feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Updated with review comments

Browse Source
This commit is contained in:
Tesfa Mael
2019-05-28 17:37:16 -07:00
parent 87fb9f73e9
commit 765b075e50
5 changed files with 88 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
IDE/ECLIPSE/SIFIVE/Makefile
View File

@@ -21,6 +21,9 @@ OPT_CFLAGS = -specs=nano.specs
#OPT_CFLAGS += -O3 -DTIME -DNOENUM -Wno-implicit -mexplicit-relocs -save-temps #OPT_CFLAGS += -O3 -DTIME -DNOENUM -Wno-implicit -mexplicit-relocs -save-temps
#OPT_CFLAGS += -fno-inline -fno-builtin-printf -fno-common -falign-functions=4 #OPT_CFLAGS += -fno-inline -fno-builtin-printf -fno-common -falign-functions=4
# ovewrite the __stack_size default value of 0x400 with 0x1000(4 Kbytes).
# The __stack_size and __heap_size symbols are defined in the linker metal.default.ld
# script in the freedom-e-sdk.
override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \ override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \
-Xlinker --defsym=__stack_size=0x1000 -Xlinker --defsym=__stack_size=0x1000

14
IDE/ECLIPSE/SIFIVE/README.md
View File

@@ -15,6 +15,11 @@ The `IDE/ECLIPSE/SIFIVE/main.c` example application provides a function to run t
- #undef NO_CRYPT_TEST - #undef NO_CRYPT_TEST
- #undef NO_CRYPT_BENCHMARK - #undef NO_CRYPT_BENCHMARK
``` ```
## Tested Configurations
- SHA-1
- SHA-256
- AES CBC
- ECC sign/verify/shared secret with fast math library
## Setup ## Setup
### Setting up the SDK with wolfSSL ### Setting up the SDK with wolfSSL
@@ -80,7 +85,7 @@ RANLIB=$RISCV_PATH/bin/riscv64-unknown-elf-gcc-ranlib \
LD=riscv64-unknown-elf-ld \ LD=riscv64-unknown-elf-ld \
CXX=riscv64-unknown-elf-g++ \ CXX=riscv64-unknown-elf-g++ \
--disable-examples --enable-static --disable-shared \ --disable-examples --enable-static --disable-shared \
CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_GENSEED_FORTEST -DWOLFSSL_SIFIVE_RISC_V" CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_SIFIVE_RISC_V"
$make $make
$sudo make install $sudo make install
@@ -143,8 +148,6 @@ ECDHE 256 agree 2 ops took 22.000 sec, avg 11000.000 ms, 0.091 ops/
ECDSA 256 sign 2 ops took 23.000 sec, avg 11500.000 ms, 0.087 ops/sec ECDSA 256 sign 2 ops took 23.000 sec, avg 11500.000 ms, 0.087 ops/sec
ECDSA 256 verify 2 ops took 45.000 sec, avg 22500.000 ms, 0.044 ops/sec ECDSA 256 verify 2 ops took 45.000 sec, avg 22500.000 ms, 0.044 ops/sec
Benchmark complete Benchmark complete
``` ```
TARGET=sifive-hifive1 TARGET=sifive-hifive1
``` ```
@@ -175,6 +178,11 @@ ECDSA 256 sign 2 ops took 25.000 sec, avg 12500.000 ms, 0.080 ops/
ECDSA 256 verify 2 ops took 48.000 sec, avg 24000.000 ms, 0.042 ops/sec ECDSA 256 verify 2 ops took 48.000 sec, avg 24000.000 ms, 0.042 ops/sec
Benchmark complete Benchmark complete
``` ```
## Known Caveats
- If you find the wolfcrypt test stuck on early_trap_vector error, it is like related to memory issues
- Using the `__stack_size` default value of 0x400 will not be enough for the ECC test to pass.
The `IDE/ECLIPSE/SIFIVE/Makefile` overwrites the value with 0x1000 (4 KBytes)
- Enabling RSA will cause the ECC test to fail due to memory shortage
## References ## References
The test results were collected from a SiFive reference platform target with the following hardware, software and tool chains: The test results were collected from a SiFive reference platform target with the following hardware, software and tool chains:

