DG0516: Running the Secure Webserver on SmartFusion2 Devices Using PolarSSL, IwIP, and FreeRTOS - Libero SoC v11.7 Demo Guide

Running Secure Webserver on SmartFusion2
Devices Using PolarSSL, lwIP, and FreeRTOS
- Libero SoC v11.7
DG0516 Demo Guide
Contents
1 Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1
1.2
1.3
Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.3.1
Microsemi Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.3.2
Others . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6
6
6
6
6
2 Running Secure Webserver Demo Design on SmartFusion2 Devices Using PolarSSL,
lwIP and FreeRTOS 7
2.1
2.2
2.3
2.4
2.5
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1
Secure Webserver Demo Design Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1.1
Application Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1.1.2
Security Layer (TLS/SSL Protocol) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1.1.3
Transport Layer (lwIP TCP/IP Stack) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1.1.4
RTOS and Firmware Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Design Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Demo Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.3.1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.3.2
Demo Design Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.3.3
Demo Design Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.3.3.1
Libero SoC Hardware Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.3.3.2
SoftConsole Firmware Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Setting Up the Demo Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.4.1
Board Setup Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Running the Demo Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.5.1
Running the Secure Webserver Demo with Microsoft Internet Explorer . . . . . . . . . . . . . . . . . 23
2.5.2
Running the Secure Webserver Demo with Mozilla Firefox . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.5.2.1
Blinking LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.5.2.2
HyperTerminal Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.5.2.3
SmartFusion2 Google Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3 Appendix: Board Setup for Running the Secure Webserver . . . . . . . . . . . . . . . . . . 29
4 Appendix: Jumper Locations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
5 Appendix: Running the Design in Static IP Mode . . . . . . . . . . . . . . . . . . . . . . . . . . 31
6 Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
7 Product Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.1
7.2
7.3
7.4
7.5
Customer Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Customer Technical Support Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contacting the Customer Technical Support Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7.5.1
Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7.5.2
My Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7.5.3
Outside the U.S. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Revision 6
36
36
36
36
36
36
36
37
2
7.6
ITAR Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Revision 6
3
Figures
Figure 1.
Figure 2.
Figure 3.
Figure 4.
Figure 5.
Figure 6.
Figure 7.
Figure 8.
Figure 9.
Figure 10.
Figure 11.
Figure 12.
Figure 13.
Figure 14.
Figure 15.
Figure 16.
Figure 17.
Figure 18.
Figure 19.
Figure 20.
Figure 21.
Figure 22.
Figure 23.
Figure 24.
Figure 25.
Figure 26.
Figure 27.
Block Diagram of Secure Webserver Demo Design on SmartFusion2 . . . . . . . . . . . . . . . . . . . . . . . 8
Client Server Communication Block Diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Demo Design Files Top-Level Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Libero Top-Level Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
High Speed Serial Interface Configurator Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Example SoftConsole Project Explorer Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
TLS/SSL Handshake Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Device Manager Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
FlashPro New Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
FlashPro Project Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
FlashPro Program Passed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
User Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Microsoft Internet Explorer showing Certificate Error Warning Message . . . . . . . . . . . . . . . . . . . . 23
Main Menu of Secure Webserver in Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Mozilla Firefox showing Warning Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Add Security Exception Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Main Menu of the Secure Webserver in Mozilla Firefox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Blinking LEDs Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
HyperTerminal Display Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
String Display on PuTTY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
SmartFusion2 Google Search Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
SmartFusion2 Advanced Development Kit Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Jumper Locations in Advanced Development Kit Board . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Project Explorer Window of SoftConsole Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Project Explorer Properties Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Host PC TCP/IP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Static IP Address Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Revision 6
4
Tables
Table 1.
Table 2.
Table 3.
Table 4.
Table 5.
Design Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LED to Package Pins Assignments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PHY Interface Signals to Package Pins Assignments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Macros to Enable or Disable System Controller Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SmartFusion2 Advanced Kit Jumper Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Revision 6
10
13
14
15
18
5
Preface
1
Preface
1.1
Purpose
This demo is for SmartFusion®2 system-on-chip (SoC) field programmable gate array (FPGA) devices. It
provides instructions on how to use the corresponding reference design.
1.2
Intended Audience
This demo guide is intended for:
•
•
•
FPGA designers
Embedded designers
System-level designers
1.3
References
1.3.1
Microsemi Publications
See the following web page for a complete and up-to-date listing of SmartFusion2 device documentation:
http://www.microsemi.com/products/fpga-soc/soc-fpga/sf2docs
•
•
•
•
1.3.2
UG0331: SmartFusion2 Microcontroller Subsystem User Guide
UG0447: IGLOO2 and SmartFusion2 High Speed Serial Interfaces User Guide
Libero SoC User Guide
UG0557: SmartFusion2 SoC FPGA Advanced Development Kit User Guide
Others
The following references are used in this document:
•
•
•
PolarSSL TLS/SSL protocol: https://tls.mbed.org/
lwIP TCP/IP stack:
•
www.sics.se/~adam/lwip/
•
http://download.savannah.gnu.org/releases/lwip/
FreeRTOS™ stack: www.freeRTOS.org
Revision 6
6
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2
Running Secure Webserver Demo Design on
SmartFusion2 Devices Using PolarSSL, lwIP
and FreeRTOS
2.1
Introduction
This demo explains the Secure Webserver capabilities using transport layer security (TLS) and secure
sockets layer (SSL) protocol and tri-speed ethernet medium access controller (TSEMAC) of the
SmartFusion2 devices. This demo describes:
•
•
•
•
•
Use of SmartFusion2 Ethernet MAC connected to a serial gigabit media independent interface
(SGMII) PHY.
