feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6844 from gojimmypi/Espressif-client-server-example

Browse Source 
Espressif ESP32 Benchmark, Test, TLS 1.3 Client & Server Updates
This commit is contained in:
JacobBarthelmeh
2023-12-05 14:20:02 -07:00
committed by GitHub
parent 223d8c9a10 fb77319758
commit 7753e3db8a
70 changed files with 7033 additions and 1913 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -421,6 +421,7 @@ user_settings_asm.h
# Espressif sdk config default should be saved in sdkconfig.defaults
# we won't track the actual working sdkconfig files
/IDE/Espressif/**/sdkconfig
/IDE/Espressif/**/sdkconfig.old
# auto-created CMake backups
**/CMakeLists.txt.old

40
IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
View File

@@ -1,15 +1,24 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
cmake_minimum_required(VERSION 3.16)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
# This tag is used to include this file in the ESP Component Registry:
# __ESP_COMPONENT_SOURCE__
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
@@ -38,6 +47,27 @@ if(APPLE)
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(wolfssl_template)

3
IDE/Espressif/ESP-IDF/examples/template/README.md
View File

@@ -40,6 +40,9 @@ echo "Run export.sh from ${WRK_IDF_PATH}"
# build the example:
idf.py build
# optionally erase the flash
idf.py erase-flash -p /dev/ttyS19 -b 115200
# flash the code onto the serial device at /dev/ttyS19
idf.py flash -p /dev/ttyS19 -b 115200

259
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
View File

@@ -19,6 +19,8 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@@ -26,72 +28,7 @@ cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# Check to see if we're already in wolfssl, and only if WOLFSSL_ROOT not specified
if ("${WOLFSSL_ROOT}" STREQUAL "")
# wolfssl examples are 7 directories deep from wolfssl repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in wolfssl examples!
get_filename_component(WOLFSSL_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using wolfSSL example with root ${WOLFSSL_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for wolfssl. (8 directories up, then down one)
#
# For example wolfSSL examples:
# C:\workspace\wolfssl-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssl_benchmark\components\wolfssl
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssl
#
# 1 2 3 4 5 6 7 8
set(THIS_RELATIVE_PATH "../../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
endif()
endif()
# search other possible locations
if ("${WOLFSSL_ROOT}" STREQUAL "")
# there's not a hard-coded WOLFSSL_ROOT value above, so let's see if we can find it.
if( "$ENV{WOLFSSL_ROOT}" STREQUAL "" )
message(STATUS "Environment Variable WOLFSSL_ROOT not set. Will search common locations.")
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@@ -108,78 +45,162 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the wolfssl component, and other
# components that may depend on wolfssl, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssl repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "wolfssl" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for wolfssl will be in a user-clone called "wolfssl-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssl-${THIS_USER} directory.")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl-${THIS_USER}" ABSOLUTE)
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in user-suffix ${WOLFSSL_ROOT}")
else()
# If there's not a user-clone called "wolfssl-[username]",
# perhaps there's simply a git clone called "wolfssl"?
message(STATUS "Did not find wolfssl-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in standard ${WOLFSSL_ROOT}")
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find wolfssl in ${WOLFSSL_ROOT}")
endif()
endif()
set(${RESULT} "" PARENT_SCOPE)
endif()
endfunction()
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
# there's an environment variable, so use it.
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}")
if( EXISTS "${WOLFSSL_ROOT}" )
get_filename_component(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if("${FOUND_WOLFSSL}")
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
# end of search for wolfssl component root
else()
# There's already a value assigned; we won't search for anything else.
message(STATUS "Found user-specified WOLFSSL_ROOT value.")
endif() # WOLFSSL_ROOT user defined
# After all the logic above, does our WOLFSSL_ROOT actually exist?
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
else()
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}. Try setting environment variable or git clone.")
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# loop through all the parents, looking for wolfssl
while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
return()
endif()
endif()
# Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
# if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
# Move up one directory level
set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
# If not found, set the output variable to empty before exiting
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
endfunction()
# Example usage:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "NEW wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
"\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -278,7 +299,12 @@ else()
# next check if there's a [root]/include/config.h
if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
message(FATAL_ERROR "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h")
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
@@ -361,6 +387,14 @@ else()
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${EXCLUDE_ASM}\""
)
@@ -405,6 +439,7 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION

313
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
View File

@@ -19,13 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <sdkconfig.h> /* essential to chip set detection */
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
@@ -38,6 +33,7 @@
** CONFIG_IDF_TARGET_ESP32C6
*/
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -47,6 +43,9 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
@@ -54,6 +53,13 @@
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
@@ -67,11 +73,10 @@
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
/* when you want to use SINGLE THREAD */
#define SINGLE_THREADED
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
@@ -79,25 +84,36 @@
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
/* Reminder: ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
/* Optional OPENSSL compatibility */
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@@ -111,21 +127,28 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* rsa primitive specific definition */
/* RSA primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 32
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 9
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -134,64 +157,272 @@
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#define HASH_SIZE_LIMIT /* for test.c */
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/* optionally use SP_MATH */
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
#define HAVE_WC_INTROSPECTION
/* allows for all version info, even that suppressed with introspection */
#define ALLOW_BINARY_MISMATCH_INTROSPECTION
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines for SW: */
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#else
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
#define WOLFSSL_HW_METRICS
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif

37
IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
View File

@@ -1,11 +1,36 @@
# This tag is used to include this file in the ESP Component Registry:
# __ESP_COMPONENT_SOURCE__
# wolfSSL Espressif Example Project/main CMakeLists.txt
# v1.0
#
# wolfssl client test
# wolfssl template
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -20,8 +45,8 @@ endif()
## register_component()
idf_component_register(SRCS main.c
INCLUDE_DIRS "." "./include")
#
INCLUDE_DIRS "."
"./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)

8
IDE/Espressif/ESP-IDF/examples/template/main/main.c
View File

@@ -38,6 +38,12 @@ void app_main(void)
esp_ShowExtendedSystemInfo();
#endif
#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
esp_hw_show_metrics();
#endif
ESP_LOGI(TAG, "\n\nDone!"
"If running from idf.py monitor, press twice: Ctrl+]");
"If running from idf.py monitor, press twice: Ctrl+]\n\n"
"WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
);
}

31
IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv Normal file
View File

@@ -0,0 +1,31 @@
# to view: idf.py partition-table
#
# ESP-IDF Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs, data, nvs, 0x9000, 24K,
phy_init,data, phy, 0xf000, 4K,
factory, app, factory, 0x10000, 1500K,
# For other settings, see:
# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
#
# Here is the summary printed for the "Single factory app, no OTA" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x6000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
#
#
# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x4000,
# otadata, data, ota, 0xd000, 0x2000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
# ota_0, app, ota_0, 0x110000, 1M,
# ota_1, app, ota_1, 0x210000, 1M,
Can't render this file because it contains an unexpected character in line 13 and column 39.

