M68K (coldfire MCF5441X) wolfcrypt build and examples

fix for make dist and cleanup makefile

add aes file to Makefile

macro guards and entropy warning

add AES to build

IDE/M68K/Makefile

@@ -0,0 +1,91 @@
+NAME    = wolfssl
+DEVICE  = -m5206e -gdwarf-2 -DMOD5441X -DMCF5441X
+OLEVEL  = -O2
+NBHEADERS = -I"$(NBROOT)/include" -I"$(NBROOT)/MOD5441X/include"
+
+# location to put wolfssl.a created
+OUTPUT  = $(NBROOT)/lib
+
+
+CSRCS := ../../wolfcrypt/src/rsa.c \
+        ../../wolfcrypt/src/asn.c \
+        ../../wolfcrypt/src/aes.c \
+        ../../wolfcrypt/src/sha.c \
+        ../../wolfcrypt/src/sha256.c \
+        ../../wolfcrypt/src/sha512.c \
+        ../../wolfcrypt/src/integer.c \
+        ../../wolfcrypt/src/tfm.c \
+        ../../wolfcrypt/src/random.c \
+        ../../wolfcrypt/src/logging.c \
+        ../../wolfcrypt/src/memory.c \
+        ../../wolfcrypt/src/coding.c \
+        ../../wolfcrypt/src/hash.c \
+        ../../wolfcrypt/src/hmac.c \
+        ../../wolfcrypt/src/md5.c \
+        ../../wolfcrypt/src/wc_port.c \
+        ../../wolfcrypt/src/wc_encrypt.c \
+        ../../wolfcrypt/src/wolfmath.c \
+        ../../wolfcrypt/src/sp_c32.c \
+        ../../wolfcrypt/src/sp_int.c \
+        ../../wolfcrypt/src/signature.c \
+        ../../wolfcrypt/src/error.c \
+        ../../src/wolfio.c \
+        ../../src/ssl.c
+
+INC = -I"./" -I"../../"
+EXTRACFLAGS  = -DWOLFSSL_USER_SETTINGS $(INC) $(DEVICE) $(OLEVEL)
+EXTRACFLAGS += -DNBMINGW -Wall -fno-rtti -fno-exceptions -falign-functions=4
+EXTRACFLAGS += $(NBHEADERS)
+EXTRACXXFLAGS = $(EXTRACFLAGS)
+
+#LDEXTRA =
+LIBOBJS = ./rsa.o \
+          ./asn.o \
+          ./aes.o \
+          ./sha.o \
+          ./sha256.o \
+          ./sha512.o \
+          ./integer.o \
+          ./tfm.o \
+          ./random.o \
+          ./logging.o \
+          ./memory.o \
+          ./coding.o \
+          ./hash.o \
+          ./hmac.o \
+          ./md5.o \
+          ./wc_port.o \
+          ./wc_encrypt.o \
+          ./wolfmath.o \
+          ./sp_c32.o \
+          ./sp_int.o \
+          ./signature.o \
+          ./wolfio.o \
+          ./ssl.o \
+          ./error.o
+
+#include $(NBROOT)/make/libmain.mak
+
+all: compile link rmo
+
+# compiling using g++ compiler to avoid mangled name complications if linking
+# against other NetBurner libraries
+compile:
+	m68k-elf-g++ $(EXTRACFLAGS) -c $(CSRCS)
+
+link:
+	m68k-elf-ar -cr $(OUTPUT)/$(NAME).a $(LIBOBJS)
+
+rmo:
+	rm -f *.o
+
+clean: rmo
+	rm -f $(OUTPUT)/$(NAME).a
+
+help:
+	@echo "all     : exectue compile, link, rmo"
+	@echo "compile : create .o files"
+	@echo "link    : create .a library from .o files"
+	@echo "rmo     : remove all .o files"
+	@echo "clean   : remove all .o files and .a library"
+

