OVMS3/OVMS.V3/components/wolfssl/scripts/stm32l4-v4_0_1_build.sh

200 lines
7.9 KiB
Bash
Raw Normal View History

#!/bin/bash
WOLF_ROOT=$(eval "pwd")
echo "WOLF_ROOT set to: \"$WOLF_ROOT\""
cd ../ || exit 5
APP_ROOT=$(eval "pwd")
echo "APP_ROOT set to: \"$APP_ROOT\""
cd ../../ || exit 5
FIRMWARE_ROOT=$(eval "pwd")
echo "FIRMWARE_ROOT set to: \"$FIRMWARE_ROOT\""
cd "$WOLF_ROOT" || exit 5
WOLFCRYPT_SRC_LIST=(wolfcrypt_first hmac random sha256 rsa ecc aes des3 sha
sha512 sha3 dh cmac fips fips_test wolfcrypt_last asn coding
dsa error hash logging md5 memory signature tfm wc_encrypt
wc_port wolfmath
)
assumptions(){
printf '%s\n' "ASSUMPTIONS:"
printf '%s\n' "It is assumed that the firmware directory layout is as follows:"
printf '%s\n' "firmware-root/"
printf '%s\n' "firmware-root/dir1/"
printf '%s\n' "firmware-root/dir1/app-root/"
printf '%s\n' "firmware-root/dir1/app-root/wolfssl-x.x.x-commercial-fips-stm32l4-v2/"
printf '\n\n%s\n' "It is also assumed this script will be run from the directory:"
printf '%s\n' "firmware-root/dir1/app-root/wolfssl-x.x.x-commercial-fips-stm32l4-v2/"
printf '%s\n' "with the command:"
printf '%s\n' "./scripts/stm32l4-v4_0_2_build.sh"
}
flatten_wolfcrypt_sources(){
if [ -d "$WOLF_ROOT" ]; then
for TARGET_FILE in "${WOLFCRYPT_SRC_LIST[@]}"
do
if [ -f "$APP_ROOT/$TARGET_FILE".c ]; then
printf '%s\n' "Removing: APP_ROOT/$TARGET_FILE.c"
rm "$APP_ROOT/$TARGET_FILE".c
fi
printf '%s\n' "WOLF_ROOT/wolfcrypt/src/$TARGET_FILE.c --> APP_ROOT/$TARGET_FILE.c"
cp "$WOLF_ROOT/wolfcrypt/src/$TARGET_FILE".c "$APP_ROOT/"
done
# uncomment to copy over the test app for testing purposes
#cp "$WOLF_ROOT/wolfcrypt/test/test.c" ./
else
printf '%s\n' "Please update the MY_WOLF_RELEASE_VARIABLE to the name"
printf '%s\n' "of the release you received most recently. Currently"
printf '%s\n' "it is set to \"$MY_WOLF_RELEASE_NAME\""
fi
}
update_user_settings(){
if [ -f user_settings.h ]; then
printf '%s\n' "Removing old user_settings.h"
rm user_settings.h
fi
printf '%s\n' "Generating new user_settings.h..."
touch user_settings.h
printf '%s\n' "#ifndef STM32L4_V_4_0_1_USER_SETTINGS_H" > user_settings.h
{
printf '%s\n' "#define STM32L4_V_4_0_1_USER_SETTINGS_H";
printf '%s\n' "";
printf '%s\n' "/* FIPS SETTINGS - BEGIN */";
printf '%s\n' "#define HAVE_FIPS";
printf '%s\n' "#define HAVE_FIPS_VERSION 2";
printf '%s\n' "#define NO_THREAD_LS";
printf '%s\n' "#define NO_STRICT_ECDSA_LEN";
printf '%s\n' "#define HAVE_ECC";
printf '%s\n' "#define HAVE_HKDF";
printf '%s\n' "#define HAVE_AESCCM";
printf '%s\n' "#define HAVE_AES_ECB";
printf '%s\n' "#define HAVE_ECC_CDH";
printf '%s\n' "#define HAVE_FFDHE_Q";
printf '%s\n' "#define HAVE_FFDHE_2048"; # NEW
printf '%s\n' "#define HAVE_HASHDRBG";
printf '%s\n' "#define WOLFSSL_SHA3";
printf '%s\n' "#define WOLFSSL_CMAC";
printf '%s\n' "#define WOLFSSL_SHA224";
printf '%s\n' "#define WOLFSSL_SHA384";
printf '%s\n' "#define WOLFSSL_SHA512";
printf '%s\n' "#define WOLFSSL_KEY_GEN";
printf '%s\n' "#define WOLFSSL_PUBLIC_MP";
printf '%s\n' "#define WOLFSSL_AES_DIRECT";
printf '%s\n' "#define WOLFSSL_AES_COUNTER";
printf '%s\n' "#define WOLFSSL_BASE64_ENCODE";
printf '%s\n' "#define WOLFSSL_VALIDATE_FFC_IMPORT";
printf '%s\n' "#define WOLFSSL_VALIDATE_ECC_IMPORT";
printf '%s\n' "#define WC_RSA_PSS";
printf '%s\n' "#define WC_RSA_NO_PADDING";
# NEW printf '%s\n' "#define WC_RSA_BLINDING";
printf '%s\n' "#define FP_MAX_BITS 8192";
printf '%s\n' "";
printf '%s\n' "/* For operational testing use only in validation effort */";
