diff --git a/Makefile b/Makefile index 7681c0f49a..9afe7ae4c2 100644 --- a/Makefile +++ b/Makefile @@ -202,6 +202,7 @@ endif # Environment variables for sign tool SIGN_ENV=IMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE) \ + WOLFBOOT_PARTITION_SIZE=$(WOLFBOOT_PARTITION_SIZE) \ WOLFBOOT_SECTOR_SIZE=$(WOLFBOOT_SECTOR_SIZE) \ ML_DSA_LEVEL=$(ML_DSA_LEVEL) \ IMAGE_SIGNATURE_SIZE=$(IMAGE_SIGNATURE_SIZE) \ diff --git a/config/examples/vorago_va416x0.config b/config/examples/vorago_va416x0.config index ee24caedfb..6452ddf596 100644 --- a/config/examples/vorago_va416x0.config +++ b/config/examples/vorago_va416x0.config @@ -33,7 +33,7 @@ DUALBANK_SWAP?=0 PKA?=0 ENCRYPT=0 WOLFTPM?=0 -OPTIMIZATION_LEVEL=1 +OPTIMIZATION_LEVEL=s # Optionally allow downgrade to older valid version in update partition ALLOW_DOWNGRADE?=0 @@ -45,11 +45,11 @@ NO_ARM_ASM?=0 # Optional: Use smaller SHA512 #CFLAGS_EXTRA+=-DUSE_SLOW_SHA512 -# 38KB boot, 108KB partitions, 2KB swap +# Optimized: 46KB wolfboot, 104KB partitions, 2KB swap WOLFBOOT_SECTOR_SIZE?=0x800 -WOLFBOOT_PARTITION_SIZE?=0x1B000 -WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x9800 -WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x24800 +WOLFBOOT_PARTITION_SIZE?=0x1A000 +WOLFBOOT_PARTITION_BOOT_ADDRESS?=0xB800 +WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x25800 WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x3F800 # ML-DSA 5: 36KB boot, 96KB partitions, 12KB swap @@ -81,3 +81,9 @@ WOLFBOOT_RESTORE_CLOCK?=1 # Optional debugging #CFLAGS_EXTRA+=-DDEBUG_EXT_FLASH #CFLAGS_EXTRA+=-DTEST_EXT_FLASH + +# Optional: Enable wolfCrypt test and benchmark in test-app +# Uncomment to enable +# Note: Requires ~80-160KB additional flash and ~10-20KB RAM +#WOLFCRYPT_TEST?=1 +#WOLFCRYPT_BENCHMARK?=1 diff --git a/include/user_settings.h b/include/user_settings.h index 51a6958725..7ed011e81a 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -101,8 +101,8 @@ extern int tolower(int c); defined(WOLFBOOT_SIGN_SECONDARY_ECC256) || \ defined(WOLFBOOT_SIGN_SECONDARY_ECC384) || \ defined(WOLFBOOT_SIGN_SECONDARY_ECC521) || \ - defined(WOLFCRYPT_SECURE_MODE) - + defined(WOLFCRYPT_SECURE_MODE) || \ + defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) # define HAVE_ECC # define ECC_TIMING_RESISTANT @@ -118,6 +118,7 @@ extern int tolower(int c); /* Some ECC options are disabled to reduce size */ # if !defined(WOLFCRYPT_SECURE_MODE) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) && \ !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) # if !defined(WOLFBOOT_TPM) @@ -138,6 +139,7 @@ extern int tolower(int c); # endif # else # define HAVE_ECC_SIGN +# define HAVE_ECC_VERIFY #ifndef PKCS11_SMALL # define HAVE_ECC_CDH #endif @@ -147,6 +149,7 @@ extern int tolower(int c); # define WOLFSSL_HAVE_SP_ECC # define WOLFSSL_KEY_GEN # define HAVE_ECC_KEY_EXPORT +# define HAVE_ECC_KEY_IMPORT # endif /* SP MATH */ @@ -160,15 +163,18 @@ extern int tolower(int c); /* Curve */ # if defined(WOLFBOOT_SIGN_ECC256) || defined(WOLFCRYPT_SECURE_MODE) || \ - defined(WOLFBOOT_SIGN_SECONDARY_ECC256) + defined(WOLFBOOT_SIGN_SECONDARY_ECC256) || \ + defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) # define HAVE_ECC256 # endif # if defined(WOLFBOOT_SIGN_ECC384) || \ defined(WOLFBOOT_SIGN_SECONDARY_ECC384) || \ - defined(WOLFCRYPT_SECURE_MODE) + defined(WOLFCRYPT_SECURE_MODE) || \ + defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) # define HAVE_ECC384 # define WOLFSSL_SP_384 # endif + /* ECC521 only enabled if specifically requested (not for tests - too large) */ # if defined(WOLFBOOT_SIGN_ECC521) || \ defined(WOLFBOOT_SIGN_SECONDARY_ECC521) || \ defined(WOLFCRYPT_SECURE_MODE) @@ -219,6 +225,7 @@ extern int tolower(int c); # define RSA_LOW_MEM # define WC_ASN_HASH_SHA256 # if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) && \ !