35
IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults Normal file
View File

@@ -0,0 +1,35 @@
CONFIG_FREERTOS_HZ=1000
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
#
# Default main stack size
#
# This is typically way bigger than needed for stack size. See user_settings.h
#
CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
# Legacy stack size for older ESP-IDF versions
CONFIG_MAIN_TASK_STACK_SIZE=10500
#
# Compiler options
#
CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
CONFIG_COMPILER_HIDE_PATHS_MACROS=y
CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
CONFIG_COMPILER_STACK_CHECK=y
#
# Partition Table
#
# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
# CONFIG_PARTITION_TABLE_TWO_OTA is not set
# CONFIG_PARTITION_TABLE_CUSTOM is not set
CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
CONFIG_PARTITION_TABLE_OFFSET=0x8000
CONFIG_PARTITION_TABLE_MD5=y
# end of Partition Table

23
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
View File

@@ -1,6 +1,27 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
cmake_minimum_required(VERSION 3.16)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
# Optionally specify a location for wolfSSL component source code
# set(WOLFSSL_ROOT "c:/test/blogtest/wolfssl" )
include($ENV{IDF_PATH}/tools/cmake/project.cmake)

75
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
View File

@@ -1,6 +1,59 @@
# wolfSSL Benchmark Example
The Example contains of wolfSSL benchmark program.
This ESP32 example uses the [wolfSSL wolfcrypt Benchmark Application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/benchmark).
For general information on wolfSSL examples for Espressif, see the
[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
## Espressif ESP Component Registry
See the wolfSSL namespace at [components.espressif.com](https://components.espressif.com/components?q=wolfssl)
## Windows COM Port
All of these examples use COM20 on Windows. The DOS `change port` command can be use to assign any
other local port to `COM20` as needed:
```
change port com20=com23
```
## VisualGDB
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
Individual project files are included for convenience to new users,
as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/)
using the VisualGDB extension.
The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
-------- |------------- |------------- |
ChipSet | ESP-IDF v4.4 | ESP-IDF v5.0 |
-------- |------------- |------------- |
ESP32 | x | |
ESP32-S2 | | |
ESP32-S3 | x | x |
ESP32-C3 | x | x |
ESP32-C6 | | |
The default directories are:
- `C:\SysGCC` - The root directory install of VisualGDB
- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
- `C:\SysGCC\esp8266`- The default for ESP8266
Windows ports assigned with the `change port` command may not appear in the VisualGDB dropdowns but can still
be used when manually typed.
See the [feature request](https://sysprogs.com/w/forums/topic/feature-request-show-windows-change-port-results-in-com-port-dropdown-lists/).
## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -22,17 +75,21 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
Example build on WSL:
```
Optionally install wolfSSL component
# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
./setup.sh
Optionally update toolchain
cd /mnt/c/SysGCC/esp32/esp-idf/master
git fetch
git pull
git submodule update --init --recursive
cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
# Pick ESP-IDF install directory, this one for v5.0 in VisualGDB
. /mnt/c/SysGCC/esp32/esp-idf/v5.0/export.sh
idf.py set-target ESP32C3
idf.py build flash -p /dev/ttyS20 -b 921600 monitor
idf.py build flash -p /dev/ttyS20 -b 115200 monitor
```
## Example Output
@@ -42,7 +99,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
--- idf_monitor on /dev/ttyS7 115200 ---
@@ -186,5 +243,5 @@ compilation terminated.
A 'clean` may be needed after freshly installing a new component:
```
idf.py clean build flash -p /dev/ttyS7 -b 921600 monitor
idf.py clean build flash -p /dev/ttyS7 -b 115200 monitor
```

53
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
View File

@@ -19,7 +19,7 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.0.009 for FIND_WOLFSSL_DIRECTORY
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@@ -50,9 +50,9 @@ message(STATUS "THIS_USER = ${THIS_USER}")
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of wolfSSL:
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-gojimmypi")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
@@ -145,6 +145,12 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
endfunction()
# Example usage:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
@@ -173,16 +179,28 @@ else()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
"\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -281,7 +299,12 @@ else()
# next check if there's a [root]/include/config.h
if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
message(FATAL_ERROR "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h")
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
@@ -311,6 +334,7 @@ else()
endif() #else not an ESP-IDF component
endif() # else not local copy and EDP-IDF wolfSSL
# RTOS_IDF_PATH is typically:
# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
# depending on the environment, we may need to swap backslashes with forward slashes
@@ -330,6 +354,7 @@ else()
endif()
endif()
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
@@ -338,6 +363,7 @@ else()
"\"${RTOS_IDF_PATH}/\""
)
if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
endif()
@@ -345,6 +371,8 @@ else()
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
set(COMPONENT_SRCEXCLUDE
"\"${WOLFSSL_ROOT}/src/bio.c\""
"\"${WOLFSSL_ROOT}/src/conf.c\""
@@ -359,6 +387,14 @@ else()
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${EXCLUDE_ASM}\""
)
@@ -388,7 +424,7 @@ else()
PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
)
# some optional diagnostics
if (0)
if (1)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
@@ -403,8 +439,11 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION
# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
message(STATUS "")

356
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
View File

@@ -19,23 +19,21 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
*/
#include <sdkconfig.h>
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -45,10 +43,22 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
/* #define DEBUG_WOLFSSL_VERBOSE */
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
@@ -61,22 +71,41 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
@@ -97,20 +126,28 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* RSA primitive specific definition */
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 2000
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
#define RSA_LOW_MEM
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -121,48 +158,293 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#define ESP_RSA_TIMEOUT_CNT 0x349F00
/* hash limit for test.c */
#define HASH_SIZE_LIMIT
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/* #define WOLFSSL_SP_RISCV32 */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* when you want not to use HW acceleration on ESP32 (below for S3, etc */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* ESP32-S2 disabled by default; not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* when you want not to use HW acceleration on ESP32-S3 */
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* ESP32-C3 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C6 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* ESP32-H2 disabled by default, not implemented */
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8684)
/* There's no Hardware Acceleration available on ESP8684 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP8684 *****/
#else
/* anything else unknown will have HW disabled by default */
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
/* Pause in a loop rather than exit. */
#define WOLFSSL_ESPIDF_ERROR_PAUSE
#define WOLFSSL_HW_METRICS
/* for test.c */
/* #define HASH_SIZE_LIMIT */
/* Optionally turn off HW math checks */
/* #define NO_HW_MATH_TEST */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
/* See settings.h for some of the possible hardening options:
*
* #define NO_ESPIDF_DEFAULT
* #define WC_NO_CACHE_RESISTANT
* #define WC_AES_BITSLICED
* #define HAVE_AES_ECB
* #define HAVE_AES_DIRECT
*/

