8000 rp2/mbedtls: Add support for ssl module with MICROPY_SSL_MBEDTLS. · micropython/micropython@9bd6169 · GitHub
[go: up one dir, main page]
Skip to content

Commit 9bd6169

Browse files
andrewleechdpgeorge
andrewleech
authored and
dpgeorge
committed
rp2/mbedtls: Add support for ssl module with MICROPY_SSL_MBEDTLS.
Signed-off-by: Andrew Leech <andrew@alelec.net>
1 parent 494e8ba commit 9bd6169

File tree

4 files changed

+151
-0
lines changed

4 files changed

+151
-0
lines changed

ports/rp2/CMakeLists.txt

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,7 @@ set(MICROPY_SOURCE_LIB
6666
${MICROPY_DIR}/lib/littlefs/lfs1_util.c
6767
${MICROPY_DIR}/lib/littlefs/lfs2.c
6868
${MICROPY_DIR}/lib/littlefs/lfs2_util.c
69+
${MICROPY_DIR}/lib/mbedtls_errors/mp_mbedtls_errors.c
6970
${MICROPY_DIR}/lib/oofatfs/ff.c
7071
${MICROPY_DIR}/lib/oofatfs/ffunicode.c
7172
${MICROPY_DIR}/shared/netutils/netutils.c
@@ -108,6 +109,7 @@ set(MICROPY_SOURCE_PORT
108109
tusb_port.c
109110
uart.c
110111
msc_disk.c
112+
mbedtls/mbedtls_port.c
111113
)
112114

113115
set(MICROPY_SOURCE_QSTR
@@ -238,6 +240,13 @@ target_sources(${MICROPY_TARGET} PRIVATE
238240
)
239241

240242
target_link_libraries(${MICROPY_TARGET} micropy_lib_mbedtls)
243+
244+
# Filter out library/error.c as we're using mp_mbedtls_errors.c instead.
245+
set_source_files_properties(${MICROPY_LIB_MBEDTLS_DIR}/library/error.c
246+
TARGET_DIRECTORY micropy_lib_mbedtls
247+
PROPERTIES HEADER_FILE_ONLY ON
248+
)
249+
241250
target_link_libraries(${MICROPY_TARGET} usermod)
242251

