andy/kunlun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

初始提交

Browse Source
This commit is contained in:
andy
2024-09-28 14:24:04 +08:00
commit c756587541
5564 changed files with 2413077 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
dtest/dtest3/kl3_sec_test/Makefile Normal file
View File

@@ -0,0 +1,55 @@
# OUTPUT type
# 1 - .out
# 2 - .a
# 3 - .so
OUTPUT_TYPE = 1
OUTPUT_NAME = sec_test
SUB_DIRS = $(TOPDIR)/common/os_shim/dtestos $(TOPDIR)/dtest/dtest3/common
SUB_DIRS += $(TOPDIR)/sp/boot/crypto
# .h files dir
ADD_INCLUDE += $(TOPDIR)/inc
ADD_INCLUDE += $(TOPDIR)/inc/driver
ADD_INCLUDE += $(TOPDIR)/inc/uart
ADD_INCLUDE += $(TOPDIR)/driver/inc
ADD_INCLUDE += $(TOPDIR)/dtest/dtest3/common
ADD_INCLUDE += $(TOPDIR)/inc/crypto
ADD_INCLUDE += $(TOPDIR)/common/io_lib/inc
ADD_INCLUDE += $(TOPDIR)/rom/riscv3/romlib/crypto/mbedtls-2.4.0/include/mbedtls
ADD_INCLUDE += $(TOPDIR)/inc/io_lib $(TOPDIR)/rom/riscv3/romlib/crypto/iotelic/inc/mbedtls
ADD_INCLUDE += $(TOPDIR)/rom/riscv3/crypto/iotelic/inc/mbedtls
# predefined macro
PRE_MARCO += _MODULE_NAME_=\"SEC\" _MODULE_VERSION_=\"V1.0.0\"
LD_SCRIPT = link_soc.lds
#LD_SCRIPT = link_sec.lds
# lib dir
ADD_LIBDIR += $(TOPDIR)/dtest/startup $(TOPDIR)/driver $(TOPDIR)/common/io_lib
ADD_LIBDIR += $(TOPDIR)/startup/riscv3 $(TOPDIR)/rom/riscv3/crypto
# lib need to ld together
ADD_LIB += riscv driver io_lib
#####################################################
ifdef TOPDIR
include $(TOPDIR)/build/makefile.cfg
else
include $(CURDIR)/build/makefile.cfg
TOPDIR = $(CURDIR)
export TOPDIR
endif
dump:
$(OBJDUMP) -D -S -l $(OUTPUT_FULL_NAME) > $(OUTPUT_FULL_NAME).dump
# display the obj files and output name
debug:
@echo TOPDIR=$(TOPDIR)
@echo OUTPUT_LIB=$(OUTPUT_FULL_NAME)
@echo DEPS=$(DEPS)
@echo OBJECTS=$(OBJECTS)
@echo SRCS=$(SRCS)
@echo OBJECTS folder=$(foreach dirname, $(SUB_DIRS), $(addprefix $(BIN_DIR)/, $(dirname)))
@echo output_name=$(OUTPUT_FULL_NAME)

178
dtest/dtest3/kl3_sec_test/link_soc_x.lds Normal file
View File

@@ -0,0 +1,178 @@
OUTPUT_ARCH( "riscv" )
ENTRY( _start )
MEMORY
{
flash (rxai!w) : ORIGIN = 0x10020000, LENGTH = 64K
dram (wxa!ri) : ORIGIN = 0x10008000, LENGTH = 64K
iram (wxa!ri) : ORIGIN = 0x10018000, LENGTH = 32K
}
SECTIONS
{
__main_stack_size = DEFINED(__main_stack_size) ? __main_stack_size : 2K;
__trap_stack_size = DEFINED(__trap_stack_size) ? __trap_stack_size : 2K;
.init :
{
KEEP (*(SORT_NONE(.init)))
} >flash AT>flash
.text :
{
*(.text .text.*)
*(.gnu.linkonce.t.*)
} >flash AT>flash
.fini :
{
KEEP (*(SORT_NONE(.fini)))
} >flash AT>flash
PROVIDE (__etext = .);
PROVIDE (_etext = .);
PROVIDE (etext = .);
.rodata :
{
*(.rdata)
*(.rodata .rodata.*)
*(.gnu.linkonce.r.*)
} >flash AT>flash
. = ALIGN(4);
.preinit_array :
{
PROVIDE_HIDDEN (__preinit_array_start = .);
KEEP (*(.preinit_array))
PROVIDE_HIDDEN (__preinit_array_end = .);
} >flash AT>flash
.init_array :
{
PROVIDE_HIDDEN (__init_array_start = .);
KEEP (*(SORT_BY_INIT_PRIORITY(.init_array.*) SORT_BY_INIT_PRIORITY(.ctors.*)))
KEEP (*(.init_array EXCLUDE_FILE (*crtbegin.o *crtbegin?.o *crtend.o *crtend?.o ) .ctors))
PROVIDE_HIDDEN (__init_array_end = .);
} >flash AT>flash
.fini_array :
{
PROVIDE_HIDDEN (__fini_array_start = .);
KEEP (*(SORT_BY_INIT_PRIORITY(.fini_array.*) SORT_BY_INIT_PRIORITY(.dtors.*)))
KEEP (*(.fini_array EXCLUDE_FILE (*crtbegin.o *crtbegin?.o *crtend.o *crtend?.o ) .dtors))
PROVIDE_HIDDEN (__fini_array_end = .);
} >flash AT>flash
.ctors :
{
/* gcc uses crtbegin.o to find the start of
the constructors, so we make sure it is
first. Because this is a wildcard, it
doesn't matter if the user does not
actually link against crtbegin.o; the
linker won't look for a file to match a
wildcard. The wildcard also means that it
doesn't matter which directory crtbegin.o
is in. */
KEEP (*crtbegin.o(.ctors))
KEEP (*crtbegin?.o(.ctors))
/* We don't want to include the .ctor section from
the crtend.o file until after the sorted ctors.
