2
0

stm32l4-v4_0_1_build.sh 7.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197
  1. #!/usr/bin/env bash
  2. WOLF_ROOT=$(eval "pwd")
  3. echo "WOLF_ROOT set to: \"$WOLF_ROOT\""
  4. cd ../ || exit 5
  5. APP_ROOT=$(eval "pwd")
  6. echo "APP_ROOT set to: \"$APP_ROOT\""
  7. cd ../../ || exit 5
  8. FIRMWARE_ROOT=$(eval "pwd")
  9. echo "FIRMWARE_ROOT set to: \"$FIRMWARE_ROOT\""
  10. cd "$WOLF_ROOT" || exit 5
  11. WOLFCRYPT_SRC_LIST=(wolfcrypt_first hmac random sha256 rsa ecc aes des3 sha
  12. sha512 sha3 dh cmac fips fips_test wolfcrypt_last asn coding
  13. dsa error hash logging md5 memory signature tfm wc_encrypt
  14. wc_port wolfmath
  15. )
  16. assumptions(){
  17. printf '%s\n' "ASSUMPTIONS:"
  18. printf '%s\n' "It is assumed that the firmware directory layout is as follows:"
  19. printf '%s\n' "firmware-root/"
  20. printf '%s\n' "firmware-root/dir1/"
  21. printf '%s\n' "firmware-root/dir1/app-root/"
  22. printf '%s\n' "firmware-root/dir1/app-root/wolfssl-x.x.x-commercial-fips-stm32l4-v2/"
  23. printf '\n\n%s\n' "It is also assumed this script will be run from the directory:"
  24. printf '%s\n' "firmware-root/dir1/app-root/wolfssl-x.x.x-commercial-fips-stm32l4-v2/"
  25. printf '%s\n' "with the command:"
  26. printf '%s\n' "./scripts/stm32l4-v4_0_2_build.sh"
  27. }
  28. flatten_wolfcrypt_sources(){
  29. if [ -d "$WOLF_ROOT" ]; then
  30. for TARGET_FILE in "${WOLFCRYPT_SRC_LIST[@]}"
  31. do
  32. if [ -f "$APP_ROOT/$TARGET_FILE".c ]; then
  33. printf '%s\n' "Removing: APP_ROOT/$TARGET_FILE.c"
  34. rm "$APP_ROOT/$TARGET_FILE".c
  35. fi
  36. printf '%s\n' "WOLF_ROOT/wolfcrypt/src/$TARGET_FILE.c --> APP_ROOT/$TARGET_FILE.c"
  37. cp "$WOLF_ROOT/wolfcrypt/src/$TARGET_FILE".c "$APP_ROOT/"
  38. done
  39. # uncomment to copy over the test app for testing purposes
  40. #cp "$WOLF_ROOT/wolfcrypt/test/test.c" ./
  41. else
  42. printf '%s\n' "Please update the MY_WOLF_RELEASE_VARIABLE to the name"
  43. printf '%s\n' "of the release you received most recently. Currently"
  44. printf '%s\n' "it is set to \"$MY_WOLF_RELEASE_NAME\""
  45. fi
  46. }
  47. update_user_settings(){
  48. if [ -f user_settings.h ]; then
  49. printf '%s\n' "Removing old user_settings.h"
  50. rm user_settings.h
  51. fi
  52. printf '%s\n' "Generating new user_settings.h..."