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) # define WOLFSSL_RSA_VERIFY_INLINE @@ -305,7 +312,8 @@ extern int tolower(int c); #ifdef WOLFBOOT_HASH_SHA3_384 # define WOLFSSL_SHA3 # if defined(NO_RSA) && !defined(WOLFBOOT_TPM) && \ - !defined(WOLFCRYPT_SECURE_MODE) + !defined(WOLFCRYPT_SECURE_MODE) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) # define NO_SHA256 # endif #endif @@ -313,7 +321,8 @@ extern int tolower(int c); #ifdef WOLFBOOT_HASH_SHA384 # define WOLFSSL_SHA384 # if defined(NO_RSA) && !defined(WOLFBOOT_TPM) && \ - !defined(WOLFCRYPT_SECURE_MODE) + !defined(WOLFCRYPT_SECURE_MODE) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) # define NO_SHA256 # endif #ifndef WOLFSSL_SHA512 @@ -410,7 +419,8 @@ extern int tolower(int c); #if (defined(WOLFBOOT_TPM_SEAL) && defined(WOLFBOOT_ATA_DISK_LOCK)) || \ defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ - defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) + defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) || \ + defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) # define WOLFSSL_BASE64_ENCODE #else # define NO_CODING @@ -464,7 +474,8 @@ extern int tolower(int c); #endif #endif -#if !defined(WOLFCRYPT_SECURE_MODE) && !defined(WOLFBOOT_TPM_PARMENC) +#if !defined(WOLFCRYPT_SECURE_MODE) && !defined(WOLFBOOT_TPM_PARMENC) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) #if !(defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ defined(WOLFBOOT_SIGN_ML_DSA)) && \ !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) @@ -473,8 +484,16 @@ extern int tolower(int c); #define WC_NO_HASHDRBG #define NO_AES_CBC #else - #define HAVE_HASHDRBG - #define WOLFSSL_AES_CFB + #if defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) + /* Use custom RNG for tests (saves ~7KB vs HASHDRBG) */ + #define WC_NO_HASHDRBG + #define CUSTOM_RAND_GENERATE_SEED my_rng_seed_gen + #define CUSTOM_RAND_GENERATE_BLOCK my_rng_seed_gen + extern int my_rng_seed_gen(unsigned char* output, unsigned int sz); + #else + #define HAVE_HASHDRBG + #define WOLFSSL_AES_CFB + #endif #endif @@ -485,11 +504,15 @@ extern int tolower(int c); #if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) # define NO_HMAC -#if !(defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ - defined(WOLFBOOT_SIGN_ML_DSA)) && \ - !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) -#define WC_NO_RNG #endif + +#if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) && \ + !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) +# if !(defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ + defined(WOLFBOOT_SIGN_ML_DSA)) && \ + !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) +# define WC_NO_RNG +# endif # define WC_NO_HASHDRBG # define NO_DEV_RANDOM # if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ @@ -534,9 +557,49 @@ extern int tolower(int c); #define NO_CHECK_PRIVATE_KEY #define NO_KDF -#define BENCH_EMBEDDED -#define NO_CRYPT_TEST -#define NO_CRYPT_BENCHMARK +/* wolfCrypt Test/Benchmark Configuration */ +#ifdef WOLFCRYPT_TEST + /* Skip extended tests to save memory */ + #define NO_CRYPT_TEST_EXTENDED + /* Use smaller certificate buffers */ + #define USE_CERT_BUFFERS_256 + /* Override default NO_CRYPT_TEST */ + #undef NO_CRYPT_TEST +#else + #define NO_CRYPT_TEST +#endif + +#ifdef WOLFCRYPT_BENCHMARK + /* Embedded benchmark mode */ + #ifndef BENCH_EMBEDDED + #define BENCH_EMBEDDED + #endif + /* Override default NO_CRYPT_BENCHMARK */ + #undef NO_CRYPT_BENCHMARK +#else + #define NO_CRYPT_BENCHMARK +#endif + +/* Common optimizations when test/benchmark enabled */ +#if defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) + #define NO_WRITE_TEMP_FILES + + /* Enable malloc for test/benchmark (they need dynamic allocation) */ + #undef NO_WOLFSSL_MEMORY + #undef WOLFSSL_NO_MALLOC + + /* Enable SP math digit operations */ + #define WOLFSSL_SP_MUL_D + + /* User time functions provided */ + #define WOLFSSL_USER_CURRTIME + #define XTIME my_time + extern unsigned long my_time(unsigned long* timer); +#endif + +#if !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK) + #define BENCH_EMBEDDED +#endif #if defined(WOLFCRYPT_TZ_PSA) #undef NO_CMAC diff --git a/src/update_flash.c b/src/update_flash.c index 0524f4b4de..ec529c30d6 100644 --- a/src/update_flash.c +++ b/src/update_flash.c @@ -639,11 +639,13 @@ static int wolfBoot_delta_update(struct wolfBoot_image *boot, # endif #endif -/* Reserve space for two sectors in case of NVM_FLASH_WRITEONCE, for redundancy */ +/* Max firmware size: partition must hold header + fw + trailer sector(s) */ #ifndef NVM_FLASH_WRITEONCE - #define MAX_UPDATE_SIZE (size_t)((WOLFBOOT_PARTITION_SIZE - WOLFBOOT_SECTOR_SIZE)) + #define MAX_UPDATE_SIZE (size_t)((WOLFBOOT_PARTITION_SIZE - \ + IMAGE_HEADER_SIZE - WOLFBOOT_SECTOR_SIZE)) #else - #define MAX_UPDATE_SIZE (size_t)((WOLFBOOT_PARTITION_SIZE - (2 *WOLFBOOT_SECTOR_SIZE))) + #define MAX_UPDATE_SIZE (size_t)((WOLFBOOT_PARTITION_SIZE - \ + IMAGE_HEADER_SIZE - (2 * WOLFBOOT_SECTOR_SIZE))) #endif static int wolfBoot_get_total_size(struct wolfBoot_image* boot, diff --git a/test-app/ARM-va416x0.ld b/test-app/ARM-va416x0.ld index 1b3a2eeb31..bad9369603 100644 --- a/test-app/ARM-va416x0.ld +++ b/test-app/ARM-va416x0.ld @@ -1,5 +1,5 @@ -_Min_Heap_Size = 0x00002000; /* required amount of heap */ -_Min_Stack_Size = 0x00002000; /* required amount of stack */ +_Min_Heap_Size = 0x00003000; /* required amount of heap */ +_Min_Stack_Size = 0x00003000; /* required amount of stack */ /* Memory areas */ MEMORY diff --git a/test-app/Makefile b/test-app/Makefile index e978a8fefb..6eb62012d1 100644 --- a/test-app/Makefile +++ b/test-app/Makefile @@ -95,6 +95,68 @@ ifeq ($(DEBUG_UART),1) APP_OBJS+=../src/string.o endif +# wolfCrypt Test and Benchmark Support +WOLFCRYPT_SUPPORT=0 + +ifeq ($(WOLFCRYPT_TEST),1) + CFLAGS+=-DWOLFCRYPT_TEST + WOLFCRYPT_SUPPORT=1 + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/test/test.o +endif + +ifeq ($(WOLFCRYPT_BENCHMARK),1) + CFLAGS+=-DWOLFCRYPT_BENCHMARK + WOLFCRYPT_SUPPORT=1 + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/benchmark/benchmark.o +endif + +ifeq ($(WOLFCRYPT_SUPPORT),1) + # Add support infrastructure + APP_OBJS+=wolfcrypt_support.o + APP_OBJS+=syscalls.o + + # Add wolfCrypt core implementation files + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/hash.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/wc_port.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/logging.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/misc.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/wolfmath.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/memory.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/asn.