7
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
View File

@@ -1,10 +1,9 @@
#
# wolfssl benchmark test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(COMPONENT_SRCS main.c)
set(COMPONENT_SRCS "main.c")
set(COMPONENT_ADD_INCLUDEDIRS ".")
set (git_cmd "git")
@@ -19,7 +18,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
register_component()
idf_component_register(SRCS main.c
INCLUDE_DIRS "."
"./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)

7
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h → IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
View File

@@ -1,4 +1,3 @@
#pragma once
/* benchmark main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
@@ -20,10 +19,12 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _MAIN_
#define _MAIN_
void app_main(void);
/* see wolfssl/wolfcrypt/benchmark/benchmark.h */
extern void wolf_benchmark_task();
#endif

84
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
View File

@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
@@ -26,13 +27,19 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/benchmark/benchmark.h>
/* set to 0 for one benchmark,
** set to 1 for continous benchmark loop */
#define BENCHMARK_LOOP 1
/* check BENCH_ARGV in sdkconfig to determine need to set WOLFSSL_BENCH_ARGV */
#ifdef CONFIG_BENCH_ARGV
#define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
@@ -67,6 +74,8 @@ static const char* const TAG = "wolfssl_benchmark";
static byte mSlotList[ATECC_MAX_SLOT];
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
/* initialize slot array */
void my_atmel_slotInit()
{
@@ -183,51 +192,18 @@ int construct_argv()
/* entry point */
void app_main(void)
{
int stack_start = 0;
ESP_LOGI(TAG, "---------------- wolfSSL Benchmark Example ------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
ESP_LOGI(TAG, "");
ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
ESP_LOGI(TAG, "");
#ifdef HAVE_VERSION_EXTENDED_INFO
esp_ShowExtendedSystemInfo();
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32C3)
/* not available for C3 at this time */
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "app_main CONFIG_BENCH_ARGV = %s", WOLFSSL_BENCH_ARGV);
/* when using atecc608a on esp32-wroom-32se */
@@ -251,15 +227,37 @@ void app_main(void)
/* although wolfCrypt_Init() may be explicitly called above,
** note it is still always called in wolf_benchmark_task.
*/
wolf_benchmark_task();
/* wolfCrypt_Cleanup should always be called at completion,
** and is called in wolf_benchmark_task().
*/
stack_start = uxTaskGetStackHighWaterMark(NULL);
do {
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
wolf_benchmark_task();
ESP_LOGI(TAG, "Stack used: %d\n",
stack_start - uxTaskGetStackHighWaterMark(NULL));
#ifdef WOLFSSL_HW_METRICS_DISABLED/* Remove _DISABLED upon #6990 Merge */
esp_hw_show_metrics();
#endif
} while (BENCHMARK_LOOP);
/* Reminder: wolfCrypt_Cleanup should always be called at completion,
** and is called in wolf_benchmark_task(). */
#if defined(SINGLE_THREADED)
/* need stack monitor for single thread */
#else
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
#endif
ESP_LOGI(TAG, "\n\nDone!\n\n"
"If running from idf.py monitor, press twice: Ctrl+]");
/* after the test, we'll just wait */
while (1) {
/* nothing */
/* do something other than nothing to help next program/debug session*/
#ifndef SINGLE_THREADED
vTaskDelay(1000);
#endif
}
#endif /* NO_CRYPT_BENCHMARK */

7
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
View File

@@ -1,6 +1,3 @@
# This tag is used to include this file in the ESP Component Registry:
# __ESP_COMPONENT_SOURCE__
# to view: idf.py partition-table
#
# ESP-IDF Partition Table
@@ -13,7 +10,7 @@ factory, app, factory, 0x10000, 1500K,
# For other settings, see:
# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
#
# Here is the summary printed for the <EFBFBD>Single factory app, no OTA<EFBFBD> configuration:
# Here is the summary printed for the "Single factory app, no OTA" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
@@ -22,7 +19,7 @@ factory, app, factory, 0x10000, 1500K,
# factory, app, factory, 0x10000, 1M,
#
#
# Here is the summary printed for the <EFBFBD>Factory app, two OTA definitions<EFBFBD> configuration:
# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
Can't render this file because it contains an unexpected character in line 13 and column 39.

91
IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
View File

@@ -1,11 +1,96 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
cmake_minimum_required(VERSION 3.16)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# (Not part of the boilerplate)
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
# disable the following line if there isn't the directory
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
endif()
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(wolfssl_client)

45
IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
View File

@@ -2,6 +2,14 @@
The Example contains of wolfSSL tls client demo.
## VisualGDB
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
## ESP-IDF Commandline
1. `idf.py menuconfig` to config the project
1-1. Example Configuration ->
@@ -24,4 +32,41 @@ When you want to test the wolfSSL client
e.g. Launch ./examples/server/server -v 4 -b -i -d
## SM Ciphers
#### Working Linux Client to ESP32 Server
Command:
```
cd /mnt/c/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_server
. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
idf.py flash -p /dev/ttyS19 -b 115200 monitor
```
```
cd /mnt/c/workspace/wolfssl-gojimmypi
./examples/client/client -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
Output:
```text
SSL version is TLSv1.3
SSL cipher suite is TLS_SM4_GCM_SM3
SSL curve name is SM2P256V1
I hear you fa shizzle!
```
#### Linux client to Linux server:
```
./examples/client/client -h 127.0.0.1 -v 4 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/server/server -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
See the README.md file in the upper level 'examples' directory for more information about examples.

