feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #1753 from dgarske/gcc_arm_fips

Browse Source 
Enhancements to the GCC-ARM example
This commit is contained in:
toddouska
2018-08-13 16:20:13 -07:00
committed by GitHub
parent 5caaa94868 f44d42b1c8
commit a3627106ea
10 changed files with 642 additions and 216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

305
IDE/GCC-ARM/Header/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2017 wolfSSL Inc.
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -54,14 +54,49 @@ extern "C" {
#undef SIZEOF_LONG_LONG
#define SIZEOF_LONG_LONG 8
#ifdef USE_FAST_MATH
#undef USE_FAST_MATH
#if 1
#define USE_FAST_MATH
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
/* Optimizations (on M0 UMULL is not supported, need another assembly solution) */
/* Optimizations */
//#define TFM_ARM
#endif
/* Wolf Single Precision Math */
#undef WOLFSSL_SP
#if 0
#define WOLFSSL_SP
#define WOLFSSL_SP_SMALL
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_CACHE_RESISTANT
//#define WOLFSSL_SP_MATH
/* 64 or 32 bit version */
//#define WOLFSSL_SP_ARM32_ASM
//#define WOLFSSL_SP_ARM64_ASM
#endif
/* ------------------------------------------------------------------------- */
/* FIPS - Requires eval or license from wolfSSL */
/* ------------------------------------------------------------------------- */
#undef HAVE_FIPS
#if 0
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 2
#ifdef SINGLE_THREADED
#undef NO_THREAD_LS
#define NO_THREAD_LS
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Crypto */
@ -92,24 +127,31 @@ extern "C" {
#if 0
#define WC_RSA_PSS
#endif
#if 0
#define WC_RSA_NO_PADDING
#endif
#else
#define NO_RSA
#endif
/* ECC */
#undef HAVE_ECC
#if 1
#undef HAVE_ECC
#define HAVE_ECC
/* Manually define enabled curves */
#undef ECC_USER_CURVES
#define ECC_USER_CURVES
//#define HAVE_ECC192
//#define HAVE_ECC224
#undef NO_ECC256
//#define HAVE_ECC384
//#define HAVE_ECC521
#ifdef ECC_USER_CURVES
/* Manual Curve Selection */
//#define HAVE_ECC192
//#define HAVE_ECC224
#undef NO_ECC256
//#define HAVE_ECC384
//#define HAVE_ECC521
#endif
/* Fixed point cache (speeds repeated operations against same private key) */
#undef FP_ECC
@ -131,17 +173,35 @@ extern "C" {
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
/* Enable cofactor support */
#ifdef HAVE_FIPS
#undef HAVE_ECC_CDH
#define HAVE_ECC_CDH
#endif
/* Validate import */
#ifdef HAVE_FIPS
#undef WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_IMPORT
#endif
/* Compressed Key Support */
#undef HAVE_COMP_KEY
//#define HAVE_COMP_KEY
/* Use alternate ECC size for ECC math */
#ifdef USE_FAST_MATH
#ifdef NO_RSA
/* if not using RSA set FP_MAX_BITS to 256*2 */
/* Custom fastmath size if not using RSA */
/* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
#undef FP_MAX_BITS
#define FP_MAX_BITS 512
#define FP_MAX_BITS (256 + 32)
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
#endif
/* Speedups specific to curve */
#ifndef NO_ECC256
#undef TFM_ECC256
#define TFM_ECC256
@ -149,6 +209,27 @@ extern "C" {
#endif
#endif
/* DH */
#undef NO_DH
#if 1
/* Use table for DH instead of -lm (math) lib dependency */
#if 0
#define WOLFSSL_DH_CONST
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_4096
//#define HAVE_FFDHE_6144
//#define HAVE_FFDHE_8192
#endif
#ifdef HAVE_FIPS
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#endif
#else
#define NO_DH
#endif
/* AES */
#undef NO_AES
#if 1
@ -158,16 +239,32 @@ extern "C" {
#undef HAVE_AESGCM
#define HAVE_AESGCM
#undef HAVE_AESCCM
#define HAVE_AESCCM
/* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
#undef GCM_SMALL
#define GCM_SMALL
#undef WOLFSSL_AES_DIRECT
//#define WOLFSSL_AES_DIRECT
#undef HAVE_AES_ECB
//#define HAVE_AES_ECB
#undef WOLFSSL_AES_COUNTER
//#define WOLFSSL_AES_COUNTER
#undef HAVE_AESCCM
//#define HAVE_AESCCM
#else
#define NO_AES
#endif
/* DES3 */
#undef NO_DES3
#if 0
#else
#define NO_DES3
#endif
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
@ -210,7 +307,12 @@ extern "C" {
#undef NO_SHA256
#if 1
/* not unrolled - ~2k smaller and ~25% slower */
#define USE_SLOW_SHA256
//#define USE_SLOW_SHA256
/* Sha224 */
#if 0
#define WOLFSSL_SHA224
#endif
#else
#define NO_SHA256
#endif
@ -227,28 +329,33 @@ extern "C" {
#endif
/* over twice as small, but 50% slower */
#define USE_SLOW_SHA512
//#define USE_SLOW_SHA512
#endif
/* Sha3 */
#undef WOLFSSL_SHA3
#if 0
#define WOLFSSL_SHA3
#endif
