首頁
博文
博文內容

芯馳D9平台 Openwrt hsm 模塊測試應用移植及調試方法

關鍵字 :SemiDriveD9OpenWRT

芯馳D9平台 hsm 模塊的主要功能包括生成、存儲和處理設備安全信息,如密鑰,並能夠隔離外部惡意軟體的攻擊。‌
通過物理方式封裝安全功能,具有自己的處理器核心、內存和硬體密碼加速器,能夠執行應用場景所需的所有IT安全功能,如128位AES硬體加速器、真隨機數生成器(TRNG)、硬體保護存儲等‌

具體功能和應用場景:

1. 生成和存儲密鑰‌:可以生成和存儲加密密鑰,確保設備的安全通信和數據保護。
‌2. 隔離外部攻擊‌:能夠隔離外部惡意軟體的攻擊,保護設備的安全信息不被非法獲取或篡改。
‌3. 安全啟動‌:可以用於構建和驗證可靠的軟體,確保在軟體加載和初次訪問時的安全啟動。
4. ‌硬體加速‌:包含加密/解密硬體加速功能,能夠有效降低CPU負載,提高系統的整體性能和安全性‌

在D9的openwrt中運行hsm 並測試其性能,首先得在D9 openwrt系統上移植測試應用,再測試hsm模塊性能數據。
先將三個測試應用包源碼 hsm-client  libhsm rpmb-service 分別拷貝到openwrt package下,參考其他openwrt package下的makefile 文件,
修改其makefile 使其編譯進openwrt系統。

其過程和步驟如下:

1. hsm-client 的移植,拷貝源碼到openwrt package下,新建src目錄,將hsm-client的源碼都放置到src目錄;新建Makefile文件,其Makefile文件內容如下:

#
# Copyright (C) 2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk

PKG_NAME:=hsm-client
PKG_RELEASE:=1
PKG_LICENSE:=GPLv2+, GPLv3+
PKG_LICENSE_FILES:=Copyright COPYING
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk

define Package/hsm-client
  SECTION:=utils
  CATEGORY:=Utilities
  DEFAULT:=y
  TITLE:= hsm client
  DEPENDS:= +libhsm
endef

define Build/Configure
endef

define Build/Compile
	$(MAKE) -C $(PKG_BUILD_DIR) \
		CC="$(TARGET_CC)" \
		CFLAGS="$(TARGET_CFLAGS) -O2 -Wall " \
		LDFLAGS="$(TARGET_LDFLAGS) -lhsm -lpthread -lrt -ldl"
endef

define Package/$(PKG_NAME)/install
	$(INSTALL_DIR) $(1)/usr/bin
	$(INSTALL_BIN) $(PKG_BUILD_DIR)/hsm_client $(1)/usr/bin/
	$(INSTALL_BIN) $(PKG_BUILD_DIR)/run_hsm_test.sh $(1)/usr/bin/
endef

$(eval $(call BuildPackage,$(PKG_NAME)))​

2. libhsm的移植,拷貝源碼到openwrt package下,新建src目錄,將libhsm的源碼都放置到src目錄;新建Makefile文件,其Makefile文件內容如下:

#
# Copyright (C) 2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#

include $(TOPDIR)/rules.mk

PKG_NAME:=libhsm
PKG_RELEASE:=1
PKG_LICENSE:=GPLv2+, GPLv3+
PKG_LICENSE_FILES:=Copyright COPYING
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)

include $(INCLUDE_DIR)/package.mk

define Package/libhsm
  SECTION:=utils
  CATEGORY:=Utilities
  DEFAULT:=y
  TITLE:= hsm lib - libhsm.so
endef

define Build/Configure
endef

define Build/Compile
	$(MAKE) -C $(PKG_BUILD_DIR) \
		CC="$(TARGET_CC)" \
		CFLAGS="$(TARGET_CFLAGS) -O2 -fPIC -Wall" \
		LDFLAGS="$(TARGET_LDFLAGS)"
endef

define Package/libhsm/install
	$(INSTALL_DIR) $(1)/usr/lib
	$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(PKG_NAME).so $(1)/usr/lib/
endef

$(eval $(call BuildPackage,libhsm))​

3. rpmb-service的移植,拷貝源碼到openwrt package下,新建src目錄,將rpmb-service的源碼都放置到src目錄;新建Makefile文件,其Makefile文件內容如下:

#
# Copyright (C) 2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#

include $(TOPDIR)/rules.mk


PKG_NAME:=rpmb-service
PKG_RELEASE:=1
PKG_LICENSE:=GPLv2+, GPLv3+
PKG_LICENSE_FILES:=Copyright COPYING
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)

include $(INCLUDE_DIR)/package.mk

define Package/rpmb-service
SECTION:=utils
CATEGORY:=Utilities
DEFAULT:=y
TITLE:= hsm rpmb-service
DEPENDS:= +libhsm
endef

define Build/Configure
endef

define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
CC="$(TARGET_CC)" \
CFLAGS="$(TARGET_CFLAGS) -O2 -Wall -fno-inline " \
LDFLAGS="$(TARGET_LDFLAGS) -lhsm -lpthread -lrt -ldl"
endef

define Package/rpmb-service/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/rpmb_serviced $(1)/usr/bin/
endef

$(eval $(call BuildPackage,$(PKG_NAME)))​
4. 編輯好源文件及makefile文件後,回到代碼的根目錄,執行./build.sh 編譯,出現如下字符便是編譯通過。

[info] Calculating pack header crc...
[info] Calculating  second part crc ...
[info] Calculated crc32 = 0x7F82C948
++ stat -c %s /home/hdd-2/SemiDrive/D9/d9-ptg1.5p1-wrt3-9360/out/images_linux510_openwrt_emmc_only_d9360_openwrt_ref/images/global.pac
+ IMG_SIZE=304745743
++ echo '304745743/1024/1024;'
++ bc
+ IMG_SIZE=290
+ print_warn '\n File /home/hdd-2/SemiDrive/D9/d9-ptg1.5p1-wrt3-9360/out/images_linux510_openwrt_emmc_only_d9360_openwrt_ref/images/global.pac(size=290MB) is generated.'
+ echo -e '\033[47;31m \n File /home/hdd-2/SemiDrive/D9/d9-ptg1.5p1-wrt3-9360/out/images_linux510_openwrt_emmc_only_d9360_openwrt_ref/images/global.pac(size=290MB) is generated.\033[0m'
 
 File /home/hdd-2/SemiDrive/D9/d9-ptg1.5p1-wrt3-9360/out/images_linux510_openwrt_emmc_only_d9360_openwrt_ref/images/global.pac(size=290MB) is generated.

 compile Semidrive SDK and PACK successful​


5. 將編譯後的pac文件gloabal.pac用工具燒錄到板子。上電測試。在openwrt環境下執行測試命令 run_hsm_test.sh , 如下:

root@0penWrt:/# run_hsm_test.sh
APP_PATH is /usr/bin/hsm_client
fix_id is 1022
run multi_test
run common_test
run fix_id_test
run perf_test
run key_test
run data_test
enter display_test_ret


6. 測試完後,得到的性能數據被寫入到 文件 log_hsm_perf.log, 部分內容如下:

this test is 2
enter Crypto_test_hash_multi
run_time is 1
this hash test mode is 0
hash_result is ok
d is 0.024013
hash mode : 0, msg_size 1048576, run_time is 1, total_size is 1048576, speed is 41.644109 Mbytes/s
this hash test mode is 1
hash_result is ok
d is 0.031015
hash mode : 1, msg_size 1048576, run_time is 1, total_size is 1048576, speed is 32.242463 Mbytes/s
this hash test mode is 2
hash_result is ok
d is 0.030370
hash mode : 2, msg_size 1048576, run_time is 1, total_size is 1048576, speed is 32.927231 Mbytes/s
this hash test mode is 3
hash_result is ok
d is 0.031287
hash mode : 3, msg_size 1048576, run_time is 1, total_size is 1048576, speed is 31.962157 Mbytes/s
this hash test mode is 4
hash_result is ok
d is 0.030470
hash mode : 4, msg_size 1048576, run_time is 1, total_size is 1048576, speed is 32.819166 Mbytes/s
this hash test mode is 5
hash_result is ok


done!

★博文內容均由個人提供,與平台無關,如有違法或侵權,請與網站管理員聯繫。

★博文作者未開放評論功能

參考來源