The .ctor section from the crtend file contains the
end of ctors marker and it must be last */
KEEP (*(EXCLUDE_FILE (*crtend.o *crtend?.o ) .ctors))
KEEP (*(SORT(.ctors.*)))
KEEP (*(.ctors))
} >flash AT>flash
.dtors :
{
KEEP (*crtbegin.o(.dtors))
KEEP (*crtbegin?.o(.dtors))
KEEP (*(EXCLUDE_FILE (*crtend.o *crtend?.o ) .dtors))
KEEP (*(SORT(.dtors.*)))
KEEP (*(.dtors))
} >flash AT>flash
.lalign :
{
. = ALIGN(4);
PROVIDE( _data_lma = . );
} >flash AT>flash
.dalign :
{
. = ALIGN(4);
PROVIDE( _data = . );
} >dram AT>flash
.data :
{
*(.data .data.*)
*(.gnu.linkonce.d.*)
PROVIDE( _gp = . + 0x800 );
*(.srodata.cst16)
*(.srodata.cst8)
*(.srodata.cst4)
*(.srodata.cst2)
*(.srodata .srodata.*)
*(.sdata .sdata.*)
*(.gnu.linkonce.s.*)
} >dram AT>flash
. = ALIGN(4);
PROVIDE( _edata = . );
PROVIDE( edata = . );
PROVIDE( _fbss = . );
PROVIDE( __bss_start = . );
.bss :
{
*(.sbss*)
*(.gnu.linkonce.sb.*)
*(.bss .bss.*)
*(.gnu.linkonce.b.*)
*(COMMON)
. = ALIGN(4);
} >dram
. = ALIGN(8);
PROVIDE( _end = . );
PROVIDE( end = . );
PROVIDE( _heap_start = . );
.stack ORIGIN(dram) + LENGTH(dram) - (__main_stack_size + __trap_stack_size) :
{
PROVIDE( _heap_end = . );
. = __main_stack_size;
PROVIDE( _sp = . );
. = __trap_stack_size;
PROVIDE( _trap_sp = . );
} >dram
.ilalign :
{
. = ALIGN(4);
PROVIDE( _iram_lma = . );
} >flash AT>flash
.iram :
{
. = ALIGN(4);
PROVIDE( _iram_start = . );
*(.iram.entry*);
*(.iram*);
. = ALIGN(4);
PROVIDE( _iram_end = . );
} >iram AT>flash
.ilalign1 :
{
. = ALIGN(4);
PROVIDE( _flash_end = . );
} >flash AT>flash
}
INCLUDE "romlib.addrs.ld"

845
dtest/dtest3/kl3_sec_test/sec_test.c Normal file
View File

@@ -0,0 +1,845 @@
#include "os_types.h"
#include "iot_config.h"
#include "dbg_io.h"
#include "iot_diag.h"
#include "iot_io.h"
#include "gp_timer.h"
#include "iot_string.h"
#include "sec_sys_rf.h"
#include "chip_reg_base.h"
#include "hw_reg_api.h"
#include "os_mem.h"
#include "sec_sys.h"
#include "dtest_printf.h"
#include "iot_crypto.h"
#include "x509_crt.h"
#include "ecdsa.h"
#include "ecp.h"
#include "entropy.h"
#include "ctr_drbg.h"
#include "init.h"
#include "platform.h"
#include "md5.h"
#include "sha256.h"
#include "sha512.h"
#include "aes.h"
#include "sha1.h"
#include "pk.h"
#include "oid.h"
void p_buf(unsigned char *b, uint32_t l)
{
uint32_t i;
iot_printf("\n");
for (i = 1; i < l + 1; i++) {
iot_printf("%02x", b[i - 1]);
if (i % 16 == 0)
iot_printf("\n");
};
iot_printf("\n");
}
void dump_buf( const char *title, unsigned char *buf, size_t len )
{
size_t i;
iot_printf( "%s", title );
for( i = 0; i < len; i++ )
iot_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
"0123456789ABCDEF" [buf[i] % 16] );
iot_printf( "\n" );
}
void dump_pubkey( const char *title, mbedtls_ecdsa_context *key )
{
unsigned char buf[300];
size_t len;
if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q,
MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
{
iot_printf("internal error\n");
return;
}
dump_buf( title, buf, len );
}
void sec_sys_sm2_rsa(uint32_t *outdata, uint32_t A, uint32_t B, uint32_t P);
void sec_sys_gf2mult(uint8_t *input1, uint8_t *input2, uint8_t *outdata);
void sec_sys_gcm_aes(uint8_t *res);
int sec_sys_aes1(uint8_t *input, uint8_t *output, uint8_t *aes_key,
uint8_t enc_mode, uint8_t operation);
//extern void* memset(void* s, int32_t c, uint32_t size);
unsigned char test_data[] = "admin";
void rom_mbedtls_init()
{
mbedtls_platform_set_printf((void *)iot_printf);
mbedtls_platform_set_snprintf((void*)iot_snprintf);
}
void rom_md5_test(void)
{
unsigned char md5_result[16];
mbedtls_md5_context md5_ctx;
iot_printf("\n>>>>mbedtls_md5<<<<\n");
mbedtls_md5_init(&md5_ctx);
mbedtls_md5_starts(&md5_ctx);
mbedtls_md5_update(&md5_ctx, test_data, strlen((char *)test_data));
mbedtls_md5_finish(&md5_ctx, md5_result);
mbedtls_md5_free(&md5_ctx);
iot_printf("mbedtls_md5_finish addr: %p md5: ", mbedtls_md5_finish);
memset(md5_result, 0, 16);
mbedtls_md5(test_data, strlen((const char *)test_data), md5_result);
iot_printf("mbedtls_md5 addr: %p md5: ", mbedtls_md5);
p_buf(md5_result, 16);
}
void rom_sha256_test(void)
{
mbedtls_sha256_context sha256_ctx;
unsigned char sha256_result[32];
iot_printf("\n>>>>mbedtls_sha256<<<<\n");
mbedtls_sha256_init(&sha256_ctx);
mbedtls_sha256_starts(&sha256_ctx, 0);
mbedtls_sha256_update(&sha256_ctx, test_data, strlen((char *)test_data));
mbedtls_sha256_finish(&sha256_ctx, sha256_result);
mbedtls_sha256_free(&sha256_ctx);
iot_printf("mbedtls_sha256_finish addr: %p sha256 1: ", mbedtls_sha256_finish);
p_buf(sha256_result, 32);
memset(sha256_result, 0, 32);
memset(&sha256_ctx, 0, sizeof(sha256_ctx));
mbedtls_sha256(test_data, strlen((char *)test_data), sha256_result, 0);
iot_printf("mbedtls_sha256 addr: %p sha256 2: ", mbedtls_sha256);
p_buf(sha256_result, 32);
}
void rom_sha512_test(void)
{
mbedtls_sha512_context sha512_ctx;
unsigned char sha512_result[64];
iot_printf("\n>>>>mbedtls_sha512<<<<\n");
mbedtls_sha512_init(&sha512_ctx);
mbedtls_sha512_starts(&sha512_ctx, 0);
mbedtls_sha512_update(&sha512_ctx, test_data, strlen((char *)test_data));
mbedtls_sha512_finish(&sha512_ctx, sha512_result);
mbedtls_sha512_free(&sha512_ctx);
iot_printf("mbedtls_sha512_finish addr: %p sha512: ", mbedtls_sha512_finish);
p_buf(sha512_result, 64);
}
void rom_aes_test()
{
mbedtls_aes_context aes_ctx;
/* 密钥数值 */
unsigned char key[16] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00};
/* 明文空间 */
unsigned char plain[16] = "helloworld";
/* 解密后明文的空间 */
unsigned char dec_plain[16] = { 0 };
/* 密文空间 */
unsigned char cipher[16] = { 0 };