512
IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md Normal file
View File

@@ -0,0 +1,512 @@
# SM Cipher Notes
### Install SM
```
cd /mnt/c/workspace/wolfsm-$USER
./install.sh ../wolfssl-$USER
```
### Build Linux SM Examples
```
./autogen.sh
./configure --enable-sm3 --enable-sm4-gcm --enable-sm2 \
--enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
--enable-sm4-gcm --enable-sm4-ccm
make clean && make
```
### TLS 1.3 Server
```
./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
### TLS 1.3 Client
```
./examples/client/client -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
### TLS 1.2 Client to Local Linux Server
```
./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
-c ./certs/sm2/client-sm2.pem \
-k ./certs/sm2/client-sm2-priv.pem \
-A ./certs/sm2/root-sm2.pem -C
```
### TLS 1.2 Client to ESP32 Server
```
./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
-c ./certs/sm2/client-sm2.pem \
-k ./certs/sm2/client-sm2-priv.pem \
-A ./certs/sm2/root-sm2.pem -C
```
### Others...
```
# Success: Linux Client to ESP32 Server TLS1.2
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
# Success: Linux Client to ESP32 Server TLS1.3
# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
```
ESP32-to-ESP32
TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
```
Tried both PEM and DER format.
The latest server is PEM format, triple-checked to have the embedded server
be the same as the Linux server files.
| Usage | Certificate | Key | Certificate Authority file, default ./certs/client-cert.pem |
| ----- | ---------------------------------- | ----------------------------------- | --------------------------------- |
| server | -c ./certs/sm2/server-sm2.pem | -k ./certs/sm2/server-sm2-priv.pem | -A ./certs/sm2/client-sm2.pem -V |
| client | -c ./certs/sm2/client-sm2.pem | -k ./certs/sm2/client-sm2-priv.pem | -A ./certs/sm2/root-sm2.pem -C |
| emdedded:
| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2 |
### Code
See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
![code](./code.png)
### Linux client talking to embedded server:
```
/examples/client/client -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
wolfSSL_connect error -188, ASN no signer error to confirm failure
wolfSSL error: wolfSSL_connect failed
```
Output:
```
ets Jul 29 2019 12:21:46
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:7000
load:0x40078000,len:15452
ho 0 tail 12 room 4
load:0x40080400,len:3840
entry 0x4008064c
I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
I (29) boot: compile time 13:40:31
I (29) boot: chip revision: v3.0
I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
I (39) boot.esp32: SPI Speed : 40MHz
I (44) boot.esp32: SPI Mode : DIO
I (48) boot.esp32: SPI Flash Size : 2MB
I (53) boot: Enabling RNG early entropy source...
I (58) boot: Partition Table:
I (62) boot: ## Label Usage Type ST Offset Length
I (69) boot: 0 nvs WiFi data 01 02 00009000 00006000
I (77) boot: 1 phy_init RF data 01 01 0000f000 00001000
I (84) boot: 2 factory factory app 00 00 00010000 00177000
I (92) boot: End of partition table
I (96) boot_comm: chip revision: 3, min. application chip revision: 0
I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h ( 16) load
I (533) boot: Loaded app from partition at offset 0x10000
I (533) boot: Disabling RNG early entropy source...
I (545) cpu_start: Pro cpu up.
I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
I (532) cpu_start: App cpu up.
I (561) cpu_start: Pro cpu start user code
I (561) cpu_start: cpu freq: 160000000 Hz
I (561) cpu_start: Application information:
I (566) cpu_start: Project name: wolfssl_server
I (571) cpu_start: App version: v5.6.3-stable-1088-g560c84b2b-d
I (578) cpu_start: Compile time: Jul 19 2023 22:20:09
I (585) cpu_start: ELF file SHA256: 3e6e571c9e87bf44...
I (591) cpu_start: ESP-IDF: v5.0-dirty
I (596) heap_init: Initializing. RAM available for dynamic allocation:
I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
I (636) spi_flash: detected chip: generic
I (639) spi_flash: flash io: dio
W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the
size in the binary image header.
I (657) cpu_start: Starting scheduler on PRO CPU.
I (0) cpu_start: Starting scheduler on APP CPU.
I (725) tls_server: ESP_WIFI_MODE_STA
I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
I (735) system_api: Base MAC address is not set
I (735) system_api: read default base MAC address from EFUSE
I (755) wifi:wifi firmware version: 0d470ef
I (755) wifi:wifi certification version: v7.0
I (755) wifi:config NVS flash: enabled
I (755) wifi:config nano formating: disabled
I (755) wifi:Init data frame dynamic rx buffer num: 32
I (765) wifi:Init management frame dynamic rx buffer num: 32
I (765) wifi:Init management short buffer num: 32
I (775) wifi:Init dynamic tx buffer num: 32
I (775) wifi:Init static rx buffer size: 1600
I (775) wifi:Init static rx buffer num: 10
I (785) wifi:Init dynamic rx buffer num: 32
I (785) wifi_init: rx ba win: 6
I (795) wifi_init: tcpip mbox: 32
I (795) wifi_init: udp mbox: 6
I (795) wifi_init: tcp mbox: 6
I (805) wifi_init: tcp tx win: 5744
I (805) wifi_init: tcp rx win: 5744
I (815) wifi_init: tcp mss: 1440
I (815) wifi_init: WiFi IRAM OP enabled
I (815) wifi_init: WiFi RX IRAM OP enabled
I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
I (935) wifi:enable tsf
I (935) tls_server: wifi_init_sta finished.
I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
I (945) wifi:state: init -> auth (b0)
I (945) wifi:state: auth -> assoc (0)
I (955) wifi:state: assoc -> run (10)
W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
I (995) wifi:pm start, type: 1
I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
I (3225) tls_server: got ip:192.168.1.108
I (3235) Time Helper: sntp_setservername:
I (3235) Time Helper: pool.ntp.org
I (3245) Time Helper: time.nist.gov
I (3245) Time Helper: utcnist.colorado.edu
I (3255) Time Helper: sntp_init done.
TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
I (3315) wolfssl: Start wolfSSL_Init()
I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
I (3325) wolfssl: start socket())
I (3335) wolfssl: Create and initialize WOLFSSL_CTX
I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
I (3365) tls_server: Start SM2
I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
I (3435) wolfssl: Loading certificate...
I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
I (3445) wolfssl: wolfSSL Entering PemToDer
I (3455) wolfssl: Checking cert signature type
I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
I (3465) wolfssl: Got Cert Header
I (3475) wolfssl: wolfSSL Entering GetObjectId
I (3475) wolfssl: Got Algo ID
I (3475) wolfssl: Getting Name
I (3485) wolfssl: Getting Cert Name
I (3485) wolfssl: Getting Name
I (3495) wolfssl: Getting Cert Name
I (3495) wolfssl: Got Subject Name
I (3495) wolfssl: wolfSSL Entering GetAlgoId
I (3505) wolfssl: wolfSSL Entering GetObjectId
I (3505) wolfssl: wolfSSL Entering GetObjectId
I (3515) wolfssl: Got Key
I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
I (3535) tls_server: Loaded server_sm2
I (3535) wolfssl: Loading key info...
I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
I (3545) wolfssl: wolfSSL Entering PemToDer
I (3555) wolfssl: wolfSSL Entering GetAlgoId
I (3555) wolfssl: wolfSSL Entering GetObjectId
I (3565) wolfssl: wolfSSL Entering GetAlgoId
I (3565) wolfssl: wolfSSL Entering GetObjectId
I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
I (3595) wolfssl: Processing CA PEM file
I (3595) wolfssl: wolfSSL Entering PemToDer
I (3605) wolfssl: Adding a CA
I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
I (3615) wolfssl: Got Cert Header
I (3625) wolfssl: wolfSSL Entering GetObjectId
I (3625) wolfssl: Got Algo ID
I (3635) wolfssl: Getting Name
I (3635) wolfssl: Getting Cert Name
I (3635) wolfssl: Getting Name
I (3645) wolfssl: Getting Cert Name
I (3645) wolfssl: Got Subject Name
I (3655) wolfssl: wolfSSL Entering GetAlgoId
I (3655) wolfssl: wolfSSL Entering GetObjectId
I (3665) wolfssl: wolfSSL Entering GetObjectId
I (3665) wolfssl: Got Key
I (3665) wolfssl: Parsed Past Key
I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
