diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index d399da0ae..d5ac941f0 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -460,6 +460,7 @@ STM32H723xx STM32H725xx STM32H743xx STM32H753xx +STM32H7S3xx STM32L475xx STM32L4A6xx STM32L552xx diff --git a/IDE/STM32Cube/README.md b/IDE/STM32Cube/README.md index 7a7125cd6..1e1c5bdfc 100644 --- a/IDE/STM32Cube/README.md +++ b/IDE/STM32Cube/README.md @@ -15,30 +15,34 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu * STM32CubeIDE: Integrated Development Environment for STM32 [https://www.st.com/en/development-tools/stm32cubeide.html](https://www.st.com/en/development-tools/stm32cubeide.html) * STM32CubeMX: STM32Cube initialization code generator [https://www.st.com/en/development-tools/stm32cubemx.html](https://www.st.com/en/development-tools/stm32cubemx.html) -## STM32 Cube Pack +## STM32 Cube Pack Install -### STM32 Cube Pack Installation +The STM32 Cube packs are integrated into the STM32CubeIDE and STM32CubeMX tools. You will find packs for wolfSSL, wolfSSH, wolfTPM and wolfMQTT. + +If you need to manually install a Cube Pack you can do the following: 1. Download [wolfSSL Cube Pack](https://www.wolfssl.com/files/ide/I-CUBE-wolfSSL.pack) -2. Run the “STM32CubeMX” tool. -3. Under “Manage software installations” pane on the right, click “INSTALL/REMOVE” button. This can be also found by clicking "Help" -> "Managed embedded software packages" -4. From Local and choose “I-CUBE-wolfSSL.pack”. +2. Run the "STM32CubeMX" tool. +3. Under "Manage software installations" pane on the right, click "INSTALL/REMOVE" button. This can be also found by clicking "Help" -> "Managed embedded software packages" +4. From Local and choose "I-CUBE-wolfSSL.pack". 5. Accept the GPLv2 license. Contact wolfSSL at sales@wolfssl.com for a commercial license and support/maintenance. ### STM32 Cube Pack Usage 1. Create or open a Cube Project based on your hardware. See the sections below for creating a project and finding the example projects. -2. Under “Software Packs” choose “Select Components”. +2. Under "Software Packs" choose "Select Components". 3. Find and check all components for the wolfSSL.wolfSSL packs (wolfSSL / Core, wolfCrypt / Core and wolfCrypt / Test). Close -4. Under the “Software Packs” section click on “wolfSSL.wolfSSL” and configure the parameters. -5. For Cortex-M recommend “Math Configuration” -> “Single Precision Cortex-M Math” for the fastest option. If seeing `error: r7 cannot be used in 'asm` add `-fomit-frame-pointer` to the CFLAGS. This only happens in debug builds, because r7 is used for debug. +4. Under the "Software Packs" section click on "wolfSSL.wolfSSL" and configure the parameters. +5. For Cortex-M recommend "Math Configuration" -> "Single Precision Cortex-M Math" for the fastest option. + - If seeing `error: r7 cannot be used in 'asm` add `-fomit-frame-pointer` to the CFLAGS. This only happens in debug builds, because `r7` is used for debug. 