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/coding.o + + # Add SHA implementations (needed for test/benchmark) + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sha256.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sha512.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/hmac.o + + # Add RNG support (needed for ECC signing and tests) + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/random.o + + # Add ECC support (needed by test suite) + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/ecc.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sp_int.o + + # Add SP math implementations for ARM Cortex-M + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sp_cortexm.o + APP_OBJS+=$(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sp_c32.o + + ifneq ($(NO_ARM_ASM),1) + APP_OBJS+= \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/thumb2-aes-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/thumb2-sha3-asm_c.o \ + $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/port/arm/thumb2-chacha-asm_c.o + + CFLAGS+=-DWOLFSSL_ARMASM -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARMASM_INLINE \ + -DWOLFSSL_ARMASM_NO_NEON -DWOLFSSL_ARMASM_THUMB2 + endif + + CFLAGS+=-DWOLFSSL_USER_SETTINGS + CFLAGS+=-I"$(WOLFBOOT_LIB_WOLFSSL)" +endif + ifeq ($(TZEN),1) CFLAGS+=-DNONSECURE_APP CFLAGS+=-I./ @@ -331,6 +393,9 @@ ifeq ($(TARGET),va416x0) APP_OBJS+=$(SDK_OBJS) LSCRIPT_TEMPLATE=ARM-va416x0.ld APP_OBJS+=../src/keystore.o + # Reduce size: newlib-nano (small printf/snprintf, no float) and section GC + LDFLAGS+=--specs=nano.specs --specs=nosys.specs + CFLAGS+=-ffunction-sections -fdata-sections endif ifeq ($(TARGET),sim) diff --git a/test-app/app_va416x0.c b/test-app/app_va416x0.c index 99c31fd11d..6abce32255 100644 --- a/test-app/app_va416x0.c +++ b/test-app/app_va416x0.c @@ -35,6 +35,19 @@ #include "../hal/va416x0.h" +/* wolfCrypt test/benchmark support */ +#ifdef WOLFCRYPT_TEST +#include +#include +int wolfcrypt_test(void *args); +#endif + +#ifdef WOLFCRYPT_BENCHMARK +#include +#include +int benchmark_test(void *args); +#endif + /* Vorago HAL includes */ #include "va416xx_hal.h" #include "va416xx_hal_clkgen.h" @@ -151,6 +164,21 @@ void main(void) print_info(); +#ifdef WOLFCRYPT_TEST + wolfBoot_printf("\r\nRunning wolfCrypt tests...\r\n"); + wolfCrypt_Init(); + wolfcrypt_test(NULL); + wolfCrypt_Cleanup(); + wolfBoot_printf("Tests complete.\r\n\r\n"); +#endif + +#ifdef WOLFCRYPT_BENCHMARK + wolfBoot_printf("Running wolfCrypt benchmarks...\r\n"); + wolfCrypt_Init(); + benchmark_test(NULL); + wolfCrypt_Cleanup(); + wolfBoot_printf("Benchmarks complete.\r\n\r\n"); +#endif if (app_version > 1) { /* Turn on update LED */ diff --git a/test-app/syscalls.c b/test-app/syscalls.c new file mode 100644 index 0000000000..6490d77bf0 --- /dev/null +++ b/test-app/syscalls.c @@ -0,0 +1,115 @@ +/* syscalls.c + * + * Newlib syscall stubs for embedded systems without filesystem + * + * Copyright (C) 2025 wolfSSL Inc. + * + * This file is part of wolfBoot. + * + * wolfBoot is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfBoot is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include + +#undef errno +extern int errno; + +/* Heap management */ +extern char _end; /* Defined by linker */ +extern char _Min_Heap_Size; /* Defined by linker (if available) */ + +char *__env[1] = { 0 }; +char **environ = __env; + +int _close(int file) +{ + return -1; +} + +int _fstat(int file, struct stat *st) +{ + st->st_mode = S_IFCHR; + return 0; +} + +int _isatty(int file) +{ + return 1; +} + +int _lseek(int file, int ptr, int dir) +{ + return 0; +} + +int _read(int file, char *ptr, int len) +{ + return 0; +} + +void *_sbrk(int incr) +{ + static char *heap_end = 0; + char *prev_heap_end; + char *heap_limit; + + if (heap_end == 0) { + heap_end = &_end; + } + prev_heap_end = heap_end; + + /* Calculate heap limit */ + heap_limit = &_end + _Min_Heap_Size; + + if (heap_end + incr > heap_limit) { + errno = ENOMEM; + return (void *)-1; + } + + heap_end += incr; + return prev_heap_end; +} + +/* Forward declaration of UART write function */ +extern void uart_write(const char *buf, unsigned int sz); + +int _write(int file, char *ptr, int len) +{ + int i; + + /* Write to UART for stdout/stderr */ + if (file == 1 || file == 2) { + uart_write(ptr, len); + } + + return len; +} + +void _exit(int status) +{ + while(1); +} + +int _kill(int pid, int sig) +{ + errno = EINVAL; + return -1; +} + +int _getpid(void) +{ + return 1; +} diff --git a/test-app/wolfcrypt_support.c b/test-app/wolfcrypt_support.c new file mode 100644 index 0000000000..75f54a1365 --- /dev/null +++ b/test-app/wolfcrypt_support.c @@ -0,0 +1,121 @@ +/* wolfcrypt_support.c + * + * Support infrastructure for wolfCrypt test and benchmark + * + * Copyright (C) 2025 wolfSSL Inc. + * + * This file is part of wolfBoot. + * + * wolfBoot is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfBoot is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include +#include + +#if defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK) + +/* ========== TIME FUNCTIONS ========== */ + +/* + * Time implementation strategy: + * 1. If WOLFCRYPT_SECURE_MODE - use secure world API + * 2. If target has SysTick/timer - use hardware timer + * 3. Fallback - simple counter (not accurate for benchmarks) + */ + +#if defined(WOLFCRYPT_SECURE_MODE) + /* Use secure mode API for time */ + #include "wolfboot/wc_secure.h" +#else + /* Simple tick counter fallback */ + static volatile unsigned int tick_counter = 0; +#endif + +/* my_time() - Used by wolfCrypt ASN.c for certificate time checking + * Returns: Current time in seconds since epoch (or counter value) + */ +unsigned long my_time(unsigned long* timer) +{ +#if defined(WOLFCRYPT_SECURE_MODE) + /* Get time from secure world */ + unsigned long t = wolfBoot_nsc_get_time(); + if (timer) *timer = t; + return t; +#else + /* Simple incrementing counter */ + /* WARNING: This is not real time! Only suitable for basic testing. */ + /* For production use, implement actual RTC or define NO_ASN_TIME */ + tick_counter++; + if (timer) *timer = tick_counter; + return tick_counter; +#endif +} + +#ifdef WOLFCRYPT_BENCHMARK +/* current_time() - Used by wolfCrypt benchmark tool for timing measurements + * Parameter: reset - if non-zero, reset the timer + * Returns: Current time in seconds (floating point) + */ +double current_time(int reset) +{ + (void)reset; + +#if defined(WOLFCRYPT_SECURE_MODE) + return wolfBoot_nsc_current_time(reset); +#else + /* Simple counter-based timing */ + /* WARNING: This will not give accurate benchmark results! */ + /* For accurate benchmarks, implement hardware timer access */ + double timeNow = (double)tick_counter; + return timeNow; +#endif +} +#endif /* WOLFCRYPT_BENCHMARK */ + +/* ========== RNG SEED FUNCTIONS ========== */ + +#ifdef WOLFCRYPT_TEST +/* + * RNG seed generation strategy: + * 1. If WOLFCRYPT_SECURE_MODE - use secure TRNG + * 2. If target has TRNG - use hardware random + * 3. Fallback - pseudo-random based on time (NOT cryptographically secure) + */ + +/* Simple incrementing RNG for testing (not