OSレス環境用BSPパッケージ
第6章：セキュリティ機能の評価
評価ボード：RX72N Envision Kit

emSecure：不正改造・不正量産を防ぐセキュリティゲートウェイ

テストサンプル

Demo Sample Application Folder：

Application
 └ _Exclude
     ├ SECURE  ....... emSecureライブラリのデモサンプル

Sample	説明
SECURE_RSA_Bench_Performance	RSA鍵のデジタル署名を使用してメッセージのSign・Verifyパフォーマンスを確認します

emSecure：ビルド・動作確認方法

プロジェクト設定では「\Application\_Exclude\SECURE」フォルダはビルド対象外に設定しています。以下のどちらかの方法で動作確認を行うサンプルアプリケーションを選択します。

「SECURE_RSA_Bench_Performance.c」テストサンプルファイルをビルド対象設定の「\Application」フォルダ下にコピーします。
「SECURE_RSA_Bench_Performance.c」テストサンプルファイルの「ビルド対象外」設定を解除します。

プロジェクトを再ビルドし、評価ボードに接続してデバッグセッションを開始します。
デバッガのIOコンソールのログ画面から結果を確認します。

テストレポート（emSecure）

Sample: SECURE_RSA_Bench_Performance

Debug IO Console:

SEGGER Software Evaluation Sample
Eval Board: RX72N Envision Kit
Base: Baremetal (No RTOS)
------------------------------------------------

(c) 2014-2018 SEGGER Microcontroller GmbH    www.segger.com
emSecure-RSA Performance Benchmark compiled Apr  1 2024 13:56:01

Compiler: CC-RX V3.05.00
System:   Processor speed             = 240.000 MHz
Config:   CRYPTO_VERSION              = 24001 [2.40a]
Config:   SECURE_RSA_VERSION          = 24600 [2.46]
Config:   CRYPTO_MPI_BITS_PER_LIMB    = 32
Config:   SECURE_RSA_MAX_KEY_LENGTH   = 2048 bits
Config:   SECURE_RSA_HASH_FUNCTION    = SHA1
Config:   SECURE_RSA_SIGNATURE_SCHEME = PSS

Sign/Verify Performance
=======================

+----------+----------+----------+----------+
|  Modulus |  Message |     Sign |   Verify |
|    /bits |   /bytes |      /ms |      /ms |
+----------+----------+----------+----------+
|      512 |        0 |    17.36 |     1.01 |
|      512 |     1024 |    17.52 |     1.20 |
|      512 |   102400 |    34.48 |    18.18 |
+----------+----------+----------+----------+
|     1024 |        0 |    83.08 |     2.60 |
|     1024 |     1024 |    83.15 |     2.79 |
|     1024 |   102400 |   100.10 |    19.78 |
+----------+----------+----------+----------+
|     2048 |        0 |   461.00 |     8.88 |
|     2048 |     1024 |   460.67 |     9.04 |
|     2048 |   102400 |   477.67 |    26.00 |
+----------+----------+----------+----------+

Benchmark complete

STOP.

emSSL：SSL/TLSセキュア通信

テストサンプル

SSL Application Folder：

Application
 └ _Exclude
     ├ SSL  ....... emSSLライブラリのデモサンプル

Sample	説明
SSL_OS_Scan	指定WEBサーバー対応の暗号スイートをスキャンして結果を表示します
SSL_OS_SimpleWebClient	SSLクライアントから指定WEBサーバーに接続します

emSSL：ビルド・動作確認方法

プロジェクト設定では「\Application\_Exclude\SSL」フォルダはビルド対象外に設定しています。以下のどちらかの方法で動作確認を行うサンプルアプリケーションを選択します。

「\_Exclude\SSL」フォルダ下の対象テストサンプルファイルをビルド対象設定の「\Application」フォルダ下にコピーします。
「\_Exclude\SSL」フォルダ下の対象テストサンプルファイルのみ「ビルド対象外」の設定を解除します。

プロジェクトを再ビルドし、評価ボードに接続してデバッグセッションを開始します。
デバッガのIOコンソールのログ画面から結果を確認します。

テストレポート（emSSL）

Sample: SSL_OS_Scan

File: SSL_OS_Scan.c （サーバーIPアドレス設定）

#define HOST         "www.segger.com"
#define PORT         443

Debug IO Console:

