feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added support for SHA512, ED25519/CURVE25519 and ChaCha20/Poly1305. Enabled ECC Single Precision (SP) support. Updated README.md wolfCrypt test/benchmarks. Pulled in fix "Fix casting of memory allocation to correct type" from Sean.

Browse Source
This commit is contained in:
David Garske
2019-06-05 20:21:48 -07:00
parent 4f80c7c94e
commit fdd01c8c8c
5 changed files with 88 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
IDE/ECLIPSE/SIFIVE/Makefile
View File

@ -26,7 +26,8 @@ OPT_CFLAGS = -specs=nano.specs
# The __stack_size and __heap_size symbols are defined in the linker metal.default.ld
# script in the freedom-e-sdk.
override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \
-Xlinker --defsym=__stack_size=0x1000
-Xlinker --defsym=__stack_size=0x1200 \
-Xlinker --defsym=__heap_size=0x800
$(PROGRAM): $(SRC)
$(CC) $(CFLAGS) $(SRC) $(LDFLAGS) $(LDLIBS) -o $@

76
IDE/ECLIPSE/SIFIVE/README.md
View File

@ -103,10 +103,15 @@ base64 test passed!
asn test passed!
SHA test passed!
SHA-256 test passed!
SHA-512 test passed!
Hash test passed!
HMAC-SHA test passed!
HMAC-SHA256 test passed!
HMAC-SHA512 test passed!
GMAC test passed!
Chacha test passed!
POLY1305 test passed!
ChaCha20-Poly1305 AEAD test passed!
AES test passed!
AES192 test passed!
AES256 test passed!
@ -114,6 +119,8 @@ AES-GCM test passed!
RANDOM test passed!
ECC test passed!
ECC buffer test passed!
CURVE25519 test passed!
ED25519 test passed!
logging test passed!
mutex test passed!
Test complete
@ -125,45 +132,62 @@ benchmark_test() prints a message on the target console similar to the following
TARGET=sifive-hifive1-revb:
```
SiFive HiFive1 Demo
Setting clock to 320MHz
Actual Clock 320MHz
------------------------------------------------------------------------------
wolfSSL version 4.0.0
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 12 MB took 1.000 seconds, 11.666 MB/s
AES-128-CBC-enc 50 KB took 1.659 seconds, 30.131 KB/s
AES-128-CBC-dec 50 KB took 1.657 seconds, 30.183 KB/s
AES-192-CBC-enc 50 KB took 1.839 seconds, 27.189 KB/s
AES-192-CBC-dec 50 KB took 1.836 seconds, 27.230 KB/s
AES-256-CBC-enc 25 KB took 1.010 seconds, 24.759 KB/s
AES-256-CBC-dec 25 KB took 1.008 seconds, 24.791 KB/s
AES-128-GCM-enc 25 KB took 1.508 seconds, 16.576 KB/s
AES-128-GCM-dec 25 KB took 1.510 seconds, 16.559 KB/s
AES-192-GCM-enc 25 KB took 1.605 seconds, 15.573 KB/s
AES-192-GCM-dec 25 KB took 1.607 seconds, 15.558 KB/s
AES-256-GCM-enc 25 KB took 1.699 seconds, 14.716 KB/s
AES-256-GCM-dec 25 KB took 1.700 seconds, 14.702 KB/s
SHA 2 MB took 1.014 seconds, 1.589 MB/s
SHA-256 425 KB took 1.009 seconds, 421.068 KB/s
HMAC-SHA 1 MB took 1.013 seconds, 1.325 MB/s
HMAC-SHA256 425 KB took 1.018 seconds, 417.420 KB/s
