Improvements for portability using older gcc 4.8.2. Make sure wolfboot.h includes the wolfBoot_verify_* API's. Fixed issue with parsing headers when #include is # include.

Author: dgarske

docs/Renesas.md

@@ -17,7 +17,7 @@ Platforms Supported:
 All of the Renesas examples support using e2Studio.
 The Renesas RX parts support using wolfBoot Makefile's with the rx-elf-gcc cross-compiler and example .config files.
 
-### Security Key Management Tool (SKMT) Key Wrapping
+## Security Key Management Tool (SKMT) Key Wrapping
 
 1) Setup a Renesas KeyWrap account and do the PGP key exchange.
 https://dlm.renesas.com/keywrap
@@ -34,7 +34,7 @@ Use GPG4Win and the Sign/Encrypt option. Sign with your own GPG key and encrypt
 It will use the Hidden Root Key (HRK) that both Renesas and the RX TSIP have pre-provisioned from Renesas Factory.
 Result is `sample.key_enc.key`. Example: `00000001 6CCB9A1C 8AA58883 B1CB02DE 6C37DA60 54FB94E2 06EAE720 4D9CCF4C 6EEB288C`
 
-### RX TSIP
+## RX TSIP
 
 1) Build key tools for Renesas
 
@@ -164,11 +164,24 @@ Output image(s) successfully created.
 Download files to flash using Renesas flash programmer.
 
 
-#### RX TSIP Benchmarks
+### RX TSIP Benchmarks
 
 | Hardware | Clock  | Algorithm         | RX TSIP  | Debug    | Release (-Os) | Release (-O2) |
 | -------- | ------ | ----------------- | -------- | -------- | ------------- | ------------- |
 | RX72N    | 240MHz | ECDSA Verify P384 | 17.26 ms | 1570 ms  |  441 ms       |  313 ms       |
 | RX72N    | 240MHz | ECDSA Verify P256 |  2.73 ms |  469 ms  |  135 ms       |  107 ms       |
 | RX65N    | 120MHz | ECDSA Verify P384 | 18.57 ms | 4213 ms  | 2179 ms       | 1831 ms       |
 | RX65N    | 120MHz | ECDSA Verify P256 |  2.95 ms | 1208 ms  |  602 ms       |  517 ms       |
+
+
+## RX Production Protection (recommendations)
+
+1) Lockdown external serial programmer `SPCC.SPE = 0`
+2) Flash Access Window Setting Register (FAW)
+  * BTFLG: Start-up Area Select FAW.BTFLG (1=FFFF E000h to FFFF FFFFh, 0=FFFF C000h to FFFF DFFFh)
+  * FSPR - FAW.FSPR Access Window Protection (0=protections enabled) Once changed to 0 cannot be reset.
+3) ROM Code Protection Register `ROMCODE.CODE[31:0]`
+  * 0000 0000h: ROM code protection enabled (ROM code protection 1)
+  * 0000 0001h: ROM code protection enabled (ROM code protection 2)
+  * Other than above: ROM code protection disabled
+4) Options Trusted Memory (TM) Enable `TMEF.TMEF[2:0] = b000` - prevents reading of blocks 8 and 9 (see 59.17 Trusted Memory) - Location for keys or code that should not be read

include/image.h

@@ -833,7 +833,6 @@ int wolfBoot_open_image_external(struct wolfBoot_image* img, uint8_t part, uint8
 int wolfBoot_open_image_address(struct wolfBoot_image* img, uint8_t* image);
 int wolfBoot_verify_integrity(struct wolfBoot_image *img);
 int wolfBoot_verify_authenticity(struct wolfBoot_image *img);
-int wolfBoot_get_partition_state(uint8_t part, uint8_t *st);
 int wolfBoot_set_partition_state(uint8_t part, uint8_t newst);
 int wolfBoot_get_update_sector_flag(uint16_t sector, uint8_t *flag);
 int wolfBoot_set_update_sector_flag(uint16_t sector, uint8_t newflag);

include/user_settings.h

@@ -37,6 +37,8 @@
 #define WOLFSSL_USER_MUTEX /* avoid wc_port.c wc_InitAndAllocMutex */
 #define WOLFCRYPT_ONLY
 #define SIZEOF_LONG_LONG 8
+#define HAVE_EMPTY_AGGREGATES 0
+#define HAVE_ANONYMOUS_INLINE_AGGREGATES 0
 
