From e260cc6448a8c4d8bb150b46364269d5b76798ec Mon Sep 17 00:00:00 2001 From: edolomb Date: Wed, 11 Apr 2018 16:31:47 +0000 Subject: HTTPS SEC and NSEC demos git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@11881 110e8d01-0319-4d1e-a829-52ad28d1bb01 --- .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/.cproject | 50 ++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/.project | 100 ++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/Makefile | 254 +++++++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/chconf.h | 609 +++++++++++++++++++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/halconf.h | 518 ++++++++++++++++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/mcuconf.h | 143 +++++ .../cfg/user_settings.h | 91 +++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/wolfssl.mk | 95 ++++ ...RT-SAMA5D2-XPLAINED-HTTPS-SEC(Bootstrap).launch | 55 ++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC(DDRAM).launch | 52 ++ ...SAMA5D2-XPLAINED-HTTPS-SEC(Load and Run).launch | 55 ++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/imgs.gdb | 37 ++ .../ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/main.c | 244 +++++++++ .../proxies/tscommon.h | 91 +++ .../proxies/tssockstub.c | 548 ++++++++++++++++++ .../proxies/tssockstub.h | 409 ++++++++++++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/readme.txt | 13 + .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/tsconf.h | 62 +++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.c | 103 ++++ .../RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.h | 61 +++ .../wolfssl_chibios.c | 264 +++++++++ .../wolfssl_chibios.h | 78 +++ 22 files changed, 3932 insertions(+) create mode 100755 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.cproject create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.project create mode 100755 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/Makefile create mode 100755 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/chconf.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/halconf.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/mcuconf.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/user_settings.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/wolfssl.mk create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Bootstrap).launch create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(DDRAM).launch create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Load and Run).launch create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/imgs.gdb create mode 100755 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/main.c create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tscommon.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.c create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.h create mode 100755 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/readme.txt create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tsconf.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.c create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.h create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.c create mode 100644 demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.h (limited to 'demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC') diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.cproject b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.cproject new file mode 100755 index 000000000..4efdf84bb --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.cproject @@ -0,0 +1,50 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.project b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.project new file mode 100644 index 000000000..bf349c50a --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/.project @@ -0,0 +1,100 @@ + + + RT-SAMA5D2-XPLAINED-HTTPS-SEC + + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + ?name? + + + + org.eclipse.cdt.make.core.append_environment + true + + + org.eclipse.cdt.make.core.autoBuildTarget + all + + + org.eclipse.cdt.make.core.buildArguments + -j1 + + + org.eclipse.cdt.make.core.buildCommand + make + + + org.eclipse.cdt.make.core.cleanBuildTarget + clean + + + org.eclipse.cdt.make.core.contents + org.eclipse.cdt.make.core.activeConfigSettings + + + org.eclipse.cdt.make.core.enableAutoBuild + false + + + org.eclipse.cdt.make.core.enableCleanBuild + true + + + org.eclipse.cdt.make.core.enableFullBuild + true + + + org.eclipse.cdt.make.core.fullBuildTarget + all + + + org.eclipse.cdt.make.core.stopOnError + true + + + org.eclipse.cdt.make.core.useDefaultBuildCmd + true + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + board + 2 + CHIBIOS/os/hal/boards/ATSAMA5D2_XULT_SEC + + + os + 2 + CHIBIOS/os + + + wolfssl + 2 + CHIBIOS/ext/wolfssl + + + test + 2 + CHIBIOS/test + + + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/Makefile b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/Makefile new file mode 100755 index 000000000..9681fb092 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/Makefile @@ -0,0 +1,254 @@ +############################################################################## +# Build global options +# NOTE: Can be overridden externally. +# + +# Compiler options here. +ifeq ($(USE_OPT),) + USE_OPT = -Og -ggdb -fomit-frame-pointer -falign-functions=16 +endif + +# C specific options here (added to USE_OPT). +ifeq ($(USE_COPT),) + USE_COPT = -DWOLFSSL_USER_SETTINGS +endif + +# C++ specific options here (added to USE_OPT). +ifeq ($(USE_CPPOPT),) + USE_CPPOPT = -fno-rtti +endif + +# Enable this if you want the linker to remove unused code and data +ifeq ($(USE_LINK_GC),) + USE_LINK_GC = yes +endif + +# Linker extra options here. +ifeq ($(USE_LDOPT),) + USE_LDOPT = +endif + +# Enable this if you want link time optimizations (LTO) +ifeq ($(USE_LTO),) + USE_LTO = yes +endif + +# If enabled, this option allows to compile the application in THUMB mode. +ifeq ($(USE_THUMB),) + USE_THUMB = no +endif + +# Enable this if you want to see the full log while compiling. +ifeq ($(USE_VERBOSE_COMPILE),) + USE_VERBOSE_COMPILE = no +endif + +# If enabled, this option makes the build process faster by not compiling +# modules not used in the current configuration. +ifeq ($(USE_SMART_BUILD),) + USE_SMART_BUILD = yes +endif + +# +# Build global options +############################################################################## + +############################################################################## +# Architecture or project specific options +# + +# Stack size to be allocated to the ARM System/User stack. This +# stack is the stack used by the main() thread. +ifeq ($(USE_SYSTEM_STACKSIZE),) + USE_SYSTEM_STACKSIZE = 0x800 +endif + +# Stack size to the allocated to the ARM IRQ stack. This +# stack is used for processing interrupts and exceptions. +ifeq ($(USE_EXCEPTIONS_STACKSIZE),) + USE_IRQ_STACKSIZE = 0x800 +endif + +# Stack size to the allocated to the ARM FIQ stack. This +# stack is used for processing interrupts and exceptions. +ifeq ($(USE_FIQ_STACKSIZE),) + USE_FIQ_STACKSIZE = 0x800 +endif + +# Stack size to the allocated to the ARM Supervisor stack. This +# stack is used for processing interrupts and exceptions. +ifeq ($(USE_SUPERVISOR_STACKSIZE),) + USE_SUPERVISOR_STACKSIZE = 8 +endif + +# Stack size to the allocated to the ARM Undefined stack. This +# stack is used for processing interrupts and exceptions. +ifeq ($(USE_UND_STACKSIZE),) + USE_UND_STACKSIZE = 8 +endif + +# Stack size to the allocated to the ARM Abort stack. This +# stack is used for processing interrupts and exceptions. +ifeq ($(USE_ABT_STACKSIZE),) + USE_ABT_STACKSIZE = 8 +endif + +# Enables the use of FPU. +ifeq ($(USE_FPU),) + USE_FPU = no +endif + +# +# Architecture or project specific options +############################################################################## + +############################################################################## +# Project, sources and paths +# + +# Define project name here +PROJECT = ch +CONFDIR := ./cfg +BUILDDIR := ./build +DEPDIR := ./.dep + +# Imported source files and paths +CHIBIOS = ../../.. + +# Licensing files. +include $(CHIBIOS)/os/license/license.mk +# Startup files. +include $(CHIBIOS)/os/common/startup/ARMCAx-TZ/compilers/GCC/mk/startup_sama5d2.mk +# HAL-OSAL files (optional). +include $(CHIBIOS)/os/hal/hal.mk +include $(CHIBIOS)/os/hal/ports/SAMA/SAMA5D2x/platform.mk +include $(CHIBIOS)/os/hal/boards/ATSAMA5D2_XULT_SEC/board.mk +include $(CHIBIOS)/os/hal/osal/rt/osal.mk +# RTOS files (optional). +include $(CHIBIOS)/os/rt/rt.mk +include $(CHIBIOS)/os/common/ports/ARMCAx-TZ/compilers/GCC/mk/port_generic.mk +# Other files (optional). +include $(CHIBIOS)/test/lib/test.mk +include $(CHIBIOS)/test/rt/rt_test.mk +include $(CHIBIOS)/test/oslib/oslib_test.mk +include $(CHIBIOS)/os/hal/lib/streams/streams.mk +include cfg/wolfssl.mk + +# Define linker script file here +LDSCRIPT= $(STARTUPLD)/SAMA5D2ddr.ld + +# C sources that can be compiled in ARM or THUMB mode depending on the global +# setting. +CSRC = $(ALLCSRC) \ + $(TESTSRC) \ + $(CHIBIOS)/os/various/evtimer.c \ + $(CHIBIOS)/os/various/syscalls.c \ + tservices.c \ + proxies/tssockstub.c \ + wolfssl_chibios.c main.c + +# C++ sources that can be compiled in ARM or THUMB mode depending on the global +# setting. +CPPSRC = $(ALLCPPSRC) + +# C sources to be compiled in ARM mode regardless of the global setting. +# NOTE: Mixing ARM and THUMB mode enables the -mthumb-interwork compiler +# option that results in lower performance and larger code size. +ACSRC = + +# C++ sources to be compiled in ARM mode regardless of the global setting. +# NOTE: Mixing ARM and THUMB mode enables the -mthumb-interwork compiler +# option that results in lower performance and larger code size. +ACPPSRC = + +# C sources to be compiled in THUMB mode regardless of the global setting. +# NOTE: Mixing ARM and THUMB mode enables the -mthumb-interwork compiler +# option that results in lower performance and larger code size. +TCSRC = + +# C sources to be compiled in THUMB mode regardless of the global setting. +# NOTE: Mixing ARM and THUMB mode enables the -mthumb-interwork compiler +# option that results in lower performance and larger code size. +TCPPSRC = + +# List ASM source files here +ASMSRC = $(ALLASMSRC) +ASMXSRC = $(ALLXASMSRC) + +INCDIR = $(CONFDIR) $(ALLINC) $(TESTINC) \ + $(CHIBIOS)/os/various + +# +# Project, sources and paths +############################################################################## + +############################################################################## +# Compiler settings +# + +MCU = cortex-a5 + +#TRGT = arm-elf- +TRGT = arm-none-eabi- +CC = $(TRGT)gcc +CPPC = $(TRGT)g++ +# Enable loading with g++ only if you need C++ runtime support. +# NOTE: You can use C++ even without C++ support if you are careful. C++ +# runtime support makes code size explode. +LD = $(TRGT)gcc +#LD = $(TRGT)g++ +CP = $(TRGT)objcopy +AS = $(TRGT)gcc -x assembler-with-cpp +AR = $(TRGT)ar +OD = $(TRGT)objdump +SZ = $(TRGT)size +HEX = $(CP) -O ihex +BIN = $(CP) -O binary + +# ARM-specific options here +AOPT = + +# THUMB-specific options here +TOPT = -mthumb -DTHUMB + +# Define C warning options here +CWARN = -Wall -Wextra -Wundef -Wstrict-prototypes + +# Define C++ warning options here +CPPWARN = -Wall -Wextra -Wundef + +# +# Compiler settings +############################################################################## + +############################################################################## +# Start of user section +# + +# List all user C define here, like -D_DEBUG=1 +UDEFS = + +# Define ASM defines here +UADEFS = + +# List all user directories here +UINCDIR = + +# List the user directory to look for the libraries here +ULIBDIR = + +# List all user libraries here +ULIBS = + +# +# End of user defines +############################################################################## + +RULESPATH = $(CHIBIOS)/os/common/startup/ARMCAx-TZ/compilers/GCC +include $(RULESPATH)/rules.mk + +############################################################################## +# MISRA check rule, requires PCLint and the setup files, not provided. +# +misra: + @lint-nt -v -w3 $(DEFS) pclint/co-gcc.lnt pclint/au-misra3.lnt pclint/waivers.lnt $(IINCDIR) $(CSRC) &> misra.txt diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/chconf.