Updated with review comments

IDE/ECLIPSE/SIFIVE/Makefile

@@ -21,6 +21,9 @@ OPT_CFLAGS = -specs=nano.specs
 #OPT_CFLAGS += -O3 -DTIME -DNOENUM -Wno-implicit -mexplicit-relocs -save-temps
 #OPT_CFLAGS += -fno-inline -fno-builtin-printf -fno-common -falign-functions=4
 
+# ovewrite the __stack_size default value of 0x400 with 0x1000(4 Kbytes).
+# The __stack_size and __heap_size symbols are defined in the linker metal.default.ld 
+# script in the freedom-e-sdk. 
 override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \
                      -Xlinker --defsym=__stack_size=0x1000
 

IDE/ECLIPSE/SIFIVE/README.md

@@ -15,6 +15,11 @@ The `IDE/ECLIPSE/SIFIVE/main.c` example application provides a function to run t
 - #undef NO_CRYPT_TEST
 - #undef NO_CRYPT_BENCHMARK
 ```
+## Tested Configurations
+- SHA-1
+- SHA-256
+- AES CBC
+- ECC sign/verify/shared secret with fast math library
 
 ## Setup
 ### Setting up the SDK with wolfSSL
@@ -80,7 +85,7 @@ RANLIB=$RISCV_PATH/bin/riscv64-unknown-elf-gcc-ranlib \
 LD=riscv64-unknown-elf-ld \
 CXX=riscv64-unknown-elf-g++ \
 --disable-examples --enable-static --disable-shared \
-CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_GENSEED_FORTEST -DWOLFSSL_SIFIVE_RISC_V"
+CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_SIFIVE_RISC_V"
 
 $make
 $sudo make install
@@ -143,8 +148,6 @@ ECDHE    256 agree           2 ops took 22.000 sec, avg 11000.000 ms, 0.091 ops/
 ECDSA    256 sign            2 ops took 23.000 sec, avg 11500.000 ms, 0.087 ops/sec
 ECDSA    256 verify          2 ops took 45.000 sec, avg 22500.000 ms, 0.044 ops/sec
 Benchmark complete
-
-
 ```
 TARGET=sifive-hifive1
 ```
@@ -175,6 +178,11 @@ ECDSA    256 sign            2 ops took 25.000 sec, avg 12500.000 ms, 0.080 ops/
 ECDSA    256 verify          2 ops took 48.000 sec, avg 24000.000 ms, 0.042 ops/sec
 Benchmark complete
 ```
+## Known Caveats
+- If you find the wolfcrypt test stuck on early_trap_vector error, it is like related to memory issues
+- Using the `__stack_size` default value of 0x400 will not be enough for the ECC test to pass.
+The `IDE/ECLIPSE/SIFIVE/Makefile` overwrites the value with 0x1000 (4 KBytes)
+- Enabling RSA will cause the ECC test to fail due to memory shortage
 
 ## References
 The test results were collected from a SiFive reference platform target with the following hardware, software and tool chains:

IDE/ECLIPSE/SIFIVE/main.c

@@ -46,6 +46,7 @@ double current_time(int reset)
 }
 #endif
 
+#if WOLFSSL_SIFIVE_RISC_V_DEBUG
 void check(int depth) {
     char ch;
     char *ptr = malloc(1);
@@ -55,6 +56,7 @@ void check(int depth) {
         return;
     
     check(depth-1);
+    free(ptr);
 }
 
 void mtime_sleep( uint64_t ticks) {
@@ -71,6 +73,45 @@ void delay(int sec) {
     uint64_t ticks = sec * RTC_FREQ;
     mtime_sleep(ticks);
 }
+#endif 
+
+/* RNG CODE */
+/* TODO: Implement real RNG */
+static unsigned int gCounter;
+unsigned int hw_rand(void)
+{
+    /* #warning Must implement your own random source */
+
+    return ++gCounter;
+}
+
+unsigned int my_rng_seed_gen(void)
+{
+    return hw_rand();
+}
+
+int my_rng_gen_block(unsigned char* output, unsigned int sz)
+{
+    uint32_t i = 0;
+    uint32_t randReturnSize = sizeof(CUSTOM_RAND_TYPE);
+
+    while (i < sz)
+    {
+        /* If not aligned or there is odd/remainder */
+        if((i + randReturnSize) > sz ||
+            ((uint32_t)&output[i] % randReturnSize) != 0 ) {
+            /* Single byte at a time */
+            output[i++] = (unsigned char)my_rng_seed_gen();
+        }
+        else {
+            /* Use native 8, 16, 32 or 64 copy instruction */
+            *((CUSTOM_RAND_TYPE*)&output[i]) = my_rng_seed_gen();
+            i += randReturnSize;
+        }
+    }
+
+    return 0;
+}
 
 int main(void) 
 {
@@ -78,7 +119,7 @@ int main(void)
 