/* MD5 */
#undef NO_MD5
#if 1
#else
#define NO_MD5
#endif
#undef WOLFSSL_SHA3
#if 0
#define WOLFSSL_SHA3
#else
#define NO_MD5
#endif
/* HKDF */
#undef HAVE_HKDF
#if 0
#define HAVE_HKDF
#else
#define HAVE_HKDF
#endif
/* CMAC */
#undef WOLFSSL_CMAC
#if 0
#define WOLFSSL_CMAC
#endif
@ -273,27 +380,67 @@ extern "C" {
/* Debugging */
/* ------------------------------------------------------------------------- */
#undef DEBUG_WOLFSSL
//#define DEBUG_WOLFSSL
/* Use this to measure / print heap usage */
#undef DEBUG_WOLFSSL
#undef NO_ERROR_STRINGS
#if 0
#undef USE_WOLFSSL_MEMORY
#define USE_WOLFSSL_MEMORY
#undef WOLFSSL_TRACK_MEMORY
//#define WOLFSSL_TRACK_MEMORY
#undef WOLFSSL_DEBUG_MEMORY
//#define WOLFSSL_DEBUG_MEMORY
#define DEBUG_WOLFSSL
#else
#undef NO_WOLFSSL_MEMORY
#define NO_WOLFSSL_MEMORY
#if 0
#define NO_ERROR_STRINGS
#endif
#endif
#ifndef DEBUG_WOLFSSL
#undef NO_ERROR_STRINGS
#define NO_ERROR_STRINGS
/* ------------------------------------------------------------------------- */
/* Memory */
/* ------------------------------------------------------------------------- */
/* Override Memory API's */
#if 0
#undef XMALLOC_OVERRIDE
#define XMALLOC_OVERRIDE
/* prototypes for user heap override functions */
/* Note: Realloc only required for normal math */
#include <stddef.h> /* for size_t */
extern void *myMalloc(size_t n, void* heap, int type);
extern void myFree(void *p, void* heap, int type);
extern void *myRealloc(void *p, size_t n, void* heap, int type);
#define XMALLOC(n, h, t) myMalloc(n, h, t)
#define XFREE(p, h, t) myFree(p, h, t)
#define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
#endif
#if 0
/* Static memory requires fast math */
#define WOLFSSL_STATIC_MEMORY
/* Disable fallback malloc/free */
#define WOLFSSL_NO_MALLOC
#if 1
#define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
#endif
#endif
/* Memory callbacks */
#if 0
#undef USE_WOLFSSL_MEMORY
#define USE_WOLFSSL_MEMORY
/* Use this to measure / print heap usage */
#if 1
#undef WOLFSSL_TRACK_MEMORY
#define WOLFSSL_TRACK_MEMORY
#undef WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#endif
#else
#ifndef WOLFSSL_STATIC_MEMORY
#define NO_WOLFSSL_MEMORY
/* Otherwise we will use stdlib malloc, free and realloc */
#endif
#endif
@ -304,6 +451,7 @@ extern "C" {
/* Override Current Time */
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
#define WOLFSSL_GMTIME
#define USER_TICKS
extern unsigned long my_time(unsigned long* timer);
#define XTIME my_time
@ -312,16 +460,16 @@ extern unsigned long my_time(unsigned long* timer);
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
/* Seed Source */
/* Size of returned HW RNG value */
#define CUSTOM_RAND_TYPE unsigned int
/* Seed source */
extern unsigned int custom_rand_generate(void);
extern unsigned int my_rng_seed_gen(void);
#undef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_GENERATE custom_rand_generate
#define CUSTOM_RAND_GENERATE my_rng_seed_gen
/* Choose RNG method */
#if 0
#if 1
/* Use built-in P-RNG (SHA256 based) with HW RNG */
/* P-RNG + HW RNG (P-RNG is ~8K) */
#undef HAVE_HASHDRBG
@ -331,20 +479,67 @@ extern unsigned int custom_rand_generate(void);
#define WC_NO_HASHDRBG
/* Bypass P-RNG and use only HW RNG */
extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK custom_rand_generate_block
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#endif
/* ------------------------------------------------------------------------- */
/* Custom Standard Lib */
/* ------------------------------------------------------------------------- */
/* Allows override of all standard library functions */
#undef STRING_USER
#if 0
#define STRING_USER
#include <string.h>
#undef USE_WOLF_STRSEP
#define USE_WOLF_STRSEP
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
#undef USE_WOLF_STRTOK
#define USE_WOLF_STRTOK
#define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#define XSNPRINTF snprintf
#endif
/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
#undef WOLFSSL_TLS13
#if 0
#undef WOLFSSL_TLS13
#define WOLFSSL_TLS13
#endif
#undef WOLFSSL_KEY_GEN
#if 0
#define WOLFSSL_KEY_GEN
#endif
#if defined(HAVE_FIPS) && !defined(WOLFSSL_KEY_GEN)
#define WOLFSSL_OLD_PRIME_CHECK
#endif
#undef KEEP_PEER_CERT
//#define KEEP_PEER_CERT
@ -407,12 +602,6 @@ extern unsigned int custom_rand_generate(void);
#undef NO_DSA
#define NO_DSA
#undef NO_DH
#define NO_DH
#undef NO_DES3
#define NO_DES3
#undef NO_RC4
#define NO_RC4

