Expanded WCS interface

- Added TRNG driver for STM32L5
- Link with correct objects in test-app
- Expanded wc_callable interface

Makefile

@@ -38,6 +38,7 @@ else
 endif
 
 WOLFCRYPT_OBJS:=
+SECURE_OBJS:=
 PUBLIC_KEY_OBJS:=
 ifneq ("$(NO_LOADER)","1")
   OBJS+=./src/loader.o

arch.mk

@@ -166,9 +166,9 @@ ifeq ($(ARCH),ARM)
     ifeq ($(TZEN),1)
       CFLAGS+=-mcmse
       ifeq ($(WCSM),1)
-        OBJS+=./src/wc_callable.o
+        SECURE_OBJS+=./src/wc_callable.o
-        WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/random.o
+        SECURE_OBJS+=./lib/wolfssl/wolfcrypt/src/random.o
-        WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/asn.o
+        SECURE_OBJS+=./lib/wolfssl/wolfcrypt/src/asn.o
         CFLAGS+=-DWOLFCRYPT_SECURE_MODE
         SECURE_LDFLAGS+=-Wl,--cmse-implib -Wl,--out-implib=./src/wc_secure_calls.o
       endif

config/examples/stm32l5-wcs.config

@@ -0,0 +1,28 @@
+ARCH?=ARM
+TZEN?=1
+TARGET?=stm32l5
+SIGN?=ECC256
+HASH?=SHA256
+DEBUG?=1
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+EXT_FLASH?=0
+SPI_FLASH?=0
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=1
+WOLFBOOT_VERSION?=1
+V?=0
+SPMATH?=1
+RAM_CODE?=0
+DUALBANK_SWAP?=0
+WOLFBOOT_PARTITION_SIZE?=0x1F800
+WOLFBOOT_SECTOR_SIZE?=0x800
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08040000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x805F800
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x0807F000
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+WCSM=1

hal/stm32l5.c

@@ -238,6 +238,7 @@
 #define RCC_AHB2_CLOCK_ER (*(volatile uint32_t *)(RCC_BASE + 0x4C ))
 #define GPIOG_AHB2_CLOCK_ER (1 << 6)
 #define GPIOD_AHB2_CLOCK_ER (1 << 3)
+#define TRNG_AHB2_CLOCK_ER  (1 << 18)
 
 #if defined (__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
 
@@ -729,4 +730,45 @@ void hal_prepare_boot(void)
 #endif
 }
 
+#ifdef WOLFCRYPT_SECURE_MODE
 
+#define TRNG_BASE 0x520C0800
+#define TRNG_CR *((volatile uint32_t *)(TRNG_BASE + 0x00))
+#define TRNG_SR *((volatile uint32_t *)(TRNG_BASE + 0x04))
+#define TRNG_DR *((volatile uint32_t *)(TRNG_BASE + 0x08))
+
+#define TRNG_SR_DRDY (1 << 0)
+#define TRNG_CR_RNGEN (1 << 2)
+
+void hal_trng_init(void)
+{
+    RCC_AHB2_CLOCK_ER |= TRNG_AHB2_CLOCK_ER;
+    TRNG_CR |= TRNG_CR_RNGEN;
+    while ((TRNG_SR & TRNG_SR_DRDY) == 0)
+        ;
+}
+
+/* Never used (RNG keeps running when in secure-mode) */
+void hal_trng_fini(void)
+{
+    TRNG_CR &= (~TRNG_CR_RNGEN);
+}
+
+int hal_trng_get_entropy(unsigned char *out, unsigned len)
+{
+    unsigned i;
+    uint32_t rand_seed = 0;
+    for (i = 0; i < len; i += 4)
+    {
+        while ((TRNG_SR & TRNG_SR_DRDY) == 0)
+            ;
+        rand_seed = TRNG_DR;
+        if ((len - i) < 4)
+            memcpy(out + i, &rand_seed, len - i);
+        else
+            memcpy(out + i, &rand_seed, 4);
+    }
+    return rand_seed;
+}
+
+#endif

include/hal.h

@@ -106,6 +106,14 @@ void hal_prepare_boot(void);
     }
 #endif /* !SPI_FLASH */
 