47
IDE/ECLIPSE/SIFIVE/main.c
View File

@@ -46,6 +46,7 @@ double current_time(int reset)
} }
#endif #endif
#if WOLFSSL_SIFIVE_RISC_V_DEBUG
void check(int depth) { void check(int depth) {
char ch; char ch;
char *ptr = malloc(1); char *ptr = malloc(1);
@@ -55,6 +56,7 @@ void check(int depth) {
return; return;
check(depth-1); check(depth-1);
free(ptr);
} }
void mtime_sleep( uint64_t ticks) { void mtime_sleep( uint64_t ticks) {
@@ -71,6 +73,45 @@ void delay(int sec) {
uint64_t ticks = sec * RTC_FREQ; uint64_t ticks = sec * RTC_FREQ;
mtime_sleep(ticks); mtime_sleep(ticks);
} }
#endif
/* RNG CODE */
/* TODO: Implement real RNG */
static unsigned int gCounter;
unsigned int hw_rand(void)
{
/* #warning Must implement your own random source */
return ++gCounter;
}
unsigned int my_rng_seed_gen(void)
{
return hw_rand();
}
int my_rng_gen_block(unsigned char* output, unsigned int sz)
{
uint32_t i = 0;
uint32_t randReturnSize = sizeof(CUSTOM_RAND_TYPE);
while (i < sz)
{
/* If not aligned or there is odd/remainder */
if((i + randReturnSize) > sz ||
((uint32_t)&output[i] % randReturnSize) != 0 ) {
/* Single byte at a time */
output[i++] = (unsigned char)my_rng_seed_gen();
}
else {
/* Use native 8, 16, 32 or 64 copy instruction */
*((CUSTOM_RAND_TYPE*)&output[i]) = my_rng_seed_gen();
i += randReturnSize;
}
}
return 0;
}
int main(void) int main(void)
{ {
@@ -78,7 +119,7 @@ int main(void)
#if WOLFSSL_SIFIVE_RISC_V_DEBUG #if WOLFSSL_SIFIVE_RISC_V_DEBUG
printf("check stack and heap addresses\n"); printf("check stack and heap addresses\n");
check(10); check(8);
printf("sleep for 10 seconds to verify timer\n"); printf("sleep for 10 seconds to verify timer\n");
delay(10); delay(10);
printf("awake after sleeping for 10 seconds\n"); printf("awake after sleeping for 10 seconds\n");
@@ -87,9 +128,7 @@ int main(void)
#ifdef DEBUG_WOLFSSL #ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON(); wolfSSL_Debugging_ON();
#endif #endif
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#endif
if ((ret = wolfCrypt_Init()) != 0) { if ((ret = wolfCrypt_Init()) != 0) {
printf("wolfCrypt_Init failed %d\n", ret); printf("wolfCrypt_Init failed %d\n", ret);
return -1; return -1;

35
IDE/ECLIPSE/SIFIVE/user_settings.h
View File

@@ -118,11 +118,11 @@ extern "C" {
#ifdef ECC_USER_CURVES #ifdef ECC_USER_CURVES
/* Manual Curve Selection */ /* Manual Curve Selection */
//#define HAVE_ECC192 #define HAVE_ECC192
//#define HAVE_ECC224 #define HAVE_ECC224
#undef NO_ECC256 #undef NO_ECC256
//#define HAVE_ECC384 #define HAVE_ECC384
//#define HAVE_ECC521 #define HAVE_ECC521
#endif #endif
/* Fixed point cache (speeds repeated operations against same private key) */ /* Fixed point cache (speeds repeated operations against same private key) */
@@ -204,8 +204,6 @@ extern "C" {
#undef HAVE_AES_CBC #undef HAVE_AES_CBC
#define HAVE_AES_CBC #define HAVE_AES_CBC
/* If you need other than AES-CBC mode, you must undefine WOLFSSL_CRYPTOCELL_AES */
#if !defined(WOLFSSL_CRYPTOCELL_AES)
#undef HAVE_AESGCM #undef HAVE_AESGCM
#define HAVE_AESGCM #define HAVE_AESGCM
@@ -223,9 +221,6 @@ extern "C" {
#undef HAVE_AESCCM #undef HAVE_AESCCM
//#define HAVE_AESCCM //#define HAVE_AESCCM
#endif
#else
#define NO_AES
#endif #endif
@@ -436,16 +431,22 @@ extern "C" {
/* RNG */ /* RNG */
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
#if defined(WOLFSSL_SIFIVE_RISC_V) #if 1
/* Override P-RNG with HW RNG */ /* Bypass P-RNG and use only HW RNG */
//extern int my_random_generate(byte* output, word32 sz); #define CUSTOM_RAND_TYPE unsigned int
//#undef CUSTOM_RAND_GENERATE_BLOCK extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
//#define CUSTOM_RAND_GENERATE_BLOCK my_random_generate #undef CUSTOM_RAND_GENERATE_BLOCK
#define WOLFSSL_GENSEED_FORTEST /* for software RNG*/ #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#else #else
#define WOLFSSL_GENSEED_FORTEST #define HAVE_HASHDRBG
#endif
/* Seed Source */
/* Size of returned HW RNG value */
#define CUSTOM_RAND_TYPE unsigned int
extern unsigned int my_rng_seed_gen(void);
#undef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_GENERATE my_rng_seed_gen
#endif
/* ------------------------------------------------------------------------- */ /* ------------------------------------------------------------------------- */
/* Enable Features */ /* Enable Features */

2
wolfcrypt/src/random.c
View File

@@ -2327,13 +2327,11 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#endif #endif
#ifdef USE_TEST_GENSEED #ifdef USE_TEST_GENSEED
#ifndef WOLFSSL_SIFIVE_RISC_V
#ifndef _MSC_VER #ifndef _MSC_VER
#warning "write a real random seed!!!!, just for testing now" #warning "write a real random seed!!!!, just for testing now"
#else #else
#pragma message("Warning: write a real random seed!!!!, just for testing now") #pragma message("Warning: write a real random seed!!!!, just for testing now")
#endif #endif
#endif /* !WOLFSSL_SIFIVE_RISC_V*/
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{ {
word32 i; word32 i;