Fixes and improvements for building with low footprint. Fix for ASN template with RSA verify only (was missing mp_leading_bit). Fix to allow disabling DRBG with crypto callbacks enabled. Updated the wolfTPM user_settings.h template with low resource option.

Author: dgarske

IDE/NETOS/user_settings.h

@@ -458,7 +458,6 @@ extern "C" {
 /* RNG */
 /* ------------------------------------------------------------------------- */
 
-/* Seed Source */
 /* Seed Source */
 #if 1
     extern int my_rng_generate_seed(unsigned char* output, int sz);

configure.ac

@@ -1838,10 +1838,13 @@ AC_ARG_ENABLE([lowresource],
 if test "$ENABLED_LOWRESOURCE" = "yes"
 then
     # low memory / flash flags
-    AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DGCM_SMALL -DCURVE25519_SMALL -DED25519_SMALL -DWOLFSSL_SMALL_CERT_VERIFY -DWOLFSSL_NO_ASYNC_IO"
+    AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DCURVE25519_SMALL -DED25519_SMALL -DWOLFSSL_SMALL_CERT_VERIFY -DWOLFSSL_NO_ASYNC_IO"
 
     # low flash flags
     AM_CFLAGS="$AM_CFLAGS -DUSE_SLOW_SHA -DUSE_SLOW_SHA256 -DUSE_SLOW_SHA512"
+
+    # AES small
+    AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL -DWOLFSSL_AES_NO_UNROLL -DWOLFSSL_AES_SMALL_TABLES"
 fi
 
 

examples/configs/user_settings_wolftpm.h

@@ -20,16 +20,44 @@
  */
 
 
-/* should be renamed to user_settings.h for customer use
- * generated from configure and wolfssl/options.h using:
- * ./configure --enable-wolftpm --disable-dh --disable-oldtls \
- *    --disable-sha3 --disable-sha512 --disable-sha384 --disable-sha224 \
- *    --disable-pkcs12 --disable-chacha --disable-poly1305 \
- *    --disable-sys-ca-certs --disable-examples
- *
- * Cleaned up by David Garske
+/* To use the rename file to user_settings.h and define WOLFSSL_USER_SETTINGS */
+
+/* Test using:
+cp ./examples/configs/user_settings_wolftpm.h user_settings.h
+./configure --enable-usersettings --disable-examples CFLAGS="-Os"
+make
+*/
+
+/* Options generated from configure and wolfssl/options.h using:
+./configure --enable-wolftpm --disable-dh --disable-oldtls \
+  --disable-sha3 --disable-sha512 --disable-sha384 --disable-sha224 \
+  --disable-pkcs12 --disable-chacha --disable-poly1305 \
+  --disable-sys-ca-certs --disable-examples
+*/
+
+/* Options for USE_LOW_RESOURCE generated with configure and wolfssl/options.h
+ * using:
+./configure --enable-lowresource --enable-cryptonly --enable-aescfb \
+  --enable-hmac --enable-cryptocb --enable-singlethreaded \
+  --enable-sp=smallrsa2048 --enable-sp-math --disable-sp-asm \
+  --disable-filesystem --disable-asm --disable-pkcs8 --disable-pkcs12 \
+  --disable-ecc --disable-dh \
+  --disable-sha224 --disable-sha384 --disable-sha512 \
+  --disable-md5 --disable-sha3 \
+  --disable-aescbc --disable-aesgcm --disable-aesccm \
+  --disable-poly1305 --disable-chacha \
+  --disable-hashdrbg \
+  --disable-sys-ca-certs --disable-error-queue-per-thread \
+  --disable-oldtls --disable-errorstrings --disable-memory --disable-coding \
+  --disable-examples --disable-optflags \
+  CFLAGS="-Os -DNO_SIG_WRAPPER -DNO_AES_192 -DNO_AES_256 \
+  -DWOLFSSL_RSA_PUBLIC_ONLY -DWOLFSSL_RSA_VERIFY_INLINE -DNO_CHECK_PRIVATE_KEY"
  */
 
+/* For the wolfTPM build:
+./configure --enable-swtpm CFLAGS="-Os" && make
+*/
+
 
 #ifndef WOLF_USER_SETTINGS_TPM_H
 #define WOLF_USER_SETTINGS_TPM_H
@@ -38,7 +66,15 @@
 extern "C" {
 #endif
 
