Merge pull request #8 from bigbrett/operation-forklift

operation forklift: bare metal fixes
wolfSSL · Mar 22, 2024 · f26929d · f26929d
2 parents 8bcca15 + 9668d9b
commit f26929d
Show file tree

Hide file tree

Showing 7 changed files with 102 additions and 58 deletions.
diff --git a/src/wh_server.c b/src/wh_server.c
@@ -19,8 +19,10 @@
 /* Server API's */
 #include "wolfhsm/wh_server.h"
 #include "wolfhsm/wh_server_crypto.h"
-#include "wolfhsm/wh_server_she.h"
 #include "wolfhsm/wh_server_internal.h"
+#if defined(WOLFHSM_SHE_EXTENSION)
+#include "wolfhsm/wh_server_she.h"
+#endif
 
 /** Forward declarations. */
 /* TODO: Move these out to separate C files */
@@ -58,8 +60,7 @@ int wh_Server_Init(whServerContext* server, whServerConfig* config)
     memset(server, 0, sizeof(*server));
     if (
         ((rc = wolfCrypt_Init()) == 0) &&
-        ((rc = wc_InitRng_ex(server->crypto->rng, NULL, INVALID_DEVID)) == 0) &&
-        1) {
+        ((rc = wc_InitRng_ex(server->crypto->rng, NULL, INVALID_DEVID)) == 0)) {
         rc = wh_Nvm_Init(server->nvm, config->nvm_config);
         if (rc == 0) {
             server->nvm->cb = config->nvm_config->cb;
@@ -84,6 +85,7 @@ int wh_Server_Cleanup(whServerContext* server)
 
     (void)wh_CommServer_Cleanup(server->comm);
     (void)wh_Nvm_Cleanup(server->nvm);
+    (void)wc_FreeRng(server->crypto->rng);
     (void)wolfCrypt_Cleanup();
 
     memset(server, 0, sizeof(*server));

diff --git a/src/wh_server_she.c b/src/wh_server_she.c
@@ -1,3 +1,5 @@
+#if 0
+
 /* System libraries */
 #include <stdint.h>
 #include <stdlib.h>  /* For NULL */
@@ -20,7 +22,6 @@
 #include "wolfhsm/wh_server.h"
 #include "wolfhsm/wh_packet.h"
 
-#if 0
 const uint8_t WOLFHSM_SHE_KEY_UPDATE_ENC_C[] = {0x01, 0x01, 0x53, 0x48, 0x45,
     0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xB0};
 const uint8_t WOLFHSM_SHE_KEY_UPDATE_MAC_C[] = {0x01, 0x02, 0x53, 0x48, 0x45,

diff --git a/test/wh_test_crypto.c b/test/wh_test_crypto.c
@@ -10,20 +10,27 @@
 #include "wolfssl/wolfcrypt/settings.h"
 #include "wolfssl/wolfcrypt/random.h"
 
-#include "wolfhsm/wh_common.h"
-#include "wolfhsm/wh_error.h"
-
-#include "wolfhsm/wh_comm.h"
-#include "wolfhsm/wh_transport_mem.h"
+#if defined(WH_CONFIG)
+#include "wh_config.h"
+#endif
 
+#include "wolfhsm/wh_error.h"
 #include "wolfhsm/wh_nvm.h"
 #include "wolfhsm/wh_nvm_flash.h"
 #include "wolfhsm/wh_flash_ramsim.h"
-
+#include "wolfhsm/wh_comm.h"
+#include "wolfhsm/wh_message.h"
 #include "wolfhsm/wh_server.h"
 #include "wolfhsm/wh_client.h"
+#include "wolfhsm/wh_transport_mem.h"
 
-#include "wh_config.h"
+#include "wh_test_common.h"
+
+#if defined(WH_CFG_TEST_POSIX)
+#include <pthread.h> /* For pthread_create/cancel/join/_t */
+#include "port/posix/posix_transport_tcp.h"
+#include "port/posix/posix_flash_file.h"
+#endif
 
 #if defined(WH_CFG_TEST_POSIX)
 #include <unistd.h> /* For sleep */
@@ -33,18 +40,15 @@
 #endif
 
 enum {
-        REPEAT_COUNT = 10,
         REQ_SIZE = 32,
         RESP_SIZE = 64,
         BUFFER_SIZE = 4096,
-        ONE_MS = 1000,
     };
 
 
-static void* _whClientTask(void *cf)
+int whTest_CryptoClientConfig(whClientConfig* config)
 {
     whClientContext client[1] = {0};
-    whClientConfig* config = (whClientConfig*)cf;
     int ret = 0;
     /* wolfcrypt */
     WC_RNG rng[1];
@@ -56,104 +60,132 @@ static void* _whClientTask(void *cf)
     uint8_t sharedTwo[CURVE25519_KEYSIZE];
 
     if (config == NULL) {
-        return NULL;
+        return WH_ERROR_BADARGS;
     }
 