  53. touch user_settings.h
  54. printf '%s\n' "#ifndef STM32L4_V_4_0_1_USER_SETTINGS_H" > user_settings.h
  55. {
  56. printf '%s\n' "#define STM32L4_V_4_0_1_USER_SETTINGS_H";
  57. printf '%s\n' "";
  58. printf '%s\n' "/* FIPS SETTINGS - BEGIN */";
  59. printf '%s\n' "#define HAVE_FIPS";
  60. printf '%s\n' "#define HAVE_FIPS_VERSION 2";
  61. printf '%s\n' "#define NO_THREAD_LS";
  62. printf '%s\n' "#define NO_STRICT_ECDSA_LEN";
  63. printf '%s\n' "#define HAVE_ECC";
  64. printf '%s\n' "#define HAVE_HKDF";
  65. printf '%s\n' "#define HAVE_AESCCM";
  66. printf '%s\n' "#define HAVE_AES_ECB";
  67. printf '%s\n' "#define HAVE_ECC_CDH";
  68. printf '%s\n' "#define HAVE_FFDHE_Q";
  69. printf '%s\n' "#define HAVE_FFDHE_2048"; # NEW
  70. printf '%s\n' "#define HAVE_HASHDRBG";
  71. printf '%s\n' "#define WOLFSSL_SHA3";
  72. printf '%s\n' "#define WOLFSSL_CMAC";
  73. printf '%s\n' "#define WOLFSSL_SHA224";
  74. printf '%s\n' "#define WOLFSSL_SHA384";
  75. printf '%s\n' "#define WOLFSSL_SHA512";
  76. printf '%s\n' "#define WOLFSSL_KEY_GEN";
  77. printf '%s\n' "#define WOLFSSL_PUBLIC_MP";
  78. printf '%s\n' "#define WOLFSSL_AES_DIRECT";
  79. printf '%s\n' "#define WOLFSSL_AES_COUNTER";
  80. printf '%s\n' "#define WOLFSSL_BASE64_ENCODE";
  81. printf '%s\n' "#define WOLFSSL_VALIDATE_FFC_IMPORT";
  82. printf '%s\n' "#define WOLFSSL_VALIDATE_ECC_IMPORT";
  83. printf '%s\n' "#define WC_RSA_PSS";
  84. printf '%s\n' "#define WC_RSA_NO_PADDING";
  85. # NEW printf '%s\n' "#define WC_RSA_BLINDING";
  86. printf '%s\n' "#define FP_MAX_BITS 8192";
  87. printf '%s\n' "";
  88. printf '%s\n' "/* For operational testing use only in validation effort */";
  89. # printf '%s\n' "/* #define HAVE_FORCE_FIPS_FAILURE */";
  90. printf '%s\n' "#define HAVE_FORCE_FIPS_FAILURE";
  91. printf '%s\n' "/* FIPS SETTINGS - END */";
  92. printf '%s\n' "";
  93. printf '%s\n' "/* Debugging */";
  94. printf '%s\n' "/* #define WOLFSSL_DEBUG_MEMORY */";
  95. printf '%s\n' "/* #define WOLFSSL_TRACK_MEMORY */";
  96. printf '%s\n' "/* #define WOLFSSL_DEBUG_MEMORY_PRINT */";
  97. printf '%s\n' "/* Debugging */";
  98. printf '%s\n' "";
  99. printf '%s\n' "/* Environment settings */";
  100. printf '%s\n' "#define NO_FILESYSTEM";
  101. printf '%s\n' "#define USE_FAST_MATH";
  102. printf '%s\n' "#define NO_MAIN_DRIVER";
  103. printf '%s\n' "#define WOLFCRYPT_ONLY";
  104. printf '%s\n' "#define WC_RSA_BLINDING";
  105. printf '%s\n' "#define SINGLE_THREADED";
  106. printf '%s\n' "#define TFM_TIMING_RESISTANT";
  107. printf '%s\n' "#define ECC_TIMING_RESISTANT";
  108. printf '%s\n' "#define USE_CERT_BUFFERS_256";
  109. printf '%s\n' "#define USE_CERT_BUFFERS_2048";
  110. printf '%s\n' "#define WOLFSSL_STM32L4";
  111. printf '%s\n' "#define WOLFSSL_STM32_CUBEMX";
  112. printf '%s\n' "#define WOLFSSL_CUBEMX_USE_LL";
  113. printf '%s\n' "#define STM32_RNG";