I (3675) wolfssl: wolfSSL Entering GetObjectId
I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
I (3685) wolfssl: wolfSSL Entering GetObjectId
I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
I (3705) wolfssl: wolfSSL Entering GetObjectId
I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
I (3715) wolfssl: wolfSSL Entering GetObjectId
I (3715) wolfssl: wolfSSL Entering DecodeAltNames
I (3725) wolfssl: Unsupported name type, skipping
I (3725) wolfssl: wolfSSL Entering GetObjectId
I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
I (3735) wolfssl: wolfSSL Entering GetObjectId
I (3745) wolfssl: wolfSSL Entering GetObjectId
I (3745) wolfssl: wolfSSL Entering GetObjectId
I (3755) wolfssl: Parsed new CA
I (3755) wolfssl: No key size check done on CA
I (3765) wolfssl: Freeing Parsed CA
I (3765) wolfssl: Freeing der CA
I (3775) wolfssl: OK Freeing der CA
I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
I (3785) wolfssl: Processed a CA
I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
I (3795) tls_server: Success: load verify buffer
I (3805) tls_server: Finish SM2
I (3805) tls_server: accept clients...
I (3815) wolfssl: Waiting for a connection...
I (14485) wolfssl: wolfSSL Entering wolfSSL_new
I (14495) wolfssl: wolfSSL Entering ReinitSSL
I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
I (14545) wolfssl: wolfSSL Entering ReinitSSL
I (14545) wolfssl: growing input buffer
I (14555) wolfssl: received record layer msg
I (14555) wolfssl: got HANDSHAKE
I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
I (14575) wolfssl: processing client hello
I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
I (14595) wolfssl: wolfSSL Entering DoClientHello
I (14595) wolfssl: downgrading to TLSv1.2
I (14605) wolfssl: Matched No Compression
I (14605) wolfssl: Adding signature algorithms extension
I (14615) wolfssl: Signature Algorithms extension received
I (14615) wolfssl: Point Formats extension received
I (14625) wolfssl: Supported Groups extension received
I (14625) wolfssl: Unknown TLS extension type
I (14635) wolfssl: Unknown TLS extension type
I (14635) wolfssl: wolfSSL Entering MatchSuite
I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
I (14645) wolfssl: Requires ECC
I (14655) wolfssl: Verified suite validity
I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
I (14685) wolfssl: Shrinking input buffer
I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
I (14705) wolfssl: wolfSSL Entering SendServerHello
I (14705) wolfssl: growing output buffer
I (14715) internal.c: GrowOutputBuffer ok
I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
I (14725) wolfssl: Point Formats extension to write
W (14735) wolfio: ssl->wflags = 0
I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57
I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8
I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20
I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58
I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00
I (14765) wolfio: 06 00 0b 00 02 01 00
W (14775) wolfio: sz = 87
I (14775) wolfssl: Shrinking output buffer
I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
I (14785) wolfssl: accept state SERVER_HELLO_SENT
I (14795) wolfssl: wolfSSL Entering SendCertificate
I (14795) wolfssl: growing output buffer
I (14805) internal.c: GrowOutputBuffer ok
W (14815) wolfio: ssl->wflags = 0
I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30
I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30
I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b
I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06
I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30
I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31
I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53
I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06
I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c
I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d
I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16
I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f
I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01
I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33
I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31
I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30
I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03
I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e
I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14
I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c
I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53
I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55
I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e
I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01
I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c
I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2
I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30
I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c
I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f
I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa
I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f
I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0
I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30
I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b
I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f
I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb
I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30
I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06
I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06
I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07
I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04
I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83
I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d
I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3
I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1
I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f
I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68
W (15135) wolfio: sz = 747
I (15135) wolfssl: Shrinking output buffer
I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
I (15145) wolfssl: accept state CERT_SENT
I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
I (15165) wolfssl: accept state CERT_STATUS_SENT
I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
I (15175) wolfssl: Using ephemeral ECDH
I (15175) wolfssl: wolfSSL Entering EccMakeKey
I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
I (15535) wolfssl: Trying ECC private key, RSA didn't work
I (15535) wolfssl: wolfSSL Entering GetAlgoId
I (15545) wolfssl: wolfSSL Entering GetObjectId
I (15555) wolfssl: Using ECC private key
I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
I (15925) wolfssl: growing output buffer
I (15925) internal.c: GrowOutputBuffer ok
W (15925) wolfio: ssl->wflags = 0
I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5
I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3
I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f
I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27
I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08
I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad
I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac
I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a
I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c
I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6
W (15995) wolfio: sz = 154
I (16005) wolfssl: Shrinking output buffer
I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
I (16025) wolfssl: accept state CERT_REQ_SENT
I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
I (16035) wolfssl: growing output buffer
I (16035) internal.c: GrowOutputBuffer ok
W (16045) wolfio: ssl->wflags = 0
I (16045) wolfio: 16 03 03 00 04 0e 00 00 00
W (16045) wolfio: sz = 9
I (16055) wolfssl: Embed Send error
I (16055) wolfssl: Connection reset
I (16065) int: Sent = -3
W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
E (16075) int: SOCKET_ERROR_E 2
I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
I (16085) wolfssl: wolfSSL error occurred, error = -308
I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
