ) {
152	363	wc_ed448_free(&key);
153	363	}
154
155	363	wolfCrypt_detail::UnsetGlobalDs();
156	363	return ret;
157	217	}
158
159	0	std::optional<bool> OpECC_ValidatePubkey_Ed448(operation::ECC_ValidatePubkey& op) {
160	0	std::optional<bool> ret = std::nullopt;
161	0	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
162	0	wolfCrypt_detail::SetGlobalDs(&ds);
163
164	0	ed448_key key;
165	0	bool e448_key_inited = false;
166
167	0	WC_CHECK_EQ(wc_ed448_init(&key), 0);
168	0	e448_key_inited = true;
169
170	0	CF_CHECK_EQ(ed448LoadPublicKey(key, op.pub.first, ds), true);
171
172	0	haveAllocFailure = false;
173	0	ret = wc_ed448_check_key(&key) == 0;
174	0	if ( *ret == false && haveAllocFailure == true ) {
175	0	ret = std::nullopt;
176	0	}
177
178	0	end:
179	0	if ( e448_key_inited == true ) {
180	0	wc_ed448_free(&key);
181	0	}
182
183	0	wolfCrypt_detail::UnsetGlobalDs();
184	0	return ret;
185	0	}
186
187	0	std::optional<bool> OpECC_ValidatePubkey_Curve448(operation::ECC_ValidatePubkey& op) {
188	0	std::optional<bool> ret = std::nullopt;
189	0	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
190	0	wolfCrypt_detail::SetGlobalDs(&ds);
191
192	0	wolfCrypt_bignum::Bignum pub(ds);
193	0	uint8_t pub_bytes[CURVE448_KEY_SIZE];
194
195	0	CF_CHECK_EQ(pub.Set(op.pub.first.ToString(ds)), true);
196	0	CF_CHECK_TRUE(pub.ToBin(pub_bytes, sizeof(pub_bytes)));
197
198	0	haveAllocFailure = false;
199	0	ret = wc_curve448_check_public(pub_bytes, sizeof(pub_bytes), EC448_BIG_ENDIAN) == 0;
200	0	if ( *ret == false && haveAllocFailure == true ) {
201	0	ret = std::nullopt;
202	0	}
203
204	0	end:
205
206	0	wolfCrypt_detail::UnsetGlobalDs();
207	0	return ret;
208	0	}
209
210	1.70k	std::optional<component::ECDSA_Signature> OpECDSA_Sign_ed448(operation::ECDSA_Sign& op) {
211	1.70k	std::optional<component::ECDSA_Signature> ret = std::nullopt;
212	1.70k	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
213	1.70k	wolfCrypt_detail::SetGlobalDs(&ds);
214
215	1.70k	ed448_key key;
216	1.70k	bool e448_key_inited = false;
217	1.70k	uint8_t sig[ED448_SIG_SIZE];
218	1.70k	word32 sigSz = sizeof(sig);
219
220	1.70k	WC_CHECK_EQ(wc_ed448_init(&key), 0);
221	1.70k	e448_key_inited = true;
222
223	1.70k	CF_CHECK_EQ(wolfCrypt_detail::ed448LoadPrivateKey(key, op.priv, ds), true);
224	1.63k	CF_CHECK_EQ(wolfCrypt_detail::ed448DerivePublicKey(key), true);
225
226		/* Sign message */
227	1.56k	WC_CHECK_EQ(wc_ed448_sign_msg(op.cleartext.GetPtr(), op.cleartext.GetSize(), sig, &sigSz, &key, nullptr, 0), MP_OKAY);
228	1.45k	CF_CHECK_EQ(sigSz, ED448_SIG_SIZE);
229	1.45k	static_assert(ED448_SIG_SIZE % 2 == 0);
230
231	1.45k	{
232	1.45k	std::optional<component::BignumPair> ret_sig;
233	1.45k	std::optional<component::BignumPair> ret_pub;
234
235	1.45k	CF_CHECK_NE(ret_sig = wolfCrypt_bignum::Bignum::BinToBignumPair(ds, sig, ED448_SIG_SIZE), std::nullopt);
