From 2c447b24cd52c40624d11d6d3f6c1d75e8ead652 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Fri, 8 Feb 2019 15:21:33 +1000 Subject: [PATCH] Fixes from review and add IDE files --- IDE/zephyr/lib/CMakeLists.txt | 122 ++++++++ IDE/zephyr/lib/Kconfig | 85 ++++++ IDE/zephyr/lib/Kconfig.tls-generic | 272 ++++++++++++++++++ IDE/zephyr/lib/README | 0 IDE/zephyr/lib/install_lib.sh | 63 ++++ .../lib/settings/user_settings-tls-generic.h | 147 ++++++++++ IDE/zephyr/lib/user_settings.h | 147 ++++++++++ IDE/zephyr/lib/zephyr_init.c | 19 ++ IDE/zephyr/wolfssl_test/CMakeLists.txt | 8 + IDE/zephyr/wolfssl_test/install_test.sh | 49 ++++ IDE/zephyr/wolfssl_test/prj.conf | 19 ++ IDE/zephyr/wolfssl_test/sample.yaml | 9 + wolfcrypt/src/random.c | 27 +- wolfcrypt/src/wc_port.c | 8 +- 14 files changed, 955 insertions(+), 20 deletions(-) create mode 100644 IDE/zephyr/lib/CMakeLists.txt create mode 100644 IDE/zephyr/lib/Kconfig create mode 100644 IDE/zephyr/lib/Kconfig.tls-generic create mode 100644 IDE/zephyr/lib/README create mode 100755 IDE/zephyr/lib/install_lib.sh create mode 100644 IDE/zephyr/lib/settings/user_settings-tls-generic.h create mode 100644 IDE/zephyr/lib/user_settings.h create mode 100644 IDE/zephyr/lib/zephyr_init.c create mode 100644 IDE/zephyr/wolfssl_test/CMakeLists.txt create mode 100755 IDE/zephyr/wolfssl_test/install_test.sh create mode 100644 IDE/zephyr/wolfssl_test/prj.conf create mode 100644 IDE/zephyr/wolfssl_test/sample.yaml diff --git a/IDE/zephyr/lib/CMakeLists.txt b/IDE/zephyr/lib/CMakeLists.txt new file mode 100644 index 000000000..5e4c66dac --- /dev/null +++ b/IDE/zephyr/lib/CMakeLists.txt @@ -0,0 +1,122 @@ +zephyr_interface_library_named(wolfSSL) + +if(CONFIG_WOLFSSL_BUILTIN) + target_compile_definitions(wolfSSL INTERFACE + WOLFSSL_OPTIONS_FILE="${CONFIG_WOLFSSL_OPTIONS_FILE}" + ) + + target_include_directories(wolfSSL INTERFACE + include + settings + ) + + zephyr_library() + zephyr_library_sources(zephyr_init.c) + + zephyr_library_sources(library/src/crl.c) + zephyr_library_sources(library/src/internal.c) + zephyr_library_sources(library/src/keys.c) + zephyr_library_sources(library/src/ocsp.c) + zephyr_library_sources(library/src/sniffer.c) + zephyr_library_sources(library/src/ssl.c) + zephyr_library_sources(library/src/tls13.c) + zephyr_library_sources(library/src/tls.c) + zephyr_library_sources(library/src/wolfio.c) + + zephyr_library_sources(library/wolfcrypt/src/aes.c) + zephyr_library_sources(library/wolfcrypt/src/arc4.c) + zephyr_library_sources(library/wolfcrypt/src/asm.c) + zephyr_library_sources(library/wolfcrypt/src/asn.c) + zephyr_library_sources(library/wolfcrypt/src/async.c) + zephyr_library_sources(library/wolfcrypt/src/blake2b.c) + zephyr_library_sources(library/wolfcrypt/src/camellia.c) + zephyr_library_sources(library/wolfcrypt/src/chacha20_poly1305.c) + zephyr_library_sources(library/wolfcrypt/src/chacha.c) + zephyr_library_sources(library/wolfcrypt/src/cmac.c) + zephyr_library_sources(library/wolfcrypt/src/coding.c) + zephyr_library_sources(library/wolfcrypt/src/compress.c) + zephyr_library_sources(library/wolfcrypt/src/cpuid.c) + zephyr_library_sources(library/wolfcrypt/src/cryptocb.c) + zephyr_library_sources(library/wolfcrypt/src/curve25519.c) + zephyr_library_sources(library/wolfcrypt/src