6. Hit the "Generate Code" button 7. Open the project in STM32CubeIDE 8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf". 9. To enable printf make the `main.c` changes below in the [STM32 Printf](#stm32-printf) section. - -**Note:** The STM32MP13 will likely require you to use DDR RAM, as well as enabling MMU and caches for optimum performance. Please see the `STM32MP13.md` file in `wolfcrypt/src/port/st` for more information on how to do this. +**Notes:** +* The STM32MP13 will likely require you to use DDR RAM, as well as enabling MMU and caches for optimum performance. Please see the `STM32MP13.md` file in `wolfcrypt/src/port/st` for more information on how to do this. +* The STM32H7S only has 64KB of onboard flash. Customers typically use an external SPI NOR flash with XIP. The `Template_XIP_Boot` project is flashed to onboard and it starts up the SPI Flash with XIP and loads the application. To use this you need to make sure the option byte `XSPI2_HSLB` is set to enable XSPIM_P2 high speed support, otherwise the MX_EXTMEM_MANAGER_Init() will timeout and fail. ### Creating your own STM32CubeMX configuration @@ -89,6 +93,7 @@ The section for "Hardware platform" may need to be adjusted depending on your pr * To enable STM32L4 support define `WOLFSSL_STM32L4`. * To enable STM32L5 support define `WOLFSSL_STM32L5`. * To enable STM32H7 support define `WOLFSSL_STM32H7`. +* To enable STM32H7S support define `WOLFSSL_STM32H7S`. * To enable STM32WB support define `WOLFSSL_STM32WB`. * To enable STM32WL support define `WOLFSSL_STM32WL`. * To enable STM32U5 support define `WOLFSSL_STM32U5`. @@ -110,6 +115,10 @@ To enable the latest Cube HAL support please define `STM32_HAL_V2`. If you'd like to use the older Standard Peripheral library undefine `WOLFSSL_STM32_CUBEMX`. +## Workarounds + +### STM32F7 AES GCM with pack v1.17.0 or older + With STM32 Cube HAL v2 some AES GCM hardware has a limitation for the AAD header, which must be a multiple of 4 bytes. If your HAL does not support `CRYP_HEADERWIDTHUNIT_BYTE` then consider adding `STM32_AESGCM_PARTIAL` if you are getting AES GCM authentication failures. This bug existed in v1.16.0 or later. The STM32F7 v1.17.0 pack has a bug in the AES GCM code for handling of additional authentication data when not a multiple of 4 bytes. To patch see `stm32f7xx_hal_cryp.c` -> `CRYP_GCMCCM_SetHeaderPhase`: diff --git a/IDE/STM32Cube/STM32_Benchmarks.md b/IDE/STM32Cube/STM32_Benchmarks.md index 674ddabab..51663bf1d 100644 --- a/IDE/STM32Cube/STM32_Benchmarks.md +++ b/IDE/STM32Cube/STM32_Benchmarks.md @@ -1,16 +1,16 @@ # STM Benchmarks -* [STM32H753ZI](#stm32h753zi) -* [STM32WB55](#stm32wb55) -* [STM32WL55](#stm32wl55) * [STM32F437](#stm32f437) +* [STM32F777](#stm32f777) +* [STM32G071RB](#stm32g071rb) +* [STM32H563ZI](#stm32h563zi) +* [STM32H753ZI](#stm32h753zi) +* [STM32H7S3](#stm32h7s3) * [STM32L4A6Z](#stm32l4a6z) * [STM32L562E](#stm32l562e) -* [STM32F777](#stm32f777) * [STM32U585](#stm32u585) -* [STM32H563ZI](#stm32h563zi) -* [STM32G071RB](#stm32g071rb) - +* [STM32WB55](#stm32wb55) +* [STM32WL55](#stm32wl55) ## STM32H753ZI @@ -172,6 +172,142 @@ Benchmark Test: Return code 0 ``` +## STM32H7S3 + +Supports RNG, PKA ECC P-256, AES-GCM/CCM/CTR/CBC and SHA-1/2 acceleration. + +Board: NUCLEO-H7S3L8 +CPU: Cortex-M7 at 600 MHz +IDE: STM32CubeIDE +RTOS: Bare-metal + +### STM32H7S3 (-Os, HW Crypto (AES/HASH/PKA), WOLF_CONF_MATH=3 (sp_c32.c)) + +``` +------------------------------------------------------------------------------ + wolfSSL version 5.7.6 +------------------------------------------------------------------------------ +wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) +RNG 2 MiB took 1.004 seconds, 1.897 MiB/s +AES-128-CBC-enc 16 MiB took 1.000 seconds, 15.747 MiB/s +AES-128-CBC-dec 16 MiB took 1.000 seconds, 15.527 MiB/s +AES-192-CBC-enc 16 MiB took 1.000 seconds, 15.723 MiB/s +AES-192-CBC-dec 16 MiB took 1.000 seconds, 15.527 MiB/s +AES-256-CBC-enc 16 MiB took 1.000 seconds, 15.698 MiB/s +AES-256-CBC-dec 16 MiB took 1.000 seconds, 15.527 MiB/s +AES-128-GCM-enc 1 MiB took 1.012 seconds, 1.037 MiB/s +AES-128-GCM-dec 1 MiB took 1.012 seconds, 1.037 MiB/s +AES-192-GCM-enc 1 MiB took 1.008 seconds, 1.041 MiB/s +AES-192-GCM-dec 1 MiB took 1.012 seconds, 1.037 MiB/s +AES-256-GCM-enc 1 MiB took 1.016 seconds, 1.033 MiB/s +AES-256-GCM-dec 1 MiB took 1.016 seconds, 1.033 MiB/s +AES-128-GCM-enc-no_AAD 1 MiB took 1.004 seconds, 1.046 MiB/s +AES-128-GCM-dec-no_AAD 1 MiB took 1.000 seconds, 1.050 MiB/s +AES-192-GCM-enc-no_AAD 1 MiB took 1.000 seconds, 1.050 MiB/s +AES-192-GCM-dec-no_AAD 1 MiB took 1.019 seconds, 1.054 MiB/s +AES-256-GCM-enc-no_AAD 1 MiB took 1.004 seconds, 1.046 MiB/s +AES-256-GCM-dec-no_AAD 1 MiB took 1.008 seconds, 1.041 MiB/s +GMAC Table 4-bit 2 MiB took 1.000 seconds, 1.716 MiB/s +CHACHA 32 MiB took 1.000 seconds, 31.714 MiB/s +CHA-POLY 15 MiB took 1.000 seconds, 15.308 MiB/s +POLY1305 58 MiB took 1.000 seconds, 57.861 MiB/s +SHA-256 88 MiB took 1.000 seconds, 88.062 MiB/s +HMAC-SHA256 83 MiB took 1.000 seconds, 83.032 MiB/s +RSA 2048 public 352 ops took 1.000 sec, avg 2.841 ms, 352.000 ops/sec +RSA 2048 private 6 ops took 1.004 sec, avg 167.333 ms, 5.976 ops/sec +DH 2048 key gen 15 ops took 1.027 sec, avg 68.467 ms, 14.606 ops/sec +DH 2048 agree 16 ops took 1.113 sec, avg 69.563 ms, 14.376 ops/sec +ECC [ SECP256R1] 256 key gen 60 ops took 1.012 sec, avg 16.867 ms, 59.289 ops/sec +ECDHE [ SECP256R1] 256 agree 60 ops took 1.008 sec, avg 16.800 ms, 59.524 ops/sec +ECDSA [ SECP256R1] 256 sign 106 ops took 1.008 sec, avg 9.509 ms, 105.159 ops/sec +ECDSA [ SECP256R1] 256 verify 100 ops took 1.011 sec, avg 10.110 ms, 98.912 ops/sec +``` + +### STM32H7S3 (-Os, No HW Crypto, WOLF_CONF_ARMASM=1, WOLF_CONF_MATH=6 (sp_int.c)) + +``` +------------------------------------------------------------------------------ + wolfSSL version 5.7.6 +------------------------------------------------------------------------------ +wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) +RNG 4 MiB took 1.000 seconds, 3.516 MiB/s +AES-128-CBC-enc 425 KiB took 1.027 seconds, 413.827 KiB/s +AES-128-CBC-dec 425 KiB took 1.016 seconds, 418.307 KiB/s +AES-192-CBC-enc 350 KiB took 1.015 seconds, 344.828 KiB/s +AES-192-CBC-dec 350 KiB took 1.020 seconds, 343.137 KiB/s +AES-256-CBC-enc 300 KiB took 1.015 seconds, 295.567 KiB/s +AES-256-CBC-dec 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-128-GCM-enc 375 KiB took 1.067 seconds, 351.453 KiB/s +AES-128-GCM-dec 375 KiB took 1.062 seconds, 353.107 KiB/s +AES-192-GCM-enc 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-192-GCM-dec 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-256-GCM-enc 275 KiB took 1.047 seconds, 262.655 KiB/s +AES-256-GCM-dec 275 KiB took 1.051 seconds, 261.656 KiB/s +AES-128-GCM-enc-no_AAD 375 KiB took 1.067 seconds, 351.453 KiB/s +AES-128-GCM-dec-no_AAD 375 KiB took 1.062 seconds, 353.107 KiB/s +AES-192-GCM-enc-no_AAD 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-192-GCM-dec-no_AAD 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-256-GCM-enc-no_AAD 275 KiB took 1.051 seconds, 261.656 KiB/s +AES-256-GCM-dec-no_AAD 275 KiB took 1.051 seconds, 261.656 KiB/s +GMAC Table 4-bit 8 MiB took 1.000 seconds, 8.456 MiB/s +CHACHA 51 MiB took 1.000 seconds, 50.879 MiB/s +CHA-POLY 27 MiB took 1.000 seconds, 27.100 MiB/s +POLY1305 165 MiB took 1.000 seconds, 164.990 MiB/s +SHA-256 16 MiB took 1.000 seconds, 16.382 MiB/s +HMAC-SHA256 16 MiB took 1.000 seconds, 16.187 MiB/s +RSA 2048 public 358 ops took 1.004 sec, avg 2.804 ms, 356.574 ops/sec +RSA 2048 private 6 ops took 1.004 sec, avg 167.333 ms, 5.976 ops/sec +DH 2048 key gen 15 ops took 1.027 sec, avg 68.467 ms, 14.606 ops/sec +DH 2048 agree 16 ops took 1.094 sec, avg 68.375 ms, 14.625 ops/sec +ECC [ SECP256R1] 256 key gen 60 ops took 1.015 sec, avg 16.917 ms, 59.113 ops/sec +ECDHE [ SECP256R1] 256 agree 60 ops took 1.012 sec, avg 16.867 ms, 59.289 ops/sec +ECDSA [ SECP256R1] 256 sign 48 ops took 1.008 sec, avg 21.000 ms, 47.619 ops/sec +ECDSA [ SECP256R1] 256 verify 28 ops took 1.019 sec, avg 36.393 ms, 27.478 ops/sec +``` + +### STM32H7S3 (-Os, No HW Crypto, WOLF_CONF_ARMASM=1, WOLF_CONF_MATH=3 (sp_c32.c)) + +``` +------------------------------------------------------------------------------ + wolfSSL version 5.7.6 +------------------------------------------------------------------------------ +wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) +RNG 4 MiB took 1.004 seconds, 3.939 MiB/s +AES-128-CBC-enc 425 KiB took 1.028 seconds, 413.424 KiB/s +AES-128-CBC-dec 425 KiB took 1.019 seconds, 417.076 KiB/s +AES-192-CBC-enc 350 KiB took 1.016 seconds, 344.488 KiB/s +AES-192-CBC-dec 350 KiB took 1.016 seconds, 344.488 