Skip to content

Commit

Permalink
[Silabs] Update Gecko SDK to 4.3.1 (project-chip#28591)
Browse files Browse the repository at this point in the history
* Update gsdk to 4.3.1

* update to dev branch

* gsdk update

* update crypto configurations
update matter support commit

* clean up crypto configs

* Pull in updated generated files

* last changes for gsdk update

* update workflow docker image

* restyle

* fix slc gen builds

* WIP

* Fix gsdk flash increase
  • Loading branch information
mkardous-silabs authored and HunsupJung committed Oct 23, 2023
1 parent acc6ae4 commit df7fb59
Show file tree
Hide file tree
Showing 14 changed files with 177 additions and 315 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/examples-efr32.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
if: github.actor != 'restyled-io[bot]'

container:
image: ghcr.io/project-chip/chip-build-efr32:1
image: ghcr.io/project-chip/chip-build-efr32:8
volumes:
- "/tmp/bloat_reports:/tmp/bloat_reports"
steps:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,10 @@
// and to stay awake after receiving a packet with frame pending set to true.
#define OPENTHREAD_CONFIG_MAC_STAY_AWAKE_BETWEEN_FRAGMENTS 1

#define OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS 0

#define OPENTHREAD_CONFIG_DETERMINISTIC_ECDSA_ENABLE 0

// Use the SiLabs-supplied default platform configuration for remainder
// of OpenThread config options.
//
Expand Down
37 changes: 29 additions & 8 deletions examples/platform/silabs/matter-platform.slcp
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ include:
file_list:
- {path: app.h}
- {path: reset_util.h}
sdk: {id: gecko_sdk, version: 4.2.0}
sdk: {id: gecko_sdk, version: 4.3.1}
toolchain_settings: []

component:
Expand All @@ -44,10 +44,30 @@ component:
- {id: rail_util_pti}
- {id: bluetooth_feature_gatt}
- {id: bluetooth_feature_connection}
- {id: psa_crypto}
- {id: rail_lib_multiprotocol}
- {id: bluetooth_feature_system}
- {id: bluetooth_feature_scanner}
- {id: rail_util_power_manager_init}
- {id: psa_crypto}
- {id: psa_crypto_aes}
- {id: psa_crypto_ccm}
- {id: psa_crypto_cmac}
- {id: psa_crypto_ecc}
- {id: psa_crypto_ecdh}
- {id: psa_crypto_ecdsa}
- {id: psa_crypto_hash}
- {id: psa_crypto_hkdf}
- {id: mbedtls_x509}
- {id: mbedtls_cmac}
- {id: mbedtls_platform_dynamic_memory_allocation_config_init_runtime }
- {id: mbedtls_base64}
- {id: ot_psa_crypto}
- {id: bluetooth_crypto}
# Necessary componenets for ot coap cert lib
# - {id: mbedtls_dtls} # Requried by COAP lib
# - {id: mbedtls_tls_server} # Requried by COAP lib
# - {id: mbedtls_tls} # Requried by COAP lib
# - {id: mbedtls_jpake} # Required by COAP lib

config_file:
- override:
Expand All @@ -57,20 +77,21 @@ config_file:
directory: btconf

configuration:
- {name: SL_BOARD_ENABLE_VCOM, value: '1'}
- {name: SL_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED, value: '1'}
- {name: SL_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED, value: '0'}
- {name: SL_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED, value: '1'}
- condition: [uartdrv_usart]
name: UARTDRV_RESTRICT_ENERGY_MODE_TO_ALLOW_RECEPTION
value: '0'
value: '1'
- condition: [iostream_usart]
name: SL_IOSTREAM_USART_VCOM_RESTRICT_ENERGY_MODE_TO_ALLOW_RECEPTION
value: '0'
value: '1'
- condition: [iostream_usart]
name: SL_IOSTREAM_USART_VCOM_RX_BUFFER_SIZE
value: '128'
- {name: SL_HEAP_SIZE, value: '16384'}
- {name: SL_STACK_SIZE, value: '4608'}
- {name: SL_HEAP_SIZE, value: '0'}
- {name: SL_STACK_SIZE, value: '0'}
- {name: SL_BOARD_ENABLE_VCOM, value: '0'}
- {name: EMDRV_UARTDRV_FLOW_CONTROL_ENABLE, value: '0'}

requires:
- condition: [device_series_1]
Expand Down
10 changes: 9 additions & 1 deletion src/platform/silabs/CHIPPlatformConfig.h
Original file line number Diff line number Diff line change
Expand Up @@ -45,11 +45,19 @@
#if CHIP_HAVE_CONFIG_H
#include <crypto/CryptoBuildConfig.h>
#endif
#if !defined(CHIP_CONFIG_SHA256_CONTEXT_SIZE) && (CHIP_CRYPTO_PLATFORM == 1)
#if (CHIP_CRYPTO_PLATFORM == 1)
#include "psa/crypto.h"

#if !defined(CHIP_CONFIG_SHA256_CONTEXT_SIZE)
#define CHIP_CONFIG_SHA256_CONTEXT_SIZE (sizeof(psa_hash_operation_t))
#endif

#if !defined(CHIP_CONFIG_SHA256_CONTEXT_ALIGN)
#define CHIP_CONFIG_SHA256_CONTEXT_ALIGN psa_hash_operation_t
#endif

#endif // CHIP_CRYPTO_PLATFORM

// ==================== General Configuration Overrides ====================

#ifndef CHIP_CONFIG_MAX_UNSOLICITED_MESSAGE_HANDLERS
Expand Down
125 changes: 22 additions & 103 deletions src/platform/silabs/efr32/efr32-chip-mbedtls-config.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,128 +28,47 @@

