diff --git a/IDE/ECLIPSE/SIFIVE/Makefile b/IDE/ECLIPSE/SIFIVE/Makefile new file mode 100644 index 000000000..594686aa2 --- /dev/null +++ b/IDE/ECLIPSE/SIFIVE/Makefile @@ -0,0 +1,38 @@ +PROGRAM ?= wolfcrypt + +# This line must be added in your freedom-e-sdk/scripts/standalone.mk +# RISCV_CFLAGS += -I$(WOLFSSL_SRC_DIR) -I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE -DWOLFSSL_USER_SETTINGS +# WOLFSSL_SRC_DIR variable must be set in the environment when GNU make is started. +# export WOLFSSL_SRC_DIR=~/freedom-e-sdk/software/wolfssl + +WOLFSSL_CFLAGS += -I$(WOLFSSL_SRC_DIR) \ + -I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE \ + -DWOLFSSL_USER_SETTINGS + +SRC_FILES = $(wildcard $(WOLFSSL_SRC_DIR)/src/*.c) +SRC_FILES += $(wildcard $(WOLFSSL_SRC_DIR)/wolfcrypt/src/*.c) +SRC_FILES := $(filter-out %bio.c %misc.c %evp.c, $(SRC_FILES)) + +SRC =$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE/main.c \ + $(SRC_FILES) \ + $(WOLFSSL_SRC_DIR)/wolfcrypt/test/test.c \ + $(WOLFSSL_SRC_DIR)/wolfcrypt/benchmark/benchmark.c + +OPT_CFLAGS = -specs=nano.specs +#OPT_CFLAGS += -O3 -DTIME -DNOENUM -Wno-implicit -mexplicit-relocs -save-temps +#OPT_CFLAGS += -fno-inline -fno-builtin-printf -fno-common -falign-functions=4 + +# override the __stack_size and __heap_size default values of 0x400 +# SiFive HiFive1 has 16KB of data SRAM +# The __stack_size and __heap_size symbols are defined in the linker metal.default.ld +# script in the freedom-e-sdk. +override CFLAGS += $(OPT_CFLAGS) $(WOLFSSL_CFLAGS) \ + -Xlinker --defsym=__stack_size=0x1200 \ + -Xlinker --defsym=__heap_size=0x800 + + +$(PROGRAM): $(SRC) + $(CC) $(CFLAGS) $(SRC) $(LDFLAGS) $(LDLIBS) -o $@ + +clean: + rm -f $(PROGRAM) $(PROGRAM).hex diff --git a/IDE/ECLIPSE/SIFIVE/README.md b/IDE/ECLIPSE/SIFIVE/README.md new file mode 100644 index 000000000..3e7e39303 --- /dev/null +++ b/IDE/ECLIPSE/SIFIVE/README.md @@ -0,0 +1,199 @@ +# SiFive RISC-V HiFive1 Port + +## Overview +You can enable the wolfSSL support for RISC-V using the `#define WOLFSSL_SIFIVE_RISC_V`. + +## Prerequisites +1. Follow the instructions on the SiFive GitHub [here](https://github.com/sifive/freedom-e-sdk) and SiFive website [here](https://www.sifive.com/) to download the freedom-e-sdk and software tools. +3. Run a simple hello application on your development board to confirm that your board functions as expected and the communication between your computer and the board works. + +## Usage +You can start with a wolfcrypt example project to integrate the wolfSSL source code. +wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/SIFIVE/user_settings.h` file. + +The `IDE/ECLIPSE/SIFIVE/main.c` example application provides a function to run the selected examples at compile time through the following two #defines in user_settings.h. You can define these macro options to disable the test run. +``` +- #undef NO_CRYPT_TEST +- #undef NO_CRYPT_BENCHMARK +``` + +## Setup +### Setting up the SDK with wolfSSL +1. Download the wolfSSL source code or a zip file from GitHub and place it under your SDK `$HOME` directory. You can also copy or simlink to the source. +``` + For example, + $ cd $HOME + $ git clone --depth=1 https://github.com/wolfSSL/wolfssl.git + +``` +2. Copy the wolfcrypt example project into your `freedom-e-sdk/software` directory. + +``` + $ cp -rf ~/wolfssl/IDE/ECLIPSE/SIFIVE ~/freedom-e-sdk/software/wolfcrypt +``` + +3. Edit your `~/freedom-e-sdk/scripts/standalone.mk` and add the following line