/des3.c) + zephyr_library_sources(library/wolfcrypt/src/dh.c) + zephyr_library_sources(library/wolfcrypt/src/dsa.c) + zephyr_library_sources(library/wolfcrypt/src/ecc.c) + zephyr_library_sources(library/wolfcrypt/src/ecc_fp.c) + zephyr_library_sources(library/wolfcrypt/src/ed25519.c) + zephyr_library_sources(library/wolfcrypt/src/error.c) + zephyr_library_sources(library/wolfcrypt/src/fe_low_mem.c) + zephyr_library_sources(library/wolfcrypt/src/fe_operations.c) + #zephyr_library_sources(library/wolfcrypt/src/fips.c) + #zephyr_library_sources(library/wolfcrypt/src/fips_test.c) + zephyr_library_sources(library/wolfcrypt/src/ge_low_mem.c) + zephyr_library_sources(library/wolfcrypt/src/ge_operations.c) + zephyr_library_sources(library/wolfcrypt/src/hash.c) + zephyr_library_sources(library/wolfcrypt/src/hc128.c) + zephyr_library_sources(library/wolfcrypt/src/hmac.c) + zephyr_library_sources(library/wolfcrypt/src/idea.c) + zephyr_library_sources(library/wolfcrypt/src/integer.c) + zephyr_library_sources(library/wolfcrypt/src/logging.c) + zephyr_library_sources(library/wolfcrypt/src/md2.c) + zephyr_library_sources(library/wolfcrypt/src/md4.c) + zephyr_library_sources(library/wolfcrypt/src/md5.c) + zephyr_library_sources(library/wolfcrypt/src/memory.c) + #zephyr_library_sources(library/wolfcrypt/src/misc.c) + zephyr_library_sources(library/wolfcrypt/src/pkcs12.c) + zephyr_library_sources(library/wolfcrypt/src/pkcs7.c) + zephyr_library_sources(library/wolfcrypt/src/poly1305.c) + zephyr_library_sources(library/wolfcrypt/src/pwdbased.c) + zephyr_library_sources(library/wolfcrypt/src/rabbit.c) + zephyr_library_sources(library/wolfcrypt/src/random.c) + zephyr_library_sources(library/wolfcrypt/src/ripemd.c) + zephyr_library_sources(library/wolfcrypt/src/rsa.c) + #zephyr_library_sources(library/wolfcrypt/src/selftest.c) + zephyr_library_sources(library/wolfcrypt/src/sha256.c) + zephyr_library_sources(library/wolfcrypt/src/sha3.c) + zephyr_library_sources(library/wolfcrypt/src/sha512.c) + zephyr_library_sources(library/wolfcrypt/src/sha.c) + zephyr_library_sources(library/wolfcrypt/src/signature.c) + zephyr_library_sources(library/wolfcrypt/src/sp_arm32.c) + zephyr_library_sources(library/wolfcrypt/src/sp_arm64.c) + zephyr_library_sources(library/wolfcrypt/src/sp_armthumb.c) + zephyr_library_sources(library/wolfcrypt/src/sp_c32.c) + zephyr_library_sources(library/wolfcrypt/src/sp_c64.c) + zephyr_library_sources(library/wolfcrypt/src/sp_cortexm.c) + zephyr_library_sources(library/wolfcrypt/src/sp_int.c) + zephyr_library_sources(library/wolfcrypt/src/sp_x86_64.c) + zephyr_library_sources(library/wolfcrypt/src/srp.c) + zephyr_library_sources(library/wolfcrypt/src/tfm.c) + zephyr_library_sources(library/wolfcrypt/src/wc_encrypt.c) + zephyr_library_sources(library/wolfcrypt/src/wc_pkcs11.c) + zephyr_library_sources(library/wolfcrypt/src/wc_port.c) + #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_first.c) + #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_last.c) + zephyr_library_sources(library/wolfcrypt/src/wolfevent.c) + zephyr_library_sources(library/wolfcrypt/src/wolfmath.c) + + zephyr_library_link_libraries(wolfSSL) + + add_definitions(-DWOLFSSL_USER_SETTINGS) + add_definitions(-DWOLFSSL_ZEPHYR) + include_directories("library") +else() + assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.") + + # NB: CONFIG_WOLFSSL_LIBRARY is not regression tested and is + # therefore susceptible to bit rot + + target_include_directories(wolfSSL INTERFACE + ${CONFIG_WOLFSSL_INSTALL_PATH} + ) + + zephyr_link_libraries( + mbedtls_external + -L${CONFIG_WOLFSSL_INSTALL_PATH} + gcc + ) + # Lib wolfssl depends on libgcc so to allow + # wolfssl to link with gcc we need to ensure it is placed + # after wolfssl_external on the linkers command line. +endif() + +target_link_libraries(wolfSSL INTERFACE zephyr_interface) diff --git a/IDE/zephyr/lib/Kconfig b/IDE/zephyr/lib/Kconfig new file mode 100644 index 000000000..67f53570c --- /dev/null +++ b/IDE/zephyr/lib/Kconfig @@ -0,0 +1,85 @@ +# Kconfig - Cryptography primitive options for wolfSSL + +# +# Copyright (c) 2016 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +menuconfig WOLFSSL + bool "wolfSSL Support" + help + This option enables the wolfSSL cryptography library. + +if WOLFSSL + +choice + prompt "Select implementation" + default WOLFSSL_BUILTIN + +config WOLFSSL_BUILTIN + bool "Enable wolfSSL integrated sources" + help + Link with local wolfSSL sources instead of external library. + +config WOLFSSL_LIBRARY + bool "Enable wolfSSL external library" + help + This option enables wolfSSL library. + +endchoice + +config WOLFSSL_SETTINGS_FILE + string "wolfSSL settings file" + depends on WOLFSSL_BUILTIN + default "user_settings-tls-generic.h" + help + Use a specific wolfSSL settings file. The default config file + file can be tweaked with Kconfig. The default settings is + suitable to communicate with majority of HTTPS servers on the Internet, + but has relatively many features enabled. To optimize resources for + special TLS usage, use available Kconfig settings, or select an + alternative config. + +if WOLFSSL_BUILTIN && WOLFSSL_SETTINGS_FILE = "user_settings-tls-generic.h" +source "ext/lib/crypto/wolfssl/Kconfig.tls-generic" +endif + +config WOLFSSL_DEBUG + bool "wolfSSL debug activation" + depends on WOLFSSL_BUILTIN + help + Enable debugging activation for wolfSSL configuration. If you use + wolfSSL/Zephyr integration (e.g. net_app), this will activate debug + logging (of the level configured by WOLFSSL_DEBUG_LEVEL). + +config WOLFSSL_INSTALL_PATH + string "wolfSSL install path" + depends on WOLFSSL_LIBRARY + help + This option holds the path where the wolfSSL libraries and headers are + installed. Make sure this option is properly set when WOLFSSL_LIBRARY + is enabled otherwise the build will fail. + +config APP_LINK_WITH_WOLFSSL + bool "Link 'app' with WOLFSSL" + default y + depends on WOLFSSL + help + Add WOLFSSL header files to the 'app' include path. It may be + disabled if the include paths for WOLFSSL are causing aliasing + issues for 'app'. + +endif + diff --git a/IDE/zephyr/lib/Kconfig.tls-generic b/IDE/zephyr/lib/Kconfig.tls-generic new file mode 100644 index 000000000..f18451188 --- /dev/null +++ b/IDE/zephyr/lib/Kconfig.tls-generic @@ -0,0 +1,272 @@ +# Kconfig.tls - TLS/DTLS related options + +# +# Copyright (c) 2018 Intel Corporation +# Copyright (c) 2018 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: Apache-2.0 +# + +menu "TLS configuration" + +menu "Supported TLS version" + +config WOLFSSL_TLS_VERSION_1_0 + bool "Enable support for TLS 1.0" + select WOLFSSL_ALLOW_TLSV10_ENABLED + +config WOLFSSL_TLS_VERSION_1_1 + bool "Enable support for TLS 1.1" + select WOLFSSL_NO_OLD_TLS_DISABLED + +config WOLFSSL_TLS_VERSION_1_2 + bool "Enable support for TLS 1.2" + default y + +config WOLFSSL_TLS_VERSION_1_3 + bool "Enable support for TLS 1.3" + select WOLFSSL_TLS13_ENABLED + +endmenu + +menu "Ciphersuite configuration" + +comment "Supported key exchange modes" + +config WOLFSSL_KEY_EXCHANGE_ALL_ENABLED + bool "Enable all available ciphersuite modes" + select WOLFSSL_KEY_EXCHANGE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + +config WOLFSSL_KEY_EXCHANGE_PSK_ENABLED + bool "Enable the PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED + bool "Enable the DHE-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + bool "Enable the ECDHE-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED + bool "Enable the RSA-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_RSA_ENABLED + bool "Enable the RSA-only based ciphersuite modes" + default y + +config WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED + bool "Enable the DHE-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED + bool "Enable the ECDHE-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + bool "Enable the ECDHE-ECDSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + bool "Enable the ECDH-ECDSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED + bool "Enable the ECDH-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + bool "Enable the ECJPAKE based ciphersuite modes" + +if WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + +comment "Supported elliptic curves" + +config WOLFSSL_ECP_ALL_ENABLED + bool "Enable all available elliptic curves" + select WOLFSSL_ECP_DP_SECP192R1_ENABLED + select WOLFSSL_ECP_DP_SECP192R1_ENABLED + select WOLFSSL_ECP_DP_SECP224R1_ENABLED + select WOLFSSL_ECP_DP_SECP256R1_ENABLED + select WOLFSSL_ECP_DP_SECP384R1_ENABLED + select WOLFSSL_ECP_DP_SECP521R1_ENABLED + select WOLFSSL_ECP_DP_SECP192K1_ENABLED + select WOLFSSL_ECP_DP_SECP224K1_ENABLED + select WOLFSSL_ECP_DP_SECP256K1_ENABLED + select WOLFSSL_ECP_DP_BP256R1_ENABLED + select WOLFSSL_ECP_DP_BP384R1_ENABLED + select WOLFSSL_ECP_DP_BP512R1_ENABLED + select WOLFSSL_ECP_DP_CURVE25519_ENABLED + select WOLFSSL_ECP_DP_CURVE448_ENABLED + select WOLFSSL_ECP_NIST_OPTIM + +config WOLFSSL_ECP_DP_SECP192R1_ENABLED + bool "Enable SECP192R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP224R1_ENABLED + bool "Enable SECP224R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP256R1_ENABLED + bool "Enable SECP256R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP384R1_ENABLED + bool "Enable SECP384R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP521R1_ENABLED + bool "Enable SECP521R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP192K1_ENABLED + bool "Enable SECP192K1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP224K1_ENABLED + bool "Enable SECP224K1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP256K1_ENABLED + bool "Enable SECP256K1 elliptic curve" + +config WOLFSSL_ECP_DP_BP256R1_ENABLED + bool "Enable BP256R1 elliptic curve" + +config WOLFSSL_ECP_DP_BP384R1_ENABLED + bool "Enable BP384R1 elliptic curve" + +config WOLFSSL_ECP_DP_BP512R1_ENABLED + bool "Enable BP512R1 elliptic curve" + +config WOLFSSL_ECP_DP_CURVE25519_ENABLED + bool "Enable CURVE25519 elliptic curve" + +config WOLFSSL_ECP_DP_CURVE448_ENABLED + bool "Enable CURVE448 elliptic curve" + +config WOLFSSL_ECP_NIST_OPTIM + bool "Enable NSIT curves optimization" + +endif + +comment "Supported cipher modes" + +config WOLFSSL_CIPHER_ALL_ENABLED + bool "Enable all available ciphers" + select WOLFSSL_CIPHER_AES_ENABLED + select WOLFSSL_CIPHER_CAMELLIA_ENABLED + select WOLFSSL_CIPHER_DES_ENABLED + select WOLFSSL_CIPHER_ARC4_ENABLED + select WOLFSSL_CIPHER_CHACHA20_ENABLED + select WOLFSSL_CIPHER_BLOWFISH_ENABLED + select WOLFSSL_CIPHER_CCM_ENABLED + select WOLFSSL_CIPHER_MODE_XTS_ENABLED + select WOLFSSL_CIPHER_MODE_GCM_ENABLED + select WOLFSSL_CIPHER_CBC_ENABLED + select WOLFSSL_CHACHAPOLY_AEAD_ENABLED + +config WOLFSSL_CIPHER_AES_ENABLED + bool "Enable the AES block cipher" + default y + +config WOLFSSL_AES_ROM_TABLES + depends on WOLFSSL_CIPHER_AES_ENABLED + bool "Use precomputed AES tables stored in ROM." + default y + +config WOLFSSL_CIPHER_CAMELLIA_ENABLED + bool "Enable the Camellia block cipher" + +config WOLFSSL_CIPHER_DES_ENABLED + bool "Enable the DES block cipher" + default y + +config WOLFSSL_CIPHER_ARC4_ENABLED + bool "Enable the ARC4 stream cipher" + +config WOLFSSL_CIPHER_CHACHA20_ENABLED + bool "Enable the ChaCha20 stream cipher" + +config WOLFSSL_CIPHER_BLOWFISH_ENABLED + bool "Enable the Blowfish block cipher" + +config WOLFSSL_CIPHER_CCM_ENABLED + bool "Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_MODE_XTS_ENABLED + bool "Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_MODE_GCM_ENABLED + bool "Enable the Galois/Counter Mode (GCM) for AES" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_CBC_ENABLED + bool "Enable Cipher Block Chaining mode (CBC) for symmetric ciphers" + default y + +config WOLFSSL_CHACHAPOLY_AEAD_ENABLED + bool "Enable the ChaCha20-Poly1305 AEAD algorithm" + depends on WOLFSSL_CIPHER_CHACHA20_ENABLED || WOLFSSL_MAC_POLY1305_ENABLED + +comment "Supported message authentication methods" + +config WOLFSSL_MAC_ALL_ENABLED + bool "Enable all available MAC methods" + select WOLFSSL_MAC_MD4_ENABLED + select WOLFSSL_MAC_MD5_ENABLED + select WOLFSSL_MAC_SHA1_ENABLED + select WOLFSSL_MAC_SHA256_ENABLED + select WOLFSSL_MAC_SHA512_ENABLED + select WOLFSSL_MAC_POLY1305_ENABLED + +config WOLFSSL_MAC_MD4_ENABLED + bool "Enable the MD4 hash algorithm" + +config WOLFSSL_MAC_MD5_ENABLED + bool "Enable the MD5 hash algorithm" + default y + +config WOLFSSL_MAC_SHA1_ENABLED + bool "Enable the SHA1 hash algorithm" + default y + +config WOLFSSL_MAC_SHA256_ENABLED + bool "Enable the SHA-224 and SHA-256 hash algorithms" + default y + +config WOLFSSL_MAC_SHA512_ENABLED + bool "Enable the SHA-384 and SHA-512 hash algorithms" + +config WOLFSSL_MAC_POLY1305_ENABLED + bool "Enable the Poly1305 MAC algorithm" + +endmenu + +comment "Random number generators" + +config WOLFSSL_HMAC_DRBG_ENABLED + bool "Enable the HMAC_DRBG random generator" + default y + +comment "Other configurations" + +config WOLFSSL_HAVE_ASM + bool "Enable use of assembly code" + default y + help + Enable use of assembly code in wolfSSL. This improves the performances + of asymetric cryptography, however this might have an impact on the + code size. + +config WOLFSSL_USER_SETTTINGS + string "User settings file for wolfSSL" + help + User settings file that contains wolfSSL defines. + +endmenu diff --git a/IDE/zephyr/lib/README b/IDE/zephyr/lib/README new file mode 100644 index 000000000..e69de29bb diff --git a/IDE/zephyr/lib/install_lib.sh b/IDE/zephyr/lib/install_lib.sh new file mode 100755 index 000000000..77d0a1358 --- /dev/null +++ b/IDE/zephyr/lib/install_lib.