Integration of SmartFusion2 MAC driver with the PolarSSL library (free TLS/SSL protocol
library), lwIP TCP/IP stack and the FreeRTOS operating system.
Use of Microsemi cryptographic system services in the implementation of TLS/SSL protocol.
Implementation of the Secure Webserver application on the SmartFusion2 Advanced
Development Kit board.
Procedure to run the demo.
The microcontroller subsystem (MSS) of the SmartFusion2 device has an instance of the TSEMAC
peripheral. The TSEMAC can be configured between the host PC and the Ethernet network at the
following data transfer rates (line speeds):
•
•
•
10 Mbps
100 Mbps
1000 Mbps
See the UG0331: SmartFusion2 Microcontroller Subsystem User Guide for more information on the
TSEMAC interface for SmartFusion2 devices.
2.1.1
Secure Webserver Demo Design Overview
The Secure Webserver application supports TLS/SSL security protocol that encrypts and decrypts the
messages to secure the communication against message tampering. Communication from the Secure
Webserver ensures that the sensitive data can be translated into a secret code that is difficult to tamper
the data. The Secure Webserver demo design consists of the following layers:
•
•
•
•
Application Layer
Security Layer (TLS/SSL Protocol)
Transport Layer (lwIP TCP/IP Stack)
RTOS and Firmware Layer
Revision 6
7
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
Figure 1 shows the block diagram of the Secure Webserver demo design.
Figure 1 • Block Diagram of Secure Webserver Demo Design on SmartFusion2
$SSOLFDWLRQ/D\HU
+7736
6HFXULW\/D\HU
7/666/3URWRFRO
)UHH5726
7UDQVSRUW/D\HU
,Z,37&3,36WDFN
)LUPZDUH/D\HU
6PDUW)XVLRQ$GYDQFHG
'HYHORSPHQW.LW+:
2.1.1.1 Application Layer
The Secure Webserver application is implemented on the SmartFusion2 Advanced Development Kit
board. The application handles the HTTPS request from the client browser and transfers the static pages
to the client in response to their requests. These pages run on the client (host PC) browser. Figure 2
shows the block diagram of the connecting server (Secure Webserver application running on
SmartFusion2 device) and client (web browser running on host PC).
Figure 2 • Client Server Communication Block Diagram
(WKHUQHW
&RPPXQLFDWLRQ
+RVW3&
6PDUW)XVLRQ
7/666/&OLHQW
:HEEURZVHU
1HWZRUN
7/666/6HUYHU
$SSOLFDWLRQ
6HULDO7HUPLQDO
(PXODWLRQ
3URJUDP
6HULDO&RPPXQLFDWLRQ8$57
When the URL with IP address (for example, https://10.60.3.120) is entered in the browser, the HTTPS
request is sent to the port on the Secure Webserver. The Secure Webserver then interprets the request
and responds to the client with the requested page or resource.
Revision 6
8
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.1.1.2 Security Layer (TLS/SSL Protocol)
Internet browsers and Webservers use TLS/SSL protocol to transmit information securely. TLS/SSL
protocol is used to authenticate the server and client to establish the secure communication between
authenticated parties using encrypted messages. This protocol is layered above the transport protocol,
TCP/IP as shown in Figure 1 on page 8. This protocol provides privacy and reliability in data transfers
between the client (internet browser) and the Webserver. An Open Source PolarSSL library is used to
implement the TLS/SSL protocol for the Secure Webserver application in this demo.
See the following URLs for complete TLS/SSL protocol implementation details:
•
•
•
•
Transport Layer Security protocol Version 1.2: http://tools.ietf.org/html/rfc5246
Transport Layer Security protocol Version 1.1: http://tools.ietf.org/html/rfc4346
Transport Layer Security protocol Version 1.0: http://tools.ietf.org/html/rfc2246
Secure Sockets Layer protocol Version 3.0: http://tools.ietf.org/html/rfc6101
The PolarSSL library includes the cryptographic and TLS/SSL protocol implementations. This library
provides the application programming interface functions to implement Secure Webserver application
using the TLS/SSL protocol and the software cryptographic algorithms.
See https://polarssl.org/ for TLS/SSL protocol library source code written in C and licensing information.
2.1.1.3 Transport Layer (lwIP TCP/IP Stack)
The lwIP stack is suitable for the embedded systems because of less resource usage. It can be used with
or without the operating system. The lwIP consists of the actual implementations of the IP, ICMP, UDP,
and TCP protocols, as well as the support functions such as buffer and memory management.
