You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by ac...@apache.org on 2021/11/04 18:20:20 UTC
[incubator-nuttx-apps] branch master updated (f9cec1c -> ea49e7e)
This is an automated email from the ASF dual-hosted git repository.
acassis pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git.
from f9cec1c examples/foc: move the motor controller code to separate files
new c2057d7 crypto: Initial support for mbedtls
new ea49e7e README.md: Add export restriction notice for MbedTLS
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
README.md | 20 +++++
crypto/mbedtls/.gitignore | 2 +
crypto/mbedtls/Kconfig | 80 ++++++++++++++++++
crypto/{libtomcrypt => mbedtls}/Make.defs | 20 +++--
crypto/mbedtls/Makefile | 85 +++++++++++++++++++
.../crypto/mbedtls_config.h | 94 +++++++++++-----------
6 files changed, 250 insertions(+), 51 deletions(-)
create mode 100644 crypto/mbedtls/.gitignore
create mode 100644 crypto/mbedtls/Kconfig
copy crypto/{libtomcrypt => mbedtls}/Make.defs (69%)
create mode 100644 crypto/mbedtls/Makefile
copy examples/fxos8700cq_test/fxos8700cq_main.c => include/crypto/mbedtls_config.h (56%)
[incubator-nuttx-apps] 02/02: README.md: Add export restriction
notice for MbedTLS
Posted by ac...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
acassis pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit ea49e7edf69d175bf1fe3b0a3c58ee75a30beb77
Author: Gustavo Henrique Nihei <gu...@espressif.com>
AuthorDate: Fri Aug 13 10:14:40 2021 -0300
README.md: Add export restriction notice for MbedTLS
---
README.md | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/README.md b/README.md
index 4414dce..0e36215 100644
--- a/README.md
+++ b/README.md
@@ -237,3 +237,23 @@ A: Here are three:
Use of the name `apps/external` is suggested because that name is included
in the `.gitignore` file and will save you some nuisance when working with
GIT.
+
+# Export restrictions
+
+This distribution includes cryptographic software. The country in which you
+currently reside may have restrictions on the import, possession, use, and/or
+re-export to another country, of encryption software. BEFORE using any encryption
+software, please check your country's laws, regulations and policies concerning
+the import, possession, or use, and re-export of encryption software, to see if
+this is permitted. See <http://www.wassenaar.org/> for more information.
+
+The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS),
+has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1,
+which includes information security software using or performing cryptographic
+functions with asymmetric algorithms. The form and manner of this Apache Software
+Foundation distribution makes it eligible for export under the License Exception ENC
+Technology Software Unrestricted (TSU) exception (see the BIS Export Administration
+Regulations, Section 740.13) for both object code and source code.
+
+The following provides more details on the included cryptographic software:
+https://tls.mbed.org/supported-ssl-ciphersuites.
\ No newline at end of file
[incubator-nuttx-apps] 01/02: crypto: Initial support for mbedtls
Posted by ac...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
acassis pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit c2057d77b2d288fb1fd98c4c2364e407d3cd4940
Author: Brennan Ashton <ba...@brennanashton.com>
AuthorDate: Mon Jan 18 00:57:33 2021 -0800
crypto: Initial support for mbedtls
Signed-off-by: Brennan Ashton <ba...@brennanashton.com>
---
crypto/mbedtls/.gitignore | 2 +
crypto/mbedtls/Kconfig | 80 +++++++++++++++++++++++++++++++++++++
crypto/mbedtls/Make.defs | 36 +++++++++++++++++
crypto/mbedtls/Makefile | 85 ++++++++++++++++++++++++++++++++++++++++
include/crypto/mbedtls_config.h | 87 +++++++++++++++++++++++++++++++++++++++++
5 files changed, 290 insertions(+)
diff --git a/crypto/mbedtls/.gitignore b/crypto/mbedtls/.gitignore
new file mode 100644
index 0000000..d96514d
--- /dev/null
+++ b/crypto/mbedtls/.gitignore
@@ -0,0 +1,2 @@
+/mbedtls
+/*.zip
diff --git a/crypto/mbedtls/Kconfig b/crypto/mbedtls/Kconfig
new file mode 100644
index 0000000..2822986
--- /dev/null
+++ b/crypto/mbedtls/Kconfig
@@ -0,0 +1,80 @@
+#
+# For a description of the syntax of this configuration file,
+# see the file kconfig-language.txt in the NuttX tools repository.