iot_printf("\n>>>>mbedtls_aes<<<<\n");
iot_printf("func:%s line:%d mbedtls_aes_init:%p\n", __func__, __LINE__,
mbedtls_aes_init);
mbedtls_aes_init(&aes_ctx);
/* 设置加密密钥 */
mbedtls_aes_setkey_enc(&aes_ctx, key, 128);
iot_printf("raw data:%s\n", plain);
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, plain, cipher);
iot_printf("crypt data:%s\n", cipher);
/* 设置解密密钥 */
mbedtls_aes_setkey_dec(&aes_ctx, key, 128);
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_DECRYPT, cipher, dec_plain);
iot_printf("decrypt data:%s\n", dec_plain);
mbedtls_aes_free(&aes_ctx);
}
void rom_sha1_test(void)
{
unsigned char sha1_result[20];
mbedtls_sha1_context sha1_ctx;
iot_printf("\n>>>>mbedtls_sha1<<<<\n");
mbedtls_sha1_init(&sha1_ctx);
mbedtls_sha1_starts(&sha1_ctx);
mbedtls_sha1_update(&sha1_ctx, test_data, strlen((const char *)test_data));
mbedtls_sha1_finish(&sha1_ctx, sha1_result);
mbedtls_sha1_free(&sha1_ctx);
iot_printf("mbedtls_sha1_finish addr:%p sha1: ", mbedtls_sha1_finish);
p_buf(sha1_result, 20);
memset(sha1_result, 0, 20);
mbedtls_sha1(test_data, strlen((const char *)test_data), sha1_result);
iot_printf("mbedtls_sha1 addr:%p sha1: ", mbedtls_sha1);
p_buf(sha1_result, 20);
}
void rom_md_test(const char *md_type)
{
unsigned char result[64];
int ret;
mbedtls_md_context_t mdctx;
iot_printf("\n>>>>mbedtls_md<<<<\n");
mbedtls_md_init(&mdctx);
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_string(md_type);
if (NULL == md_info) {
iot_printf("type err\n");
return;
}
ret = mbedtls_md_setup(&mdctx, md_info, 0);
if (ret) {
iot_printf("%d ret = %d\n", __LINE__, ret);
goto n1;
}
ret = mbedtls_md_starts(&mdctx);
if (ret) iot_printf("%d\n", __LINE__);
ret = mbedtls_md_update(&mdctx, test_data, strlen((char *)test_data));
if (ret) iot_printf("%d\n", __LINE__);
ret = mbedtls_md_finish(&mdctx, result);
if (ret) iot_printf("%d\n", __LINE__);
mbedtls_md_free(&mdctx);
iot_printf("mbedtls_md_finish addr: %p md5: ", mbedtls_md_finish);
p_buf(result, 16);
n1:
mbedtls_md(md_info, test_data, strlen((char *)test_data), result);
iot_printf("mbedtls_md addr: %p md5: ", mbedtls_md);
p_buf(result, 16);
}
void rom_oid_test(void)
{
const char *oid = NULL;
size_t olen = 0;
iot_printf("\n>>>>mbedtls_oid<<<<\n");
/* 1 */
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_cipher_alg(MBEDTLS_CIPHER_AES_256_CBC, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_cipher_alg addr: %p olen: %d "
"MBEDTLS_CIPHER_AES_256_CBC oid: ", mbedtls_oid_get_oid_by_cipher_alg, olen);
p_buf((unsigned char*)oid, olen);
/* 2*/
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_ec_grp(MBEDTLS_ECP_DP_SECP192R1, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_ec_grp addr: %p olen: %d "
"MBEDTLS_ECP_DP_SECP192R1 oid: ", mbedtls_oid_get_oid_by_ec_grp, olen);
p_buf((unsigned char*)oid, olen);
/* 3 */
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_kdf_alg(MBEDTLS_KDF_KDF1, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_kdf_alg addr: %p olen: %d "
"MBEDTLS_KDF_KDF1 oid: ", mbedtls_oid_get_oid_by_kdf_alg, olen);
p_buf((unsigned char*)oid, olen);
/* 4 */
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_md(MBEDTLS_MD_MD5, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_md addr: %p olen: %d MBEDTLS_MD_MD5 oid: ",
mbedtls_oid_get_oid_by_md, olen);
p_buf((unsigned char*)oid, olen);
/* 5 */
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_pk_alg(MBEDTLS_PK_RSA, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_pk_alg addr: %p olen: %d "
"MBEDTLS_PK_RSA oid: ", mbedtls_oid_get_oid_by_pk_alg, olen);
p_buf((unsigned char*)oid, olen);
/* 6 */
oid = NULL; olen = 0;
mbedtls_oid_get_oid_by_sig_alg(MBEDTLS_PK_RSA, MBEDTLS_MD_MD5, &oid, &olen);
iot_printf("mbedtls_oid_get_oid_by_sig_alg addr: %p olen: %d "
"MBEDTLS_PK_RSA,MBEDTLS_MD_MD5 oid: ", mbedtls_oid_get_oid_by_sig_alg, olen);
p_buf((unsigned char*)oid, olen);
/* 7 */
char r[32] = {0};
unsigned char t1[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01};
int ret = 0;
mbedtls_asn1_buf asn1_oid = {0};
asn1_oid.len = 9;
asn1_oid.p = t1;
ret = mbedtls_oid_get_numeric_string(r, sizeof(r), &asn1_oid);
iot_printf("mbedtls_oid_get_numeric_string addr: %p ret: %d buf:%s\n",
mbedtls_oid_get_numeric_string, ret, r);
/* 8 */
unsigned char t2[] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2a};
mbedtls_cipher_type_t cipher_alg;
asn1_oid.len = 9;
asn1_oid.p = t2;
mbedtls_oid_get_cipher_alg(&asn1_oid, &cipher_alg);
iot_printf("mbedtls_cipher_type_t = %d\n", cipher_alg);
/* 9 */
unsigned char t3[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x01};
mbedtls_ecp_group_id grp_id;
asn1_oid.len = 8;
asn1_oid.p = t3;
mbedtls_oid_get_ec_grp(&asn1_oid, &grp_id);
iot_printf("mbedtls_ecp_group_id = %d\n", grp_id);
/* 10 */
unsigned char t4[] = {0x28, 0x81, 0x8c, 0x71, 0x02, 0x05, 0x01};
mbedtls_kdf_type_t kdf_alg;
asn1_oid.len = 7;
asn1_oid.p = t4;
mbedtls_oid_get_kdf_alg(&asn1_oid, &kdf_alg);
iot_printf("mbedtls_kdf_type_t = %d\n", kdf_alg);
/* 11 */
unsigned char t5[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05};
mbedtls_md_type_t md_alg;
asn1_oid.len = 8;
asn1_oid.p = t5;
mbedtls_oid_get_md_alg(&asn1_oid, &md_alg);
iot_printf("mbedtls_md_type_t = %d\n", md_alg);
/* 12 */
mbedtls_pk_type_t pk_alg;
asn1_oid.p = t1;
asn1_oid.len = 9;
mbedtls_oid_get_pk_alg(&asn1_oid, &pk_alg);
iot_printf("mbedtls_pk_type_t = %d\n", pk_alg);
/* 13 */
unsigned char t6[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04};
asn1_oid.p = t6;
asn1_oid.len = 9;
mbedtls_oid_get_sig_alg(&asn1_oid, &md_alg, &pk_alg);
iot_printf("mbedtls_pk_type_t md_alg = %d pk_alg = %d\n", md_alg, pk_alg);