For more information on the design and implementation, see the www.sics.se/~adam/lwIP/doc/lwIP.pdf.
The lwIP is available (under a BSD license) in C source-code format for download from the following
address: http://download.savannah.gnu.org/releases/lwIP/
2.1.1.4 RTOS and Firmware Layer
FreeRTOS is an open source real time operating system kernel. FreeRTOS is used in this demo to
prioritize and schedule the tasks. See http://www.freertos.org for more information and the latest source
code.
The firmware provides the software driver implementation to configure and control the following MSS
components:
•
•
•
•
•
Ethernet MAC
System controller services
MMUART
GPIO
SPI
Revision 6
9
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.2
Design Requirements
Table 1 lists the hardware and software design requirements.
Table 1 • Design Requirements
Design Requirements
Description
Hardware Requirements
SmartFusion2 Advanced Development Kit:
• 12 V adapter
• FlashPro5
• USB A to Mini-B cable
Rev A or later
RJ45 cable
–
Host PC or Laptop
Windows 64-bit Operating System
Software Requirements
Libero® System-on-Chip (SoC) for viewing the design
files
v11.7
FlashPro Programming Software
v11.7
SoftConsole
v3.4 SP1*
Host PC Drivers
USB to UART drivers
One of the following serial terminal emulation
programs:
• HyperTerminal
• TeraTerm
• PuTTY
–
Browser
Mozilla Firefox version 24 or later
Internet Explorer version 8 or later
Note: *For this tutorial, SoftConsole v3.4 SP1 is used. For using SoftConsole v4.0, see the TU0546: SoftConsole
v4.0 and Libero SoC v11.7 Tutorial.
2.3
Demo Design
2.3.1
Introduction
The demo design files are available for download from the Microsemi website:
http://soc.microsemi.com/download/rsc/?f=m2s_dg0516_liberov11p7_df
The demo design files include:
•
•
•
The Libero SoC hardware project with SoftConsole firmware project
STAPL programming file
readme.txt file
Revision 6
10
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
Figure 3 shows the top-level structure of the design files. For further details, refer to the readme.txt
file.
Figure 3 • Demo Design Files Top-Level Structure
GRZQORDGBIROGHU!
VIBVHFXUHBZHEVHUYHUBWFSBGHPRBGI
OLEHUR
VWDSOBSURJUDPPLQJBILOH
UHDGPHW[W
2.3.2
Demo Design Features
The demo has the following options:
•
•
•
2.3.3
Blinking LEDs
HyperTerminal Display
SmartFusion2 Google Search
Demo Design Description
The demo design is implemented using an SGMII PHY interface by configuring the TSEMAC for the
ten-bit interface (TBI) operation. For more information on the TSEMAC TBI interface,
see the UG0331: SmartFusion2 Microcontroller Subsystem User Guide.
The demo design comprises:
•
•
Libero SoC Hardware Project
SoftConsole Firmware Project
Revision 6
11
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.3.3.1 Libero SoC Hardware Project
Figure 4 shows the Libero SoC hardware design implementation for this demo design.
Figure 4 • Libero Top-Level Design
The Libero Hardware project uses the following SmartFusion2 MSS resources and IPs:
1.
2.
3.
4.
TSEMAC TBI interface.
MMUART_0 for RS-232 communications on the SmartFusion2 Advanced Development Kit.
General purpose input and output (GPIO): Interfaces with the light-emitting diodes (LEDs).
High speed serial interface (SERDESIF) SERDES_IF IP: Configured for SERDESIF_3 EPCS
lane3 as shown in Figure 5 on page 13.
For more information on high-speed serial interfaces, see the UG0447: IGLOO2 and SmartFusion2
High Speed Serial Interfaces User Guide.
Revision 6
12
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
Figure 5 • High Speed Serial Interface Configurator Window
5.
Cryptographic system controller services: To implement TLS/SSL protocol.
2.3.3.1.1 Package Pin Assignments
Package pin assignments for LEDs and PHY interface signals are shown in Table 2 and Table 3 on
page 14.
Table 2 lists the port names for the package pins.
Table 2 • LED to Package Pins Assignments
Port Name
Package Pin
LED_1
D26
LED_2
F26
LED_3
F27
LED_4
C26
LED_5
C28
LED_6
B27
LED_7
C27
LED_8
E26
Revision 6
13
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
Table 3 lists the port names and directions for the package pins.
Table 3 • PHY Interface Signals to Package Pins Assignments
Port Name
Direction
Package Pin
PHY_MDC
Output
F3
PHY_MDIO
Input
K7
PHY_RST
Output
F2
2.3.3.2 SoftConsole Firmware Project
Invoke the SoftConsole project using standalone SoftConsole IDE.
The following stacks are used for this demo design:
•
•
•
PolarSSL library version 1.2.8
lwIP TCP/IP stack version 1.4.1
FreeRTOS
Figure 1 on page 8 shows the block diagram of the Secure Webserver application on the SmartFusion2
devices used in this demo design.
