wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2259 from tmael/port_SiFive_RISCV

Browse Source 
Added support for RISC-V SiFive HiFive Freedom platforms
This commit is contained in:
David Garske
2019-06-10 20:38:43 -07:00
committed by GitHub
parent de5ff0acea 48d4ed38ac
commit 24042c973a
8 changed files with 1036 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
IDE/ECLIPSE/SIFIVE/Makefile Normal file
View File

@ -0,0 +1,38 @@
PROGRAM ?= wolfcrypt
# This line must be added in your freedom-e-sdk/scripts/standalone.mk
# RISCV_CFLAGS += -I$(WOLFSSL_SRC_DIR) -I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE -DWOLFSSL_USER_SETTINGS
# WOLFSSL_SRC_DIR variable must be set in the environment when GNU make is started.
# export WOLFSSL_SRC_DIR=~/freedom-e-sdk/software/wolfssl
WOLFSSL_CFLAGS += -I$(WOLFSSL_SRC_DIR) \
-I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE \
-DWOLFSSL_USER_SETTINGS
SRC_FILES = $(wildcard $(WOLFSSL_SRC_DIR)/src/*.c)
SRC_FILES += $(wildcard $(WOLFSSL_SRC_DIR)/wolfcrypt/src/*.c)
SRC_FILES := $(filter-out %bio.c %misc.c %evp.c, $(SRC_FILES))
SRC =$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE/main.c \
$(SRC_FILES) \
$(WOLFSSL_SRC_DIR)/wolfcrypt/test/test.c \
$(WOLFSSL_SRC_DIR)/wolfcrypt/benchmark/benchmark.c
OPT_CFLAGS = -specs=nano.specs
#OPT_CFLAGS += -O3 -DTIME -DNOENUM -Wno-implicit -mexplicit-relocs -save-temps
#OPT_CFLAGS += -fno-inline -fno-builtin-printf -fno-common -falign-functions=4
# override the __stack_size and __heap_size default values of 0x400
# SiFive HiFive1 has 16KB of data SRAM
# The __stack_size and __heap_size symbols are defined in the linker metal.default.ld
# script in the freedom-e-sdk.
override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \
-Xlinker --defsym=__stack_size=0x1200 \
-Xlinker --defsym=__heap_size=0x800
$(PROGRAM): $(SRC)
$(CC) $(CFLAGS) $(SRC) $(LDFLAGS) $(LDLIBS) -o $@
clean:
rm -f $(PROGRAM) $(PROGRAM).hex

