diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml index ff5835473..546e05cec 100644 --- a/.github/workflows/test-build.yml +++ b/.github/workflows/test-build.yml @@ -23,29 +23,47 @@ jobs: - uses: actions/checkout@v3 with: submodules: true - - name: Workaround for sources.list run: sudo sed -i 's|http://azure.archive.ubuntu.com/ubuntu/|http://mirror.arizona.edu/ubuntu/|g' /etc/apt/sources.list - - name: Update repository run: sudo apt-get update - - name: Install cross compilers run: | sudo apt-get install -y gcc-arm-none-eabi gcc-aarch64-linux-gnu gcc-powerpc-linux-gnu gnu-efi - - name: make clean run: | make distclean - - name: Select config run: | cp ${{inputs.config-file}} .config - - name: Build tools run: | make -C tools/keytools && make -C tools/bin-assemble - - - name: Build wolfboot + - name: Build wolfboot (default) run: | make ${{inputs.make-args}} + - name: Build wolfboot ECC256 SHA2-256 + run: | + make keysclean && make SIGN=ECC256 HASH=SHA256 ${{inputs.make-args}} + - name: Build wolfboot ECC384 SHA2-384 + run: | + make keysclean && make SIGN=ECC384 HASH=SHA384 ${{inputs.make-args}} + - name: Build wolfboot ECC384 SHA2-256 + run: | + make keysclean && make SIGN=ECC384 HASH=SHA256 ${{inputs.make-args}} + - name: Build wolfboot RSA2048 SHA2-256 + run: | + make keysclean && make SIGN=RSA2048 HASH=SHA256 ${{inputs.make-args}} + - name: Build wolfboot RSA3072 SHA2-384 + run: | + make keysclean && make SIGN=RSA3072 HASH=SHA384 ${{inputs.make-args}} + - name: Build wolfboot RSA4096 SHA3 + # TPM does not support SHA3 + run: | + make keysclean && make SIGN=RSA4096 HASH=SHA3 WOLFTPM=0 ${{inputs.make-args}} + - name: Build wolfboot ED25519 SHA2-256 + run: | + make keysclean && make SIGN=ED25519 HASH=SHA256 ${{inputs.make-args}} + - name: Build wolfboot ED448 + run: | + make keysclean && make SIGN=ED448 ${{inputs.make-args}} diff --git a/.github/workflows/test-configs.yml b/.github/workflows/test-configs.yml index defaaecba..82b3e2430 100644 --- a/.github/workflows/test-configs.yml +++ b/.github/workflows/test-configs.yml @@ -101,6 +101,20 @@ jobs: arch: host config-file: ./config/examples/sim.config + sim_nosmallstack_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: WOLFBOOT_SMALL_STACK=0 WOLFBOOT_HUGE_STACK=1 + + sim_spmath_test: + uses: ./.github/workflows/test-build.yml + with: + arch: host + config-file: ./config/examples/sim.config + make-args: WOLFBOOT_SMALL_STACK=0 WOLFBOOT_HUGE_STACK=1 SPMATH=1 + stm32f4_small_blocks_uart_update_test: uses: ./.github/workflows/test-build.yml with: diff --git a/.github/workflows/test-keytools.yml b/.github/workflows/test-keytools.yml index e297c3de1..e323aa701 100644 --- a/.github/workflows/test-keytools.yml +++ b/.github/workflows/test-keytools.yml @@ -23,7 +23,7 @@ jobs: - name: Select config run: | - cp config/examples/sim-ecc.config .config && make include/target.h + cp config/examples/sim.config .config && make include/target.h - name: Build tools run: | @@ -31,7 +31,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=ECC256 HASH=SHA256 - name: Generate external key run: | @@ -73,7 +73,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=ED25519 HASH=SHA256 - name: Generate external key run: | @@ -107,7 +107,7 @@ jobs: - name: Select config run: | - cp config/examples/sim-rsa.config .config && make include/target.h + cp config/examples/sim.config .config && make include/target.h - name: Build tools run: | @@ -115,7 +115,7 @@ jobs: - name: Build wolfboot run: | - make ${{inputs.make-args}} + make SIGN=RSA2048 HASH=SHA256 - name: Generate external key run: | diff --git a/Makefile b/Makefile index