}
int crypto_app_start (void);
void rom_pk_test()
{
iot_printf("\n>>>>mbedtls_pk<<<<\n");
crypto_app_start();
}
void rom_random_test(void)
{
unsigned char rand_buf[32] = {0};
const char *pers = "gen_keypair";
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *)pers, strlen(pers));
mbedtls_ctr_drbg_random(&ctr_drbg, rand_buf, 32);
iot_printf("\n>>>>mbedtls_random<<<<\n");
p_buf(rand_buf, 32);
mbedtls_ctr_drbg_random(&ctr_drbg, rand_buf, 32);
p_buf(rand_buf, 32);
}
void rom_ecc_test(void)
{
int ret = 0;
const char *pers = "gen_keypair";
unsigned char sha2_data[] = "admin";
uint8_t sha256[32] = {0};
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *)pers, strlen(pers));
iot_printf("\n>>>>mbedtls_ecc<<<<\n");
iot_crypto_sha256(sha2_data, strlen((const char*)sha2_data), sha256);
dprintf("sha256:");
p_buf(sha256, 32);
mbedtls_ecp_keypair t, z;
mbedtls_ecp_keypair *ec_keypair_sign = &t, *ec_keypair_verify = &z;
if( ec_keypair_sign != NULL ) {
mbedtls_ecp_keypair_init( ec_keypair_sign );
mbedtls_ecp_keypair_init(ec_keypair_verify);
}
ret = mbedtls_ecp_group_load(&ec_keypair_sign->grp, MBEDTLS_ECP_DP_SECP192R1);
if (ret) iot_printf("%s %d err!", __func__, __LINE__);
ret = mbedtls_ecp_gen_keypair(&ec_keypair_sign->grp, &ec_keypair_sign->d,
&ec_keypair_sign->Q, mbedtls_ctr_drbg_random, &ctr_drbg);
if (ret) iot_printf("%s %d err!", __func__, __LINE__);
dump_pubkey("pub key:", (mbedtls_ecdsa_context*)ec_keypair_sign);
(void)ec_keypair_verify;
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
size_t sig_len = 0;
memset(sig, 0, MBEDTLS_ECDSA_MAX_LEN);
if( ( ret = mbedtls_ecdsa_write_signature(ec_keypair_sign, MBEDTLS_MD_SHA256,
sha256, sizeof(sha256),
sig, &sig_len,
mbedtls_ctr_drbg_random, &ctr_drbg )) != 0)
{
iot_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret );
return;
}
iot_printf( " ok (signature length = %u)\n", (unsigned int) sig_len );
dump_buf( " + Signature: ", sig, sig_len );
iot_printf( " . Preparing verification context..." );
ret = mbedtls_ecp_group_copy( &ec_keypair_verify->grp, &ec_keypair_sign->grp );
if( ret != 0 )
{
iot_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret );
return;
}
iot_printf( " copy ok ...\n" );
if((ret = mbedtls_ecp_copy( &ec_keypair_verify->Q, &ec_keypair_sign->Q )) != 0) {
iot_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret );
return;
}
iot_printf( " ok\n . Verifying signature..." );
if( ( ret = mbedtls_ecdsa_read_signature( ec_keypair_verify,
sha256, sizeof( sha256 ),
sig, sig_len ) ) != 0 ){
iot_printf( " failed\n ! mbedtls_ecdsa_read_signature returned %d\n",
ret );
return;
}
iot_printf( "Verifying ok\n" );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
mbedtls_ecp_keypair_free(ec_keypair_sign);
mbedtls_ecp_keypair_free(ec_keypair_verify);
}
const char baidu_ca_cert[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIKLjCCCRagAwIBAgIMclh4Nm6fVugdQYhIMA0GCSqGSIb3DQEBCwUAMGYxCzAJ\r\n"
"BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH\r\n"
"bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g\r\n"
"RzIwHhcNMjAwNDAyMDcwNDU4WhcNMjEwNzI2MDUzMTAyWjCBpzELMAkGA1UEBhMC\r\n"
"Q04xEDAOBgNVBAgTB2JlaWppbmcxEDAOBgNVBAcTB2JlaWppbmcxJTAjBgNVBAsT\r\n"
"HHNlcnZpY2Ugb3BlcmF0aW9uIGRlcGFydG1lbnQxOTA3BgNVBAoTMEJlaWppbmcg\r\n"
"QmFpZHUgTmV0Y29tIFNjaWVuY2UgVGVjaG5vbG9neSBDby4sIEx0ZDESMBAGA1UE\r\n"
"AxMJYmFpZHUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwamw\r\n"
"rkca0lfrHRUfblyy5PgLINvqAN8p/6RriSZLnyMv7FewirhGQCp+vNxaRZdPrUEO\r\n"
"vCCGSwxdVSFH4jE8V6fsmUfrRw1y18gWVHXv00URD0vOYHpGXCh0ro4bvthwZnuo\r\n"
"k0ko0qN2lFXefCfyD/eYDK2G2sau/Z/w2YEympfjIe4EkpbkeBHlxBAOEDF6Speg\r\n"
"68ebxNqJN6nDN9dWsX9Sx9kmCtavOBaxbftzebFoeQOQ64h7jEiRmFGlB5SGpXhG\r\n"
"eY9Ym+k1Wafxe1cxCpDPJM4NJOeSsmrp5pY3Crh8hy900lzoSwpfZhinQYbPJqYI\r\n"
"jqVJF5JTs5Glz1OwMQIDAQABo4IGmDCCBpQwDgYDVR0PAQH/BAQDAgWgMIGgBggr\r\n"
"BgEFBQcBAQSBkzCBkDBNBggrBgEFBQcwAoZBaHR0cDovL3NlY3VyZS5nbG9iYWxz\r\n"
"aWduLmNvbS9jYWNlcnQvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzJyMS5jcnQwPwYI\r\n"
"KwYBBQUHMAGGM2h0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc29yZ2FuaXph\r\n"
"dGlvbnZhbHNoYTJnMjBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUF\r\n"
"BwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZn\r\n"
"gQwBAgIwCQYDVR0TBAIwADBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmds\r\n"
"b2JhbHNpZ24uY29tL2dzL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyLmNybDCCA04G\r\n"
"A1UdEQSCA0UwggNBggliYWlkdS5jb22CDGJhaWZ1YmFvLmNvbYIMd3d3LmJhaWR1\r\n"
"LmNughB3d3cuYmFpZHUuY29tLmNugg9tY3QueS5udW9taS5jb22CC2Fwb2xsby5h\r\n"
"dXRvggZkd3ouY26CCyouYmFpZHUuY29tgg4qLmJhaWZ1YmFvLmNvbYIRKi5iYWlk\r\n"
"dXN0YXRpYy5jb22CDiouYmRzdGF0aWMuY29tggsqLmJkaW1nLmNvbYIMKi5oYW8x\r\n"
"MjMuY29tggsqLm51b21pLmNvbYINKi5jaHVhbmtlLmNvbYINKi50cnVzdGdvLmNv\r\n"
"bYIPKi5iY2UuYmFpZHUuY29tghAqLmV5dW4uYmFpZHUuY29tgg8qLm1hcC5iYWlk\r\n"
"dS5jb22CDyoubWJkLmJhaWR1LmNvbYIRKi5mYW55aS5iYWlkdS5jb22CDiouYmFp\r\n"
"ZHViY2UuY29tggwqLm1pcGNkbi5jb22CECoubmV3cy5iYWlkdS5jb22CDiouYmFp\r\n"
"ZHVwY3MuY29tggwqLmFpcGFnZS5jb22CCyouYWlwYWdlLmNugg0qLmJjZWhvc3Qu\r\n"
"Y29tghAqLnNhZmUuYmFpZHUuY29tgg4qLmltLmJhaWR1LmNvbYISKi5iYWlkdWNv\r\n"
"bnRlbnQuY29tggsqLmRsbmVsLmNvbYILKi5kbG5lbC5vcmeCEiouZHVlcm9zLmJh\r\n"
"aWR1LmNvbYIOKi5zdS5iYWlkdS5jb22CCCouOTEuY29tghIqLmhhbzEyMy5iYWlk\r\n"
"dS5jb22CDSouYXBvbGxvLmF1dG+CEioueHVlc2h1LmJhaWR1LmNvbYIRKi5iai5i\r\n"
"YWlkdWJjZS5jb22CESouZ3ouYmFpZHViY2UuY29tgg4qLnNtYXJ0YXBwcy5jboIN\r\n"
"Ki5iZHRqcmN2LmNvbYIMKi5oYW8yMjIuY29tggwqLmhhb2thbi5jb22CDyoucGFl\r\n"
"LmJhaWR1LmNvbYIRKi52ZC5iZHN0YXRpYy5jb22CEmNsaWNrLmhtLmJhaWR1LmNv\r\n"