KiB/s +AES-256-CBC-enc 300 KiB took 1.012 seconds, 296.443 KiB/s +AES-256-CBC-dec 300 KiB took 1.012 seconds, 296.443 KiB/s +AES-128-GCM-enc 375 KiB took 1.066 seconds, 351.782 KiB/s +AES-128-GCM-dec 375 KiB took 1.067 seconds, 351.453 KiB/s +AES-192-GCM-enc 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-192-GCM-dec 300 KiB took 1.003 seconds, 299.103 KiB/s +AES-256-GCM-enc 275 KiB took 1.051 seconds, 261.656 KiB/s +AES-256-GCM-dec 275 KiB took 1.051 seconds, 261.656 KiB/s +AES-128-GCM-enc-no_AAD 375 KiB took 1.067 seconds, 351.453 KiB/s +AES-128-GCM-dec-no_AAD 375 KiB took 1.066 seconds, 351.782 KiB/s +AES-192-GCM-enc-no_AAD 300 KiB took 1.000 seconds, 300.000 KiB/s +AES-192-GCM-dec-no_AAD 300 KiB took 1.004 seconds, 298.805 KiB/s +AES-256-GCM-enc-no_AAD 275 KiB took 1.047 seconds, 262.655 KiB/s +AES-256-GCM-dec-no_AAD 275 KiB took 1.051 seconds, 261.656 KiB/s +GMAC Table 4-bit 8 MiB took 1.000 seconds, 8.439 MiB/s +CHACHA 51 MiB took 1.000 seconds, 51.147 MiB/s +CHA-POLY 28 MiB took 1.000 seconds, 27.588 MiB/s +POLY1305 168 MiB took 1.000 seconds, 168.140 MiB/s +SHA-256 16 MiB took 1.000 seconds, 16.333 MiB/s +HMAC-SHA256 16 MiB took 1.000 seconds, 16.016 MiB/s +RSA 2048 public 360 ops took 1.004 sec, avg 2.789 ms, 358.566 ops/sec +RSA 2048 private 6 ops took 1.008 sec, avg 168.000 ms, 5.952 ops/sec +DH 2048 key gen 15 ops took 1.050 sec, avg 70.000 ms, 14.286 ops/sec +DH 2048 agree 16 ops took 1.098 sec, avg 68.625 ms, 14.572 ops/sec +ECC [ SECP256R1] 256 key gen 60 ops took 1.016 sec, avg 16.933 ms, 59.055 ops/sec +ECDHE [ SECP256R1] 256 agree 60 ops took 1.012 sec, avg 16.867 ms, 59.289 ops/sec +ECDSA [ SECP256R1] 256 sign 48 ops took 1.012 sec, avg 21.083 ms, 47.431 ops/sec +ECDSA [ SECP256R1] 256 verify 28 ops took 1.020 sec, avg 36.429 ms, 27.451 ops/sec +``` + + ## STM32WB55 Supports RNG, ECC P-256, AES-CBC and SHA-256 acceleration. diff --git a/IDE/STM32Cube/default_conf.ftl b/IDE/STM32Cube/default_conf.ftl index 73ddbd2dd..c5215604f 100644 --- a/IDE/STM32Cube/default_conf.ftl +++ b/IDE/STM32Cube/default_conf.ftl @@ -102,6 +102,12 @@ extern ${variable.value} ${variable.name}; #undef NO_STM32_CRYPTO #define STM32_HAL_V2 #define HAL_CONSOLE_UART huart3 +#elif defined(STM32H7S3xx) + #define WOLFSSL_STM32H7S + #undef NO_STM32_HASH + #undef NO_STM32_CRYPTO + #define WOLFSSL_STM32_PKA + #define HAL_CONSOLE_UART huart3 #elif defined(STM32H753xx) #define WOLFSSL_STM32H7 #undef NO_STM32_HASH @@ -326,6 +332,10 @@ extern ${variable.value} ${variable.name}; #if defined(WOLF_CONF_DTLS) && WOLF_CONF_DTLS == 1 #define WOLFSSL_DTLS #endif +#if defined(WOLF_CONF_DTLS13) && WOLF_CONF_DTLS13 == 1 + #define WOLFSSL_DTLS13 + #define WOLFSSL_SEND_HRR_COOKIE +#endif #if defined(WOLF_CONF_PSK) && WOLF_CONF_PSK == 0 #define NO_PSK #endif @@ -575,25 +585,25 @@ extern ${variable.value} ${variable.name}; /* NOTE: this is after the hashing section to override the potential SHA3 