199
IDE/ECLIPSE/SIFIVE/README.md Normal file
View File

@ -0,0 +1,199 @@
# SiFive RISC-V HiFive1 Port
## Overview
You can enable the wolfSSL support for RISC-V using the `#define WOLFSSL_SIFIVE_RISC_V`.
## Prerequisites
1. Follow the instructions on the SiFive GitHub [here](https://github.com/sifive/freedom-e-sdk) and SiFive website [here](https://www.sifive.com/) to download the freedom-e-sdk and software tools.
3. Run a simple hello application on your development board to confirm that your board functions as expected and the communication between your computer and the board works.
## Usage
You can start with a wolfcrypt example project to integrate the wolfSSL source code.
wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/SIFIVE/user_settings.h` file.
The `IDE/ECLIPSE/SIFIVE/main.c` example application provides a function to run the selected examples at compile time through the following two #defines in user_settings.h. You can define these macro options to disable the test run.
```
- #undef NO_CRYPT_TEST
- #undef NO_CRYPT_BENCHMARK
```
## Setup
### Setting up the SDK with wolfSSL
1. Download the wolfSSL source code or a zip file from GitHub and place it under your SDK `$HOME` directory. You can also copy or simlink to the source.
```
For example,
$ cd $HOME
$ git clone --depth=1 https://github.com/wolfSSL/wolfssl.git
```
2. Copy the wolfcrypt example project into your `freedom-e-sdk/software` directory.
```
$ cp -rf ~/wolfssl/IDE/ECLIPSE/SIFIVE ~/freedom-e-sdk/software/wolfcrypt
```
3. Edit your `~/freedom-e-sdk/scripts/standalone.mk` and add the following line after the last RISCV_CFLAGS entry:
```
RISCV_CFLAGS += -I$(WOLFSSL_SRC_DIR) -I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE -DWOLFSSL_USER_SETTINGS
```
4. WOLFSSL_SRC_DIR variable must be set in the environment when GNU make is started.
```
$ export WOLFSSL_SRC_DIR=~/wolfssl
```
5. Setup your riscv64 compiler
```
$ export RISCV_OPENOCD_PATH=/opt/riscv-openocd
```
6. (Optional) Setup OpenOCD if your target supports it:
```
$ export RISCV_OPENOCD_PATH=/opt/riscv-openocd
```
## Building and Running
You can build from source or create a static library.
1. Using command-line:
```
$ cd freedom-e-sdk
$ make PROGRAM=wolfcrypt TARGET=sifive-hifive1-revb CONFIGURATION=debug clean software upload
```
This example cleans, builds and uploads the software on the sifive-hifive1-revb target but you can also combine and build for any of the supported targets.
Review the test results on the target console.
2. Building a static library for RISC-V using a cross-compiler:
```
$ cd $WOLFSSL_SRC_DIR
$./configure --host=riscv64-unknown-elf \
CC=riscv64-unknown-elf-gcc \
AR=riscv64-unknown-elf-ar \
AS=riscv64-unknown-elf-as \
RANLIB=$RISCV_PATH/bin/riscv64-unknown-elf-gcc-ranlib \
LD=riscv64-unknown-elf-ld \
CXX=riscv64-unknown-elf-g++ \
--disable-examples --enable-static --disable-shared \
CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_SIFIVE_RISC_V"
$make
$sudo make install
```
You can now build and link your software to the wolfSSL libwolfssl.a static library.
### `wolfcrypt_test()`
wolfcrypt_test() prints a message on the target console similar to the following output:
```
SiFive HiFive1 Demo
Setting clock to 320MHz
Actual Clock 320MHz
error test passed!
MEMORY test passed!
base64 test passed!
asn test passed!
SHA test passed!
SHA-256 test passed!
SHA-512 test passed!
Hash test passed!
HMAC-SHA test passed!
HMAC-SHA256 test passed!