+#
+
+menuconfig CRYPTO_MBEDTLS
+ bool "Mbed TLS Cryptography Library"
+ default n
+ ---help---
+ Enable support for Mbed TLS.
+
+if CRYPTO_MBEDTLS
+
+config MBEDTLS_VERSION
+ string "MBEDTLS Version"
+ default "2.25.0"
+
+menuconfig MBEDTLS_APPS
+ tristate "Mbed TLS Applications"
+ default n
+ ---help---
+ Enable Mbed TLS Applications
+
+if MBEDTLS_APPS
+
+config MBEDTLS_DEFAULT_TASK_STACKSIZE
+ int "Mbed TLS app default stack size"
+ default 8192
+
+config MBEDTLS_APP_BENCHMARK
+ bool "Mbed TLS benchmark"
+ default n
+ ---help---
+ Enable the Mbed TLS self test
+
+if MBEDTLS_APP_BENCHMARK
+
+config MBEDTLS_APP_BENCHMARK_PROGNAME
+ string "Program name"
+ default "mbedbenchmark"
+ ---help---
+ This is the name of the program that will be used when the NSH ELF
+ program is installed.
+
+config MBEDTLS_APP_BENCHMARK_PRIORITY
+ int "Benchmark task priority"
+ default 100
+
+config MBEDTLS_APP_BENCHMARK_STACKSIZE
+ int "Benchmark stack size"
+ default MBEDTLS_DEFAULT_TASK_STACKSIZE
+endif
+
+config MBEDTLS_APP_SELFTEST
+ bool "Mbed TLS Self Test"
+ default n
+ ---help---
+ Enable the Mbed TLS self test
+
+if MBEDTLS_APP_SELFTEST
+
+config MBEDTLS_APP_SELFTEST_PROGNAME
+ string "Program name"
+ default "mbedselftest"
+ ---help---
+ This is the name of the program that will be used when the NSH ELF
+ program is installed.
+
+config MBEDTLS_APP_SELFTEST_PRIORITY
+ int "Self test task priority"
+ default 100
+
+config MBEDTLS_APP_SELFTEST_STACKSIZE
+ int "Self test stack size"
+ default MBEDTLS_DEFAULT_TASK_STACKSIZE
+endif
+
+endif
+
+endif # CRYPTO_MBEDTLS
diff --git a/crypto/mbedtls/Make.defs b/crypto/mbedtls/Make.defs
new file mode 100644
index 0000000..92cb2ac
--- /dev/null
+++ b/crypto/mbedtls/Make.defs
@@ -0,0 +1,36 @@
+############################################################################
+# apps/crypto/mbedtls/Make.defs
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+############################################################################
+
+ifeq ($(CONFIG_CRYPTO_MBEDTLS),y)
+CONFIGURED_APPS += $(APPDIR)/crypto/mbedtls
+
+# Allows `<mbedtls/<>.h>` import.
+
+CFLAGS += ${shell $(INCDIR) $(INCDIROPT) "$(CC)" $(APPDIR)/crypto/mbedtls/mbedtls/include}
+CXXFLAGS += ${shell $(INCDIR) $(INCDIROPT) "$(CC)" $(APPDIR)/crypto/mbedtls/mbedtls/include}
+
+CFLAGS += ${shell $(DEFINE) "$(CC)" MBEDTLS_CONFIG_FILE='"<crypto/mbedtls_config.h>"'}
+CXXFLAGS += ${shell $(DEFINE) "$(CC)" MBEDTLS_CONFIG_FILE='"<crypto/mbedtls_config.h>"'}
+
+ifneq ($(CONFIG_MBEDTLS_APPS),)
+CONFIGURED_APPS += $(APPDIR)/crypto/mbedtls/
+endif
+
+endif
diff --git a/crypto/mbedtls/Makefile b/crypto/mbedtls/Makefile
new file mode 100644
index 0000000..b2640fb
--- /dev/null
+++ b/crypto/mbedtls/Makefile
@@ -0,0 +1,85 @@
+############################################################################
+# apps/crypto/mbedtls/Makefile
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+############################################################################
+
+include $(APPDIR)/Make.defs
+
+# Mbed TLS crypto library
+
+# Set up build configuration and environment
+