undef * above. */ #if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1 -#undef WOLFSSL_EXPERIMENTAL_SETTINGS -#define WOLFSSL_EXPERIMENTAL_SETTINGS + #undef WOLFSSL_EXPERIMENTAL_SETTINGS + #define WOLFSSL_EXPERIMENTAL_SETTINGS -#undef WOLFSSL_HAVE_KYBER -#define WOLFSSL_HAVE_KYBER + #undef WOLFSSL_HAVE_KYBER + #define WOLFSSL_HAVE_KYBER -#undef WOLFSSL_WC_KYBER -#define WOLFSSL_WC_KYBER + #undef WOLFSSL_WC_KYBER + #define WOLFSSL_WC_KYBER -#undef WOLFSSL_NO_SHAKE128 -#undef WOLFSSL_SHAKE128 -#define WOLFSSL_SHAKE128 + #undef WOLFSSL_NO_SHAKE128 + #undef WOLFSSL_SHAKE128 + #define WOLFSSL_SHAKE128 -#undef WOLFSSL_NO_SHAKE256 -#undef WOLFSSL_SHAKE256 -#define WOLFSSL_SHAKE256 + #undef WOLFSSL_NO_SHAKE256 + #undef WOLFSSL_SHAKE256 + #define WOLFSSL_SHAKE256 -#undef WOLFSSL_SHA3 -#define WOLFSSL_SHA3 + #undef WOLFSSL_SHA3 + #define WOLFSSL_SHA3 #endif /* WOLF_CONF_KYBER */ /* ------------------------------------------------------------------------- */ @@ -608,6 +618,7 @@ extern ${variable.value} ${variable.name}; #define WOLFSSL_ARMASM_INLINE #define WOLFSSL_ARMASM_NO_HW_CRYPTO #define WOLFSSL_ARMASM_NO_NEON + #define WOLFSSL_ARMASM_THUMB2 #define WOLFSSL_ARM_ARCH 7 /* Disable H/W offloading if accelerating S/W crypto */ #undef NO_STM32_HASH diff --git a/examples/configs/user_settings_stm32.h b/examples/configs/user_settings_stm32.h index a374d9b51..381b9785b 100644 --- a/examples/configs/user_settings_stm32.h +++ b/examples/configs/user_settings_stm32.h @@ -50,6 +50,9 @@ extern "C" { /*---------- WOLF_CONF_DTLS -----------*/ #define WOLF_CONF_DTLS 0 +/*---------- WOLF_CONF_DTLS13 -----------*/ +#define WOLF_CONF_DTLS13 0 + /*---------- WOLF_CONF_MATH -----------*/ #define WOLF_CONF_MATH 4 @@ -119,12 +122,24 @@ extern "C" { /*---------- WOLF_CONF_TEST -----------*/ #define WOLF_CONF_TEST 1 -/*---------- WOLF_CONF_PQM4 -----------*/ -#define WOLF_CONF_PQM4 0 +/*---------- WOLF_CONF_KYBER -----------*/ +#define WOLF_CONF_KYBER 0 /*---------- WOLF_CONF_ARMASM -----------*/ #define WOLF_CONF_ARMASM 1 +/*---------- WOLF_CONF_IO -----------*/ +#define WOLF_CONF_IO 1 + +/*---------- WOLF_CONF_RESUMPTION -----------*/ +#define WOLF_CONF_RESUMPTION 0 + +/*---------- WOLF_CONF_TPM -----------*/ +#define WOLF_CONF_TPM 0 + +/*---------- WOLF_CONF_PK -----------*/ +#define WOLF_CONF_PK 0 + /* ------------------------------------------------------------------------- */ /* Hardware platform */ /* ------------------------------------------------------------------------- */ @@ -166,6 +181,12 @@ extern "C" { #undef NO_STM32_CRYPTO #define STM32_HAL_V2 #define HAL_CONSOLE_UART huart3 +#elif defined(STM32H7S3xx) + #define WOLFSSL_STM32H7S + #undef NO_STM32_HASH + #undef NO_STM32_CRYPTO + #define WOLFSSL_STM32_PKA + #define HAL_CONSOLE_UART huart3 #elif defined(STM32H753xx) #define WOLFSSL_STM32H7 #undef NO_STM32_HASH @@ -229,14 +250,22 @@ extern "C" { #define HAL_CONSOLE_UART huart3 #define