#pragma once

#include <limits.h>
#include <stdio.h>
#include <stdlib.h>

#include "em_device.h"
#include "em_se.h"

#if CHIP_HAVE_CONFIG_H
#include <crypto/CryptoBuildConfig.h>
#endif // CHIP_HAVE_CONFIG_H

/**
* Enable H Crypto and Entropy modules
*/
#define MBEDTLS_AES_C
#define MBEDTLS_ECP_C
#define MBEDTLS_ECDH_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_SHA224_C
#define MBEDTLS_SHA256_C
// DIC Specific Configurations
#ifdef DIC_ENABLE
#define MBEDTLS_PKCS1_V15
#define MBEDTLS_RSA_NO_CRT
#define MBEDTLS_CIPHER_MODE_CBC
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#define MBEDTLS_RSA_C
#define MBEDTLS_SSL_IN_CONTENT_LEN 5120
#define MBEDTLS_SSL_OUT_CONTENT_LEN 1560
#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF
#define MBEDTLS_MPI_MAX_SIZE 512
#endif // DIC_ENABLE

#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf

#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_BASE64_C
#define MBEDTLS_BIGNUM_C
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
#define MBEDTLS_CMAC_C
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ECDH_LEGACY_CONTEXT
#define MBEDTLS_ECDSA_C
#define MBEDTLS_ECDSA_DETERMINISTIC
#define MBEDTLS_ECJPAKE_C
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_ECP_NIST_OPTIM
#define MBEDTLS_ENTROPY_FORCE_SHA256
#define MBEDTLS_ENTROPY_HARDWARE_ALT
#define MBEDTLS_ERROR_STRERROR_DUMMY
#define MBEDTLS_HAVE_ASM
#define MBEDTLS_HKDF_C
#define MBEDTLS_HMAC_DRBG_C
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_MD_C
#define MBEDTLS_NO_PLATFORM_ENTROPY
#define MBEDTLS_OID_C
#define MBEDTLS_PEM_PARSE_C
#define MBEDTLS_PEM_WRITE_C
#define MBEDTLS_PK_C
#define MBEDTLS_PK_PARSE_C
#define MBEDTLS_PK_WRITE_C
#if CHIP_CRYPTO_MBEDTLS
#define MBEDTLS_PKCS5_C
#endif
#define MBEDTLS_PLATFORM_C
#define MBEDTLS_PLATFORM_MEMORY
#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
#define MBEDTLS_PSA_CRYPTO_C
#define MBEDTLS_PSA_CRYPTO_CONFIG
#define MBEDTLS_PSA_CRYPTO_DRIVERS
#define MBEDTLS_PSA_CRYPTO_STORAGE_C
#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA512_C
// Configurations necessary for ot coap cert libs
#if SL_USE_COAP_CONFIG
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_SSL_CLI_C
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_EXPORT_KEYS
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
#define MBEDTLS_SSL_PROTO_TLS1_2
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_CIPHER_MODE_CBC
#define MBEDTLS_CCM_C
#define MBEDTLS_ECJPAKE_C
#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
#endif // SL_USE_COAP_CONFIG

#if CHIP_CRYPTO_PLATFORM
#define MBEDTLS_USE_PSA_CRYPTO
#endif
#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf

#define MBEDTLS_X509_CREATE_C
#define MBEDTLS_X509_CSR_WRITE_C
#define MBEDTLS_X509_CRL_PARSE_C
#define MBEDTLS_X509_CRT_PARSE_C
#define MBEDTLS_X509_CSR_PARSE_C
#define MBEDTLS_X509_USE_C
#define MBEDTLS_AES_ROM_TABLES
// #define MBEDTLS_AES_FEWER_TABLES /* Check if we want this */

#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
#define MBEDTLS_SHA256_SMALLER /* Check if we want this */
#define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */
#ifdef DIC_ENABLE
#define MBEDTLS_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
#else
#define MBEDTLS_MPI_MAX_SIZE 32 /**< Maximum number of bytes for usable MPIs. */
#endif // DIC_ENABLE
#define MBEDTLS_ECP_MAX_BITS 256 /**< Maximum bit size of groups */
#define MBEDTLS_ECP_WINDOW_SIZE 2 /**< Maximum window size used */
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Enable fixed-point speed-up */
#define MBEDTLS_ENTROPY_MAX_SOURCES 2 /**< Maximum number of sources supported */

#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE
#define MBEDTLS_SSL_MAX_CONTENT_LEN 900 /**< Maxium fragment length in bytes */
#else
#define MBEDTLS_SSL_MAX_CONTENT_LEN 768 /**< Maxium fragment length in bytes */
#endif

#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8

#define MBEDTLS_CIPHER_MODE_WITH_PADDING

#include "check_crypto_config.h"
#include "config-device-acceleration.h"
#include "mbedtls/check_config.h"
#include "mbedtls/config_psa.h"
// Includes generated file for all generic defines.
#include "sl_mbedtls_config.h"
34 changes: 34 additions & 0 deletions src/platform/silabs/efr32/efr32-psa-crypto-config.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
/*
*
* Copyright (c) 2020-2021 Project CHIP Authors
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#pragma once

// DIC Specific Configurations
#ifdef DIC_ENABLE
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
#define PSA_WANT_ALG_CBC_NO_PADDING
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN
#endif // DIC_ENABLE

// Configurations necessary for ot coap cert libs
#if SL_USE_COAP_CONFIG
#define PSA_WANT_ALG_CBC_NO_PADDING
#endif // SL_USE_COAP_CONFIG

// Include Generated fies
#include "psa_crypto_config.h"
Loading

0 comments on commit df7fb59

Please sign in to comment.