-#if 1
+/* enable for low resource options */
+#if 0
+    #define USE_LOW_RESOURCE
+#endif
+
+#ifdef USE_LOW_RESOURCE
+    /* wolfCrypt only (no SSL/TLS) */
+    #define WOLFCRYPT_ONLY
+#else
     /* wolfTPM with TLS example (v1.3 only) */
     #define WOLFSSL_TLS13
     #define WOLFSSL_NO_TLS12
@@ -52,78 +88,136 @@ extern "C" {
     #define HAVE_HKDF
     #define WC_RSA_PSS
     #define WOLFSSL_PSS_LONG_SALT
-#else
-    /* wolfCrypt only (no SSL/TLS) */
-    #define WOLFCRYPT_ONLY
 #endif
 
 /* No threading or file system */
 #define SINGLE_THREADED
-/* File system disable */
-#if 0
-    #define NO_FILESYSTEM
-#endif
 
 /* Enable crypto callbacks */
 #define WOLF_CRYPTO_CB
 
-/* Enable PRNG (SHA2-256) */
-#define HAVE_HASHDRBG
-
-/* Enable SP math all (sp_int.c) with multi-precision support */
-#define WOLFSSL_SP_MATH_ALL
+#ifdef USE_LOW_RESOURCE
+    /* Single Precision math for RSA 2048 only (small) */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_SP_MATH
+    #define WOLFSSL_SP_SMALL
+    #define WOLFSSL_SP_NO_3072 /* 2048-only */
+#else
+    /* Enable SP math all (sp_int.c) with multi-precision support */
+    #define WOLFSSL_SP_MATH_ALL
+#endif
 
 /* Enable hardening (timing resistance) */
 #define TFM_TIMING_RESISTANT
 #define ECC_TIMING_RESISTANT
 #define WC_RSA_BLINDING
 
+/* Enable PRNG (SHA2-256) */
+#ifdef USE_LOW_RESOURCE
+    /* use TPM TRNG */
+    #define WC_NO_HASHDRBG
+#else
+    #define HAVE_HASHDRBG
+#endif
+
 /* Asymmetric */
-#define HAVE_ECC
-#undef NO_RSA
-#define NO_DH
-#ifndef NO_DH
+#if 1 /* RSA - needed to encrypt salt */
+    #undef  NO_RSA
+    #ifdef USE_LOW_RESOURCE
+        #define WOLFSSL_RSA_PUBLIC_ONLY
+        #define WOLFSSL_RSA_VERIFY_INLINE
+        #define NO_CHECK_PRIVATE_KEY
+    #endif
+#else
+    #define NO_RSA
+#endif
+#ifndef USE_LOW_RESOURCE /* ECC */
+    #define HAVE_ECC
+    #define ECC_USER_CURVES /* default to only SECP256R1 */
+#endif
+#ifndef USE_LOW_RESOURCE /* DH */
+    #undef  NO_DH
     #define HAVE_FFDHE_2048
     #define HAVE_DH_DEFAULT_PARAMS
+#else
+    #define NO_DH
 #endif
 
 /* Symmetric Hash */
 #undef NO_SHA
 #undef NO_SHA256
-#define WOLFSSL_SHA512
-#define WOLFSSL_SHA384
+#ifndef USE_LOW_RESOURCE
+    #define WOLFSSL_SHA512
+    #define WOLFSSL_SHA384
+#endif
 
 /* Symmetric Cipher */
-#define HAVE_AES_KEYWRAP
-#define WOLFSSL_AES_DIRECT
 #define WOLFSSL_AES_CFB
-#define HAVE_AESGCM
-#define GCM_TABLE_4BIT
+#define HAVE_AES_DECRYPT
+#ifndef USE_LOW_RESOURCE
+    #define HAVE_AES_KEYWRAP
+    #define WOLFSSL_AES_DIRECT
+    #define HAVE_AESGCM
+    #define GCM_TABLE_4BIT
+#else
+    #define NO_AES_CBC
+#endif
 
-#if 0
+#if 0 /* ChaCha20 / Poly1305 */
     #define HAVE_POLY1305
     #define HAVE_CHACHA
 #endif
 