E (16085) tls_server: wolfSSL_accept error -308
I (16105) wolfssl: Client connected successfully
I (16105) wolfssl: wolfSSL Entering wolfSSL_read
I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
I (16125) wolfssl: wolfSSL Entering ReceiveData
I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
E (16145) tls_server: ERROR: failed to read
I (16145) wolfssl: Client sends:
I (16145) wolfssl:
I (16155) wolfssl: wolfSSL Entering wolfSSL_write
I (16155) wolfssl: handshake not complete, trying to finish
I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
I (16175) wolfssl: wolfSSL Entering ReinitSSL
W (16185) wolfio: ssl->wflags = 0
I (16185) wolfio: 16 03 03 00 04 0e 00 00 00
W (16185) wolfio: sz = 9
I (16195) wolfssl: Embed Send error
I (16195) wolfssl: General error
I (16205) int: Sent = -1
E (16205) int: SOCKET_ERROR_E
I (16205) wolfssl: wolfSSL error occurred, error = -308
I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
E (16225) tls_server: ERROR: failed to write
I (16235) wolfssl: wolfSSL Entering wolfSSL_free
I (16235) wolfssl: Free'ing server ssl
I (16245) wolfssl: Shrinking output buffer
I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
I (16255) wolfssl: wolfSSL_FreeSession full free
I (16265) wolfssl: CTX ref count not 0 yet, no free
I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
I (16275) wolfssl: Waiting for a connection...
```
### Wireshark:
![wireshark](./wireshark.png)

52
IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md Normal file
View File

@@ -0,0 +1,52 @@
# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
-------- |------------- |------------- |
ChipSet | ESP-IDF v4.4 | ESP-IDF v5.0 |
-------- |------------- |------------- |
ESP32 | x | |
ESP32-S2 | | |
ESP32-S3 | x | x |
ESP32-C3 | x | x |
ESP32-C6 | | |
The default directories are:
- `C:\SysGCC` - The root directory install of VisualGDB
- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
- `C:\SysGCC\esp8266`- The default for ESP8266
## Resources
- [wolfSSL Website](https://www.wolfssl.com/)
- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
## Support
For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
<-- edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->

31
IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln
View File

@@ -1,31 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.33027.164
MinimumVisualStudioVersion = 10.0.40219.1
Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_client", "VisualGDB_wolfssl_client.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|VisualGDB = Debug|VisualGDB
Release|VisualGDB = Release|VisualGDB
Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {D510376F-F313-4EF6-8EF5-248D1949DFEB}
EndGlobalSection
EndGlobal

56
IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln Normal file
View File

@@ -0,0 +1,56 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.6.33829.357
MinimumVisualStudioVersion = 10.0.40219.1
Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_client_IDF_v5_ESP32", "wolfssl_client_IDF_v5_ESP32.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfssl", "wolfssl", "{5D78034B-FAE6-4B8D-8003-EC2B0993F286}"
ProjectSection(SolutionItems) = preProject
..\..\..\..\..\..\wolfssl\error-ssl.h = ..\..\..\..\..\..\wolfssl\error-ssl.h
EndProjectSection
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{53267705-B3FE-418C-975D-CD898BAF1F46}"
ProjectSection(SolutionItems) = preProject
..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
EndProjectSection
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{A51226B3-88A7-4463-B443-0E321C4A3D53}"
ProjectSection(SolutionItems) = preProject
..\..\..\..\..\..\..\my_private_config.h = ..\..\..\..\..\..\..\my_private_config.h
..\partitions_singleapp_large.csv = ..\partitions_singleapp_large.csv
..\README.md = ..\README.md
..\sdkconfig = ..\sdkconfig
..\build\VisualGDB\Debug\config\sdkconfig.cmake = ..\build\VisualGDB\Debug\config\sdkconfig.cmake
..\sdkconfig.defaults = ..\sdkconfig.defaults
..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h
EndProjectSection
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|VisualGDB = Debug|VisualGDB
Release|VisualGDB = Release|VisualGDB
Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(NestedProjects) = preSolution
{53267705-B3FE-418C-975D-CD898BAF1F46} = {5D78034B-FAE6-4B8D-8003-EC2B0993F286}
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {BA06FD8D-BEFD-429B-9F82-B6F34B43272E}
EndGlobalSection
EndGlobal

20
IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj → IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
View File

@@ -1,5 +1,5 @@
<?xml version="1.0"?>
<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
@@ -18,9 +18,9 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>11.2.0</GCC>
<GDB>9.2.90</GDB>
<Revision>2</Revision>
<GCC>12.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
</ToolchainID>
<RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>release/v5.0</Version>
<Subdirectory>esp-idf/v5.0</Subdirectory>
<Version>release/v5.1</Version>
<Subdirectory>esp-idf/v5.1</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM20</COMPort>
<COMPort>COM19</COMPort>
<SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
<UseCCache>false</UseCCache>
<DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
<ComPortName>COM20</ComPortName>
<ComPortName>COM19</ComPortName>
<AdvancedSettings>
<BaudRate>115200</BaudRate>
<DataBits>8</DataBits>
@@ -104,7 +104,7 @@
</Connection>
<LastConnectionTime>0</LastConnectionTime>
<EchoTypedCharacters>false</EchoTypedCharacters>
<ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
<ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
<ReconnectAutomatically>false</ReconnectAutomatically>
<DisplayMode>ASCII</DisplayMode>
<Colors>
@@ -220,7 +220,7 @@
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
<CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
<CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />

291
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
View File

@@ -19,7 +19,7 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.3.001
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@@ -28,102 +28,7 @@ cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of wolfSSL:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-gojimmypi")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# TODO
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# Check to see if we're already in wolfssl, and only if WOLFSSL_ROOT not specified
if ("${WOLFSSL_ROOT}" STREQUAL "")
# wolfssl examples are 7 directories deep from wolfssl repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in wolfssl examples!
get_filename_component(WOLFSSL_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using wolfSSL example with root ${WOLFSSL_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for wolfssl. (8 directories up, then down one)
#
# For example wolfSSL examples:
# C:\workspace\wolfssl-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssl_benchmark\components\wolfssl
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssl
#
# 1 2 3 4 5 6 7 8
set(THIS_RELATIVE_PATH "../../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
endif()
endif()
# search other possible locations
if ("${WOLFSSL_ROOT}" STREQUAL "")
# there's not a hard-coded WOLFSSL_ROOT value above, so let's see if we can find it.
if( "$ENV{WOLFSSL_ROOT}" STREQUAL "" )
message(STATUS "Environment Variable WOLFSSL_ROOT not set. Will search common locations.")
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@@ -140,77 +45,157 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the wolfssl component, and other
# components that may depend on wolfssl, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssl repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "wolfssl" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for wolfssl will be in a user-clone called "wolfssl-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssl-${THIS_USER} directory.")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl-${THIS_USER}" ABSOLUTE)
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in user-suffix ${WOLFSSL_ROOT}")
else()