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/chconf.h new file mode 100755 index 000000000..6db52ba06 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/chconf.h @@ -0,0 +1,609 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/** + * @file templates/chconf.h + * @brief Configuration file template. + * @details A copy of this file must be placed in each project directory, it + * contains the application specific kernel settings. + * + * @addtogroup config + * @details Kernel related settings and hooks. + * @{ + */ + +#ifndef CHCONF_H +#define CHCONF_H + +#define _CHIBIOS_RT_CONF_ +#define _CHIBIOS_RT_CONF_VER_5_0_ + +/*===========================================================================*/ +/** + * @name System timers settings + * @{ + */ +/*===========================================================================*/ + +/** + * @brief System time counter resolution. + * @note Allowed values are 16 or 32 bits. + */ +#define CH_CFG_ST_RESOLUTION 32 + +/** + * @brief System tick frequency. + * @details Frequency of the system timer that drives the system ticks. This + * setting also defines the system tick time unit. + */ +//#define CH_CFG_ST_FREQUENCY 1000 /* periodic tick.*/ +#define CH_CFG_ST_FREQUENCY (83000000 / 32) /* tick-less.*/ + +/** + * @brief Time intervals data size. + * @note Allowed values are 16, 32 or 64 bits. + */ +#define CH_CFG_INTERVALS_SIZE 32 + +/** + * @brief Time types data size. + * @note Allowed values are 16 or 32 bits. + */ +#define CH_CFG_TIME_TYPES_SIZE 32 + +/** + * @brief Time delta constant for the tick-less mode. + * @note If this value is zero then the system uses the classic + * periodic tick. This value represents the minimum number + * of ticks that is safe to specify in a timeout directive. + * The value one is not valid, timeouts are rounded up to + * this value. + */ +#define CH_CFG_ST_TIMEDELTA 2 + +/** @} */ + +/*===========================================================================*/ +/** + * @name Kernel parameters and options + * @{ + */ +/*===========================================================================*/ + +/** + * @brief Round robin interval. + * @details This constant is the number of system ticks allowed for the + * threads before preemption occurs. Setting this value to zero + * disables the preemption for threads with equal priority and the + * round robin becomes cooperative. Note that higher priority + * threads can still preempt, the kernel is always preemptive. + * @note Disabling the round robin preemption makes the kernel more compact + * and generally faster. + * @note The round robin preemption is not supported in tickless mode and + * must be set to zero in that case. + */ +#define CH_CFG_TIME_QUANTUM 0 + +/** + * @brief Managed RAM size. + * @details Size of the RAM area to be managed by the OS. If set to zero + * then the whole available RAM is used. The core memory is made + * available to the heap allocator and/or can be used directly through + * the simplified core memory allocator. + * + * @note In order to let the OS manage the whole RAM the linker script must + * provide the @p __heap_base__ and @p __heap_end__ symbols. + * @note Requires @p CH_CFG_USE_MEMCORE. + */ +#define CH_CFG_MEMCORE_SIZE 0 + +/** + * @brief Idle thread automatic spawn suppression. + * @details When this option is activated the function @p chSysInit() + * does not spawn the idle thread. The application @p main() + * function becomes the idle thread and must implement an + * infinite loop. + */ +#define CH_CFG_NO_IDLE_THREAD FALSE + +/** @} */ + +/*===========================================================================*/ +/** + * @name Performance options + * @{ + */ +/*===========================================================================*/ + +/** + * @brief OS optimization. + * @details If enabled then time efficient rather than space efficient code + * is used when two possible implementations exist. + * + * @note This is not related to the compiler optimization options. + * @note The default is @p TRUE. + */ +#define CH_CFG_OPTIMIZE_SPEED TRUE + +/** @} */ + +/*===========================================================================*/ +/** + * @name Subsystem options + * @{ + */ +/*===========================================================================*/ + +/** + * @brief Time Measurement APIs. + * @details If enabled then the time measurement APIs are included in + * the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_TM FALSE + +/** + * @brief Threads registry APIs. + * @details If enabled then the registry APIs are included in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_REGISTRY TRUE + +/** + * @brief Threads synchronization APIs. + * @details If enabled then the @p chThdWait() function is included in + * the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_WAITEXIT TRUE + +/** + * @brief Semaphores APIs. + * @details If enabled then the Semaphores APIs are included in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_SEMAPHORES TRUE + +/** + * @brief Semaphores queuing mode. + * @details If enabled then the threads are enqueued on semaphores by + * priority rather than in FIFO order. + * + * @note The default is @p FALSE. Enable this if you have special + * requirements. + * @note Requires @p CH_CFG_USE_SEMAPHORES. + */ +#define CH_CFG_USE_SEMAPHORES_PRIORITY FALSE + +/** + * @brief Mutexes APIs. + * @details If enabled then the mutexes APIs are included in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_MUTEXES TRUE + +/** + * @brief Enables recursive behavior on mutexes. + * @note Recursive mutexes are heavier and have an increased + * memory footprint. + * + * @note The default is @p FALSE. + * @note Requires @p CH_CFG_USE_MUTEXES. + */ +#define CH_CFG_USE_MUTEXES_RECURSIVE FALSE + +/** + * @brief Conditional Variables APIs. + * @details If enabled then the conditional variables APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_MUTEXES. + */ +#define CH_CFG_USE_CONDVARS TRUE + +/** + * @brief Conditional Variables APIs with timeout. + * @details If enabled then the conditional variables APIs with timeout + * specification are included in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_CONDVARS. + */ +#define CH_CFG_USE_CONDVARS_TIMEOUT TRUE + +/** + * @brief Events Flags APIs. + * @details If enabled then the event flags APIs are included in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_EVENTS TRUE + +/** + * @brief Events Flags APIs with timeout. + * @details If enabled then the events APIs with timeout specification + * are included in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_EVENTS. + */ +#define CH_CFG_USE_EVENTS_TIMEOUT TRUE + +/** + * @brief Synchronous Messages APIs. + * @details If enabled then the synchronous messages APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_MESSAGES TRUE + +/** + * @brief Synchronous Messages queuing mode. + * @details If enabled then messages are served by priority rather than in + * FIFO order. + * + * @note The default is @p FALSE. Enable this if you have special + * requirements. + * @note Requires @p CH_CFG_USE_MESSAGES. + */ +#define CH_CFG_USE_MESSAGES_PRIORITY FALSE + +/** + * @brief Mailboxes APIs. + * @details If enabled then the asynchronous messages (mailboxes) APIs are + * included in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_SEMAPHORES. + */ +#define CH_CFG_USE_MAILBOXES TRUE + +/** + * @brief Core Memory Manager APIs. + * @details If enabled then the core memory manager APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_MEMCORE TRUE + +/** + * @brief Heap Allocator APIs. + * @details If enabled then the memory heap allocator APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_MEMCORE and either @p CH_CFG_USE_MUTEXES or + * @p CH_CFG_USE_SEMAPHORES. + * @note Mutexes are recommended. + */ +#define CH_CFG_USE_HEAP TRUE + +/** + * @brief Memory Pools Allocator APIs. + * @details If enabled then the memory pools allocator APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_MEMPOOLS TRUE + +/** + * @brief Objects FIFOs APIs. + * @details If enabled then the objects FIFOs APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + */ +#define CH_CFG_USE_OBJ_FIFOS TRUE + +/** + * @brief Dynamic Threads APIs. + * @details If enabled then the dynamic threads creation APIs are included + * in the kernel. + * + * @note The default is @p TRUE. + * @note Requires @p CH_CFG_USE_WAITEXIT. + * @note Requires @p CH_CFG_USE_HEAP and/or @p CH_CFG_USE_MEMPOOLS. + */ +#define CH_CFG_USE_DYNAMIC TRUE + +/** @} */ + +/*===========================================================================*/ +/** + * @name Objects factory options + * @{ + */ +/*===========================================================================*/ + +/** + * @brief Objects Factory APIs. + * @details If enabled then the objects factory APIs are included in the + * kernel. + * + * @note The default is @p FALSE. + */ +#define CH_CFG_USE_FACTORY TRUE + +/** + * @brief Maximum length for object names. + * @details If the specified length is zero then the name is stored by + * pointer but this could have unintended side effects. + */ +#define CH_CFG_FACTORY_MAX_NAMES_LENGTH 8 + +/** + * @brief Enables the registry of generic objects. + */ +#define CH_CFG_FACTORY_OBJECTS_REGISTRY TRUE + +/** + * @brief Enables factory for generic buffers. + */ +#define CH_CFG_FACTORY_GENERIC_BUFFERS TRUE + +/** + * @brief Enables factory for semaphores. + */ +#define CH_CFG_FACTORY_SEMAPHORES TRUE + +/** + * @brief Enables factory for mailboxes. + */ +#define CH_CFG_FACTORY_MAILBOXES TRUE + +/** + * @brief Enables factory for objects FIFOs. + */ +#define CH_CFG_FACTORY_OBJ_FIFOS TRUE + +/** @} */ + +/*===========================================================================*/ +/** + * @name Debug options + * @{ + */ +/*===========================================================================*/ + +/** + * @brief Debug option, kernel statistics. + * + * @note The default is @p FALSE. + */ +#define CH_DBG_STATISTICS FALSE + +/** + * @brief Debug option, system state check. + * @details If enabled the correct call protocol for system APIs is checked + * at runtime. + * + * @note The default is @p FALSE. + */ +#define CH_DBG_SYSTEM_STATE_CHECK TRUE + +/** + * @brief Debug option, parameters checks. + * @details If enabled then the checks on the API functions input + * parameters are activated. + * + * @note The default is @p FALSE. + */ +#define CH_DBG_ENABLE_CHECKS TRUE + +/** + * @brief Debug option, consistency checks. + * @details If enabled then all the assertions in the kernel code are + * activated. This includes consistency checks inside the kernel, + * runtime anomalies and port-defined checks. + * + * @note The default is @p FALSE. + */ +#define CH_DBG_ENABLE_ASSERTS TRUE + +/** + * @brief Debug option, trace buffer. + * @details If enabled then the trace buffer is activated. + * + * @note The default is @p CH_DBG_TRACE_MASK_DISABLED. + */ +#define CH_DBG_TRACE_MASK CH_DBG_TRACE_MASK_DISABLED + +/** + * @brief Trace buffer entries. + * @note The trace buffer is only allocated if @p CH_DBG_TRACE_MASK is + * different from @p CH_DBG_TRACE_MASK_DISABLED. + */ +#define CH_DBG_TRACE_BUFFER_SIZE 128 + +/** + * @brief Debug option, stack checks. + * @details If enabled then a runtime stack check is performed. + * + * @note The default is @p FALSE. + * @note The stack check is performed in a architecture/port dependent way. + * It may not be implemented or some ports. + * @note The default failure mode is to halt the system with the global + * @p panic_msg variable set to @p NULL. + */ +#define CH_DBG_ENABLE_STACK_CHECK FALSE + +/** + * @brief Debug option, stacks initialization. + * @details If enabled then the threads working area is filled with a byte + * value when a thread is created. This can be useful for the + * runtime measurement of the used stack. + * + * @note The default is @p FALSE. + */ +#define CH_DBG_FILL_THREADS FALSE + +/** + * @brief Debug option, threads profiling. + * @details If enabled then a field is added to the @p thread_t structure that + * counts the system ticks occurred while executing the thread. + * + * @note The default is @p FALSE. + * @note This debug option is not currently compatible with the + * tickless mode. + */ +#define CH_DBG_THREADS_PROFILING FALSE + +/** @} */ + +/*===========================================================================*/ +/** + * @name Kernel hooks + * @{ + */ +/*===========================================================================*/ + +/** + * @brief System structure extension. + * @details User fields added to the end of the @p ch_system_t structure. + */ +#define CH_CFG_SYSTEM_EXTRA_FIELDS \ + /* Add threads custom fields here.*/ + +/** + * @brief System initialization hook. + * @details User initialization code added to the @p chSysInit() function + * just before interrupts are enabled globally. + */ +#define CH_CFG_SYSTEM_INIT_HOOK(tp) { \ + /* Add threads initialization code here.*/ \ +} + +/** + * @brief Threads descriptor structure extension. + * @details User fields added to the end of the @p thread_t structure. + */ +#define CH_CFG_THREAD_EXTRA_FIELDS \ + /* Add threads custom fields here.