Changed RSA4096 to use SP math. Fix to disable dynamic stacks `WOLFSSL_SP_NO_DYN_STACK`. Added G0 details. Update submodules.

2021-03-18 13:13:43 -07:00 · 2021-03-18 13:13:43 -07:00 · c14e70a12c
parent 27d19d75b6
commit c14e70a12c
6 changed files with 66 additions and 37 deletions
--- a/arch.mk
+++ b/arch.mk
@ -2,10 +2,6 @@

 UPDATE_OBJS:=./src/update_flash.o

-ifeq ($(SIGN),RSA4096)
-  SPMATH=0
-endif
-
 # check for FASTMATH or SP_MATH
 ifeq ($(SPMATH),1)
  MATH_OBJS:=./lib/wolfssl/wolfcrypt/src/sp_int.o
--- a/docs/Targets.md
+++ b/docs/Targets.md
@ -179,16 +179,39 @@ Example 128KB partitioning on STM32-G070:
 #define WOLFBOOT_PARTITION_SWAP_ADDRESS      0x1E000
 ```

-### Building
+### Building STM32G0

-Use `make TARGET=stm32g0`. The option `CORTEX_M0` is automatically selected for this target.
+Reference configuration (see `./config/examples/stm32g0.config`).
+You can copy this to wolfBoot root as `.config`: `cp ./config/examples/stm32g0.config .config`.
+To build you can use `make`.
+
+The TARGET for this is `stm32g0`: `make TARGET=stm32g0`.
+The option `CORTEX_M0` is automatically selected for this target.
 The option `NVM_FLASH_WRITEONCE=1` is mandatory on this target, since the IAP driver does not support
 multiple writes after each erase operation.

-Compile with:
-
+Compile requirements:
 `make TARGET=stm32g0 NVM_FLASH_WRITEONCE=1`

+### Debugging STM32G0
+
+Use `make DEBUG=1` and reload firmware.
+
+```
+st-flash write factory.bin 0x08000000
+
+# Start GDB server
+st-util -p 3333
+```
+
+wolfBoot has a .gdbinit to configure GDB
+
+```
+arm-none-eabi-gdb
+add-symbol-file test-app/image.elf 0x08008100
+mon reset init
+```
+

 ## STM32WB55

--- a/include/user_settings.h
+++ b/include/user_settings.h
@ -69,6 +69,8 @@
 #   define WOLFSSL_SP_SMALL
 #   define SP_WORD_SIZE 32
 #   define WOLFSSL_HAVE_SP_ECC
+#   define WOLFSSL_SP_NO_MALLOC
+#   define WOLFSSL_SP_NO_DYN_STACK

 /* ECC options disabled to reduce size */
 #   define NO_ECC_SIGN
@ -86,44 +88,53 @@
 #endif

 #ifdef WOLFBOOT_SIGN_RSA2048
-#  define HAVE_RSA
-#  define RSA_LOW_MEM
-#  define WOLFSSL_RSA_VERIFY_INLINE
-#  define WOLFSSL_HAVE_SP_RSA
-#  define WOLFSSL_SP
-#  define WOLFSSL_SP_SMALL
-#  define WOLFSSL_SP_MATH
-#  define SP_WORD_SIZE 32
-#  define WOLFSSL_SP_NO_3072
+#   define RSA_LOW_MEM
+#   define WOLFSSL_RSA_VERIFY_INLINE
+#   define FP_MAX_BITS (2048 * 2)
+    /* sp math */
+#   define WOLFSSL_HAVE_SP_RSA
+#   define WOLFSSL_SP
+#   define WOLFSSL_SP_SMALL
+#   define WOLFSSL_SP_MATH
+#   define SP_WORD_SIZE 32
+#   define WOLFSSL_SP_NO_3072
+#   define WOLFSSL_SP_NO_MALLOC
+#   define WOLFSSL_SP_NO_DYN_STACK
 #endif

 #ifdef WOLFBOOT_SIGN_RSA4096
-#  define HAVE_RSA
-#  define RSA_LOW_MEM
-#  define WOLFSSL_RSA_PUBLIC_ONLY
-#  define WOLFSSL_RSA_VERIFY_INLINE
-#  define FP_MAX_BITS (4096 * 2)
-#  define WC_RSA_BLINDING
-#  define USE_FAST_MATH
-#  define TFM_TIMING_RESISTANT
+#   define RSA_LOW_MEM
+#   define WOLFSSL_RSA_VERIFY_INLINE
+#   define FP_MAX_BITS (4096 * 2)
+    /* sp math */
+#   define WOLFSSL_HAVE_SP_RSA
+#   define WOLFSSL_SP
+#   define WOLFSSL_SP_SMALL
+#   define WOLFSSL_SP_MATH
+#   define SP_WORD_SIZE 32
+#   define WOLFSSL_SP_4096
+#   define WOLFSSL_SP_NO_2048
+#   define WOLFSSL_SP_NO_3072
+#   define WOLFSSL_SP_NO_MALLOC
+#   define WOLFSSL_SP_NO_DYN_STACK
 #endif

 #ifdef WOLFBOOT_HASH_SHA3_384
-# define WOLFSSL_SHA3
-# define NO_SHA256
+#   define WOLFSSL_SHA3
+#   define NO_SHA256
 #endif

 #ifdef EXT_ENCRYPTED
-#  define HAVE_CHACHA
-#  define HAVE_PWDBASED
+#   define HAVE_CHACHA
+#   define HAVE_PWDBASED
 #else
-#  define NO_PWDBASED
+#   define NO_PWDBASED
 #endif

 /* Disables - For minimum wolfCrypt build */
 #ifndef WOLFBOOT_TPM
-    #define NO_AES
-    #define NO_HMAC
+#   define NO_AES
+#   define NO_HMAC
 #endif

 #define NO_CMAC
@ -159,8 +170,8 @@
 #define NO_CRYPT_BENCHMARK

 #ifdef __QNX__
-#define WOLFSSL_HAVE_MIN
-#define WOLFSSL_HAVE_MAX
+#   define WOLFSSL_HAVE_MIN
+#   define WOLFSSL_HAVE_MAX
 #endif

 #endif /* !H_USER_SETTINGS_ */
--- a/lib/wolfTPM
+++ b/lib/wolfTPM
@ -1 +1 @@
-Subproject commit 30c4ace7cc7a19d8100b5cfea85bd30dae99194c
+Subproject commit c4810e1b070ff950b6274e4ade0960d0bc010bf0
--- a/lib/wolfssl
+++ b/lib/wolfssl
@ -1 +1 @@
-Subproject commit b11b08bb100b4be303842f14d700daea646133c1
+Subproject commit 761bebc4a0ea3305f5a44d257bb7c37f774e7f3c
--- a/options.mk
+++ b/options.mk
@ -75,7 +75,6 @@ ifeq ($(SIGN),RSA4096)
    ./lib/wolfssl/wolfcrypt/src/rsa.o \
    ./lib/wolfssl/wolfcrypt/src/asn.o \
    ./lib/wolfssl/wolfcrypt/src/hash.o \
-    ./lib/wolfssl/wolfcrypt/src/wolfmath.o \
    ./lib/wolfssl/wolfcrypt/src/wc_port.o \
    ./src/xmalloc_rsa.o
  PUBLIC_KEY_OBJS=./src/rsa4096_pub_key.o