after the last RISCV_CFLAGS entry: + +``` + RISCV_CFLAGS += -I$(WOLFSSL_SRC_DIR) -I$(WOLFSSL_SRC_DIR)/IDE/ECLIPSE/SIFIVE -DWOLFSSL_USER_SETTINGS +``` + +4. WOLFSSL_SRC_DIR variable must be set in the environment when GNU make is started. + +``` + $ export WOLFSSL_SRC_DIR=~/wolfssl +``` + +5. Setup your riscv64 compiler + +``` + $ export RISCV_OPENOCD_PATH=/opt/riscv-openocd +``` +6. (Optional) Setup OpenOCD if your target supports it: + +``` + $ export RISCV_OPENOCD_PATH=/opt/riscv-openocd +``` +## Building and Running + +You can build from source or create a static library. + +1. Using command-line: + +``` + $ cd freedom-e-sdk + $ make PROGRAM=wolfcrypt TARGET=sifive-hifive1-revb CONFIGURATION=debug clean software upload +``` +This example cleans, builds and uploads the software on the sifive-hifive1-revb target but you can also combine and build for any of the supported targets. + +Review the test results on the target console. + +2. Building a static library for RISC-V using a cross-compiler: + +``` +$ cd $WOLFSSL_SRC_DIR + +$./configure --host=riscv64-unknown-elf \ +CC=riscv64-unknown-elf-gcc \ +AR=riscv64-unknown-elf-ar \ +AS=riscv64-unknown-elf-as \ +RANLIB=$RISCV_PATH/bin/riscv64-unknown-elf-gcc-ranlib \ +LD=riscv64-unknown-elf-ld \ +CXX=riscv64-unknown-elf-g++ \ +--disable-examples --enable-static --disable-shared \ +CFLAGS="-march=rv32imac -mabi=ilp32 -mcmodel=medlow -ffunction-sections -fdata-sections -I~/freedom-e-sdk/bsp/sifive-hifive1/install/include -O0 -g -DNO_FILESYSTEM -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFCRYPT_ONLY -DWOLFSSL_SIFIVE_RISC_V" + +$make +$sudo make install +``` +You can now build and link your software to the wolfSSL libwolfssl.a static library. + +### `wolfcrypt_test()` + +wolfcrypt_test() prints a message on the target console similar to the following output: + +``` +SiFive HiFive1 Demo +Setting clock to 320MHz +Actual Clock 320MHz + +error test passed! +MEMORY test passed! +base64 test passed! +asn test passed! +SHA test passed! +SHA-256 test passed! +SHA-512 test passed! +Hash test passed! +HMAC-SHA test passed! +HMAC-SHA256 test passed! +HMAC-SHA512 test passed! +GMAC test passed! +Chacha test passed! +POLY1305 test passed! +ChaCha20-Poly1305 AEAD test passed! +AES test passed! +AES192 test passed! +AES256 test passed! +AES-GCM test passed! +RANDOM test passed! +ECC test passed! +ECC buffer test passed! +CURVE25519 test passed! +ED25519 test passed! +logging test passed! +mutex test passed! +Test complete +``` +### `benchmark_test()` + +benchmark_test() prints a message on the target console similar to the following output. + +TARGET=sifive-hifive1-revb: + +``` +SiFive HiFive1 Demo +Setting clock to 320MHz +Actual Clock 320MHz + +------------------------------------------------------------------------------ + wolfSSL version 4.0.0 +------------------------------------------------------------------------------ +wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) +RNG 250 KB took 1.098 seconds, 227.714 KB/s +AES-128-CBC-enc 50 KB took 1.132 seconds, 44.175 KB/s +AES-128-CBC-dec 50 KB took 1.142 seconds, 43.778 KB/s +AES-192-CBC-enc 50 KB took 1.250 seconds, 40.007 KB/s +AES-192-CBC-dec 50 KB took 1.260 seconds, 39.677 KB/s +AES-256-CBC-enc 50 KB took 1.368 seconds, 36.552 KB/s +AES-256-CBC-dec 50 KB took 1.378 seconds, 36.279 KB/s +AES-128-GCM-enc 25 KB took 1.225 seconds, 20.412 KB/s +AES-128-GCM-dec 25 KB took 1.225 seconds, 20.402 KB/s +AES-192-GCM-enc 25 