Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support for the STM32WL55 and PKA improvements for ECC parameters. Fixes #6386 and Fixes #6396.

Browse Source
This commit is contained in:
David Garske
2023-10-31 15:46:22 -07:00
parent 7435d235a6
commit 33e12e3537
9 changed files with 441 additions and 381 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
IDE/STM32Cube/README.md
View File

@@ -31,7 +31,7 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu
2. Under “Software Packs” choose “Select Components”.
3. Find and check all components for the wolfSSL.wolfSSL packs (wolfSSL / Core, wolfCrypt / Core and wolfCrypt / Test). Close
4. Under the “Software Packs” section click on “wolfSSL.wolfSSL” and configure the parameters.
5. For Cortex-M recommend “Math Configuration” -> “Single Precision Cortex-M Math” for the fastest option.
5. For Cortex-M recommend “Math Configuration” -> “Single Precision Cortex-M Math” for the fastest option. If seeing `error: r7 cannot be used in 'asm` add `-fomit-frame-pointer` to the CFLAGS. This only happens in debug builds, because r7 is used for debug.
6. Hit the "Generate Code" button
7. Open the project in STM32CubeIDE
8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf".
@@ -87,6 +87,7 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
* To enable STM32L5 support define `WOLFSSL_STM32L5`.
* To enable STM32H7 support define `WOLFSSL_STM32H7`.
* To enable STM32WB support define `WOLFSSL_STM32WB`.
* To enable STM32WL support define `WOLFSSL_STM32WL`.
* To enable STM32U5 support define `WOLFSSL_STM32U5`.
* To enable STM32H5 support define `WOLFSSL_STM32H5`.

89
IDE/STM32Cube/STM32_Benchmarks.md
View File

@@ -2,6 +2,7 @@
* [STM32H753ZI](#stm32h753zi)
* [STM32WB55](#stm32wb55)
* [STM32WL55](#stm32wl55)
* [STM32F437](#stm32f437)
* [STM32L4A6Z](#stm32l4a6z)
* [STM32L562E](#stm32l562e)
@@ -10,6 +11,7 @@
* [STM32H563ZI](#stm32h563zi)
* [STM32G071RB](#stm32g071rb)
## STM32H753ZI
Supports RNG, AES CBC/GCM and SHA-2 acceleration.
@@ -94,6 +96,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32WB55
Supports RNG, ECC P-256, AES-CBC and SHA-256 acceleration.
@@ -211,6 +214,86 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32WL55
Supports RNG, ECC P-256 and AES-CBC acceleration.
Note: SP math beats PKA HW. HW RNG on for all tests
Board: NUCLEO-WL55JC1 (MB1389-HIGHBAND-E02)
CPU: Cortex-M4 at 64 MHz
IDE: STM32CubeIDE
RTOS: Bare-Metal
### STM32WL55 (STM AES-CBC Acceleration, -Os, SP-ASM Cortex-M WOLF_CONF_MATH=4)
```
------------------------------------------------------------------------------
wolfSSL version 5.6.4
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 200 KiB took 1.012 seconds, 197.628 KiB/s
AES-128-CBC-enc 2 MiB took 1.000 seconds, 2.246 MiB/s
AES-128-CBC-dec 2 MiB took 1.004 seconds, 2.213 MiB/s
AES-256-CBC-enc 2 MiB took 1.008 seconds, 2.228 MiB/s
AES-256-CBC-dec 2 MiB took 1.000 seconds, 2.197 MiB/s
SHA-256 600 KiB took 1.000 seconds, 600.000 KiB/s
HMAC-SHA256 600 KiB took 1.012 seconds, 592.885 KiB/s
ECC [ SECP256R1] 256 key gen 56 ops took 1.023 sec, avg 18.268 ms, 54.741 ops/sec
ECDHE [ SECP256R1] 256 agree 26 ops took 1.024 sec, avg 39.385 ms, 25.391 ops/sec
ECDSA [ SECP256R1] 256 sign 30 ops took 1.019 sec, avg 33.967 ms, 29.441 ops/sec
ECDSA [ SECP256R1] 256 verify 18 ops took 1.098 sec, avg 61.000 ms, 16.393 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
### STM32WL55 (STM AES-CBC Acceleration and PKA ECC, -Os)
```
------------------------------------------------------------------------------
wolfSSL version 5.6.4
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 200 KiB took 1.000 seconds, 200.000 KiB/s
AES-128-CBC-enc 2 MiB took 1.000 seconds, 2.295 MiB/s
AES-128-CBC-dec 2 MiB took 1.007 seconds, 2.279 MiB/s
AES-256-CBC-enc 2 MiB took 1.000 seconds, 2.295 MiB/s
AES-256-CBC-dec 2 MiB took 1.008 seconds, 2.252 MiB/s
SHA-256 575 KiB took 1.043 seconds, 551.294 KiB/s
HMAC-SHA256 550 KiB took 1.000 seconds, 550.000 KiB/s
ECC [ SECP256R1] 256 key gen 4 ops took 1.172 sec, avg 293.000 ms, 3.413 ops/sec
ECDHE [ SECP256R1] 256 agree 4 ops took 1.165 sec, avg 291.250 ms, 3.433 ops/sec
ECDSA [ SECP256R1] 256 sign 10 ops took 1.070 sec, avg 107.000 ms, 9.346 ops/sec
ECDSA [ SECP256R1] 256 verify 6 ops took 1.275 sec, avg 212.500 ms, 4.706 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
### STM32WL55 (No HW Crypto, -Os, SP Math All (WOLF_CONF_MATH=6))
```
------------------------------------------------------------------------------
wolfSSL version 5.6.4
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 200 KiB took 1.015 seconds, 197.044 KiB/s
AES-128-CBC-enc 400 KiB took 1.004 seconds, 398.406 KiB/s
AES-128-CBC-dec 400 KiB took 1.000 seconds, 400.000 KiB/s
AES-192-CBC-enc 350 KiB took 1.031 seconds, 339.476 KiB/s
AES-192-CBC-dec 350 KiB took 1.028 seconds, 340.467 KiB/s
AES-256-CBC-enc 300 KiB took 1.007 seconds, 297.915 KiB/s
AES-256-CBC-dec 300 KiB took 1.004 seconds, 298.805 KiB/s
SHA-256 550 KiB took 1.016 seconds, 541.339 KiB/s
HMAC-SHA256 550 KiB took 1.024 seconds, 537.109 KiB/s
ECC [ SECP256R1] 256 key gen 4 ops took 1.180 sec, avg 295.000 ms, 3.390 ops/sec
ECDHE [ SECP256R1] 256 agree 4 ops took 1.181 sec, avg 295.250 ms, 3.387 ops/sec
ECDSA [ SECP256R1] 256 sign 4 ops took 1.306 sec, avg 326.500 ms, 3.063 ops/sec
ECDSA [ SECP256R1] 256 verify 2 ops took 1.188 sec, avg 594.000 ms, 1.684 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
## STM32F437
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -295,6 +378,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32L4A6Z
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -307,7 +391,6 @@ RTOS: FreeRTOS
### STM32L4A6Z (STM Crypto/Hash Acceleration, -Os, SP-ASM Cortex-M)
```
------------------------------------------------------------------------------
wolfSSL version 4.4.1
@@ -376,6 +459,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32L562E
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -489,6 +573,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32F777
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -573,6 +658,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32U585
Supports RNG, AES CBC/GCM and SHA-1,SHA-2 acceleration.
@@ -711,6 +797,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
## STM32H563ZI
Cortex-M33 at 150MHz

29
IDE/STM32Cube/default_conf.ftl
View File

@@ -33,9 +33,9 @@
[#list SWIPdatas as SWIP]
[#-- Global variables --]
[#if SWIP.variables??]
[#list SWIP.variables as variable]
[#list SWIP.variables as variable]
extern ${variable.value} ${variable.name};
[/#list]
[/#list]
[/#if]
[#-- Global variables --]
@@ -45,16 +45,16 @@ extern ${variable.value} ${variable.name};
[#assign version = SWIP.version]
/**
MiddleWare name : ${instName}
MiddleWare fileName : ${fileName}
MiddleWare version : ${version}
MiddleWare name : ${instName}
MiddleWare fileName : ${fileName}
MiddleWare version : ${version}
*/
[#if SWIP.defines??]
[#list SWIP.defines as definition]
[#list SWIP.defines as definition]
/*---------- [#if definition.comments??]${definition.comments}[/#if] -----------*/
#define ${definition.name} #t#t ${definition.value}
[#if definition.description??]${definition.description} [/#if]
[/#list]
[/#list]
[/#if]
@@ -76,6 +76,11 @@ extern ${variable.value} ${variable.name};
#define WOLFSSL_STM32_PKA
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart1
#elif defined(STM32WL55xx)
#define WOLFSSL_STM32WL
#define WOLFSSL_STM32_PKA
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart2
#elif defined(STM32F407xx)
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
@@ -242,6 +247,8 @@ extern ${variable.value} ${variable.name};
#define WOLFSSL_HAVE_SP_ECC
#endif
#if WOLF_CONF_MATH == 6 || WOLF_CONF_MATH == 7
#define WOLFSSL_SP_MATH_ALL /* use sp_int.c multi precision math */
#else
#define WOLFSSL_SP_MATH /* disable non-standard curves / key sizes */
#endif
#define SP_WORD_SIZE 32
@@ -504,12 +511,12 @@ extern ${variable.value} ${variable.name};
/* Sha3 */
#undef WOLFSSL_SHA3
#if defined(WOLF_CONF_SHA3) && WOLF_CONF_SHA3 == 1
#define WOLFSSL_SHA3
#define WOLFSSL_SHA3
#endif
/* MD5 */
#if defined(WOLF_CONF_MD5) && WOLF_CONF_MD5 == 1
/* enabled */
/* enabled */
#else
#define NO_MD5
#endif
@@ -534,8 +541,8 @@ extern ${variable.value} ${variable.name};
#if 0
#define USE_WOLFSSL_MEMORY
#define WOLFSSL_TRACK_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_MEMORY_PRINT
#define WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_MEMORY_PRINT
#endif
#else
//#define NO_WOLFSSL_MEMORY