From 211580bf4f1fc19e0089b704d48de73e2b9f8d9d Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Mon, 7 Nov 2016 11:54:44 +1100 Subject: [PATCH] Add libsodium v1.0.12 Run some unit test cases based (poorly) around sodium's test infrastructure. Increase in unity test task stack is due to signature tests, load a lot of data onto the stack. --- .gitmodules | 10 +++ components/libsodium/component.mk | 81 +++++++++++++++++++ components/libsodium/libsodium | 1 + .../libsodium/port_include/sodium/version.h | 35 ++++++++ .../libsodium/private/randombytes_default.h | 28 +++++++ .../libsodium/private/randombytes_esp32.c | 45 +++++++++++ components/libsodium/test/component.mk | 39 +++++++++ components/libsodium/test/test_sodium.c | 54 +++++++++++++ tools/unit-test-app/main/app_main.c | 2 +- 9 files changed, 294 insertions(+), 1 deletion(-) create mode 100644 components/libsodium/component.mk create mode 160000 components/libsodium/libsodium create mode 100644 components/libsodium/port_include/sodium/version.h create mode 100644 components/libsodium/private/randombytes_default.h create mode 100644 components/libsodium/private/randombytes_esp32.c create mode 100644 components/libsodium/test/component.mk create mode 100644 components/libsodium/test/test_sodium.c diff --git a/.gitmodules b/.gitmodules index 66c18d459e..c54435224f 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,21 +1,31 @@ [submodule "components/esp32/lib"] path = components/esp32/lib url = https://github.com/espressif/esp32-wifi-lib.git + [submodule "components/esptool_py/esptool"] path = components/esptool_py/esptool url = https://github.com/espressif/esptool.git + [submodule "components/bt/lib"] path = components/bt/lib url = https://github.com/espressif/esp32-bt-lib.git + [submodule "components/micro-ecc/micro-ecc"] path = components/micro-ecc/micro-ecc url = https://github.com/kmackay/micro-ecc.git + [submodule "components/coap/libcoap"] path = components/coap/libcoap url = https://github.com/obgm/libcoap.git + [submodule "components/aws_iot/aws-iot-device-sdk-embedded-C"] path = components/aws_iot/aws-iot-device-sdk-embedded-C url = https://github.com/espressif/aws-iot-device-sdk-embedded-C.git + [submodule "components/nghttp/nghttp2"] path = components/nghttp/nghttp2 url = https://github.com/nghttp2/nghttp2.git + +[submodule "components/libsodium/libsodium"] + path = components/libsodium/libsodium + url = https://github.com/jedisct1/libsodium.git diff --git a/components/libsodium/component.mk b/components/libsodium/component.mk new file mode 100644 index 0000000000..d28a07e452 --- /dev/null +++ b/components/libsodium/component.mk @@ -0,0 +1,81 @@ +COMPONENT_SUBMODULES += libsodium + +# Common root directory for all source directories +LSRC := libsodium/src/libsodium + +COMPONENT_SRCDIRS := private + +# Derived from libsodium/src/libsodium/Makefile.am +# (ignoring the !MINIMAL set) +COMPONENT_SRCDIRS += \ + $(LSRC)/crypto_aead/chacha20poly1305/sodium \ + $(LSRC)/crypto_aead/xchacha20poly1305/sodium \ + $(LSRC)/crypto_auth \ + $(LSRC)/crypto_auth/hmacsha256 \ + $(LSRC)/crypto_auth/hmacsha512 \ + $(LSRC)/crypto_auth/hmacsha512256 \ + $(LSRC)/crypto_box \ + $(LSRC)/crypto_box/curve25519xsalsa20poly1305 \ + $(LSRC)/crypto_core/curve25519/ref10 \ + $(LSRC)/crypto_core/hchacha20 \ + $(LSRC)/crypto_core/hsalsa20/ref2 \ + $(LSRC)/crypto_core/hsalsa20 \ + $(LSRC)/crypto_core/salsa/ref \ + $(LSRC)/crypto_generichash \ + $(LSRC)/crypto_generichash/blake2b \ + $(LSRC)/crypto_generichash/blake2b/ref \ + $(LSRC)/crypto_hash \ + $(LSRC)/crypto_hash/sha256 \ + $(LSRC)/crypto_hash/sha256/cp \ + $(LSRC)/crypto_hash/sha512 \ + $(LSRC)/crypto_hash/sha512/cp \ + $(LSRC)/crypto_kdf/blake2b \ + $(LSRC)/crypto_kdf \ + $(LSRC)/crypto_kx \ + $(LSRC)/crypto_onetimeauth \ + $(LSRC)/crypto_onetimeauth/poly1305 \ + $(LSRC)/crypto_onetimeauth/poly1305/donna \ + $(LSRC)/crypto_pwhash/argon2 \ + $(LSRC)/crypto_pwhash \ + $(LSRC)/crypto_pwhash/scryptsalsa208sha256 \ + $(LSRC)/crypto_pwhash/scryptsalsa208sha256/nosse \ + $(LSRC)/crypto_scalarmult \ + $(LSRC)/crypto_scalarmult/curve25519 \ + $(LSRC)/crypto_scalarmult/curve25519/ref10 \ + $(LSRC)/crypto_secretbox \ + $(LSRC)/crypto_secretbox/xsalsa20poly1305 \ + $(LSRC)/crypto_shorthash \ + $(LSRC)/crypto_shorthash/siphash24 \ + $(LSRC)/crypto_shorthash/siphash24/ref \ + $(LSRC)/crypto_sign \ + $(LSRC)/crypto_sign/ed25519 \ + $(LSRC)/crypto_sign/ed25519/ref10 \ + $(LSRC)/crypto_stream/chacha20 \ + $(LSRC)/crypto_stream/chacha20/ref \ + $(LSRC)/crypto_stream \ + $(LSRC)/crypto_stream/salsa20 \ + $(LSRC)/crypto_stream/salsa20/ref \ + $(LSRC)/crypto_stream/xsalsa20 \ + $(LSRC)/crypto_verify/sodium \ + $(LSRC)/randombytes \ + $(LSRC)/sodium + +# Fix some warnings in current libsodium source files +# (not applied to whole component as we compile some of our own files, also.) +$(LSRC)/crypto_pwhash/argon2/argon2-fill-block-ref.o: CFLAGS += -Wno-unknown-pragmas +$(LSRC)/crypto_pwhash/argon2/pwhash_argon2i.o: CFLAGS += -Wno-type-limits +$(LSRC)/crypto_pwhash/argon2/argon2-core.o: CFLAGS += -Wno-type-limits +$(LSRC)/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.o: CFLAGS += -Wno-type-limits +$(LSRC)/sodium/utils.o: CFLAGS += -Wno-unused-variable + +COMPONENT_ADD_INCLUDEDIRS := $(LSRC)/include port_include +COMPONENT_PRIV_INCLUDEDIRS := $(LSRC)/include/sodium port_include/sodium private + +# Not using autoconf, but this needs to be set +CFLAGS += -DCONFIGURED + +# Add the options from configure.ac (this needs checking if new versions are added ) +CFLAGS += -DNATIVE_LITTLE_ENDIAN -DHAVE_WEAK_SYMBOLS -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS + +# randombytes.c needs to pull in platform-specific implementation +$(LSRC)/randombytes/randombytes.o: CFLAGS+=-DRANDOMBYTES_DEFAULT_IMPLEMENTATION diff --git a/components/libsodium/libsodium b/components/libsodium/libsodium new file mode 160000 index 0000000000..70170c28c8 --- /dev/null +++ b/components/libsodium/libsodium @@ -0,0 +1 @@ +Subproject commit 70170c28c844a4786e75efc626e1aeebc93caebc diff --git a/components/libsodium/port_include/sodium/version.h b/components/libsodium/port_include/sodium/version.h new file mode 100644 index 0000000000..c0bf5869de --- /dev/null +++ b/components/libsodium/port_include/sodium/version.h @@ -0,0 +1,35 @@ + +#ifndef sodium_version_H +#define sodium_version_H + +#include + +/* IMPORTANT: As we don't use autotools, these version are not automatically + updated if we change submodules. They need to be changed manually. +*/ + +#define SODIUM_VERSION_STRING "1.0.12-idf" + +/* Note: these are not the same as the overall version, see + configure.ac for the relevant macros */ +#define SODIUM_LIBRARY_VERSION_MAJOR 9 +#define SODIUM_LIBRARY_VERSION_MINOR 4 + +#ifdef __cplusplus +extern "C" { +#endif + +SODIUM_EXPORT +const char *sodium_version_string(void); + +SODIUM_EXPORT +int sodium_library_version_major(void); + +SODIUM_EXPORT +int sodium_library_version_minor(void); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/components/libsodium/private/randombytes_default.h b/components/libsodium/private/randombytes_default.h new file mode 100644 index 0000000000..b0b96897e5 --- /dev/null +++ b/components/libsodium/private/randombytes_default.h @@ -0,0 +1,28 @@ +// Copyright 2017 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +#pragma once + +# include "export.h" +# include "randombytes.h" + +SODIUM_EXPORT +extern const struct randombytes_implementation randombytes_esp32_implementation; + +/* Defining RANDOMBYTES_DEFAULT_IMPLEMENTATION here allows us to compile with the ESP32 hardware + implementation as the default. No need to call randombytes_set_implementation(). + + Doing it in the header like this is easier than passing it via a -D argument to gcc. +*/ +#undef RANDOMBYTES_DEFAULT_IMPLEMENTATION +#define RANDOMBYTES_DEFAULT_IMPLEMENTATION &randombytes_esp32_implementation diff --git a/components/libsodium/private/randombytes_esp32.c b/components/libsodium/private/randombytes_esp32.c new file mode 100644 index 0000000000..9ff5493cc4 --- /dev/null +++ b/components/libsodium/private/randombytes_esp32.c @@ -0,0 +1,45 @@ +// Copyright 2017 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +#include "randombytes_default.h" +#include "esp_system.h" + +static void randombytes_esp32_random_buf(void * const buf, const size_t size) +{ + uint8_t *p = (uint8_t *)buf; + for (size_t i = 0; i < size; i++) { + p[i] = esp_random(); + } +} + +static const char *randombytes_esp32_implementation_name(void) +{ + return "esp32"; +} + +/* + Plug the ESP32 hardware RNG into libsodium's custom RNG support, as per + https://download.libsodium.org/doc/advanced/custom_rng.html + + Note that this RNG is selected by default (see randombytes_default.h), so there + is no need to call randombytes_set_implementation(). +*/ +const struct randombytes_implementation randombytes_esp32_implementation = { + .implementation_name = randombytes_esp32_implementation_name, + .random = esp_random, + .stir = NULL, + .uniform = NULL, + .buf = randombytes_esp32_random_buf, + .close = NULL, +}; + diff --git a/components/libsodium/test/component.mk b/components/libsodium/test/component.mk new file mode 100644 index 0000000000..c23c32b6e6 --- /dev/null +++ b/components/libsodium/test/component.mk @@ -0,0 +1,39 @@ +# +#Component Makefile +# + +LS_TESTDIR := ../libsodium/test/default + +COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive + +COMPONENT_SRCDIRS := . $(LS_TESTDIR) + +COMPONENT_PRIV_INCLUDEDIRS := $(LS_TESTDIR)/../quirks + +COMPONENT_OBJS := test_sodium.o + +# The libsodium test suite is designed to be run each test case as an executable on a desktop computer and uses +# filesytem to write & then compare contents of each file. +# +# For now, use their "BROWSER_TEST" mode with these hacks so that +# multiple test cases can be combined into one ELF file. +# +# Run each test case from test_sodium.c as CASENAME_xmain(). + +define sodium_testcase +# this generates 'warning "main" redefined' warnings at +# runtime. Only solution involves patching libsodium's cmptest.h +$(LS_TESTDIR)/$(1).o: CFLAGS+=-Dxmain=$(1)_xmain -Dmain=$(1)_main +ote: +COMPONENT_OBJS += $(LS_TESTDIR)/$(1).o +endef + +TEST_CASES := chacha20 aead_chacha20poly1305 box box2 ed25519_convert sign + +$(foreach case,$(TEST_CASES),$(eval $(call sodium_testcase,$(case)))) + +# this seems odd, but it prevents the libsodium test harness from +# trying to write to a file! +CFLAGS += -DBROWSER_TESTS + + diff --git a/components/libsodium/test/test_sodium.c b/components/libsodium/test/test_sodium.c new file mode 100644 index 0000000000..097d61990b --- /dev/null +++ b/components/libsodium/test/test_sodium.c @@ -0,0 +1,54 @@ +#include "unity.h" + +/* Note: a lot of these libsodium test programs assert() things, but they're not complete unit tests - most expect + output to be compared to the matching .exp file. + + We don't do this automatically yet, maybe once we have more options for + internal filesystem storage. +*/ + +extern int aead_chacha20poly1305_xmain(); + +TEST_CASE("aead_chacha20poly1305 test vectors", "[libsodium]") +{ + printf("Running aead_chacha20poly1305\n"); + TEST_ASSERT_EQUAL(0, aead_chacha20poly1305_xmain()); +} + +extern int chacha20_xmain(); + +TEST_CASE("chacha20 test vectors", "[libsodium]") +{ + printf("Running chacha20\n"); + TEST_ASSERT_EQUAL(0, chacha20_xmain()); +} + +extern int box_xmain(); +extern int box2_xmain(); + +TEST_CASE("box tests", "[libsodium]") +{ + printf("Running box\n"); + TEST_ASSERT_EQUAL(0, box_xmain()); + + printf("Running box2\n"); + TEST_ASSERT_EQUAL(0, box2_xmain()); +} + +extern int ed25519_convert_xmain(); + +TEST_CASE("ed25519_convert tests", "[libsodium]") +{ + printf("Running ed25519_convert\n"); + TEST_ASSERT_EQUAL(0, ed25519_convert_xmain() ); +} + +extern int sign_xmain(); + +TEST_CASE("sign tests", "[libsodium]") +{ + printf("Running sign\n"); + TEST_ASSERT_EQUAL(0, sign_xmain() ); +} + + diff --git a/tools/unit-test-app/main/app_main.c b/tools/unit-test-app/main/app_main.c index c5df02b943..bf54b03957 100644 --- a/tools/unit-test-app/main/app_main.c +++ b/tools/unit-test-app/main/app_main.c @@ -15,6 +15,6 @@ void app_main() { // Note: if unpinning this task, change the way run times are calculated in // unity_platform - xTaskCreatePinnedToCore(unityTask, "unityTask", 4096, NULL, + xTaskCreatePinnedToCore(unityTask, "unityTask", 8192, NULL, UNITY_FREERTOS_PRIORITY, NULL, UNITY_FREERTOS_CPU); }