2
IDE/GCC-ARM/Makefile
View File

@ -13,4 +13,4 @@ WolfSSLStaticLib:
clean:
rm -f $(BUILD_DIR)/*.elf $(BUILD_DIR)/*.hex $(BUILD_DIR)/*.map
rm -f $(BUILD_DIR)/*.o $(BUILD_DIR)/*.sym $(BUILD_DIR)/*.disasm
rm -f $(BUILD_DIR)/*.o $(BUILD_DIR)/*.a $(BUILD_DIR)/*.sym $(BUILD_DIR)/*.disasm

191
IDE/GCC-ARM/Makefile.common
View File

@ -5,51 +5,9 @@ CMD_ECHO =
BUILD_DIR = ./Build
# Toolchain location and prefix
#TOOLCHAIN =
TOOLCHAIN = /opt/gcc-arm-none-eabi/bin/arm-none-eabi-
INC = -I./Header \
-I./Source \
-I../..
# Memory Map
SRC_LD = -T./linker.ld
# Defines
DEF = -DWOLFSSL_USER_SETTINGS
# Compiler and linker flags
ARCHFLAGS = -mcpu=cortex-m0 -mthumb -mabi=aapcs
DBGFLAGS = -ggdb
ASFLAGS = $(ARCHFLAGS)
# CC: Place functions and data into separate sections to allow dead code removal
# by the linker (-f*-sections). Enable link time optimization (-flto)
CFLAGS = $(ARCHFLAGS) -std=gnu99 -Wall -Wno-cpp \
-ffunction-sections -fdata-sections \
-Os -flto $(DBGFLAGS)
# LD: Remove unused sections
LDFLAGS = $(ARCHFLAGS) -Wl,--gc-sections
# LD: Link with newlib-nano implementation
LDFLAGS += --specs=nano.specs --specs=nosys.specs
# LD: generate map
LDFLAGS += -Wl,-Map=$(BUILD_DIR)/$(BIN).map $(DBGFLAGS)
# LD: Entry point
LDFLAGS += -Wl,-ereset_handler
# Math lib (for DH)
LIBS = -lm
SRC_C += ./Source/armtarget.c
SRC_C += $(wildcard ../../src/*.c ../../wolfcrypt/src/*.c ../../wolfcrypt/benchmark/*.c ../../wolfcrypt/test/*.c)
FILENAMES_C = $(notdir $(SRC_C))
FILENAMES_C := $(filter-out evp.c, $(FILENAMES_C))
OBJS_C = $(addprefix $(BUILD_DIR)/, $(FILENAMES_C:.c=.o))
vpath %.c $(dir $(SRC_C))
# Tools selection
CC = $(TOOLCHAIN)gcc
AS = $(TOOLCHAIN)gcc
@ -60,6 +18,147 @@ OBJCOPY = $(TOOLCHAIN)objcopy
OBJDUMP = $(TOOLCHAIN)objdump
SIZE = $(TOOLCHAIN)size
# Includes
INC = -I./Header \
-I./Source \
-I../..
# Defines
DEF = -DWOLFSSL_USER_SETTINGS
# Architecture
ARCHFLAGS = -mcpu=cortex-m0 -mthumb -mabi=aapcs -DUSE_WOLF_ARM_STARTUP
#ARCHFLAGS = -mcpu=cortex-r5 -mthumb -mabi=aapcs
#ARCHFLAGS = -mcpu=cortex-a53 -mthumb -mabi=aapcs
# Compiler and linker flags
ASFLAGS = $(ARCHFLAGS)
CFLAGS = $(ARCHFLAGS) -std=gnu99 -Wall -Wno-cpp
LDFLAGS = $(ARCHFLAGS)
# LD: Link with nosys
LDFLAGS += --specs=nosys.specs
# LD: Link with nano or rdimon implementation for standard library
LDFLAGS += --specs=nano.specs
#LDFLAGS += --specs=rdimon.specs
# LD: generate map
LDFLAGS += -Wl,-Map=$(BUILD_DIR)/$(BIN).map
# LD: Entry point
LDFLAGS += -Wl,-ereset_handler
# Math lib (for DH)
LIBS = -lm
# Memory Map
SRC_LD = -T./linker.ld
# Optimization level and place functions / data into separate sections to allow dead code removal
CFLAGS += -Os -ffunction-sections -fdata-sections -fno-builtin
# Remove unused sections and link time optimizations
LDFLAGS += -Wl,--gc-sections -flto
# Debugging
#DBGFLAGS = -ggdb -g3
CFLAGS += $(DBGFLAGS)
LDFLAGS += $(DBGFLAGS)
# FILES
# Port and Test/Benchmark
SRC_C += ./Source/wolf_main.c
SRC_C += ./Source/armtarget.c
SRC_C += ../../wolfcrypt/test/test.c
SRC_C += ../../wolfcrypt/benchmark/benchmark.c
# WOLFSSL TLS FILES
SRC_C += ../../src/crl.c
SRC_C += ../../src/internal.c
SRC_C += ../../src/keys.c
SRC_C += ../../src/ocsp.c
SRC_C += ../../src/sniffer.c
SRC_C += ../../src/ssl.c
SRC_C += ../../src/tls.c
SRC_C += ../../src/tls13.c
SRC_C += ../../src/wolfio.c
