diff options
Diffstat (limited to 'os/various')
| -rw-r--r-- | os/various/wolfssl_bindings/hwrng.c | 80 | ||||
| -rw-r--r-- | os/various/wolfssl_bindings/user_settings.h | 85 | ||||
| -rw-r--r-- | os/various/wolfssl_bindings/wolfssl.mk | 98 | ||||
| -rw-r--r-- | os/various/wolfssl_bindings/wolfssl_chibios.c | 252 | ||||
| -rw-r--r-- | os/various/wolfssl_bindings/wolfssl_chibios.h | 67 |
5 files changed, 582 insertions, 0 deletions
diff --git a/os/various/wolfssl_bindings/hwrng.c b/os/various/wolfssl_bindings/hwrng.c new file mode 100644 index 000000000..f437b49ef --- /dev/null +++ b/os/various/wolfssl_bindings/hwrng.c @@ -0,0 +1,80 @@ +/* + ChibiOS - Copyright (C) 2006..2016 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +/* + * **** This file incorporates work covered by the following copyright and **** + * **** permission notice: **** + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * + */ +#include <ch.h> +#include <stdint.h> +#include "wolfssl_chibios.h" +#include "user_settings.h" + +unsigned int chibios_rand_generate(void) +{ + static unsigned int last_value=0; + static unsigned int new_value=0; + unsigned int error_bits = 0; + error_bits = RNG_SR_SEIS | RNG_SR_CEIS; + while (new_value==last_value) { + /* Check for error flags and if data is ready. */ + if ( ((RNG->SR & error_bits) == 0) && ( (RNG->SR & RNG_SR_DRDY) == 1 ) ) + new_value=RNG->DR; + } + last_value=new_value; + return new_value; +} + +int custom_rand_generate_block(unsigned char* output, unsigned int sz) +{ + uint32_t i = 0; + + while (i < sz) + { + /* If not aligned or there is odd/remainder */ + if( (i + sizeof(CUSTOM_RAND_TYPE)) > sz || + ((uint32_t)&output[i] % sizeof(CUSTOM_RAND_TYPE)) != 0 + ) { + /* Single byte at a time */ + output[i++] = (unsigned char)chibios_rand_generate(); + } + else { + /* Use native 8, 16, 32 or 64 copy instruction */ + *((CUSTOM_RAND_TYPE*)&output[i]) = chibios_rand_generate(); + i += sizeof(CUSTOM_RAND_TYPE); + } + } + return 0; +} + diff --git a/os/various/wolfssl_bindings/user_settings.h b/os/various/wolfssl_bindings/user_settings.h new file mode 100644 index 000000000..4b491225e --- /dev/null +++ b/os/various/wolfssl_bindings/user_settings.h @@ -0,0 +1,85 @@ +#include <stdint.h> + +/* Configuration */ + +#define WOLFSSL_GENERAL_ALIGNMENT 4 +#define HAVE_TM_TYPE + + +/* ChibiOS + Lwip */ +#define HAVE_LWIP_NATIVE +#define WOLFSSL_CHIBIOS + +#define USER_TICKS +#define WOLFSSL_USER_CURRTIME +#define XMALLOC_OVERRIDE +#define USE_WOLF_TIME_T +#define XTIME(tl) (LowResTimer()) + + +/* ARM */ + +#define RSA_LOW_MEM +#define NO_OLD_RNGNAME +#define SMALL_SESSION_CACHE +#define WOLFSSL_SMALL_STACK + +#define TFM_ARM +#define SINGLE_THREADED +#define