Figure 6 shows an example SoftConsole software directory structure of the demo design.
Figure 6 • Example SoftConsole Project Explorer Window
Revision 6
14
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
The SoftConsole workspace consists of two projects.
1.
Webserver_TCP_MSS_CM3_app
This project contains the Secure Webserver application implementation using PolarSSL, LWIP, and
FreeRTOS.
The advanced encryption standard (AES) and non-deterministic random bit generator (NRBG) system services are used to implement the Secure Webserver application. The AES and NRBG can be
implemented using SmartFusion2 hardware engine or software PolarSSL library. In this demo
design, AES and NRBG are implemented using SmartFusion2 hardware engine through system services.
Table 4 • Macros to Enable or Disable System Controller Services
System Service
Macro
Macro Location
AES
#define HW_AES 1
<download_folder>\SF2_Secure_Webserver_TCP_Demo_DF\Libero\
Webserver\SoftConsole\Webserver_TCP_sb_MSS_CM3\Webserver
_TCP_sb_MSS_CM3_app\polarssl-1.2.8\include\polarssl\aes.h
NRBG
#define HW_NRBG 1 <download_folder>\SF2_Secure_Webserver_TCP_Demo_DF\Libero\
Webserver\SoftConsole\Webserver_TCP_sb_MSS_CM3\Webserver
_TCP_sb_MSS_CM3_app\polarssl-1.2.8\include\polarssl\ssl.h
Note: The system services AES and NRBG are supported for data security enabled SmartFusion2 device like
M2S0150TS. If the SmartFusion2 device is not data security enabled, disable the macros mentioned in
Table 4 to use the software PolarSSL AES and NRBG algorithms.
2.
Webserver_TCP_MSS_CM3_hw_platform
This project contains all the firmware and hardware abstraction layers that correspond to the hardware design. This project is configured as a library and is referenced by the Webserver_TCP_MSS_CM3_app application project. The contents of this folder get over-written by regenerating the root
design every time and exporting the SoftConsole firmware project in the Libero SoC software.
2.3.3.2.1 TLS/SSL Protocol Implementation using PolarSSL Library
The TLS/SSL protocol is divided into the following two protocol layers:
•
•
Handshake protocol layer
Record protocol layer
Handshake Protocol Layer
This layer consists of the following sub protocols:
•
•
•
Handshake: Used to negotiate session information between the server and the client. The
session information includes session ID, peer certificates, the cipher spec, the compression
algorithm, and a shared secret code that is used to generate required keys.
Change Cipher spec: Used to change the key used for encryption between the client and the
server. The key is computed from the information exchanged during the client-server
handshake.
Alert: Alert messages are generated during the client-server handshake to report an error or a
change in status to the peer.
Revision 6
15
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
Figure 7 shows the overview of the TLS/SSL handshake procedure. See http://tools.ietf.org/html/rfc5246
for detailed information on handshake protocol, record protocol, and cryptographic algorithms.
Figure 7 • TLS/SSL Handshake Procedure
&OLHQW+RVW3&±:HE%URZVHU
6HUYHU6PDUW)XVLRQ'HYLFH
&OLHQW+HOOR
&U\SWRJUDSKLF,QIRUPDWLRQ
6HUYHU+HOOR
6HUYHU&HUWLILFDWHNH\([FKDQJH&OLHQW&HUWLILFDWH5HTXHVW
6HUYHU+HOOR'RQH
&OLHQWFHUWLILFDWH&OLHQWNH\([FKDQJH&KDQJH&LSKHU6SHF
6HQGV6HFUHWNH\,QIRUPDWLRQ(QFU\SWHGZLWK6HUYHU3XEOLF.H\
&OLHQW)LQLVKHG
&KDQJH&LSKHU6SHF6HUYHU)LQLVKHG
([FKDQJH(QFU\SWHG0HVVDJHV
Record Protocol Layer
The record protocol receives and encrypts data from the application and transfers to the transport layer.
The record protocol fragments the received data to a size appropriate to the cryptographic algorithm and
optionally compresses the data. The protocol applies a MAC or HMAC and encrypts or decrypts the data
using the information negotiated during the handshake protocol.
Revision 6
16
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.4
Setting Up the Demo Design
The following steps describe how to setup the demo for SmartFusion2 Advanced Development Kit board:
1.
2.
Connect the host PC to the J33 Connector using the USB A to mini-B cable. The USB to UART
bridge drivers are automatically detected.
From the detected four COM ports, select the one which location on its Properties window must be
as on USB FP5 Serial Converter C. Make a note of the COM port number for serial port
configuration and ensure that the COM port Location is specified as on USB FP5 Serial Converter
C, as shown in Figure 8.
Figure 8 • Device Manager Window
3.
4.
If USB drivers are not detected automatically, install the USB driver.
For serial terminal communication through the FTDI mini USB cable, install the FTDI D2XX driver.
Download the drivers and installation guide from:
www.microsemi.com/soc/documents/CDM_2.08.24_WHQL_Certified.zip
Revision 6
17
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
5.