236	1.40k	CF_CHECK_NE(ret_pub = wolfCrypt_detail::ed448GetPublicKey(key, ds), std::nullopt);
237
238	1.38k	ret = component::ECDSA_Signature(ret_sig, ret_pub);
239	1.38k	}
240
241	1.70k	end:
242	1.70k	if ( e448_key_inited == true ) {
243	1.70k	wc_ed448_free(&key);
244	1.70k	}
245
246	1.70k	wolfCrypt_detail::UnsetGlobalDs();
247	1.70k	return ret;
248	1.38k	}
249
250	2.64k	std::optional<bool> OpECDSA_Verify_ed448(operation::ECDSA_Verify& op) {
251	2.64k	std::optional<bool> ret = std::nullopt;
252	2.64k	Datasource ds(op.modifier.GetPtr(), op.modifier.GetSize());
253	2.64k	wolfCrypt_detail::SetGlobalDs(&ds);
254
255	2.64k	ed448_key key;
256	2.64k	bool e448_key_inited = false;
257	2.64k	uint8_t ed448sig[ED448_SIG_SIZE];
258	2.64k	int verify;
259	2.64k	bool oneShot = true;
260	2.64k	bool haveEmptyPart = false;
261
262	2.64k	haveAllocFailure = false;
263	2.64k	ret = false;
264
265	2.64k	WC_CHECK_EQ(wc_ed448_init(&key), 0);
266	2.64k	e448_key_inited = true;
267
268	2.64k	CF_CHECK_EQ(ed448LoadPublicKey(key, op.signature.pub.first, ds, true), true);
269	2.42k	CF_CHECK_EQ(wolfCrypt_bignum::Bignum::ToBin(ds, op.signature.signature, ed448sig, sizeof(ed448sig), true), true);
270
271	2.29k	#if defined(WOLFSSL_ED25519_STREAMING_VERIFY)
272	2.29k	try { oneShot = ds.Get<bool>(); } catch ( ... ) { }
273	2.29k	#endif
274
275	2.29k	if ( oneShot == true ) {
276	1.56k	WC_CHECK_EQ(wc_ed448_verify_msg(ed448sig, sizeof(ed448sig), op.cleartext.GetPtr(), op.cleartext.GetSize(), &verify, &key, nullptr, 0), 0);
277	884	} else {
278		#if !defined(WOLFSSL_ED25519_STREAMING_VERIFY)
279		CF_UNREACHABLE();
280		#else
281	730	const auto parts = util::ToParts(ds, op.cleartext);
282
283	730	WC_CHECK_EQ(wc_ed448_verify_msg_init(ed448sig, sizeof(ed448sig), &key, (byte)Ed448, nullptr, 0), 0);
284
285	49.7k	for (const auto& part : parts) {
286	49.7k	if ( part.second == 0 ) {
287	47.3k	haveEmptyPart = true;
288	47.3k	}
289	49.7k	WC_CHECK_EQ(wc_ed448_verify_msg_update(part.first, part.second, &key), 0);
290	49.7k	}
291
292	1.11k	WC_CHECK_EQ(wc_ed448_verify_msg_final(ed448sig, sizeof(ed448sig), &verify, &key), 0);
293	1.11k	#endif
294	1.11k	}
295
296	1.26k	ret = verify ? true : false;
297
298	2.64k	end:
299	2.64k	if ( e448_key_inited == true ) {
300	2.64k	wc_ed448_free(&key);
301	2.64k	}
302
303	2.64k	wolfCrypt_detail::UnsetGlobalDs();
304
305	2.64k	if ( ret && *ret == false ) {
306	1.37k	if ( haveAllocFailure ) {
307	365	ret = std::nullopt;
308	1.00k	} else if ( haveEmptyPart ) {
309	171	ret = std::nullopt;
310	836	} else if ( op.cleartext.IsZero() ) {
311	60	ret = std::nullopt;
312	60	}
313
314	1.37k	}
315	2.64k	return ret;
316	1.26k	}
317
318		} /* namespace wolfCrypt_detail */
319		} /* namespace module */
320		} /* namespace cryptofuzz */