a3a316055..0606e2202 100644 --- a/Makefile +++ b/Makefile @@ -117,8 +117,8 @@ stage1/loader_stage1.bin: FORCE @echo "\t[BIN] $@" $(Q)$(MAKE) -C $(dir $@) $(notdir $@) -test-lib: $(OBJS) - $(Q)$(CC) $(CFLAGS) -o $@ $^ +test-lib: include/target.h $(OBJS) + $(Q)$(CC) $(CFLAGS) -o $@ $(OBJS) wolfboot.efi: wolfboot.elf @echo "\t[BIN] $@" diff --git a/arch.mk b/arch.mk index d8c0eee98..0ba7ef7ed 100644 --- a/arch.mk +++ b/arch.mk @@ -735,9 +735,12 @@ ifeq ($(DUALBANK_SWAP),1) UPDATE_OBJS:=src/update_flash_hwswap.o endif +# Set default update object (if not library) +ifneq ($(TARGET),library) ifeq ($(UPDATE_OBJS),) UPDATE_OBJS:=./src/update_flash.o endif +endif ## wolfBoot origin ifeq ($(WOLFBOOT_ORIGIN),) diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config index f80702c45..8c7b33159 100644 --- a/config/examples/kontron_vx3060_s2.config +++ b/config/examples/kontron_vx3060_s2.config @@ -1,8 +1,8 @@ ARCH=x86_64 TARGET=kontron_vx3060_s2 -WOLFBOOT_SMALL_STACK=0 -SIGN=ECC384 -HASH=SHA384 +WOLFBOOT_SMALL_STACK?=0 +SIGN?=ECC384 +HASH?=SHA384 DEBUG=1 SPMATH=1 ENCRYPTION=0 diff --git a/config/examples/library.config b/config/examples/library.config index c5270014a..a52ca44a9 100644 --- a/config/examples/library.config +++ b/config/examples/library.config @@ -1,10 +1,8 @@ ARCH= NO_LOADER=1 USE_GCC_HEADLESS=0 -# ends up double including this to work around defaulting to update_flash -UPDATE_OBJS:=hal/library.o TARGET=library -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ED25519 HASH?=SHA256 IMAGE_HEADER_SIZE?=256 diff --git a/config/examples/sim-delta-update.config b/config/examples/sim-delta-update.config index 8992b91c5..5949a882e 100644 --- a/config/examples/sim-delta-update.config +++ b/config/examples/sim-delta-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 DEBUG=1 DELTA_UPDATES=1 diff --git a/config/examples/sim-ecc.config b/config/examples/sim-ecc.config deleted file mode 100644 index 1ad26942b..000000000 --- a/config/examples/sim-ecc.config +++ /dev/null @@ -1,18 +0,0 @@ -ARCH=sim -TARGET=sim -SIGN?=ECC256 -HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 -SPI_FLASH=0 -DEBUG=1 - -# sizes should be multiple of system page size -WOLFBOOT_PARTITION_SIZE=0x40000 -WOLFBOOT_SECTOR_SIZE=0x1000 -WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000 -# if on external flash, it should be multiple of system page size -WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x60000 -WOLFBOOT_PARTITION_SWAP_ADDRESS=0xA0000 - -# required for keytools -WOLFBOOT_FIXED_PARTITIONS=1 diff --git a/config/examples/sim-encrypt-delta-update.config b/config/examples/sim-encrypt-delta-update.config index 68a79dceb..210e83f04 100644 --- a/config/examples/sim-encrypt-delta-update.config +++ b/config/examples/sim-encrypt-delta-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 ENCRYPT=1 diff --git a/config/examples/sim-encrypt-nvm-writeonce-flags-home-invert-update.config b/config/examples/sim-encrypt-nvm-writeonce-flags-home-invert-update.config index 3a485749f..d1331b138 100644 --- a/config/examples/sim-encrypt-nvm-writeonce-flags-home-invert-update.config +++ b/config/examples/sim-encrypt-nvm-writeonce-flags-home-invert-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 ENCRYPT=1 diff --git a/config/examples/sim-encrypt-nvm-writeonce-flags-home-update.config b/config/examples/sim-encrypt-nvm-writeonce-flags-home-update.config index 97d2f4390..392514875 100644 --- a/config/examples/sim-encrypt-nvm-writeonce-flags-home-update.config +++ b/config/examples/sim-encrypt-nvm-writeonce-flags-home-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 ENCRYPT=1 diff --git a/config/examples/sim-encrypt-nvm-writeonce-update.config b/config/examples/sim-encrypt-nvm-writeonce-update.config index 5ea137b84..1bcdee038 100644 --- a/config/examples/sim-encrypt-nvm-writeonce-update.config +++ b/config/examples/sim-encrypt-nvm-writeonce-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 ENCRYPT=1 diff --git a/config/examples/sim-encrypt-update.config b/config/examples/sim-encrypt-update.config index 8b970f3d2..d2984f20f 100644 --- a/config/examples/sim-encrypt-update.config +++ b/config/examples/sim-encrypt-update.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 ENCRYPT=1 diff --git a/config/examples/sim-lms.config b/config/examples/sim-lms.config index 66c7e2097..e0666187f 100644 --- a/config/examples/sim-lms.config +++ b/config/examples/sim-lms.config @@ -30,7 +30,7 @@ HASH?=SHA256 LMS_LEVELS=2 LMS_HEIGHT=5 LMS_WINTERNITZ=8 -WOLFBOOT_SMALL_STACK=0 +WOLFBOOT_SMALL_STACK?=0 SPI_FLASH=0 DEBUG=0 DELTA_UPDATES=0 diff --git a/config/examples/sim-nvm-writeonce-flags-home-invert.config b/config/examples/sim-nvm-writeonce-flags-home-invert.config index 6b56e4851..62630f3f4 100644 --- a/config/examples/sim-nvm-writeonce-flags-home-invert.config +++ b/config/examples/sim-nvm-writeonce-flags-home-invert.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 EXT_FLASH=1 DEBUG=1 diff --git a/config/examples/sim-nvm-writeonce-flags-home.config b/config/examples/sim-nvm-writeonce-flags-home.config index 5aebb2d84..b98354bad 100644 --- a/config/examples/sim-nvm-writeonce-flags-home.config +++ b/config/examples/sim-nvm-writeonce-flags-home.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 DEBUG=1 # it should be multiple of system page size diff --git a/config/examples/sim-nvm-writeonce.config b/config/examples/sim-nvm-writeonce.config index ae891ff0a..e2d29c4f2 100644 --- a/config/examples/sim-nvm-writeonce.config +++ b/config/examples/sim-nvm-writeonce.config @@ -2,7 +2,7 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 DEBUG=1 NVM_FLASH_WRITEONCE=1 diff --git a/config/examples/sim-rsa.config b/config/examples/sim-rsa.config deleted file mode 100644 index 8ed3cfefa..000000000 --- a/config/examples/sim-rsa.config +++ /dev/null @@ -1,19 +0,0 @@ -ARCH=sim -TARGET=sim -SIGN?=RSA2048 -HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 -SPI_FLASH=0 -DEBUG=1 -SPMATHALL=1 - -# sizes should be multiple of system page size -WOLFBOOT_PARTITION_SIZE=0x40000 -WOLFBOOT_SECTOR_SIZE=0x1000 -WOLFBOOT_PARTITION_BOOT_ADDRESS=0x20000 -# if on external flash, it should be multiple of system page size -WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x60000 -WOLFBOOT_PARTITION_SWAP_ADDRESS=0xA0000 - -# required for keytools -WOLFBOOT_FIXED_PARTITIONS=1 diff --git a/config/examples/sim-tpm-keystore.config b/config/examples/sim-tpm-keystore.config index efd28516a..69630c35d 100644 --- a/config/examples/sim-tpm-keystore.config +++ b/config/examples/sim-tpm-keystore.config @@ -4,7 +4,7 @@ SIGN?=ECC256 HASH?=SHA256 SPI_FLASH=0 DEBUG=0 -WOLFTPM=1 +WOLFTPM?=1 # sizes should be multiple of system page size WOLFBOOT_PARTITION_SIZE=0x40000 diff --git a/config/examples/sim-tpm-measured.config b/config/examples/sim-tpm-measured.config index af9319171..132583967 100644 --- a/config/examples/sim-tpm-measured.config +++ b/config/examples/sim-tpm-measured.config @@ -4,7 +4,7 @@ SIGN?=ECC256 HASH?=SHA256 SPI_FLASH=0 DEBUG=0 -WOLFTPM=1 +WOLFTPM?=1 # sizes should be multiple of system page size WOLFBOOT_PARTITION_SIZE=0x40000 diff --git a/config/examples/sim-tpm-seal.config b/config/examples/sim-tpm-seal.config index c22f12cbe..566c69839 100644 --- a/config/examples/sim-tpm-seal.config +++ b/config/examples/sim-tpm-seal.config @@ -4,7 +4,7 @@ SIGN?