HMAC-SHA512 test passed!
GMAC test passed!
Chacha test passed!
POLY1305 test passed!
ChaCha20-Poly1305 AEAD test passed!
AES test passed!
AES192 test passed!
AES256 test passed!
AES-GCM test passed!
RANDOM test passed!
ECC test passed!
ECC buffer test passed!
CURVE25519 test passed!
ED25519 test passed!
logging test passed!
mutex test passed!
Test complete
```
### `benchmark_test()`
benchmark_test() prints a message on the target console similar to the following output.
TARGET=sifive-hifive1-revb:
```
SiFive HiFive1 Demo
Setting clock to 320MHz
Actual Clock 320MHz
------------------------------------------------------------------------------
wolfSSL version 4.0.0
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 250 KB took 1.098 seconds, 227.714 KB/s
AES-128-CBC-enc 50 KB took 1.132 seconds, 44.175 KB/s
AES-128-CBC-dec 50 KB took 1.142 seconds, 43.778 KB/s
AES-192-CBC-enc 50 KB took 1.250 seconds, 40.007 KB/s
AES-192-CBC-dec 50 KB took 1.260 seconds, 39.677 KB/s
AES-256-CBC-enc 50 KB took 1.368 seconds, 36.552 KB/s
AES-256-CBC-dec 50 KB took 1.378 seconds, 36.279 KB/s
AES-128-GCM-enc 25 KB took 1.225 seconds, 20.412 KB/s
AES-128-GCM-dec 25 KB took 1.225 seconds, 20.402 KB/s
AES-192-GCM-enc 25 KB took 1.290 seconds, 19.373 KB/s
AES-192-GCM-dec 25 KB took 1.291 seconds, 19.366 KB/s
AES-256-GCM-enc 25 KB took 1.352 seconds, 18.487 KB/s
AES-256-GCM-dec 25 KB took 1.353 seconds, 18.478 KB/s
CHACHA 1 MB took 1.006 seconds, 1.020 MB/s
CHA-POLY 700 KB took 1.032 seconds, 678.045 KB/s
POLY1305 2 MB took 1.007 seconds, 2.255 MB/s
SHA 2 MB took 1.002 seconds, 1.511 MB/s
SHA-256 525 KB took 1.011 seconds, 519.279 KB/s
SHA-512 275 KB took 1.017 seconds, 270.477 KB/s
HMAC-SHA 1 MB took 1.013 seconds, 1.399 MB/s
HMAC-SHA256 525 KB took 1.019 seconds, 515.020 KB/s
HMAC-SHA512 275 KB took 1.032 seconds, 266.351 KB/s
ECC 256 key gen 2 ops took 1.104 sec, avg 551.834 ms, 1.812 ops/sec
ECDHE 256 agree 2 ops took 1.101 sec, avg 550.400 ms, 1.817 ops/sec
ECDSA 256 sign 2 ops took 1.173 sec, avg 586.502 ms, 1.705 ops/sec
ECDSA 256 verify 2 ops took 2.153 sec, avg 1076.294 ms, 0.929 ops/sec
CURVE 25519 key gen 2 ops took 1.629 sec, avg 814.423 ms, 1.228 ops/sec
CURVE 25519 agree 2 ops took 1.626 sec, avg 813.156 ms, 1.230 ops/sec
ED 25519 key gen 1 ops took 1.436 sec, avg 1436.096 ms, 0.696 ops/sec
ED 25519 sign 2 ops took 2.913 sec, avg 1456.421 ms, 0.687 ops/sec
ED 25519 verify 2 ops took 5.012 sec, avg 2506.012 ms, 0.399 ops/sec
Benchmark complete
```
## Tested Configurations
- P-RNG (NIST DRBG) with SHA-256
- SHA 1/256/512
- AES 128/192/256 CBC/GCM
- ECC 256 sign/verify/shared secret with fast math or Single Precision (SP) library
- ED25519/Curve25519
- HMAC
- ChaCha20/Poly1305
## Known Caveats
- If you find the wolfcrypt test stuck on early_trap_vector error, it is like related to memory issues
- Using the `__stack_size` default value of 0x400 will not be enough for the ECC test to pass.
The `IDE/ECLIPSE/SIFIVE/Makefile` overwrites the value with 0x1000 (4 KBytes)
- Enabling RSA will cause the ECC test to fail due to memory shortage.
## References
The test results were collected from a SiFive reference platform target with the following hardware, software and tool chains:
- HiFive1 Rev A/Rev B: HiFive1 Development Board with the Freedom Everywhere SoC, E300
- freedom-e-sdk
- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
For more information or questions, please email [support@wolfssl.com](mailto:support@wolfssl.com)