5:296 emSSL - Scanning cipher suites on www.segger.com:443
6:267 emSSL - C008  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA         Received Handshake Failure alert
6:774 emSSL - C009  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA          Received Handshake Failure alert
7:261 emSSL - C023  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256       Received Handshake Failure alert
7:750 emSSL - C0AC  TLS_ECDHE_ECDSA_WITH_AES_128_CCM              Received Handshake Failure alert
8:231 emSSL - C0AE  TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8            Received Handshake Failure alert
8:724 emSSL - C02B  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256       Received Handshake Failure alert
9:233 emSSL - C00A  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA          Received Handshake Failure alert
9:722 emSSL - C024  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384       Received Handshake Failure alert
10:219 emSSL - C0AD  TLS_ECDHE_ECDSA_WITH_AES_256_CCM              Received Handshake Failure alert
10:696 emSSL - C0AF  TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8            Received Handshake Failure alert
11:171 emSSL - C02C  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384       Received Handshake Failure alert
11:656 emSSL - C048  TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256      Received Handshake Failure alert
12:135 emSSL - C05C  TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256      Received Handshake Failure alert
12:612 emSSL - C049  TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384      Received Handshake Failure alert
13:099 emSSL - C05D  TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384      Received Handshake Failure alert
13:582 emSSL - C072  TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  Received Handshake Failure alert
14:061 emSSL - C086  TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  Received Handshake Failure alert
14:554 emSSL - C073  TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  Received Handshake Failure alert
15:063 emSSL - C087  TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  Received Handshake Failure alert
15:542 emSSL - C007  TLS_ECDHE_ECDSA_WITH_RC4_128_SHA              Received Handshake Failure alert
16:021 emSSL - CCA9  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Received Handshake Failure alert
16:512 emSSL - C012  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA           Received Handshake Failure alert
17:017 emSSL - C013  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA            Received Handshake Failure alert
17:496 emSSL - C027  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256         Received Handshake Failure alert
18:374 emSSL - C02F  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256         TLS 1.2   123 ms processing,   754 ms socket,   877 ms total
18:850 emSSL - C014  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA            Received Handshake Failure alert
19:351 emSSL - C028  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384         Received Handshake Failure alert
20:225 emSSL - C030  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384         TLS 1.2   125 ms processing,   748 ms socket,   873 ms total
20:720 emSSL - C04C  TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256        Received Handshake Failure alert
21:213 emSSL - C060  TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256        Received Handshake Failure alert
21:710 emSSL - C04D  TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384        Received Handshake Failure alert
22:199 emSSL - C061  TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384        Received Handshake Failure alert
22:684 emSSL - C076  TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    Received Handshake Failure alert
23:181 emSSL - C08A  TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256    Received Handshake Failure alert
23:660 emSSL - C077  TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384    Received Handshake Failure alert
24:135 emSSL - C08B  TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384    Received Handshake Failure alert
24:624 emSSL - C011  TLS_ECDHE_RSA_WITH_RC4_128_SHA                Received Handshake Failure alert
25:469 emSSL - CCA8  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   TLS 1.2   124 ms processing,   720 ms socket,   844 ms total
25:976 emSSL - C002  TLS_ECDH_ECDSA_WITH_RC4_128_SHA               Received Handshake Failure alert
26:449 emSSL - C003  TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA          Received Handshake Failure alert
26:946 emSSL - C004  TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA           Received Handshake Failure alert
27:431 emSSL - C025  TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256        Received Handshake Failure alert
27:938 emSSL - C02D  TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256        Received Handshake Failure alert
28:437 emSSL - C005  TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA           Received Handshake Failure alert
28:914 emSSL - C026  TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384        Received Handshake Failure alert
