wolfSSL
diff --git a/‎include/user_settings/cascade.h‎
Lines changed: 166 additions & 11 deletions b/‎include/user_settings/cascade.h‎
Lines changed: 166 additions & 11 deletions
diff --git a/‎include/user_settings/finalize.h‎
Lines changed: 55 additions & 91 deletions b/‎include/user_settings/finalize.h‎
Lines changed: 55 additions & 91 deletions
@@ -1,8 +1,8 @@
 /* user_settings/cascade.h
  *
- * Lift Make-side feature implications into preprocessor cascades so an
- * IDE/CMake-only build (which sets only the high-level WOLFBOOT_* flags)
- * sees the same derived flags that options.mk would set.
+ * Lift Make-side feature implications into preprocessor cascades, and
+ * declare WOLFBOOT_NEEDS_* positive intent markers used by the rest
+ * of the user_settings/ fragments and reconciled in finalize.h.
  *
  * Idempotent: every #define is #ifndef-guarded, so it's a no-op when
  * options.mk has already emitted the same -D flag.
@@ -29,6 +29,10 @@
 #ifndef _WOLFBOOT_USER_SETTINGS_CASCADE_H_
 #define _WOLFBOOT_USER_SETTINGS_CASCADE_H_
 
+/* ------------------------------------------------------------------
+ * Feature-flag cascades
+ * ------------------------------------------------------------------ */
+
 /* Any feature that requires a hardware TPM 2.0 implies WOLFBOOT_TPM.
  * Mirrors options.mk:34-92 where the same Make variables force WOLFTPM:=1. */
 #if defined(WOLFBOOT_TPM_VERIFY)   || \
@@ -40,15 +44,152 @@
 #  endif
 #endif
 
-/* WOLFBOOT_NEEDS_* declarations -- positive intent markers reconciled by
- * user_settings/finalize.h. Fragments may also set these from their own
- * headers; cascade.h handles the cases that today live as #undef blocks
- * scattered through user_settings.h. */
+/* TPM keystore and seal both require TPM session parameter encryption. */
+#if defined(WOLFBOOT_TPM_KEYSTORE) || defined(WOLFBOOT_TPM_SEAL)
+#  ifndef WOLFBOOT_TPM_PARMENC
+#    define WOLFBOOT_TPM_PARMENC
+#  endif
+#endif
+
+/* Any RSA SIGN flag (or WOLFCRYPT_SECURE_MODE without PKCS11_SMALL) means
+ * the build links wolfCrypt's RSA code. sign_rsa.h handles the actual
+ * configuration; the marker is set here so finalize.h can see it ahead
+ * of finalize-time and skip NO_ASN. */
+#if defined(WOLFBOOT_SIGN_RSA2048)            || \
+    defined(WOLFBOOT_SIGN_RSA3072)            || \
+    defined(WOLFBOOT_SIGN_RSA4096)            || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSA2048)  || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSA3072)  || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSA4096)  || \
+    defined(WOLFBOOT_SIGN_RSAPSS2048)         || \
+    defined(WOLFBOOT_SIGN_RSAPSS3072)         || \
+    defined(WOLFBOOT_SIGN_RSAPSS4096)         || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSAPSS2048) || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSAPSS3072) || \
+    defined(WOLFBOOT_SIGN_SECONDARY_RSAPSS4096) || \
+    (defined(WOLFCRYPT_SECURE_MODE) && !defined(PKCS11_SMALL))
+#  ifndef WOLFBOOT_NEEDS_RSA
+#    define WOLFBOOT_NEEDS_RSA
+#  endif
+#endif
+
+/* ------------------------------------------------------------------
+ * WOLFBOOT_NEEDS_* declarations
+ * ------------------------------------------------------------------
+ * Positive intent markers. user_settings/finalize.h tests them and
+ * applies the corresponding wolfCrypt negative flag (NO_*, WC_NO_*) to
+ * builds that did NOT opt in. Fragments may also set additional markers
+ * from their own headers. */
+
+/* NEEDS_RNG: any feature that uses wolfCrypt's RNG.
+ * Driven by: TPM parm-enc, secure-mode (TZ-PSA / TZ-FWTPM), test/bench,
+ * wolfHSM server, and wolfHSM client + ML-DSA. */
+#if defined(WOLFBOOT_TPM_PARMENC)            || \
+    defined(WOLFCRYPT_SECURE_MODE)           || \
+    defined(WOLFCRYPT_TEST)                  || \
+    defined(WOLFCRYPT_BENCHMARK)             || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)  || \
+    (defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \
+     defined(WOLFBOOT_SIGN_ML_DSA))
+#  ifndef WOLFBOOT_NEEDS_RNG
+#    define WOLFBOOT_NEEDS_RNG
+#  endif
+#endif
+
+/* NEEDS_HASHDRBG: features that use wolfCrypt's HASHDRBG specifically.
+ * Note: TEST/BENCH non-LPC55S69 builds use a custom RNG and do NOT
+ * declare this marker; their explicit `#define WC_NO_HASHDRBG` lives
+ * in test_bench.h. */
+#if defined(WOLFBOOT_TPM_PARMENC)  || \
+    defined(WOLFCRYPT_SECURE_MODE) || \
+    ((defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK)) && \
+     (defined(WOLFSSL_NXP_LPC55S69_WITH_HWACCEL) || \
+      defined(WOLFSSL_NXP_LPC55S69_NO_HWACCEL)))
+#  ifndef WOLFBOOT_NEEDS_HASHDRBG
+#    define WOLFBOOT_NEEDS_HASHDRBG
+#  endif
+#endif
+
+/* NEEDS_AES_CBC: features that use AES-CBC (entropy-using paths). */
+#if defined(WOLFBOOT_TPM_PARMENC)  || \
+    defined(WOLFCRYPT_SECURE_MODE) || \
+    defined(WOLFCRYPT_TEST)        || \
+    defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_AES_CBC
+#    define WOLFBOOT_NEEDS_AES_CBC
+#  endif
+#endif
+
+/* NEEDS_AES: features that use AES core. */
+#if defined(ENCRYPT_WITH_AES128)   || \
+    defined(ENCRYPT_WITH_AES256)   || \
+    defined(WOLFBOOT_TPM_PARMENC)  || \
+    defined(WOLFCRYPT_SECURE_MODE) || \
+    defined(SECURE_PKCS11)         || \
+    defined(WOLFCRYPT_TZ_PSA)      || \
+    defined(WOLFCRYPT_TEST)        || \
+    defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_AES
+#    define WOLFBOOT_NEEDS_AES
+#  endif
+#endif
 
