From fd809c5b698b83f9dbf84710f3dc4fd3bec4e2b6 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 20 Jan 2023 17:10:40 +0100 Subject: [PATCH] Expanded WCS interface - Added TRNG driver for STM32L5 - Link with correct objects in test-app - Expanded wc_callable interface --- Makefile | 1 + arch.mk | 6 ++--- config/examples/stm32l5-wcs.config | 28 ++++++++++++++++++++ hal/stm32l5.c | 42 ++++++++++++++++++++++++++++++ include/hal.h | 8 ++++++ include/loader.h | 4 +++ include/user_settings.h | 6 ++++- options.mk | 2 ++ src/loader.c | 4 ++- src/wc_callable.c | 8 +++--- test-app/Makefile | 4 +-- test-app/app_stm32l5.c | 13 +++++++-- 12 files changed, 113 insertions(+), 13 deletions(-) create mode 100644 config/examples/stm32l5-wcs.config diff --git a/Makefile b/Makefile index ecc2b536..db735cf7 100644 --- a/Makefile +++ b/Makefile @@ -38,6 +38,7 @@ else endif WOLFCRYPT_OBJS:= +SECURE_OBJS:= PUBLIC_KEY_OBJS:= ifneq ("$(NO_LOADER)","1") OBJS+=./src/loader.o diff --git a/arch.mk b/arch.mk index 686f6956..bd16dd1d 100644 --- a/arch.mk +++ b/arch.mk @@ -166,9 +166,9 @@ ifeq ($(ARCH),ARM) ifeq ($(TZEN),1) CFLAGS+=-mcmse ifeq ($(WCSM),1) - OBJS+=./src/wc_callable.o - WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/random.o - WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/asn.o + SECURE_OBJS+=./src/wc_callable.o + SECURE_OBJS+=./lib/wolfssl/wolfcrypt/src/random.o + SECURE_OBJS+=./lib/wolfssl/wolfcrypt/src/asn.o CFLAGS+=-DWOLFCRYPT_SECURE_MODE SECURE_LDFLAGS+=-Wl,--cmse-implib -Wl,--out-implib=./src/wc_secure_calls.o endif diff --git a/config/examples/stm32l5-wcs.config b/config/examples/stm32l5-wcs.config new file mode 100644 index 00000000..ca7f32b3 --- /dev/null +++ b/config/examples/stm32l5-wcs.config @@ -0,0 +1,28 @@ +ARCH?=ARM +TZEN?=1 +TARGET?=stm32l5 +SIGN?=ECC256 +HASH?=SHA256 +DEBUG?=1 +VTOR?=1 +CORTEX_M0?=0 +CORTEX_M33?=1 +NO_ASM?=0 +NO_MPU=1 +EXT_FLASH?=0 +SPI_FLASH?=0 +ALLOW_DOWNGRADE?=0 +NVM_FLASH_WRITEONCE?=1 +WOLFBOOT_VERSION?=1 +V?=0 +SPMATH?=1 +RAM_CODE?=0 +DUALBANK_SWAP?=0 +WOLFBOOT_PARTITION_SIZE?=0x1F800 +WOLFBOOT_SECTOR_SIZE?=0x800 +WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08040000 +WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x805F800 +WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x0807F000 +FLAGS_HOME=0 +DISABLE_BACKUP=0 +WCSM=1 diff --git a/hal/stm32l5.c b/hal/stm32l5.c index ffc7733b..fe57d4e1 100644 --- a/hal/stm32l5.c +++ b/hal/stm32l5.c @@ -238,6 +238,7 @@ #define RCC_AHB2_CLOCK_ER (*(volatile uint32_t *)(RCC_BASE + 0x4C )) #define GPIOG_AHB2_CLOCK_ER (1 << 6) #define GPIOD_AHB2_CLOCK_ER (1 << 3) +#define TRNG_AHB2_CLOCK_ER (1 << 18) #if defined (__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U) @@ -729,4 +730,45 @@ void hal_prepare_boot(void) #endif } +#ifdef WOLFCRYPT_SECURE_MODE +#define TRNG_BASE 0x520C0800 +#define TRNG_CR *((volatile uint32_t *)(TRNG_BASE + 0x00)) +#define TRNG_SR *((volatile uint32_t *)(TRNG_BASE + 0x04)) +#define TRNG_DR *((volatile uint32_t *)(TRNG_BASE + 0x08)) + +#define TRNG_SR_DRDY (1 << 0) +#define TRNG_CR_RNGEN (1 << 2) + +void hal_trng_init(void) +{ + RCC_AHB2_CLOCK_ER |= TRNG_AHB2_CLOCK_ER; + TRNG_CR |= TRNG_CR_RNGEN; + while ((TRNG_SR & TRNG_SR_DRDY) == 0) + ; +} + +/* Never used (RNG keeps running when in secure-mode) */ +void hal_trng_fini(void) +{ + TRNG_CR &= (~TRNG_CR_RNGEN); +} + +int hal_trng_get_entropy(unsigned char *out, unsigned len) +{ + unsigned i; + uint32_t rand_seed = 0; + for (i = 0; i < len; i += 4) + { + while ((TRNG_SR & TRNG_SR_DRDY) == 0) + ; + rand_seed = TRNG_DR; + if ((len - i) < 4) + memcpy(out + i, &rand_seed, len - i); + else + memcpy(out + i, &rand_seed, 4); + } + return rand_seed; +} + +#endif diff --git a/include/hal.h b/include/hal.h index 451bab52..dbea7e11 100644 --- a/include/hal.h +++ b/include/hal.h @@ -106,6 +106,14 @@ void hal_prepare_boot(void); } #endif /* !SPI_FLASH */ +#ifdef WOLFCRYPT_SECURE_MODE + +void hal_trng_init(void); +void hal_trng_fini(void); +int hal_trng_get_entropy(unsigned char *out, unsigned len); + +#endif + #ifdef __cplusplus } #endif diff --git a/include/loader.h b/include/loader.h index 573e2586..761f1144 100644 --- a/include/loader.h +++ b/include/loader.h @@ -97,6 +97,10 @@ static inline void wolfBoot_panic(void) } #endif +#ifdef WOLFCRYPT_SECURE_MODE +void wcs_Init(void); +#endif + #ifdef __cplusplus } #endif diff --git a/include/user_settings.h b/include/user_settings.h index 9ab87efb..3f4644c1 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -105,6 +105,8 @@ extern int tolower(int c); # define NO_ECC_KEY_EXPORT # define NO_ASN #else + + # define HAVE_ECC_SIGN # define HAVE_ECC_CDH # define WOLFSSL_SP @@ -113,6 +115,9 @@ extern int tolower(int c); # define SP_WORD_SIZE 32 # define WOLFSSL_HAVE_SP_ECC # define WOLFSSL_SP_MATH_ALL + +int hal_trng_get_entropy(unsigned char *out, unsigned len); +# define CUSTOM_RAND_GENERATE_SEED hal_trng_get_entropy #endif /* Curve */ @@ -334,7 +339,6 @@ extern int tolower(int c); #define WC_NO_HASHDRBG #else #define HAVE_HASHDRBG - #define WOLFSSL_GENSEED_FORTEST #endif #define BENCH_EMBEDDED diff --git a/options.mk b/options.mk index 26a5910a..98ae93eb 100644 --- a/options.mk +++ b/options.mk @@ -599,6 +599,8 @@ ifeq ($(HASH),SHA3) endif CFLAGS+=-DIMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE) +OBJS+=$(WOLFCRYPT_OBJS) +OBJS+=$(SECURE_OBJS) # check if both encryption and self update are on # diff --git a/src/loader.c b/src/loader.c index 7ee3003a..502c8924 100644 --- a/src/loader.c +++ b/src/loader.c @@ -108,7 +108,9 @@ int main(void) #ifdef WOLFBOOT_TPM wolfBoot_tpm2_init(); #endif - +#ifdef WOLFCRYPT_SECURE_MODE + wcs_Init(); +#endif wolfBoot_start(); /* wolfBoot_start should never return. */ diff --git a/src/wc_callable.c b/src/wc_callable.c index d7ccada1..cedcf4f7 100644 --- a/src/wc_callable.c +++ b/src/wc_callable.c @@ -5,6 +5,7 @@ #include "wolfssl/wolfcrypt/aes.h" #include "wolfssl/wolfcrypt/random.h" #include "wolfboot/wolfboot.h" +#include "hal.h" #include @@ -306,18 +307,17 @@ int __attribute__((cmse_nonsecure_entry)) wcs_ecdh_shared(int privkey_slot_id, i return 0; } -int __attribute__((cmse_nonsecure_entry)) wcs_get_random_call(byte *rand, size_t size) +int __attribute__((cmse_nonsecure_entry)) wcs_get_random(byte *rand, size_t size) { int ret; ret = wc_RNG_GenerateBlock(&wcs_rng, rand, size); return ret; } -void wsc_Init(void) +void wcs_Init(void) { + hal_trng_init(); wc_InitRng(&wcs_rng); } - - #endif diff --git a/test-app/Makefile b/test-app/Makefile index f3db5a9f..52bd446c 100644 --- a/test-app/Makefile +++ b/test-app/Makefile @@ -49,10 +49,10 @@ endif ifeq ($(TZEN),1) APP_OBJS+=../hal/$(TARGET)_ns.o - ifeq ($(WCSM),1) +# ifeq ($(WCSM),1) APP_OBJS+=../src/wc_secure_calls.o CFLAGS+=-DWOLFBOOT_SECURE_CALLS - endif +# endif else APP_OBJS+=../hal/$(TARGET).o endif diff --git a/test-app/app_stm32l5.c b/test-app/app_stm32l5.c index 738a3397..2aa9fe60 100644 --- a/test-app/app_stm32l5.c +++ b/test-app/app_stm32l5.c @@ -54,6 +54,9 @@ #define PWR_CR2 (*(volatile uint32_t *)(PWR_BASE + 0x04)) #define PWR_CR2_IOSV (1 << 9) +int wcs_get_random(unsigned char *rand, + uint32_t size); + static void boot_led_on(void) { uint32_t reg; @@ -97,14 +100,20 @@ void usr_led_off(void) void main(void) { +#ifdef WOLFBOOT_SECURE_CALLS + uint32_t rand; + uint32_t i; + wcs_get_random((void*)&rand, 4); + for (i = 0; i < rand; i++) + ; + +#endif hal_init(); boot_led_on(); usr_led_on(); boot_led_off(); if (wolfBoot_current_firmware_version() > 1) boot_led_on(); -#ifdef WOLFCRYPT_SECURE_MODE -#endif while(1) ;