Common procedures
The following procedures are applicable to building any NanoSSH Client example code or integrated application: - Adding TrustCore SDK Code to a Development Environment (below) - Building a NanoSSH Client Executable - Initializing TrustCore SDK Code
Adding TrustCore SDK Code to a Development Environment
The first step to building TrustCore SDK code is to add it to the application’s development environment.
To add TrustCore SDK code to an application’s development environment: 1. 2. a .zzz extension so that it will not be blocked by email clients. 3.
If upgrading from an existing TrustCore SDK implementation, back up the existing mss directories and files. In particular, ensure that the existing mss/src/common/moptions.h file can be easily retrieved.
If the distribution package ZIP file has a .zzz extension, rename it to .zip.
The ZIP file, distributed as ANSI C source (.c and .h files), is sent through email as an attachment with a .zzz extension so that it will not be blocked by email clients.
Extract the distribution package ZIP file to any directory retaining the original directory structure.
The following table lists a typical directory structure that is created under the mss installation directory:
Directory | Purpose |
---|---|
/bin | Executable output from cmake project builds |
/docs | Product and user’s guides |
/make | Model makefiles |
/obj | Default location for Makefile/compiler output |
/src/asn1 | ASN.1 (abstract syntax notation one) X509v3 certificate parser |
/src/common | Code used by multiple TrustCore SDK components; for example, math, logging, error codes, and debugging |
/src/crypto | Cryptography-related TrustCore SDK code, including authentication, asymmetric, symmetric, and HMAC code |
/src/crypto/mocasymkeys/mbed | Asymmetric functions for interfacing with mbedTLS library. Requires Export edition |
/src/crypto/mocasymkeys/oqs | Asymmetric functions for interfacing with Open Quantum Safe library |
/src/crypto/mocasymkeys/tap | Asymmetric functions TAP code |
/src/crypto_interface | Cryptography-related abstraction layer for authentication, asymmetric, symmetric, and HMAC code |
/src/examples | TrustCore SDK sample code |
/src/harness | Hardware acceleration harness code |
/src/platform | Porting abstraction layer |
/src/<product-name> | Product-specific source code; a separate directory for each Nano- solution or TrustCore SDK product |
/projects/asn1 | CMake project for building asn1 source files |
/projects/common | CMake project for building common source files |
/project/crypto | CMake project for building cryptography source code. This directory includes nanocap_oqs, nanocap_mbed, cryptointerface, and nanocrypto |
/projects/initialize | CMake project for building initialization source files |
/project/nanocap | CMake project for building CPA source files |
/projects/nanocert | CMake project for building x509 certificate management source files |
/projects/nanossh | CMake project for building NanoSSH client |
/projects/nanotap2 | CMake project for building TAP source files |
/projects/nanotap2_common | CMake project for building TAP common source files |
/projects/nanotap2_configparser | CMake project for building TAP configuration source files |
/projects/smp_tpm2 | CMake project for building TPM 2.0 SMP source files |
/projects/tpm2 | CMake projects for building TPM 2.0 interface source files |
Become familiarized with the code by looking through the directory structure, examining the makefiles, and scanning the source code.
Building a NanoSSH Client Executable
If using an IDE instead of command line make files, do not use the following procedure. Instead, use the IDE’s build mechanism to create the TrustCore SDK NanoSSH Client executable. - Because of the multiplicity of IDEs and environments, it is beyond the scope of this document to provide build instructions for them; however, many IDEs include support for creating makefile projects with existing code. For information about setting up such a project, refer to the documentation for the IDE.
To build a NanoSSH Client executable: 1. Change to the directory into which the TrustCore SDK code was extracted. The directory should contain the mss directory and the subdirectories that are listed in Table 1. 2. Run the appropriate command to build the desired product executable. For NanoSSH Client, the command is: ./scripts/nanossh/ssh_client/build_ssh_client_ncrypto.sh
For Suite B editions of NanoSSH Client, the command is:
./scripts/nanossh/ssh_client/build_ssh_client_ncrypto.sh --suiteb
Initializing TrustCore SDK Code
Applications should perform the common TrustCore SDK initialization and shutdown work, as shown in the src/examples/mocana_example.c sample module. In particular, make the following function calls and perform the following procedures: - MOCANA_initMocana — Initialize the TrustCore SDK common code base (logging, random number generator, and so on). - MOCANA_initLog — Optionally, register a callback function to the TrustCore SDK logging system. - Create threads for all required TrustCore SDK component servers (e.g., the NanoSec IKE server). - Implement a status-checking loop that runs and sleeps as long as an application running flag is true. - MOCANA_freeMocana — Release memory that was allocated by MOCANA_initMocana.