add SP build for SGX

IDE/LINUX-SGX/README.md

@@ -1,7 +1,10 @@
 # Static Library: Building libwolfssl.sgx.static.lib.a for use with SGX Enclaves
 
 ### Requirements:
-This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necessary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familure with simulation software being used in place of hardware.
+This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necessary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familiar with simulation software being used in place of hardware.
+
+### Security:
+If not already in use, it is recommended that SP (single precision) RSA and ECC code is used. This will help mitigate potential side channel attacks. To use SP code check that wolfcrypt/src/sp_c32.c and wolfcrypt/src/sp_c64.c are compiled and add HAVE_WOLFSSL_SP=1 to the build command to define the necessary macros.
 
 ### Overview and Build:
 This project creates a static library to then link with Enclaves. A simple example of an Enclave linking to the created wolfSSL library can be found in wolfssl-examples on github. This project has been tested with gcc 5.4.0 on Ubuntu 16.04.
@@ -21,9 +24,10 @@ This will create a local static library, libwolfssl.sgx.static.lib.a, that can b
     To enable wolfssl debug, add CFLAGS=-DDEBUG_WOLFSSL.
     To enable wolfssl benchmark tests with enclave, specify: HAVE_WOLFSSL_BENCHMARK at build
     To enable wolfcrypt testsuite with enclave, specify: HAVE_WOLFSSL_TEST at build
+    To enable SP code, specify: HAVE_WOLFSSL_SP at build
 
-For example, to enable all three:
-`make -f sgx_t_static.mk CFLAGS=-DDEBUG_WOLFSSL HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1`
+For example:
+`make -f sgx_t_static.mk CFLAGS=-DDEBUG_WOLFSSL HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1 HAVE_WOLFSSL_SP=1`
 
 NOTE: This more customized step has been provided for easier execution in the
       script `build.sh`

IDE/LINUX-SGX/build.sh

@@ -5,5 +5,5 @@ CFLAGS_NEW="-DDEBUG_WOLFSSL"
 export CFLAGS="${CFLAGS} ${CFLAGS_NEW}"
 echo ${CFLAGS}
 
-make -f sgx_t_static.mk HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1
+make -f sgx_t_static.mk HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1 HAVE_WOLFSSL_SP=1
 

IDE/LINUX-SGX/sgx_t_static.mk

@@ -45,6 +45,7 @@ endif
 Crypto_Library_Name := sgx_tcrypto
 
 Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+
 Wolfssl_C_Files :=$(WOLFSSL_ROOT)/wolfcrypt/src/aes.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/arc4.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/asn.c\
@@ -86,6 +87,8 @@ Wolfssl_C_Files :=$(WOLFSSL_ROOT)/wolfcrypt/src/aes.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/sha256.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/sha512.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/signature.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.c\
 					$(WOLFSSL_ROOT)/src/ssl.c\
 					$(WOLFSSL_ROOT)/src/tls.c\
 					$(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.c\
@@ -105,6 +108,11 @@ ifeq ($(HAVE_WOLFSSL_BENCHMARK), 1)
 	Wolfssl_Include_Paths += -I$(WOLFSSL_ROOT)/wolfcrypt/benchmark/
 endif
 
+ifeq ($(HAVE_WOLFSSL_SP), 1)
+    Wolfssl_C_Extra_Flags += -DWOLFSSL_HAVE_SP_RSA \
+                             -DWOLFSSL_HAVE_SP_DH  \
+                             -DWOLFSSL_HAVE_SP_ECC
+endif
 
 
 Flags_Just_For_C := -Wno-implicit-function-declaration -std=c11