"bYIQbG9nLmhtLmJhaWR1LmNvbYIQY20ucG9zLmJhaWR1LmNvbYIQd24ucG9zLmJh\r\n"
"aWR1LmNvbYIUdXBkYXRlLnBhbi5iYWlkdS5jb20wHQYDVR0lBBYwFAYIKwYBBQUH\r\n"
"AwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07gwBA5hp8MB0G\r\n"
"A1UdDgQWBBSeyXnX6VurihbMMo7GmeafIEI1hzCCAX4GCisGAQQB1nkCBAIEggFu\r\n"
"BIIBagFoAHYAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAFxObU8\r\n"
"ugAABAMARzBFAiBphmgxIbNZXaPWiUqXRWYLaRST38KecoekKIof5fXmsgIhAMkZ\r\n"
"tF8XyKCu/nZll1e9vIlKbW8RrUr/74HpmScVRRsBAHYAb1N2rDHwMRnYmQCkURX/\r\n"
"dxUcEdkCwQApBo2yCJo32RMAAAFxObU85AAABAMARzBFAiBURWwwTgXZ+9IV3mhm\r\n"
"E0EOzbg901DLRszbLIpafDY/XgIhALsvEGqbBVrpGxhKoTVlz7+GWom8SrfUeHcn\r\n"
"4+9Dn7xGAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAFxObU8\r\n"
"qwAABAMARzBFAiBFBYPxKEdhlf6bqbwxQY7tskgdoFulPxPmdrzS5tNpPwIhAKnK\r\n"
"qwzch98lINQYzLAV52+C8GXZPXFZNfhfpM4tQ6xbMA0GCSqGSIb3DQEBCwUAA4IB\r\n"
"AQC83ALQ2d6MxeLZ/k3vutEiizRCWYSSMYLVCrxANdsGshNuyM8B8V/A57c0Nzqo\r\n"
"CPKfMtX5IICfv9P/bUecdtHL8cfx24MzN+U/GKcA4r3a/k8pRVeHeF9ThQ2zo1xj\r\n"
"k/7gJl75koztdqNfOeYiBTbFMnPQzVGqyMMfqKxbJrfZlGAIgYHT9bd6T985IVgz\r\n"
"tRVjAoy4IurZenTsWkG7PafJ4kAh6jQaSu1zYEbHljuZ5PXlkhPO9DwW1WIPug6Z\r\n"
"rlylLTTYmlW3WETOATi70HYsZN6NACuZ4t1hEO3AsF7lqjdA2HwTN10FX2HuaUvf\r\n"
"5OzP+PKupV9VKw8x8mQKU6vr\r\n"
"-----END CERTIFICATE-----\r\n";
char x509_buf[4096];
void rom_x509_test(void)
{
int ret;
mbedtls_x509_crt cert, cacert;
iot_printf("\n>>>>mbedtls_x509<<<<\n");
/* 1. init structure */
mbedtls_x509_crt_init(&cert);
mbedtls_x509_crt_init(&cacert);
/* 2. Parser cacert */
iot_printf( "\n . Parse cacert..." );
ret = mbedtls_x509_crt_parse(&cacert, (unsigned char *)baidu_ca_cert, sizeof(baidu_ca_cert));
if(ret != 0) {
iot_printf( " failed\n ! mbedtls_x509_crt_parse cacert returned %d(-0x%04x)\n", ret, -ret);
goto exit;
}
iot_printf( " ok\n" );
/* 2. Cacert parser result */
iot_printf( "\n . Cacert parser result..." );
ret = mbedtls_x509_crt_info(x509_buf, sizeof(x509_buf) - 1, " ", &cacert);
if (ret < 0) {
iot_printf("fail! mbedtls_x509_crt_info return %d(-0x%04x)\n", ret, -ret);
goto exit;
} else {
x509_buf[ret] = '\0';
iot_printf("ok!\r\n");
iot_printf("crt info has %d chars\r\n", strlen(x509_buf));
iot_printf("%s\r\n", x509_buf);
}
exit:
/* 3. release structure */
mbedtls_x509_crt_free(&cert);
mbedtls_x509_crt_free(&cacert);
return;
}
static size_t byte_length(size_t bit_length)
{
return (bit_length + 7) / 8;
}
void sm2_test()
{
int ret;
mbedtls_ecp_keypair ecp_keypair;
char d[128] = {0};
char Qx[128] = {0};
char Qy[128] = {0};
char Qz[128] = {0};
size_t len;
uint8_t *ID_A = (uint8_t *)"123";
uint8_t *message = (uint8_t *)"ABC";
iot_crypto_sm2_keypair_init(&ecp_keypair);
if (iot_crypto_sm2_gen_keypair(&ecp_keypair)) {
dprintf("sm2 gen key err\n");
}
mbedtls_mpi_write_string(&ecp_keypair.Q.X, 16, Qx, 128, &len);
dprintf("sm2 gen key end \npub X:%s\n", Qx);
mbedtls_mpi_write_string(&ecp_keypair.Q.Y, 16, Qy, 128, &len);
dprintf("sm2 gen key end \npub Y:%s\n", Qy);
mbedtls_mpi_write_string(&ecp_keypair.Q.Z, 16, Qz, 128, &len);
dprintf("sm2 gen key end \npub Z:%s\n", Qz);
mbedtls_mpi_write_string(&ecp_keypair.d, 16, d, 128, &len);
dprintf("sm2 gen key end \npri d:%s\n", d);
sm2_ctx ctx;
//ctx param
ctx.key_pair = &ecp_keypair;
ctx.message = message;
ctx.message_size = 3;
ctx.ID = ID_A;
ctx.ENTL = 3;
//signature
ret = iot_crypto_sm2_sign(&ctx);
dprintf("signture r:");
p_buf(ctx.r, byte_length(ecp_keypair.grp.nbits));
dprintf("signture s:");
p_buf(ctx.s, byte_length(ecp_keypair.grp.nbits));
ret = iot_crypto_sm2_verify(&ctx);
if(ret == 0)
dprintf("verify ok\n\n");
else
dprintf("verify failed\n");
iot_crypto_sm2_keypair_free(ctx.key_pair);
/* signature */
sm2_ctx sign_ctx;
mbedtls_ecp_keypair sign_keypair;
sign_ctx.key_pair = &sign_keypair;
sign_ctx.message = message;
sign_ctx.message_size = 3;
sign_ctx.ID = ID_A;
sign_ctx.ENTL = 3;
iot_crypto_sm2_keypair_init(sign_ctx.key_pair);
iot_crypto_sm2_load_curve_arg(&sign_ctx.key_pair->grp);
mbedtls_mpi_read_string(&sign_ctx.key_pair->d, 16, d);
mbedtls_mpi_read_string(&sign_ctx.key_pair->Q.X, 16, Qx);
mbedtls_mpi_read_string(&sign_ctx.key_pair->Q.Y, 16, Qy);
mbedtls_mpi_read_string(&sign_ctx.key_pair->Q.Z, 16, "1");
ret = iot_crypto_sm2_sign(&sign_ctx);
dprintf("signture r:");
p_buf(sign_ctx.r, byte_length(sign_ctx.key_pair->grp.nbits));
dprintf("signture s:");
p_buf(sign_ctx.s, byte_length(sign_ctx.key_pair->grp.nbits));
ret = iot_crypto_sm2_verify(&sign_ctx);
if(ret == 0)
dprintf("verify2 ok\n");
else
dprintf("verify2 failed\n");
iot_crypto_sm2_keypair_free(sign_ctx.key_pair);
/* verify */
sm2_ctx verify_ctx;
mbedtls_ecp_keypair verify_keypair;
verify_ctx.key_pair = &verify_keypair;
verify_ctx.message = message;
verify_ctx.message_size = 3;
verify_ctx.ID = ID_A;
verify_ctx.ENTL = 3;
iot_crypto_sm2_keypair_init(verify_ctx.key_pair);
iot_crypto_sm2_load_curve_arg(&verify_ctx.key_pair->grp);
/* load pub key && pri key */
mbedtls_mpi_read_string(&verify_ctx.key_pair->Q.X, 16, Qx);
mbedtls_mpi_read_string(&verify_ctx.key_pair->Q.Y, 16, Qy);
mbedtls_mpi_read_string(&verify_ctx.key_pair->Q.Z, 16, "1");
os_mem_cpy(verify_ctx.r, sign_ctx.r, MAX_POINT_BYTE_LENGTH);
os_mem_cpy(verify_ctx.s, sign_ctx.s, MAX_POINT_BYTE_LENGTH);
ret = iot_crypto_sm2_verify(&verify_ctx);
if(ret == 0)
dprintf("verify3 ok\n");
else
dprintf("verify3 failed\n");
iot_crypto_sm2_keypair_free(verify_ctx.key_pair);
}
int main(void)
{
dbg_uart_init();
gp_timer_init();
gp_timer_set(0, 0xffffffff, 0);
gp_timer_start(0);
while (gp_timer_get_current_val(0) < 1000000);
gp_timer_stop(0);
dstart();
dversion();
