[Bouffalolab] Enable BL702 hardware crypto engine for mbedtls (projec…

…t-chip#24540) * enable hardware crypto engine for mbedtls * remove duplicate dependency * fix restyle
wy-hh · Jan 21, 2023 · fa9cfd2 · fa9cfd2
1 parent 3c876d9
commit fa9cfd2
Show file tree

Hide file tree

Showing 14 changed files with 128 additions and 34 deletions.
diff --git a/examples/lighting-app/bouffalolab/bl702/BUILD.gn b/examples/lighting-app/bouffalolab/bl702/BUILD.gn
@@ -56,6 +56,7 @@ declare_args() {
 
 bl_iot_sdk("sdk") {
   include_dirs = [
+    "${chip_root}/src/platform/bouffalolab/BL702",
     "${example_dir}",
     "${example_common_dir}",
   ]

diff --git a/examples/lighting-app/bouffalolab/common/AppTask.cpp b/examples/lighting-app/bouffalolab/common/AppTask.cpp
@@ -145,6 +145,10 @@ void PlatformManagerImpl::PlatformInit(void)
 
 #if CHIP_ENABLE_OPENTHREAD
 
+#if CONFIG_ENABLE_CHIP_SHELL
+    cmd_otcli_init();
+#endif
+
     ChipLogProgress(NotSpecified, "Initializing OpenThread stack");
     ret = ThreadStackMgr().InitThreadStack();
     if (ret != CHIP_NO_ERROR)
@@ -164,10 +168,6 @@ void PlatformManagerImpl::PlatformInit(void)
         appError(ret);
     }
 
-#if CONFIG_ENABLE_CHIP_SHELL
-    cmd_otcli_init();
-#endif
-
 #elif CHIP_DEVICE_CONFIG_ENABLE_WIFI
 
     ret = sWiFiNetworkCommissioningInstance.Init();

diff --git a/examples/platform/bouffalolab/bl702/ldscripts/flash.ld b/examples/platform/bouffalolab/bl702/ldscripts/flash.ld
@@ -3,14 +3,16 @@ OUTPUT_ARCH( "riscv" )
 ENTRY( bl702_start )
 
 __EM_SIZE = DEFINED(ble_controller_init) ? 8K : 0K;
+__SHA_LINK_CFG_SIZE = DEFINED(mbedtls_sha256_init) ? 72 : 0;
 __CACHE_SIZE = DEFINED(__CACHE_SIZE) ? __CACHE_SIZE : 16K;
 __stack_size = DEFINED(__stack_size) ? __stack_size : 2K;
 
 MEMORY
 {
   flash  (rxai!w) : ORIGIN = 0x23000000, LENGTH = (2M)
-  tcm_ocram (wxa) : ORIGIN = 0x42010000 + __CACHE_SIZE, LENGTH = (64K - __CACHE_SIZE + 64K - __EM_SIZE - __stack_size)
-  sys_stack (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram), LENGTH = __stack_size
+  tcm_ocram (wxa) : ORIGIN = 0x42010000 + __CACHE_SIZE, LENGTH = (64K - __CACHE_SIZE + 64K - __EM_SIZE - __stack_size - __SHA_LINK_CFG_SIZE)
+  sha_ocram (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram), LENGTH = __SHA_LINK_CFG_SIZE
+  sys_stack (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram) + __SHA_LINK_CFG_SIZE, LENGTH = __stack_size
   hbnram    (wxa) : ORIGIN = 0x40010000, LENGTH = (4K)
 }
 
@@ -231,6 +233,11 @@ SECTIONS
   PROVIDE( _heap2_start = 0 );
   PROVIDE( _heap2_size = 0 );
 
+  .sha_ocram (NOLOAD) :
+  {
+    *(.sha_ocram*)
+  } > sha_ocram
+
   .stack (NOLOAD) :
   {
     PROVIDE ( _sp_base = . );

diff --git a/examples/platform/bouffalolab/bl702/ldscripts/psram_flash.ld b/examples/platform/bouffalolab/bl702/ldscripts/psram_flash.ld
@@ -3,14 +3,16 @@ OUTPUT_ARCH( "riscv" )
 ENTRY( bl702_start )
 
 __EM_SIZE = DEFINED(ble_controller_init) ? 8K : 0K;
+__SHA_LINK_CFG_SIZE = DEFINED(mbedtls_sha256_init) ? 72 : 0;
 __CACHE_SIZE = DEFINED(__CACHE_SIZE) ? __CACHE_SIZE : 16K;
 __stack_size = DEFINED(__stack_size) ? __stack_size : 2K;
 
 MEMORY
 {
   flash  (rxai!w) : ORIGIN = 0x23000000, LENGTH = (2M)
-  tcm_ocram (wxa) : ORIGIN = 0x42010000 + __CACHE_SIZE, LENGTH = (64K - __CACHE_SIZE + 64K - __EM_SIZE - __stack_size)
-  sys_stack (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram), LENGTH = __stack_size
+  tcm_ocram (wxa) : ORIGIN = 0x42010000 + __CACHE_SIZE, LENGTH = (64K - __CACHE_SIZE + 64K - __EM_SIZE - __stack_size - __SHA_LINK_CFG_SIZE)
+  sha_ocram (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram), LENGTH = __SHA_LINK_CFG_SIZE
+  sys_stack (wxa) : ORIGIN = ORIGIN(tcm_ocram) + LENGTH(tcm_ocram) + __SHA_LINK_CFG_SIZE, LENGTH = __stack_size
   hbnram    (wxa) : ORIGIN = 0x40010000, LENGTH = (4K)
   psram     (wxa) : ORIGIN = 0x26000000, LENGTH = (2M)
 }
@@ -324,6 +326,11 @@ SECTIONS
   PROVIDE( _heap3_start = .);
   PROVIDE( _heap3_size = ORIGIN(psram) + LENGTH(psram) - _heap3_start );
 
+  .sha_ocram (NOLOAD) :
+  {
+    *(.sha_ocram*)
+  } > sha_ocram
+
   .stack (NOLOAD) :
   {
     PROVIDE ( _sp_base = . );

diff --git a/scripts/examples/gn_bouffalolab_example.sh b/scripts/examples/gn_bouffalolab_example.sh
@@ -63,7 +63,7 @@ print_help() {
         enable_heap_monitoring
             Monitor & log memory usage at runtime. (Default false)
         setupDiscriminator
-            Discriminatoor value used for BLE connexion. (Default 3840)
+            Discriminatoor value used for commission. (Default 3840)
         setupPinCode
             PIN code for PASE session establishment. (Default 20202021)
         'import("//with_pw_rpc.gni")'

diff --git a/src/platform/bouffalolab/BL702/BUILD.gn b/src/platform/bouffalolab/BL702/BUILD.gn
@@ -73,10 +73,7 @@ static_library("BL702") {
 
     import("//build_overrides/bouffalolab_iot_sdk.gni")
     import("${bouffalolab_iot_sdk_build_root}/bl702/bl_iot_sdk.gni")
-    public_deps += [
-      "${bouffalolab_iot_sdk_build_root}/bl702:bl_iot_sdk",
-      "${bouffalolab_iot_sdk_build_root}/bl702:mbedtls",
-    ]
+    public_deps += [ "${bouffalolab_iot_sdk_build_root}/bl702:bl_iot_sdk" ]
 
     sources += [
       "../../OpenThread/OpenThreadUtils.cpp",

diff --git a/src/platform/bouffalolab/BL702/CHIPPlatformConfig.h b/src/platform/bouffalolab/BL702/CHIPPlatformConfig.h
@@ -41,7 +41,8 @@
 #define CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS 1
 #define CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM 0
 
-#define CHIP_CONFIG_SHA256_CONTEXT_SIZE (sizeof(unsigned int) * 76)
+//#define CHIP_CONFIG_SHA256_CONTEXT_SIZE sizeof(bl_sha_ctx_t)
+#define CHIP_CONFIG_SHA256_CONTEXT_SIZE ((1 + 5 + 18 + 16 + 16) * sizeof(unsigned int))
 
 #define CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL 0
 #define CHIP_CONFIG_AES_IMPLEMENTATION_AESNI 0

diff --git a/src/platform/bouffalolab/BL702/PlatformManagerImpl.cpp b/src/platform/bouffalolab/BL702/PlatformManagerImpl.cpp
@@ -26,6 +26,8 @@
 
 #include <lwip/tcpip.h>
 
+#include <openthread_port.h>
+#include <utils_list.h>
 extern "C" {
 #include <bl_sec.h>
 }
@@ -52,11 +54,18 @@ CHIP_ERROR PlatformManagerImpl::_InitChipStack(void)
 {
     CHIP_ERROR err;
     TaskHandle_t backup_eventLoopTask;
+    otRadio_opt_t opt;
 
     // Initialize the configuration system.
     err = Internal::BL702Config::Init();
     SuccessOrExit(err);
 
+    opt.byte            = 0;
+    opt.bf.isCoexEnable = true;
+
+    ot_alarmInit();
+    ot_radioInit(opt);
+
     ReturnErrorOnFailure(System::Clock::InitClock_RealTime());
 
     SetConfigurationMgr(&ConfigurationManagerImpl::GetDefaultInstance());

diff --git a/src/platform/bouffalolab/BL702/ThreadStackManagerImpl.cpp b/src/platform/bouffalolab/BL702/ThreadStackManagerImpl.cpp
@@ -47,17 +47,11 @@ CHIP_ERROR ThreadStackManagerImpl::_InitThreadStack(void)
 CHIP_ERROR ThreadStackManagerImpl::InitThreadStack(otInstance * otInst)
 {
     CHIP_ERROR err = CHIP_NO_ERROR;
-    otRadio_opt_t opt;
 
-    opt.byte            = 0;
-    opt.bf.isCoexEnable = true;
-
-    ot_alarmInit();
-    ot_radioInit(opt);
     // Initialize the generic implementation base classes.
     err = GenericThreadStackManagerImpl_FreeRTOS<ThreadStackManagerImpl>::DoInit();
     SuccessOrExit(err);
-    err = GenericThreadStackManagerImpl_OpenThread_LwIP<ThreadStackManagerImpl>::DoInit(otInst);
+    err = GenericThreadStackManagerImpl_OpenThread_LwIP<ThreadStackManagerImpl>::DoInit(otInstanceInitSingle());
     SuccessOrExit(err);
 
     mbedtls_platform_set_calloc_free(pvPortCalloc, vPortFree);

diff --git a/src/platform/bouffalolab/BL702/args.gni b/src/platform/bouffalolab/BL702/args.gni
@@ -22,7 +22,7 @@ chip_device_platform = "bl702"
 
 riscv_platform_config = "${bouffalolab_iot_sdk_build_root}/common/rsicv.gni"
 
-mbedtls_target = "${bouffalolab_iot_sdk_build_root}/bl702:mbedtls"
+mbedtls_target = "${bouffalolab_iot_sdk_build_root}/bl702:bl_iot_sdk"
 
 chip_inet_config_enable_ipv4 = false
 chip_inet_config_enable_tcp_endpoint = false

diff --git a/src/platform/bouffalolab/BL702/bl702-chip-mbedtls-config.h b/src/platform/bouffalolab/BL702/bl702-chip-mbedtls-config.h
@@ -118,6 +118,13 @@
 #define MBEDTLS_HKDF_C
 #define MBEDTLS_PKCS5_C
 
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+#define MBEDTLS_SHA1_ALT
+#define MBEDTLS_SHA256_ALT
+#define MBEDTLS_AES_ALT
+#define MBEDTLS_ECP_ALT
+
 // Spans multiple lines to avoid being processed by unifdef
 #if defined(MBEDTLS_USER_CONFIG_FILE)
 #include MBEDTLS_USER_CONFIG_FILE

diff --git a/third_party/bouffalolab/bl602/bl_iot_sdk.gni b/third_party/bouffalolab/bl602/bl_iot_sdk.gni
@@ -477,6 +477,7 @@ template("bl_iot_sdk") {
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ccm.c",
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cipher.c",
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cipher_wrap.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cmac.c",
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/constant_time.c",
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ctr_drbg.c",
       "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ecdh.c",

diff --git a/third_party/bouffalolab/bl702/BUILD.gn b/third_party/bouffalolab/bl702/BUILD.gn
@@ -23,15 +23,6 @@ declare_args() {
 
 assert(bl_iot_sdk_target != "", "bl_iot_sdk_target must be specified")
 
-config("bl702_mbedtls_config") {
-  defines = [ "MBEDTLS_CONFIG_FILE=\"bl702-chip-mbedtls-config.h\"" ]
-}
-
-mbedtls_target("mbedtls") {
-  public_configs = [ ":bl702_mbedtls_config" ]
-  include_dirs = [ "${chip_root}/src/platform/bouffalolab/BL702" ]
-}
-
 group("bl_iot_sdk") {
   public_deps = [ bl_iot_sdk_target ]
 }
diff --git a/third_party/bouffalolab/bl702/bl_iot_sdk.gni b/third_party/bouffalolab/bl702/bl_iot_sdk.gni
@@ -18,8 +18,6 @@ import("//build_overrides/mbedtls.gni")
 import("//build_overrides/openthread.gni")
 import("${chip_root}/src/lib/lib.gni")
 
-import("${mbedtls_root}/mbedtls.gni")
-
 declare_args() {
   bl_iot_sdk_root = "${chip_root}/third_party/bouffalolab/repo"
 
@@ -469,6 +467,87 @@ template("bl_iot_sdk") {
     ]
   }
 
+  config("${sdk_target_name}_config_mbedtls") {
+    include_dirs = [
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/include",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port",
+    ]
+
+    defines = [ "MBEDTLS_CONFIG_FILE=\"bl702-chip-mbedtls-config.h\"" ]
+  }
+
+  source_set("${sdk_target_name}_mbedtls") {
+    include_dirs =
+        [ "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library" ]
+
+    sources = [
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/aes_alt.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/bignum_hw.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/ecp_alt.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/ecp_curves_alt.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/hw_common.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/hw_common.h",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/sha1_alt.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_acc/sha256_alt.c",
+    ]
+
+    sources += [
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/bignum_ext.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/hw_entropy_poll.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/mbedtls_port_mem.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/net_sockets.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/port/pkparse.c",
+    ]
+
+    sources += [
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/aes.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/asn1parse.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/asn1write.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/base64.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/bignum.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ccm.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cipher.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cipher_wrap.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/cmac.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/constant_time.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ctr_drbg.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ecdh.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ecdsa.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ecp.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/ecp_curves.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/entropy.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/hkdf.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/hmac_drbg.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/md.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/oid.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/pem.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/pk.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/pk_wrap.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/pkcs5.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/pkwrite.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/platform.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/platform_util.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/sha256.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/sha512.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/x509_create.c",
+      "${bl_iot_sdk_root}/components/security/mbedtls_lts/mbedtls/library/x509write_csr.c",
+    ]
+
+    cflags_c = [
+      "-Wno-sign-compare",
+      "-Wno-implicit-function-declaration",
+    ]
+    configs += [
+      ":${sdk_target_name}_config_BSP_Driver",
+      ":${sdk_target_name}_config_hosal",
+      ":${sdk_target_name}_config_freertos",
+    ]
+    public_configs = [
+      ":${sdk_target_name}_config",
+      ":${sdk_target_name}_config_mbedtls",
+    ]
+  }
+
   config("${sdk_target_name}_ble_config") {
     include_dirs = [
       "${bl_iot_sdk_root}/components/network/ble/blecontroller/ble_inc",
@@ -628,7 +707,6 @@ template("bl_iot_sdk") {
     ]
 
     public_deps = [
-      "${bouffalolab_iot_sdk_build_root}/bl702:mbedtls",
       "${chip_root}/third_party/openthread/platforms:libopenthread-platform-utils",
       "${openthread_root}/src/core:libopenthread_core_headers",
     ]
@@ -797,6 +875,7 @@ template("bl_iot_sdk") {
       ":${sdk_target_name}_fs",
       ":${sdk_target_name}_hosal",
       ":${sdk_target_name}_libc",
+      ":${sdk_target_name}_mbedtls",
       ":${sdk_target_name}_soc",
       ":${sdk_target_name}_stage",
       ":${sdk_target_name}_sys",