9
IDE/ECLIPSE/SIFIVE/include.am Normal file
View File

@ -0,0 +1,9 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
EXTRA_DIST += \
IDE/ECLIPSE/SIFIVE/README.md \
IDE/ECLIPSE/SIFIVE/main.c \
IDE/ECLIPSE/SIFIVE/Makefile\
IDE/ECLIPSE/SIFIVE/user_settings.h

184
IDE/ECLIPSE/SIFIVE/main.c Normal file
View File

@ -0,0 +1,184 @@
/* main.c
*
* Copyright (C) 2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/test/test.h>
#include <wolfcrypt/benchmark/benchmark.h>
/* wolfCrypt_Init/wolfCrypt_Cleanup */
#include <wolfssl/wolfcrypt/wc_port.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifndef __METAL_MACHINE_HEADER
#define __METAL_MACHINE_HEADER "../../../../bsp/sifive-hifive1-revb/metal.h"
#endif
#include <metal/machine.h>
#ifndef NO_CRYPT_BENCHMARK
/*-specs=nano.specs doesnt include support for floating point in printf()*/
asm (".global _printf_float");
#ifndef RTC_FREQ
#define RTC_FREQ 32768UL
#endif
/* CLINT Registers (Core Local Interruptor) for time */
#define CLINT_BASE 0x02000000UL
#define CLINT_REG_MTIME (*((volatile uint32_t *)(CLINT_BASE + 0xBFF8)))
#define WOLFSSL_SIFIVE_RISC_V_DEBUG 0
double current_time(int reset)
{
double now = CLINT_REG_MTIME;
(void)reset;
return now/RTC_FREQ;
}
#endif /* !NO_CRYPT_BENCHMARK */
#if WOLFSSL_SIFIVE_RISC_V_DEBUG
void check(int depth) {
char ch;
char *ptr = malloc(1);
printf("stack at %p, heap at %p\n", &ch, ptr);
if (depth <= 0)
return;
check(depth-1);
free(ptr);
}
void mtime_sleep(uint32_t ticks) {
uint32_t start = CLINT_REG_MTIME;
while((CLINT_REG_MTIME - start) < ticks) {
}
}
void delay(uint32_t sec) {
uint32_t ticks = sec * RTC_FREQ;
mtime_sleep(ticks);
}
#endif /* WOLFSSL_SIFIVE_RISC_V_DEBUG */
/* RNG CODE */
/* TODO: Implement real RNG */
static unsigned int gCounter;
unsigned int hw_rand(void)
{
/* #warning Must implement your own random source */
return ++gCounter;
}
unsigned int my_rng_seed_gen(void)
{
return hw_rand();
}
int my_rng_gen_block(unsigned char* output, unsigned int sz)
{
uint32_t i = 0;
uint32_t randReturnSize = sizeof(CUSTOM_RAND_TYPE);
while (i < sz)
{
/* If not aligned or there is odd/remainder */
if((i + randReturnSize) > sz ||
((uint32_t)&output[i] % randReturnSize) != 0 ) {
/* Single byte at a time */
output[i++] = (unsigned char)my_rng_seed_gen();
}
else {
/* Use native 8, 16, 32 or 64 copy instruction */
*((CUSTOM_RAND_TYPE*)&output[i]) = my_rng_seed_gen();
i += randReturnSize;
}
}
return 0;
}
#if !defined(NO_CLOCK_SPEEDUP) && !defined(USE_CLOCK_HZ)
/* 320MHz */
#define USE_CLOCK_HZ 320000000UL
#endif
int main(void)
{
int ret;
long clk_Hz = 16000000; /* default */
#if WOLFSSL_SIFIVE_RISC_V_DEBUG
printf("check stack and heap addresses\n");
check(8);
printf("sleep for 10 seconds to verify timer, measure using a stopwatch\n");
delay(10);
printf("awake after sleeping for 10 seconds\n");
#endif
#ifdef USE_CLOCK_HZ
/* Speed up clock */
printf("SiFive HiFive1 Demo\n");
printf("Setting clock to %dMHz\n", USE_CLOCK_HZ/1000000);
clk_Hz = metal_clock_set_rate_hz(
&__METAL_DT_SIFIVE_FE310_G000_PLL_HANDLE->clock, USE_CLOCK_HZ
);
#endif
printf("Actual Clock %dMHz\n", clk_Hz/1000000);
/* Reconfigure the SPI Bus for dual mode */
#define QSPI0_CTRL 0x10014000UL
#define FESPI_REG_FFMT (*((volatile uint32_t *)(QSPI0_CTRL + 0x64)))
FESPI_REG_FFMT = 0xbb1447;
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
if ((ret = wolfCrypt_Init()) != 0) {
printf("wolfCrypt_Init failed %d\n", ret);
return -1;
}
#ifndef NO_CRYPT_TEST
printf("\nwolfCrypt Test Started\n");
wolfcrypt_test(NULL);
printf("\nwolfCrypt Test Completed\n");
#endif
#ifndef NO_CRYPT_BENCHMARK
printf("\nBenchmark Test Started\n");
benchmark_test(NULL);
printf("\nBenchmark Test Completed\n");
#endif
if ((ret = wolfCrypt_Cleanup()) != 0) {
printf("wolfCrypt_Cleanup failed %d\n", ret);
return -1;
}
return 0;
}