 #if WOLFSSL_SIFIVE_RISC_V_DEBUG
     printf("check stack and heap addresses\n");
-    check(10);
+    check(8);
     printf("sleep for 10 seconds to verify timer\n");
     delay(10);
     printf("awake after sleeping for 10 seconds\n");
@@ -87,9 +128,7 @@ int main(void)
     #ifdef DEBUG_WOLFSSL
         wolfSSL_Debugging_ON();
     #endif
-    #ifdef HAVE_STACK_SIZE
-        StackSizeCheck(&args, server_test);
-    #endif
+
     if ((ret = wolfCrypt_Init()) != 0) {
         printf("wolfCrypt_Init failed %d\n", ret);
         return -1;

IDE/ECLIPSE/SIFIVE/user_settings.h

@@ -118,11 +118,11 @@ extern "C" {
 
     #ifdef ECC_USER_CURVES
         /* Manual Curve Selection */
-        //#define HAVE_ECC192
-        //#define HAVE_ECC224
+        #define HAVE_ECC192
+        #define HAVE_ECC224
         #undef NO_ECC256
-        //#define HAVE_ECC384
-        //#define HAVE_ECC521
+        #define HAVE_ECC384
+        #define HAVE_ECC521
     #endif
 
     /* Fixed point cache (speeds repeated operations against same private key) */
@@ -203,29 +203,24 @@ extern "C" {
 #if 1
     #undef  HAVE_AES_CBC
     #define HAVE_AES_CBC
+    
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
 
-    /* If you need other than AES-CBC mode, you must undefine WOLFSSL_CRYPTOCELL_AES */
-    #if !defined(WOLFSSL_CRYPTOCELL_AES)
-        #undef  HAVE_AESGCM
-        #define HAVE_AESGCM
+    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #define GCM_SMALL
 
-        /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
-        #define GCM_SMALL
+    #undef  WOLFSSL_AES_DIRECT
+    //#define WOLFSSL_AES_DIRECT
 
-        #undef  WOLFSSL_AES_DIRECT
-        //#define WOLFSSL_AES_DIRECT
+    #undef  HAVE_AES_ECB
+    //#define HAVE_AES_ECB
 
-        #undef  HAVE_AES_ECB
-        //#define HAVE_AES_ECB
+    #undef  WOLFSSL_AES_COUNTER
+    //#define WOLFSSL_AES_COUNTER
 
-        #undef  WOLFSSL_AES_COUNTER
-        //#define WOLFSSL_AES_COUNTER
-
-        #undef  HAVE_AESCCM
-        //#define HAVE_AESCCM
-    #endif
-#else
-    #define NO_AES
+    #undef  HAVE_AESCCM
+    //#define HAVE_AESCCM
 #endif
 
 
@@ -436,16 +431,22 @@ extern "C" {
 /* RNG */
 /* ------------------------------------------------------------------------- */
 
-#if defined(WOLFSSL_SIFIVE_RISC_V)
-    /* Override P-RNG with HW RNG */
-    //extern int my_random_generate(byte* output, word32 sz);
-    //#undef  CUSTOM_RAND_GENERATE_BLOCK
-    //#define CUSTOM_RAND_GENERATE_BLOCK  my_random_generate
-    #define WOLFSSL_GENSEED_FORTEST /* for software RNG*/
+#if 1
+/* Bypass P-RNG and use only HW RNG */
+#define CUSTOM_RAND_TYPE      unsigned int
+extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
+#undef  CUSTOM_RAND_GENERATE_BLOCK
+#define CUSTOM_RAND_GENERATE_BLOCK  my_rng_gen_block
 #else
-    #define WOLFSSL_GENSEED_FORTEST
-#endif
+    #define HAVE_HASHDRBG
 
+    /* Seed Source */
+    /* Size of returned HW RNG value */
+    #define CUSTOM_RAND_TYPE      unsigned int
+    extern unsigned int my_rng_seed_gen(void);
+    #undef  CUSTOM_RAND_GENERATE
+    #define CUSTOM_RAND_GENERATE  my_rng_seed_gen
+#endif
 
 /* ------------------------------------------------------------------------- */
 /* Enable Features */

wolfcrypt/src/random.c

@@ -2327,13 +2327,11 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 #endif
 
 #ifdef USE_TEST_GENSEED
-#ifndef WOLFSSL_SIFIVE_RISC_V    
     #ifndef _MSC_VER
         #warning "write a real random seed!!!!, just for testing now"
     #else
         #pragma message("Warning: write a real random seed!!!!, just for testing now")
     #endif
-#endif /* !WOLFSSL_SIFIVE_RISC_V*/
     int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
     {
         word32 i;