unsigned char sha2_data[] = "admin";
uint8_t res[64];
sec_sys_init();
dcase_start("sha2\n");
dprintf("sha2 source:%s\n", sha2_data);
iot_crypto_sha256(sha2_data, strlen((const char*)sha2_data), res);
dprintf("sha256:");
p_buf(res, 32);
iot_crypto_sha224(sha2_data, strlen((const char*)sha2_data), res);
dprintf("sha224:");
p_buf(res, 28);
iot_crypto_sha384(sha2_data, strlen((const char*)sha2_data), res);
dprintf("sha384:");
p_buf(res, 48);
iot_crypto_sha512(sha2_data, strlen((const char*)sha2_data), res);
dprintf("sha512:");
p_buf(res, 64);
dcase_start("sm4\n");
uint8_t sm4_key[16] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd,
0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
uint8_t sm4_data[16] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd,
0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
uint8_t sm4_iv[16] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd,
0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
uint32_t outlen = 64;
dprintf("sm4 source:");
p_buf(sm4_key, 16);
iot_crypto_sm4(SM4_OPT_ENC, SM4_CBC, sm4_data, 14, res, &outlen, sm4_key,
sm4_iv, 1);
dprintf("outlen: %d sm4 cbc enc:", outlen);
p_buf(res, 16);
outlen = 64;
iot_crypto_sm4(SM4_OPT_DEC, SM4_CBC, sm4_key, 16, res, &outlen, sm4_key,
sm4_iv, 1);
dprintf("outlen: %d sm4 cbc dec:", outlen);
p_buf(res, 16);
outlen = 64;
iot_crypto_sm4(SM4_OPT_ENC, SM4_ECB, sm4_key, 16, res, &outlen, sm4_key,
sm4_iv, 1);
dprintf("sm4 ecb enc:");
p_buf(res, 16);
outlen = 64;
iot_crypto_sm4(SM4_OPT_DEC, SM4_ECB, sm4_key, 16, res, &outlen, sm4_key,
sm4_iv, 1);
dprintf("sm4 ecb dec:");
p_buf(res, 16);
dcase_start("aes\n");
uint8_t aes_data[32] = {0x56, 0xe5, 0x3a, 0x29, 0xfa, 0x4f, 0x1e, 0xfe,
0x17, 0x50, 0x4f, 0xf7, 0x62, 0xf1, 0x5a, 0xda};
uint8_t aes_key[32] = {0x56, 0xe5, 0x3a, 0x29, 0xfa, 0x4f, 0x1e, 0xfe,
0x17, 0x50, 0x4f, 0xf7, 0x62, 0xf1, 0x5a, 0xda,
0x56, 0xe5, 0x3a, 0x29, 0xfa, 0x4f, 0x1e, 0xfe,
0x17, 0x50, 0x4f, 0xf7, 0x62, 0xf1, 0x5a, 0xda};
uint32_t out_len;
for (int i = 0; i < sizeof(aes_data); i++) {
aes_data[i] = i;
}
dprintf("aes source:");
p_buf(aes_data, 32);
/* 1:cbc mode 0:enc */
iot_crypto_aes_setkey_dec(aes_key, 192);
iot_crypto_aes_ecb(0, sizeof(aes_data), aes_data, res);
dprintf("aes ecb enc:");
p_buf(res, sizeof(aes_data));
sec_sys_aes_crypt_ecb(1, sizeof(aes_data), aes_data, res, &out_len);
dprintf("aes ecb dec:");
p_buf(res, sizeof(aes_data));
sec_sys_aes_setkey_enc(aes_key, 128);
sec_sys_aes_crypt_cbc(0, sizeof(aes_data), aes_key, aes_data, res, &out_len);
dprintf("aes cbc enc:");
p_buf(res, sizeof(aes_data));
sec_sys_aes_crypt_cbc(1, sizeof(aes_data), aes_key, aes_data, res, &out_len);
dprintf("aes cbc dec:");
p_buf(res, sizeof(aes_data));
sec_sys_aes1(aes_data, res, aes_key, 0, 0);
dprintf("aes1 ecb enc:");
p_buf(res, 16);
sec_sys_aes1(res, res, aes_key, 0, 1);
dprintf("aes1 ecb dec:");
p_buf(res, 16);
dcase_start("sm3\n");
uint8_t sm3_data[64] = {0};
for (int i = 0; i < 64; i += 1) {
sm3_data[i] = i;
}
(void)sm3_data;
iot_crypto_sm3(sha2_data, 5, res, 64);
dprintf("sm3 source:");
p_buf(sha2_data, 5);
dprintf("sm3:");
p_buf(res, 32);
dcase_start("des\n");
uint8_t des_data[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
uint8_t des_key[24] = {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88};
uint8_t des_iv[8] = {0x17, 0x27, 0xa3, 0xb4, 0xf5, 0x16, 0x7d, 0xd8};
dprintf("des source:");
p_buf(des_data, 16);
/* cbc,enc */
uint32_t outlen2 = 64;
iot_crypto_des(DES_OPT_ENC, DES_ECB, 0, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d des ecb enc:", outlen2);
p_buf(res, outlen2);
outlen2 = 64;
iot_crypto_des(DES_OPT_DEC, DES_ECB, 0, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d des ecb dec:", outlen2);
p_buf(res, outlen2);
outlen2 = 64;
iot_crypto_des(DES_OPT_ENC, DES_CBC, 0, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d des cbc enc:", outlen2);
p_buf(res, outlen2);
outlen2 = 64;
iot_crypto_des(DES_OPT_DEC, DES_CBC, 0, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d des cbc dec:", outlen2);
p_buf(res, outlen2);
outlen2 = 64;
/* 3DES */
iot_crypto_des(DES_OPT_ENC, DES_CBC, 1, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d 3des cbc enc:", outlen2);
p_buf(res, outlen2);
outlen2 = 64;
iot_crypto_des(DES_OPT_DEC, DES_CBC, 1, des_data, 12, res, &outlen2,
des_key, des_iv);
dprintf("outlen2:%d 3des cbc dec:", outlen2);
p_buf(res, outlen2);
dcase_start("sm2 && rsa\n");
uint32_t rsa_data[3] = {0};
sec_sys_sm2_rsa(rsa_data, 7, 55, 123);
dprintf("rsa:7^55mode125 = 0x%x 0x%x status:0x%x\n",
rsa_data[0], rsa_data[1], rsa_data[2]);
dcase_start("gf2mult\n");
uint8_t gf2mult_A[16] = {0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28,
0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78};
uint8_t gf2mult_B[16] = {0x66, 0xe9, 0x4b, 0xd4, 0xef, 0x8a, 0x2c, 0x3b, 0x88, 0x4c,
0xfa, 0x59, 0xca, 0x34, 0x2b, 0x2e};
uint8_t gf2mult_R[16] = {0};
sec_sys_gf2mult(gf2mult_A, gf2mult_B, gf2mult_R);
dprintf("gf2mult:");
p_buf((uint8_t *)gf2mult_R, 16);
dcase_start("gcm-aes\n");
sec_sys_gcm_aes(res);
dprintf("gcm_aes:");
p_buf(res, 16);
crypto_init();
rom_ecc_test();
sm2_test();
rom_mbedtls_init();
rom_sha1_test();
rom_md5_test();
rom_md_test("MD5");
rom_oid_test();
rom_sha256_test();
rom_sha512_test();
rom_aes_test();
rom_random_test();
rom_x509_test();
rom_pk_test();
dprintf(">>>>crypto test end<<<<\n");
while(1);
return 0;
}

388
dtest/dtest3/kl3_sec_test/test.patch Normal file
View File

@@ -0,0 +1,388 @@
diff --git a/iotelic/kunlun/Mainline/build/build_dtest_kl3.sh b/iotelic/kunlun/Mainline/build/build_dtest_kl3.sh