=ECC256 HASH?=SHA256 SPI_FLASH=0 DEBUG=0 -WOLFTPM=1 +WOLFTPM?=1 # sizes should be multiple of system page size WOLFBOOT_PARTITION_SIZE=0x40000 diff --git a/config/examples/sim-tpm.config b/config/examples/sim-tpm.config index 95639bf91..774722970 100644 --- a/config/examples/sim-tpm.config +++ b/config/examples/sim-tpm.config @@ -5,7 +5,7 @@ SIGN?=ECC256 HASH?=SHA256 SPI_FLASH=0 DEBUG=0 -WOLFTPM=1 +WOLFTPM?=1 # enable offloading of asymmetric verify to TPM WOLFBOOT_TPM_VERIFY?=1 diff --git a/config/examples/sim.config b/config/examples/sim.config index 87c88edc0..6bd914dff 100644 --- a/config/examples/sim.config +++ b/config/examples/sim.config @@ -2,9 +2,10 @@ ARCH=sim TARGET=sim SIGN?=ED25519 HASH?=SHA256 -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SPI_FLASH=0 DEBUG=1 +SPMATH?=0 # sizes should be multiple of system page size WOLFBOOT_PARTITION_SIZE=0x40000 diff --git a/config/examples/stm32l4-cube.config b/config/examples/stm32l4-cube.config index df88f8713..dc8ff03ab 100644 --- a/config/examples/stm32l4-cube.config +++ b/config/examples/stm32l4-cube.config @@ -1,6 +1,6 @@ TARGET=stm32l4 -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 DEBUG?=0 VTOR?=1 CORTEX_M0?=0 diff --git a/config/examples/stm32wb-delta-enc-ext.config b/config/examples/stm32wb-delta-enc-ext.config index 634d5539d..98de7bb48 100644 --- a/config/examples/stm32wb-delta-enc-ext.config +++ b/config/examples/stm32wb-delta-enc-ext.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x20000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x0800C000 diff --git a/config/examples/stm32wb-delta-ext.config b/config/examples/stm32wb-delta-ext.config index 930303192..5ba4fd846 100644 --- a/config/examples/stm32wb-delta-ext.config +++ b/config/examples/stm32wb-delta-ext.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x20000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x0800C000 diff --git a/config/examples/stm32wb-delta.config b/config/examples/stm32wb-delta.config index a06336f36..bee11c5fe 100644 --- a/config/examples/stm32wb-delta.config +++ b/config/examples/stm32wb-delta.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x20000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x0800C000 diff --git a/config/examples/stm32wb-pka-1mb.config b/config/examples/stm32wb-pka-1mb.config index f43b9d006..846ce4385 100644 --- a/config/examples/stm32wb-pka-1mb.config +++ b/config/examples/stm32wb-pka-1mb.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x7B800 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x08008000 diff --git a/config/examples/stm32wb-tpm.config b/config/examples/stm32wb-tpm.config index e4ce780a7..0f62c8b8f 100644 --- a/config/examples/stm32wb-tpm.config +++ b/config/examples/stm32wb-tpm.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x20000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x08008000 @@ -8,4 +8,4 @@ WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x08028000 WOLFBOOT_PARTITION_SWAP_ADDRESS=0x08048000 NVM_FLASH_WRITEONCE=1 PKA=0 -WOLFTPM=1 +WOLFTPM?=1 diff --git a/config/examples/stm32wb.config b/config/examples/stm32wb.config index 81baaf693..73861d855 100644 --- a/config/examples/stm32wb.config +++ b/config/examples/stm32wb.config @@ -1,6 +1,6 @@ TARGET=stm32wb -SIGN=ECC256 -HASH=SHA256 +SIGN?=ECC256 +HASH?=SHA256 WOLFBOOT_SECTOR_SIZE=0x1000 WOLFBOOT_PARTITION_SIZE=0x20000 WOLFBOOT_PARTITION_BOOT_ADDRESS=0x08008000 diff --git a/config/examples/x86_64_efi.config b/config/examples/x86_64_efi.config index a6e5652aa..00308b6e0 100644 --- a/config/examples/x86_64_efi.config +++ b/config/examples/x86_64_efi.config @@ -1,6 +1,6 @@ ARCH=x86_64 TARGET=x86_64_efi -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ED25519 HASH?