# printf '%s\n' "/* #define HAVE_FORCE_FIPS_FAILURE */";
printf '%s\n' "#define HAVE_FORCE_FIPS_FAILURE";
printf '%s\n' "/* FIPS SETTINGS - END */";
printf '%s\n' "";
printf '%s\n' "/* Debugging */";
printf '%s\n' "/* #define WOLFSSL_DEBUG_MEMORY */";
printf '%s\n' "/* #define WOLFSSL_TRACK_MEMORY */";
printf '%s\n' "/* #define WOLFSSL_DEBUG_MEMORY_PRINT */";
printf '%s\n' "/* Debugging */";
printf '%s\n' "";
printf '%s\n' "/* Environment settings */";
printf '%s\n' "#define NO_FILESYSTEM";
printf '%s\n' "#define USE_FAST_MATH";
printf '%s\n' "#define NO_MAIN_DRIVER";
printf '%s\n' "#define WOLFCRYPT_ONLY";
printf '%s\n' "#define WC_RSA_BLINDING";
printf '%s\n' "#define SINGLE_THREADED";
printf '%s\n' "#define TFM_TIMING_RESISTANT";
printf '%s\n' "#define ECC_TIMING_RESISTANT";
printf '%s\n' "#define USE_CERT_BUFFERS_256";
printf '%s\n' "#define USE_CERT_BUFFERS_2048";
printf '%s\n' "#define WOLFSSL_STM32L4";
printf '%s\n' "#define WOLFSSL_STM32_CUBEMX";
printf '%s\n' "#define WOLFSSL_CUBEMX_USE_LL";
printf '%s\n' "#define STM32_RNG";
printf '%s\n' "#define NO_STM32_CRYPTO";
printf '%s\n' "#define NO_STM32_HASH";
printf '%s\n' "#define NO_OLD_RNGNAME";
printf '%s\n' "/* Environment settings */";
printf '%s\n' "";
printf '%s\n' "/* Tuning options */";
printf '%s\n' "#define ALT_ECC_SIZE";
printf '%s\n' "#define NO_RC4";
printf '%s\n' "#define NO_MD4";
printf '%s\n' "#define NO_PSK";
printf '%s\n' "#define NO_HC128";
printf '%s\n' "#define NO_RABBIT";
printf '%s\n' "#define GCM_SMALL";
printf '%s\n' "#define TFM_ECC256";
printf '%s\n' "#define ECC_SHAMIR";
printf '%s\n' "#define HAVE_AESGCM";
printf '%s\n' "#define NO_PWDBASED";
printf '%s\n' "/* Tuning options */";
printf '%s\n' "";
printf '%s\n' "/* Non-FIPS related settings */";
printf '%s\n' "#define HAVE_TLS_EXTENSIONS";
printf '%s\n' "#define HAVE_EXTENDED_MASTER";
printf '%s\n' "#define HAVE_SUPPORTED_CURVES";
printf '%s\n' "/* Non-FIPS related settings */";
printf '%s\n' "";
printf '%s\n' "/* Agent harness settings */";
printf '%s\n' "#define USE_NORMAL_PRINTF";
printf '%s\n' "#define STM32L4R9I_DISCO";
printf '%s\n' "#define USE_NORMAL_SCAN";
printf '%s\n' "#define HAVE_FIPS";
printf '%s\n' "#define HAVE_FIPS_VERSION 2";
printf '%s\n' "#define VERIFY_GENERATED_PSS_SIGS";
printf '%s\n' "/* Agent harness settings */";
printf '%s\n' "";
printf '%s\n' "#endif /* STM32L4_V_4_0_1_USER_SETTINGS_H */";
printf '%s\n' "";
} >> user_settings.h
printf '%s\n' "new user_settings.h has been created"
}
assumptions
if [ -f wolfssl/ssl.h ]; then
if [ -f "$FIRMWARE_ROOT"/project.mk ]; then
printf '%s\n' "Found ../../../project.mk, wolfSSL properly placed in"
printf '%s\n' "application root directory"
else
printf '%s\n' "Failed to locate ../../../project.mk, wolfSSL in wrong"
printf '%s\n' "location or assumptions need updated."
fi
else
printf '%s\n' "Run this script from the wolfSSL root directory"
exit 1
fi
flatten_wolfcrypt_sources
# optional test application, remove if not testing
if [ -f "$APP_ROOT/test.c" ]; then
printf '%s\n' "Removing: $APP_ROOT/test.c"
rm "$APP_ROOT/test.c"
fi
printf '%s\n' "WOLF_ROOT/wolfcrypt/test/test.c --> APP_ROOT/test.c"
cp "$WOLF_ROOT/wolfcrypt/test/test.c" "$APP_ROOT/"
# optional test application section end
# used during fips validation only, these will not be in final distribution
#./scripts/flatten-agent-sources.sh
#./scripts/flatten-op-test.sh
# used during fips validation only, these will not be in final distribution
update_user_settings
cd "$FIRMWARE_ROOT"
make clean
make -j 1
cd "$APP_ROOT"
make install-target