-/* WOLFCRYPT_TZ_PSA and WOLFBOOT_TZ_FWTPM both keep CMAC and KDF enabled
- * (today by `#undef NO_CMAC` / `#undef NO_KDF` after the always-on block).
- * Lift those to positive intent so finalize.h can simply skip the
- * `#define NO_CMAC` / `#define NO_KDF`. */
+/* NEEDS_HMAC: features that use HMAC. */
+#if defined(WOLFBOOT_TPM)          || \
+    defined(WOLFCRYPT_SECURE_MODE) || \
+    defined(WOLFCRYPT_TEST)        || \
+    defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_HMAC
+#    define WOLFBOOT_NEEDS_HMAC
+#  endif
+#endif
+
+/* NEEDS_DEV_RANDOM: features that may want OS /dev/random as entropy. */
+#if defined(WOLFBOOT_TPM)          || \
+    defined(WOLFCRYPT_SECURE_MODE) || \
+    defined(WOLFCRYPT_TEST)        || \
+    defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_DEV_RANDOM
+#    define WOLFBOOT_NEEDS_DEV_RANDOM
+#  endif
+#endif
+
+/* NEEDS_ECC_KEY_EXPORT: features that need to export ECC keys. */
+#if defined(WOLFBOOT_TPM)                    || \
+    defined(WOLFCRYPT_SECURE_MODE)           || \
+    defined(WOLFCRYPT_TEST)                  || \
+    defined(WOLFCRYPT_BENCHMARK)             || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT)  || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
+#  ifndef WOLFBOOT_NEEDS_ECC_KEY_EXPORT
+#    define WOLFBOOT_NEEDS_ECC_KEY_EXPORT
+#  endif
+#endif
+
+/* NEEDS_ASN: features that need ASN.1 parsing. NEEDS_RSA also implies
+ * this (RSA always parses ASN.1). */
+#if defined(WOLFBOOT_NEEDS_RSA)              || \
+    defined(WOLFBOOT_TPM)                    || \
+    defined(WOLFCRYPT_SECURE_MODE)           || \
+    defined(WOLFCRYPT_TEST)                  || \
+    defined(WOLFCRYPT_BENCHMARK)             || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT)  || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
+#  ifndef WOLFBOOT_NEEDS_ASN
+#    define WOLFBOOT_NEEDS_ASN
+#  endif
+#endif
+
+/* NEEDS_BASE64: features that use base64 encoding. */
+#if (defined(WOLFBOOT_TPM_SEAL) && defined(WOLFBOOT_ATA_DISK_LOCK)) || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT)  || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
+#  ifndef WOLFBOOT_NEEDS_BASE64
+#    define WOLFBOOT_NEEDS_BASE64
+#  endif
+#endif
+
+/* NEEDS_CMAC and NEEDS_KDF: TZ_PSA and TZ_FWTPM need both. */
 #if defined(WOLFCRYPT_TZ_PSA) || defined(WOLFBOOT_TZ_FWTPM)
 #  ifndef WOLFBOOT_NEEDS_CMAC
 #    define WOLFBOOT_NEEDS_CMAC
@@ -58,4 +199,18 @@
 #  endif
 #endif
 