ECC 256 key gen 2 ops took 1.393 sec, avg 696.503 ms, 1.436 ops/sec
ECDHE 256 agree 2 ops took 1.386 sec, avg 692.917 ms, 1.443 ops/sec
ECDSA 256 sign 2 ops took 1.406 sec, avg 703.064 ms, 1.422 ops/sec
ECDSA 256 verify 2 ops took 2.773 sec, avg 1386.597 ms, 0.721 ops/sec
RNG 200 KB took 1.044 seconds, 191.519 KB/s
AES-128-CBC-enc 50 KB took 1.657 seconds, 30.174 KB/s
AES-128-CBC-dec 50 KB took 1.659 seconds, 30.141 KB/s
AES-192-CBC-enc 50 KB took 1.837 seconds, 27.220 KB/s
AES-192-CBC-dec 50 KB took 1.839 seconds, 27.194 KB/s
AES-256-CBC-enc 25 KB took 1.009 seconds, 24.784 KB/s
AES-256-CBC-dec 25 KB took 1.010 seconds, 24.761 KB/s
AES-128-GCM-enc 25 KB took 1.493 seconds, 16.739 KB/s
AES-128-GCM-dec 25 KB took 1.564 seconds, 15.986 KB/s
AES-192-GCM-enc 25 KB took 1.591 seconds, 15.716 KB/s
AES-192-GCM-dec 25 KB took 1.662 seconds, 15.044 KB/s
AES-256-GCM-enc 25 KB took 1.684 seconds, 14.843 KB/s
AES-256-GCM-dec 25 KB took 1.755 seconds, 14.245 KB/s
CHACHA 1 MB took 1.004 seconds, 0.997 MB/s
CHA-POLY 675 KB took 1.021 seconds, 661.060 KB/s
POLY1305 2 MB took 1.007 seconds, 2.230 MB/s
SHA 1 MB took 1.016 seconds, 1.321 MB/s
SHA-256 425 KB took 1.005 seconds, 422.909 KB/s
SHA-512 25 KB took 2.043 seconds, 12.239 KB/s
HMAC-SHA 1 MB took 1.010 seconds, 1.378 MB/s
HMAC-SHA256 425 KB took 1.037 seconds, 409.781 KB/s
HMAC-SHA512 25 KB took 2.075 seconds, 12.050 KB/s
ECC 256 key gen 2 ops took 1.099 sec, avg 549.271 ms, 1.821 ops/sec
ECDHE 256 agree 2 ops took 1.093 sec, avg 546.555 ms, 1.830 ops/sec
ECDSA 256 sign 2 ops took 1.167 sec, avg 583.694 ms, 1.713 ops/sec
ECDSA 256 verify 2 ops took 2.136 sec, avg 1067.795 ms, 0.937 ops/sec
CURVE 25519 key gen 2 ops took 1.693 sec, avg 846.451 ms, 1.181 ops/sec
CURVE 25519 agree 2 ops took 1.689 sec, avg 844.299 ms, 1.184 ops/sec
ED 25519 key gen 1 ops took 1.702 sec, avg 1702.057 ms, 0.588 ops/sec
ED 25519 sign 2 ops took 3.650 sec, avg 1824.753 ms, 0.548 ops/sec
ED 25519 verify 2 ops took 5.788 sec, avg 2894.012 ms, 0.346 ops/sec
Benchmark complete
```
## Tested Configurations
- SHA-1
- SHA-256
- AES CBC/GCM
- ECC 256 sign/verify/shared secret with fast math library
- P-RNG (NIST DRBG) with SHA-256
- SHA 1/256/512
- AES 128/192/256 CBC/GCM
- ECC 256 sign/verify/shared secret with fast math or Single Precision (SP) library
- ED25519/Curve25519
- HMAC
- ChaCha20/Poly1305
## Known Caveats
- If you find the wolfcrypt test stuck on early_trap_vector error, it is like related to memory issues
- Using the `__stack_size` default value of 0x400 will not be enough for the ECC test to pass.
The `IDE/ECLIPSE/SIFIVE/Makefile` overwrites the value with 0x1000 (4 KBytes)
- Enabling RSA will cause the ECC test to fail due to memory shortage
- Enabling RSA will cause the ECC test to fail due to memory shortage.
## References