29:407 emSSL - C02E  TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384        Received Handshake Failure alert
29:912 emSSL - C04A  TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256       Received Handshake Failure alert
30:415 emSSL - C05E  TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256       Received Handshake Failure alert
30:894 emSSL - C04B  TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384       Received Handshake Failure alert
31:373 emSSL - C05F  TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384       Received Handshake Failure alert
31:876 emSSL - C074  TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256   Received Handshake Failure alert
32:383 emSSL - C088  TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256   Received Handshake Failure alert
32:894 emSSL - C075  TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384   Received Handshake Failure alert
33:369 emSSL - C089  TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384   Received Handshake Failure alert
33:846 emSSL - C00D  TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA            Received Handshake Failure alert
34:345 emSSL - C00E  TLS_ECDH_RSA_WITH_AES_128_CBC_SHA             Received Handshake Failure alert
34:822 emSSL - C029  TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256          Received Handshake Failure alert
35:335 emSSL - C031  TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256          Received Handshake Failure alert
35:828 emSSL - C00F  TLS_ECDH_RSA_WITH_AES_256_CBC_SHA             Received Handshake Failure alert
36:301 emSSL - C02A  TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384          Received Handshake Failure alert
36:784 emSSL - C032  TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384          Received Handshake Failure alert
37:285 emSSL - C04E  TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256         Received Handshake Failure alert
37:778 emSSL - C062  TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256         Received Handshake Failure alert
38:267 emSSL - C04F  TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384         Received Handshake Failure alert
38:766 emSSL - C063  TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384         Received Handshake Failure alert
39:239 emSSL - C078  TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256     Received Handshake Failure alert
39:746 emSSL - C08C  TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256     Received Handshake Failure alert
40:233 emSSL - C079  TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384     Received Handshake Failure alert
40:708 emSSL - C08D  TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384     Received Handshake Failure alert
41:191 emSSL - C00C  TLS_ECDH_RSA_WITH_RC4_128_SHA                 Received Handshake Failure alert
41:664 emSSL - 000A  TLS_RSA_WITH_3DES_EDE_CBC_SHA                 Received Handshake Failure alert
42:173 emSSL - 0096  TLS_RSA_WITH_SEED_CBC_SHA                     Received Handshake Failure alert
42:678 emSSL - 002F  TLS_RSA_WITH_AES_128_CBC_SHA                  Received Handshake Failure alert
43:157 emSSL - 003C  TLS_RSA_WITH_AES_128_CBC_SHA256               Received Handshake Failure alert
43:652 emSSL - C09C  TLS_RSA_WITH_AES_128_CCM                      Received Handshake Failure alert
44:129 emSSL - 009C  TLS_RSA_WITH_AES_128_GCM_SHA256               Received Handshake Failure alert
44:626 emSSL - 0035  TLS_RSA_WITH_AES_256_CBC_SHA                  Received Handshake Failure alert
45:119 emSSL - 003D  TLS_RSA_WITH_AES_256_CBC_SHA256               Received Handshake Failure alert
45:616 emSSL - C09D  TLS_RSA_WITH_AES_256_CCM                      Received Handshake Failure alert
46:117 emSSL - 009D  TLS_RSA_WITH_AES_256_GCM_SHA384               Received Handshake Failure alert
46:594 emSSL - 0041  TLS_RSA_WITH_CAMELLIA_128_CBC_SHA             Received Handshake Failure alert
47:079 emSSL - 0084  TLS_RSA_WITH_CAMELLIA_256_CBC_SHA             Received Handshake Failure alert
47:574 emSSL - 00BA  TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256          Received Handshake Failure alert
48:061 emSSL - 00C0  TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256          Received Handshake Failure alert
48:566 emSSL - C07A  TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256          Received Handshake Failure alert
49:071 emSSL - C07B  TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384          Received Handshake Failure alert
49:568 emSSL - C03C  TLS_RSA_WITH_ARIA_128_CBC_SHA256              Received Handshake Failure alert
50:043 emSSL - C03D  TLS_RSA_WITH_ARIA_256_CBC_SHA384              Received Handshake Failure alert
50:552 emSSL - C050  TLS_RSA_WITH_ARIA_128_GCM_SHA256              Received Handshake Failure alert
51:059 emSSL - C051  TLS_RSA_WITH_ARIA_256_GCM_SHA384              Received Handshake Failure alert
51:556 emSSL - 0004  TLS_RSA_WITH_RC4_128_MD5                      Received Handshake Failure alert
52:041 emSSL - 0005  TLS_RSA_WITH_RC4_128_SHA                      Received Handshake Failure alert
52:042 emSSL - 
3 common cipher suites out of 92 tested