+/* NEEDS_MALLOC: features whose code-paths use heap allocation.
+ * SECURE_PKCS11, WOLFCRYPT_TZ_PSA, the wolfHSM server, and the
+ * test/bench harnesses all expect a working malloc. Default builds
+ * (no marker) get NO_WOLFSSL_MEMORY + WOLFSSL_NO_MALLOC instead. */
+#if defined(SECURE_PKCS11)                  || \
+    defined(WOLFCRYPT_TZ_PSA)               || \
+    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) || \
+    defined(WOLFCRYPT_TEST)                 || \
+    defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_MALLOC
+#    define WOLFBOOT_NEEDS_MALLOC
+#  endif
+#endif
+
 #endif /* _WOLFBOOT_USER_SETTINGS_CASCADE_H_ */
@@ -28,112 +28,76 @@
 #ifndef _WOLFBOOT_USER_SETTINGS_FINALIZE_H_
 #define _WOLFBOOT_USER_SETTINGS_FINALIZE_H_
 
-/* WOLFBOOT_NEEDS_* reconciliation
+/* ------------------------------------------------------------------
+ * NEEDS_* reconciliation
  * ------------------------------------------------------------------
- * Positive intent markers from cascade.h or feature fragments map here
- * to wolfCrypt's negative (NO_*, WC_NO_*) flags. The full marker
- * vocabulary is documented in the refactor plan. */
-#ifndef WOLFBOOT_NEEDS_CMAC
-#  define NO_CMAC
-#endif
-#ifndef WOLFBOOT_NEEDS_KDF
-#  define NO_KDF
-#endif
-
-/* HAVE_PWDBASED is opted into by EXT_ENCRYPTED, SECURE_PKCS11, and
- * WOLFCRYPT_TZ_PSA. If none of them set it, default to NO_PWDBASED. */
-#ifndef HAVE_PWDBASED
-#  define NO_PWDBASED
-#endif
+ * Each negative wolfCrypt flag (NO_*, WC_NO_*) is gated by the absence
+ * of its matching WOLFBOOT_NEEDS_* marker. Markers are declared in
+ * cascade.h (from feature flags) or in fragment headers. */
 
-/* RNG / HASHDRBG / NO_AES_CBC: today disabled unless any of the
- * "needs entropy" features are active. */
-#if !defined(WOLFCRYPT_SECURE_MODE) && !defined(WOLFBOOT_TPM_PARMENC) && \
-    !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK)
-#  if !(defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \
-        defined(WOLFBOOT_SIGN_ML_DSA)) && \
-      !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
-#    define WC_NO_RNG
+/* HASHDRBG: positive when needed, WC_NO_HASHDRBG otherwise.
+ * Note: test_bench.h's non-LPC55S69 path explicitly defines
+ * WC_NO_HASHDRBG itself; this `#ifndef` won't redefine it. */
+#ifdef WOLFBOOT_NEEDS_HASHDRBG
+#  ifndef HAVE_HASHDRBG
+#    define HAVE_HASHDRBG
 #  endif
-#  define WC_NO_HASHDRBG
-#  define NO_AES_CBC
 #else
-#  if defined(WOLFCRYPT_TEST) || defined(WOLFCRYPT_BENCHMARK)
-#    if defined(WOLFSSL_NXP_LPC55S69_WITH_HWACCEL) \
-        || defined(WOLFSSL_NXP_LPC55S69_NO_HWACCEL)
-       /* use actual rng hardware for seed, HASHDRBG for generation */
-#      define HAVE_HASHDRBG
-#      define HAVE_AES_ECB
-#      define WOLFSSL_AES_OFB
-#      define WOLFSSL_AES_CFB
-#      define WOLFSSL_AES_COUNTER
-#      define WOLFSSL_STATIC_MEMORY_TEST_SZ (30 * 1024)
-#      define WOLFSSL_SHA256
-#      define WOLFSSL_SHA384
-#      define WOLFSSL_SHA512
-#    else
-       /* Use custom RNG for tests/benchmarks (saves ~7KB vs HASHDRBG).
-        * WARNING: my_rng_seed_gen is NOT cryptographically secure.
-        * Only used in test-app builds, not in production wolfBoot. */
-#      define WC_NO_HASHDRBG
-#      define CUSTOM_RAND_GENERATE_SEED my_rng_seed_gen
-#      define CUSTOM_RAND_GENERATE_BLOCK my_rng_seed_gen
-       extern int my_rng_seed_gen(unsigned char* output, unsigned int sz);
-#    endif
-
-#    define HAVE_AESGCM
-#    define GCM_TABLE
-#  else
-#    define HAVE_HASHDRBG
-#    define WOLFSSL_AES_CFB
+#  ifndef WC_NO_HASHDRBG
+#    define WC_NO_HASHDRBG
 #  endif
 #endif
 