+MBEDTLS_URL ?= "https://github.com/ARMmbed/mbedtls/archive"
+
+MBEDTLS_VERSION = $(patsubst "%",%,$(strip $(CONFIG_MBEDTLS_VERSION)))
+MBEDTLS_ZIP = v$(MBEDTLS_VERSION).zip
+
+MBEDTLS_UNPACKNAME = mbedtls
+UNPACK ?= unzip -q -o
+
+MBEDTLS_UNPACKLIBDIR = $(MBEDTLS_UNPACKNAME)$(DELIM)library
+MBEDTLS_UNPACKPROGDIR = $(MBEDTLS_UNPACKNAME)$(DELIM)programs
+
+# This lets Mbed TLS better use some of the POSIX features we have
+CFLAGS += ${shell $(DEFINE) "$(CC)" __unix__}
+
+CSRCS = $(wildcard $(MBEDTLS_UNPACKLIBDIR)$(DELIM)*.c)
+
+$(MBEDTLS_ZIP):
+ @echo "Downloading: $(MBEDTLS_URL)/$(MBEDTLS_ZIP)"
+ $(Q) curl -O -L $(MBEDTLS_URL)/$(MBEDTLS_ZIP)
+
+$(MBEDTLS_UNPACKNAME): $(MBEDTLS_ZIP)
+ @echo "Unpacking: $(MBEDTLS_ZIP) -> $(MBEDTLS_UNPACKNAME)"
+ $(Q) $(UNPACK) $(MBEDTLS_ZIP)
+ $(Q) mv mbedtls-$(MBEDTLS_VERSION) $(MBEDTLS_UNPACKNAME)
+ $(Q) touch $(MBEDTLS_UNPACKNAME)
+
+context:: $(MBEDTLS_UNPACKNAME)
+
+distclean::
+ $(call DELDIR, $(MBEDTLS_UNPACKNAME))
+ $(call DELFILE, $(MBEDTLS_ZIP))
+
+# Configuration Applications
+
+ifneq ($(CONFIG_MBEDTLS_APPS),)
+
+MODULE = $(CONFIG_MBEDTLS_APPS)
+
+ifeq ($(CONFIG_MBEDTLS_APP_BENCHMARK),y)
+
+PROGNAME += $(CONFIG_MBEDTLS_APP_BENCHMARK_PROGNAME)
+PRIORITY += $(CONFIG_MBEDTLS_APP_BENCHMARK_PRIORITY)
+STACKSIZE += $(CONFIG_MBEDTLS_APP_BENCHMARK_STACKSIZE)
+
+MAINSRC += $(MBEDTLS_UNPACKPROGDIR)/test/benchmark.c
+endif
+
+ifeq ($(CONFIG_MBEDTLS_APP_SELFTEST),y)
+
+PROGNAME += $(CONFIG_MBEDTLS_APP_SELFTEST_PROGNAME)
+PRIORITY += $(CONFIG_MBEDTLS_APP_SELFTEST_PRIORITY)
+STACKSIZE += $(CONFIG_MBEDTLS_APP_SELFTEST_STACKSIZE)
+
+MAINSRC += $(MBEDTLS_UNPACKPROGDIR)/test/selftest.c
+endif
+
+endif
+
+include $(APPDIR)/Application.mk
diff --git a/include/crypto/mbedtls_config.h b/include/crypto/mbedtls_config.h
new file mode 100644
index 0000000..3289674
--- /dev/null
+++ b/include/crypto/mbedtls_config.h
@@ -0,0 +1,87 @@
+/****************************************************************************
+ * apps/include/crypto/mbedtls_config.h
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+#ifndef __APPS_INCLUDE_CRYPTO_MBEDTLS_CONFIG_H
+#define __APPS_INCLUDE_CRYPTO_MBEDTLS_CONFIG_H
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+/****************************************************************************
+ * Pre-processor Definitions
+ ****************************************************************************/
+
+/* System support */
+#define MBEDTLS_HAVE_TIME
+
+/* Debug */
+#define MBEDTLS_SELF_TEST
+#define MBEDTLS_TIMING_C
+
+/* Feature support */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/* Modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_DES_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+
+#ifdef CONFIG_NET
+#define MBEDTLS_NET_C
+#endif
+
+#define MBEDTLS_OID_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_USE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_CERTS_C
+#define MBEDTLS_PEM_PARSE_C
+
+#define MBEDTLS_FS_IO
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include "mbedtls/check_config.h"
+
+#endif /* __APPS_INCLUDE_CRYPTO_MBEDTLS_CONFIG_H */