243252
target_include_directories(${MICROPY_TARGET} PRIVATE

ports/rp2/mbedtls/mbedtls_config.h

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
/*
2+
* This file is part of the MicroPython project, http://micropython.org/
3+
*
4+
* The MIT License (MIT)
5+
*
6+
* Copyright (c) 2018-2019 Damien P. George
7+
*
8+
* Permission is hereby granted, free of charge, to any person obtaining a copy
9+
* of this software and associated documentation files (the "Software"), to deal
10+
* in the Software without restriction, including without limitation the rights
11+
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12+
* copies of the Software, and to permit persons to whom the Software is
13+
* furnished to do so, subject to the following conditions:
14+
*
15+
* The above copyright notice and this permission notice shall be included in
16+
* all copies or substantial portions of the Software.
17+
*
18+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19+
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20+
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21+
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22+
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23+
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24+
* THE SOFTWARE.
25+
*/
26+
#ifndef MICROPY_INCLUDED_MBEDTLS_CONFIG_H
27+
#define MICROPY_INCLUDED_MBEDTLS_CONFIG_H
28+
29+
// Set mbedtls configuration
30+
#define MBEDTLS_PLATFORM_MEMORY
31+
#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
32+
#define MBEDTLS_DEPRECATED_REMOVED
33+
#define MBEDTLS_ENTROPY_HARDWARE_ALT
34+
#define MBEDTLS_AES_ROM_TABLES
35+
#define MBEDTLS_CIPHER_MODE_CBC
36+
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
37+
#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
38+
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
39+
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
40+
#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
41+
#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
42+
#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
43+
#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
44+
#define MBEDTLS_ECP_DP_BP256R1_ENABLED
45+
#define MBEDTLS_ECP_DP_BP384R1_ENABLED
46+
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
47+
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
48+
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
49+
#define MBEDTLS_NO_PLATFORM_ENTROPY
50+
#define MBEDTLS_PKCS1_V15
51+
#define MBEDTLS_SHA256_SMALLER
52+
#define MBEDTLS_SSL_PROTO_TLS1
53+
#define MBEDTLS_SSL_PROTO_TLS1_1
54+
#define MBEDTLS_SSL_PROTO_TLS1_2
55+
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
56+
57+
// Use a smaller output buffer to reduce size of SSL context
58+
#define MBEDTLS_SSL_MAX_CONTENT_LEN (16384)
59+
#define MBEDTLS_SSL_IN_CONTENT_LEN (MBEDTLS_SSL_MAX_CONTENT_LEN)
60+
#define MBEDTLS_SSL_OUT_CONTENT_LEN (4096)
61+
62+
// Enable mbedtls modules
63+
#define MBEDTLS_AES_C
64+
#define MBEDTLS_ASN1_PARSE_C
65+
#define MBEDTLS_BIGNUM_C
66+
#define MBEDTLS_CIPHER_C
67+
#define MBEDTLS_CTR_DRBG_C
68+
// #define MBEDTLS_ECP_C
69+
#define MBEDTLS_ENTROPY_C
70+
#define MBEDTLS_ERROR_C
71+
#define MBEDTLS_MD_C
72+
#define MBEDTLS_MD5_C
73+
#define MBEDTLS_OID_C
74+
#define MBEDTLS_PKCS5_C
75+
#define MBEDTLS_PK_C
76+
#define MBEDTLS_PK_PARSE_C
77+
#define MBEDTLS_PLATFORM_C
78+
#define MBEDTLS_RSA_C
79+
#define MBEDTLS_SHA1_C
80+
#define MBEDTLS_SHA256_C
81+
#define MBEDTLS_SHA512_C
82+
#define MBEDTLS_SSL_CLI_C
83+
#define MBEDTLS_SSL_SRV_C
84+
#define MBEDTLS_SSL_TLS_C
85+
#define MBEDTLS_X509_CRT_PARSE_C
86+
#define MBEDTLS_X509_USE_C
87+
88+
// Memory allocation hooks
89+
#include <stdlib.h>
90+
#include <stdio.h>
91+
void *m_tracked_calloc(size_t nmemb, size_t size);
92+
void m_tracked_free(void *ptr);
93+
#define MBEDTLS_PLATFORM_STD_CALLOC m_tracked_calloc
94+
#define MBEDTLS_PLATFORM_STD_FREE m_tracked_free
95+
#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf
96+
97+
#include "mbedtls/check_config.h"
98+
99+
#endif /* MICROPY_INCLUDED_MBEDTLS_CONFIG_H */

ports/rp2/mbedtls/mbedtls_port.c

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
/*
2+
* This file is part of the MicroPython project, http://micropython.org/
3+
*
4+
* The MIT License (MIT)
5+
*
6+
* Copyright (c) 2019 Damien P. George
7+
*
8+
* Permission is hereby granted, free of charge, to any person obtaining a copy
9+
* of this software and associated documentation files (the "Software"), to deal
10+
* in the Software without restriction, including without limitation the rights
11+
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12+
* copies of the Software, and to permit persons to whom the Software is
13+
* furnished to do so, subject to the following conditions:
14+
*
15+
* The above copyright notice and this permission notice shall be included in
16+
* all copies or substantial portions of the Software.
17+
*
18+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19+
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20+
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21+
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22+
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23+
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24+
* THE SOFTWARE.
25+
*/
26+
#include <py/mpconfig.h>
27+
28+
#ifdef MICROPY_SSL_MBEDTLS
29+
30+
#include "mbedtls_config.h"
31+
32+
extern uint8_t rosc_random_u8(size_t cycles);
33+
34+
int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len, size_t *olen) {
35+
*olen = len;
36+
for (size_t i = 0; i < len; i++) {
37+
output[i] = rosc_random_u8(8);
38+
}
39+
return 0;
40+
}
41+
42+
#endif

ports/rp2/mpconfigport.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@
6060
#define MICROPY_OPT_COMPUTED_GOTO (1)
6161

6262
// Python internal features
63+
#define MICROPY_TRACKED_ALLOC (MICROPY_SSL_MBEDTLS)
6364
#define MICROPY_READER_VFS (1)
6465
#define MICROPY_ENABLE_GC (1)
6566
#define MICROPY_ENABLE_EMERGENCY_EXCEPTION_BUF (1)

0 commit comments

Comments
 (0)
0