# wolfCrypt Core (FIPS)
SRC_C += ../../wolfcrypt/src/wolfcrypt_first.c
SRC_C += ../../wolfcrypt/src/aes.c
SRC_C += ../../wolfcrypt/src/cmac.c
SRC_C += ../../wolfcrypt/src/des3.c
SRC_C += ../../wolfcrypt/src/dh.c
SRC_C += ../../wolfcrypt/src/ecc.c
SRC_C += ../../wolfcrypt/src/hmac.c
SRC_C += ../../wolfcrypt/src/random.c
SRC_C += ../../wolfcrypt/src/rsa.c
SRC_C += ../../wolfcrypt/src/sha.c
SRC_C += ../../wolfcrypt/src/sha256.c
SRC_C += ../../wolfcrypt/src/sha512.c
SRC_C += ../../wolfcrypt/src/sha3.c
SRC_C += ../../wolfcrypt/src/fips.c
SRC_C += ../../wolfcrypt/src/fips_test.c
SRC_C += ../../wolfcrypt/src/wolfcrypt_last.c
# wolfCrypt Additional
SRC_C += ../../wolfcrypt/src/asn.c
SRC_C += ../../wolfcrypt/src/chacha.c
SRC_C += ../../wolfcrypt/src/cmac.c
SRC_C += ../../wolfcrypt/src/coding.c
SRC_C += ../../wolfcrypt/src/compress.c
SRC_C += ../../wolfcrypt/src/cpuid.c
SRC_C += ../../wolfcrypt/src/cryptodev.c
SRC_C += ../../wolfcrypt/src/curve25519.c
SRC_C += ../../wolfcrypt/src/ed25519.c
SRC_C += ../../wolfcrypt/src/error.c
SRC_C += ../../wolfcrypt/src/fe_low_mem.c
SRC_C += ../../wolfcrypt/src/fe_operations.c
SRC_C += ../../wolfcrypt/src/ge_low_mem.c
SRC_C += ../../wolfcrypt/src/ge_operations.c
SRC_C += ../../wolfcrypt/src/hash.c
SRC_C += ../../wolfcrypt/src/integer.c
SRC_C += ../../wolfcrypt/src/logging.c
SRC_C += ../../wolfcrypt/src/md5.c
SRC_C += ../../wolfcrypt/src/memory.c
SRC_C += ../../wolfcrypt/src/misc.c
SRC_C += ../../wolfcrypt/src/pkcs12.c
SRC_C += ../../wolfcrypt/src/pkcs7.c
SRC_C += ../../wolfcrypt/src/poly1305.c
SRC_C += ../../wolfcrypt/src/pwdbased.c
SRC_C += ../../wolfcrypt/src/signature.c
SRC_C += ../../wolfcrypt/src/srp.c
SRC_C += ../../wolfcrypt/src/sp_arm32.c
SRC_C += ../../wolfcrypt/src/sp_arm64.c
SRC_C += ../../wolfcrypt/src/sp_c32.c
SRC_C += ../../wolfcrypt/src/sp_int.c
SRC_C += ../../wolfcrypt/src/tfm.c
SRC_C += ../../wolfcrypt/src/wc_encrypt.c
SRC_C += ../../wolfcrypt/src/wc_port.c
SRC_C += ../../wolfcrypt/src/wolfevent.c
SRC_C += ../../wolfcrypt/src/wolfmath.c
# wolfCrypt non-standard algorithms (disabled by default)
SRC_C += ../../wolfcrypt/src/arc4.c
SRC_C += ../../wolfcrypt/src/blake2b.c
SRC_C += ../../wolfcrypt/src/camellia.c
SRC_C += ../../wolfcrypt/src/dsa.c
SRC_C += ../../wolfcrypt/src/hc128.c
SRC_C += ../../wolfcrypt/src/idea.c
SRC_C += ../../wolfcrypt/src/md2.c
SRC_C += ../../wolfcrypt/src/md4.c
SRC_C += ../../wolfcrypt/src/rabbit.c
SRC_C += ../../wolfcrypt/src/ripemd.c
FILENAMES_C = $(notdir $(SRC_C))
FILENAMES_C := $(filter-out evp.c, $(FILENAMES_C))
OBJS_C = $(addprefix $(BUILD_DIR)/, $(FILENAMES_C:.c=.o))
vpath %.c $(dir $(SRC_C))
build_hex: $(BUILD_DIR) $(BUILD_DIR)/$(BIN).hex
@echo ""
$(CMD_ECHO) @$(SIZE) $(BUILD_DIR)/$(BIN).elf
@ -90,6 +189,9 @@ $(BUILD_DIR)/$(BIN).elf: $(OBJS_ASM) $(OBJS_C)
@echo "Generating name list: $(BIN).sym"
$(CMD_ECHO) $(NM) -n $@ > $(BUILD_DIR)/$(BIN).sym
@echo "Showing final size:"
$(CMD_ECHO) ls -la $@
@echo "Generating disassembly: $(BIN).disasm"
$(CMD_ECHO) $(OBJDUMP) -S $@ > $(BUILD_DIR)/$(BIN).disasm
@ -100,6 +202,9 @@ $(BUILD_DIR)/$(BIN).a: $(OBJS_ASM) $(OBJS_C)
@echo "Generating name list: $(BIN).sym"
$(CMD_ECHO) $(NM) -n $@ > $(BUILD_DIR)/$(BIN).sym
@echo "Showing final size:"
$(CMD_ECHO) ls -la $@
@echo "Generating disassembly: $(BIN).disasm"
$(CMD_ECHO) $(OBJDUMP) -S $@ > $(BUILD_DIR)/$(BIN).disasm