*/ + +/** + * @brief Threads initialization hook. + * @details User initialization code added to the @p _thread_init() function. + * + * @note It is invoked from within @p _thread_init() and implicitly from all + * the threads creation APIs. + */ +#define CH_CFG_THREAD_INIT_HOOK(tp) { \ + /* Add threads initialization code here.*/ \ +} + +/** + * @brief Threads finalization hook. + * @details User finalization code added to the @p chThdExit() API. + */ +#define CH_CFG_THREAD_EXIT_HOOK(tp) { \ + /* Add threads finalization code here.*/ \ +} + +/** + * @brief Context switch hook. + * @details This hook is invoked just before switching between threads. + */ +#define CH_CFG_CONTEXT_SWITCH_HOOK(ntp, otp) { \ + /* Context switch code here.*/ \ +} + +/** + * @brief ISR enter hook. + */ +#define CH_CFG_IRQ_PROLOGUE_HOOK() { \ + /* IRQ prologue code here.*/ \ +} + +/** + * @brief ISR exit hook. + */ +#define CH_CFG_IRQ_EPILOGUE_HOOK() { \ + /* IRQ epilogue code here.*/ \ +} + +/** + * @brief Idle thread enter hook. + * @note This hook is invoked within a critical zone, no OS functions + * should be invoked from here. + * @note This macro can be used to activate a power saving mode. + */ +#define CH_CFG_IDLE_ENTER_HOOK() { \ + /* Idle-enter code here.*/ \ +} + +/** + * @brief Idle thread leave hook. + * @note This hook is invoked within a critical zone, no OS functions + * should be invoked from here. + * @note This macro can be used to deactivate a power saving mode. + */ +#define CH_CFG_IDLE_LEAVE_HOOK() { \ + /* Idle-leave code here.*/ \ +} + +/** + * @brief Idle Loop hook. + * @details This hook is continuously invoked by the idle thread loop. + */ +#define CH_CFG_IDLE_LOOP_HOOK() { \ + /* Idle loop code here.*/ \ +} + +/** + * @brief System tick event hook. + * @details This hook is invoked in the system tick handler immediately + * after processing the virtual timers queue. + */ +#define CH_CFG_SYSTEM_TICK_HOOK() { \ + /* System tick event code here.*/ \ +} + +/** + * @brief System halt hook. + * @details This hook is invoked in case to a system halting error before + * the system is halted. + */ +#define CH_CFG_SYSTEM_HALT_HOOK(reason) { \ + /* System halt code here.*/ \ +} + +/** + * @brief Trace hook. + * @details This hook is invoked each time a new record is written in the + * trace buffer. + */ +#define CH_CFG_TRACE_HOOK(tep) { \ + /* Trace code here.*/ \ +} + +/** @} */ + +/*===========================================================================*/ +/* Port-specific settings (override port settings defaulted in chcore.h). */ +/*===========================================================================*/ + +#endif /* CHCONF_H */ + +/** @} */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/halconf.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/halconf.h new file mode 100644 index 000000000..b4d277047 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/halconf.h @@ -0,0 +1,518 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/** + * @file templates/halconf.h + * @brief HAL configuration header. + * @details HAL configuration file, this file allows to enable or disable the + * various device drivers from your application. You may also use + * this file in order to override the device drivers default settings. + * + * @addtogroup HAL_CONF + * @{ + */ + +#ifndef HALCONF_H +#define HALCONF_H + +#define _CHIBIOS_HAL_CONF_ +#define _CHIBIOS_HAL_CONF_VER_6_0_ + +#include "mcuconf.h" + +/** + * @brief Enables the PAL subsystem. + */ +#if !defined(HAL_USE_PAL) || defined(__DOXYGEN__) +#define HAL_USE_PAL TRUE +#endif + +/** + * @brief Enables the ADC subsystem. + */ +#if !defined(HAL_USE_ADC) || defined(__DOXYGEN__) +#define HAL_USE_ADC FALSE +#endif + +/** + * @brief Enables the CAN subsystem. + */ +#if !defined(HAL_USE_CAN) || defined(__DOXYGEN__) +#define HAL_USE_CAN FALSE +#endif + +/** + * @brief Enables the cryptographic subsystem. + */ +#if !defined(HAL_USE_CRY) || defined(__DOXYGEN__) +#define HAL_USE_CRY FALSE +#endif + +/** + * @brief Enables the DAC subsystem. + */ +#if !defined(HAL_USE_DAC) || defined(__DOXYGEN__) +#define HAL_USE_DAC FALSE +#endif + +/** + * @brief Enables the EXT subsystem. + */ +#if !defined(HAL_USE_EXT) || defined(__DOXYGEN__) +#define HAL_USE_EXT FALSE +#endif + +/** + * @brief Enables the GPT subsystem. + */ +#if !defined(HAL_USE_GPT) || defined(__DOXYGEN__) +#define HAL_USE_GPT FALSE +#endif + +/** + * @brief Enables the I2C subsystem. + */ +#if !defined(HAL_USE_I2C) || defined(__DOXYGEN__) +#define HAL_USE_I2C FALSE +#endif + +/** + * @brief Enables the I2S subsystem. + */ +#if !defined(HAL_USE_I2S) || defined(__DOXYGEN__) +#define HAL_USE_I2S FALSE +#endif + +/** + * @brief Enables the ICU subsystem. + */ +#if !defined(HAL_USE_ICU) || defined(__DOXYGEN__) +#define HAL_USE_ICU FALSE +#endif + +/** + * @brief Enables the MAC subsystem. + */ +#if !defined(HAL_USE_MAC) || defined(__DOXYGEN__) +#define HAL_USE_MAC FALSE +#endif + +/** + * @brief Enables the MMC_SPI subsystem. + */ +#if !defined(HAL_USE_MMC_SPI) || defined(__DOXYGEN__) +#define HAL_USE_MMC_SPI FALSE +#endif + +/** + * @brief Enables the PWM subsystem. + */ +#if !defined(HAL_USE_PWM) || defined(__DOXYGEN__) +#define HAL_USE_PWM FALSE +#endif + +/** + * @brief Enables the QSPI subsystem. + */ +#if !defined(HAL_USE_QSPI) || defined(__DOXYGEN__) +#define HAL_USE_QSPI FALSE +#endif + +/** + * @brief Enables the RTC subsystem. + */ +#if !defined(HAL_USE_RTC) || defined(__DOXYGEN__) +#define HAL_USE_RTC TRUE +#endif + +/** + * @brief Enables the SDC subsystem. + */ +#if !defined(HAL_USE_SDC) || defined(__DOXYGEN__) +#define HAL_USE_SDC FALSE +#endif + +/** + * @brief Enables the SERIAL subsystem. + */ +#if !defined(HAL_USE_SERIAL) || defined(__DOXYGEN__) +#define HAL_USE_SERIAL TRUE +#endif + +/** + * @brief Enables the SERIAL over USB subsystem. + */ +#if !defined(HAL_USE_SERIAL_USB) || defined(__DOXYGEN__) +#define HAL_USE_SERIAL_USB FALSE +#endif + +/** + * @brief Enables the SPI subsystem. + */ +#if !defined(HAL_USE_SPI) || defined(__DOXYGEN__) +#define HAL_USE_SPI FALSE +#endif + +/** + * @brief Enables the UART subsystem. + */ +#if !defined(HAL_USE_UART) || defined(__DOXYGEN__) +#define HAL_USE_UART FALSE +#endif + +/** + * @brief Enables the USB subsystem. + */ +#if !defined(HAL_USE_USB) || defined(__DOXYGEN__) +#define HAL_USE_USB FALSE +#endif + +/** + * @brief Enables the WDG subsystem. + */ +#if !defined(HAL_USE_WDG) || defined(__DOXYGEN__) +#define HAL_USE_WDG FALSE +#endif + +/*===========================================================================*/ +/* PAL driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(PAL_USE_CALLBACKS) || defined(__DOXYGEN__) +#define PAL_USE_CALLBACKS FALSE +#endif + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(PAL_USE_WAIT) || defined(__DOXYGEN__) +#define PAL_USE_WAIT FALSE +#endif + +/*===========================================================================*/ +/* ADC driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(ADC_USE_WAIT) || defined(__DOXYGEN__) +#define ADC_USE_WAIT TRUE +#endif + +/** + * @brief Enables the @p adcAcquireBus() and @p adcReleaseBus() APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(ADC_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define ADC_USE_MUTUAL_EXCLUSION TRUE +#endif + +/*===========================================================================*/ +/* CAN driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Sleep mode related APIs inclusion switch. + */ +#if !defined(CAN_USE_SLEEP_MODE) || defined(__DOXYGEN__) +#define CAN_USE_SLEEP_MODE TRUE +#endif + +/** + * @brief Enforces the driver to use direct callbacks rather than OSAL events. + */ +#if !defined(CAN_ENFORCE_USE_CALLBACKS) || defined(__DOXYGEN__) +#define CAN_ENFORCE_USE_CALLBACKS FALSE +#endif + +/*===========================================================================*/ +/* CRY driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables the SW fall-back of the cryptographic driver. + * @details When enabled, this option, activates a fall-back software + * implementation for algorithms not supported by the underlying + * hardware. + * @note Fall-back implementations may not be present for all algorithms. + */ +#if !defined(HAL_CRY_USE_FALLBACK) || defined(__DOXYGEN__) +#define HAL_CRY_USE_FALLBACK FALSE +#endif + +/** + * @brief Makes the driver forcibly use the fall-back implementations. + */ +#if !defined(HAL_CRY_ENFORCE_FALLBACK) || defined(__DOXYGEN__) +#define HAL_CRY_ENFORCE_FALLBACK FALSE +#endif + +/*===========================================================================*/ +/* DAC driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(DAC_USE_WAIT) || defined(__DOXYGEN__) +#define DAC_USE_WAIT TRUE +#endif + +/** + * @brief Enables the @p dacAcquireBus() and @p dacReleaseBus() APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(DAC_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define DAC_USE_MUTUAL_EXCLUSION TRUE +#endif + +/*===========================================================================*/ +/* I2C driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables the mutual exclusion APIs on the I2C bus. + */ +#if !defined(I2C_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define I2C_USE_MUTUAL_EXCLUSION TRUE +#endif + +/*===========================================================================*/ +/* MAC driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables the zero-copy API. + */ +#if !defined(MAC_USE_ZERO_COPY) || defined(__DOXYGEN__) +#define MAC_USE_ZERO_COPY FALSE +#endif + +/** + * @brief Enables an event sources for incoming packets. + */ +#if !defined(MAC_USE_EVENTS) || defined(__DOXYGEN__) +#define MAC_USE_EVENTS TRUE +#endif + +/*===========================================================================*/ +/* MMC_SPI driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Delays insertions. + * @details If enabled this options inserts delays into the MMC waiting + * routines releasing some extra CPU time for the threads with + * lower priority, this may slow down the driver a bit however. + * This option is recommended also if the SPI driver does not + * use a DMA channel and heavily loads the CPU. + */ +#if !defined(MMC_NICE_WAITING) || defined(__DOXYGEN__) +#define MMC_NICE_WAITING TRUE +#endif + +/*===========================================================================*/ +/* QSPI driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(QSPI_USE_WAIT) || defined(__DOXYGEN__) +#define QSPI_USE_WAIT TRUE +#endif + +/** + * @brief Enables the @p qspiAcquireBus() and @p qspiReleaseBus() APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(QSPI_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define QSPI_USE_MUTUAL_EXCLUSION TRUE +#endif + +/*===========================================================================*/ +/* SDC driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Number of initialization attempts before rejecting the card. + * @note Attempts are performed at 10mS intervals. + */ +#if !defined(SDC_INIT_RETRY) || defined(__DOXYGEN__) +#define SDC_INIT_RETRY 100 +#endif + +/** + * @brief Include support for MMC cards. + * @note MMC support is not yet implemented so this option must be kept + * at @p FALSE. + */ +#if !defined(SDC_MMC_SUPPORT) || defined(__DOXYGEN__) +#define SDC_MMC_SUPPORT FALSE +#endif + +/** + * @brief Delays insertions. + * @details If enabled this options inserts delays into the MMC waiting + * routines releasing some extra CPU time for the threads with + * lower priority, this may slow down the driver a bit however. + */ +#if !defined(SDC_NICE_WAITING) || defined(__DOXYGEN__) +#define SDC_NICE_WAITING TRUE +#endif + +/** + * @brief OCR initialization constant for V20 cards. + */ +#if !defined(SDC_INIT_OCR_V20) || defined(__DOXYGEN__) +#define SDC_INIT_OCR_V20 0x50FF8000U +#endif + +/** + * @brief OCR initialization constant for non-V20 cards. + */ +#if !defined(SDC_INIT_OCR) || defined(__DOXYGEN__) +#define SDC_INIT_OCR 0x80100000U +#endif + +/*===========================================================================*/ +/* SERIAL driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Default bit rate. + * @details Configuration parameter, this is the baud rate selected for the + * default configuration. + */ +#if !defined(SERIAL_DEFAULT_BITRATE) || defined(__DOXYGEN__) +#define SERIAL_DEFAULT_BITRATE 38400 +#endif + +/** + * @brief Serial buffers size. + * @details Configuration parameter, you can change the depth of the queue + * buffers depending on the requirements of your application. + * @note The default is 16 bytes for both the transmission and receive + * buffers. + */ +#if !defined(SERIAL_BUFFERS_SIZE) || defined(__DOXYGEN__) +#define SERIAL_BUFFERS_SIZE 16 +#endif + +/*===========================================================================*/ +/* SERIAL_USB driver related setting. */ +/*===========================================================================*/ + +/** + * @brief Serial over USB buffers size. + * @details Configuration parameter, the buffer size must be a multiple of + * the USB data endpoint maximum packet size. + * @note The default is 256 bytes for both the transmission and receive + * buffers. + */ +#if !defined(SERIAL_USB_BUFFERS_SIZE) || defined(__DOXYGEN__) +#define SERIAL_USB_BUFFERS_SIZE 256 +#endif + +/** + * @brief Serial over USB number of buffers. + * @note The default is 2 buffers. + */ +#if !defined(SERIAL_USB_BUFFERS_NUMBER) || defined(__DOXYGEN__) +#define SERIAL_USB_BUFFERS_NUMBER 2 +#endif + +/*===========================================================================*/ +/* SPI driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(SPI_USE_WAIT) || defined(__DOXYGEN__) +#define SPI_USE_WAIT TRUE +#endif + +/** + * @brief Enables circular transfers APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(SPI_USE_CIRCULAR) || defined(__DOXYGEN__) +#define SPI_USE_CIRCULAR FALSE +#endif + + +/** + * @brief Enables the @p spiAcquireBus() and @p spiReleaseBus() APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(SPI_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define SPI_USE_MUTUAL_EXCLUSION TRUE +#endif + +/** + * @brief Handling method for SPI CS line. + * @note Disabling this option saves both code and data space. + */ +#if !defined(SPI_SELECT_MODE) || defined(__DOXYGEN__) +#define SPI_SELECT_MODE SPI_SELECT_MODE_PAD +#endif + +/*===========================================================================*/ +/* UART driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(UART_USE_WAIT) || defined(__DOXYGEN__) +#define UART_USE_WAIT FALSE +#endif + +/** + * @brief Enables the @p uartAcquireBus() and @p uartReleaseBus() APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(UART_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__) +#define UART_USE_MUTUAL_EXCLUSION FALSE +#endif + +/*===========================================================================*/ +/* USB driver related settings. */ +/*===========================================================================*/ + +/** + * @brief Enables synchronous APIs. + * @note Disabling this option saves both code and data space. + */ +#if !defined(USB_USE_WAIT) || defined(__DOXYGEN__) +#define USB_USE_WAIT FALSE +#endif + +#endif /* HALCONF_H */ + +/** @} */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/mcuconf.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/mcuconf.h new file mode 100644 index 000000000..4af515d48 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/mcuconf.h @@ -0,0 +1,143 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +#ifndef MCUCONF_H +#define MCUCONF_H + +#define SAMA5D2x_MCUCONF + +/* + * HAL driver system settings. + */ +#define SAMA_HAL_IS_SECURE TRUE +#define SAMA_NO_INIT TRUE +#define SAMA_MOSCRC_ENABLED FALSE +#define SAMA_MOSCXT_ENABLED TRUE +#define SAMA_MOSC_SEL SAMA_MOSC_MOSCXT +#define SAMA_OSC_SEL SAMA_OSC_OSCXT +#define SAMA_MCK_SEL SAMA_MCK_PLLA_CLK +#define SAMA_MCK_PRES_VALUE 1 +#define SAMA_MCK_MDIV_VALUE 3 +#define SAMA_PLLA_MUL_VALUE 83 +#define SAMA_PLLADIV2_EN TRUE +#define SAMA_H64MX_H32MX_RATIO 2 + +/* + * SPI driver system settings. + */ +#define SAMA_SPI_USE_SPI0 FALSE +#define SAMA_SPI_USE_SPI1 FALSE +#define SAMA_SPI_USE_FLEXCOM0 FALSE +#define SAMA_SPI_USE_FLEXCOM1 FALSE +#define SAMA_SPI_USE_FLEXCOM2 FALSE +#define SAMA_SPI_USE_FLEXCOM3 FALSE +#define SAMA_SPI_USE_FLEXCOM4 FALSE +#define SAMA_SPI_SPI0_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_SPI1_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_FLEXCOM0_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_FLEXCOM1_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_FLEXCOM2_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_FLEXCOM3_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_FLEXCOM4_DMA_IRQ_PRIORITY 4 +#define SAMA_SPI_DMA_ERROR_HOOK(spip) osalSysHalt("DMA failure") + +/* + * SERIAL driver system settings. + */ +#define SAMA_SERIAL_USE_UART0 FALSE +#define SAMA_SERIAL_USE_UART1 TRUE +#define SAMA_SERIAL_USE_UART2 FALSE +#define SAMA_SERIAL_USE_UART3 FALSE +#define SAMA_SERIAL_USE_UART4 FALSE +#define SAMA_SERIAL_USE_UART5 FALSE +#define SAMA_SERIAL_USE_FLEXCOM0 FALSE +#define SAMA_SERIAL_USE_FLEXCOM1 FALSE +#define SAMA_SERIAL_USE_FLEXCOM2 FALSE +#define SAMA_SERIAL_USE_FLEXCOM3 FALSE +#define SAMA_SERIAL_USE_FLEXCOM4 FALSE +#define SAMA_SERIAL_UART0_IRQ_PRIORITY 4 +#define SAMA_SERIAL_UART1_IRQ_PRIORITY 4 +#define SAMA_SERIAL_UART2_IRQ_PRIORITY 4 +#define SAMA_SERIAL_UART3_IRQ_PRIORITY 4 +#define SAMA_SERIAL_UART4_IRQ_PRIORITY 4 +#define SAMA_SERIAL_FLEXCOM0_IRQ_PRIORITY 4 +#define SAMA_SERIAL_FLEXCOM1_IRQ_PRIORITY 4 +#define SAMA_SERIAL_FLEXCOM2_IRQ_PRIORITY 4 +#define SAMA_SERIAL_FLEXCOM3_IRQ_PRIORITY 4 +#define SAMA_SERIAL_FLEXCOM4_IRQ_PRIORITY 4 + +/* + * ST driver settings. + */ +#define SAMA_ST_USE_PIT FALSE +#define SAMA_ST_USE_TC0 FALSE +#define SAMA_ST_USE_TC1 TRUE + +/* + * SECUMOD driver settings. + */ +#define HAL_USE_SECUMOD FALSE + +/* + * SDMMC driver settings. + */ +#define HAL_USE_SDMMC FALSE + +/* + * TC driver system settings. + */ +#define HAL_USE_TC FALSE +#define SAMA_USE_TC0 FALSE +#define SAMA_USE_TC1 FALSE +#define SAMA_TC0_IRQ_PRIORITY 2 +#define SAMA_TC1_IRQ_PRIORITY 2 + +/* + * UART driver system settings. + */ +#define SAMA_UART_USE_UART0 FALSE +#define SAMA_UART_USE_UART1 FALSE +#define SAMA_UART_USE_UART2 FALSE +#define SAMA_UART_USE_UART3 FALSE +#define SAMA_UART_USE_UART4 FALSE +#define SAMA_UART_USE_FLEXCOM0 FALSE +#define SAMA_UART_USE_FLEXCOM1 FALSE +#define SAMA_UART_USE_FLEXCOM2 FALSE +#define SAMA_UART_USE_FLEXCOM3 FALSE +#define SAMA_UART_USE_FLEXCOM4 FALSE +#define SAMA_UART_UART0_IRQ_PRIORITY 4 +#define SAMA_UART_UART1_IRQ_PRIORITY 4 +#define SAMA_UART_UART2_IRQ_PRIORITY 4 +#define SAMA_UART_UART3_IRQ_PRIORITY 4 +#define SAMA_UART_UART4_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM0_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM1_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM2_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM3_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM4_IRQ_PRIORITY 4 +#define SAMA_UART_UART0_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_UART1_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_UART2_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_UART3_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_UART4_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM0_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM1_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM2_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM3_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_FLEXCOM4_DMA_IRQ_PRIORITY 4 +#define SAMA_UART_DMA_ERROR_HOOK(uartp) osalSysHalt("DMA failure") + +#endif /* MCUCONF_H */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/user_settings.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/user_settings.h new file mode 100644 index 000000000..006ad54e6 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/user_settings.h @@ -0,0 +1,91 @@ +#include + +/* Configuration */ + +#define WOLFSSL_GENERAL_ALIGNMENT 4 +#define HAVE_TM_TYPE + +/* ChibiOS + Lwip */ +#define HAVE_LWIP_NATIVE +#define WOLFSSL_CHIBIOS +#define USER_TICKS +#define WOLFSSL_USER_CURRTIME +#define XMALLOC_OVERRIDE +//#define USE_WOLF_TIME_T +#define XTIME(tl) (epochTime()) + +/* Lwip API used with wolfssl */ +#define WOLFSSL_USE_SOCKET +//#define WOLFSSL_USE_NETCONN + +//#define WOLFCRYPT_ONLY + +/* ARM */ + +#define RSA_LOW_MEM +#define NO_OLD_RNGNAME +#define NO_OLD_WC_NAMES +#define SMALL_SESSION_CACHE +#define WOLFSSL_SMALL_STACK + +#define TFM_ARM +#define SINGLE_THREADED +#define NO_SIG_WRAPPER + +/* Cipher features */ +//#define USE_FAST_MATH +//#define ALT_ECC_SIZE + +#define HAVE_TLS_EXTENSIONS +#define HAVE_FFDHE_2048 +#define HAVE_CHACHA +#define HAVE_POLY1305 +#define HAVE_ECC +#define HAVE_CURVE25519 +#define CURVED25519_SMALL +#define HAVE_ONE_TIME_AUTH +#define WOLFSSL_DH_CONST + +/* HW RNG support */ + +//unsigned int chibios_rand_generate(void); +//int custom_rand_generate_block(unsigned char* output, unsigned int sz); + +//#define CUSTOM_RAND_GENERATE chibios_rand_generate +//#define CUSTOM_RAND_TYPE uint32_t + +#define HAVE_ED25519 +#define HAVE_POLY1305 +#define HAVE_SHA512 +#define WOLFSSL_SHA512 + +/* Size/speed config */ +//#define USE_SLOW_SHA2 + +/* Robustness */ +#define TFM_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT +#define WC_RSA_BLINDING + +#define WOLFSSL_STATIC_RSA + +/* Remove Features */ +#define NO_WRITEV +//#define NO_DEV_RANDOM +#define NO_FILESYSTEM +//#define NO_CERTS +#define NO_MAIN_DRIVER +#define NO_MD4 +#define NO_RABBIT +#define NO_HC128 +#define NO_DSA +#define NO_PWDBASED +#define NO_PSK +#define NO_64BIT +#define NO_DES3 +#define NO_RC4 + +/* Realloc (to use without USE_FAST_MATH) */ + +void *chHeapRealloc (void *addr, uint32_t size); +#define XREALLOC(p,n,h,t) chHeapRealloc( (p) , (n) ) diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/wolfssl.mk b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/wolfssl.mk new file mode 100644 index 000000000..5884b876b --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/cfg/wolfssl.mk @@ -0,0 +1,95 @@ +# List of the required lwIP files. +WOLFSSL = $(CHIBIOS)/ext/wolfssl + +WOLFBINDSRC = \ + +WOLFCRYPTSRC = \ + $(WOLFSSL)/wolfcrypt/src/sha.c \ + $(WOLFSSL)/wolfcrypt/src/ge_low_mem.c \ + $(WOLFSSL)/wolfcrypt/src/compress.c \ + $(WOLFSSL)/wolfcrypt/src/chacha20_poly1305.c \ + $(WOLFSSL)/wolfcrypt/src/des3.c \ + $(WOLFSSL)/wolfcrypt/src/fe_low_mem.c \ + $(WOLFSSL)/wolfcrypt/src/hmac.c \ + $(WOLFSSL)/wolfcrypt/src/asm.c \ + $(WOLFSSL)/wolfcrypt/src/camellia.c \ + $(WOLFSSL)/wolfcrypt/src/ecc.c \ + $(WOLFSSL)/wolfcrypt/src/ecc_fp.c \ + $(WOLFSSL)/wolfcrypt/src/ripemd.c \ + $(WOLFSSL)/wolfcrypt/src/rsa.c \ + $(WOLFSSL)/wolfcrypt/src/wc_port.c \ + $(WOLFSSL)/wolfcrypt/src/arc4.c \ + $(WOLFSSL)/wolfcrypt/src/srp.c \ + $(WOLFSSL)/wolfcrypt/src/random.c \ + $(WOLFSSL)/wolfcrypt/src/idea.c \ + $(WOLFSSL)/wolfcrypt/src/blake2b.c \ + $(WOLFSSL)/wolfcrypt/src/error.c \ + $(WOLFSSL)/wolfcrypt/src/dh.c \ + $(WOLFSSL)/wolfcrypt/src/asn.c \ + $(WOLFSSL)/wolfcrypt/src/cmac.c \ + $(WOLFSSL)/wolfcrypt/src/signature.c \ + $(WOLFSSL)/wolfcrypt/src/pwdbased.c \ + $(WOLFSSL)/wolfcrypt/src/chacha.c \ + $(WOLFSSL)/wolfcrypt/src/md5.c \ + $(WOLFSSL)/wolfcrypt/src/aes.c \ + $(WOLFSSL)/wolfcrypt/src/wolfmath.c \ + $(WOLFSSL)/wolfcrypt/src/memory.c \ + $(WOLFSSL)/wolfcrypt/src/logging.c \ + $(WOLFSSL)/wolfcrypt/src/tfm.c \ + $(WOLFSSL)/wolfcrypt/src/coding.c \ + $(WOLFSSL)/wolfcrypt/src/rabbit.c \ + $(WOLFSSL)/wolfcrypt/src/pkcs12.c \ + $(WOLFSSL)/wolfcrypt/src/md2.c \ + $(WOLFSSL)/wolfcrypt/src/ge_operations.c \ + $(WOLFSSL)/wolfcrypt/src/sha512.c \ + $(WOLFSSL)/wolfcrypt/src/sha3.c \ + $(WOLFSSL)/wolfcrypt/src/port/nrf51.c \ + $(WOLFSSL)/wolfcrypt/src/port/pic32/pic32mz-crypt.c \ + $(WOLFSSL)/wolfcrypt/src/port/atmel/atmel.c \ + $(WOLFSSL)/wolfcrypt/src/port/nxp/ksdk_port.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-des3.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-ccm.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-hash.