Connect the jumpers on the SmartFusion2 Advanced Development Kit board as shown in Table 5.
For information on jumper locations, refer to "Appendix: Jumper Locations" on page 30.
Caution: Switch OFF the power supply switch, SW7, before making the jumper connections.
Table 5 • SmartFusion2 Advanced Kit Jumper Settings
Jumper
Pin (From)
Pin (To)
Comments
J116, J353, J354, J54 1
2
J123
2
3
These are the default jumper settings of the Advanced Dev
Kit board. Ensure these jumpers are set accordingly.
J124, J121, J32
1
2
JTAG programming via FTDI
J118, J119
1
2
Programming SPI Flash
6.
7.
2.4.1
In the SmartFusion2 Advanced Development Kit, connect the power supply to the J42 connector.
This design example can run in both Static IP and Dynamic IP modes. By default, programming files
are provided for dynamic IP mode.
•
For static IP, connect the host PC to the J21 connector of the SmartFusion2 Advanced
Development Kit board using an RJ45 cable.
•
For dynamic IP, connect any one of the open network ports to the J21 connector of the
SmartFusion2 Advanced Development Kit board using an RJ45 cable.
Board Setup Snapshot
Snapshots of the SmartFusion2 Advanced Development Kit board with all the setup made is given in
"Appendix: Board Setup for Running the Secure Webserver" on page 29.
2.5
Running the Demo Design
The following steps describe how to run the demo design:
1.
Download the demo design from:
http://soc.microsemi.com/download/rsc/?f=m2s_dg0516_liberov11p7_df
2. Switch ON the SW7 power supply switch.
3. Start any serial terminal emulation program such as:
•
HyperTerminal
•
PuTTY
•
TeraTerm
Note: In this demo PuTTY is used.
The configuration for the program is:
•
Baud Rate: 115200
•
Eight data bits
•
One stop bit
•
No Parity
•
No flow control
For information on configuring the serial terminal emulation programs, refer to the
Configuring Serial Terminal Emulation Programs Tutorial.
4.
5.
Launch the FlashPro software.
Click New Project.
Revision 6
18
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
6.
In the New Project window, enter the project name as shown in Figure 9.
Figure 9 • FlashPro New Project
7.
8.
9.
10.
Click Browse and navigate to the location where the project is required to be saved.
Select Single device as the Programming mode.
Click OK to save the project.
Click Configure Device.
Revision 6
19
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
11. Click Browse and navigate to the location where the Webserver_tcp_top_Secure_Demo.stp
file is located and select the file. The default location is: <download_folder>\
SF2_Secure_Webserver_TCP_Demo_DF\Stapl_ProgrammingFile\Webserver_tcp_top_Secure_De
mo.stp
The required programming file is selected and is ready to be programmed in the device, as shown in
Figure 10.
Figure 10 • FlashPro Project Configured
Revision 6
20
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
12. Click PROGRAM to start programming the device. Wait until a message is displayed, indicating that
the program has passed.
Figure 11 • FlashPro Program Passed
Note: The demo can be run in static and dynamic modes. To run the design in Static IP mode, follow the steps
mentioned in the "Appendix: Running the Design in Static IP Mode" on page 31.
Revision 6
21
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
13. Power cycle the SmartFusion2 Advanced Development Kit board.
A welcome message with the dynamic IP address is displayed in the serial terminal emulation
program, as shown in Figure 12.
Figure 12 • User Options
14. The IP address displayed on PuTTY should be entered in the address bar of the browser to run the
Secure Webserver. If the IP address is 10.60.3.120, enter https://10.60.3.120 in the address bar of
the browser. This demo supports both Microsoft Internet Explorer and Mozilla Firefox browsers.
Revision 6
22
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.5.1
Running the Secure Webserver Demo with Microsoft
Internet Explorer
The following steps describe how to run the secure webserver demo with Microsoft Internet explorer:
1.
Open the Microsoft Internet Explorer and type the URL (for example, https://10.60.3.120) in the
address bar. The browser shows a warning message as shown in Figure 13.
Figure 13 • Microsoft Internet Explorer showing Certificate Error Warning Message
2.
Click Continue to this website (not recommended) to start secure communication with the
Webserver. The Microsoft Internet Explorer displays the main menu of the Secure Webserver, as
shown in Figure 14.
Figure 14 • Main Menu of Secure Webserver in Internet Explorer
Revision 6
23
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.5.2
Running the Secure Webserver Demo with Mozilla
Firefox
The following steps describe how to run the Secure Webserver Demo with Mozilla Firefox:
1.
Open the Mozilla Firefox browser and enter the URL (for example, https://10.60.3.120) in the
address bar. The browser shows a warning message, as shown in Figure 15.
Figure 15 • Mozilla Firefox showing Warning Message
2.
Select I Understand the Risks and click Add Exception….
Revision 6
24
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
3.
Click Confirm Security Exception in Add Security Exception window, as shown in Figure 16, to
start secure communication with the Webserver.