92
IDE/GCC-ARM/README.md
View File

@ -14,50 +14,69 @@ This example is for Cortex M series, but can be adopted for other architectures.
1. Make sure you have `gcc-arm-none-eabi` installed.
2. Modify the `Makefile.common`:
* Use correct toolchain path `TOOLCHAIN`.
* Use correct architecture 'ARCHFLAGS' (default is cortex-m0 / thumb). See [GCC ARM Options](https://gcc.gnu.org/onlinedocs/gcc-4.7.3/gcc/ARM-Options.html) `-mcpu=name`.
3. Use `make` and it will build the static library and wolfCrypt test/benchmark and wolfSSL TLS client targets as `.elf` and `.hex` in `/Build`.
* Use correct architecture 'ARCHFLAGS'. See [GCC ARM Options](https://gcc.gnu.org/onlinedocs/gcc-4.7.3/gcc/ARM-Options.html) `-mcpu=name`.
* Confirm memory map in linker.ld matches your flash/ram or comment out `SRC_LD = -T./linker.ld` in Makefile.common.
3. Use `make` to build the static library (libwolfssl.a), wolfCrypt test/benchmark and wolfSSL TLS client targets as `.elf` and `.hex` in `/Build`.
### Building for Raspberry Pi
Example `Makefile.common` changes for Rasperry Pi with Cortex-A53:
## Building for Raspberry Pi
1. Change ARCHFLAGS to `ARCHFLAGS = -mcpu=cortex-a53 -mthumb -mabi=aapcs` to specify Cortex-A53.
Example `Makefile.common` changes for Raspberry Pi with Cortex-A53:
1. In Makefile.common change `ARCHFLAGS` to `-mcpu=cortex-a53 -mthumb`.
2. Comment out `SRC_LD`, since custom memory map is not applicable.
3. Clear `TOOLCHAIN`, so it will use default `gcc`. Set `TOOLCHAIN = `
4. Comment out `LDFLAGS += --specs=nano.specs --specs=nosys.specs` to disable newlib-nano.
4. Comment out `LDFLAGS += --specs=nano.specs` and `LDFLAGS += --specs=nosys.specs` to nosys and nano.
Note: To comment out a line in a Makefile use place `#` in front of line.
### Example Build
## Building for FIPS
1. Request evaluation from wolfSSL by emailing fips@wolfss.com.
2. Modify user_settings.h so section for `HAVE_FIPS` is enabled.
3. Use `make`.
4. Run the wolfCrypt test `./Build/WolfCryptTest.elf` to generate the FIPS boundary HASH
Example:
```
make clean && make
text data bss dec hex filename
50076 2508 44 52628 cd94 ./Build/WolfCryptTest.elf
text data bss dec hex filename
39155 2508 60 41723 a2fb ./Build/WolfCryptBench.elf
text data bss dec hex filename
70368 464 36 70868 114d4 ./Build/WolfSSLClient.elf
$ Crypt Test
error test passed!
base64 test passed!
base16 test passed!
asn test passed!
in my Fips callback, ok = 0, err = -203
message = In Core Integrity check FIPS error
hash = F607C7B983D1D283590448A56381DE460F1E83CB02584F4D77B7F2C583A8F5CD
In core integrity hash check failure, copy above hash
into verifyCore[] in fips_test.c and rebuild
SHA test failed!
error = -1802
Crypt Test: Return code -1
```
### Building with configure
5. Update the `../../wolfcrypt/src/fips_test.c` array `static const char verifyCore[] = {}` with the correct core hash check.
6. Build again using `make`.