NO_SIG_WRAPPER + +/* Cipher features */ +//#define USE_FAST_MATH +//#define ALT_ECC_SIZE + +#define HAVE_FFDHE_2048 +#define HAVE_CHACHA +#define HAVE_POLY1305 +#define HAVE_ECC +#define HAVE_CURVE25519 +#define CURVED25519_SMALL +#define HAVE_ONE_TIME_AUTH +#define WOLFSSL_DH_CONST + +/* HW RNG support */ + +unsigned int chibios_rand_generate(void); +int custom_rand_generate_block(unsigned char* output, unsigned int sz); + +#define CUSTOM_RAND_GENERATE chibios_rand_generate +#define CUSTOM_RAND_TYPE uint32_t + +#define HAVE_ED25519 +#define HAVE_POLY1305 +#define HAVE_SHA512 +#define WOLFSSL_SHA512 + + +/* Size/speed config */ +//#define USE_SLOW_SHA2 + +/* Robustness */ +#define TFM_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT +#define WC_RSA_BLINDING + +/* Remove Features */ +#define NO_WRITEV +#define NO_DEV_RANDOM +#define NO_FILESYSTEM +#define NO_MAIN_DRIVER +#define NO_MD4 +#define NO_RABBIT +#define NO_HC128 +#define NO_DSA +#define NO_PWDBASED +#define NO_PSK +#define NO_64BIT +#define NO_DES3 +#define NO_RC4 + + +/* Realloc (to use without USE_FAST_MATH) */ + +void *chHeapRealloc (void *addr, uint32_t size); +#define XREALLOC(p,n,h,t) chHeapRealloc( (p) , (n) ) diff --git a/os/various/wolfssl_bindings/wolfssl.mk b/os/various/wolfssl_bindings/wolfssl.mk new file mode 100644 index 000000000..00ef082ff --- /dev/null +++ b/os/various/wolfssl_bindings/wolfssl.mk @@ -0,0 +1,98 @@ +# List of the required lwIP files. +WOLFSSL = $(CHIBIOS)/ext/wolfssl + +WOLFBINDSRC = \ + $(CHIBIOS)/os/various/wolfssl_bindings/wolfssl_chibios.c \ + $(CHIBIOS)/os/various/wolfssl_bindings/hwrng.c + +WOLFCRYPTSRC = \ + $(WOLFSSL)/wolfcrypt/src/sha.c \ + $(WOLFSSL)/wolfcrypt/src/ge_low_mem.c \ + $(WOLFSSL)/wolfcrypt/src/compress.c \ + $(WOLFSSL)/wolfcrypt/src/chacha20_poly1305.c \ + $(WOLFSSL)/wolfcrypt/src/des3.c \ + $(WOLFSSL)/wolfcrypt/src/fe_low_mem.c \ + $(WOLFSSL)/wolfcrypt/src/hmac.c \ + $(WOLFSSL)/wolfcrypt/src/asm.c \ + $(WOLFSSL)/wolfcrypt/src/camellia.c \ + $(WOLFSSL)/wolfcrypt/src/ecc.c \ + $(WOLFSSL)/wolfcrypt/src/ecc_fp.c \ + $(WOLFSSL)/wolfcrypt/src/ripemd.c \ + $(WOLFSSL)/wolfcrypt/src/rsa.c \ + $(WOLFSSL)/wolfcrypt/src/wc_port.c \ + $(WOLFSSL)/wolfcrypt/src/arc4.c \ + $(WOLFSSL)/wolfcrypt/src/srp.c \ + $(WOLFSSL)/wolfcrypt/src/random.c \ + $(WOLFSSL)/wolfcrypt/src/idea.c \ + $(WOLFSSL)/wolfcrypt/src/blake2b.c \ + $(WOLFSSL)/wolfcrypt/src/error.c \ + $(WOLFSSL)/wolfcrypt/src/dh.c \ + $(WOLFSSL)/wolfcrypt/src/asn.c \ + $(WOLFSSL)/wolfcrypt/src/cmac.c \ + $(WOLFSSL)/wolfcrypt/src/signature.c \ + $(WOLFSSL)/wolfcrypt/src/pwdbased.c \ + $(WOLFSSL)/wolfcrypt/src/chacha.c \ + $(WOLFSSL)/wolfcrypt/src/md5.c \ + $(WOLFSSL)/wolfcrypt/src/aes.c \ + $(WOLFSSL)/wolfcrypt/src/wolfmath.c \ + $(WOLFSSL)/wolfcrypt/src/memory.c \ + $(WOLFSSL)/wolfcrypt/src/logging.c \ + $(WOLFSSL)/wolfcrypt/src/tfm.c \ + $(WOLFSSL)/wolfcrypt/src/coding.c \ + $(WOLFSSL)/wolfcrypt/src/rabbit.c \ + $(WOLFSSL)/wolfcrypt/src/pkcs12.c \ + $(WOLFSSL)/wolfcrypt/src/md2.c \ + $(WOLFSSL)/wolfcrypt/src/ge_operations.c \ + $(WOLFSSL)/wolfcrypt/src/sha512.c \ + $(WOLFSSL)/wolfcrypt/src/sha3.c \ + $(WOLFSSL)/wolfcrypt/src/port/nrf51.c \ + $(WOLFSSL)/wolfcrypt/src/port/pic32/pic32mz-crypt.c \ + $(WOLFSSL)/wolfcrypt/src/port/atmel/atmel.c \ + $(WOLFSSL)/wolfcrypt/src/port/nxp/ksdk_port.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-des3.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-ccm.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-hash.c \ + $(WOLFSSL)/wolfcrypt/src/port/ti/ti-aes.c \ + $(WOLFSSL)/wolfcrypt/src/port/arm/armv8-aes.c \ + $(WOLFSSL)/wolfcrypt/src/port/arm/armv8-sha256.c \ + $(WOLFSSL)/wolfcrypt/src/port/xilinx/xil-aesgcm.c \ + $(WOLFSSL)/wolfcrypt/src/port/xilinx/xil-sha3.c \ + $(WOLFSSL)/wolfcrypt/src/hash.c \ + $(WOLFSSL)/wolfcrypt/src/curve25519.c \ + $(WOLFSSL)/wolfcrypt/src/integer.c \ + $(WOLFSSL)/wolfcrypt/src/wolfevent.c \ + $(WOLFSSL)/wolfcrypt/src/dsa.c \ + $(WOLFSSL)/wolfcrypt/src/pkcs7.c \ + $(WOLFSSL)/wolfcrypt/src/wc_encrypt.c \ + $(WOLFSSL)/wolfcrypt/src/cpuid.c \ + $(WOLFSSL)/wolfcrypt/src/sha256.c \ + $(WOLFSSL)/wolfcrypt/src/md4.c \ + $(WOLFSSL)/wolfcrypt/src/fe_operations.c \ + $(WOLFSSL)/wolfcrypt/src/ed25519.c \ + $(WOLFSSL)/wolfcrypt/src/poly1305.c \ + $(WOLFSSL)/wolfcrypt/src/hc128.c \ + +WOLFSSLSRC = \ + $(WOLFSSL)/src/internal.c \ + $(WOLFSSL)/src/tls.c \ + $(WOLFSSL)/src/keys.c \ + $(WOLFSSL)/src/crl.c \ + $(WOLFSSL)/src/ssl.c \ + $(WOLFSSL)/src/wolfio.c \ + $(WOLFSSL)/src/sniffer.c \ + $(WOLFSSL)/src/ocsp.c \ + $(WOLFSSL)/src/tls13.c + + +WOLFSRC = $(WOLFBINDSRC) $(WOLFCRYPTSRC) $(WOLFSSLSRC) + +WOLFINC = \ + $(CHIBIOS)/os/various/wolfssl_bindings \ + $(WOLFSSL)/wolfcrypt/include \ + $(WOLFSSL)/wolfssl/include \ + $(WOLFSSL) + +# Shared variables +ALLCSRC += $(WOLFSRC) +ALLINC += $(WOLFINC) + diff --git a/os/various/wolfssl_bindings/wolfssl_chibios.c b/os/various/wolfssl_bindings/wolfssl_chibios.c new file mode 100644 index 000000000..2c0594517 --- /dev/null +++ b/os/various/wolfssl_bindings/wolfssl_chibios.c @@ -0,0 +1,252 @@ +/* + ChibiOS - Copyright (C) 2006..2016 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +/* + * **** This file incorporates work covered by the following copyright and **** + * **** permission notice: **** + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * + */ + +#include "ch.h" +#include "wolfssl_chibios.h" +#include "lwip/opt.h" +#include "lwip/arch.h" +#include "lwip/api.h" +#include "lwip/mem.h" +#include "lwip/sockets.h" +#include "lwip/tcp.h" +#include <string.h> +static int wolfssl_is_initialized = 0; + +sslconn *sslconn_accept(sslconn *sk) +{ + sslconn *new; + struct netconn *newconn = NULL; + err_t err; + err = netconn_accept(sk->conn, &newconn); + if (err != ERR_OK) { + return NULL; + } + new = chHeapAlloc(NULL, sizeof(sslconn)); + if (!new) + return NULL; + new->conn = newconn; + new->ctx = sk->ctx; + new->ssl = wolfSSL_new(new->ctx); + wolfSSL_SetIOReadCtx(new->ssl, new); + wolfSSL_SetIOWriteCtx(new->ssl, new); + + if (wolfSSL_accept(new->ssl) == SSL_SUCCESS) { + wolfSSL_set_using_nonblock(new->ssl, 1); + newconn->pcb.tcp->mss = 1480; + return new; + } else { + wolfSSL_free(new->ssl); + chHeapFree(new); + return NULL; + } +} + +sslconn *sslconn_new(enum netconn_type t, WOLFSSL_METHOD* method) +{ + sslconn *sk; + if (!wolfssl_is_initialized) { + wolfSSL_Init(); + wolfssl_is_initialized++; + } + + sk = chHeapAlloc(NULL, sizeof(sslconn)); + if (!sk) + return NULL; + memset(sk, 0, sizeof(sslconn)); + sk->ctx = wolfSSL_CTX_new(method); + if (!sk->ctx) + goto error; + sk->conn = netconn_new(t); + if (!sk->conn) + goto error; + wolfSSL_SetIORecv(sk->ctx, wolfssl_recv_cb); + wolfSSL_SetIOSend(sk->ctx, wolfssl_send_cb); + return sk; + +error: + if (sk->ctx) + wolfSSL_CTX_free(sk->ctx); + chHeapFree(sk); + return NULL; +} + +void sslconn_close(sslconn *sk) +{ + netconn_delete(sk->conn); + wolfSSL_free(sk->ssl); + chHeapFree(sk); +} + + +/* IO Callbacks */ +int wolfssl_send_cb(WOLFSSL* ssl, char *buf, int sz, void *ctx) +{ + sslconn *sk = (sslconn *)ctx; + int err; + (void)ssl; + err = netconn_write(sk->conn, buf, sz, NETCONN_COPY); + if (err == ERR_OK) + return sz; + else + return -2; +} + + +#define MAX_SSL_BUF 1460 +static uint8_t ssl_recv_buffer[MAX_SSL_BUF]; +static int ssl_rb_len = 0; +static int ssl_rb_off = 0; + +int wolfssl_recv_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) +{ + sslconn *sk = (sslconn *)ctx; + struct netbuf *inbuf = NULL; + uint8_t *net_buf; + uint16_t buflen; + (void)ssl; + err_t err; + + if (ssl_rb_len > 0) { + if (sz > ssl_rb_len - ssl_rb_off) + sz = ssl_rb_len - ssl_rb_off; + memcpy(buf, ssl_recv_buffer + ssl_rb_off, sz); + ssl_rb_off += sz; + if (ssl_rb_off >= ssl_rb_len) { + ssl_rb_len = 0; + ssl_rb_off = 0; + } + return sz; + } + + + err = netconn_recv(sk->conn, &inbuf); + if (err == ERR_OK) { + netbuf_data(inbuf, (void **)&net_buf, &buflen); + ssl_rb_len = buflen; + if (ssl_rb_len > MAX_SSL_BUF) + ssl_rb_len = MAX_SSL_BUF; + memcpy(ssl_recv_buffer, net_buf, ssl_rb_len); + ssl_rb_off = 0; + if (sz > ssl_rb_len) + sz = ssl_rb_len; + memcpy(buf, ssl_recv_buffer, sz); + ssl_rb_off += sz; + if (ssl_rb_off >= ssl_rb_len) { + ssl_rb_len = 0; + ssl_rb_off = 0; + } + netbuf_delete(inbuf); + return sz; + } + else + return 0; + //return WOLFSSL_CBIO_ERR_WANT_READ; +} + +#ifndef ST2S +# define ST2S(n) (((n) + CH_CFG_ST_FREQUENCY - 1UL) / CH_CFG_ST_FREQUENCY) +#endif + +#ifndef ST2MS +#define ST2MS(n) (((n) * 1000UL + CH_CFG_ST_FREQUENCY - 1UL) / CH_CFG_ST_FREQUENCY) +#endif + + +uint32_t LowResTimer(void) +{ + systime_t t = chVTGetSystemTimeX(); + return ST2S(t); +} + +uint32_t TimeNowInMilliseconds(void) +{ + systime_t t = chVTGetSystemTimeX(); + return ST2MS(t); +} + +void *chHeapRealloc (void *addr, uint32_t size) +{ + union heap_header *hp; + uint32_t prev_size, new_size; + + void *ptr; + + if(addr == NULL) { + return chHeapAlloc(NULL, size); + } + + /* previous allocated segment is preceded by an heap_header */ + hp = addr - sizeof(union heap_header); + prev_size = hp->used.size; /* size is always multiple of 8 */ + + /* check new size memory alignment */ + if(size % 8 == 0) { + new_size = size; + } + else { + new_size = ((int) (size / 8)) * 8 + 8; + } + + if(prev_size >= new_size) { + return addr; + } + + ptr = chHeapAlloc(NULL, size); + if(ptr == NULL) { + return NULL; + } + + memcpy(ptr, addr, prev_size); + + chHeapFree(addr); + + return ptr; +} + +void *chibios_alloc(void *heap, int size) +{ + return chHeapAlloc(heap, size); +} + +void chibios_free(void *ptr) +{ + if (ptr) + chHeapFree(ptr); +} + diff --git a/os/various/wolfssl_bindings/wolfssl_chibios.h b/os/various/wolfssl_bindings/wolfssl_chibios.h new file mode 100644 index 000000000..ae150af09 --- /dev/null +++ b/os/various/wolfssl_bindings/wolfssl_chibios.h @@ -0,0 +1,67 @@ +/* + ChibiOS - Copyright (C) 2006..2016 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +/* + * **** This file incorporates work covered by the following copyright and **** + * **** permission notice: **** + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + * + */ +#ifndef WOLFSSL_SK_H +#define WOLFSSL_SK_H +#include "wolfssl/ssl.h" +#include "lwip/opt.h" +#include "lwip/arch.h" +#include "lwip/api.h" +#include "user_settings.h" +#define XMALLOC(s,h,t) chibios_alloc(h,s) +#define XFREE(p,h,t) chibios_free(p) + +struct sslconn { + WOLFSSL_CTX *ctx; + WOLFSSL *ssl; + struct netconn *conn; +}; + +typedef struct sslconn sslconn; + +sslconn *sslconn_accept(struct sslconn *sk); +sslconn *sslconn_new(enum netconn_type t, WOLFSSL_METHOD *method); +void sslconn_close(sslconn *sk); + +int wolfssl_send_cb(WOLFSSL* ssl, char *buf, int sz, void *ctx); +int wolfssl_recv_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx); + +void *chibios_alloc(void *heap, int size); +void chibios_free(void *ptr); + +#endif |