IDE/M68K/README.md

@@ -0,0 +1,46 @@
+This is makefile's for creating a wolfCrypt library using the m68k-elf-gcc
+toolchain and example benchmark/testwolfcrypt application linking to it. The
+examples and default builds where made to support a MCF5441X board.
+
+Macros to define for use:
+WOLFSSL_MCF5441X /* arch settings i.e. sizeof long and endianess */
+WOLFSSL_NETBURNER /* for use of NetBurner headers and RNG seed */
+
+
+To build the wolfssl.a library (settings for wolfCrypt only by default) run
+"make" from the directory wolfssl-root/IDE/M68K/.
+By default this outputs the wolfssl.a library to be at $(NBROOT)/lib. This can
+be adjusted by adjusting the variable OUTPUT in Makefile.
+
+If the macro WOLFSSL_MCF5441X is defined then
+wolfssl-root/wolfssl/wolfcrypt/settings.h sets the sizeof long and long long
+along with big endian macro.
+
+The configuration for the build is located in wolfssl-root/IDE/M68K/user_settings.h
+Along with the defualt build there is 2 others BUILD_B (smaller resource use),
+and BUILD_C (faster runtime with more resource use).
+
+RSA speeds of the builds
+
+default:
+RSA 2048 public 3.333 ops/sec
+RSA 2048 private 0.190 ops/sec
+
+BUILD_B
+RSA 2048 public 3.333 ops/sec
+RSA 2048 private 0.053 ops/sec
+
+BUILD_C
+RSA 2048 public 7.619 ops/sec
+RSA 2048 private 0.276 ops/sec
+
+###Building testwolfcryt/benchmark
+To build either testwolfcrypt or benchmark first build wolfssl.a, place it in
+$(NBROOT)/lib and then cd into the respective directory. Running "make" will
+then create a .s19 application that can be ran on the board.
+
+When running either testwolfcrypt or the benchmark app the first thing they do
+is loop on calling RandomValid until getting a successful return. This is done
+in order to wait for a source of entropy. It could take several moments until
+completed.
+

IDE/M68K/benchmark/Makefile

@@ -0,0 +1,11 @@
+NAME    = benchmark
+PLATFORM = MOD5441X
+CSRCS := ../../../wolfcrypt/benchmark/benchmark.c
+CXXSRCS := ./main.cpp
+XTRALIB += $(NBROOT)/lib/wolfssl.a
+
+INC = -I"./../../../" -I"./../"
+EXTRACFLAGS = $(INC) -DWOLFSSL_USER_SETTINGS -DUSE_CERT_BUFFERS_2048 -DBENCH_EMBEDDED  -DNO_MAIN_DRIVER
+EXTRACXXFLAGS = $(EXTRACFLAGS)
+
+include $(NBROOT)/make/main.mak

IDE/M68K/benchmark/main.cpp

@@ -0,0 +1,79 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <predef.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <startnet.h>
+#include <autoupdate.h>
+#include <dhcpclient.h>
+#include <random.h>
+#include <init.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+extern "C" {
+void UserMain(void * pd);
+}
+
+const char * AppName="benchmark";
+
+typedef struct func_args {
+    int argc;
+    char** argv;
+    int return_code;
+} func_args;
+
+void UserMain(void * pd) {
+    InitializeStack();
+    GetDHCPAddressIfNecessary();
+    OSChangePrio(MAIN_PRIO);
+    EnableAutoUpdate();
+
+
+    init();
+    iprintf("wolfcrypt benchmark Application started\n");
+    iprintf("waiting for sufficient entropy before starting...\n\r");
+    iprintf("looks like NetBurner is using uart/tcp to seed GetRandomX so ..."
+            " input enough uart characters.\n\r");
+    {
+        BYTE b;
+        do {
+            b = GetRandomByte();
+            iprintf(".");
+        } while (!RandomValid());
+        iprintf("\n\r");
+        (void)b;
+    }
+
+    /* run wolfCrypt benchmarks */
+    {
+        func_args args;
+        args.argc = 0;
+        args.argv = NULL;
+
+        benchmark_test(&args);
+    }
+    while (1) {
+        OSTimeDly(TICKS_PER_SECOND);
+    }
+}

IDE/M68K/include.am

@@ -0,0 +1,11 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/M68K/README.md
+EXTRA_DIST+= IDE/M68K/Makefile
+EXTRA_DIST+= IDE/M68K/user_settings.h
+EXTRA_DIST+= IDE/M68K/testwolfcrypt/main.cpp
+EXTRA_DIST+= IDE/M68K/testwolfcrypt/Makefile
+EXTRA_DIST+= IDE/M68K/benchmark/main.cpp
+EXTRA_DIST+= IDE/M68K/benchmark/Makefile

IDE/M68K/testwolfcrypt/Makefile

@@ -0,0 +1,12 @@
+NAME    = testwolfcyprt
+PLATFORM = MOD5441X
+CSRCS := ../../../wolfcrypt/test/test.c
+CXXSRCS := ./main.cpp
+XTRALIB += $(NBROOT)/lib/wolfssl.a
+
+INC = -I"./../../../" -I"./../"
+EXTRACFLAGS = $(INC) -DWOLFSSL_USER_SETTINGS -DUSE_CERT_BUFFERS_1024 -DNO_MAIN_DRIVER
+EXTRACXXFLAGS = $(EXTRACFLAGS)
+
+include $(NBROOT)/make/main.mak
+