+#ifdef WOLFCRYPT_SECURE_MODE
+
+void hal_trng_init(void);
+void hal_trng_fini(void);
+int hal_trng_get_entropy(unsigned char *out, unsigned len);
+
+#endif
+
 #ifdef __cplusplus
 }
 #endif

include/loader.h

@@ -97,6 +97,10 @@ static inline void wolfBoot_panic(void)
 }
 #endif
 
+#ifdef WOLFCRYPT_SECURE_MODE
+void wcs_Init(void);
+#endif
+
 #ifdef __cplusplus
 }
 #endif

include/user_settings.h

@@ -105,6 +105,8 @@ extern int tolower(int c);
 #   define NO_ECC_KEY_EXPORT
 #   define NO_ASN
 #else
+
+
 #   define HAVE_ECC_SIGN
 #   define HAVE_ECC_CDH
 #   define WOLFSSL_SP
@@ -113,6 +115,9 @@ extern int tolower(int c);
 #   define SP_WORD_SIZE 32
 #   define WOLFSSL_HAVE_SP_ECC
 #   define WOLFSSL_SP_MATH_ALL
+
+int hal_trng_get_entropy(unsigned char *out, unsigned len);
+#   define CUSTOM_RAND_GENERATE_SEED hal_trng_get_entropy
 #endif
 
 /* Curve */
@@ -334,7 +339,6 @@ extern int tolower(int c);
     #define WC_NO_HASHDRBG
 #else
     #define HAVE_HASHDRBG
-    #define WOLFSSL_GENSEED_FORTEST
 #endif
 
 #define BENCH_EMBEDDED

options.mk

@@ -599,6 +599,8 @@ ifeq ($(HASH),SHA3)
 endif
 
 CFLAGS+=-DIMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE)
+OBJS+=$(WOLFCRYPT_OBJS)
+OBJS+=$(SECURE_OBJS)
 
 # check if both encryption and self update are on
 #

src/loader.c

@@ -108,7 +108,9 @@ int main(void)
 #ifdef WOLFBOOT_TPM
     wolfBoot_tpm2_init();
 #endif
-
+#ifdef WOLFCRYPT_SECURE_MODE
+    wcs_Init();
+#endif
     wolfBoot_start();
 
     /* wolfBoot_start should never return. */

src/wc_callable.c

@@ -5,6 +5,7 @@
 #include "wolfssl/wolfcrypt/aes.h"
 #include "wolfssl/wolfcrypt/random.h"
 #include "wolfboot/wolfboot.h"
+#include "hal.h"
 #include <stdint.h>
 
 
@@ -306,18 +307,17 @@ int __attribute__((cmse_nonsecure_entry)) wcs_ecdh_shared(int privkey_slot_id, i
     return 0;
 }
 
-int __attribute__((cmse_nonsecure_entry)) wcs_get_random_call(byte *rand, size_t size)
+int __attribute__((cmse_nonsecure_entry)) wcs_get_random(byte *rand, size_t size)
 {
     int ret;
     ret = wc_RNG_GenerateBlock(&wcs_rng, rand, size);
     return ret;
 }
 
-void wsc_Init(void)
+void wcs_Init(void)
 {
+    hal_trng_init();
     wc_InitRng(&wcs_rng);
 }
 
-
-
 #endif

test-app/Makefile

@@ -49,10 +49,10 @@ endif
 
 ifeq ($(TZEN),1)
     APP_OBJS+=../hal/$(TARGET)_ns.o
-    ifeq ($(WCSM),1)
+#    ifeq ($(WCSM),1)
         APP_OBJS+=../src/wc_secure_calls.o
         CFLAGS+=-DWOLFBOOT_SECURE_CALLS
-    endif
+#    endif
 else
     APP_OBJS+=../hal/$(TARGET).o
 endif

test-app/app_stm32l5.c

@@ -54,6 +54,9 @@
 #define PWR_CR2              (*(volatile uint32_t *)(PWR_BASE + 0x04))
 #define PWR_CR2_IOSV         (1 << 9)
 
+int wcs_get_random(unsigned char *rand,
+       uint32_t size);
+
 static void boot_led_on(void)
 {
     uint32_t reg;
@@ -97,14 +100,20 @@ void usr_led_off(void)
 
 void main(void)
 {
+#ifdef WOLFBOOT_SECURE_CALLS
+    uint32_t rand;
+    uint32_t i;
+    wcs_get_random((void*)&rand, 4);
+    for (i = 0; i < rand; i++)
+        ;
+
+#endif
     hal_init();
     boot_led_on();
     usr_led_on();
     boot_led_off();
     if (wolfBoot_current_firmware_version() > 1)
         boot_led_on();
-#ifdef WOLFCRYPT_SECURE_MODE
-#endif
 
     while(1)
         ;