592
IDE/ECLIPSE/SIFIVE/user_settings.h Normal file
View File

@ -0,0 +1,592 @@
/* user_settings.h
*
* Copyright (C) 2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Example Settings for SiFive HiFive1 */
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* ------------------------------------------------------------------------- */
/* SiFive HiFive */
/* ------------------------------------------------------------------------- */
#undef WOLFSSL_SIFIVE_RISC_V
#define WOLFSSL_SIFIVE_RISC_V
/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
#undef WOLFSSL_GENERAL_ALIGNMENT
#define WOLFSSL_GENERAL_ALIGNMENT 4
#undef SINGLE_THREADED
#define SINGLE_THREADED
#undef WOLFSSL_SMALL_STACK
#define WOLFSSL_SMALL_STACK
#undef WOLFSSL_USER_IO
#define WOLFSSL_USER_IO
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
#undef SIZEOF_LONG_LONG
#define SIZEOF_LONG_LONG 8
#undef USE_FAST_MATH
#if 1
#define USE_FAST_MATH
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
/* Optimizations */
//#define TFM_ARM
#endif
/* ------------------------------------------------------------------------- */
/* Asymmetric */
/* ------------------------------------------------------------------------- */
/* RSA */
/* Not enabled due to memory constraints on HiFive1 */
#undef NO_RSA
#if 0
#ifdef USE_FAST_MATH
/* Maximum math bits (Max RSA key bits * 2) */
#undef FP_MAX_BITS
#define FP_MAX_BITS 4096
#endif
/* half as much memory but twice as slow */
#undef RSA_LOW_MEM
#define RSA_LOW_MEM
/* Enables blinding mode, to prevent timing attacks */
#if 1
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
#else
#undef WC_NO_HARDEN
#define WC_NO_HARDEN
#endif
/* RSA PSS Support */
#if 0
#define WC_RSA_PSS
#endif
#if 0
#define WC_RSA_NO_PADDING
#endif
#else
#define NO_RSA
#endif
/* ECC */
#undef HAVE_ECC
#if 1
#define HAVE_ECC
/* Manually define enabled curves */
#undef ECC_USER_CURVES
#define ECC_USER_CURVES
#ifdef ECC_USER_CURVES
/* Manual Curve Selection, FP_MAX_BITS must be adjusted accordingly */
// #define HAVE_ECC192
// #define HAVE_ECC224
#undef NO_ECC256
// #define HAVE_ECC384
// #define HAVE_ECC521
#endif
/* Fixed point cache (speeds repeated operations against same private key) */
#undef FP_ECC
//#define FP_ECC
#ifdef FP_ECC
/* Bits / Entries */
#undef FP_ENTRIES
#define FP_ENTRIES 2
#undef FP_LUT
#define FP_LUT 4
#endif
/* Optional ECC calculation method */
/* Note: doubles heap usage, but slightly faster */
#undef ECC_SHAMIR
//#define ECC_SHAMIR
/* Reduces heap usage, but slower */
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
/* Enable cofactor support */
#undef HAVE_ECC_CDH
//#define HAVE_ECC_CDH
/* Validate import */
#undef WOLFSSL_VALIDATE_ECC_IMPORT
//#define WOLFSSL_VALIDATE_ECC_IMPORT
/* Compressed Key Support */
#undef HAVE_COMP_KEY
//#define HAVE_COMP_KEY
/* Use alternate ECC size for ECC math */
#ifdef USE_FAST_MATH
#ifdef NO_RSA
/* Custom fastmath size if not using RSA */
/* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
#undef FP_MAX_BITS
#define FP_MAX_BITS (256 + 32)
#else
#undef ALT_ECC_SIZE
/* Disable alternate ECC size, since it uses HEAP allocations.
Heap is limited resource on HiFive1 */
//#define ALT_ECC_SIZE
#endif
#endif
#endif
/* DH */
#undef NO_DH
#if 0
/* Use table for DH instead of -lm (math) lib dependency */
#if 0
#define WOLFSSL_DH_CONST
#endif
#define HAVE_FFDHE_2048
//#define HAVE_FFDHE_4096
//#define HAVE_FFDHE_6144
//#define HAVE_FFDHE_8192
#else
#define NO_DH
#endif
/* Wolf Single Precision Math */
/* Optional ECC SECP256R1 acceleration using optimized C code */
#undef WOLFSSL_SP
#if 1
#define WOLFSSL_SP
#define WOLFSSL_SP_SMALL /* use smaller version of code (requires heap) */
#define SP_WORD_SIZE 32 /* force 32-bit type */
#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
//#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
#ifdef HAVE_ECC
#define WOLFSSL_HAVE_SP_ECC
#endif
#ifndef NO_RSA
#define WOLFSSL_HAVE_SP_RSA
#endif
#endif
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if 1
#define HAVE_CURVE25519
#define HAVE_ED25519 /* ED25519 Requires SHA512 */
/* Optionally use small math (less flash usage, but much slower) */
#if 1
/* Curve and Ed 25519 small */
#define CURVED25519_SMALL
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Symmetric Ciphers */
/* ------------------------------------------------------------------------- */
/* AES */
#undef NO_AES
#if 1
#undef HAVE_AES_CBC
#define HAVE_AES_CBC
#undef HAVE_AESGCM
#define HAVE_AESGCM
/* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
#define GCM_SMALL
#undef WOLFSSL_AES_DIRECT
//#define WOLFSSL_AES_DIRECT
#undef HAVE_AES_ECB
//#define HAVE_AES_ECB
#undef WOLFSSL_AES_COUNTER
//#define WOLFSSL_AES_COUNTER
#undef HAVE_AESCCM
//#define HAVE_AESCCM
#endif
/* DES3 */
#undef NO_DES3
#if 0
#else
#define NO_DES3
#endif
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if 1
#define HAVE_CHACHA
#define HAVE_POLY1305
/* Needed for Poly1305 */
#undef HAVE_ONE_TIME_AUTH
#define HAVE_ONE_TIME_AUTH
#endif
/* ------------------------------------------------------------------------- */
/* Symmetric Hashing */
/* ------------------------------------------------------------------------- */
/* Sha */
#undef NO_SHA
#if 1
/* 1k smaller, but 25% slower */
//#define USE_SLOW_SHA
#else
#define NO_SHA
#endif