IDE/M68K/testwolfcrypt/main.cpp

@@ -0,0 +1,82 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <predef.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <startnet.h>
+#include <autoupdate.h>
+#include <dhcpclient.h>
+#include <random.h>
+#include <init.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfcrypt/test/test.h>
+
+extern "C" {
+void UserMain(void * pd);
+}
+
+const char * AppName="testwolfcrypt";
+
+typedef struct func_args {
+    int argc;
+    char** argv;
+    int return_code;
+} func_args;
+
+
+void UserMain(void * pd) {
+    InitializeStack();
+    GetDHCPAddressIfNecessary();
+    OSChangePrio(MAIN_PRIO);
+    EnableAutoUpdate();
+
+
+    init();
+    iprintf("wolfcrypt test Application started\n\r");
+
+    iprintf("waiting for sufficient entropy before starting...\n\r");
+    iprintf("looks like NetBurner is using uart/tcp to seed GetRandomX so ..."
+            " input enough uart characters.\n\r");
+    {
+        BYTE b;
+        do {
+            b = GetRandomByte();
+            iprintf(".");
+        } while (!RandomValid());
+        iprintf("\n\r");
+        (void)b;
+    }
+
+    /* run wolfCrypt tests */
+    {
+        func_args args;
+        args.argc = 0;
+        args.argv = NULL;
+
+        wolfcrypt_test(&args);
+    }
+    while (1) {
+        OSTimeDly(TICKS_PER_SECOND);
+    }
+}

IDE/M68K/user_settings.h

@@ -0,0 +1,87 @@
+
+#ifndef USER_SETTINGS_H
+#define USER_SETTINGS_H
+
+
+/* Default build with fast math */
+
+
+/* Slower build but uses less memory */
+//#define BUILD_B
+
+/* Performant build but uses more memory */
+//#define BUILD_C
+
+
+
+/* Used for getting random value for seeding RNG */
+#define WOLFSSL_NETBURNER
+#define WOLFSSL_MCF5441X
+
+/* environment settings */
+#define NO_WRITEV
+#define WOLFSSL_NO_SOCK
+#define NO_WOLFSSL_DIR
+
+/* with USE_FAST_MATH smallstack is used to fit in the default stack size */
+#define WOLFSSL_SMALL_STACK
+
+
+/* enable features off by default */
+#define WOLFSSL_SHA512
+// OPENSSL_EXTRA uses a lot more memory but is needed in order to enable
+// compatibility layer API
+#define OPENSSL_EXTRA
+
+// additional RSA padding schemes
+#define WC_RSA_NO_PADDING
+#define WC_RSA_PSS
+
+// uncomment and add wolfSSL_Debugging_ON() to app for debug messages
+//#define DEBUG_WOLFSSL
+
+
+/* disable features that are on by default */
+#define WOLFCRYPT_ONLY
+#define NO_FILESYSTEM
+#define SINGLE_THREADED
+
+#define NO_ASN_TIME
+#define NO_PWDBASED
+#define NO_HC128
+#define NO_RABBIT
+#define NO_RC4
+#define NO_DSA
+#define NO_DES3
+#define NO_DH
+#define NO_MD4
+
+
+#define USE_FAST_MATH
+#ifdef BUILD_B
+    #define RSA_LOW_MEM
+    #define USE_SLOW_SHA
+    #define USE_SLOW_SHA256
+    #define NO_ERROR_STRINGS
+    #define USE_FAST_MATH
+#endif
+
+#ifdef BUILD_C
+    #define WOLFSSL_HAVE_SP_RSA
+    #define SP_WORD_SIZE 32
+#endif
+
+/* hardening against side channel attacks */
+#if defined(USE_FAST_MATH)
+    #define TFM_TIMING_RESISTANT
+    #ifdef HAVE_ECC
+        #define ECC_TIMING_RESISTANT
+    #endif
+#endif /* USE_FAST_MATH */
+#ifndef NO_RSA
+    /* this slows down RSA operations but increases side channel resistance */
+    #define WC_RSA_BLINDING
+#endif
+
+#endif /* USER_SETTINGS_H */
+

IDE/include.am

@@ -25,6 +25,7 @@ include IDE/Renesas/cs+/Projects/include.am
 include IDE/Renesas/e2studio/Projects/include.am
 include IDE/WICED-STUDIO/include.am
 include IDE/CRYPTOCELL/include.am
+include IDE/M68K/include.am
 include IDE/RISCV/include.am
 
 EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif IDE/zephyr

wolfcrypt/benchmark/benchmark.c

@@ -5631,6 +5631,18 @@ exit_ed_verify:
         return (double)k_uptime_get() / 1000;
     }
 