7. Run the wolfCrypt test.
## Building with configure
The configure script in the main project directory can perform a cross-compile
build with the the gcc-arm-none-eabi tools. Assuming the tools are installed in
your executable path:
```
$ ./configure CFLAGS="-march=armv8-a \
--specs=nosys.specs -DHAVE_PK_CALLBACKS \
-DWOLFSSL_USER_IO -DNO_WRITEV" \
--host=arm-non-eabi --disable-filesystem \
--enable-fastmath --disable-shared \
CC=arm-none-eabi-gcc AR=arm-none-eabi-ar \
STRIP=arm-none-eabi-strip RANLIB=arm-none-eabi-ranlib \
--prefix=/path/to/build/wolfssl-arm
$ ./configure \
--host=arm-non-eabi \
CC=arm-none-eabi-gcc \
AR=arm-none-eabi-ar \
STRIP=arm-none-eabi-strip \
RANLIB=arm-none-eabi-ranlib \
--prefix=/path/to/build/wolfssl-arm \
CFLAGS="-march=armv8-a --specs=nosys.specs \
-DHAVE_PK_CALLBACKS -DWOLFSSL_USER_IO -DNO_WRITEV" \
--disable-filesystem --enable-fastmath \
--disable-shared
$ make
$ make install
```
@ -65,7 +84,22 @@ $ make install
If you are building for a 32-bit architecture, add `-DTIME_T_NOT_LONG` to the
list of CFLAGS.
## Performace Tuning Options
## Example Build Output
```
make clean && make
text data bss dec hex filename
50076 2508 44 52628 cd94 ./Build/WolfCryptTest.elf
text data bss dec hex filename
39155 2508 60 41723 a2fb ./Build/WolfCryptBench.elf
text data bss dec hex filename
70368 464 36 70868 114d4 ./Build/WolfSSLClient.elf
```
## Performance Tuning Options
These settings are located in `Header/user_settings.h`.
@ -79,7 +113,7 @@ These settings are located in `Header/user_settings.h`.
* `ECC_TIMING_RESISTANT`: Enables timing resistance for ECC and uses slightly less memory.
* `ECC_SHAMIR`: Doubles heap usage, but slightly faster
* `RSA_LOW_MEM`: Half as much memory but twice as slow. Uses Non-CRT method for private key.
AES GCM: `GCM_SMALL`, `GCM_WORD32` or `GCM_TABLE`: Tunes performance and flash/memory usage.
* AES GCM: `GCM_SMALL`, `GCM_WORD32` or `GCM_TABLE`: Tunes performance and flash/memory usage.
* `CURVED25519_SMALL`: Enables small versions of Ed/Curve (FE/GE math).
* `USE_SLOW_SHA`: Enables smaller/slower version of SHA.
* `USE_SLOW_SHA256`: About 2k smaller and about 25% slower
@ -87,3 +121,5 @@ AES GCM: `GCM_SMALL`, `GCM_WORD32` or `GCM_TABLE`: Tunes performance and flash/m
* `USE_CERT_BUFFERS_1024` or `USE_CERT_BUFFERS_2048`: Size of RSA certs / keys to test with.
* `BENCH_EMBEDDED`: Define this if using the wolfCrypt test/benchmark and using a low memory target.
* `ECC_USER_CURVES`: Allows user to defines curve sizes to enable. Default is 256-bit on. To enable others use `HAVE_ECC192`, `HAVE_ECC224`, etc....
* `TFM_ARM`, `TFM_SSE2`, `TFM_AVR32`, `TFM_PPC32`, `TFM_MIPS`, `TFM_X86` or `TFM_X86_64`: These are assembly optimizations available with USE_FAST_MATH.
* Single Precision Math for ARM: See `WOLFSSL_SP`. Optimized math for ARM performance of specific RSA, DH and ECC algorithms.