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +WOLFSSL_SRC_DIR=../../.. + +if [ ! -d $WOLFSSL_SRC_DIR ]; then + echo "Directory does not exist: $WOLFSSL_SRC_DIR" + exit 1 +fi +if [ ! -f $WOLFSSL_SRC_DIR/wolfssl/ssl.h ]; then + echo "Missing header file: $WOLFSSL_SRC_DIR/wolfssl/ssl.h" + exit 1 +fi + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/ext/lib/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Build files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Copy Source Code ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/library +mkdir $ZEPHYR_WOLFSSL_DIR/library +mkdir $ZEPHYR_WOLFSSL_DIR/library/src +mkdir -p $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src + +cp -rf ${WOLFSSL_SRC_DIR}/src/*.c $ZEPHYR_WOLFSSL_DIR/library/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.c $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.i $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.S $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ + +echo "Copy Header Files ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/include +mkdir $ZEPHYR_WOLFSSL_DIR/include + +cp $ZEPHYR_WOLFSSL_DIR/user_settings.h $ZEPHYR_WOLFSSL_DIR/include/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfssl $ZEPHYR_WOLFSSL_DIR/include/ +rm -f $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h +rm -rf $ZEPHYR_WOLFSSL_DIR/include/wolfssl/wolfcrypt/port + + +echo "Done" + diff --git a/IDE/zephyr/lib/settings/user_settings-tls-generic.h b/IDE/zephyr/lib/settings/user_settings-tls-generic.h new file mode 100644 index 000000000..b0eb7ec24 --- /dev/null +++ b/IDE/zephyr/lib/settings/user_settings-tls-generic.h @@ -0,0 +1,147 @@ +/* wolfssl options.h + * generated from configure options + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + */ + +#ifndef WOLFSSL_OPTIONS_H +#define WOLFSSL_OPTIONS_H + + +#ifdef __cplusplus +extern "C" { +#endif + +#undef WOLFSSL_ZEPHYR +#define WOLFSSL_ZEPHYR + +#if 1 +#undef SINGLE_THREADED +#define SINGLE_THREADED +#endif + +#undef TFM_TIMING_RESISTANT +#define TFM_TIMING_RESISTANT + +#undef ECC_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT + +#undef WC_RSA_BLINDING +#define WC_RSA_BLINDING + +#undef HAVE_AESGCM +#define HAVE_AESGCM + +#undef WOLFSSL_SHA512 +#define WOLFSSL_SHA512 + +#undef WOLFSSL_SHA384 +#define WOLFSSL_SHA384 + +#undef NO_DSA +#define NO_DSA + +#undef HAVE_ECC +#define HAVE_ECC + +#undef TFM_ECC256 +#define TFM_ECC256 + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef WOLFSSL_SHA224 +#define WOLFSSL_SHA224 + +#undef WOLFSSL_SHA3 +#define WOLFSSL_SHA3 + +#undef HAVE_POLY1305 +#define HAVE_POLY1305 + +#undef HAVE_ONE_TIME_AUTH +#define HAVE_ONE_TIME_AUTH + +#undef HAVE_CHACHA +#define HAVE_CHACHA + +#undef HAVE_HASHDRBG +#define HAVE_HASHDRBG + +#undef NO_FILESYSTEM +#define NO_FILESYSTEM + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +#define NO_PWDBASED + +#undef USE_FAST_MATH +#define USE_FAST_MATH + +#undef WOLFSSL_NO_ASM +#define WOLFSSL_NO_ASM + +#undef WOLFSSL_X86_BUILD +#define WOLFSSL_X86_BUILD + +#undef WC_NO_ASYNC_THREADING +#define WC_NO_ASYNC_THREADING + +#undef NO_DES3 +#define NO_DES3 + +#if 1 +#undef NO_ASN_TIME +#define NO_ASN_TIME +#endif + +#undef WOLFSSL_STATIC_MEMORY +#define WOLFSSL_STATIC_MEMORY + +#if 0 +#undef WOLFSSL_HAVE_SP_RSA +#define WOLFSSL_HAVE_SP_RSA +#undef WOLFSSL_HAVE_SP_DH +#define WOLFSSL_HAVE_SP_DH +#undef WOLFSSL_HAVE_SP_ECC +#define WOLFSSL_HAVE_SP_ECC +#endif + +#if 0 +#undef DEBUG_WOLFSSL +#define DEBUG_WOLFSSL +#endif + +#ifdef __cplusplus +} +#endif + + +#endif /* WOLFSSL_OPTIONS_H */ + diff --git a/IDE/zephyr/lib/user_settings.h b/IDE/zephyr/lib/user_settings.h new file mode 100644 index 000000000..7210be06d --- /dev/null +++ b/IDE/zephyr/lib/user_settings.h @@ -0,0 +1,147 @@ + +#ifndef USER_SETTINGS_H +#define USER_SETTINGS_H + +#ifdef CONFIG_WOLFSSL +#ifdef CONFIG_WOLFSSL_SETTINGS_FILE + +#include CONFIG_WOLFSSL_SETTINGS_FILE + +#else + +#ifdef __cplusplus +extern "C" { +#endif + +#undef WOLFSSL_ZEPHYR +#define WOLFSSL_ZEPHYR + +#if 1 +#undef SINGLE_THREADED +#define SINGLE_THREADED +#endif + +#undef TFM_TIMING_RESISTANT +#define TFM_TIMING_RESISTANT + +#undef ECC_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT + +#undef WC_RSA_BLINDING +#define WC_RSA_BLINDING + +#undef HAVE_AESGCM +#define HAVE_AESGCM + +#undef WOLFSSL_SHA512 +#define WOLFSSL_SHA512 + +#undef WOLFSSL_SHA384 +#define WOLFSSL_SHA384 + +#undef NO_DSA +#define NO_DSA + +#undef HAVE_ECC +#define HAVE_ECC + +#undef TFM_ECC256 +#define TFM_ECC256 + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef WOLFSSL_SHA224 +#define WOLFSSL_SHA224 + +#undef WOLFSSL_SHA3 +#define WOLFSSL_SHA3 + +#undef HAVE_POLY1305 +#define HAVE_POLY1305 + +#undef HAVE_ONE_TIME_AUTH +#define HAVE_ONE_TIME_AUTH + +#undef HAVE_CHACHA +#define HAVE_CHACHA + +#undef HAVE_HASHDRBG +#define HAVE_HASHDRBG + +#undef NO_FILESYSTEM +#define NO_FILESYSTEM + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +#define NO_PWDBASED + +#undef USE_FAST_MATH +#define USE_FAST_MATH + +#undef WOLFSSL_NO_ASM +#define WOLFSSL_NO_ASM + +#undef WOLFSSL_X86_BUILD +#define WOLFSSL_X86_BUILD + +#undef WC_NO_ASYNC_THREADING +#define WC_NO_ASYNC_THREADING + +#undef NO_DES3 +#define NO_DES3 + +#if 1 +#undef NO_ASN_TIME +#define NO_ASN_TIME +#endif + +#undef WOLFSSL_STATIC_MEMORY +#define WOLFSSL_STATIC_MEMORY + +#if 0 +#undef WOLFSSL_HAVE_SP_RSA +#define WOLFSSL_HAVE_SP_RSA +#undef WOLFSSL_HAVE_SP_DH +#define WOLFSSL_HAVE_SP_DH +#undef WOLFSSL_HAVE_SP_ECC +#define WOLFSSL_HAVE_SP_ECC +#endif + +#if 0 +#undef DEBUG_WOLFSSL +#define DEBUG_WOLFSSL +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* CONFIG_WOLFSSL_SETTINGS_FILE */ +#endif /* CONFIG_WOLFSSL */ + +#endif /* USER_SETTINGS_H */ + diff --git a/IDE/zephyr/lib/zephyr_init.c b/IDE/zephyr/lib/zephyr_init.c new file mode 100644 index 000000000..a298f3179 --- /dev/null +++ b/IDE/zephyr/lib/zephyr_init.c @@ -0,0 +1,19 @@ +/** @file + * @brief wolfSSL initialization + * + * Initialize the wolfSSL library. + */ + +#include + +#include "user_settings.h" +#include "wolfssl/ssl.h" + +static int _wolfssl_init(struct device *device) +{ + ARG_UNUSED(device); + + return 0; +} + +SYS_INIT(_wolfssl_init, POST_KERNEL, 0); diff --git a/IDE/zephyr/wolfssl_test/CMakeLists.txt b/IDE/zephyr/wolfssl_test/CMakeLists.txt new file mode 100644 index 000000000..edf423efc --- /dev/null +++ b/IDE/zephyr/wolfssl_test/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_test) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_test/install_test.sh b/IDE/zephyr/wolfssl_test/install_test.sh new file mode 100755 index 000000000..1d3a6c41a --- /dev/null +++ b/IDE/zephyr/wolfssl_test/install_test.sh @@ -0,0 +1,49 @@ +#!/bin/sh + +WOLFSSL_SRC_DIR=../../.. + +if [ ! -d $WOLFSSL_SRC_DIR ]; then + echo "Directory does not exist: $WOLFSSL_SRC_DIR" + exit 1 +fi +if [ ! -f $WOLFSSL_SRC_DIR/wolfcrypt/test/test.c ]; then + echo "Missing source file: $WOLFSSL_SRC_DIR/wolfcrypt/test/test.h" + exit 1 +fi + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_test + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Build files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Copy Source Code ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/src +mkdir $ZEPHYR_WOLFSSL_DIR/src + +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.c $ZEPHYR_WOLFSSL_DIR/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.h $ZEPHYR_WOLFSSL_DIR/src/ + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_test/prj.conf b/IDE/zephyr/wolfssl_test/prj.conf new file mode 100644 index 000000000..852937ba6 --- /dev/null +++ b/IDE/zephyr/wolfssl_test/prj.conf @@ -0,0 +1,19 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=32768 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +CONFIG_FLOAT=y +CONFIG_SSE=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +#CONFIG_FILE_SYSTEM=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + diff --git a/IDE/zephyr/wolfssl_test/sample.yaml b/IDE/zephyr/wolfssl_test/sample.yaml new file mode 100644 index 000000000..23110dcdb --- /dev/null +++ b/IDE/zephyr/wolfssl_test/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL test application + name: wolfSSL Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index a9477737b..239f5ce60 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -2170,24 +2170,15 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) { int ret = 0; - struct device* dev; - - dev = device_get_binding(CONFIG_ENTROPY_NAME); - if (dev != NULL) { - if (entropy_get_entropy(dev, output, sz) != 0) - ret = READ_RAN_E; - } - else { - word32 now; - while (sz > 0) { - word32 len = sizeof(now); - if (sz < len) - len = sz; - now = k_cycle_get_32(); - XMEMCPY(output, &now, sz); - output += len; - sz -= len; - } + word32 rand; + while (sz > 0) { + word32 len = sizeof(rand); + if (sz < len) + len = sz; + rand = sys_rand32_get(); + XMEMCPY(output, &rand, sz); + output += len; + sz -= len; } return ret; diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 53c28a643..6c997a5f1 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -490,8 +490,12 @@ XFILE z_fs_open(const char* filename, const char* perm) XFILE file; file = XMALLOC(sizeof(file), NULL, DYNAMIC_TYPE_FILE); - if (file != NULL) - fs_open(file, filename); + if (file != NULL) { + if (fs_open(file, filename) != 0) { + XFREE(file); + file = NULL; + } + } return file; }