Sample: SSL_OS_SimpleWebClient

HOST: https://www.segger.com/emssl-testpage.php

Debug IO Console:

5:362 emSSL - Data: HTTP/1.1 200 OK..date: Tue, 02 Apr 2024 00:34:14 GMT..server: Apache..vary: Accept-Encoding..x-xss-protection: 1; mode=block..x-content-type-options: nosniff..x-ua-compatible: IE=edge..content-type: text/html; charset=UTF-8..strict-transport-security: max
5:363 emSSL - Data: -age=31536000; includeSubDomains; preload;..connection: close....Welcome to www.segger.com/emssl-testpage.php!...Successfully connected via SSL...Current date is 2024-04-02...Current time is 02:34:14..
5:364 emSSL - Data received, socket closed: done

STOP.

emSSH：SSH セキュアログイン

テストサンプル

SSH(Server) Application Folder： → \Application\_Exclude\SSH

Application
 └ _Exclude
     ├ SSH  ....... emSSHライブラリのデモサンプル

Sample	説明
SSH_Shell1	SSHサーバー実装方法を示す簡単なサンプル（入力文字データをECHOします）

emSSH：ビルド・動作確認方法

プロジェクト設定では「\Application\_Exclude\SSH」フォルダはビルド対象外に設定しています。

「\_Exclude\SSH」フォルダ下の動作確認を行うテストサンプルファイルをビルド対象設定の「\Application」フォルダ下にコピーします。
プロジェクトを再ビルドし、評価ボードに接続してデバッグセッションを開始します。
デバッガのIOコンソールのログ画面から結果を確認します。

テスト環境の設定：

評価ボードのLANポートをテスト用パソコンに接続して、TCP/IPネットワーク通信が正常にできることを確認してください。

テストレポート（emSSH）

Sample: SSH_Shell1 (Echo Test)

Debug IO Console:

4:024 IP_Task - DHCPc: Sending Request.
4:034 IP_Task - DHCPc: IFace 0: Using IP: 192.168.1.12, Mask: 255.255.255.0, GW: 192.168.1.1.

emSSH V2.54 - Shell1 compiled Apr  3 2024 16:19:18
Copyright (c) 2015-2021 SEGGER Microcontroller GmbH    www.segger.com

PC TeraTerm SSH Client (User name: anon / Password: 無し):

Windows MS-DOSプロンプトからの確認の場合：

前の章

MODBUS通信（TCP、RS232経由）

次の章

暗号・サイファーライブラリ

目次

OSレス環境用BSPパッケージ
第6章：セキュリティ機能の評価
評価ボード：RX72N Envision Kit

emSecure：不正改造・不正量産を防ぐセキュリティゲートウェイ

テストサンプル

関連設定ファイル（emSecure）：

emSecure：ビルド・動作確認方法

テストレポート（emSecure）

Sample: SECURE_RSA_Bench_Performance

emSSL：SSL/TLSセキュア通信

テストサンプル

関連設定ファイル（emSSL）：

emSSL：ビルド・動作確認方法

テストレポート（emSSL）

Sample: SSL_OS_Scan

Sample: SSL_OS_SimpleWebClient

emSSH：SSH セキュアログイン

テストサンプル

関連設定ファイル（emSSH）：

emSSH：ビルド・動作確認方法

テスト環境の設定：

テストレポート（emSSH）

Sample: SSH_Shell1 (Echo Test)

目次

OSレス環境用BSPパッケージ 第6章： セキュリティ機能の評価評価ボード：RX72N Envision Kit

emSecure：不正改造・不正量産を防ぐセキュリティゲートウェイ

テストサンプル

関連設定ファイル（emSecure）：

emSecure：ビルド・動作確認方法

テストレポート（emSecure）

Sample: SECURE_RSA_Bench_Performance

emSSL：SSL/TLSセキュア通信

テストサンプル

関連設定ファイル（emSSL）：

emSSL：ビルド・動作確認方法

テストレポート（emSSL）

Sample: SSL_OS_Scan

Sample: SSL_OS_SimpleWebClient

emSSH：SSH セキュアログイン

テストサンプル

関連設定ファイル（emSSH）：

emSSH：ビルド・動作確認方法

テスト環境の設定：

テストレポート（emSSH）

Sample: SSH_Shell1 (Echo Test)

OSレス環境用BSPパッケージ
第6章：セキュリティ機能の評価
評価ボード：RX72N Envision Kit