87
IDE/GCC-ARM/Source/armtarget.c
View File

@ -1,6 +1,6 @@
/* armtarget.c
*
* Copyright (C) 2006-2017 wolfSSL Inc.
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -29,13 +29,9 @@
#include <stdarg.h>
#include <string.h>
/* Test to determine if ARM Cortex M */
#if defined(__arm__) && defined(__ARM_ARCH) && (__ARM_ARCH == 6 || __ARM_ARCH == 7)
#define CORTEX_M_SERIES
#endif
#ifdef USE_WOLF_ARM_STARTUP
#ifdef CORTEX_M_SERIES
/* Memory initialization */
extern uint32_t __data_load_start__[];
extern uint32_t __data_start__[];
@ -63,12 +59,12 @@ void meminit32(uint32_t* start, uint32_t* end)
*start++ = 0;
}
}
#endif /* CORTEX_M_SERIES */
#endif /* USE_WOLF_ARM_STARTUP */
/* Entry Point */
void reset_handler(void)
{
#ifdef CORTEX_M_SERIES
#ifdef USE_WOLF_ARM_STARTUP
/* Init sections */
memcpy32(__data_load_start__, __data_start__, __data_end__);
meminit32(__bss_start__, __bss_end__);
@ -76,7 +72,7 @@ void reset_handler(void)
/* Init heap */
__heap_start__[0] = 0;
__heap_start__[1] = ((uint32_t)__heap_end__ - (uint32_t)__heap_start__);
#endif /* CORTEX_M_SERIES */
#endif /* USE_WOLF_ARM_STARTUP */
/* Start main */
extern int main(void);
@ -86,7 +82,7 @@ void reset_handler(void)
while(1);
}
#ifdef CORTEX_M_SERIES
#ifdef USE_WOLF_ARM_STARTUP
// Vector Exception/Interrupt Handlers
static void Default_Handler(void)
{
@ -186,7 +182,7 @@ void HardFault_Handler(void)
);
}
// Vectors
/* Vectors Table */
typedef void (*vector_entry)(void);
const vector_entry vectors[] __attribute__ ((section(".vectors"),used)) =
{
@ -211,71 +207,4 @@ const vector_entry vectors[] __attribute__ ((section(".vectors"),used)) =
/* remainder go below */
};
#endif /* CORTEX_M_SERIES */
/* TIME CODE */
/* TODO: Implement real RTC */
static int gTimeMs;
static int hw_get_time_sec(void)
{
return ++gTimeMs;
}
unsigned long my_time(unsigned long* timer)
{
(void)timer;
return hw_get_time_sec();
}
unsigned int LowResTimer(void)
{
return hw_get_time_sec();
}
double current_time(int reset)
{
double time;
int timeMs = gTimeMs;
(void)reset;
time = (timeMs / 1000); // sec
time += (double)(timeMs % 1000) / 1000; // ms
return time;
}
/* RNG CODE */
/* TODO: Implement real RNG */
static int gCounter;
int hw_rand(void)
{
return ++gCounter;
}
unsigned int custom_rand_generate(void)
{
return hw_rand();
}
int custom_rand_generate_block(unsigned char* output, unsigned int sz)
{
uint32_t i = 0;
while (i < sz)
{
/* If not aligned or there is odd/remainder */
if( (i + sizeof(CUSTOM_RAND_TYPE)) > sz ||
((uint32_t)&output[i] % sizeof(CUSTOM_RAND_TYPE)) != 0
) {
/* Single byte at a time */
output[i++] = (unsigned char)custom_rand_generate();
}
else {
/* Use native 8, 16, 32 or 64 copy instruction */
*((CUSTOM_RAND_TYPE*)&output[i]) = custom_rand_generate();
i += sizeof(CUSTOM_RAND_TYPE);
}
}
return 0;
}
#endif /* USE_WOLF_ARM_STARTUP */

15
IDE/GCC-ARM/Source/benchmark_main.c
View File

@ -20,10 +20,12 @@
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfcrypt/benchmark/benchmark.h>
#include <stdio.h>
#ifndef NO_CRYPT_BENCHMARK
typedef struct func_args {
int argc;
char** argv;
@ -31,17 +33,22 @@ typedef struct func_args {
} func_args;
static func_args args = { 0 } ;
#endif
int main(void)
{
int ret;
#ifndef NO_CRYPT_BENCHMARK
wolfCrypt_Init();
printf("\nBenchmark Test\n");
benchmark_test(&args);
printf("Benchmark Test: Return code %d\n", args.return_code);
ret = args.return_code;
printf("Benchmark Test: Return code %d\n", ret);
wolfCrypt_Cleanup();
return 0;
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}