 /* Stdlib Types */
 #define CTYPE_USER /* don't let wolfCrypt types.h include ctype.h */
@@ -533,6 +535,7 @@ extern int tolower(int c);
 
 #ifdef WOLFBOOT_ENABLE_WOLFHSM_CLIENT
 #   define WOLF_CRYPTO_CB
+#   undef  HAVE_ANONYMOUS_INLINE_AGGREGATES
 #   define HAVE_ANONYMOUS_INLINE_AGGREGATES 1
 #   define WOLFSSL_KEY_GEN
 #endif /* WOLFBOOT_ENABLE_WOLFHSM_CLIENT */

include/wolfboot/wolfboot.h

@@ -164,7 +164,11 @@ extern "C" {
 
 /* Hashing configuration */
 #if defined(WOLFBOOT_HASH_SHA256)
-#   include "wolfssl/wolfcrypt/sha256.h"
+    #include "wolfssl/wolfcrypt/settings.h"
+    #include "wolfssl/wolfcrypt/visibility.h"
+    #include "wolfssl/wolfcrypt/wc_port.h"
+    #include "wolfssl/wolfcrypt/types.h"
+    #include "wolfssl/wolfcrypt/sha256.h"
 #   ifndef WOLFBOOT_SHA_BLOCK_SIZE
 #     define WOLFBOOT_SHA_BLOCK_SIZE (256)
 #   endif
@@ -179,7 +183,11 @@ extern "C" {
     typedef wc_Sha256 wolfBoot_hash_t;
 #   define HDR_HASH HDR_SHA256
 #elif defined(WOLFBOOT_HASH_SHA384)
-#   include "wolfssl/wolfcrypt/sha512.h"
+    #include "wolfssl/wolfcrypt/settings.h"
+    #include "wolfssl/wolfcrypt/visibility.h"
+    #include "wolfssl/wolfcrypt/wc_port.h"
+    #include "wolfssl/wolfcrypt/types.h"
+    #include "wolfssl/wolfcrypt/sha512.h"
 #   ifndef WOLFBOOT_SHA_BLOCK_SIZE
 #     define WOLFBOOT_SHA_BLOCK_SIZE (256)
 #   endif
@@ -194,7 +202,11 @@ extern "C" {
     typedef wc_Sha384 wolfBoot_hash_t;
 #   define HDR_HASH HDR_SHA384
 #elif defined(WOLFBOOT_HASH_SHA3_384)
-#   include "wolfssl/wolfcrypt/sha3.h"
+    #include "wolfssl/wolfcrypt/settings.h"
+    #include "wolfssl/wolfcrypt/visibility.h"
+    #include "wolfssl/wolfcrypt/wc_port.h"
+    #include "wolfssl/wolfcrypt/types.h"
+    #include "wolfssl/wolfcrypt/sha3.h"
 #   ifndef WOLFBOOT_SHA_BLOCK_SIZE
 #     define WOLFBOOT_SHA_BLOCK_SIZE (128)
 #   endif
@@ -326,6 +338,12 @@ extern "C" {
 #define FLASH_WORD_ERASED   0x00000000UL
 #endif
 
+#ifdef __WOLFBOOT
+    /* include after PART_* are defined */
+    /* for wolfBoot_verify_integrity and wolfBoot_verify_authenticity */
+    #include "image.h"
+#endif
+
 void wolfBoot_update_trigger(void);
 void wolfBoot_success(void);
 uint32_t wolfBoot_image_size(uint8_t *image);

src/delta.c

@@ -43,7 +43,7 @@ struct BLOCK_HDR_PACKED block_hdr {
 #define BLOCK_HDR_SIZE (sizeof (struct block_hdr))
 
 #if defined(EXT_ENCRYPTED) && defined(__WOLFBOOT)
-#include "encrypt.h"
+#include "image.h"
 #define ext_flash_check_write ext_flash_encrypt_write
 #define ext_flash_check_read ext_flash_decrypt_read
 #elif defined(__WOLFBOOT)