 /* Features */
-#define WOLFSSL_CERT_GEN
-#define WOLFSSL_CERT_REQ
-#define WOLFSSL_CERT_EXT
-
-#define HAVE_PKCS7
-#define HAVE_X963_KDF
-#define WOLFSSL_BASE64_ENCODE
-
+#define WOLFSSL_ASN_TEMPLATE
+#define WOLFSSL_USER_IO /* user recv/send callbacks for network IO */
+#ifndef USE_LOW_RESOURCE
+    #define WOLFSSL_CERT_GEN
+    #define WOLFSSL_CERT_REQ
+    #define WOLFSSL_CERT_EXT
+
+    #define HAVE_PKCS7
+    #define HAVE_X963_KDF
+    #define WOLFSSL_BASE64_ENCODE
+#endif
 
 /* Disables */
+#define NO_PKCS8
+#define NO_PKCS12
+#define NO_PWDBASED
 #define NO_DSA
 #define NO_DES3
 #define NO_RC4
 #define NO_PSK
 #define NO_MD4
+#define NO_MD5
 #define WOLFSSL_NO_SHAKE128
 #define WOLFSSL_NO_SHAKE256
-
+#define NO_WRITEV
+
+/* Low Resource Options */
+#ifdef USE_LOW_RESOURCE
+    #define NO_FILESYSTEM /* File system disable */
+    #define NO_ERROR_STRINGS
+    #define WOLFSSL_NO_ASM
+    #define TFM_NO_ASM
+    #define NO_WOLFSSL_MEMORY
+    #define NO_SESSION_CACHE
+    #define RSA_LOW_MEM
+    #define WOLFSSL_AES_SMALL_TABLES
+    #define WOLFSSL_AES_NO_UNROLL
+    #define GCM_SMALL
+    #undef  GCM_TABLE_4BIT
+    #define NO_AES_192
+    #define NO_AES_256
+    #define USE_SLOW_SHA
+    #define USE_SLOW_SHA256
+    #define USE_SLOW_SHA512
+    #define NO_SIG_WRAPPER
+    #define NO_ASN_TIME
+    #define NO_CODING
+    #define NO_BIG_INT
+#endif
 
 #ifdef __cplusplus
 }

wolfcrypt/benchmark/benchmark.c

@@ -6516,7 +6516,7 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
                                           BENCH_ASYNC_GET_DEV(&rsaKey[i]),
                                           1, &times, ntimes, &pending)) {
                         ret = wc_RsaSSL_Sign(message, len, enc[i],
-                                                rsaKeySz/8, &rsaKey[i], &gRng);
+                                            rsaKeySz/8, &rsaKey[i], GLOBAL_RNG);
                         if (!bench_async_handle(&ret,
                                            BENCH_ASYNC_GET_DEV(&rsaKey[i]),
                                            1, &times, &pending)) {
@@ -7371,7 +7371,7 @@ void bench_ecc(int useDeviceID, int curveId)
                     }
 
                     ret = wc_ecc_sign_hash(digest[i], (word32)keySize, sig[i],
-                                           &x[i], &gRng, &genKey[i]);
+                                           &x[i], GLOBAL_RNG, &genKey[i]);
 
                     if (!bench_async_handle(&ret,
                                 BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,

wolfcrypt/src/cryptocb.c

@@ -235,7 +235,7 @@ int wc_CryptoCb_GetDevIdAtIndex(int startIdx)
 
 /* Used to register a find device function. Useful for cases where the
  * device ID in the struct may not have been set but still wanting to use
- * a specifice crypto callback device ID. The find callback is global and
+ * a specific crypto callback device ID. The find callback is global and
  * not thread safe. */
 void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb)
 {

wolfcrypt/src/sp_int.c

@@ -5605,7 +5605,7 @@ int sp_cnt_lsb(const sp_int* a)
 }
 #endif /* WOLFSSL_SP_MATH_ALL || WOLFSSL_HAVE_SP_DH || (HAVE_ECC && FP_ECC) */
 
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) || \
+#if !defined(WOLFSSL_RSA_VERIFY_ONLY) || defined(WOLFSSL_ASN_TEMPLATE) || \
     (defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_ASN))
 /* Determine if the most significant byte of the encoded multi-precision number
  * has the top bit set.