diff --git a/examples/rp2040/pico-w5500/CMakeLists.txt b/examples/rp2040/pico-w5500/CMakeLists.txt index a0aa27e4..2d1e1199 100644 --- a/examples/rp2040/pico-w5500/CMakeLists.txt +++ b/examples/rp2040/pico-w5500/CMakeLists.txt @@ -4,16 +4,10 @@ include(pico-sdk/pico_sdk_init.cmake) project(firmware) pico_sdk_init() -file(GLOB TLS_SOURCES "mbedtls/library/*.c") -add_executable(firmware - main.c - ../../../mongoose.c - ../../device-dashboard/net.c - ../../device-dashboard/packed_fs.c - ${TLS_SOURCES}) +add_executable(firmware main.c mongoose.c net.c packed_fs.c) -target_include_directories(firmware PUBLIC . ../../.. mbedtls/include) -target_link_libraries(firmware pico_stdlib hardware_spi) +target_include_directories(firmware PUBLIC .) +target_link_libraries(firmware pico_stdlib hardware_spi pico_rand pico_mbedtls) pico_add_extra_outputs(firmware) # Enable USB output. Comment out in order to use UART @@ -21,10 +15,9 @@ pico_enable_stdio_usb(firmware 0) pico_enable_stdio_uart(firmware 1) # Mongoose build flags +add_definitions(-DMG_ARCH=MG_ARCH_RP2040) add_definitions(-DMG_ENABLE_TCPIP=1) add_definitions(-DMG_ENABLE_PACKED_FS=1) -add_definitions(-DMG_ENABLE_FILE=0) - add_definitions(-DMG_ENABLE_MBEDTLS=1) -add_definitions(-DMBEDTLS_CONFIG_FILE=\"tlsconf.h\") -#add_definitions(-DMG_MBEDTLS_DEBUG_LEVEL=1) +add_definitions(-DMG_ENABLE_CUSTOM_RANDOM=1) +add_definitions(-DMG_ENABLE_FILE=0) diff --git a/examples/rp2040/pico-w5500/Makefile b/examples/rp2040/pico-w5500/Makefile index 2ea53476..9efc7bf4 100644 --- a/examples/rp2040/pico-w5500/Makefile +++ b/examples/rp2040/pico-w5500/Makefile @@ -1,9 +1,7 @@ -SDK_VERSION ?= 1.4.0 +SDK_VERSION ?= 1.5.0 SDK_REPO ?= https://github.com/raspberrypi/pico-sdk -MBEDTLS_VERSION ?= v2.27.0 -MBEDTLS_REPO ?= https://github.com/Mbed-TLS/mbedtls -all example build build/firmware.uf2: pico-sdk mbedtls main.c +all example build build/firmware.uf2: pico-sdk main.c net.c packed_fs.c test -d build || mkdir build cd build && cmake .. && make @@ -11,9 +9,6 @@ pico-sdk: git clone --depth 1 -b $(SDK_VERSION) $(SDK_REPO) $@ cd $@ && git submodule update --init -mbedtls: - git clone --depth 1 -b $(MBEDTLS_VERSION) $(MBEDTLS_REPO) $@ - # Requires env variable VCON_API_KEY set DEVICE_URL ?= https://dash.vcon.io/api/v3/devices/3 test: update @@ -25,4 +20,4 @@ update: build/firmware.uf2 curl --fail -su :$(VCON_API_KEY) $(DEVICE_URL)/ota?uf2=1 --data-binary @$< clean: - rm -rf pico-sdk mbedtls build + rm -rf pico-sdk build diff --git a/examples/rp2040/pico-w5500/main.c b/examples/rp2040/pico-w5500/main.c index 13b1972b..5b151801 100644 --- a/examples/rp2040/pico-w5500/main.c +++ b/examples/rp2040/pico-w5500/main.c @@ -4,6 +4,7 @@ #include #include #include "hardware/spi.h" +#include "pico/rand.h" #include "pico/stdlib.h" #include "mongoose.h" @@ -11,14 +12,25 @@ enum { BLINK_PERIOD_MS = 1000 }; enum { LED = 25, SPI_CS = 17, SPI_CLK = 18, SPI_TX = 19, SPI_RX = 16 }; // Pins -static void spi_begin(void *spi) { gpio_put(SPI_CS, 0); } -static void spi_end(void *spi) { gpio_put(SPI_CS, 1); } +static void spi_begin(void *spi) { + gpio_put(SPI_CS, 0); +} +static void spi_end(void *spi) { + gpio_put(SPI_CS, 1); +} static uint8_t spi_txn(void *spi, uint8_t byte) { uint8_t result = 0; spi_write_read_blocking(spi0, &byte, &result, 1); return result; } +void mg_random(void *buf, size_t len) { + for (size_t n = 0; n < len; n += sizeof(uint32_t)) { + uint32_t r = get_rand_32(); + memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r)); + } +} + static void timer_cb(void *arg) { gpio_put(PICO_DEFAULT_LED_PIN, !gpio_get_out_level(PICO_DEFAULT_LED_PIN)); bool up = ((struct mg_tcpip_if *) arg)->state == MIP_STATE_READY; @@ -45,12 +57,12 @@ int main(void) { // Init Mongoose struct mg_tcpip_spi spi = {NULL, spi_begin, spi_end, spi_txn}; struct mg_tcpip_if mif = {.mac = {2, 0, 1, 2, 3, 5}, - .driver = &mg_tcpip_driver_w5500, - .driver_data = &spi}; - struct mg_mgr mgr; // Declare event manager - mg_mgr_init(&mgr); // Init event manager - mg_log_set(MG_LL_DEBUG); // Set DEBUG log level - mg_tcpip_init(&mgr, &mif); // Init TCP/IP stack + .driver = &mg_tcpip_driver_w5500, + .driver_data = &spi}; + struct mg_mgr mgr; // Declare event manager + mg_mgr_init(&mgr); // Init event manager + mg_log_set(MG_LL_DEBUG); // Set DEBUG log level + mg_tcpip_init(&mgr, &mif); // Init TCP/IP stack mg_timer_add(&mgr, BLINK_PERIOD_MS, MG_TIMER_REPEAT, timer_cb, &mif); MG_INFO(("Waiting until network is up...")); diff --git a/examples/rp2040/pico-w5500/mbedtls_config.h b/examples/rp2040/pico-w5500/mbedtls_config.h