Figure 16 • Add Security Exception Window
Note: Adding security exception for the IP Address is required for first-time browsing only.
Revision 6
25
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
4.
The Mozilla Firefox browser displays the main menu, as shown in Figure 17.
Figure 17 • Main Menu of the Secure Webserver in Mozilla Firefox
The main menu has the following options:
•
Blinking LEDs
•
HyperTerminal Display
•
SmartFusion2 Google Search
Note: These options can be verified using either Microsoft Internet Explorer or Mozilla Firefox web browsers. In
this demo, the options are demonstrated using Mozilla Firefox web browser.
2.5.2.1 Blinking LEDs
1.
Click Blinking LEDs on the main menu. You can observe a running LED pattern on the
SmartFusion2 board. The webpage gives an option to enter the values to blink the LEDs manually
as shown in Figure 18.
Figure 18 • Blinking LEDs Page
Revision 6
26
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.
Enter any number between 1-255 to lit the LEDs manually. For example, if you enter 1, blinking
LED1 goes OFF. If you enter 255, all the eight blinking LEDs go OFF.
3. Click Home to return to the main menu.
Note: SmartFusion2 Advanced Development Kit has Active Low LEDs.
2.5.2.2 HyperTerminal Display
1.
Click HyperTerminal Display on the main menu. Figure 19 shows a webpage that gives an option
to enter a string value.
Figure 19 • HyperTerminal Display Page
The entered string is displayed on PuTTY, as shown in Figure 20.
Figure 20 • String Display on PuTTY
2.
Click Go Back One Page (arrow button) or Home to go back to the main menu.
Revision 6
27
Running Secure Webserver Demo Design on SmartFusion2 Devices Using
PolarSSL, lwIP and FreeRTOS
2.5.2.3 SmartFusion2 Google Search
1. Click SmartFusion2 Google Search on the main menu.
Note: Internet connection is required with proper access rights to get to the SmartFusion2 Google Search
page.
Figure 21 shows a web page with Google search.
Figure 21 • SmartFusion2 Google Search Page
2.
Click Home to go back to the main menu.
Revision 6
28
Appendix: Board Setup for Running the Secure Webserver
3
Appendix: Board Setup for Running the
Secure Webserver
Figure 22 shows the board setup for running the demo on the SmartFusion2 Advanced Development Kit
board.
Figure 22 • SmartFusion2 Advanced Development Kit Setup
Revision 6
29
Appendix: Jumper Locations
4
Appendix: Jumper Locations
Figure 23 shows the jumper locations in the SmartFusion2 Advanced Development Kit board.
Figure 23 • Jumper Locations in Advanced Development Kit Board
R1217
R318
R362
Y11
DS20
2
H1
DS21
J124
C604
J121
J125
DS0
DS1
DS2
9
J32
J60
19
2
20
J38
1
19
R162
R330 C596
R260
U34
U23
C1
H1
R255
C600
C332
U25
TP3
TP7 TP20
R155
TP4
R283
R282
C697 C696
J123
J29
U59
U31
H40
10
J37
20
R161
R279
R278
R276
D7
C40
1
J36
C610
J28
C638
R304
U24
SW1
2
SW4
B
TP16
R267 DS16
R151 R147
SW3
A
TP35
J119
B
SW2
R277
C698
D8
R148
1
DS3
DS4
DS5
DS7
DS6
R222
R224
A
B
R306
C636
R305
C637
TP21
TP9
R152
TP12
J351
D9
C593
DS18
DS19
1
A
R366
B
DS17 R292
DS25
1
R253
DS23
2
3
DS29
R354
R1216
1 2 3 4 5 6 7 8
R369
R338
6
A
DS24
3
2
J116
DS22
R364
R159
R158
R316
R314
Y12
R307
U5
R337
R47
R48
R308
C640
U3
R336
U7
U35
R363 R361
C467
C460
C455
U13
TP10 TP22
U32
C647
R310
R335
SW5
R272
C608
R149
C328
R150
C645
C646
C644
C641
C642
A1
C691
TP11
C630
A1
A1
U2
TP68
TP41
R346
R220
C109
C150
C236
C235
C199
C159
C116
C465
C119
C161
C562 C233
C197
C118
C163
R213 R209
R266
A1
C468
C519
R1213
Y4
C371
TP74
R211
C153
C156
Y3
R1214
R1212 R1208
R1210 R1207
R1215
R1209
C554
C394
C521
U6
TP60
R210
TP53
C476
J118
TP73
C211
C210
C213
C212
C136
C135
C138
C137
C140
C139
C142
C141
C173
C172
C175
C174
C177
C176
C179
C178
C216
C215
C92
C91
C94
C93
C96
C95
C484
R78
C471
C530
C528
C526
C625
J353
R332
R351
R352
R355
R356
TP70 TP64 R217
TP66
A1
CON1
B1
R353
R160
C382
TP27
MH2