# If there's not a user-clone called "wolfssl-[username]",
# perhaps there's simply a git clone called "wolfssl"?
message(STATUS "Did not find wolfssl-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in standard ${WOLFSSL_ROOT}")
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find wolfssl in ${WOLFSSL_ROOT}")
endif()
endif()
set(${RESULT} "" PARENT_SCOPE)
endif()
endfunction()
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
# there's an environment variable, so use it.
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}")
if( EXISTS "${WOLFSSL_ROOT}" )
get_filename_component(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if("${FOUND_WOLFSSL}")
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
# end of search for wolfssl component root
else()
# There's already a value assigned; we won't search for anything else.
message(STATUS "Found user-specified WOLFSSL_ROOT value.")
endif() # WOLFSSL_ROOT user defined
# After all the logic above, does our WOLFSSL_ROOT actually exist?
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
else()
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}. Try setting environment variable or git clone.")
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# loop through all the parents, looking for wolfssl
while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
return()
endif()
endif()
# Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
# if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
# Move up one directory level
set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
# If not found, set the output variable to empty before exiting
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
endfunction()
# Example usage:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "NEW wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
# TODO: Make this a universal makefile that detects if benchmark / test needed
# Sometimes problematic with SM; consider gating detection.
#"\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
#"\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
@@ -314,9 +299,12 @@ else()
# next check if there's a [root]/include/config.h
if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
message(FATAL_ERROR "Found stray wolfSSL config.h in "
"${WOLFSSL_ROOT}/include/config.h "
" (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h )")
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
@@ -399,6 +387,14 @@ else()
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${EXCLUDE_ASM}\""
)
@@ -443,6 +439,7 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION

473
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
View File

@@ -19,21 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This is the user_settings.h file for the wolfssl_client TLS example.
* For application-specific settings, please see client-tls.h file */
#include <sdkconfig.h> /* essential to chip set detection */
/* optional timezone used when setting time */
#define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
/* #define SHOW_SSID_AND_PASSWORD */ /* remove this to not show in startup log */
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
@@ -46,6 +33,7 @@
** CONFIG_IDF_TARGET_ESP32C6
*/
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -55,64 +43,25 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
#if defined(CONFIG_IDF_TARGET_ESP32)
/* HW Enabled by default for ESP32. To disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* HW Disabled by default for ESP32-S2. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* HW Enabled by default for ESP32. To disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* HW Disabled by default for ESP32-C3. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* HW Disabled by default for ESP32-C6. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* HW Disabled by default for ESP32-H2. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#else
/* HW Disabled by default for all other ESP32-[?]. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
@@ -124,45 +73,44 @@
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* when you want to use SHA224 */
/* #define WOLFSSL_SHA224 */
#define NO_OLD_TLS
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
/* #define WOLFSSL_SHA3 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
#define HAVE_ED25519 /* ED25519 requires SHA512 */
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* optional DH */
/* #define PROJECT_DH */
#ifdef PROJECT_DH
#define HAVE_DH
#define HAVE_FFDHE_2048
#endif
/* when you want to use aes counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@@ -177,22 +125,28 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* RSA primitive specific definition */
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 36
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
/* #define WOLFSSL_ESP32_HW_LOCK_DEBUG */
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -201,86 +155,251 @@
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
/* see esp_ShowExtendedSystemInfo in esp32-crypt.h for startup log info */
#define HASH_SIZE_LIMIT /* for test.c */
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
/* debug options */
/* #define ESP_VERIFY_MEMBLOCK */
#define WOLFSSL_HW_METRICS
/* #define DEBUG_WOLFSSL_VERBOSE */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#else
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
#define WOLFSSL_HW_METRICS
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number Multiplication:
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number Modular Exponentiation:
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number Modular Multiplication
** [Z = X × Y mod M] in esp_mp_mulmod() */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* this is known to fail in TFM: */
/* #define HONOR_MATH_USED_LENGTH */
/* this is known to fail in TFM */
/* #define CHECK_MP_READ_UNSIGNED_BIN */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm */
/* Uncomment this section to enable SM
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
/* see https://github.com/wolfSSL/wolfssl/pull/6537
*
* see settings.h for other features turned on with SM4 ciphers.
*/
#undef USE_CERT_BUFFERS_1024
#define USE_CERT_BUFFERS_1024
#undef WOLFSSL_SM4_ECB
#define WOLFSSL_SM4_ECB
#undef WOLFSSL_SM4_CBC
#define WOLFSSL_SM4_CBC
#undef WOLFSSL_SM4_CTR
#define WOLFSSL_SM4_CTR
#undef WOLFSSL_SM4_GCM
#define WOLFSSL_SM4_GCM
#undef WOLFSSL_SM4_CCM
#define WOLFSSL_SM4_CCM
#define HAVE_POLY1305
#define HAVE_CHACHA
#undef HAVE_AESGCM
#define HAVE_AESGCM
#undef HAVE_ECC
#define HAVE_ECC
/* see https://github.com/wolfSSL/wolfssl/pull/6825 */
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
@@ -290,25 +409,10 @@
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
/*
* SM optional cipher suite settings:
*
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-CCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CCM-SM3"
*/
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3:" \
"TLS13-SM4-CCM-SM3:" \
"TLS-SM4-GCM-SM3:" /* not a valid command-line cipher */ \
"TLS-SM4-CCM-SM3:" /* not a valid command-line cipher */ \
"ECDHE-ECDSA-SM4-CBC-SM3:" \
"ECDHE-ECDSA-SM4-GCM-SM3:" \
"ECDHE-ECDSA-SM4-CCM-SM3"
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
/* default settings */
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
@@ -320,61 +424,4 @@
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
/*
* Optional Cipher Suite Specification
*
* nothing defined, default used = "TLS13-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-CHACHA20-POLY1305-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS_CHACHA20_POLY1305_SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS_SM4_CCM_SM3"
*/
#endif
#undef HAVE_ECC
#define HAVE_ECC
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* #define NO_HW_MATH_TEST */
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/* use SP_MATH */
/*
#undef USE_FAST_MATH
#define WOLFSSL_SP_MATH_ALL
*/
/* use integer heap math */
/*
#undef USE_FAST_MATH
#define USE_INTEGER_HEAP_MATH
*/
/* optionally use DPORT_ACCESS_READ_BUFFER */
/*
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
*/

41