/* Sha256 */
#undef NO_SHA256
#if 1
/* not unrolled - ~2k smaller and ~25% slower */
//#define USE_SLOW_SHA256
/* Sha224 */
#if 0
#define WOLFSSL_SHA224
#endif
#else
#define NO_SHA256
#endif
/* Sha512 */
#undef WOLFSSL_SHA512
#if 1
#define WOLFSSL_SHA512
/* Sha384 */
#undef WOLFSSL_SHA384
#if 0
#define WOLFSSL_SHA384
#endif
/* over twice as small, but 50% slower */
#define USE_SLOW_SHA512
#endif
/* Sha3 */
#undef WOLFSSL_SHA3
#if 0
#define WOLFSSL_SHA3
#endif
/* MD5 */
#undef NO_MD5
#if 0
#else
#define NO_MD5
#endif
/* Blake2B */
#undef HAVE_BLAKE2
#if 0
#define HAVE_BLAKE2
#endif
/* Blake2S */
#undef HAVE_BLAKE2S
#if 0
#define HAVE_BLAKE2S
#endif
/* HKDF */
#undef HAVE_HKDF
#if 0
#define HAVE_HKDF
#endif
/* CMAC */
#undef WOLFSSL_CMAC
#if 0
#define WOLFSSL_CMAC
#endif
/* ------------------------------------------------------------------------- */
/* Benchmark / Test */
/* ------------------------------------------------------------------------- */
/* Use reduced benchmark / test sizes */
#undef BENCH_EMBEDDED
#define BENCH_EMBEDDED
#undef USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
#undef USE_CERT_BUFFERS_1024
//#define USE_CERT_BUFFERS_1024
#undef USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_256
/* ------------------------------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------------------------------- */
#undef DEBUG_WOLFSSL
#undef NO_ERROR_STRINGS
#if 0
#define DEBUG_WOLFSSL
#else
#if 0
#define NO_ERROR_STRINGS
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Memory */
/* ------------------------------------------------------------------------- */
/* Override Memory API's */
#if 0
#undef XMALLOC_OVERRIDE
#define XMALLOC_OVERRIDE
/* prototypes for user heap override functions */
/* Note: Realloc only required for normal math */
#include <stddef.h> /* for size_t */
extern void *myMalloc(size_t n, void* heap, int type);
extern void myFree(void *p, void* heap, int type);
extern void *myRealloc(void *p, size_t n, void* heap, int type);
#define XMALLOC(n, h, t) myMalloc(n, h, t)
#define XFREE(p, h, t) myFree(p, h, t)
#define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
#endif
/* Static memory */
#if 0
/* Static memory requires fast math */
#define WOLFSSL_STATIC_MEMORY
/* Disable fallback malloc/free */
#define WOLFSSL_NO_MALLOC
#if 1
#define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
#endif
#endif
/* Memory callbacks */
#if 0
#undef USE_WOLFSSL_MEMORY
#define USE_WOLFSSL_MEMORY
/* Use this to measure / print heap usage */
#if 1
#undef WOLFSSL_TRACK_MEMORY
#define WOLFSSL_TRACK_MEMORY
#undef WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#endif
#else
#ifndef WOLFSSL_STATIC_MEMORY
#define NO_WOLFSSL_MEMORY
/* Otherwise we will use stdlib malloc, free and realloc */
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Port */
/* ------------------------------------------------------------------------- */
/* Override Current Time */
#if defined(WOLFSSL_SIFIVE_RISC_V)
#define WOLFSSL_USER_CURRTIME /* for benchmarks, uses "custom_time()" function */
#define WOLFSSL_GMTIME
#define USER_TICKS
#else
// extern unsigned long my_time(unsigned long* timer);
// #define XTIME my_time
#endif
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
#if 0
/* Bypass P-RNG and use only HW RNG */
#define CUSTOM_RAND_TYPE unsigned int
extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#else
#define HAVE_HASHDRBG
/* Seed Source */
/* Size of returned HW RNG value */
#define CUSTOM_RAND_TYPE unsigned int
extern unsigned int my_rng_seed_gen(void);
#undef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_GENERATE my_rng_seed_gen
#endif
/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
#undef WOLFSSL_TLS13
#if 0
#define WOLFSSL_TLS13
#endif
#undef WOLFSSL_KEY_GEN
#if 0
#define WOLFSSL_KEY_GEN
#endif
/* reduce DH test time */
#define WOLFSSL_OLD_PRIME_CHECK
#undef KEEP_PEER_CERT
//#define KEEP_PEER_CERT
#undef HAVE_COMP_KEY
//#define HAVE_COMP_KEY
#undef HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
#undef WOLFSSL_BASE64_ENCODE
//#define WOLFSSL_BASE64_ENCODE
/* TLS Session Cache */
#if 0
#define SMALL_SESSION_CACHE
#else
#define NO_SESSION_CACHE
#endif
/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
#undef NO_WOLFSSL_SERVER
//#define NO_WOLFSSL_SERVER
#undef NO_WOLFSSL_CLIENT
//#define NO_WOLFSSL_CLIENT
#undef NO_CRYPT_TEST
//#define NO_CRYPT_TEST
#undef NO_CRYPT_BENCHMARK
//#define NO_CRYPT_BENCHMARK
#undef WOLFCRYPT_ONLY
//#define WOLFCRYPT_ONLY
/* In-lining of misc.c functions */
/* If defined, must include wolfcrypt/src/misc.c in build */
/* Slower, but about 1k smaller */
#undef NO_INLINE
//#define NO_INLINE
#undef NO_FILESYSTEM
#define NO_FILESYSTEM
#undef NO_WRITEV
#define NO_WRITEV
#undef NO_MAIN_DRIVER
#define NO_MAIN_DRIVER
#undef NO_DEV_RANDOM
#define NO_DEV_RANDOM
#undef NO_DSA
#define NO_DSA
#undef NO_RC4
#define NO_RC4
#undef NO_OLD_TLS
#define NO_OLD_TLS
#undef NO_HC128
#define NO_HC128
#undef NO_RABBIT
#define NO_RABBIT
#undef NO_PSK
#define NO_PSK
#undef NO_MD4
#define NO_MD4
#undef NO_PWDBASED
#define NO_PWDBASED
#undef NO_CODING
//#define NO_CODING
#undef NO_ASN_TIME
//#define NO_ASN_TIME
#undef NO_CERTS
//#define NO_CERTS
#undef NO_SIG_WRAPPER
//#define NO_SIG_WRAPPER
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */

1
IDE/include.am
View File

@ -18,6 +18,7 @@ include IDE/GCC-ARM/include.am
include IDE/CSBENCH/include.am
include IDE/ECLIPSE/DEOS/include.am
include IDE/ECLIPSE/MICRIUM/include.am
include IDE/ECLIPSE/SIFIVE/include.am
include IDE/mynewt/include.am
include IDE/Renesas/cs+/Projects/include.am
include IDE/Renesas/e2studio/Projects/include.am

1
wolfcrypt/src/random.c
View File

@ -2345,7 +2345,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#else
#pragma message("Warning: write a real random seed!!!!, just for testing now")
#endif
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
word32 i;

18
wolfcrypt/test/test.c
View File

@ -16099,6 +16099,19 @@ static int ecc_test_make_pub(WC_RNG* rng)
wc_ecc_init_ex(&key, HEAP_HINT, devId);
#ifdef USE_CERT_BUFFERS_256
tmp = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
return -8311;
}
exportBuf = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (exportBuf == NULL) {
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -8312;
}
XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256);
tmpSz = (size_t)sizeof_ecc_key_der_256;
#else
tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
return -8311;
@ -16108,11 +16121,6 @@ static int ecc_test_make_pub(WC_RNG* rng)
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -8312;
}
#ifdef USE_CERT_BUFFERS_256
XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256);
tmpSz = (size_t)sizeof_ecc_key_der_256;
#else
file = XFOPEN(eccKeyDerFile, "rb");
if (!file) {
ERROR_OUT(-8313, done);