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-aes.c \ + $(WOLFSSL)/wolfcrypt/src/port/arm/armv8-aes.c \ + $(WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha256.c \ + $(WOLFSSL)/wolfcrypt/src/port/xilinx/xil-aesgcm.c \ + $(WOLFSSL)/wolfcrypt/src/port/xilinx/xil-sha3.c \ + $(WOLFSSL)/wolfcrypt/src/hash.c \ + $(WOLFSSL)/wolfcrypt/src/curve25519.c \ + $(WOLFSSL)/wolfcrypt/src/integer.c \ + $(WOLFSSL)/wolfcrypt/src/wolfevent.c \ + $(WOLFSSL)/wolfcrypt/src/dsa.c \ + $(WOLFSSL)/wolfcrypt/src/pkcs7.c \ + $(WOLFSSL)/wolfcrypt/src/wc_encrypt.c \ + $(WOLFSSL)/wolfcrypt/src/cpuid.c \ + $(WOLFSSL)/wolfcrypt/src/sha256.c \ + $(WOLFSSL)/wolfcrypt/src/md4.c \ + $(WOLFSSL)/wolfcrypt/src/fe_operations.c \ + $(WOLFSSL)/wolfcrypt/src/ed25519.c \ + $(WOLFSSL)/wolfcrypt/src/poly1305.c \ + $(WOLFSSL)/wolfcrypt/src/hc128.c \ + +WOLFSSLSRC = \ + $(WOLFSSL)/src/internal.c \ + $(WOLFSSL)/src/tls.c \ + $(WOLFSSL)/src/keys.c \ + $(WOLFSSL)/src/crl.c \ + $(WOLFSSL)/src/ssl.c \ + $(WOLFSSL)/src/wolfio.c \ + $(WOLFSSL)/src/sniffer.c \ + $(WOLFSSL)/src/ocsp.c \ + $(WOLFSSL)/src/tls13.c + + +WOLFSRC = $(WOLFBINDSRC) $(WOLFCRYPTSRC) $(WOLFSSLSRC) + +WOLFINC = \ + $(WOLFSSL)/wolfcrypt/include \ + $(WOLFSSL)/wolfssl/include \ + $(WOLFSSL) + +# Shared variables +ALLCSRC += $(WOLFSRC) +ALLINC += $(WOLFINC) + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Bootstrap).launch b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Bootstrap).launch new file mode 100644 index 000000000..5414ea459 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Bootstrap).launch @@ -0,0 +1,55 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(DDRAM).launch b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(DDRAM).launch new file mode 100644 index 000000000..fab846898 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(DDRAM).launch @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Load and Run).launch b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Load and Run).launch new file mode 100644 index 000000000..294c57835 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/debug/RT-SAMA5D2-XPLAINED-HTTPS-SEC(Load and Run).launch @@ -0,0 +1,55 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/imgs.gdb b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/imgs.gdb new file mode 100644 index 000000000..1209a322d --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/imgs.gdb @@ -0,0 +1,37 @@ +# +# Switch to secure image symbols, without touching anything else +# +define si + # Clear the symbol table + symbol-file + # Load the symbol table of the secure image + symbol-file ../RT-SAMA5D2-XPLAINED-HTTPS-SEC/build/ch.elf +end + +# +# Switch to non secure image symbols, without touching anything else +# +define nsi + # Clear the symbol table + symbol-file + # Load the symbol table of the non secure image + symbol-file ../RT-SAMA5D2-XPLAINED-HTTPS-NSEC/build/ch.elf +end + + +# +# Load non secure image into ddr +# +define lns + # Load the non secure image + set $oldpc=$pc + load ../RT-SAMA5D2-XPLAINED-HTTPS-NSEC/build/ch.elf + set $pc=$oldpc +end + +# +# Set pc to the address pc+4 +# +define spc + set $pc=$pc+4 +end diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/main.c b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/main.c new file mode 100755 index 000000000..4aebd085d --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/main.c @@ -0,0 +1,244 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +#include "ch.h" +#include "hal.h" +#include + +#include "chtssi.h" +#include "proxies/tssockstub.h" +#include "wolfssl_chibios.h" +#include "rt_test_root.h" +#include "oslib_test_root.h" +#include "chprintf.h" +//#include +#include + +#define CONFIG_RESOURCE "/" +#define CONFIG_WEBSITE "www.howsmyssl.com" + +#define WEB_PORT "443" + +/* HTTP request */ +static const char *REQUEST = "GET "CONFIG_RESOURCE" HTTP/1.0\r\n" + "Host: "CONFIG_WEBSITE"\r\n" + "User-Agent: SAMA5D2\r\n" + "\r\n"; + +#define SERVER_IP_ADDRESS "104.196.190.195" +#define SERVER_PORT_NUM 443 + +#define MAX_SSL_BUF 2000 +static uint8_t ssl_recv_buffer[MAX_SSL_BUF]; + +static struct sockaddr_in ra; +static WOLFSSL_CTX* ctx; +static WOLFSSL* ssl; +static WOLFSSL_METHOD* method; + +int httpsexample(void) { + + /* create a new socket */ + int s = socket(AF_INET, SOCK_STREAM, 0); + + if(s < 0) { + chprintf((BaseSequentialStream *)&SD1, "Unable to allocate a new socket\n\r"); + return 0; + } + + chprintf((BaseSequentialStream *)&SD1, "Socket allocated, id=%d\n\r", s); + + memset(&ra, 0, sizeof(struct sockaddr_in)); + ra.sin_len = sizeof(ra); + ra.sin_family = AF_INET; + ra.sin_port = htons(SERVER_PORT_NUM); + ra.sin_addr.s_addr = inet_addr(SERVER_IP_ADDRESS); + + /* connect to the specified server */ + int result = connect(s, (struct sockaddr *)&ra, + sizeof (struct sockaddr_in)); + if(result != 0) { + chprintf((BaseSequentialStream *)&SD1, "Unable to connect to the target website\n\r"); + close(s); + return 0; + } + + chprintf((BaseSequentialStream *)&SD1, "Connected to the target website\n\r"); + + /* initialize wolfssl library */ + wolfSSL_Init(); + method = wolfTLSv1_2_client_method(); /* use TLS v1.2 */ + + /* make new ssl context */ + if ((ctx = wolfSSL_CTX_new(method)) == NULL) { + chprintf((BaseSequentialStream *)&SD1, "wolfSSL_CTX_new error\n\r"); + close(s); + return 0; + } + + wolfSSL_SetIORecv(ctx, wolfssl_recv_cb) ; + wolfSSL_SetIOSend(ctx, wolfssl_send_cb) ; + + /* Add cert to ctx */ + int e = 0; +#if 0 + e = wolfSSL_CTX_load_verify_buffer(ctx, client_cert, client_cert_len, SSL_FILETYPE_ASN1); + if (e != SSL_SUCCESS) { + chprintf((BaseSequentialStream *)&SD1, "Error loading client certs\n\r"); + close(s); + return 0; + } +#endif + /* TODO: delete this line */ + wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + + /* make new wolfSSL struct */ + if ((ssl = wolfSSL_new(ctx)) == NULL) { + chprintf((BaseSequentialStream *)&SD1, "wolfSSL_new error\n\r"); + close(s); + return 0; + } + + /* Connect wolfssl to the socket, server, then send message */ + e = wolfSSL_set_fd(ssl, s); + if (e != SSL_SUCCESS) { + chprintf((BaseSequentialStream *)&SD1, "wolfSSL_set_fd error\n\r"); + close(s); + return 0; + } + + e = wolfSSL_connect(ssl); + if (e != SSL_SUCCESS) { + chprintf((BaseSequentialStream *)&SD1, "wolfSSL_connect error\n\r"); + close(s); + return 0; + } + + /* send the request */ + result = wolfSSL_write(ssl, REQUEST, strlen(REQUEST)); + if(result < 0) { + chprintf((BaseSequentialStream *)&SD1, "Unable to send the HTTP request\r\n"); + close(s); + return 0; + } + chprintf((BaseSequentialStream *)&SD1, "HTTP request sent\n\r"); + + /* print the response */ + chprintf((BaseSequentialStream *)&SD1, "HTTP response:\n\r"); + chprintf((BaseSequentialStream *)&SD1,"--------------------------------------------------------------------------------\n\r"); + int r; + do { + memset(ssl_recv_buffer, 0, MAX_SSL_BUF); + r = wolfSSL_read(ssl, ssl_recv_buffer, MAX_SSL_BUF - 1); + chprintf((BaseSequentialStream *)&SD1,"%s\n\r",ssl_recv_buffer); + } while(r > 0); + chprintf((BaseSequentialStream *)&SD1, "--------------------------------------------------------------------------------\n\r"); + + /* frees all data before client termination */ + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); + +// freeaddrinfo(res); + close(s); + chprintf((BaseSequentialStream *)&SD1, "Socket closed\n\r"); + + return 1; +} + +/* + * One thread that run the https example. + */ +static THD_WORKING_AREA(waThreadHttps, 2048); +static THD_FUNCTION(ThreadHttps, arg) { + (void)arg; + + tsWaitStubSkelReady(); + chThdSleepMilliseconds(5000); + while (true) { + httpsexample(); + chThdSleepMilliseconds(500); + } +} + +/* + * LED blinker thread, times are in milliseconds. + */ +static THD_WORKING_AREA(waThread1, 512); +static THD_FUNCTION(Thread1, arg) { + + (void)arg; + chRegSetThreadName("blinker"); + + while (true) { + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(80); + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(120); + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(120); + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(120); + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(160); + palToggleLine(LINE_LED_BLUE); + chThdSleepMilliseconds(600); + } +} + +static const SerialConfig sdcfg = { + 115200, + 0, + UART_MR_PAR_NO +}; + +/* + * Application entry point. + */ +int main(void) { + + /* + * System initializations. + * - HAL initialization, this also initializes the configured device drivers + * and performs the board-specific initializations. + * - Kernel initialization, the main() function becomes a thread and the + * RTOS is active. + * The foreign interrupts are disabled up to the trampoline in the non secure world + */ + halInit(); + chSysInit(); + + /* + * Activates the serial driver 0 using the driver default configuration. + */ + sdStart(&SD1, &sdcfg); + + /* + * Creates the blinker thread (and any other ancillary thread). + */ + chThdCreateStatic(waThread1, sizeof waThread1, NORMALPRIO, Thread1, NULL); + chThdCreateStatic(waThreadHttps, sizeof waThreadHttps, NORMALPRIO+1, ThreadHttps, NULL); + + /* + * System initializations. + * - TSSI initialization, the trusted services are created and started. + * Lastly, the thread "main" becomes the non secure execution environment. + */ + tssiInit(); + /* + * It never goes here + */ +} diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tscommon.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tscommon.h new file mode 100644 index 000000000..f290791bb --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tscommon.h @@ -0,0 +1,91 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio. + + This file is part of ChibiOS. + + ChibiOS is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + ChibiOS is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/** + * @file tscommon.h + * @brief Common, shared defines and macros between secure and non secure + * environment. + * + */ + +#ifndef TSCOMMON_H +#define TSCOMMON_H + +#include "ch.h" +#include "ccportab.h" + +/*===========================================================================*/ +/* Module constants. */ +/*===========================================================================*/ +#define SKEL_REQ_GETOP 1 +#define SKEL_REQ_CPYPRMS 2 +#define SKEL_REQ_PUTRES 3 +#define SKEL_REQ_READY 4 + +#define STUB_OP_SOCKET 0 +#define STUB_OP_CLOSE 1 +#define STUB_OP_CONNECT 2 +#define STUB_OP_RECV 3 +#define STUB_OP_SEND 4 +#define STUB_OP_SELECT 5 +#define STUB_OP_BIND 6 +#define STUB_OP_LISTEN 7 +#define STUB_OP_WRITE 8 +#define STUB_OP_READ 9 +#define STUB_OP_GETADDRINFO 10 +#define STUB_OP_FREEADDRINFO 11 + +#define EVT_F_SOCK_NEW_OP 1 + +/*===========================================================================*/ +/* Module pre-compile time settings. */ +/*===========================================================================*/ +#define METHOD_MAX_PARAMS 6 + +#define L_FD_SETSIZE 64 + +/*===========================================================================*/ +/* Derived constants and error checks. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module data structures and types. */ +/*===========================================================================*/ +typedef struct skel_req { + uint32_t req; /* getop, cpyprms, putres */ + uint32_t stub_op; + uint32_t stub_op_code; + uint32_t stub_op_result; + uint32_t stub_op_p_sz[METHOD_MAX_PARAMS]; + uint32_t stub_op_p[METHOD_MAX_PARAMS]; +} skel_req_t; + +/*===========================================================================*/ +/* Module macros. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* External declarations. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module inline functions. */ +/*===========================================================================*/ + +#endif /* TSCOMMON_H */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.c b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.c new file mode 100644 index 000000000..358acdf0f --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.c @@ -0,0 +1,548 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/** + * @file tssockstub.c + * @brief Sockets stub for trusted services. + * + */ + +#include "ch.h" +#include "chobjfifos.h" +#include "chtssi.h" +#include "tssockstub.h" +#include +#include + +/*===========================================================================*/ +/* Module local definitions. */ +/*===========================================================================*/ + +#define METHOD_MAX_PARAMS 6 +#define STUB_MAX_OPS 32 + +#define OP_PRMDIR_NONE 0 +#define OP_PRMDIR_IN 1 +#define OP_PRMDIR_OUT 2 + +/*===========================================================================*/ +/* Module exported variables. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module local types. */ +/*===========================================================================*/ +typedef struct stub_op stub_op_t; +typedef enum {FREE=0, CALLING, PENDING} op_state_t; + +typedef struct stub_param { + uint32_t dir; + uint32_t val; + uint32_t size; +} stub_parm_t; + +typedef struct stub_op { + uint32_t op_code; /* e.g. connect, recv, sendv, close, etc.*/ + op_state_t op_state; /* calling, pending, free.*/ + stub_parm_t op_p[METHOD_MAX_PARAMS]; + thread_reference_t op_wthdp; /* TS internal client thread (the caller).