C518
C599
U4
TP29
J354
TP26
Y20
C517
C643 C648
R311
R309
C705
J13
TP62
C671
C674
U60
C704
R375
R1211
C463
C422
R344
R345
J10
C113
C129
R54
R55
R69
TP49
C220
TP67
C362
TP56 R70
C360
TP58
C361
TP72
C359 R378
U1
TP77 C374
L6
J12
J6
R286
L5
TP28
C702
R288
R74R72
J18 R73 R71
J17
C624
R343
SW7
5
TP17 R281
R280
R300
U26
U27
R808
U9
R131
U11
C672
R840
R841
R842
R126
R373 R294
C699
R374
R289
A1
R134
C315
R138
C701
C700
R130
R125
R133
U10
A1
C703
R143
R137
R139
R141
U12
J23
J16
C324
C325
U49
C606
R396
TP1
R127
CR2
CR1
R136
C323
C316
5
C164
R298
1
P1
R140
R142
DS26
TP2
C673
R111
R112
C605
R977
R973
R974
R1518
C292
C330
C331
C257
C246
C283 R81
R76
Y2
R293 R303 R75
J15
U37
R114 C306
C282
R113
J21
J4
U58
J11
J9
J5
J7
D15
U8
C626
C313
R79
R839
C302
C314
R92
R91
R94
R93
R95
R96
R121
R120
R115
R110
R109
R108
R106
R107
R156 R372
R98
R97
C307 C308 C297 C295
C293
C98
J22
C378
TP15
R104
R105
R99
U62
R50
C214
TP24 R46
J20
R100
TP71 TP46
C181
C148 R64 C183
R60
TP54
TP33 TP57
TP39
R59
TP50
TP69 R58 C144
C146
TP42
TP44
TP76
R216
C102
C100
R42 TP40
R41
TP38
C103
TP36
TP51 C209
R40
C294
A1
C296
C89
C90
C305
C304
TP75
R218
TP78
R331
J14
C303
TP48
TP31 R63
4
R313
C692
J8
R290
R291
U28
L4
J19
C1575
C1574
C1573
C1572
C1566
D13
R327
TP30
J42
R301
J350
J54
R5484 R5483
R334
C1579
D14
R333
D10
R328
R326
U36
A1
A40
TP32
R270
R978
R975
R976
R199
R198
R197
R194
R193
R192
R179
R178
R177
DS11
DS12
DS13
DS14
DS8
DS9
DS10
MH1
U17
C623
L3
Y6
U162
DS28
J30
C926
R116
R117
R118
R119
R101
R102
R103
U19
CR3
J352
R1519 R295
C628
K1
K40
R257
R986
R984
R985
R983
R191
R190
R189
R188
R184
R183
R182
R181
C255
DS27
CR4
R196
U18
R163 C358 C357
X1
U16
5
C592
C351
1
J33
B
LED9
R164
R167
R325
R168
R169
C668
R170
C666
R166
C667
R165
R171
R329
R172
C670
TP23 TP14
R173
R174
R176
R175
B1
C595 R243
J34
A
A1
SW6
B32
Note:
•
•
•
Jumpers highlighted in red are set by default.
Jumpers highlighted in green must be set manually.
The location of the jumpers in Figure 23 are searchable.
Revision 6
30
Appendix: Running the Design in Static IP Mode
5
Appendix: Running the Design in Static IP
Mode
The following steps describe how to run the design in Static IP mode:
1.
Right-click the Webserver_TCP_MSS_CM3_app in the Project Explorer window of SoftConsole
project and select Properties, as shown in Figure 24.
Figure 24 • Project Explorer Window of SoftConsole Project
Revision 6
31
Appendix: Running the Design in Static IP Mode
Figure 25 shows removing the symbol NET_USE_DHCP in the Tool Settings tab of the Properties for
Webserver_TCP_MSS_CM3_app window.
Figure 25 • Project Explorer Properties Window
Revision 6
32
Appendix: Running the Design in Static IP Mode
If the device is connected in Static IP mode, the board static IP address is 169.254.1.23, then change
the host TCP/IP settings to reflect the IP address. Figure 26 shows host PC TCP/IP settings.
Figure 26 • Host PC TCP/IP Settings
Revision 6
33
Appendix: Running the Design in Static IP Mode
Figure 27 shows Static IP address settings.
Figure 27 • Static IP Address Settings
Once these settings are made, build the design. See "Running the Demo Design" section on page 18 to
execute the design in static IP mode, if the SmartFusion2 device is already programmed with
Webserver_TCP_top_Secure_Demo.stp file.
Note: To run the application in debug mode, FlashPro4 JTAG programmer is required.
Revision 6
34
Revision History
6
Revision History
The following table shows important changes made in this document for each revision.
Revision
Changes
Revision 6
(March 2016)
Updated the document for Libero v11.7 software release (SAR 76931).
Revision 5
(November 2015)
Updated "SoftConsole Firmware Project" section (SAR 73518).
Revision 4
(October 2015)
Updated the document for Libero v11.6 software release (SAR 72058).
Revision 3
(March 2015)
Updated the document for Libero v11.5 software release (SAR 63973).