+#elif defined(WOLFSSL_NETBURNER)
+    #include <predef.h>
+    #include <utils.h>
+    #include <constants.h>
+
+    double current_time(int reset)
+    {
+        DWORD ticks = TimeTick; /* ticks since system start */
+        (void)reset;
+
+        return (double) ticks/TICKS_PER_SECOND;
+    }
 #else
 
     #include <sys/time.h>

wolfcrypt/src/asn.c

@@ -8205,7 +8205,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
     }
 
 #ifdef WOLFSSL_SMALL_STACK
-    sigCtx = XMALLOC(sizeof(*sigCtx), heap, DYNAMIC_TYPE_SIGNATURE);
+    sigCtx = (SignatureCtx*)XMALLOC(sizeof(*sigCtx), heap, DYNAMIC_TYPE_SIGNATURE);
     if (sigCtx == NULL)
         return MEMORY_E;
 #endif

wolfcrypt/src/random.c

@@ -136,6 +136,10 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
     #include "fsl_rnga.h"
 #elif defined(WOLFSSL_WICED)
     #include "wiced_crypto.h"
+#elif defined(WOLFSSL_NETBURNER)
+    #include <predef.h>
+    #include <basictypes.h>
+    #include <random.h>
 #elif defined(NO_DEV_RANDOM)
 #elif defined(CUSTOM_RAND_GENERATE)
 #elif defined(CUSTOM_RAND_GENERATE_BLOCK)
@@ -2100,6 +2104,27 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         return ret;
     }
 
+#elif defined(WOLFSSL_NETBURNER)
+    #warning using NetBurner pseudo random GetRandomByte for seed
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        word32 i;
+        (void)os;
+
+        if (output == NULL) {
+            return BUFFER_E;
+        }
+
+        for (i = 0; i < sz; i++) {
+            output[i] = GetRandomByte();
+
+            /* check if was a valid random number */
+            if (!RandomValid())
+                return RNG_FAILURE_E;
+        }
+
+        return 0;
+    }
 #elif defined(IDIRECT_DEV_RANDOM)
 
     extern int getRandom( int sz, unsigned char *output );

wolfcrypt/test/test.c

@@ -10850,6 +10850,8 @@ int rsa_no_pad_test(void)
 
 #ifndef WOLFSSL_RSA_VERIFY_ONLY
     inLen = wc_RsaEncryptSize(&key);
+    outSz   = inLen;
+    plainSz = inLen;
     XMEMSET(tmp, 7, inLen);
     do {
     #if defined(WOLFSSL_ASYNC_CRYPT)

wolfssl/internal.h

@@ -180,7 +180,7 @@
         #define WOLFSSL_PTHREADS
         #include <pthread.h>
     #endif
-    #ifdef OPENSSL_EXTRA
+    #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
         #include <unistd.h>      /* for close of BIO */
     #endif
 #endif

wolfssl/wolfcrypt/settings.h

@@ -1343,6 +1343,15 @@ extern void uITRON4_free(void *p) ;
     #endif
 #endif /* MICRIUM */
 
+#ifdef WOLFSSL_MCF5441X
+    #define BIG_ENDIAN_ORDER
+    #ifndef SIZEOF_LONG
+        #define SIZEOF_LONG 4
+    #endif
+    #ifndef SIZEOF_LONG_LONG
+        #define SIZEOF_LONG_LONG 8
+    #endif
+#endif
 
 #ifdef WOLFSSL_QL
     #ifndef WOLFSSL_SEP

wolfssl/wolfcrypt/wc_port.h

@@ -145,7 +145,8 @@
         #define WOLFSSL_PTHREADS
         #include <pthread.h>
     #endif
-    #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+    #if (defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)) && \
+        !defined(NO_FILESYSTEM)
         #include <unistd.h>      /* for close of BIO */
     #endif
 #endif

wolfssl/wolfio.h

@@ -42,7 +42,8 @@
 
 #if !defined(WOLFSSL_USER_IO)
     /* Micrium uses NetSock I/O callbacks in wolfio.c */
-    #if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) && !defined(WOLFSSL_CONTIKI)
+    #if !defined(USE_WOLFSSL_IO) && !defined(MICRIUM) && \
+        !defined(WOLFSSL_CONTIKI) && !defined(WOLFSSL_NO_SOCK)
         #define USE_WOLFSSL_IO
     #endif
 #endif
@@ -328,7 +329,7 @@ WOLFSSL_API  int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
 
 #endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
 
-
+#ifndef WOLFSSL_NO_SOCK
 #ifdef USE_WINDOWS_API
     #ifndef CloseSocket
         #define CloseSocket(s) closesocket(s)
@@ -349,6 +350,7 @@ WOLFSSL_API  int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
         extern int close(int);
     #endif
 #endif
+#endif /* WOLFSSL_NO_SOCK */
 
 
 WOLFSSL_API int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx);