Merge pull request #2067 from cesanta/pico

Use RNG in examples/pico-w5500
2024-11-24 19:19:00 +08:00 · 2023-02-16 08:01:11 +00:00 · 2023-02-16 08:01:11 +00:00 · 28ee40bebe
commit 28ee40bebe
parent 2ece24e077 6267752a2a
9 changed files with 96 additions and 110 deletions
--- a/examples/rp2040/pico-w5500/CMakeLists.txt
+++ b/examples/rp2040/pico-w5500/CMakeLists.txt
@ -4,16 +4,10 @@ include(pico-sdk/pico_sdk_init.cmake)
 project(firmware)
 pico_sdk_init()

-file(GLOB TLS_SOURCES "mbedtls/library/*.c")
-add_executable(firmware
-  main.c
-  ../../../mongoose.c
-  ../../device-dashboard/net.c
-  ../../device-dashboard/packed_fs.c
-  ${TLS_SOURCES})
+add_executable(firmware main.c mongoose.c net.c packed_fs.c)

-target_include_directories(firmware PUBLIC . ../../.. mbedtls/include)
-target_link_libraries(firmware pico_stdlib hardware_spi)
+target_include_directories(firmware PUBLIC .)
+target_link_libraries(firmware pico_stdlib hardware_spi pico_rand pico_mbedtls)
 pico_add_extra_outputs(firmware)

 # Enable USB output. Comment out in order to use UART
@ -21,10 +15,9 @@ pico_enable_stdio_usb(firmware 0)
 pico_enable_stdio_uart(firmware 1)

 # Mongoose build flags
+add_definitions(-DMG_ARCH=MG_ARCH_RP2040)
 add_definitions(-DMG_ENABLE_TCPIP=1)
 add_definitions(-DMG_ENABLE_PACKED_FS=1)
-add_definitions(-DMG_ENABLE_FILE=0)
-
 add_definitions(-DMG_ENABLE_MBEDTLS=1)
-add_definitions(-DMBEDTLS_CONFIG_FILE=\"tlsconf.h\")
-#add_definitions(-DMG_MBEDTLS_DEBUG_LEVEL=1)
+add_definitions(-DMG_ENABLE_CUSTOM_RANDOM=1)
+add_definitions(-DMG_ENABLE_FILE=0)
--- a/examples/rp2040/pico-w5500/Makefile
+++ b/examples/rp2040/pico-w5500/Makefile
@ -1,9 +1,7 @@
-SDK_VERSION ?= 1.4.0
+SDK_VERSION ?= 1.5.0
 SDK_REPO ?= https://github.com/raspberrypi/pico-sdk
-MBEDTLS_VERSION ?= v2.27.0
-MBEDTLS_REPO ?= https://github.com/Mbed-TLS/mbedtls

-all example build build/firmware.uf2: pico-sdk mbedtls main.c
+all example build build/firmware.uf2: pico-sdk main.c net.c packed_fs.c
 	test -d build || mkdir build
 	cd build && cmake .. && make

@ -11,9 +9,6 @@ pico-sdk:
 	git clone --depth 1 -b $(SDK_VERSION) $(SDK_REPO) $@
 	cd $@ && git submodule update --init

-mbedtls:
-	git clone --depth 1 -b $(MBEDTLS_VERSION) $(MBEDTLS_REPO) $@
-
 # Requires env variable VCON_API_KEY set
 DEVICE_URL ?= https://dash.vcon.io/api/v3/devices/3
 test: update
@ -25,4 +20,4 @@ update: build/firmware.uf2
 	curl --fail -su :$(VCON_API_KEY) $(DEVICE_URL)/ota?uf2=1 --data-binary @$<

 clean:
-	rm -rf pico-sdk mbedtls build
+	rm -rf pico-sdk build
--- a/examples/rp2040/pico-w5500/main.c
+++ b/examples/rp2040/pico-w5500/main.c
@ -4,6 +4,7 @@
 #include <stdio.h>
 #include <string.h>
 #include "hardware/spi.h"
+#include "pico/rand.h"
 #include "pico/stdlib.h"

 #include "mongoose.h"
@ -11,14 +12,25 @@
 enum { BLINK_PERIOD_MS = 1000 };
 enum { LED = 25, SPI_CS = 17, SPI_CLK = 18, SPI_TX = 19, SPI_RX = 16 };  // Pins

-static void spi_begin(void *spi) { gpio_put(SPI_CS, 0); }
-static void spi_end(void *spi) { gpio_put(SPI_CS, 1); }
+static void spi_begin(void *spi) {
+  gpio_put(SPI_CS, 0);
+}
+static void spi_end(void *spi) {
+  gpio_put(SPI_CS, 1);
+}
 static uint8_t spi_txn(void *spi, uint8_t byte) {
  uint8_t result = 0;
  spi_write_read_blocking(spi0, &byte, &result, 1);
  return result;
 }

+void mg_random(void *buf, size_t len) {
+  for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
+    uint32_t r = get_rand_32();
+    memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
+  }
+}
+
 static void timer_cb(void *arg) {
  gpio_put(PICO_DEFAULT_LED_PIN, !gpio_get_out_level(PICO_DEFAULT_LED_PIN));
  bool up = ((struct mg_tcpip_if *) arg)->state == MIP_STATE_READY;
@ -45,12 +57,12 @@ int main(void) {
  // Init Mongoose
  struct mg_tcpip_spi spi = {NULL, spi_begin, spi_end, spi_txn};
  struct mg_tcpip_if mif = {.mac = {2, 0, 1, 2, 3, 5},
-                       .driver = &mg_tcpip_driver_w5500,
-                       .driver_data = &spi};
-  struct mg_mgr mgr;        // Declare event manager
-  mg_mgr_init(&mgr);        // Init event manager
-  mg_log_set(MG_LL_DEBUG);  // Set DEBUG log level
-  mg_tcpip_init(&mgr, &mif);     // Init TCP/IP stack
+                            .driver = &mg_tcpip_driver_w5500,
+                            .driver_data = &spi};
+  struct mg_mgr mgr;          // Declare event manager
+  mg_mgr_init(&mgr);          // Init event manager
+  mg_log_set(MG_LL_DEBUG);    // Set DEBUG log level
+  mg_tcpip_init(&mgr, &mif);  // Init TCP/IP stack
  mg_timer_add(&mgr, BLINK_PERIOD_MS, MG_TIMER_REPEAT, timer_cb, &mif);

  MG_INFO(("Waiting until network is up..."));
--- a/examples/rp2040/pico-w5500/mbedtls_config.h
+++ b/examples/rp2040/pico-w5500/mbedtls_config.h
@ -0,0 +1,63 @@
+/* Workaround for some mbedtls source files using INT_MAX without including limits.h */
+#include <limits.h>
+
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+#define MBEDTLS_SSL_OUT_CONTENT_LEN    2048
+
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#define MBEDTLS_HAVE_TIME
+
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_SHA256_SMALLER
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS5_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_AES_FEWER_TABLES
+
+/* TLS 1.2 */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define MBEDTLS_GCM_C
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ASN1_WRITE_C
+
--- a/examples/rp2040/pico-w5500/mongoose.c
+++ b/examples/rp2040/pico-w5500/mongoose.c
@ -0,0 +1 @@
+../../../mongoose.c
--- a/examples/rp2040/pico-w5500/mongoose.h
+++ b/examples/rp2040/pico-w5500/mongoose.h
@ -0,0 +1 @@
+../../../mongoose.h
--- a/examples/rp2040/pico-w5500/net.c
+++ b/examples/rp2040/pico-w5500/net.c
@ -0,0 +1 @@
+../../device-dashboard/net.c
--- a/examples/rp2040/pico-w5500/packed_fs.c
+++ b/examples/rp2040/pico-w5500/packed_fs.c
@ -0,0 +1 @@
+../../device-dashboard/packed_fs.c
--- a/examples/rp2040/pico-w5500/tlsconf.h
+++ b/examples/rp2040/pico-w5500/tlsconf.h
@ -1,81 +0,0 @@
-// #define MBEDTLS_HAVE_ASM
-// #define MBEDTLS_HAVE_TIME
-
-/* mbed TLS feature support */
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_CTR_DRBG_C
-#define MBEDTLS_ECDH_C
-#define MBEDTLS_ECDSA_C
-#define MBEDTLS_ECP_C
-//#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_GCM_C
-#define MBEDTLS_MD_C
-//#define MBEDTLS_NET_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PK_C
-#define MBEDTLS_PK_PARSE_C
-
-#define MBEDTLS_SHA224_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SHA384_C
-#define MBEDTLS_SHA512_C
-#define MBEDTLS_SSL_CLI_C
-#define MBEDTLS_SSL_SRV_C
-#define MBEDTLS_SSL_TLS_C
-#define MBEDTLS_X509_CRT_PARSE_C
-#define MBEDTLS_X509_USE_C
-
-/* For test certificates */
-#define MBEDTLS_BASE64_C
-#define MBEDTLS_PEM_PARSE_C
-
-/* Save RAM at the expense of ROM */
-#define MBEDTLS_AES_ROM_TABLES
-
-/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_MPI_MAX_SIZE 48  // 384-bit EC curve = 48 bytes
-
-/* Save RAM at the expense of speed, see ecp.h */
-#define MBEDTLS_ECP_WINDOW_SIZE 2
-#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0
-
-/* Significant speed benefit at the expense of some ROM */
-#define MBEDTLS_ECP_NIST_OPTIM
-
-/*
- * You should adjust this to the exact number of sources you're using: default
- * is the "mbedtls_platform_entropy_poll" source, but you may want to add other
- * ones. Minimum is 2 for the entropy test suite.
- */
-#define MBEDTLS_ENTROPY_MAX_SOURCES 2
-
-/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
-#define MBEDTLS_SSL_CIPHERSUITES                   \
-  MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
-      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-
-#define MBEDTLS_SSL_IN_CONTENT_LEN 1024
-#define MBEDTLS_SSL_OUT_CONTENT_LEN 1024
-
-/* These defines are present so that the config modifying scripts can enable
- * them during tests/scripts/test-ref-configs.pl */
-//#define MBEDTLS_USE_PSA_CRYPTO
-//#define MBEDTLS_PSA_CRYPTO_C
-
-/* Error messages and TLS debugging traces
- * (huge code size increase, needed for tests/ssl-opt.sh) */
-//#define MBEDTLS_DEBUG_C
-//#define MBEDTLS_ERROR_C
-
-#include <limits.h>
-#include "mongoose.h"