index 9f5cd90..525bb60 100755
--- a/iotelic/kunlun/Mainline/build/build_dtest_kl3.sh
+++ b/iotelic/kunlun/Mainline/build/build_dtest_kl3.sh
@@ -25,10 +25,10 @@ export psram_enable=0
set -o errexit
-make -C .. clobber
+#make -C .. clobber
# clean phy lib etc.
-make -C .. dtest_clean
+#make -C .. dtest_clean
# build kl3 dtest
make -C .. dtest opt_build=1
diff --git a/iotelic/kunlun/Mainline/build/env_kunlun3.sh b/iotelic/kunlun/Mainline/build/env_kunlun3.sh
index 8a4eb7e..6a03009 100644
--- a/iotelic/kunlun/Mainline/build/env_kunlun3.sh
+++ b/iotelic/kunlun/Mainline/build/env_kunlun3.sh
@@ -16,6 +16,7 @@ export fatfs_enable=0
export product_line=PLC
export hw_board_id=13
export bbcpu_enable=0
+export build_amp_type=1
export PLATFORM=CHIP
export fpga_image_type=SOC #SOC/AI/BB/A10/AUDIO
diff --git a/iotelic/kunlun/Mainline/dtest/dtest3/Makefile b/iotelic/kunlun/Mainline/dtest/dtest3/Makefile
index 4f6b65e..bbc554b 100644
--- a/iotelic/kunlun/Mainline/dtest/dtest3/Makefile
+++ b/iotelic/kunlun/Mainline/dtest/dtest3/Makefile
@@ -10,12 +10,10 @@ ifeq ($(target), kunlun3)
hw_dep = hw3
endif
-SUB_DIRS = $(TOPDIR)/common $(TOPDIR)/driver $(TOPDIR)/bb_cpu $(TOPDIR)/startup $(TOPDIR)/os $(TOPDIR)/pib $(TOPDIR)/plc
+SUB_DIRS = $(TOPDIR)/common $(TOPDIR)/driver $(TOPDIR)/startup $(TOPDIR)/pib
ifeq ($(target), kunlun3)
-SUB_DIRS += mac_phy mac_rx_test mac_tx_test
-SUB_DIRS += unit_test_sfc rstflag efuse_test spinlock_test fft_test unit_test_cache_ram \
- unit_test_smc rtc_test kl3_os_systick_test kl3_pmp_test kl3_uart_test
+SUB_DIRS += kl3_sec_test
endif
ifeq ($(dtest_only), 1)
diff --git a/iotelic/kunlun/Mainline/inc/compiler/gcc/cpl_types.h b/iotelic/kunlun/Mainline/inc/compiler/gcc/cpl_types.h
index 17c2774..359a16c 100644
--- a/iotelic/kunlun/Mainline/inc/compiler/gcc/cpl_types.h
+++ b/iotelic/kunlun/Mainline/inc/compiler/gcc/cpl_types.h
@@ -26,7 +26,7 @@ extern "C" {
void cpl_utils_init();
#undef snprintf
-#define snprintf iot_snprintf
+//#define snprintf iot_snprintf
#undef strlen
#define strlen iot_strlen
diff --git a/iotelic/kunlun/Mainline/rom/riscv3/rom/src/drv/src/rom_wdg.c b/iotelic/kunlun/Mainline/rom/riscv3/rom/src/drv/src/rom_wdg.c
index 2b6e511..0556afb 100644
--- a/iotelic/kunlun/Mainline/rom/riscv3/rom/src/drv/src/rom_wdg.c
+++ b/iotelic/kunlun/Mainline/rom/riscv3/rom/src/drv/src/rom_wdg.c
@@ -79,7 +79,7 @@ void rom_wdg_set (rom_wdg_e wdg, uint32_t ena)
void rom_wdg_init(void)
{
/* Just enable WDG0. */
- rom_wdg_set(ROM_WDG0, 1);
+ rom_wdg_set(ROM_WDG0, 0);
rom_wdg_set(ROM_WDG1, 0);
rom_wdg_set(ROM_WDG2, 0);
diff --git a/iotelic/kunlun/Mainline/rom/riscv3/rom/src/rom_main.c b/iotelic/kunlun/Mainline/rom/riscv3/rom/src/rom_main.c
index 5ab0e27..05ea04d 100644
--- a/iotelic/kunlun/Mainline/rom/riscv3/rom/src/rom_main.c
+++ b/iotelic/kunlun/Mainline/rom/riscv3/rom/src/rom_main.c
@@ -381,7 +381,7 @@ void rom_main(void)
goto err_out;
}
- if (!g_rom_data.status.fboot) {
+ if (1) {
/*
* This will init uart port & xmodem & disable WDG0(enter download mode).
* WDG0 will not be enabled when !ROM_OK returned.
diff --git a/iotelic/kunlun/Mainline/sp/boot/crypto/test/chacha20poly1305.c b/iotelic/kunlun/Mainline/sp/boot/crypto/test/chacha20poly1305.c
deleted file mode 100644
index b496b3e..0000000
--- a/iotelic/kunlun/Mainline/sp/boot/crypto/test/chacha20poly1305.c
+++ /dev/null
@@ -1,280 +0,0 @@
-#include <stdio.h>
-#include <stdbool.h>
-#include <string.h>
-#include "keypair.h"
-#include "log.h"
-#include "randombytes.h"
-
-#include "crypto_aead_chacha20poly1305.h"
-#include "crypto_aead_xchacha20poly1305.h"
-
-uint32_t
-randombytes_uniform(const uint32_t upper_bound)
-{
- uint32_t min;
- uint32_t r;
-
- if (upper_bound < 2) {
- return 0;
- }
- min = (1U + ~upper_bound) % upper_bound;
- do {
- randombytes_buf(&r, 4);
- } while (r < min);
-
- return r % upper_bound;
-}
-
-static bool
-_test_chacha20poly1305()
-{
-#undef MLEN
-#define MLEN 10U
-#undef ADLEN
-#define ADLEN 10U
-#undef CLEN
-#define CLEN (MLEN + crypto_aead_chacha20poly1305_ABYTES)
- static const uint8_t firstkey[crypto_aead_chacha20poly1305_KEYBYTES]
- = { 0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf,
- 0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27,
- 0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07 };
- static const uint8_t m[MLEN]
- = { 0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca };
- static const uint8_t nonce[crypto_aead_chacha20poly1305_NPUBBYTES]
- = { 0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a };
- static const uint8_t ad[ADLEN]
- = { 0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0 };
- uint8_t c[CLEN];
- uint8_t detached_c[MLEN];
- uint8_t mac[crypto_aead_chacha20poly1305_ABYTES];
- uint8_t m2[MLEN];
-
- unsigned long long found_clen;
- unsigned long long found_maclen;
- unsigned long long m2len;
- size_t i;
-
- crypto_aead_chacha20poly1305_encrypt(c, &found_clen, m, MLEN,
- ad, ADLEN,
- NULL, nonce, firstkey);
- if (found_clen != CLEN) {
- printf("found_clen is not properly set\n");
- }
- crypto_aead_chacha20poly1305_encrypt_detached(detached_c,
- mac, &found_maclen,
- m, MLEN, ad, ADLEN,
- NULL, nonce, firstkey);
-
- if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, CLEN,
- ad, ADLEN,
- nonce, firstkey) != 0) {
- LOG("crypto_aead_chacha20poly1305_decrypt() failed\n");
- return false;
- }
-
- memset(m2, 0, m2len);
- if (crypto_aead_chacha20poly1305_decrypt_detached(m2, NULL,
- c, MLEN, mac,
- ad, ADLEN,
- nonce, firstkey) != 0) {
- LOG("crypto_aead_chacha20poly1305_decrypt_detached() failed\n");
- return false;
- }
- for (i = 0U; i < CLEN; i++) {
- c[i] ^= (i + 1U);
- if (crypto_aead_chacha20poly1305_decrypt(m2, NULL, NULL, c, CLEN,
- ad, ADLEN, nonce, firstkey)
- == 0 || memcmp(m, m2, MLEN) == 0) {
- LOG("message can be forged\n");
- }
- c[i] ^= (i + 1U);
- }
-
- crypto_aead_chacha20poly1305_encrypt(c, &found_clen, m, MLEN,
- NULL, 0U, NULL, nonce, firstkey);
- if (found_clen != CLEN) {
- LOG("found_clen is not properly set (adlen=0)\n");
- return false;
- }
-
- if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, CLEN,
- NULL, 0U, nonce, firstkey) != 0) {
- LOG("crypto_aead_chacha20poly1305_decrypt() failed (adlen=0)\n");
- return false;
- }
- if (m2len != MLEN) {
- printf("m2len is not properly set (adlen=0)\n");
- }
- if (memcmp(m, m2, MLEN) != 0) return false;
- m2len = 1;
- if (crypto_aead_chacha20poly1305_decrypt(
- m2, &m2len, NULL, NULL,
- randombytes_uniform(crypto_aead_chacha20poly1305_ABYTES),
- NULL, 0U, nonce, firstkey) != -1) {
- LOG("crypto_aead_chacha20poly1305_decrypt() worked with a short "
- "ciphertext\n");
- }
- if (m2len != 0) return false;
- m2len = 1;
- if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, 0U, NULL, 0U,
- nonce, firstkey) != -1) {
- return false;
- }
- if (m2len != 0) return false;
- memcpy(c, m, MLEN);
- crypto_aead_chacha20poly1305_encrypt(c, &found_clen, c, MLEN,
- NULL, 0U, NULL, nonce, firstkey);
- if (found_clen != CLEN) return false;
- if (crypto_aead_chacha20poly1305_decrypt(c, &m2len, NULL, c, CLEN,
- NULL, 0U, nonce, firstkey) != 0) {
- return false;
- }
-
- if (0 != memcmp(m, c, MLEN)) return false;
- if (0 == crypto_aead_chacha20poly1305_keybytes()) return false;
- if (0 == crypto_aead_chacha20poly1305_npubbytes()) return false;
- if (0 != crypto_aead_chacha20poly1305_nsecbytes()) return false;
-
- return true;
-}
-
-static bool
-_test_x_chacha20poly1305()
-{
-#undef MLEN
-#define MLEN 114U
-#undef ADLEN
-#define ADLEN 12U
-#undef CLEN
-#define CLEN (MLEN + crypto_aead_xchacha20poly1305_ietf_ABYTES)
- static const uint8_t firstkey[crypto_aead_xchacha20poly1305_ietf_KEYBYTES]
- = {
- 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
- 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
- 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
- 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
- };
-#undef MESSAGE
-#define MESSAGE "Ladies and Gentlemen of the class of '99: If I could offer you " \
-"only one tip for the future, sunscreen would be it."