cryptographically secure) */ +static uint32_t test_rng_counter = 0x12345678; + +/* my_rng_seed_gen() - Generate random seed/data for test suite + * This is NOT cryptographically secure - only for testing! + * Returns: 0 on success + */ +int my_rng_seed_gen(unsigned char* output, unsigned int sz) +{ + unsigned int i; + for (i = 0; i < sz; i++) { + if ((i % 4) == 0) { + test_rng_counter++; + } + output[i] = (unsigned char)(test_rng_counter >> ((i % 4) * 8)); + } + return 0; +} + +/* Alias for block generation - same implementation */ +#define my_rng_gen_block my_rng_seed_gen +#endif /* WOLFCRYPT_TEST */ + +#endif /* WOLFCRYPT_TEST || WOLFCRYPT_BENCHMARK */ diff --git a/tools/keytools/sign.c b/tools/keytools/sign.c index 07ee8507a9..fc11cd4569 100644 --- a/tools/keytools/sign.c +++ b/tools/keytools/sign.c @@ -1739,6 +1739,30 @@ static int make_header_ex(int is_diff, uint8_t *pubkey, uint32_t pubkey_sz, header[header_idx++] = 0xFF; } + /* Check if signed image fits in partition */ + { + const char *env_psize = getenv("WOLFBOOT_PARTITION_SIZE"); + const char *env_ssize = getenv("WOLFBOOT_SECTOR_SIZE"); + if (env_psize) { + uint32_t partition_sz = (uint32_t)strtol(env_psize, NULL, 0); + uint32_t sector_sz = env_ssize ? + (uint32_t)strtol(env_ssize, NULL, 0) : 0; + uint32_t total_img_sz = CMD.header_sz + image_sz; + /* Only subtract sector for trailer when sector < partition. + * When sector >= partition (e.g. update_ram targets), the + * entire partition is available for the image. */ + uint32_t max_img_sz = (sector_sz < partition_sz) ? + (partition_sz - sector_sz) : partition_sz; + if (total_img_sz > max_img_sz) { + printf("Error: Image size %u (header %u + firmware %u) " + "exceeds max %u (partition %u - sector %u)\n", + total_img_sz, CMD.header_sz, image_sz, + max_img_sz, partition_sz, sector_sz); + goto failure; + } + } + } + /* Create output image */ f = fopen(outfile, "w+b"); if (f == NULL) { diff --git a/tools/keytools/sign.py b/tools/keytools/sign.py index a68c1cb44a..c6308f7d3e 100755 --- a/tools/keytools/sign.py +++ b/tools/keytools/sign.py @@ -72,6 +72,8 @@ HDR_IMG_TYPE_APP = 0x0001 WOLFBOOT_HEADER_SIZE = 256 +WOLFBOOT_PARTITION_SIZE = 0 +WOLFBOOT_SECTOR_SIZE = 0 sign="auto" self_update=False @@ -386,6 +388,12 @@ def make_header(image_file, fw_version, extra_fields=[]): val=l.split('=')[1].rstrip('\n') WOLFBOOT_HEADER_SIZE = int(val,0) print("IMAGE_HEADER_SIZE (from .config): " + str(WOLFBOOT_HEADER_SIZE)) + if "WOLFBOOT_PARTITION_SIZE" in l and "ADDRESS" not in l: + val=l.split('=')[1].rstrip('\n') + WOLFBOOT_PARTITION_SIZE = int(val,0) + if "WOLFBOOT_SECTOR_SIZE" in l: + val=l.split('=')[1].rstrip('\n') + WOLFBOOT_SECTOR_SIZE = int(val,0) l = cfile.readline() cfile.close() @@ -704,6 +712,24 @@ def make_header(image_file, fw_version, extra_fields=[]): infile.close() outfile.close() +# Check if signed image fits in partition +if WOLFBOOT_PARTITION_SIZE > 0: + img_size = os.path.getsize(image_file) + total_img_sz = WOLFBOOT_HEADER_SIZE + img_size + # Only subtract sector for trailer when sector < partition. + # When sector >= partition (e.g. update_ram targets), the + # entire partition is available for the image. + if WOLFBOOT_SECTOR_SIZE < WOLFBOOT_PARTITION_SIZE: + max_img_sz = WOLFBOOT_PARTITION_SIZE - WOLFBOOT_SECTOR_SIZE + else: + max_img_sz = WOLFBOOT_PARTITION_SIZE + if total_img_sz > max_img_sz: + print("Error: Image size %d (header %d + firmware %d) " + "exceeds max %d (partition %d - sector %d)" % + (total_img_sz, WOLFBOOT_HEADER_SIZE, img_size, + max_img_sz, WOLFBOOT_PARTITION_SIZE, WOLFBOOT_SECTOR_SIZE)) + sys.exit(1) + if (encrypt): delta_align=64 else: diff --git a/tools/scripts/va416x0/build_test.sh b/tools/scripts/va416x0/build_test.sh index be33c7947f..a3e593c8d9 100755 --- a/tools/scripts/va416x0/build_test.sh +++ b/tools/scripts/va416x0/build_test.sh @@ -16,6 +16,20 @@ MODE=$1 # Set version: default to 1 for clean, default to 2 for update VERSION=$([ "$MODE" = "clean" ] && echo "${2:-1}" || echo "${2:-2}") +# Find JLinkExe (in PATH on Linux, /Applications/SEGGER on macOS) +if command -v JLinkExe &> /dev/null; then + JLINK="JLinkExe" +else + # Check for versioned JLink directory on macOS (e.g., JLink_V812g) + JLINK_PATH=$(find /Applications/SEGGER -name "JLinkExe" 2>/dev/null | head -n1) + if [ -n "$JLINK_PATH" ] && [ -x "$JLINK_PATH" ]; then + JLINK="$JLINK_PATH" + else + echo "Error: JLinkExe not found. Please install SEGGER J-Link software." + exit 1 + fi +fi + # Function to get value from .config file get_config_value() { grep "^${1}" .config | sed -E "s/^${1}[?]?=//" | head -n1 @@ -24,18 +38,23 @@ get_config_value() { # Extract values from .config BOOT_ADDRESS=$(get_config_value "WOLFBOOT_PARTITION_BOOT_ADDRESS") UPDATE_ADDRESS=$(get_config_value "WOLFBOOT_PARTITION_UPDATE_ADDRESS") +PARTITION_SIZE=$(get_config_value "WOLFBOOT_PARTITION_SIZE") +SECTOR_SIZE=$(get_config_value "WOLFBOOT_SECTOR_SIZE") IMAGE_HEADER_SIZE=$(get_config_value "IMAGE_HEADER_SIZE") SIGN=$(get_config_value "SIGN") HASH=$(get_config_value "HASH") -SIGN_ARG="--${SIGN,,}" -HASH_ARG="--${HASH,,}" +SIGN_ARG="--$(echo "${SIGN}" | tr '[:upper:]' '[:lower:]')" +HASH_ARG="--$(echo "${HASH}" | tr '[:upper:]' '[:lower:]')" # Common build steps make clean && make wolfboot.bin && make test-app/image.bin # Function to sign image sign_image() { - IMAGE_HEADER_SIZE=${IMAGE_HEADER_SIZE} ./tools/keytools/sign ${SIGN_ARG} ${HASH_ARG} test-app/image.bin wolfboot_signing_private_key.der "$1" + IMAGE_HEADER_SIZE=${IMAGE_HEADER_SIZE} \ + WOLFBOOT_PARTITION_SIZE=${PARTITION_SIZE} \ + WOLFBOOT_SECTOR_SIZE=${SECTOR_SIZE} \ + ./tools/keytools/sign ${SIGN_ARG} ${HASH_ARG} test-app/image.bin wolfboot_signing_private_key.der "$1" } # Function to print summary @@ -57,10 +76,9 @@ if [ "$MODE" = "clean" ]; then ./tools/bin-assemble/bin-assemble factory.bin 0x0 wolfboot.bin \ ${BOOT_ADDRESS} test-app/image_v${VERSION}_signed.bin \ ${UPDATE_ADDRESS} blank_update.bin - JLinkExe -CommanderScript tools/scripts/va416x0/flash_va416xx.jlink + ${JLINK} -CommanderScript tools/scripts/va416x0/flash_va416xx.jlink print_summary else - PARTITION_SIZE=$(get_config_value "WOLFBOOT_PARTITION_SIZE") TRIGGER_ADDRESS=$(printf "0x%X" $((${UPDATE_ADDRESS} + ${PARTITION_SIZE} - 5))) PREV_VERSION=$((${VERSION} - 1)) sign_image ${PREV_VERSION} && sign_image ${VERSION} @@ -69,6 +87,6 @@ else ${BOOT_ADDRESS} test-app/image_v${PREV_VERSION}_signed.bin \ ${UPDATE_ADDRESS} test-app/image_v${VERSION}_signed.bin \ ${TRIGGER_ADDRESS} trigger_magic.bin - JLinkExe -CommanderScript tools/scripts/va416x0/flash_va416xx_update.jlink + ${JLINK} -CommanderScript tools/scripts/va416x0/flash_va416xx_update.jlink print_summary "${TRIGGER_ADDRESS}" "${PREV_VERSION}" fi diff --git a/tools/test.mk b/tools/test.mk index 75ec2fddde..e1ede6f35d 100644 --- a/tools/test.mk +++ b/tools/test.mk @@ -1048,5 +1048,5 @@ test-size-all: LIMIT=8560 NO_ARM_ASM=1 make keysclean make clean - make test-size SIGN=ML_DSA ML_DSA_LEVEL=2 LIMIT=19354 \ + make test-size SIGN=ML_DSA ML_DSA_LEVEL=2 LIMIT=19362 \ IMAGE_SIGNATURE_SIZE=2420 IMAGE_HEADER_SIZE?=8192