-/* AES core: stripped unless any AES-using fragment is active. */
-#if !defined(ENCRYPT_WITH_AES128) && !defined(ENCRYPT_WITH_AES256) && \
-    !defined(WOLFBOOT_TPM_PARMENC) && !defined(WOLFCRYPT_SECURE_MODE) && \
-    !defined(SECURE_PKCS11) && !defined(WOLFCRYPT_TZ_PSA) && \
-    !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK)
-#  define NO_AES
+#ifndef WOLFBOOT_NEEDS_RNG
+#  define WC_NO_RNG
 #endif
 
-/* HMAC: stripped unless TPM / secure mode / test/bench is active. */
-#if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) && \
-    !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK)
+#ifndef WOLFBOOT_NEEDS_AES
+#  define NO_AES
+#endif
+#ifndef WOLFBOOT_NEEDS_AES_CBC
+#  define NO_AES_CBC
+#endif
+#ifndef WOLFBOOT_NEEDS_HMAC
 #  define NO_HMAC
 #endif
-
-/* RNG / ECC key export / ASN: second copy of the negated chain for the
- * "no TPM, no secure, no test/bench" path. Distinct from the block above
- * because it runs after WC_NO_HASHDRBG / NO_DEV_RANDOM are decided. */
-#if !defined(WOLFBOOT_TPM) && !defined(WOLFCRYPT_SECURE_MODE) && \
-    !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK)
-#  if !(defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \
-        defined(WOLFBOOT_SIGN_ML_DSA)) && \
-      !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
-#    define WC_NO_RNG
-#  endif
-#  define WC_NO_HASHDRBG
+#ifndef WOLFBOOT_NEEDS_DEV_RANDOM
 #  define NO_DEV_RANDOM
-#  if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \
-      !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
-#    define NO_ECC_KEY_EXPORT
-#    if defined(NO_RSA)
-#      define NO_ASN
-#    endif
-#  endif
+#endif
+#ifndef WOLFBOOT_NEEDS_ECC_KEY_EXPORT
+#  define NO_ECC_KEY_EXPORT
+#endif
+#ifndef WOLFBOOT_NEEDS_ASN
+#  define NO_ASN
+#endif
+#ifndef WOLFBOOT_NEEDS_CMAC
+#  define NO_CMAC
+#endif
+#ifndef WOLFBOOT_NEEDS_KDF
+#  define NO_KDF
+#endif
+
+/* RSA: skip NO_RSA when NEEDS_RSA is set. */
+#ifndef WOLFBOOT_NEEDS_RSA
+#  define NO_RSA
+#endif
+
+/* HAVE_PWDBASED is opted into by EXT_ENCRYPTED, SECURE_PKCS11, and
+ * WOLFCRYPT_TZ_PSA. If none of them set it, default to NO_PWDBASED. */
+#ifndef HAVE_PWDBASED
+#  define NO_PWDBASED
 #endif
 
-/* BASE64 / NO_CODING: opt-in via TPM_SEAL+ATA_DISK_LOCK or wolfHSM. */
-#if (defined(WOLFBOOT_TPM_SEAL) && defined(WOLFBOOT_ATA_DISK_LOCK)) || \
-    defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \
-    defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)
+/* BASE64 / NO_CODING. */
+#ifdef WOLFBOOT_NEEDS_BASE64
 #  define WOLFSSL_BASE64_ENCODE
 #else
 #  define NO_CODING
 #endif
 
-/* Always-on disables (no fragment opts out). */
+/* ------------------------------------------------------------------
+ * Always-on disables (no fragment opts out today).
+ * ------------------------------------------------------------------ */
 #define NO_DH
 #define WOLFSSL_NO_PEM
 #define NO_ASN_TIME
@@ -169,7 +133,9 @@
 #  define BENCH_EMBEDDED
 #endif
 
-/* Memory model. */
+/* ------------------------------------------------------------------
+ * Memory model.
+ * ------------------------------------------------------------------ */
 #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
    /* Disable VLAs */
 #  define WOLFSSL_SP_NO_DYN_STACK
@@ -185,9 +151,7 @@
 #    define WOLFSSL_SP_NO_MALLOC
 #    define WOLFSSL_SP_NO_DYN_STACK
 #  endif
-#  if !defined(SECURE_PKCS11) && !defined(WOLFCRYPT_TZ_PSA) && \
-      !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) && \
-      !defined(WOLFCRYPT_TEST) && !defined(WOLFCRYPT_BENCHMARK)
+#  ifndef WOLFBOOT_NEEDS_MALLOC
 #    define NO_WOLFSSL_MEMORY
 #    define WOLFSSL_NO_MALLOC
 #  endif