-    ret = wh_Client_Init(client, config);
-    if (ret != 0) {
-        printf("Failed to wh_Client_Init: %d", ret);
-        return NULL;
-    }
+    WH_TEST_RETURN_ON_FAIL(wh_Client_Init(client, config));
+
     /* test rng */
     if((ret = wc_InitRng_ex(rng, NULL, WOLFHSM_DEV_ID)) != 0) {
-        printf("Failed to wc_InitRng_ex %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_InitRng_ex %d\n", ret);
         goto exit;
     }
+
     if((ret = wc_RNG_GenerateBlock(rng, key, sizeof(key))) != 0) {
-        printf("Failed to wc_RNG_GenerateBlock %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_RNG_GenerateBlock %d\n", ret);
         goto exit;
     }
-    printf("RNG SUCCESS\n");
+
     /* test curve25519 */
     if ((ret = wc_curve25519_init_ex(curve25519PrivateKey, NULL, WOLFHSM_DEV_ID)) != 0) {
-        printf("Failed to wc_curve25519_init_ex %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_init_ex %d\n", ret);
         goto exit;
     }
+
     if ((ret = wc_curve25519_init_ex(curve25519PublicKey, NULL, WOLFHSM_DEV_ID)) != 0) {
-        printf("Failed to wc_curve25519_init_ex %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_init_ex %d\n", ret);
         goto exit;
     }
+
     if ((ret = wc_curve25519_make_key(rng, CURVE25519_KEYSIZE, curve25519PrivateKey)) != 0) {
-        printf("Failed to wc_curve25519_make_key %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_make_key %d\n", ret);
         goto exit;
     }
+
     if ((ret = wc_curve25519_make_key(rng, CURVE25519_KEYSIZE, curve25519PublicKey)) != 0) {
-        printf("Failed to wc_curve25519_make_key %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_make_key %d\n", ret);
         goto exit;
     }
+
     outLen = sizeof(sharedOne);
     if ((ret = wc_curve25519_shared_secret(curve25519PrivateKey, curve25519PublicKey, sharedOne, &outLen)) != 0) {
-        printf("Failed to wc_curve25519_shared_secret %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_shared_secret %d\n", ret);
         goto exit;
     }
+
     if ((ret = wc_curve25519_shared_secret(curve25519PublicKey, curve25519PrivateKey, sharedTwo, &outLen)) != 0) {
-        printf("Failed to wc_curve25519_shared_secret %d\n", ret);
+        WH_ERROR_PRINT("Failed to wc_curve25519_shared_secret %d\n", ret);
         goto exit;
     }
-    if (XMEMCMP(sharedOne, sharedTwo, outLen) == 0)
-        printf("CURVE25519 SUCCESS\n");
-    else
-        printf("CURVE25519 FAILURE\n");
+    if (XMEMCMP(sharedOne, sharedTwo, outLen) != 0) {
+        WH_ERROR_PRINT("CURVE25519 shared secrets don't match\n");
+    }
+
+exit:
     wc_curve25519_free(curve25519PrivateKey);
     wc_curve25519_free(curve25519PublicKey);
-exit:
     wc_FreeRng(rng);
-    ret = wh_Client_Cleanup(client);
-    printf("wh_Client_Cleanup:%d\n", ret);
-    return NULL;
+
+    if (ret == 0) {
+        WH_TEST_RETURN_ON_FAIL(wh_Client_Cleanup(client));
+    }
+    else {
+        wh_Client_Cleanup(client);
+    }
+
+    return ret;
 }
 
-static void* _whServerTask(void* cf)
+
+int whTest_CryptoServerConfig(whServerConfig* config)
 {
     whServerContext server[1] = {0};
-    whServerConfig* config = (whServerConfig*)cf;
     int ret = 0;
     int i;
 
     if (config == NULL) {
-        return NULL;
+        return WH_ERROR_BADARGS;
     }
 