*/ +} stub_op_t; + +/*===========================================================================*/ +/* Module local variables. */ +/*===========================================================================*/ + +static objects_fifo_t ops_fifo; +static msg_t ops_msgs[STUB_MAX_OPS]; +static struct stub_op ops[STUB_MAX_OPS] = {0}; +static bool tsSkelIsReady = false; + +/*===========================================================================*/ +/* Module local functions. */ +/*===========================================================================*/ + +static bool isOpValid(stub_op_t *op) +{ + if ((op < &ops[0]) || (op >= &ops[STUB_MAX_OPS])) + return FALSE; + if (((char *)op - (char *)&ops[0]) % sizeof ops[0]) + return FALSE; + return TRUE; +} + +/** + * @brief Implement an a call to a NSEC function. + * @details It activates the channel between the stubs service and + * the skels daemon running in the nsec world. + * To do it, it uses an event to signal the skels + * daemon that a new op request is ready to be executed. + * Behind the scenes, the skels daemon will then gets the op, calling + * the stubs service via smc. The daemon executes it and then calls + * the stubs service again to post the result and to wake up the + * calling thread of this function. + * + * @param[in] op the 'remote' method description. + * + * @return the return value of 'remote' method. + */ +static uint32_t callRemote(stub_op_t *op) { + uint32_t r; + + chSysLock(); + chFifoSendObjectI(&ops_fifo, op); + chEvtBroadcastFlagsI(&tsEventSource, EVT_F_SOCK_NEW_OP); + chThdSuspendS(&op->op_wthdp); + chSysUnlock(); + r = op->op_code; + chFifoReturnObject(&ops_fifo, op); + return r; +} + +static stub_op_t *getNewOp(void) { + stub_op_t *op = chFifoTakeObjectTimeout(&ops_fifo, TIME_INFINITE); + memset(op, 0, sizeof *op); + op->op_state = CALLING; + return op; +} + +/*===========================================================================*/ +/* Module exported functions. */ +/*===========================================================================*/ + +/** + * @brief The stubs service. + * @details And this is where the magic happens. + */ +THD_WORKING_AREA(waTsStubsService, 1024); +THD_FUNCTION(TsStubsService, tsstate) { + ts_state_t *svcp = tsstate; + skel_req_t *skrp; + stub_op_t *op; + msg_t r; + int i; + + chFifoObjectInit(&ops_fifo, sizeof (stub_op_t), STUB_MAX_OPS, + sizeof (uint8_t), ops, ops_msgs); + for (;/* ever */;) { + + /* Wait a service request.*/ + (void)tssiWaitRequest(svcp); + skrp = (skel_req_t *)TS_GET_DATA(svcp); + r = SMC_SVC_OK; + + /* Process the request.*/ + if (TS_GET_DATALEN(svcp) != sizeof (skel_req_t)) { + TS_SET_STATUS(svcp, SMC_SVC_INVALID); + continue; + } + + switch (skrp->req) { + case SKEL_REQ_READY: + tsSkelIsReady = true; + break; + + case SKEL_REQ_GETOP: + + /* The nsec skeleton calls us to get a new op ready to be executed.*/ + if (chFifoReceiveObjectTimeout(&ops_fifo, (void **)&op, TIME_IMMEDIATE) == + MSG_TIMEOUT) { + + /* no op ready to be executed.*/ + r = SMC_SVC_NHND; + break; + } + skrp->stub_op = (uint32_t)op; + skrp->stub_op_code = op->op_code; + + /* Pass all the 'by value' arguments from stub to skel.*/ + for (i = 0; i < METHOD_MAX_PARAMS; ++i) { + if (op->op_p[i].dir == OP_PRMDIR_NONE) + skrp->stub_op_p[i] = op->op_p[i].val; + } + op->op_state = PENDING; + break; + + case SKEL_REQ_CPYPRMS: + + /* The nsec skel calls us to get a copy of the 'in' parameters of + the specified op. + An 'in' parameter is an indirect argument, that is an argument + the value of which is a pointer to a memory buffer, that + must be copied in a non secure memory buffer. + It represents data to be consumed by the callee.*/ + op = (stub_op_t *)skrp->stub_op; + if (!isOpValid(op) || op->op_state != PENDING || + op->op_code != skrp->stub_op_code) { + r = SMC_SVC_INVALID; + break; + } + + /* Copy all 'in' parameters. + For each parameter check that the destination memory area + is in the non secure memory arena.*/ + for (i = 0; i < METHOD_MAX_PARAMS; ++i) { + if ((op->op_p[i].dir & OP_PRMDIR_IN) == 0) + continue; + if (!tsIsAddrSpaceValid((void *)skrp->stub_op_p[i], op->op_p[i].size)) { + r = SMC_SVC_INVALID; + break; + } + memcpy((void *)skrp->stub_op_p[i], (void *)op->op_p[i].val, + op->op_p[i].size); + } + break; + + case SKEL_REQ_PUTRES: + + /* The nsec skel calls us to put a copy of the 'out' parameters of + the specified op. + An 'out' parameter is an indirect argument, that is an argument + the value of which is a pointer to a memory buffer, that + must be copied in a secure memory buffer. + It represents data produced by the callee.*/ + op = (stub_op_t *)skrp->stub_op; + if (!isOpValid(op) || op->op_state != PENDING || + op->op_code != skrp->stub_op_code) { + r = SMC_SVC_INVALID; + break; + } + + /* Copy all 'out' parameters. + For each parameter check that the source memory area + is in the non secure memory arena, and that the size returned + fits in the caller buffer size.*/ + for (i = 0; i < METHOD_MAX_PARAMS; ++i) { + if ((op->op_p[i].dir & OP_PRMDIR_OUT) == 0) + continue; + if (!tsIsAddrSpaceValid((void *)skrp->stub_op_p[i], skrp->stub_op_p_sz[i]) + || (skrp->stub_op_p_sz[i] > op->op_p[i].size)) { + r = SMC_SVC_INVALID; + break; + } + memcpy((void *)op->op_p[i].val, (void *)skrp->stub_op_p[i], + skrp->stub_op_p_sz[i]); + } + if (r != SMC_SVC_OK) + break; + + /* Set the return value of the 'remote' callee method, + and wake up the caller.*/ + op->op_code = skrp->stub_op_result; + chThdResume(&op->op_wthdp, MSG_OK); + break; + + default: + r = SMC_SVC_INVALID; + break; + } + + /* Set the response.*/ + TS_SET_STATUS(svcp, r); + } +} +/** + * @brief Is the skeletons daemon ready to operate? + * @details It is used at the startup to synchronize the + * stub service with the skeleton daemon. + */ +void tsWaitStubSkelReady(void) { + while (!tsSkelIsReady) { + chThdSleepMilliseconds(100); + } +} + +/** + * @brief The sockets API. + */ +int socket(int domain, int type, int protocol) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_SOCKET; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)domain; + op->op_p[1].dir = OP_PRMDIR_NONE; + op->op_p[1].val = (uint32_t)type; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)protocol; + return (int)callRemote(op); +} + +int connect(int s, const struct sockaddr *name, socklen_t namelen) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_CONNECT; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_IN; + op->op_p[1].val = (uint32_t)name; + op->op_p[1].size = (uint32_t)namelen; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)namelen; + return (int)callRemote(op); +} + +int close(int s) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_CLOSE; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + return (int)callRemote(op); +} + +int recv(int s, void *mem, size_t len, int flags) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_RECV; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_OUT; + op->op_p[1].val = (uint32_t)mem; + op->op_p[1].size = (uint32_t)len; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)len; + op->op_p[3].dir = OP_PRMDIR_NONE; + op->op_p[3].val = (uint32_t)flags; + return (int)callRemote(op); +} + +int send(int s, const void *dataptr, size_t size, int flags) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_SEND; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_IN; + op->op_p[1].val = (uint32_t)dataptr; + op->op_p[1].size = (uint32_t)size; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)size; + op->op_p[3].dir = OP_PRMDIR_NONE; + op->op_p[3].val = (uint32_t)flags; + return (int)callRemote(op); +} + +#if 0 +int select(int maxfdp1, fd_set *readset, fd_set *writeset, fd_set *exceptset, + struct timeval *timeout) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_SELECT; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)maxfdp1; + op->op_p[1].dir = OP_PRMDIR_IN|OP_PRMDIR_OUT; + op->op_p[1].val = (uint32_t)readset; + op->op_p[1].size = sizeof (fd_set); + op->op_p[2].dir = OP_PRMDIR_IN|OP_PRMDIR_OUT; + op->op_p[2].val = (uint32_t)writeset; + op->op_p[2].size = sizeof (fd_set); + op->op_p[3].dir = OP_PRMDIR_IN|OP_PRMDIR_OUT; + op->op_p[3].val = (uint32_t)exceptset; + op->op_p[3].size = sizeof (fd_set); + op->op_p[4].dir = OP_PRMDIR_IN; + op->op_p[4].val = (uint32_t)timeout; + op->op_p[4].size = sizeof (struct timeval); + return (int)callRemote(op); +} +#endif + +int bind(int s, const struct sockaddr *name, socklen_t namelen) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_BIND; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_IN; + op->op_p[1].val = (uint32_t)name; + op->op_p[1].size = (uint32_t)namelen; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)namelen; + return (int)callRemote(op); +} + +int listen(int s, int backlog) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_LISTEN; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_NONE; + op->op_p[1].val = (uint32_t)backlog; + return (int)callRemote(op); +} + +int write(int s, const void *dataptr, size_t size) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_WRITE; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_IN; + op->op_p[1].val = (uint32_t)dataptr; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)size; + return (int)callRemote(op); +} + +int read(int s, void *mem, size_t len) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_READ; + op->op_p[0].dir = OP_PRMDIR_NONE; + op->op_p[0].val = (uint32_t)s; + op->op_p[1].dir = OP_PRMDIR_OUT; + op->op_p[1].val = (uint32_t)mem; + op->op_p[2].dir = OP_PRMDIR_NONE; + op->op_p[2].val = (uint32_t)len; + return (int)callRemote(op); +} + +/* + * TODO verify parameters + */ +int getaddrinfo(const char *nodename, const char *servname, + const struct addrinfo *hints, struct addrinfo **res) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_GETADDRINFO; + op->op_p[0].dir = OP_PRMDIR_IN; + op->op_p[0].val = (uint32_t)nodename; + op->op_p[1].dir = OP_PRMDIR_IN; + op->op_p[1].val = (uint32_t)servname; + op->op_p[2].dir = OP_PRMDIR_IN; + op->op_p[2].val = (uint32_t)hints; + op->op_p[3].dir = OP_PRMDIR_OUT; + op->op_p[3].val = (uint32_t)res; + return (int)callRemote(op); +} + +int freeaddrinfo(struct addrinfo *ai) { + stub_op_t *op = getNewOp(); + op->op_code = STUB_OP_FREEADDRINFO; + op->op_p[0].dir = OP_PRMDIR_IN; + op->op_p[0].val = (uint32_t)ai; + return (int)callRemote(op); +} + + +#if 0 +int accept(int s, struct sockaddr *addr, socklen_t *addrlen); +int shutdown(int s, int how); +int getpeername (int s, struct sockaddr *name, socklen_t *namelen); +int getsockname (int s, struct sockaddr *name, socklen_t *namelen); +int getsockopt (int s, int level, int optname, void *optval, socklen_t *optlen); +int setsockopt (int s, int level, int optname, const void *optval, socklen_t optlen); +int recvfrom(int s, void *mem, size_t len, int flags, + struct sockaddr *from, socklen_t *fromlen); +int sendmsg(int s, const struct msghdr *message, int flags); +int sendto(int s, const void *dataptr, size_t size, int flags, + const struct sockaddr *to, socklen_t tolen); +int writev(int s, const struct iovec *iov, int iovcnt); +int ioctl(int s, long cmd, void *argp); +int fcntl(int s, int cmd, int val); +#endif + +/* + * Ascii internet address interpretation routine. + * The value returned is in network order. + */ +in_addr_t inet_addr(const char *cp) { + struct in_addr val; + + if (inet_aton(cp, &val)) + return val.s_addr; + return INADDR_NONE; +} + +/* + * Check whether "cp" is a valid ascii representation + * of an Internet address and convert to a binary address. + * Returns 1 if the address is valid, 0 if not. + * This replaces inet_addr, the return value from which + * cannot distinguish between failure and a local broadcast address. + */ + +int inet_aton(const char *cp, struct in_addr *addr) { + uint32_t val, base, n; + char c; + uint32_t parts[4], *pp = parts; + + for (;;) { + /* + * Collect number up to '.'. + * Values are specified as for C: + * 0x=hex, 0=octal, other=decimal. + */ + val = 0; base = 10; + if (*cp == '0') { + if (*++cp == 'x' || *cp == 'X') + base = 16, cp++; + else + base = 8; + } + while ((c = *cp) != '\0') { + if (isascii(c) && isdigit(c)) { + val = (val * base) + (c - '0'); + cp++; + continue; + } + if (base == 16 && isascii(c) && isxdigit(c)) { + val = (val << 4) + + (c + 10 - (islower(c) ? 'a' : 'A')); + cp++; + continue; + } + break; + } + if (*cp == '.') { + /* + * Internet format: + * a.b.c.d + * a.b.c (with c treated as 16-bits) + * a.b (with b treated as 24 bits) + */ + if (pp >= parts + 3 || val > 0xff) + return 0; + *pp++ = val, cp++; + } else + break; + } + /* + * Check for trailing characters. + */ + if (*cp && (!isascii(*cp) || !isspace(*cp))) + return 0; + /* + * Make the address according to + * the number of parts specified. + */ + n = pp - parts + 1; + switch (n) { + + case 1: /* a -- 32 bits */ + break; + + case 2: /* a.b -- 8.24 bits */ + if (val > 0xffffff) + return 0; + val |= parts[0] << 24; + break; + + case 3: /* a.b.c -- 8.8.16 bits */ + if (val > 0xffff) + return 0; + val |= (parts[0] << 24) | (parts[1] << 16); + break; + + case 4: /* a.b.c.d -- 8.8.8.8 bits */ + if (val > 0xff) + return 0; + val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8); + break; + } + if (addr) + addr->s_addr = htonl(val); + return 1; +} diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.h new file mode 100644 index 000000000..58fbcac67 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/proxies/tssockstub.h @@ -0,0 +1,409 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio. + + This file is part of ChibiOS. + + ChibiOS is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + ChibiOS is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/** + * @file tssockstub.h + * @brief Sockets stub module macros and structures. + * + */ + +#ifndef TSSOCKSTUB_H +#define TSSOCKSTUB_H + +#include "ch.h" +#include "ccportab.h" +#include "tscommon.h" +/*===========================================================================*/ +/* Module constants. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module pre-compile time settings. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Derived constants and error checks. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module data structures and types. */ +/*===========================================================================*/ + +typedef uint32_t socklen_t; +typedef uint8_t sa_family_t; +typedef uint16_t in_port_t; +typedef uint32_t in_addr_t; + +struct in_addr { + in_addr_t s_addr; +}; + +#if 0 +typedef struct fd_set +{ + unsigned char fd_bits [(L_FD_SETSIZE+7)/8]; +} fd_set; + +struct timeval { + long tv_sec; /* seconds */ + long tv_usec; /* and microseconds */ +}; +#endif + +struct sockaddr { + uint8_t sa_len; + sa_family_t sa_family; + char sa_data[14]; +}; + +struct addrinfo { + int ai_flags; /* Input flags. */ + int ai_family; /* Address family of socket. */ + int ai_socktype; /* Socket type. */ + int ai_protocol; /* Protocol of socket. */ + socklen_t ai_addrlen; /* Length of socket address. */ + struct sockaddr *ai_addr; /* Socket address of socket. */ + char *ai_canonname; /* Canonical name of service location. */ + struct addrinfo *ai_next; /* Pointer to next in list. */ +}; + +struct sockaddr_in { + uint8_t sin_len; + sa_family_t sin_family; + in_port_t sin_port; + struct in_addr sin_addr; +#define SIN_ZERO_LEN 8 + char sin_zero[SIN_ZERO_LEN]; +}; + +struct sockaddr_storage { + uint8_t s2_len; + sa_family_t ss_family; + char s2_data1[2]; + uint32_t s2_data2[3]; +}; + +struct iovec { + void *iov_base; + size_t iov_len; +}; + +struct msghdr { + void *msg_name; + socklen_t msg_namelen; + struct iovec *msg_iov; + int msg_iovlen; + void *msg_control; + socklen_t msg_controllen; + int msg_flags; +}; + +#define htons(s) ((uint16_t)(((uint16_t)(s) >> 8) | ((uint16_t)(s) << 8))) +#define ntohs(s) htons(s) +#define htonl(l) ((((l) & 0x000000ffUL) << 24) | \ + (((l) & 0x0000ff00UL) << 8) | \ + (((l) & 0x00ff0000UL) >> 8) | \ + (((l) & 0xff000000UL) >> 24)) +#define ntohl(l) htonl(l) + +/** 255.255.255.255 */ +#define IPADDR_NONE ((uint32_t)0xffffffffUL) +/** 127.0.0.1 */ +#define IPADDR_LOOPBACK ((uint32_t)0x7f000001UL) +/** 0.0.0.0 */ +#define IPADDR_ANY ((uint32_t)0x00000000UL) +/** 255.255.255.255 */ +#define IPADDR_BROADCAST ((uint32_t)0xffffffffUL) + +/** 255.255.255.255 */ +#define INADDR_NONE IPADDR_NONE +/** 127.0.0.1 */ +#define INADDR_LOOPBACK IPADDR_LOOPBACK +/** 0.0.0.0 */ +#define INADDR_ANY IPADDR_ANY +/** 255.255.255.255 */ +#define INADDR_BROADCAST IPADDR_BROADCAST + +/* Socket protocol types (TCP/UDP/RAW) */ +#define SOCK_STREAM 1 +#define SOCK_DGRAM 2 +#define SOCK_RAW 3 + +/* + * Option flags per-socket. These must match the SOF_ flags in ip.h (checked in init.c) + */ +#define SO_REUSEADDR 0x0004 /* Allow local address reuse */ +#define SO_KEEPALIVE 0x0008 /* keep connections alive */ +#define SO_BROADCAST 0x0020 /* permit to send and to receive broadcast messages (see IP_SOF_BROADCAST option) */ + +/* + * Additional options, not kept in so_options. + */ +#define SO_DEBUG 0x0001 /* Unimplemented: turn on debugging info recording */ +#define SO_ACCEPTCONN 0x0002 /* socket has had listen() */ +#define SO_DONTROUTE 0x0010 /* Unimplemented: just use interface addresses */ +#define SO_USELOOPBACK 0x0040 /* Unimplemented: bypass hardware when possible */ +#define SO_LINGER 0x0080 /* linger on close if data present */ +#define SO_DONTLINGER ((int)(~SO_LINGER)) +#define SO_OOBINLINE 0x0100 /* Unimplemented: leave received OOB data in line */ +#define SO_REUSEPORT 0x0200 /* Unimplemented: allow local address & port reuse */ +#define SO_SNDBUF 0x1001 /* Unimplemented: send buffer size */ +#define SO_RCVBUF 0x1002 /* receive buffer size */ +#define SO_SNDLOWAT 0x1003 /* Unimplemented: send low-water mark */ +#define SO_RCVLOWAT 0x1004 /* Unimplemented: receive low-water mark */ +#define SO_SNDTIMEO 0x1005 /* send timeout */ +#define SO_RCVTIMEO 0x1006 /* receive timeout */ +#define SO_ERROR 0x1007 /* get error status and clear */ +#define SO_TYPE 0x1008 /* get socket type */ +#define SO_CONTIMEO 0x1009 /* Unimplemented: connect timeout */ +#define SO_NO_CHECK 0x100a /* don't create UDP checksum */ + +/* + * Structure used for manipulating linger option. + */ +struct linger { + int l_onoff; /* option on/off */ + int l_linger; /* linger time in seconds */ +}; + +/* + * Level number for (get/set)sockopt() to apply to socket itself. + */ +#define SOL_SOCKET 0xfff /* options for socket level */ + +#define AF_UNSPEC 0 +#define AF_INET 2 +#define AF_INET6 AF_UNSPEC +#define PF_INET AF_INET +#define PF_INET6 AF_INET6 +#define PF_UNSPEC AF_UNSPEC + +#define IPPROTO_IP 0 +#define IPPROTO_ICMP 1 +#define IPPROTO_TCP 6 +#define IPPROTO_UDP 17 +#define IPPROTO_UDPLITE 136 +#define IPPROTO_RAW 255 + +/* Flags we can use with send and recv. */ +#define MSG_PEEK 0x01 /* Peeks at an incoming message */ +#define MSG_WAITALL 0x02 /* Unimplemented: Requests that the function block until the full amount of data requested can be returned */ +#define MSG_OOB 0x04 /* Unimplemented: Requests out-of-band data. The significance and semantics of out-of-band data are protocol-specific */ +#define MSG_DONTWAIT 0x08 /* Nonblocking i/o for this operation only */ +#define MSG_MORE 0x10 /* Sender will send more */ + +/* + * Options for level IPPROTO_IP + */ +#define IP_TOS 1 +#define IP_TTL 2 + +/* + * Options for level IPPROTO_TCP + */ +#define TCP_NODELAY 0x01 /* don't delay send to coalesce packets */ +#define TCP_KEEPALIVE 0x02 /* send KEEPALIVE probes when idle for pcb->keep_idle milliseconds */ +#define TCP_KEEPIDLE 0x03 /* set pcb->keep_idle - Same as TCP_KEEPALIVE, but use seconds for get/setsockopt */ +#define TCP_KEEPINTVL 0x04 /* set pcb->keep_intvl - Use seconds for get/setsockopt */ +#define TCP_KEEPCNT 0x05 /* set pcb->keep_cnt - Use number of probes sent for get/setsockopt */ + + +/* + * Options for level IPPROTO_UDPLITE + */ +#define UDPLITE_SEND_CSCOV 0x01 /* sender checksum coverage */ +#define UDPLITE_RECV_CSCOV 0x02 /* minimal receiver checksum coverage */ + + +/* + * Options and types for UDP multicast traffic handling + */ +#define IP_MULTICAST_TTL 5 +#define IP_MULTICAST_IF 6 +#define IP_MULTICAST_LOOP 7 + +/* + * Options and types related to multicast membership + */ +#define IP_ADD_MEMBERSHIP 3 +#define IP_DROP_MEMBERSHIP 4 + +typedef struct ip_mreq { + struct in_addr imr_multiaddr; /* IP multicast address of group */ + struct in_addr imr_interface; /* local IP address of interface */ +} ip_mreq; + +/* + * The Type of Service provides an indication of the abstract + * parameters of the quality of service desired. These parameters are + * to be used to guide the selection of the actual service parameters + * when transmitting a datagram through a particular network. Several + * networks offer service precedence, which somehow treats high + * precedence traffic as more important than other traffic (generally + * by accepting only traffic above a certain precedence at time of high + * load). The major choice is a three way tradeoff between low-delay, + * high-reliability, and high-throughput. + * The use of the Delay, Throughput, and Reliability indications may + * increase the cost (in some sense) of the service. In many networks + * better performance for one of these parameters is coupled with worse + * performance on another. Except for very unusual cases at most two + * of these three indications should be set. + */ +#define IPTOS_TOS_MASK 0x1E +#define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK) +#define IPTOS_LOWDELAY 0x10 +#define IPTOS_THROUGHPUT 0x08 +#define IPTOS_RELIABILITY 0x04 +#define IPTOS_LOWCOST 0x02 +#define IPTOS_MINCOST IPTOS_LOWCOST + +/* + * The Network Control precedence designation is intended to be used + * within a network only. The actual use and control of that + * designation is up to each network. The Internetwork Control + * designation is intended for use by gateway control originators only. + * If the actual use of these precedence designations is of concern to + * a particular network, it is the responsibility of that network to + * control the access to, and use of, those precedence designations. + */ +#define IPTOS_PREC_MASK 0xe0 +#define IPTOS_PREC(tos) ((tos) & IPTOS_PREC_MASK) +#define IPTOS_PREC_NETCONTROL 0xe0 +#define IPTOS_PREC_INTERNETCONTROL 0xc0 +#define IPTOS_PREC_CRITIC_ECP 0xa0 +#define IPTOS_PREC_FLASHOVERRIDE 0x80 +#define IPTOS_PREC_FLASH 0x60 +#define IPTOS_PREC_IMMEDIATE 0x40 +#define IPTOS_PREC_PRIORITY 0x20 +#define IPTOS_PREC_ROUTINE 0x00 + + +/* + * Commands for ioctlsocket(), taken from the BSD file fcntl.h. + * + * Ioctl's have the command encoded in the lower word, + * and the size of any in or out parameters in the upper + * word. The high 2 bits of the upper word are used + * to encode the in/out status of the parameter; for now + * we restrict parameters to at most 128 bytes. + */ +#if !defined(FIONREAD) || !defined(FIONBIO) +#define IOCPARM_MASK 0x7fU /* parameters must be < 128 bytes */ +#define IOC_VOID 0x20000000UL /* no parameters */ +#define IOC_OUT 0x40000000UL /* copy out parameters */ +#define IOC_IN 0x80000000UL /* copy in parameters */ +#define IOC_INOUT (IOC_IN|IOC_OUT) + /* 0x20000000 distinguishes new & + old ioctl's */ +#define _IO(x,y) (IOC_VOID|((x)<<8)|(y)) + +#define _IOR(x,y,t) (IOC_OUT|(((long)sizeof(t)&IOCPARM_MASK)<<16)|((x)<<8)|(y)) + +#define _IOW(x,y,t) (IOC_IN|(((long)sizeof(t)&IOCPARM_MASK)<<16)|((x)<<8)|(y)) +#endif /* !defined(FIONREAD) || !defined(FIONBIO) */ + +#ifndef FIONREAD +#define FIONREAD _IOR('f', 127, unsigned long) /* get # bytes to read */ +#endif +#ifndef FIONBIO +#define FIONBIO _IOW('f', 126, unsigned long) /* set/clear non-blocking i/o */ +#endif + +/* Socket I/O Controls: unimplemented */ +#ifndef SIOCSHIWAT +#define SIOCSHIWAT _IOW('s', 0, unsigned long) /* set high watermark */ +#define SIOCGHIWAT _IOR('s', 1, unsigned long) /* get high watermark */ +#define SIOCSLOWAT _IOW('s', 2, unsigned long) /* set low watermark */ +#define SIOCGLOWAT _IOR('s', 3, unsigned long) /* get low watermark */ +#define SIOCATMARK _IOR('s', 7, unsigned long) /* at oob mark? */ +#endif + +/* commands for fnctl */ +#ifndef F_GETFL +#define F_GETFL 3 +#endif +#ifndef F_SETFL +#define F_SETFL 4 +#endif + +/* File status flags and file access modes for fnctl, + these are bits in an int. */ +#ifndef O_NONBLOCK +#define O_NONBLOCK 1 /* nonblocking I/O */ +#endif +#ifndef O_NDELAY +#define O_NDELAY 1 /* same as O_NONBLOCK, for compatibility */ +#endif + +#ifndef SHUT_RD + #define SHUT_RD 0 + #define SHUT_WR 1 + #define SHUT_RDWR 2 +#endif + +#define FDSETSAFESET(n, code) do { \ + if (((n) < L_FD_SETSIZE) && (((int)(n)) >= 0)) { \ + code; }} while(0) +#define FDSETSAFEGET(n, code) (((n) < L_FD_SETSIZE) && (((int)(n)) >= 0) ?\ + (code) : 0) +#if 0 +#define FD_SET(n, p) FDSETSAFESET(n, (p)->fd_bits[((n))/8] |= (1 << (((n)) & 7))) +#define FD_CLR(n, p) FDSETSAFESET(n, (p)->fd_bits[((n))/8] &= ~(1 << (((n)) & 7))) +#define FD_ISSET(n,p) FDSETSAFEGET(n, (p)->fd_bits[((n))/8] & (1 << (((n)) & 7))) +#define FD_ZERO(p) memset((void*)(p), 0, sizeof(*(p))) +#endif +/*===========================================================================*/ +/* Module macros. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* External declarations. */ +/*===========================================================================*/ + +#ifdef __cplusplus +extern "C" { +#endif + int socket(int domain, int type, int protocol); + int close(int s); + int connect(int s, const struct sockaddr *name, socklen_t namelen); + int recv(int s, void *mem, size_t len, int flags); + int send(int s, const void *dataptr, size_t size, int flags); + //int select(int maxfdp1, fd_set *readset, fd_set *writeset, fd_set *exceptset, + // struct timeval *timeout); + int bind(int s, const struct sockaddr *name, socklen_t namelen); + int listen(int s, int backlog); + int write(int s, const void *dataptr, size_t size); + int read(int s, void *mem, size_t len); + int getaddrinfo(const char *nodename, const char *servname, + const struct addrinfo *hints, struct addrinfo **res); + int freeaddrinfo(struct addrinfo *ai); + in_addr_t inet_addr(const char *cp); + int inet_aton(const char *cp, struct in_addr *addr); + void tsWaitStubSkelReady(void); + THD_FUNCTION(TsStubsService, tsstate); + extern THD_WORKING_AREA(waTsStubsService, 1024); +#ifdef __cplusplus +} +#endif + +/*===========================================================================*/ +/* Module inline functions. */ +/*===========================================================================*/ + +#endif /* TSSOCKSTUB_H */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/readme.txt b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/readme.txt new file mode 100755 index 000000000..cc6e568f6 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/readme.txt @@ -0,0 +1,13 @@ +***************************************************************************** +** ChibiOS/RT port for ARM-A5. ** +***************************************************************************** + +** TARGET ** + +The demo targets a generic ARM Cortex-A5 device without HAL support. + +** The Demo ** + +** Build Procedure ** + +** Notes ** diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tsconf.