KB took 1.290 seconds, 19.373 KB/s +AES-192-GCM-dec 25 KB took 1.291 seconds, 19.366 KB/s +AES-256-GCM-enc 25 KB took 1.352 seconds, 18.487 KB/s +AES-256-GCM-dec 25 KB took 1.353 seconds, 18.478 KB/s +CHACHA 1 MB took 1.006 seconds, 1.020 MB/s +CHA-POLY 700 KB took 1.032 seconds, 678.045 KB/s +POLY1305 2 MB took 1.007 seconds, 2.255 MB/s +SHA 2 MB took 1.002 seconds, 1.511 MB/s +SHA-256 525 KB took 1.011 seconds, 519.279 KB/s +SHA-512 275 KB took 1.017 seconds, 270.477 KB/s +HMAC-SHA 1 MB took 1.013 seconds, 1.399 MB/s +HMAC-SHA256 525 KB took 1.019 seconds, 515.020 KB/s +HMAC-SHA512 275 KB took 1.032 seconds, 266.351 KB/s +ECC 256 key gen 2 ops took 1.104 sec, avg 551.834 ms, 1.812 ops/sec +ECDHE 256 agree 2 ops took 1.101 sec, avg 550.400 ms, 1.817 ops/sec +ECDSA 256 sign 2 ops took 1.173 sec, avg 586.502 ms, 1.705 ops/sec +ECDSA 256 verify 2 ops took 2.153 sec, avg 1076.294 ms, 0.929 ops/sec +CURVE 25519 key gen 2 ops took 1.629 sec, avg 814.423 ms, 1.228 ops/sec +CURVE 25519 agree 2 ops took 1.626 sec, avg 813.156 ms, 1.230 ops/sec +ED 25519 key gen 1 ops took 1.436 sec, avg 1436.096 ms, 0.696 ops/sec +ED 25519 sign 2 ops took 2.913 sec, avg 1456.421 ms, 0.687 ops/sec +ED 25519 verify 2 ops took 5.012 sec, avg 2506.012 ms, 0.399 ops/sec +Benchmark complete +``` + +## Tested Configurations +- P-RNG (NIST DRBG) with SHA-256 +- SHA 1/256/512 +- AES 128/192/256 CBC/GCM +- ECC 256 sign/verify/shared secret with fast math or Single Precision (SP) library +- ED25519/Curve25519 +- HMAC +- ChaCha20/Poly1305 + +## Known Caveats +- If you find the wolfcrypt test stuck on early_trap_vector error, it is like related to memory issues +- Using the `__stack_size` default value of 0x400 will not be enough for the ECC test to pass. +The `IDE/ECLIPSE/SIFIVE/Makefile` overwrites the value with 0x1000 (4 KBytes) +- Enabling RSA will cause the ECC test to fail due to memory shortage. + +## References + +The test results were collected from a SiFive reference platform target with the following hardware, software and tool chains: +- HiFive1 Rev A/Rev B: HiFive1 Development Board with the Freedom Everywhere SoC, E300 +- freedom-e-sdk +- wolfssl [latest version](https://github.com/wolfSSL/wolfssl) + +For more information or questions, please email [support@wolfssl.com](mailto:support@wolfssl.com) diff --git a/IDE/ECLIPSE/SIFIVE/include.am b/IDE/ECLIPSE/SIFIVE/include.am new file mode 100644 index 000000000..5f9550dc2 --- /dev/null +++ b/IDE/ECLIPSE/SIFIVE/include.am @@ -0,0 +1,9 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +EXTRA_DIST += \ + IDE/ECLIPSE/SIFIVE/README.md \ + IDE/ECLIPSE/SIFIVE/main.c \ + IDE/ECLIPSE/SIFIVE/Makefile\ + IDE/ECLIPSE/SIFIVE/user_settings.h diff --git a/IDE/ECLIPSE/SIFIVE/main.c b/IDE/ECLIPSE/SIFIVE/main.c new file mode 100644 index 000000000..dc33ac163 --- /dev/null +++ b/IDE/ECLIPSE/SIFIVE/main.c @@ -0,0 +1,184 @@ +/* main.c + * + * Copyright (C) 2019 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +#include +#include +#include + +/* wolfCrypt_Init/wolfCrypt_Cleanup */ +#include +#include +#include +#include + +#ifndef __METAL_MACHINE_HEADER +#define __METAL_MACHINE_HEADER "../../../../bsp/sifive-hifive1-revb/metal.h" +#endif +#include + +#ifndef NO_CRYPT_BENCHMARK + +/*-specs=nano.specs doesn’t include support for floating point in printf()*/ +asm (".global _printf_float"); + +#ifndef RTC_FREQ +#define RTC_FREQ 32768UL +#endif + +/* CLINT Registers (Core Local Interruptor) for time */ +#define