  114. printf '%s\n' "#define NO_STM32_CRYPTO";
  115. printf '%s\n' "#define NO_STM32_HASH";
  116. printf '%s\n' "#define NO_OLD_RNGNAME";
  117. printf '%s\n' "/* Environment settings */";
  118. printf '%s\n' "";
  119. printf '%s\n' "/* Tuning options */";
  120. printf '%s\n' "#define ALT_ECC_SIZE";
  121. printf '%s\n' "#define NO_RC4";
  122. printf '%s\n' "#define NO_MD4";
  123. printf '%s\n' "#define NO_PSK";
  124. printf '%s\n' "#define GCM_SMALL";
  125. printf '%s\n' "#define TFM_ECC256";
  126. printf '%s\n' "#define ECC_SHAMIR";
  127. printf '%s\n' "#define HAVE_AESGCM";
  128. printf '%s\n' "#define NO_PWDBASED";
  129. printf '%s\n' "/* Tuning options */";
  130. printf '%s\n' "";
  131. printf '%s\n' "/* Non-FIPS related settings */";
  132. printf '%s\n' "#define HAVE_TLS_EXTENSIONS";
  133. printf '%s\n' "#define HAVE_EXTENDED_MASTER";
  134. printf '%s\n' "#define HAVE_SUPPORTED_CURVES";
  135. printf '%s\n' "/* Non-FIPS related settings */";
  136. printf '%s\n' "";
  137. printf '%s\n' "/* Agent harness settings */";
  138. printf '%s\n' "#define USE_NORMAL_PRINTF";
  139. printf '%s\n' "#define STM32L4R9I_DISCO";
  140. printf '%s\n' "#define USE_NORMAL_SCAN";
  141. printf '%s\n' "#define HAVE_FIPS";
  142. printf '%s\n' "#define HAVE_FIPS_VERSION 2";
  143. printf '%s\n' "#define VERIFY_GENERATED_PSS_SIGS";
  144. printf '%s\n' "/* Agent harness settings */";
  145. printf '%s\n' "";
  146. printf '%s\n' "#endif /* STM32L4_V_4_0_1_USER_SETTINGS_H */";
  147. printf '%s\n' "";
  148. } >> user_settings.h
  149. printf '%s\n' "new user_settings.h has been created"
  150. }
  151. assumptions
  152. if [ -f wolfssl/ssl.h ]; then
  153. if [ -f "$FIRMWARE_ROOT"/project.mk ]; then
  154. printf '%s\n' "Found ../../../project.mk, wolfSSL properly placed in"
  155. printf '%s\n' "application root directory"
  156. else
  157. printf '%s\n' "Failed to locate ../../../project.mk, wolfSSL in wrong"
  158. printf '%s\n' "location or assumptions need updated."
  159. fi
  160. else
  161. printf '%s\n' "Run this script from the wolfSSL root directory"
  162. exit 1
  163. fi
  164. flatten_wolfcrypt_sources
  165. # optional test application, remove if not testing
  166. if [ -f "$APP_ROOT/test.c" ]; then
  167. printf '%s\n' "Removing: $APP_ROOT/test.c"
  168. rm "$APP_ROOT/test.c"
  169. fi
  170. printf '%s\n' "WOLF_ROOT/wolfcrypt/test/test.c --> APP_ROOT/test.c"
  171. cp "$WOLF_ROOT/wolfcrypt/test/test.c" "$APP_ROOT/"
  172. # optional test application section end
  173. # used during fips validation only, these will not be in final distribution
  174. #./scripts/flatten-agent-sources.sh
  175. #./scripts/flatten-op-test.sh
  176. # used during fips validation only, these will not be in final distribution
  177. update_user_settings
  178. cd "$FIRMWARE_ROOT"
  179. make clean
  180. make -j 1
  181. cd "$APP_ROOT"
  182. make install-target