=SHA256 DEBUG=1 diff --git a/config/examples/x86_fsp_qemu.config b/config/examples/x86_fsp_qemu.config index 767340035..bf439151d 100644 --- a/config/examples/x86_fsp_qemu.config +++ b/config/examples/x86_fsp_qemu.config @@ -1,6 +1,6 @@ ARCH=x86_64 TARGET=x86_fsp_qemu -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ECC384 HASH?=SHA384 DEBUG=1 diff --git a/config/examples/x86_fsp_qemu_stage1_auth.config b/config/examples/x86_fsp_qemu_stage1_auth.config index ec209d2ff..a36d7f0be 100644 --- a/config/examples/x86_fsp_qemu_stage1_auth.config +++ b/config/examples/x86_fsp_qemu_stage1_auth.config @@ -1,6 +1,6 @@ ARCH=x86_64 TARGET=x86_fsp_qemu -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ECC256 HASH?=SHA256 DEBUG=1 diff --git a/config/examples/x86_fsp_qemu_tpm.config b/config/examples/x86_fsp_qemu_tpm.config index ebaa63c0a..726a2aa32 100644 --- a/config/examples/x86_fsp_qemu_tpm.config +++ b/config/examples/x86_fsp_qemu_tpm.config @@ -1,6 +1,6 @@ ARCH=x86_64 TARGET=x86_fsp_qemu -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ECC384 HASH?=SHA384 DEBUG=1 @@ -8,7 +8,7 @@ SPMATH=1 FORCE_32BIT=1 ENCRYPTION=0 WOLFBOOT_NO_PARTITIONS=1 -WOLFTPM=1 +WOLFTPM?=1 # TPM Keystore options #WOLFBOOT_TPM_KEYSTORE?=1 diff --git a/config/examples/x86_fsp_qemu_tpm_keystore.config b/config/examples/x86_fsp_qemu_tpm_keystore.config index 9b8c11115..da000206c 100644 --- a/config/examples/x86_fsp_qemu_tpm_keystore.config +++ b/config/examples/x86_fsp_qemu_tpm_keystore.config @@ -1,6 +1,6 @@ ARCH=x86_64 TARGET=x86_fsp_qemu -WOLFBOOT_SMALL_STACK=1 +WOLFBOOT_SMALL_STACK?=1 SIGN?=ECC256 HASH?=SHA256 DEBUG=1 @@ -8,7 +8,7 @@ SPMATH=1 FORCE_32BIT=1 ENCRYPTION=0 WOLFBOOT_NO_PARTITIONS=1 -WOLFTPM=1 +WOLFTPM?=1 # TPM Keystore options WOLFBOOT_TPM_KEYSTORE?=1 diff --git a/include/user_settings.h b/include/user_settings.h index dcc31a7dc..43e7148cf 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -30,12 +30,12 @@ # include "test-app/wcs/user_settings.h" #else - #include /* System */ #define WOLFSSL_GENERAL_ALIGNMENT 4 #define SINGLE_THREADED +#define WOLFSSL_USER_MUTEX /* avoid wc_port.c wc_InitAndAllocMutex */ #define WOLFCRYPT_ONLY #define SIZEOF_LONG_LONG 8 @@ -166,7 +166,6 @@ extern int tolower(int c); defined(WOLFBOOT_SIGN_RSA4096) || \ defined(WOLFCRYPT_SECURE_MODE) - # define WC_RSA_BLINDING # define WC_RSA_DIRECT # define RSA_LOW_MEM @@ -174,6 +173,7 @@ extern int tolower(int c); # if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) # define WOLFSSL_RSA_VERIFY_INLINE # define WOLFSSL_RSA_VERIFY_ONLY +# define WOLFSSL_RSA_PUBLIC_ONLY # define WC_NO_RSA_OAEP # endif # if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH_ALL) @@ -369,6 +369,9 @@ extern int tolower(int c); #define WOLFSSL_NO_SOCK #define WOLFSSL_IGNORE_FILE_WARN #define NO_ERROR_STRINGS +#define NO_PKCS12 +#define NO_PKCS8 +#define NO_CHECK_PRIVATE_KEY #define BENCH_EMBEDDED #define NO_CRYPT_TEST @@ -392,7 +395,7 @@ extern int tolower(int c); # define WOLFSSL_SP_NO_MALLOC # define WOLFSSL_SP_NO_DYN_STACK # endif -# if !defined(ARCH_SIM) && !defined(SECURE_PKCS11) +# if !defined(SECURE_PKCS11) # define WOLFSSL_NO_MALLOC # endif #else diff --git a/options.mk b/options.mk index bae89a7c2..12a43ad77 100644 --- a/options.mk +++ b/options.mk @@ -77,9 +77,9 @@ ifeq ($(SIGN),ECC256) STACK_USAGE=6680 else ifneq ($(SPMATH),1) - STACK_USAGE=5008 + STACK_USAGE=5264 else - STACK_USAGE=7600 + STACK_USAGE=7632 endif endif endif