CLINT_BASE 0x02000000UL +#define CLINT_REG_MTIME (*((volatile uint32_t *)(CLINT_BASE + 0xBFF8))) + +#define WOLFSSL_SIFIVE_RISC_V_DEBUG 0 + +double current_time(int reset) +{ + double now = CLINT_REG_MTIME; + (void)reset; + return now/RTC_FREQ; +} +#endif /* !NO_CRYPT_BENCHMARK */ + +#if WOLFSSL_SIFIVE_RISC_V_DEBUG +void check(int depth) { + char ch; + char *ptr = malloc(1); + + printf("stack at %p, heap at %p\n", &ch, ptr); + if (depth <= 0) + return; + + check(depth-1); + free(ptr); +} + +void mtime_sleep(uint32_t ticks) { + uint32_t start = CLINT_REG_MTIME; + + while((CLINT_REG_MTIME - start) < ticks) { + + } +} + +void delay(uint32_t sec) { + uint32_t ticks = sec * RTC_FREQ; + mtime_sleep(ticks); +} +#endif /* WOLFSSL_SIFIVE_RISC_V_DEBUG */ + +/* RNG CODE */ +/* TODO: Implement real RNG */ +static unsigned int gCounter; +unsigned int hw_rand(void) +{ + /* #warning Must implement your own random source */ + + return ++gCounter; +} + +unsigned int my_rng_seed_gen(void) +{ + return hw_rand(); +} + +int my_rng_gen_block(unsigned char* output, unsigned int sz) +{ + uint32_t i = 0; + uint32_t randReturnSize = sizeof(CUSTOM_RAND_TYPE); + + while (i < sz) + { + /* If not aligned or there is odd/remainder */ + if((i + randReturnSize) > sz || + ((uint32_t)&output[i] % randReturnSize) != 0 ) { + /* Single byte at a time */ + output[i++] = (unsigned char)my_rng_seed_gen(); + } + else { + /* Use native 8, 16, 32 or 64 copy instruction */ + *((CUSTOM_RAND_TYPE*)&output[i]) = my_rng_seed_gen(); + i += randReturnSize; + } + } + + return 0; +} + + +#if !defined(NO_CLOCK_SPEEDUP) && !defined(USE_CLOCK_HZ) + /* 320MHz */ + #define USE_CLOCK_HZ 320000000UL +#endif + +int main(void) +{ + int ret; + long clk_Hz = 16000000; /* default */ + +#if WOLFSSL_SIFIVE_RISC_V_DEBUG + printf("check stack and heap addresses\n"); + check(8); + printf("sleep for 10 seconds to verify timer, measure using a stopwatch\n"); + delay(10); + printf("awake after sleeping for 10 seconds\n"); +#endif + +#ifdef USE_CLOCK_HZ + /* Speed up clock */ + printf("SiFive HiFive1 Demo\n"); + printf("Setting clock to %dMHz\n", USE_CLOCK_HZ/1000000); + clk_Hz = metal_clock_set_rate_hz( + &__METAL_DT_SIFIVE_FE310_G000_PLL_HANDLE->clock, USE_CLOCK_HZ + ); +#endif + printf("Actual Clock %dMHz\n", clk_Hz/1000000); + + /* Reconfigure the SPI Bus for dual mode */ + #define QSPI0_CTRL 0x10014000UL + #define FESPI_REG_FFMT (*((volatile uint32_t *)(QSPI0_CTRL + 0x64))) + FESPI_REG_FFMT = 0xbb1447; + +#ifdef DEBUG_WOLFSSL + wolfSSL_Debugging_ON(); +#endif + + if ((ret = wolfCrypt_Init()) != 0) { + printf("wolfCrypt_Init failed %d\n", ret); + return -1; + } + +#ifndef NO_CRYPT_TEST + printf("\nwolfCrypt Test Started\n"); + wolfcrypt_test(NULL); + printf("\nwolfCrypt Test Completed\n"); +#endif + +#ifndef NO_CRYPT_BENCHMARK + printf("\nBenchmark Test Started\n"); + benchmark_test(NULL); + printf("\nBenchmark Test Completed\n"); +#endif + + if ((ret = wolfCrypt_Cleanup()) != 0) { + printf("wolfCrypt_Cleanup failed %d\n", ret); + return -1; + } + return 0; +} diff --git a/IDE/ECLIPSE/SIFIVE/user_settings.h b/IDE/ECLIPSE/SIFIVE/user_settings.h new file mode 100644 index 000000000..2f7f136cb --- /dev/null +++ b/IDE/ECLIPSE/SIFIVE/user_settings.h @@ -0,0 +1,592 @@ +/* user_settings.h + * + * Copyright (C) 2019 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* Example Settings for SiFive HiFive1 */ + +#ifndef WOLFSSL_USER_SETTINGS_H +#define