Anthony Hu 9ea40f3a9c Purge IDEA cipher 2 年之前
..
common 0e6ba492e5 update signed ca 2 年之前
test 0e6ba492e5 update signed ca 2 年之前
wolfssl 9ea40f3a9c Purge IDEA cipher 2 年之前
README.md 1d107d0403 update RA6M3 projects to the latest e2studio and FSP v3.5.0 2 年之前
include.am fb4e39f00a addressed review comments prt1 3 年之前

README.md

wolfSSL for Renesas RA Evaluation Kit (EK-RA6M4)

Description

This directory contains e2studio projects targeted at the Renesas RA 32-bit MCUs. The example projects include a wolfSSL TLS client. They also include benchmark and cryptography tests for the wolfCrypt library.

The wolfssl project contains both the wolfSSL and wolfCrypt libraries. It is built as a Renesas RA C Library Project and contains the Renesas RA configuration. The wolfssl project uses Secure Cryptography Engine on RA6 Protected Mode as hardware acceleration for cypto and TLS operation.

The other projects (benchmark, client, and test) are built as a Renesas RA C Project Using RA Library, where the RA library is the wolfssl project. The wolfssl Project Summary is listed below and is relevant for every project.

Project Summary

Item Name/Version
Board EK-RA6M4
Device R7FA6M4AF3CFB
Toolchain GCC ARM Embedded
FSP Version 3.5.0

Selected software components

Components Version
Board Support Package Common Files v3.5.0
Secure Cryptography Engine on RA6 Protected Mode v3.5.0
I/O Port v3.5.0
Arm CMSIS Version 5 - Core (M) v5.8.0+fsp.3.5.0
RA6M4-EK Board Support Files v3.5.0
Board support package for R7FA6M4AF3CFB v3.5.0
Board support package for RA6M4 v3.5.0
Board support package for RA6M4 - FSP Data v3.5.0
FreeRTOS v10.4.3-LTS.Patch.2+fsp.3.5.0
FreeRTOS - Memory Management - Heap 4 v10.4.3-LTS.Patch.2+fsp.3.5.0
r_ether to FreeRTOS+TCP Wrapper v3.5.0
Ethernet v3.5.0
Ethernet PHY v3.5.0
FreeRTOS+TCP v2.3.2-LTS.Patch.1+fsp.3.5.0
FreeRTOS - Buffer Allocation 2 v2.3.2-LTS.Patch.1+fsp.3.5.0

Setup Steps and Build wolfSSL Library

1.) Import projects from [File]->[Open projects from File System]

  • Select folder at /path/to/wolfssl/IDE/Renesas/e2studio/RA6M4
  • Deselect the Non-Eclipse project, RA6M4, by clicking the checkbox\ Only the folders with 'Eclipse project' under 'Import as' need to be selected.

2.) Create a dummy_library Static Library.

  • Click File->New->RA C/C++ Project.
  • Select EK-RA6M4 from Drop-down list.
  • Check Static Library.
  • Select FreeRTOS from RTOS selection. Click Next.
  • Check FreeRTOS minimal - Static Allocation. Click Finish.
  • Open Smart Configurator by clicking configuration.xml in the project
  • Go to BSP tab and increase Heap Size under RA Common on Properties page, e.g. 0x1000
  • Go to Stacks tab
  • Add SCE Protected Mode stack from New Stack -> Security
  • Add New thead and set properties
Property Value
Thread Symbol sce_tst_thread
Thread Name sce_tst_thread
Thread Stack size increase depending on your environment
e.g. 0xA000
Thread MemoryAllocation Dyamic
Common General Use Mutexes Enabled
Common General Enable Backward Compatibility Enabled
Common Memory Allocation Support Dynamic Allocation Enabled
Common Memory Allocation Total Heap Size increase depending on your environment
e.g. 0x20000
  • Add Heap 4 stack to sce_tst_thread from New Stack -> RTOS -> FreeRTOS Heap 4
  • Add FreeRTOS + TCP stack to sce_tst_thread from New Stack -> Networking -> FreeRTOS+TCP and set properties
Property Value
Network Events call vApplicationIPNetworkEventHook Disable
Use DHCP Disable
  • Save dummy_library FSP configuration
  • Copy configuration.xml and pincfg under dummy_library to wolfSSL_RA6M4
  • Open Smart Configurator by clicking copied configuration.xml
  • Click Generate Project Content on Smart Configurator

3.) Build the wolfSSL project

4.) Create a 'dummy_application' Renesas RA C Project Using RA Library.

  • Click File->New->RA C/C++ Project.
  • Select EK-RA6M4 from Drop-down list.
  • Check Executable Using an RA Static Library.
  • Select FreeRTOS from RTOS selection. Click Finish.
  • Enter dummy_application as the project name. Click Next.
  • Under RA library project, select wolfSSL_RA6M4.
  • Click Finish.
  • Copy the followng folder and file at dummy_application to test_RA6M4\ script/\ src/sce_tst_thread_entry.c

  • Add sce_test() call under /* TODO: add your own code here */ line at sce_tst_thread_entry.c

    ...
    /* TODO: add your own code here */
    sce_test();
    ...
    

5.) Prepare SEGGER_RTT to logging

  • Download J-Link software from Segger
  • Choose J-Link Software and Documentation Pack
  • Copy sample program files below from Installed SEGGER folder, e.g C:\Program Files\SEGGER\JLink\Samples\RTT, to /path/to/wolfssl/IDE/Reenesas/e2studio/RA6M4/test/src/SEGGER_RTT

    SEGGER_RTT.c\ SEGGER_RTT.h\ SEGGER_RTT_Conf.h\ SEGGER_RTT_printf.c

  • To connect RTT block, you can configure RTT viewer configuration based on where RTT block is in map file\ e.g.\ [test_RA6M4.map]

    COMMON         0x200232a8       0xa8 ./src/SEGGER_RTT/SEGGER_RTT.o\
    ````
    you can specify "RTT control block" to 0x200232a8 by Address\
    OR\
    you can specify "RTT control block" to 0x20020000 0x10000 by Search Range
      
    ## Run Client
    1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 projet
    
    2.) Client IP address and Server IP address
    
    + Client IP address can be changed by the following line in wolf_client.c.
    

static const byte ucIPAddress[4] = { 192, 168, 11, 241 };

+ Client IP address can be changed by the following line in wolf_client.c.

#define SERVER_IP "192.168.11.40"


3.) Build test_RA6M4 project

4.) Prepare peer wolfssl server

+ On Linux

$ autogen.sh $ ./configure --enable-extended-master=no CFLAGS="-DWOLFSSL_STATIC_RSA -DHAVE_AES_CBC"

Run peer wolfSSL server

RSA sign and verify use, launch server with the following option

$./example/server/server -b -d -i


You will see the following message on J-LinK RTT Viewer

cipher : AES128-SHA256 Received: I hear you fa shizzle!

cipher : AES256-SHA256 Received: I hear you fa shizzle!

cipher : ECDHE-RSA-AES128-SHA256 Received: I hear you fa shizzle!

cipher : ECDHE-RSA-AES128-GCM-SHA256 Received: I hear you fa shizzle!


ECDSA sign and verify use, launch server with the following option

$./examples/server/server -b -d -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem


You will see the following message on J-LinK RTT Viewer

cipher : ECDHE-ECDSA-AES128-SHA256 Received: I hear you fa shizzle!

cipher : ECDHE-ECDSA-AES128-GCM-SHA256 Received: I hear you fa shizzle!


5.) Run the example Client

 **Note**\
   To run "RSA verify" client, enable "#define USE_CERT_BUFFERS_2048" in wolfssl_demo.h\
   To run "ECDSA verify" client, enable "#define USE_CERT_BUFFERS_256" in wolfssl_demo.h

## Run Crypt test and Benchmark

1.) Enable CRYPT_TEST and/or BENCHMARK definition in wolfssl_demo.h

2.) Enable SCEKEY_INSTALLED definition in user_settings.h if you have installed key for AES

In the example code for benchmark, it assumes that AES key is installed at DIRECT_KEY_ADDRESS which is 0x08000000U as follows:

#if defined(SCEKEY_INSTALLED)

/* aes 256 */
memcpy(guser_PKCbInfo.sce_wrapped_key_aes256.value,
       (uint32_t *)DIRECT_KEY_ADDRESS, HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
guser_PKCbInfo.sce_wrapped_key_aes256.type = SCE_KEY_INDEX_TYPE_AES256;
guser_PKCbInfo.aes256_installedkey_set = 1;
/* aes 128 */
guser_PKCbInfo.aes128_installedkey_set = 0;

#endif ```

To install key, please refer Installing and Updating Secure Keys.

You can update code above to handle AES128 key when you install its key.

3.) Run Benchmark and Crypto Test

Support

For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.