Revision 2
(September 2014)
Updated the document for Libero v11.4 software release (SAR 60685).
Revision 1
(April 2014)
Initial release.
Revision 6
35
Product Support
7
Product Support
Microsemi SoC Products Group backs its products with various support services, including Customer
Service, Customer Technical Support Center, a website, electronic mail, and worldwide sales offices.
This appendix contains information about contacting Microsemi SoC Products Group and using these
support services.
7.1
Customer Service
Contact Customer Service for non-technical product support, such as product pricing, product upgrades,
update information, order status, and authorization.
From North America, call 800.262.1060
From the rest of the world, call 650.318.4460
Fax, from anywhere in the world, 408.643.6913
7.2
Customer Technical Support Center
Microsemi SoC Products Group staffs its Customer Technical Support Center with highly skilled
engineers who can help answer your hardware, software, and design questions about Microsemi SoC
Products. The Customer Technical Support Center spends a great deal of time creating application
notes, answers to common design cycle questions, documentation of known issues, and various FAQs.
So, before you contact us, please visit our online resources. It is very likely we have already answered
your questions.
7.3
Technical Support
For Microsemi SoC Products Support, visit
http://www.microsemi.com/products/fpga-soc/design-support/fpga-soc-support.
7.4
Website
You can browse a variety of technical and non-technical information on the Microsemi SoC Products
Group home page, at http://www.microsemi.com/products/fpga-soc/fpga-and-soc.
7.5
Contacting the Customer Technical Support
Center
Highly skilled engineers staff the Technical Support Center. The Technical Support Center can be
contacted by email or through the Microsemi SoC Products Group website.
7.5.1
Email
You can communicate your technical questions to our email address and receive answers back by email,
fax, or phone. Also, if you have design problems, you can email your design files to receive assistance.
We constantly monitor the email account throughout the day. When sending your request to us, please
be sure to include your full name, company name, and your contact information for efficient processing of
your request.
The technical support email address is [email protected].
7.5.2
My Cases
Microsemi SoC Products Group customers may submit and track technical cases online by going to My
Cases.
Revision 6
36
Product Support
7.5.3
Outside the U.S.
Customers needing assistance outside the US time zones can either contact technical support via email
([email protected]) or contact a local sales office. Visit About Us for sales office listings and
corporate contacts.
7.6
ITAR Technical Support
For technical support on RH and RT FPGAs that are regulated by International Traffic in Arms
Regulations (ITAR), contact us via [email protected]. Alternatively, within My Cases, select Yes
in the ITAR drop-down list. For a complete list of ITAR-regulated Microsemi FPGAs, visit the ITAR web
page.
Revision 6
37
Microsemi Corporation (Nasdaq: MSCC) offers a comprehensive portfolio of semiconductor
and system solutions for communications, defense & security, aerospace and industrial
markets. Products include high-performance and radiation-hardened analog mixed-signal
integrated circuits, FPGAs, SoCs and ASICs; power management products; timing and
synchronization devices and precise time solutions, setting the world's standard for time; voice
processing devices; RF solutions; discrete components; Enterprise Storage and
Communication solutions, security technologies and scalable anti-tamper products; Ethernet
solutions; Power-over-Ethernet ICs and midspans; as well as custom design capabilities and
services. Microsemi is headquartered in Aliso Viejo, Calif, and has approximately 4,800
employees globally. Learn more at www.microsemi.com.
Microsemi Corporate
Headquarters
One Enterprise, Aliso Viejo,
CA 92656 USA
Within the USA: +1 (800) 713-4113
Outside the USA: +1 (949) 380-6100
Sales: +1 (949) 380-6136
Fax: +1 (949) 215-4996
E-mail: [email protected]
© 2016 Microsemi Corporation. All
rights reserved. Microsemi and the
Microsemi logo are trademarks of
Microsemi Corporation. All other
trademarks and service marks are the
property of their respective owners.
Microsemi makes no warranty, representation, or guarantee regarding the information contained herein or
the suitability of its products and services for any particular purpose, nor does Microsemi assume any
liability whatsoever arising out of the application or use of any product or circuit. The products sold
hereunder and any other products sold by Microsemi have been subject to limited testing and should not
be used in conjunction with mission-critical equipment or applications. Any performance specifications are
believed to be reliable but are not verified, and Buyer must conduct and complete all performance and
other testing of the products, alone and together with, or installed in, any end-products. Buyer shall not rely
on any data and performance specifications or parameters provided by Microsemi. It is the Buyer's
responsibility to independently determine suitability of any products and to test and verify the same. The
information provided by Microsemi hereunder is provided “as is, where is” and with all faults, and the entire
risk associated with such information is entirely with the Buyer. Microsemi does not grant, explicitly or
implicitly, to any party any patent rights, licenses, or any other IP rights, whether with regard to such
information itself or anything described by such information. Information provided in this document is
proprietary to Microsemi, and Microsemi reserves the right to make any changes to the information in this
document or to any products and services at any time without notice.
50200516-6/03.16