WOLFSSL_USER_SETTINGS_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* ------------------------------------------------------------------------- */ +/* SiFive HiFive */ +/* ------------------------------------------------------------------------- */ +#undef WOLFSSL_SIFIVE_RISC_V +#define WOLFSSL_SIFIVE_RISC_V + + +/* ------------------------------------------------------------------------- */ +/* Platform */ +/* ------------------------------------------------------------------------- */ + +#undef WOLFSSL_GENERAL_ALIGNMENT +#define WOLFSSL_GENERAL_ALIGNMENT 4 + +#undef SINGLE_THREADED +#define SINGLE_THREADED + +#undef WOLFSSL_SMALL_STACK +#define WOLFSSL_SMALL_STACK + +#undef WOLFSSL_USER_IO +#define WOLFSSL_USER_IO + + +/* ------------------------------------------------------------------------- */ +/* Math Configuration */ +/* ------------------------------------------------------------------------- */ +#undef SIZEOF_LONG_LONG +#define SIZEOF_LONG_LONG 8 + +#undef USE_FAST_MATH + +#if 1 + #define USE_FAST_MATH + + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT + + /* Optimizations */ + //#define TFM_ARM +#endif + + +/* ------------------------------------------------------------------------- */ +/* Asymmetric */ +/* ------------------------------------------------------------------------- */ +/* RSA */ +/* Not enabled due to memory constraints on HiFive1 */ +#undef NO_RSA +#if 0 + #ifdef USE_FAST_MATH + /* Maximum math bits (Max RSA key bits * 2) */ + #undef FP_MAX_BITS + #define FP_MAX_BITS 4096 + #endif + + /* half as much memory but twice as slow */ + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + + /* Enables blinding mode, to prevent timing attacks */ + #if 1 + #undef WC_RSA_BLINDING + #define WC_RSA_BLINDING + #else + #undef WC_NO_HARDEN + #define WC_NO_HARDEN + #endif + + /* RSA PSS Support */ + #if 0 + #define WC_RSA_PSS + #endif + + #if 0 + #define WC_RSA_NO_PADDING + #endif +#else + #define NO_RSA +#endif + +/* ECC */ +#undef HAVE_ECC +#if 1 + #define HAVE_ECC + + /* Manually define enabled curves */ + #undef ECC_USER_CURVES + #define ECC_USER_CURVES + + #ifdef ECC_USER_CURVES + /* Manual Curve Selection, FP_MAX_BITS must be adjusted accordingly */ + // #define HAVE_ECC192 + // #define HAVE_ECC224 + #undef NO_ECC256 + // #define HAVE_ECC384 + // #define HAVE_ECC521 + #endif + + /* Fixed point cache (speeds repeated operations against same private key) */ + #undef FP_ECC + //#define FP_ECC + #ifdef FP_ECC + /* Bits / Entries */ + #undef FP_ENTRIES + #define FP_ENTRIES 2 + #undef FP_LUT + #define FP_LUT 4 + #endif + + /* Optional ECC calculation method */ + /* Note: doubles heap usage, but slightly faster */ + #undef ECC_SHAMIR + //#define ECC_SHAMIR + + /* Reduces heap usage, but slower */ + #undef ECC_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + /* Enable cofactor support */ + #undef HAVE_ECC_CDH + //#define HAVE_ECC_CDH + + /* Validate import */ + #undef WOLFSSL_VALIDATE_ECC_IMPORT + //#define WOLFSSL_VALIDATE_ECC_IMPORT + + /* Compressed Key Support */ + #undef HAVE_COMP_KEY + //#define HAVE_COMP_KEY + + /* Use alternate ECC size for ECC math */ + #ifdef USE_FAST_MATH + #ifdef NO_RSA + /* Custom fastmath size if not using RSA */ + /* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */ + #undef FP_MAX_BITS + #define FP_MAX_BITS (256 + 32) + #else + #undef ALT_ECC_SIZE + /* Disable alternate ECC size, since it uses HEAP allocations. + Heap is limited resource on HiFive1 */ + //#define ALT_ECC_SIZE + #endif + #endif +#endif + +/* DH */ +#undef NO_DH +#if 0 + /* Use table for DH instead of -lm (math) lib dependency */ + #if 0 + #define WOLFSSL_DH_CONST + #endif + + #define HAVE_FFDHE_2048 + //#define HAVE_FFDHE_4096 + //#define HAVE_FFDHE_6144 + //#define HAVE_FFDHE_8192 +#else + #define NO_DH +#endif + + +/* Wolf Single Precision Math */ +/* Optional ECC SECP256R1 acceleration using optimized C code */ +#undef WOLFSSL_SP +#if 1 + #define WOLFSSL_SP + #define WOLFSSL_SP_SMALL /* use smaller version of code (requires heap) */ + #define SP_WORD_SIZE 32 /* force 32-bit type */ + #define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */ + //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */ + + #ifdef HAVE_ECC + #define WOLFSSL_HAVE_SP_ECC + #endif + #ifndef NO_RSA + #define WOLFSSL_HAVE_SP_RSA + #endif +#endif + +/* Ed25519 / Curve25519 */ +#undef HAVE_CURVE25519 +#undef HAVE_ED25519 +#if 1 + #define HAVE_CURVE25519 + #define HAVE_ED25519 /* ED25519 Requires SHA512 */ + + /* Optionally use small math (less flash usage, but much slower) */ + #if 1 + /* Curve and Ed 25519 small */ + #define CURVED25519_SMALL + #endif +#endif + + +/* ------------------------------------------------------------------------- */ +/* Symmetric Ciphers */ +/* ------------------------------------------------------------------------- */ + +/* AES */ +#undef NO_AES +#if 1 + #undef HAVE_AES_CBC + #define HAVE_AES_CBC + + #undef HAVE_AESGCM + #define HAVE_AESGCM + + /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ + #define GCM_SMALL + + #undef WOLFSSL_AES_DIRECT + //#define WOLFSSL_AES_DIRECT + + #undef HAVE_AES_ECB + //#define HAVE_AES_ECB + + #undef WOLFSSL_AES_COUNTER + //#define WOLFSSL_AES_COUNTER + + #undef HAVE_AESCCM + //#define HAVE_AESCCM +#endif + +/* DES3 */ +#undef NO_DES3 +#if 0 +#else + #define NO_DES3 +#endif + +/* ChaCha20 / Poly1305 */ +#undef HAVE_CHACHA +#undef HAVE_POLY1305 +#if 1 + #define HAVE_CHACHA + #define HAVE_POLY1305 + + /* Needed for Poly1305 */ + #undef HAVE_ONE_TIME_AUTH + #define HAVE_ONE_TIME_AUTH +#endif + + +/* ------------------------------------------------------------------------- */ +/* Symmetric Hashing */ +/* ------------------------------------------------------------------------- */ +/* Sha */ +#undef NO_SHA +#if 1 + /* 1k smaller, but 25% slower */ + //#define USE_SLOW_SHA +#else + #define NO_SHA +#endif + +/* Sha256 */ +#undef NO_SHA256 +#if 1 + /* not unrolled - ~2k smaller and ~25% slower */ + //#define USE_SLOW_SHA256 + + /* Sha224 */ + #if 0 + #define WOLFSSL_SHA224 + #endif +#else + #define NO_SHA256 +#endif + +/* Sha512 */ +#undef WOLFSSL_SHA512 +#if 1 + #define WOLFSSL_SHA512 + + /* Sha384 */ + #undef WOLFSSL_SHA384 + #if 0 + #define WOLFSSL_SHA384 + #endif + + /* over twice as small, but 50% slower */ + #define USE_SLOW_SHA512 +#endif + +/* Sha3 */ +#undef WOLFSSL_SHA3 +#if 0 + #define WOLFSSL_SHA3 +#endif + +/* MD5 */ +#undef NO_MD5 +#if 0 + +#else + #define NO_MD5 +#endif + +/* Blake2B */ +#undef HAVE_BLAKE2 +#if 0 + #define HAVE_BLAKE2 +#endif + +/* Blake2S */ +#undef HAVE_BLAKE2S +#if 0 + #define HAVE_BLAKE2S +#endif + +/* HKDF */ +#undef HAVE_HKDF +#if 0 + #define HAVE_HKDF +#endif + +/* CMAC */ +#undef WOLFSSL_CMAC +#if 0 + #define WOLFSSL_CMAC +#endif + + +/* ------------------------------------------------------------------------- */ +/* Benchmark / Test */ +/* ------------------------------------------------------------------------- */ +/* Use reduced benchmark / test sizes */ +#undef BENCH_EMBEDDED +#define BENCH_EMBEDDED + +#undef USE_CERT_BUFFERS_2048 +#define USE_CERT_BUFFERS_2048 + +#undef USE_CERT_BUFFERS_1024 +//#define USE_CERT_BUFFERS_1024 + +#undef USE_CERT_BUFFERS_256 +#define USE_CERT_BUFFERS_256 + + +/* ------------------------------------------------------------------------- */ +/* Debugging */ +/* ------------------------------------------------------------------------- */ + +#undef DEBUG_WOLFSSL +#undef NO_ERROR_STRINGS +#if 0 + #define DEBUG_WOLFSSL +#else + #if 0 + #define NO_ERROR_STRINGS + #endif +#endif + + +/* ------------------------------------------------------------------------- */ +/* Memory */ +/* ------------------------------------------------------------------------- */ + +/* Override Memory API's */ +#if 0 + #undef XMALLOC_OVERRIDE + #define XMALLOC_OVERRIDE + + /* prototypes for user heap override functions */ + /* Note: Realloc only required for normal math */ + #include /* for size_t */ + extern void *myMalloc(size_t n, void* heap, int type); + extern void myFree(void *p, void* heap, int type); + extern void *myRealloc(void *p, size_t n, void* heap, int type); + + #define XMALLOC(n, h, t) myMalloc(n, h, t) + #define XFREE(p, h, t) myFree(p, h, t) + #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t) +#endif + +/* Static memory */ +#if 0 + /* Static memory requires fast math */ + #define WOLFSSL_STATIC_MEMORY + + /* Disable fallback malloc/free */ + #define WOLFSSL_NO_MALLOC + #if 1 + #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */ + #endif +#endif + +/* Memory callbacks */ +#if 0 + #undef USE_WOLFSSL_MEMORY + #define USE_WOLFSSL_MEMORY + + /* Use this to measure / print heap usage */ + #if 1 + #undef WOLFSSL_TRACK_MEMORY + #define WOLFSSL_TRACK_MEMORY + + #undef WOLFSSL_DEBUG_MEMORY + #define WOLFSSL_DEBUG_MEMORY + #endif +#else + #ifndef WOLFSSL_STATIC_MEMORY + #define NO_WOLFSSL_MEMORY + /* Otherwise we will use stdlib malloc, free and realloc */ + #endif +#endif + + +/* ------------------------------------------------------------------------- */ +/* Port */ +/* ------------------------------------------------------------------------- */ + +/* Override Current Time */ +#if defined(WOLFSSL_SIFIVE_RISC_V) + #define WOLFSSL_USER_CURRTIME /* for benchmarks, uses "custom_time()" function */ + #define WOLFSSL_GMTIME + #define USER_TICKS +#else + // extern unsigned long my_time(unsigned long* timer); + // #define XTIME my_time +#endif + +/* ------------------------------------------------------------------------- */ +/* RNG */ +/* ------------------------------------------------------------------------- */ +#if 0 + /* Bypass P-RNG and use only HW RNG */ + #define CUSTOM_RAND_TYPE unsigned int + extern int my_rng_gen_block(unsigned char* output, unsigned int sz); + #undef CUSTOM_RAND_GENERATE_BLOCK + #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block +#else + #define HAVE_HASHDRBG + + /* Seed Source */ + /* Size of returned HW RNG value */ + #define CUSTOM_RAND_TYPE unsigned int + extern unsigned int my_rng_seed_gen(void); + #undef CUSTOM_RAND_GENERATE + #define CUSTOM_RAND_GENERATE my_rng_seed_gen +#endif + +/* ------------------------------------------------------------------------- */ +/* Enable Features */ +/* ------------------------------------------------------------------------- */ +#undef WOLFSSL_TLS13 +#if 0 + #define WOLFSSL_TLS13 +#endif + +#undef WOLFSSL_KEY_GEN +#if 0 + #define WOLFSSL_KEY_GEN +#endif + +/* reduce DH test