STM32_HAL_V2 #undef NO_STM32_HASH - +#elif defined(STM32MP135Fxx) + #define WOLFSSL_STM32MP13 + #define HAL_CONSOLE_UART huart4 + #define STM32_HAL_V2 + #undef NO_STM32_HASH + #undef NO_STM32_CRYPTO + #define WOLFSSL_STM32_PKA + #define WOLFSSL_STM32_PKA_V2 #else #warning Please define a hardware platform! /* This means there is not a pre-defined platform for your board/CPU */ /* You need to define a CPU type, HW crypto and debug UART */ /* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4, WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5, - WOLFSSL_STM32G0, WOLFSSL_STM32WB and WOLFSSL_STM32U5 */ + WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB, WOLFSSL_STM32U5 and + WOLFSSL_STM32MP13 */ #define WOLFSSL_STM32F4 /* Debug UART used for printf */ @@ -263,6 +292,8 @@ extern "C" { #define WOLFSSL_STM32_CUBEMX #define WOLFSSL_SMALL_STACK #define WOLFSSL_IGNORE_FILE_WARN +#define WOLFSSL_WOLFSSH + /* ------------------------------------------------------------------------- */ /* Network stack: 1=User IO (custom), 2=LWIP (posix), 3=LWIP (native) */ @@ -382,6 +413,10 @@ extern "C" { #if defined(WOLF_CONF_DTLS) && WOLF_CONF_DTLS == 1 #define WOLFSSL_DTLS #endif +#if defined(WOLF_CONF_DTLS13) && WOLF_CONF_DTLS13 == 1 + #define WOLFSSL_DTLS13 + #define WOLFSSL_SEND_HRR_COOKIE +#endif #if defined(WOLF_CONF_PSK) && WOLF_CONF_PSK == 0 #define NO_PSK #endif @@ -630,25 +665,25 @@ extern "C" { /* NOTE: this is after the hashing section to override the potential SHA3 undef * above. */ #if defined(WOLF_CONF_KYBER) && WOLF_CONF_KYBER == 1 -#undef WOLFSSL_EXPERIMENTAL_SETTINGS -#define WOLFSSL_EXPERIMENTAL_SETTINGS + #undef WOLFSSL_EXPERIMENTAL_SETTINGS + #define WOLFSSL_EXPERIMENTAL_SETTINGS -#undef WOLFSSL_HAVE_KYBER -#define WOLFSSL_HAVE_KYBER + #undef WOLFSSL_HAVE_KYBER + #define WOLFSSL_HAVE_KYBER -#undef WOLFSSL_WC_KYBER -#define WOLFSSL_WC_KYBER + #undef WOLFSSL_WC_KYBER + #define WOLFSSL_WC_KYBER -#undef WOLFSSL_NO_SHAKE128 -#undef WOLFSSL_SHAKE128 -#define WOLFSSL_SHAKE128 + #undef WOLFSSL_NO_SHAKE128 + #undef WOLFSSL_SHAKE128 + #define WOLFSSL_SHAKE128 -#undef WOLFSSL_NO_SHAKE256 -#undef WOLFSSL_SHAKE256 -#define WOLFSSL_SHAKE256 + #undef WOLFSSL_NO_SHAKE256 + #undef WOLFSSL_SHAKE256 + #define WOLFSSL_SHAKE256 -#undef WOLFSSL_SHA3 -#define WOLFSSL_SHA3 + #undef WOLFSSL_SHA3 + #define WOLFSSL_SHA3 #endif /* WOLF_CONF_KYBER */ /* ------------------------------------------------------------------------- */ @@ -663,6 +698,7 @@ extern "C" { #define WOLFSSL_ARMASM_INLINE #define WOLFSSL_ARMASM_NO_HW_CRYPTO #define WOLFSSL_ARMASM_NO_NEON + #define WOLFSSL_ARMASM_THUMB2 #define WOLFSSL_ARM_ARCH 7 /* Disable H/W offloading if accelerating S/W crypto */ #undef NO_STM32_HASH diff --git a/tests/api.c b/tests/api.c index 3d8024447..f093a3460 100644 --- a/tests/api.c +++ b/tests/api.c @@ -92641,7 +92641,8 @@ static int test_dtls_empty_keyshare_with_cookie(void) static int test_dtls_old_seq_number(void) { EXPECT_DECLS; -#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) +#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \ + !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; struct test_memio_ctx test_ctx; @@ -92694,7 +92695,8 @@ static int test_dtls_old_seq_number(void) static int test_dtls12_missing_finished(void) { EXPECT_DECLS; -#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) +#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \ + !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; @@ -92704,6 +92706,7 @@ static int test_dtls12_missing_finished(void) char test_buf[sizeof(test_str)]; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); + ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); diff --git a/wolfcrypt/src/port/st/stm32.c b/wolfcrypt/src/port/st/stm32.c index ab1fbf8a9..58b612590 100644 --- a/wolfcrypt/src/port/st/stm32.c +++ b/wolfcrypt/src/port/st/stm32.c @@ -61,6 +61,9 @@ #elif defined(WOLFSSL_STM32MP13) #include #include +#elif defined(WOLFSSL_STM32H7S) +#include +#include #else #error Please add the hal_pk.h include #endif diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 3d1c6b6f8..33be791b6 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -292,7 +292,9 @@ const byte const_byte_array[] = "A+Gd\0\0\0"; #include #include #include -#include +#ifdef HAVE_ASCON + #include +#endif #include #include #include diff --git a/wolfssl/wolfcrypt/port/st/stm32.h b/wolfssl/wolfcrypt/port/st/stm32.h index 00d18e161..48c4e3e78 100644 --- a/wolfssl/wolfcrypt/port/st/stm32.h +++ b/wolfssl/wolfcrypt/port/st/stm32.h @@ -173,7 +173,8 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo, #if !defined(STM32_HAL_V2) && defined(CRYP_AES_GCM) && \ (defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32L5) || \ defined(WOLFSSL_STM32H7) || defined(WOLFSSL_STM32U5)) || \ - defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32MP13) + defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32MP13) || \ + defined(WOLFSSL_STM32H7S) #define STM32_HAL_V2 #endif diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index e614276f4..2688960d1 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2096,7 +2096,8 @@ extern void uITRON4_free(void *p) ; defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \ defined(WOLFSSL_STM32G0) || defined(WOLFSSL_STM32U5) || \ defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32WL) || \ - defined(WOLFSSL_STM32G4) || defined(WOLFSSL_STM32MP13) + defined(WOLFSSL_STM32G4) || defined(WOLFSSL_STM32MP13) || \ + defined(WOLFSSL_STM32H7S) #define SIZEOF_LONG_LONG 8 #ifndef CHAR_BIT @@ -2144,6 +2145,8 @@ extern void uITRON4_free(void *p) ; #include "stm32f7xx_hal.h" #elif defined(WOLFSSL_STM32F1) #include "stm32f1xx_hal.h" + #elif defined(WOLFSSL_STM32H7S) + #include "stm32h7rsxx_hal.h" #elif defined(WOLFSSL_STM32H7) #include "stm32h7xx_hal.h" #elif defined(WOLFSSL_STM32WB)