WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfssl-examples/psa/trusted-firmware/build_tfm_example.sh

128 lines
4.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
WOLFSSL_TFM_WORKDIR=${WOLFSSL_TFM_WORKDIR:="/tmp"}
TFM_GIT_URL=https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git
TFM_COMMIT_ID=f07cc31545bbba3bad1806ed078c3aee3a09dc52
TRUSTED_FIRMWARE_DIR=${TRUSTED_FIRMWARE_DIR:="${WOLFSSL_TFM_WORKDIR}/wolfssl_tfm/tfm"}
WOLFSSL_DIR=${WOLFSSL_DIR:="${WOLFSSL_TFM_WORKDIR}/wolfssl_tfm/wolfssl"}
TEST_REPO_GIT_URL=https://git.trustedfirmware.org/TF-M/tf-m-tests.git
TEST_REPO_TAG=TF-Mv1.5.0
TEST_REPO_DIR=${TEST_REPO_DIR:="${WOLFSSL_TFM_WORKDIR}/wolfssl_tfm/wolfssl_test_repo"}
download_trusted_firmware_m() {
echo "downloading trusted firmware-m source in ${TRUSTED_FIRMWARE_DIR}..."
if [ -d "${TRUSTED_FIRMWARE_DIR}" ]
then
echo "${TRUSTED_FIRMWARE_DIR} exists, skipping src dowload.."
return
fi
mkdir -p "${TRUSTED_FIRMWARE_DIR}"
git clone "${TFM_GIT_URL}" "${TRUSTED_FIRMWARE_DIR}"
(cd "${TRUSTED_FIRMWARE_DIR}" && git checkout "${TFM_COMMIT_ID}")
}
download_wolfssl_src() {
echo "downloading WolfSSL source in ${WOLFSSL_DIR}..."
if [ -d "${WOLFSSL_DIR}" ]
then
echo "${WOLFSSL_DIR} exists, skipping src dowload.."
return
fi
mkdir -p "${WOLFSSL_DIR}"
curl --location https://api.github.com/repos/wolfssl/wolfssl/tarball/master | \
tar --directory="${WOLFSSL_DIR}" --strip-components=1 -x -z
}
download_tfm_repo_test_src() {
echo "downloading tfm_test_repo in ${TEST_REPO_DIR}..."
if [ -d "${TEST_REPO_DIR}" ]
then
echo "${TEST_REPO_DIR} exists, skipping src dowload.."
return
fi
mkdir -p "${TEST_REPO_DIR}"
git clone --depth 1 --branch "${TEST_REPO_TAG}"\
"${TEST_REPO_GIT_URL}" "${TEST_REPO_DIR}"
echo "applying wolfssl_patch to ${TEST_REPO_DIR}..."
cp ./0001-WolfSSL-TLS-1.3-client-server-PSA-demo.patch "${TEST_REPO_DIR}"
(cd "${TEST_REPO_DIR}" && \
git apply ./0001-WolfSSL-TLS-1.3-client-server-PSA-demo.patch)
}
compile_tfm() {
# restart from scratch if build dir already exists
if [ -d "${TRUSTED_FIRMWARE_DIR}/build" ]
then
rm -rf "${TRUSTED_FIRMWARE_DIR}/build"
fi
(cd "${TRUSTED_FIRMWARE_DIR}" && \
mkdir build && \
cd build && \
cmake .. -DTFM_PLATFORM=stm/nucleo_l552ze_q \
-DTFM_TOOLCHAIN_FILE=../toolchain_GNUARM.cmake \
-G"Unix Makefiles" \
-DNS=ON \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DTEST_S=OFF \
-DTEST_NS=OFF \
-DTFM_TEST_REPO_PATH="${TEST_REPO_DIR}" \
-DWOLFSSL_DEMO=ON \
-DWOLFSSL_ROOT_PATH="${WOLFSSL_DIR}"\
-DTFM_NS_REG_TEST=ON)
(cd "${TRUSTED_FIRMWARE_DIR}/build" && cmake --build . -- install && ./postbuild.sh)
}
compile_wolfssl() {
(cd "${WOLFSSL_DIR}" && \
./autogen.sh && \
CFLAGS="-mcpu=cortex-m33 -Os --specs=nano.specs -fdata-sections -ffunction-sections -fno-builtin -fshort-enums -funsigned-char -mthumb -nostdlib -Wno-error=redundant-decls -Wno-error=switch-enum \
-DNO_WOLFSSL_DIR -DWOLFSSL_NO_SOCK -DNO_WRITEV -DWOLFSSL_USER_IO -DNO_SHA512 -DNO_SHA224 -DNO_SHA -DNO_ERROR_STRINGS -DNO_FILESYSTEM -DBENCH_EMBEDDED -DWOLFSSL_SMALL_STACK" \
./configure \
--host=arm-none-eabi \
--disable-examples \
--disable-rsa \
--disable-chacha \
--disable-poly1305 \
--disable-dh \
--disable-md5 \
--disable-sha512 \
--disable-sha224 \
--disable-sha \
--disable-sha384 \
--disable-pwdbased \
--disable-pkcs12 \
--disable-tlsv12 \
--disable-crypttests \
--disable-benchmark \
--enable-pkcallbacks \
--enable-psa \
--with-psa-include="${TRUSTED_FIRMWARE_DIR}/interface/include" && \
make)
}
flash_tfm() {
(cd "${TRUSTED_FIRMWARE_DIR}/build" && \
./regression.sh && \
./TFM_UPDATE.sh )
}
download_trusted_firmware_m
download_wolfssl_src
download_tfm_repo_test_src
compile_wolfssl
compile_tfm
echo "WolfSSL TF-M example built."
echo "To flash on the board run:"
echo "cd ${TRUSTED_FIRMWARE_DIR}/build && ./regression.sh && ./TFM_UPDATE.sh"
# flash_tfm
Reference in New Issue View Git Blame Copy Permalink