time */ +#define WOLFSSL_OLD_PRIME_CHECK + +#undef KEEP_PEER_CERT +//#define KEEP_PEER_CERT + +#undef HAVE_COMP_KEY +//#define HAVE_COMP_KEY + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef WOLFSSL_BASE64_ENCODE +//#define WOLFSSL_BASE64_ENCODE + +/* TLS Session Cache */ +#if 0 + #define SMALL_SESSION_CACHE +#else + #define NO_SESSION_CACHE +#endif + + +/* ------------------------------------------------------------------------- */ +/* Disable Features */ +/* ------------------------------------------------------------------------- */ +#undef NO_WOLFSSL_SERVER +//#define NO_WOLFSSL_SERVER + +#undef NO_WOLFSSL_CLIENT +//#define NO_WOLFSSL_CLIENT + +#undef NO_CRYPT_TEST +//#define NO_CRYPT_TEST + +#undef NO_CRYPT_BENCHMARK +//#define NO_CRYPT_BENCHMARK + +#undef WOLFCRYPT_ONLY +//#define WOLFCRYPT_ONLY + +/* In-lining of misc.c functions */ +/* If defined, must include wolfcrypt/src/misc.c in build */ +/* Slower, but about 1k smaller */ +#undef NO_INLINE +//#define NO_INLINE + +#undef NO_FILESYSTEM +#define NO_FILESYSTEM + +#undef NO_WRITEV +#define NO_WRITEV + +#undef NO_MAIN_DRIVER +#define NO_MAIN_DRIVER + +#undef NO_DEV_RANDOM +#define NO_DEV_RANDOM + +#undef NO_DSA +#define NO_DSA + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_OLD_TLS +#define NO_OLD_TLS + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +#define NO_PWDBASED + +#undef NO_CODING +//#define NO_CODING + +#undef NO_ASN_TIME +//#define NO_ASN_TIME + +#undef NO_CERTS +//#define NO_CERTS + +#undef NO_SIG_WRAPPER +//#define NO_SIG_WRAPPER + +#ifdef __cplusplus +} +#endif + +#endif /* WOLFSSL_USER_SETTINGS_H */ diff --git a/IDE/include.am b/IDE/include.am index 205ee6a35..a70a88fef 100644 --- a/IDE/include.am +++ b/IDE/include.am @@ -18,6 +18,7 @@ include IDE/GCC-ARM/include.am include IDE/CSBENCH/include.am include IDE/ECLIPSE/DEOS/include.am include IDE/ECLIPSE/MICRIUM/include.am +include IDE/ECLIPSE/SIFIVE/include.am include IDE/mynewt/include.am include IDE/Renesas/cs+/Projects/include.am include IDE/Renesas/e2studio/Projects/include.am diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 7ab7f92ec..4903ac9ea 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -2345,7 +2345,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #else #pragma message("Warning: write a real random seed!!!!, just for testing now") #endif - int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) { word32 i; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index a07cd16a2..7ff21bddd 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -16099,6 +16099,19 @@ static int ecc_test_make_pub(WC_RNG* rng) wc_ecc_init_ex(&key, HEAP_HINT, devId); +#ifdef USE_CERT_BUFFERS_256 + tmp = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (tmp == NULL) { + return -8311; + } + exportBuf = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + if (exportBuf == NULL) { + XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return -8312; + } + XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256); + tmpSz = (size_t)sizeof_ecc_key_der_256; +#else tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { return -8311; @@ -16108,11 +16121,6 @@ static int ecc_test_make_pub(WC_RNG* rng) XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); return -8312; } - -#ifdef USE_CERT_BUFFERS_256 - XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256); - tmpSz = (size_t)sizeof_ecc_key_der_256; -#else file = XFOPEN(eccKeyDerFile, "rb"); if (!file) { ERROR_OUT(-8313, done);