-    ret = wh_Server_Init(server, config);
-    if (ret != 0) {
-        printf("Failed to wh_Server_Init: %d", ret);
-        return NULL;
-    }
-    /* handle rng */
+    WH_TEST_RETURN_ON_FAIL(wh_Server_Init(server, config));
+
+    /* handle client rng */
     do {
         ret = wh_Server_HandleRequestMessage(server);
     } while (ret == WH_ERROR_NOTREADY);
     if (ret != 0) {
-        printf("Failed to wh_Server_HandleRequestMessage: %d\n", ret);
+        WH_ERROR_PRINT("Failed to wh_Server_HandleRequestMessage: %d\n", ret);
         goto exit;
     }
+
+
     /* handle curve */
     for (i = 0; i < 4; i++) {
         do {
             ret = wh_Server_HandleRequestMessage(server);
         } while (ret == WH_ERROR_NOTREADY);
         if (ret != 0) {
-            printf("Failed to wh_Server_HandleRequestMessage: %d\n", ret);
+            WH_ERROR_PRINT("Failed to wh_Server_HandleRequestMessage: %d\n", ret);
             goto exit;
         }
     }
+
 exit:
-    ret = wh_Server_Cleanup(server);
-    printf("ServerCleanup:%d\n", ret);
+    if (ret == 0) {
+        WH_TEST_RETURN_ON_FAIL(wh_Server_Cleanup(server));
+    }
+    else {
+        ret = wh_Server_Cleanup(server);
+    }
 
+    return ret;
+}
+
+
+#if defined(WH_CFG_TEST_POSIX)
+static void* _whClientTask(void *cf)
+{
+    (void)whTest_CryptoClientConfig(cf);
     return NULL;
 }
 
+static void* _whServerTask(void* cf)
+{
+    (void)whTest_CryptoServerConfig(cf);
+    return NULL;
+}
+
+
 static void _whClientServerThreadTest(whClientConfig* c_conf,
                                 whServerConfig* s_conf)
 {
@@ -164,10 +196,8 @@ static void _whClientServerThreadTest(whClientConfig* c_conf,
     int rc = 0;
 
     rc = pthread_create(&sthread, NULL, _whServerTask, s_conf);
-    printf(" WH Server thread create:%d\n", rc);
     if (rc == 0) {
         rc = pthread_create(&cthread, NULL, _whClientTask, c_conf);
-        printf("WH Client thread create:%d\n", rc);
         if (rc == 0) {
             /* All good. Block on joining */
 
@@ -245,8 +275,12 @@ static void wh_ClientServer_MemThreadTest(void)
        .nvm_config = n_conf,
     }};
 
+
     _whClientServerThreadTest(c_conf, s_conf);
 }
+#endif /* WH_CFG_TEST_POSIX */
+
+
 int whTest_Crypto(void)
 {
 #if defined(WH_CFG_TEST_POSIX)

diff --git a/test/wh_test_crypto.h b/test/wh_test_crypto.h
@@ -1,6 +1,13 @@
 #ifndef WH_TEST_CRYPTO_H_
 #define WH_TEST_CRYPTO_H_
 
+#include "wolfhsm/wh_server.h"
+#include "wolfhsm/wh_client.h"
+
 int whTest_Crypto(void);
+int whTest_CryptoClientConfig(whClientConfig* cf);
+int whTest_CryptoServerConfig(whServerConfig* cfg);
+
+
 
 #endif /* WH_TEST_COMM_H_ */
diff --git a/wolfhsm/wh_common.h b/wolfhsm/wh_common.h
@@ -17,9 +17,10 @@
 /** Resource allocations */
 enum {
     WOLFHSM_NUM_COUNTERS = 8,       /* Number of non-volatile 32-bit counters */
-    WOLFHSM_NUM_RAMKEYS = 2,       /* Number of RAM keys */
+    WOLFHSM_NUM_RAMKEYS = 2,        /* Number of RAM keys */
     WOLFHSM_NUM_NVMOBJECTS = 32,    /* Number of NVM objects in the directory */
     WOLFHSM_NUM_MANIFESTS = 8,      /* Number of compiletime manifests */
+    WOLFHSM_KEYCACHE_BUFSIZE = 512, /* Size in bytes of key cache buffer  */
 };
 
 

diff --git a/wolfhsm/wh_server.h b/wolfhsm/wh_server.h
@@ -19,13 +19,13 @@
 typedef struct CacheSlot {
     uint8_t commited;
     whNvmMetadata meta[1];
-    uint8_t buffer[WOLFHSM_NVM_MAX_OBJECT_SIZE];
+    uint8_t buffer[WOLFHSM_KEYCACHE_BUFSIZE];
 } CacheSlot;
 
 typedef struct {
     curve25519_key curve25519Private[1];
     curve25519_key curve25519Public[1];
-    WC_RNG rng[1]; 
+    WC_RNG rng[1];
 } crypto_context;
 
 /* Context structure to maintain the state of an HSM server */

diff --git a/wolfhsm/wh_server_crypto.h b/wolfhsm/wh_server_crypto.h
@@ -1,7 +1,6 @@
-#include "wolfhsm/wh_server.h"
-
 #ifndef WOLFHSM_WH_SERVER_CRYPTO_H
 #define WOLFHSM_WH_SERVER_CRYPTO_H
+#include "wolfhsm/wh_server.h"
 int _wh_Server_HandleCryptoRequest(whServerContext* server,
     uint16_t action, uint8_t* data, uint16_t* size);
 #endif