From c14e70a12c1475b49955980350838eca43f31db6 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 18 Mar 2021 13:13:43 -0700 Subject: [PATCH] Changed RSA4096 to use SP math. Fix to disable dynamic stacks `WOLFSSL_SP_NO_DYN_STACK`. Added G0 details. Update submodules. --- arch.mk | 4 --- docs/Targets.md | 31 +++++++++++++++++--- include/user_settings.h | 63 ++++++++++++++++++++++++----------------- lib/wolfTPM | 2 +- lib/wolfssl | 2 +- options.mk | 1 - 6 files changed, 66 insertions(+), 37 deletions(-) diff --git a/arch.mk b/arch.mk index c2ca7ec9..6ba96eae 100644 --- a/arch.mk +++ b/arch.mk @@ -2,10 +2,6 @@ UPDATE_OBJS:=./src/update_flash.o -ifeq ($(SIGN),RSA4096) - SPMATH=0 -endif - # check for FASTMATH or SP_MATH ifeq ($(SPMATH),1) MATH_OBJS:=./lib/wolfssl/wolfcrypt/src/sp_int.o diff --git a/docs/Targets.md b/docs/Targets.md index dbeb8884..bac2e406 100644 --- a/docs/Targets.md +++ b/docs/Targets.md @@ -179,16 +179,39 @@ Example 128KB partitioning on STM32-G070: #define WOLFBOOT_PARTITION_SWAP_ADDRESS 0x1E000 ``` -### Building +### Building STM32G0 -Use `make TARGET=stm32g0`. The option `CORTEX_M0` is automatically selected for this target. +Reference configuration (see `./config/examples/stm32g0.config`). +You can copy this to wolfBoot root as `.config`: `cp ./config/examples/stm32g0.config .config`. +To build you can use `make`. + +The TARGET for this is `stm32g0`: `make TARGET=stm32g0`. +The option `CORTEX_M0` is automatically selected for this target. The option `NVM_FLASH_WRITEONCE=1` is mandatory on this target, since the IAP driver does not support multiple writes after each erase operation. -Compile with: - +Compile requirements: `make TARGET=stm32g0 NVM_FLASH_WRITEONCE=1` +### Debugging STM32G0 + +Use `make DEBUG=1` and reload firmware. + +``` +st-flash write factory.bin 0x08000000 + +# Start GDB server +st-util -p 3333 +``` + +wolfBoot has a .gdbinit to configure GDB + +``` +arm-none-eabi-gdb +add-symbol-file test-app/image.elf 0x08008100 +mon reset init +``` + ## STM32WB55 diff --git a/include/user_settings.h b/include/user_settings.h index 0e6b8c6f..48fada96 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -69,6 +69,8 @@ # define WOLFSSL_SP_SMALL # define SP_WORD_SIZE 32 # define WOLFSSL_HAVE_SP_ECC +# define WOLFSSL_SP_NO_MALLOC +# define WOLFSSL_SP_NO_DYN_STACK /* ECC options disabled to reduce size */ # define NO_ECC_SIGN @@ -86,44 +88,53 @@ #endif #ifdef WOLFBOOT_SIGN_RSA2048 -# define HAVE_RSA -# define RSA_LOW_MEM -# define WOLFSSL_RSA_VERIFY_INLINE -# define WOLFSSL_HAVE_SP_RSA -# define WOLFSSL_SP -# define WOLFSSL_SP_SMALL -# define WOLFSSL_SP_MATH -# define SP_WORD_SIZE 32 -# define WOLFSSL_SP_NO_3072 +# define RSA_LOW_MEM +# define WOLFSSL_RSA_VERIFY_INLINE +# define FP_MAX_BITS (2048 * 2) + /* sp math */ +# define WOLFSSL_HAVE_SP_RSA +# define WOLFSSL_SP +# define WOLFSSL_SP_SMALL +# define WOLFSSL_SP_MATH +# define SP_WORD_SIZE 32 +# define WOLFSSL_SP_NO_3072 +# define WOLFSSL_SP_NO_MALLOC +# define WOLFSSL_SP_NO_DYN_STACK #endif #ifdef WOLFBOOT_SIGN_RSA4096 -# define HAVE_RSA -# define RSA_LOW_MEM -# define WOLFSSL_RSA_PUBLIC_ONLY -# define WOLFSSL_RSA_VERIFY_INLINE -# define FP_MAX_BITS (4096 * 2) -# define WC_RSA_BLINDING -# define USE_FAST_MATH -# define TFM_TIMING_RESISTANT +# define RSA_LOW_MEM +# define WOLFSSL_RSA_VERIFY_INLINE +# define FP_MAX_BITS (4096 * 2) + /* sp math */ +# define WOLFSSL_HAVE_SP_RSA +# define WOLFSSL_SP +# define WOLFSSL_SP_SMALL +# define WOLFSSL_SP_MATH +# define SP_WORD_SIZE 32 +# define WOLFSSL_SP_4096 +# define WOLFSSL_SP_NO_2048 +# define WOLFSSL_SP_NO_3072 +# define WOLFSSL_SP_NO_MALLOC +# define WOLFSSL_SP_NO_DYN_STACK #endif #ifdef WOLFBOOT_HASH_SHA3_384 -# define WOLFSSL_SHA3 -# define NO_SHA256 +# define WOLFSSL_SHA3 +# define NO_SHA256 #endif #ifdef EXT_ENCRYPTED -# define HAVE_CHACHA -# define HAVE_PWDBASED +# define HAVE_CHACHA +# define HAVE_PWDBASED #else -# define NO_PWDBASED +# define NO_PWDBASED #endif /* Disables - For minimum wolfCrypt build */ #ifndef WOLFBOOT_TPM - #define NO_AES - #define NO_HMAC +# define NO_AES +# define NO_HMAC #endif #define NO_CMAC @@ -159,8 +170,8 @@ #define NO_CRYPT_BENCHMARK #ifdef __QNX__ -#define WOLFSSL_HAVE_MIN -#define WOLFSSL_HAVE_MAX +# define WOLFSSL_HAVE_MIN +# define WOLFSSL_HAVE_MAX #endif #endif /* !H_USER_SETTINGS_ */ diff --git a/lib/wolfTPM b/lib/wolfTPM index 30c4ace7..c4810e1b 160000 --- a/lib/wolfTPM +++ b/lib/wolfTPM @@ -1 +1 @@ -Subproject commit 30c4ace7cc7a19d8100b5cfea85bd30dae99194c +Subproject commit c4810e1b070ff950b6274e4ade0960d0bc010bf0 diff --git a/lib/wolfssl b/lib/wolfssl index b11b08bb..761bebc4 160000 --- a/lib/wolfssl +++ b/lib/wolfssl @@ -1 +1 @@ -Subproject commit b11b08bb100b4be303842f14d700daea646133c1 +Subproject commit 761bebc4a0ea3305f5a44d257bb7c37f774e7f3c diff --git a/options.mk b/options.mk index 523d554e..fb24a1fc 100644 --- a/options.mk +++ b/options.mk @@ -75,7 +75,6 @@ ifeq ($(SIGN),RSA4096) ./lib/wolfssl/wolfcrypt/src/rsa.o \ ./lib/wolfssl/wolfcrypt/src/asn.o \ ./lib/wolfssl/wolfcrypt/src/hash.o \ - ./lib/wolfssl/wolfcrypt/src/wolfmath.o \ ./lib/wolfssl/wolfcrypt/src/wc_port.o \ ./src/xmalloc_rsa.o PUBLIC_KEY_OBJS=./src/rsa4096_pub_key.o