14
IDE/GCC-ARM/Source/test_main.c
View File

@ -22,9 +22,11 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfcrypt/test/test.h>
#include <stdio.h>
#ifndef NO_CRYPT_TEST
typedef struct func_args {
int argc;
char** argv;
@ -32,16 +34,22 @@ typedef struct func_args {
} func_args;
static func_args args = { 0 } ;
#endif
int main(void)
{
int ret;
#ifndef NO_CRYPT_TEST
wolfCrypt_Init();
printf("\nCrypt Test\n");
wolfcrypt_test(&args);
printf("Crypt Test: Return code %d\n", args.return_code);
ret = args.return_code;
printf("Crypt Test: Return code %d\n", ret);
wolfCrypt_Cleanup();
return 0;
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}

9
IDE/GCC-ARM/Source/tls_client.c
View File

@ -21,6 +21,10 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef WOLFCRYPT_ONLY
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <stdio.h>
@ -182,17 +186,22 @@ fail:
return -1;
}
#endif
int main(void)
{
int ret;
#ifndef WOLFCRYPT_ONLY
wolfSSL_Init();
ret = tls_client();
wolfSSL_Cleanup();
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}

142
IDE/GCC-ARM/Source/wolf_main.c Normal file
View File

@ -0,0 +1,142 @@
/* wolf_main.c
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/random.h> /* for CUSTOM_RAND_TYPE */
#include <stdint.h>
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
/* TIME CODE */
/* TODO: Implement real RTC */
/* Optionally you can define NO_ASN_TIME to disable all cert time checks */
static int gTimeMs;
static int hw_get_time_sec(void)
{
#warning Must implement your own time source if validating certificates
return ++gTimeMs;
}
/* This is used by wolfCrypt asn.c for cert time checking */
unsigned long my_time(unsigned long* timer)
{
(void)timer;
return hw_get_time_sec();
}
#ifndef WOLFCRYPT_ONLY
/* This is used by TLS only */
unsigned int LowResTimer(void)
{
return hw_get_time_sec();
}
#endif
#ifndef NO_CRYPT_BENCHMARK
/* This is used by wolfCrypt benchmark tool only */
double current_time(int reset)
{
double time;
int timeMs = gTimeMs;
(void)reset;
time = (timeMs / 1000); // sec
time += (double)(timeMs % 1000) / 1000; // ms
return time;
}
#endif
/* RNG CODE */
/* TODO: Implement real RNG */
static unsigned int gCounter;
unsigned int hw_rand(void)
{
#warning Must implement your own random source
return ++gCounter;
}
unsigned int my_rng_seed_gen(void)
{
return hw_rand();
}
int my_rng_gen_block(unsigned char* output, unsigned int sz)
{
uint32_t i = 0;
while (i < sz)
{
/* If not aligned or there is odd/remainder */
if( (i + sizeof(CUSTOM_RAND_TYPE)) > sz ||
((uint32_t)&output[i] % sizeof(CUSTOM_RAND_TYPE)) != 0
) {
/* Single byte at a time */
output[i++] = (unsigned char)my_rng_seed_gen();
}
else {
/* Use native 8, 16, 32 or 64 copy instruction */
*((CUSTOM_RAND_TYPE*)&output[i]) = my_rng_seed_gen();
i += sizeof(CUSTOM_RAND_TYPE);
}
}
return 0;
}
#ifdef XMALLOC_OVERRIDE
void *myMalloc(size_t n, void* heap, int type)
{
(void)n;
(void)heap;
(void)type;
#warning Must implement your own malloc
return NULL;
}
void myFree(void *p, void* heap, int type)
{
(void)p;
(void)heap;
(void)type;
#warning Must implement your own free
}
/* Required for normal math (!USE_FAST_MATH) */
void *myRealloc(void *p, size_t n, void* heap, int type)
{
(void)p;
(void)n;
(void)heap;
(void)type;
#warning Must implement your own realloc
return NULL;
}
#endif /* XMALLOC_OVERRIDE */

1
IDE/GCC-ARM/include.am
View File

@ -4,6 +4,7 @@
EXTRA_DIST+= IDE/GCC-ARM/Header/user_settings.h
EXTRA_DIST+= IDE/GCC-ARM/Source/armtarget.c
EXTRA_DIST+= IDE/GCC-ARM/Source/wolf_main.c
EXTRA_DIST+= IDE/GCC-ARM/Source/benchmark_main.c
EXTRA_DIST+= IDE/GCC-ARM/Source/test_main.c
EXTRA_DIST+= IDE/GCC-ARM/Source/tls_client.c