63
IDE/ECLIPSE/SIFIVE/user_settings.h
View File

@ -70,10 +70,25 @@ extern "C" {
//#define TFM_ARM
#endif
/* Wolf Single Precision Math */
/* Optional ECC SECP256R1 acceleration using optimized C code */
#undef WOLFSSL_SP
#if 1
#define WOLFSSL_SP
#define WOLFSSL_SP_SMALL /* use smaller version of code (requires heap) */
#define SP_WORD_SIZE 32 /* force 32-bit type */
#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
//#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
#define WOLFSSL_HAVE_SP_ECC
//#define WOLFSSL_HAVE_SP_RSA
#endif
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
/* RSA */
/* Not enabled due to memory constraints on HiFive1 */
#undef NO_RSA
#if 0
#ifdef USE_FAST_MATH
@ -166,17 +181,9 @@ extern "C" {
#define FP_MAX_BITS (256 + 32)
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
#endif
/* Speedups specific to curve */
#ifndef NO_ECC256
#undef TFM_ECC256
//#define TFM_ECC256
#endif
#ifndef HAVE_ECC384
#undef TFM_ECC384
//#define TFM_ECC384
/* Disable alternate ECC size, since it uses HEAP allocations.
Heap is limited resource on HiFive1 */
//#define ALT_ECC_SIZE
#endif
#endif
#endif
@ -203,7 +210,7 @@ extern "C" {
#if 1
#undef HAVE_AES_CBC
#define HAVE_AES_CBC
#undef HAVE_AESGCM
#define HAVE_AESGCM
@ -234,7 +241,7 @@ extern "C" {
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if 0
#if 1
#define HAVE_CHACHA
#define HAVE_POLY1305
@ -246,12 +253,13 @@ extern "C" {
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if 0
#if 1
#define HAVE_CURVE25519
#define HAVE_ED25519 /* ED25519 Requires SHA512 */
/* Optionally use small math (less flash usage, but much slower) */
#if 1
/* Curve and Ed 25519 small */
#define CURVED25519_SMALL
#endif
#endif
@ -285,7 +293,7 @@ extern "C" {
/* Sha512 */
#undef WOLFSSL_SHA512
#if 0
#if 1
#define WOLFSSL_SHA512
/* Sha384 */
@ -333,7 +341,7 @@ extern "C" {
#define BENCH_EMBEDDED
#undef USE_CERT_BUFFERS_2048
//#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
#undef USE_CERT_BUFFERS_1024
//#define USE_CERT_BUFFERS_1024
@ -420,23 +428,20 @@ extern "C" {
#define WOLFSSL_USER_CURRTIME
#define WOLFSSL_GMTIME
#define USER_TICKS
#endif
#if !defined(WOLFSSL_SIFIVE_RISC_V)
// extern unsigned long my_time(unsigned long* timer);
// #define XTIME my_time
#else
// extern unsigned long my_time(unsigned long* timer);
// #define XTIME my_time
#endif
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
#if 1
/* Bypass P-RNG and use only HW RNG */
#define CUSTOM_RAND_TYPE unsigned int
extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#if 0
/* Bypass P-RNG and use only HW RNG */
#define CUSTOM_RAND_TYPE unsigned int
extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#else
#define HAVE_HASHDRBG
@ -477,7 +482,7 @@ extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#define HAVE_SUPPORTED_CURVES
#undef WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE64_ENCODE
//#define WOLFSSL_BASE64_ENCODE
/* TLS Session Cache */
#if 0

2
wolfcrypt/src/sp_c32.c
View File

@ -7369,7 +7369,7 @@ static int sp_256_mod_mul_norm_10(sp_digit* r, sp_digit* a, sp_digit* m)
(void)m;
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
td = (sp_digit*)XMALLOC(sizeof(int64_t) * 2 * 8, NULL, DYNAMIC_TYPE_ECC);
td = (int64_t*)XMALLOC(sizeof(int64_t) * 2 * 8, NULL, DYNAMIC_TYPE_ECC);
if (td != NULL) {
t = td;
a32 = td + 8;

2
wolfcrypt/src/sp_c64.c
View File

@ -7212,7 +7212,7 @@ static int sp_256_mod_mul_norm_5(sp_digit* r, sp_digit* a, sp_digit* m)
(void)m;
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
td = (sp_digit*)XMALLOC(sizeof(int64_t) * 2 * 8, NULL, DYNAMIC_TYPE_ECC);
td = (int64_t*)XMALLOC(sizeof(int64_t) * 2 * 8, NULL, DYNAMIC_TYPE_ECC);
if (td != NULL) {
t = td;
a32 = td + 8;