- uint8_t m[MLEN];
- static const uint8_t nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES]
- = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
- 0x48, 0x49, 0x4a, 0x4b };
- static const uint8_t ad[ADLEN]
- = { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7 };
- uint8_t c[CLEN];
- uint8_t detached_c[MLEN];
- uint8_t mac[crypto_aead_xchacha20poly1305_ietf_ABYTES];
- uint8_t m2[MLEN];
- unsigned long long found_clen;
- unsigned long long found_maclen;
- unsigned long long m2len;
- size_t i;
-
- if (sizeof MESSAGE - 1U != MLEN) return false;
- memcpy(m, MESSAGE, MLEN);
- crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, m, MLEN,
- ad, ADLEN,
- NULL, nonce, firstkey);
- if (found_clen != MLEN + crypto_aead_xchacha20poly1305_ietf_abytes()) {
- LOG("found_clen is not properly set\n");
- }
- crypto_aead_xchacha20poly1305_ietf_encrypt_detached(detached_c,
- mac, &found_maclen,
- m, MLEN,
- ad, ADLEN,
- NULL, nonce, firstkey);
- if (found_maclen != crypto_aead_xchacha20poly1305_ietf_abytes()) {
- LOG("found_maclen is not properly set\n");
- return false;
- }
-
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, CLEN, ad,
- ADLEN, nonce, firstkey) != 0) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt() failed\n");
- return false;
- }
- memset(m2, 0, m2len);
- if (crypto_aead_xchacha20poly1305_ietf_decrypt_detached(m2, NULL,
- c, MLEN, mac,
- ad, ADLEN,
- nonce, firstkey) != 0) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt_detached() failed\n");
- return false;
- }
- if (memcmp(m, m2, MLEN) != 0) return false;
-
- for (i = 0U; i < CLEN; i++) {
- c[i] ^= (i + 1U);
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, NULL, NULL, c, CLEN,
- ad, ADLEN, nonce, firstkey)
- == 0 || memcmp(m, m2, MLEN) == 0) {
- LOG("message can be forged\n");
- }
- c[i] ^= (i + 1U);
- }
- crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, m, MLEN,
- NULL, 0U, NULL, nonce, firstkey);
- if (found_clen != CLEN) return false;
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, CLEN,
- NULL, 0U, nonce, firstkey) != 0) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt() failed (adlen=0)\n");
- return false;
- }
- if (m2len != MLEN) return false;
- if (memcmp(m, m2, MLEN) != 0) return false;
- m2len = 1;
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(
- m2, &m2len, NULL, NULL,
- randombytes_uniform(crypto_aead_xchacha20poly1305_ietf_ABYTES),
- NULL, 0U, nonce, firstkey) != -1) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt() worked with a short "
- "ciphertext\n");
- }
- if (m2len != 0) return false;
- m2len = 1;
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, 0U, NULL, 0U,
- nonce, firstkey) != -1) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt() worked with an empty "
- "ciphertext\n");
- }
- if (m2len != 0) return false;
-
- memcpy(c, m, MLEN);
- crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, c, MLEN,
- NULL, 0U, NULL, nonce, firstkey);
- if (found_clen != CLEN) return false;
- if (crypto_aead_xchacha20poly1305_ietf_decrypt(c, &m2len, NULL, c, CLEN,
- NULL, 0U, nonce, firstkey) != 0) {
- LOG("crypto_aead_xchacha20poly1305_ietf_decrypt() failed (adlen=0)\n");
- return false;
- }
- if (m2len != MLEN) return false;
- if (memcmp(m, c, MLEN) != 0) return false;
-
- if (crypto_aead_xchacha20poly1305_ietf_keybytes() != crypto_aead_xchacha20poly1305_ietf_KEYBYTES) return false;
- if (crypto_aead_xchacha20poly1305_ietf_npubbytes() != crypto_aead_xchacha20poly1305_ietf_NPUBBYTES) return false;
- if (crypto_aead_xchacha20poly1305_ietf_nsecbytes() != 0) return false;
- if (crypto_aead_xchacha20poly1305_ietf_nsecbytes() != crypto_aead_xchacha20poly1305_ietf_NSECBYTES) return false;
- if (crypto_aead_xchacha20poly1305_IETF_KEYBYTES != crypto_aead_xchacha20poly1305_ietf_KEYBYTES) return false;
- if (crypto_aead_xchacha20poly1305_IETF_NSECBYTES != crypto_aead_xchacha20poly1305_ietf_NSECBYTES) return false;
- if (crypto_aead_xchacha20poly1305_IETF_NPUBBYTES != crypto_aead_xchacha20poly1305_ietf_NPUBBYTES) return false;
- if (crypto_aead_xchacha20poly1305_IETF_ABYTES != crypto_aead_xchacha20poly1305_ietf_ABYTES) return false;
-
- return true;
-}
-
-bool
-test_chacha20poly1305(void)
-{
- if (!_test_chacha20poly1305()) {
- LOG("ChaCha20_Poly1305 error");
- return false;
- }
- if (!_test_x_chacha20poly1305()) {
- LOG("X ChaCha20_Poly1305 error");
- return false;
- }
- return true;
-}
diff --git a/iotelic/kunlun/Mainline/sp/boot/crypto/test/keypair.c b/iotelic/kunlun/Mainline/sp/boot/crypto/test/keypair.c
index 284cd6d..c8446ac 100644
--- a/iotelic/kunlun/Mainline/sp/boot/crypto/test/keypair.c
+++ b/iotelic/kunlun/Mainline/sp/boot/crypto/test/keypair.c
@@ -56,8 +56,8 @@ test_keypair(void)
if (!_test_create_fail()) return false;
#if (TARGET_VERSION == TARGET_KUNLUN3)
if (!_test_create_key(KEY_SLOT_1, KEYPAIR_RSA_2048)) return false;
- if (!_test_create_key(KEY_SLOT_2, KEYPAIR_RSA_3072)) return false;
- if (!_test_create_key(KEY_SLOT_1, KEYPAIR_RSA_4096)) return false;
+// if (!_test_create_key(KEY_SLOT_2, KEYPAIR_RSA_3072)) return false;
+// if (!_test_create_key(KEY_SLOT_1, KEYPAIR_RSA_4096)) return false;
#endif
return true;