new file mode 100644 index 00000000..dae33956 --- /dev/null +++ b/examples/rp2040/pico-w5500/mbedtls_config.h @@ -0,0 +1,63 @@ +/* Workaround for some mbedtls source files using INT_MAX without including limits.h */ +#include + +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT + +#define MBEDTLS_SSL_OUT_CONTENT_LEN 2048 + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS +#define MBEDTLS_HAVE_TIME + +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#define MBEDTLS_PKCS1_V15 +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_SSL_SERVER_NAME_INDICATION +#define MBEDTLS_AES_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_ERROR_C +#define MBEDTLS_MD_C +#define MBEDTLS_MD5_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS5_C +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_PLATFORM_C +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA1_C +#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA512_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_USE_C +#define MBEDTLS_AES_FEWER_TABLES + +/* TLS 1.2 */ +#define MBEDTLS_SSL_PROTO_TLS1_2 +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#define MBEDTLS_GCM_C +#define MBEDTLS_ECDH_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ECDSA_C +#define MBEDTLS_ASN1_WRITE_C + diff --git a/examples/rp2040/pico-w5500/mongoose.c b/examples/rp2040/pico-w5500/mongoose.c new file mode 120000 index 00000000..5e522bbc --- /dev/null +++ b/examples/rp2040/pico-w5500/mongoose.c @@ -0,0 +1 @@ +../../../mongoose.c \ No newline at end of file diff --git a/examples/rp2040/pico-w5500/mongoose.h b/examples/rp2040/pico-w5500/mongoose.h new file mode 120000 index 00000000..ee4ac823 --- /dev/null +++ b/examples/rp2040/pico-w5500/mongoose.h @@ -0,0 +1 @@ +../../../mongoose.h \ No newline at end of file diff --git a/examples/rp2040/pico-w5500/net.c b/examples/rp2040/pico-w5500/net.c new file mode 120000 index 00000000..fe0e6f06 --- /dev/null +++ b/examples/rp2040/pico-w5500/net.c @@ -0,0 +1 @@ +../../device-dashboard/net.c \ No newline at end of file diff --git a/examples/rp2040/pico-w5500/packed_fs.c b/examples/rp2040/pico-w5500/packed_fs.c new file mode 120000 index 00000000..e06bf092 --- /dev/null +++ b/examples/rp2040/pico-w5500/packed_fs.c @@ -0,0 +1 @@ +../../device-dashboard/packed_fs.c \ No newline at end of file diff --git a/examples/rp2040/pico-w5500/tlsconf.h b/examples/rp2040/pico-w5500/tlsconf.h deleted file mode 100644 index 8ef9e365..00000000 --- a/examples/rp2040/pico-w5500/tlsconf.h +++ /dev/null @@ -1,81 +0,0 @@ -// #define MBEDTLS_HAVE_ASM -// #define MBEDTLS_HAVE_TIME - -/* mbed TLS feature support */ -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/* mbed TLS modules */ -#define MBEDTLS_AES_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_ECDH_C -#define MBEDTLS_ECDSA_C -#define MBEDTLS_ECP_C -//#define MBEDTLS_ENTROPY_C -#define MBEDTLS_GCM_C -#define MBEDTLS_MD_C -//#define MBEDTLS_NET_C -#define MBEDTLS_OID_C -#define MBEDTLS_PK_C -#define MBEDTLS_PK_PARSE_C - -#define MBEDTLS_SHA224_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SHA384_C -#define MBEDTLS_SHA512_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_USE_C - -/* For test certificates */ -#define MBEDTLS_BASE64_C -#define MBEDTLS_PEM_PARSE_C - -/* Save RAM at the expense of ROM */ -#define MBEDTLS_AES_ROM_TABLES - -/* Save RAM by adjusting to our exact needs */ -#define MBEDTLS_MPI_MAX_SIZE 48 // 384-bit EC curve = 48 bytes - -/* Save RAM at the expense of speed, see ecp.h */ -#define MBEDTLS_ECP_WINDOW_SIZE 2 -#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 - -/* Significant speed benefit at the expense of some ROM */ -#define MBEDTLS_ECP_NIST_OPTIM - -/* - * You should adjust this to the exact number of sources you're using: default - * is the "mbedtls_platform_entropy_poll" source, but you may want to add other - * ones. Minimum is 2 for the entropy test suite. - */ -#define MBEDTLS_ENTROPY_MAX_SOURCES 2 - -/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ -#define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -#define MBEDTLS_SSL_IN_CONTENT_LEN 1024 -#define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 - -/* These defines are present so that the config modifying scripts can enable - * them during tests/scripts/test-ref-configs.pl */ -//#define MBEDTLS_USE_PSA_CRYPTO -//#define MBEDTLS_PSA_CRYPTO_C - -/* Error messages and TLS debugging traces - * (huge code size increase, needed for tests/ssl-opt.sh) */ -//#define MBEDTLS_DEBUG_C -//#define MBEDTLS_ERROR_C - -#include -#include "mongoose.h"