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tsconf.h new file mode 100644 index 000000000..19da5590c --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tsconf.h @@ -0,0 +1,62 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio. + + This file is part of ChibiOS. + + ChibiOS is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + ChibiOS is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/** + * @file tsconf.h + * @brief Configuration parameters for trusted services. + * + */ + +#ifndef TSCONF_H +#define TSCONF_H + +/*===========================================================================*/ +/* Module constants. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module pre-compile time settings. */ +/*===========================================================================*/ +#define NSEC_MEMORY_START_ADDR ((uint8_t *)0x20000000) +#define NSEC_MEMORY_EXE_OFFSET ((uint32_t) 0x00000000) +#define NSEC_MEMORY_END_ADDR ((uint8_t *)0x27000000) +#define SEC_MEMORY_START_ADDR ((uint8_t *)0x27000000) +#define SEC_MEMORY_SIZE ((size_t)0x1000000) + +/*===========================================================================*/ +/* Derived constants and error checks. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module data structures and types. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module macros. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* External declarations. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module inline functions. */ +/*===========================================================================*/ + +#endif /* TSCONF_H */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.c b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.c new file mode 100644 index 000000000..5ea40d004 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.c @@ -0,0 +1,103 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/** + * @file tservices.c + * @brief Trusted services application file. + * + * @addtogroup TSSI + * @{ + */ + +#include "ch.h" +#include "hal.h" +#include "tservices.h" +#include "proxies/tssockstub.h" +#include "chprintf.h" + +/*===========================================================================*/ +/* Module local definitions. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module exported variables. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module local types. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module local variables. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module local functions. */ +/*===========================================================================*/ + +static THD_WORKING_AREA(waTsSimpleService, 1024); +static THD_FUNCTION(TsSimpleService, tsstate) { + + BaseSequentialStream *ssp = (BaseSequentialStream*)&SD1; + ts_state_t *svcp = tsstate; + + /* Start the 'wait request / process / response' cycle.*/ + for (;/* ever */;) { + int i; + + /* Wait a service request.*/ + msg_t r = tssiWaitRequest(tsstate); + + /* Check if status is ko. It could not happen.*/ + if (r != SMC_SVC_OK) { + chprintf(ssp, "Unexpected wait request error.\r\n"); + continue; + } + + /* Process the request.*/ + //chprintf(ssp, "r = %d, TsSimpleService received a new request.\r\n", r); + if (svcp->ts_datalen > 0) { + *(TS_GET_DATA(svcp) + TS_GET_DATALEN(svcp) - 1) = '\0'; + //chprintf(ssp, "My non secure 'alter ego' has a request.\r\n"); + //chprintf(ssp, "She tells: '"); + //chprintf(ssp, TS_GET_DATA(svcp)); + //chprintf(ssp, "'\r\n"); + } + for (i = 0; i < 100000; ++i) + ; + + /* Set the response.*/ + TS_SET_STATUS(svcp, i); + } + + /* It never goes here.*/ +} + +/*===========================================================================*/ +/* Module exported functions. */ +/*===========================================================================*/ + +/** + * @brief TSSI services table definition + * @note This table is filled by the user. + */ +TS_STATE_TABLE +TS_CONF_TABLE_BEGIN + TS_CONF_TABLE_ENTRY("TsSimpleService", waTsSimpleService, TS_BASE_PRIO, TsSimpleService, TS_STATE(0)) + TS_CONF_TABLE_ENTRY("TsStubsService", waTsStubsService, TS_BASE_PRIO+1, TsStubsService, TS_STATE(1)) +TS_CONF_TABLE_END + +/** @} */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.h new file mode 100644 index 000000000..ad0001680 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/tservices.h @@ -0,0 +1,61 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio. + + This file is part of ChibiOS. + + ChibiOS is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + ChibiOS is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/** + * @file tservices.h + * @brief tssi services module macros and structures. + * + * @addtogroup TSSI + * @{ + */ + +#ifndef TSERVICES_H +#define TSERVICES_H + +#include "chtssi.h" + +/*===========================================================================*/ +/* Module constants. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module pre-compile time settings. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Derived constants and error checks. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module data structures and types. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module macros. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* External declarations. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Module inline functions. */ +/*===========================================================================*/ + +#endif /* TSERVICES_H */ diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.c b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.c new file mode 100644 index 000000000..ede022421 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.c @@ -0,0 +1,264 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +/* + * **** This file incorporates work covered by the following copyright and **** + * **** permission notice: **** + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * + */ + +#include "ch.h" +#include "hal.h" +#include +#include "proxies/tssockstub.h" +#include "wolfssl_chibios.h" +#include + +#if defined WOLFSSL_USE_NETCONN + +static int wolfssl_is_initialized = 0; +static int ssl_rb_len = 0; +static int ssl_rb_off = 0; + +#define MAX_SSL_BUF 1460 +static uint8_t ssl_recv_buffer[MAX_SSL_BUF]; + +sslconn *sslconn_accept(sslconn *sk) { + sslconn *new; + struct netconn *newconn = NULL; + err_t err; + err = netconn_accept(sk->conn, &newconn); + if (err != ERR_OK) { + return NULL; + } + new = chHeapAlloc(NULL, sizeof(sslconn)); + if (!new) + return NULL; + new->conn = newconn; + new->ctx = sk->ctx; + new->ssl = wolfSSL_new(new->ctx); + wolfSSL_SetIOReadCtx(new->ssl, new); + wolfSSL_SetIOWriteCtx(new->ssl, new); + + if (wolfSSL_accept(new->ssl) == SSL_SUCCESS) { + wolfSSL_set_using_nonblock(new->ssl, 1); + newconn->pcb.tcp->mss = 1480; + return new; + } else { + wolfSSL_free(new->ssl); + chHeapFree(new); + return NULL; + } +} + +sslconn *sslconn_new(enum netconn_type t, WOLFSSL_METHOD* method) { + sslconn *sk; + if (!wolfssl_is_initialized) { + wolfSSL_Init(); + wolfssl_is_initialized++; + } + + sk = chHeapAlloc(NULL, sizeof(sslconn)); + if (!sk) + return NULL; + memset(sk, 0, sizeof(sslconn)); + sk->ctx = wolfSSL_CTX_new(method); + if (!sk->ctx) + goto error; + sk->conn = netconn_new(t); + if (!sk->conn) + goto error; + wolfSSL_SetIORecv(sk->ctx, wolfssl_recv_cb); + wolfSSL_SetIOSend(sk->ctx, wolfssl_send_cb); + return sk; + +error: + if (sk->ctx) + wolfSSL_CTX_free(sk->ctx); + chHeapFree(sk); + return NULL; +} + +void sslconn_close(sslconn *sk) { + netconn_delete(sk->conn); + wolfSSL_free(sk->ssl); + chHeapFree(sk); +} + +#endif /* WOLFSSL_USE_NETCONN */ + +/* IO Callbacks */ +int wolfssl_send_cb(WOLFSSL* ssl, char *buf, int sz, void *ctx) { + +#if defined WOLFSSL_USE_NETCONN + sslconn *sk = (sslconn *)ctx; + int err; + (void)ssl; + err = netconn_write(sk->conn, buf, sz, NETCONN_COPY); + if (err == ERR_OK) + return sz; + else + return -2; +#elif defined WOLFSSL_USE_SOCKET + (void)ssl; + /* By default, ctx will be a pointer to the file descriptor to write to. + * This can be changed by calling wolfSSL_SetIOWriteCtx(). */ + int sockfd = *(int*)ctx; + return send(sockfd, buf, sz, 0); +#endif +} + +int wolfssl_recv_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) { + +#if defined WOLFSSL_USE_NETCONN + sslconn *sk = (sslconn *)ctx; + struct netbuf *inbuf = NULL; + uint8_t *net_buf; + uint16_t buflen; + (void)ssl; + err_t err; + + if (ssl_rb_len > 0) { + if (sz > ssl_rb_len - ssl_rb_off) + sz = ssl_rb_len - ssl_rb_off; + memcpy(buf, ssl_recv_buffer + ssl_rb_off, sz); + ssl_rb_off += sz; + if (ssl_rb_off >= ssl_rb_len) { + ssl_rb_len = 0; + ssl_rb_off = 0; + } + return sz; + } + + + err = netconn_recv(sk->conn, &inbuf); + if (err == ERR_OK) { + netbuf_data(inbuf, (void **)&net_buf, &buflen); + ssl_rb_len = buflen; + if (ssl_rb_len > MAX_SSL_BUF) + ssl_rb_len = MAX_SSL_BUF; + memcpy(ssl_recv_buffer, net_buf, ssl_rb_len); + ssl_rb_off = 0; + if (sz > ssl_rb_len) + sz = ssl_rb_len; + memcpy(buf, ssl_recv_buffer, sz); + ssl_rb_off += sz; + if (ssl_rb_off >= ssl_rb_len) { + ssl_rb_len = 0; + ssl_rb_off = 0; + } + netbuf_delete(inbuf); + return sz; + } + else + return 0; + //return WOLFSSL_CBIO_ERR_WANT_READ; +#elif defined WOLFSSL_USE_SOCKET + (void)ssl; + int sockfd = *(int*)ctx; + return recv(sockfd, buf, sz, 0); +#endif +} + +#ifndef ST2S +#define ST2S(n) (((n) + CH_CFG_ST_FREQUENCY - 1UL) / CH_CFG_ST_FREQUENCY) +#endif + +#ifndef ST2MS +#define ST2MS(n) (((n) * 1000UL + CH_CFG_ST_FREQUENCY - 1UL) / CH_CFG_ST_FREQUENCY) +#endif + +word32 LowResTimer(void) { + systime_t t = chVTGetSystemTimeX(); + return ST2S(t); +} + +word32 epochTime(void) { + RTCDateTime date; + struct tm now_tm; + rtcGetTime(&RTCD0, &date); + rtcConvertDateTimeToStructTm(&date, &now_tm, NULL); + return (word32) mktime(&now_tm); +} + +uint32_t TimeNowInMilliseconds(void) { + systime_t t = chVTGetSystemTimeX(); + return ST2MS(t); +} + +void *chHeapRealloc (void *addr, uint32_t size) { + union heap_header *hp; + uint32_t prev_size, new_size; + + void *ptr; + + if(addr == NULL) { + return chHeapAlloc(NULL, size); + } + + /* previous allocated segment is preceded by an heap_header */ + hp = addr - sizeof(union heap_header); + prev_size = hp->used.size; /* size is always multiple of 8 */ + + /* check new size memory alignment */ + if(size % 8 == 0) { + new_size = size; + } + else { + new_size = ((int) (size / 8)) * 8 + 8; + } + + if(prev_size >= new_size) { + return addr; + } + + ptr = chHeapAlloc(NULL, size); + if(ptr == NULL) { + return NULL; + } + + memcpy(ptr, addr, prev_size); + + chHeapFree(addr); + + return ptr; +} + +void *chibios_alloc(void *heap, int size) { + return chHeapAlloc(heap, size); +} + +void chibios_free(void *ptr) { + if (ptr) + chHeapFree(ptr); +} diff --git a/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.h b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.h new file mode 100644 index 000000000..a91879929 --- /dev/null +++ b/demos/ATSAMA5D2/RT-SAMA5D2-XPLAINED-HTTPS-SEC/wolfssl_chibios.h @@ -0,0 +1,78 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +/* + * **** This file incorporates work covered by the following copyright and **** + * **** permission notice: **** + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * + */ +#ifndef WOLFSSL_SK_H +#define WOLFSSL_SK_H +#include "wolfssl/ssl.h" +#include "wolfssl/wolfcrypt/types.h" +#include "user_settings.h" + +#if (defined WOLFSSL_USE_NETCONN) && (defined WOLFSSL_USE_SOCKET) +#error "Select only one lwip API to use" +#endif + +#if (!defined WOLFSSL_USE_NETCONN) && (!defined WOLFSSL_USE_SOCKET) +#error "Select at least one lwip API to use" +#endif + +#define XMALLOC(s,h,t) chibios_alloc(h,s) +#define XFREE(p,h,t) chibios_free(p) + +/* If netconn is used */ +#if defined WOLFSSL_USE_NETCONN +struct sslconn { + WOLFSSL_CTX *ctx; + WOLFSSL *ssl; + struct netconn *conn; +}; + +typedef struct sslconn sslconn; + +sslconn *sslconn_accept(struct sslconn *sk); +sslconn *sslconn_new(enum netconn_type t, WOLFSSL_METHOD *method); +void sslconn_close(sslconn *sk); +#endif + +int wolfssl_send_cb(WOLFSSL* ssl, char *buf, int sz, void *ctx); +int wolfssl_recv_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx); + +void *chibios_alloc(void *heap, int size); +void chibios_free(void *ptr); +word32 LowResTimer(void); +word32 epochTime(void); +#endif -- cgit v1.2.3