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
View File

@@ -1,12 +1,36 @@
# wolfSSL Espressif Example Project/main CMakeLists.txt
# v1.0
#
# wolfssl client test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,7 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
register_component()
## register_component()
idf_component_register(SRCS main.c
wifi_connect.c
time_helper.c
client-tls.c
INCLUDE_DIRS "."
"./include")
#
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)

10
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
View File

@@ -1,9 +1,15 @@
menu "Example Configuration"
config TARGET_HOST
config WOLFSSL_TARGET_HOST
string "Target host"
default "127.0.01.1"
default "127.0.0.1"
help
host address for the example to connect
config WOLFSSL_TARGET_PORT
int "Target port"
default 11111
help
host port for the example to connect
endmenu

336
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
View File

@@ -1,4 +1,4 @@
/* client-tls-callback.c
/* client-tls.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,40 +18,108 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* the usual suspects */
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
/* ESP specific */
#include "wifi_connect.h"
#include "client-tls.h"
/* Espressif FreeRTOS */
#ifndef SINGLE_THREADED
#include <freertos/FreeRTOS.h>
#include <freertos/task.h>
#include <freertos/event_groups.h>
#endif
/* socket includes */
#include "lwip/netdb.h"
#include "lwip/sockets.h"
#include <lwip/netdb.h>
#include <lwip/sockets.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include "user_settings.h"
#include <wolfssl/ssl.h>
#include <wolfssl/certs_test.h>
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
#ifndef NO_DH
/* see also wolfssl/test.h */
#undef DEFAULT_MIN_DHKEY_BITS
#define DEFAULT_MIN_DHKEY_BITS 1024
#undef DEFAULT_MAX_DHKEY_BITS
#define DEFAULT_MAX_DHKEY_BITS 2048
#endif
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_CLIENT_CERT client_sm2
#define CTX_CLIENT_CERT_SIZE sizeof_client_sm2
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_CLIENT_KEY client_sm2_priv
#define CTX_CLIENT_KEY_SIZE sizeof_client_sm2_priv
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_PEM
#else
#include <wolfssl/certs_test.h>
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_2048
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_2048
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
/* Project */
#include "wifi_connect.h"
#include "time_helper.h"
/* working TLS 1.2 VS client app commandline param:
*
* -h 192.168.1.128 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
*
* working Linux, non-working VS c app
*
* -h 192.168.1.128 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
*
**/
static const char* const TAG = "tls_client";
#if defined(DEBUG_WOLFSSL)
int stack_start = -1;
static void ShowCiphers(void)
int ShowCiphers(WOLFSSL* ssl)
{
char ciphers[4096];
#define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
const char* cipher_used;
int ret = 0;
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
if (ssl == NULL) {
ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
if (ret == WOLFSSL_SUCCESS) {
for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
if (ciphers[i] == ':') {
ciphers[i] = '\n';
}
}
ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
}
else {
ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error %d", ret);
}
}
else {
cipher_used = wolfSSL_get_cipher_name(ssl);
ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
}
if (ret == WOLFSSL_SUCCESS)
printf("%s\n", ciphers);
return ret;
}
#endif
@@ -119,38 +187,48 @@ void my_atmel_free(int slotId)
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
/* client task */
void tls_smp_client_task()
WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
{
int ret;
#if defined(SINGLE_THREADED)
int ret = ESP_OK;
#define TLS_SMP_CLIENT_TASK_RET ret
#else
#define TLS_SMP_CLIENT_TASK_RET
#endif
char buff[256];
const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
const char* ch = TLS_SMP_TARGET_HOST; /* see wifi_connect.h */
struct sockaddr_in servAddr;
struct hostent *hp;
struct ip4_addr *ip4_addr;
int ret_i; /* interim return values */
int sockfd;
int doPeerCheck;
int sendGet;
struct sockaddr_in servAddr;
char buff[256];
const char* ch = TLS_SMP_TARGET_HOST;
#ifndef NO_DH
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
#endif
size_t len;
struct hostent *hp;
struct ip4_addr *ip4_addr;
const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
WOLFSSL_ENTER("tls_smp_client_task");
wolfSSL_Debugging_ON();
WOLFSSL_ENTER(TLS_SMP_CLIENT_TASK_NAME);
doPeerCheck = 0;
doPeerCheck = 1;
sendGet = 0;
#ifdef DEBUG_WOLFSSL
WOLFSSL_MSG("Debug ON");
wolfSSL_Debugging_ON();
ShowCiphers();
ShowCiphers(NULL);
#endif
/* Initialize wolfSSL */
wolfSSL_Init();
/* Create a socket that uses an internet IPv4 address,
/* Create a socket that uses an Internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol. */
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
@@ -163,36 +241,111 @@ void tls_smp_client_task()
if (!hp) {
ESP_LOGE(TAG, "Failed to get host name.");
ip4_addr = NULL;
} else {
ip4_addr = (struct ip4_addr *)hp->h_addr;
ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
}
else {
ip4_addr = (struct ip4_addr *)hp->h_addr;
}
/* Create and initialize WOLFSSL_CTX */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); /* SSL 3.0 - TLS 1.3. */
/* options: */
/* ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); only TLS 1.2 */
/* ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); only TLS 1.3 */
/* wolfSSL_CTX_NoTicketTLSv12(); */
/* wolfSSL_NoTicketTLSv12(); */
if (ctx == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX\n");
}
WOLFSSL_MSG("Loading...cert");
/* Load client certificates into WOLFSSL_CTX */
if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
ESP_LOGE(TAG,"ERROR: failed to load %d, please check the file.\n",ret);
#if defined(WOLFSSL_ESP32_CIPHER_SUITE)
ESP_LOGI(TAG, "Start SM2\n");
/*
*
* reference code for SM Ciphers:
*
#if defined(HAVE_AESGCM) && !defined(NO_DH)
#ifdef WOLFSSL_TLS13
defaultCipherList = "TLS13-AES128-GCM-SHA256"
#ifndef WOLFSSL_NO_TLS12
":DHE-PSK-AES128-GCM-SHA256"
#endif
;
#else
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
#endif
#elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13)
defaultCipherList = "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256"
#ifndef WOLFSSL_NO_TLS12
":PSK-AES128-GCM-SHA256"
#endif
;
#elif defined(HAVE_NULL_CIPHER)
defaultCipherList = "PSK-NULL-SHA256";
#elif !defined(NO_AES_CBC)
defaultCipherList = "PSK-AES128-CBC-SHA256";
#else
defaultCipherList = "PSK-AES128-GCM-SHA256";
#endif
*/
ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
if (ret == WOLFSSL_SUCCESS) {
ESP_LOGI(TAG, "Set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
}
/* not peer check */
else {
ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
}
#endif
#ifdef DEBUG_WOLFSSL
ShowCiphers(NULL);
ESP_LOGI(TAG,
"Stack used: %d\n",
CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
#endif
/* see user_settings PROJECT_DH for HAVE_DH and HAVE_FFDHE_2048 */
#ifndef NO_DH
ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
if (ret != SSL_SUCCESS) {
ESP_LOGE(TAG, "Error setting minimum DH key size");
}
#endif
/* no peer check */
if (doPeerCheck == 0) {
ESP_LOGW(TAG, "doPeerCheck == 0");
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
} else {
}
else {
ESP_LOGW(TAG, "doPeerCheck != 0");
WOLFSSL_MSG("Loading... our cert");
/* load our certificate */
if ((ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, client_cert_der_2048,
sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
ESP_LOGE(TAG,"ERROR: failed to load chain %d, please check the file.\n",ret);
ret_i = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
CTX_CLIENT_CERT,
CTX_CLIENT_CERT_SIZE,
CTX_CLIENT_CERT_TYPE);
if (ret_i != SSL_SUCCESS) {
ESP_LOGE(TAG, "ERROR: failed to load chain %d, please check the file.\n", ret_i);
}
if ((ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
/* Load client certificates into WOLFSSL_CTX */
WOLFSSL_MSG("Loading...cert");
ret_i = wolfSSL_CTX_load_verify_buffer(ctx,
CTX_CA_CERT,
CTX_CA_CERT_SIZE,
CTX_CA_CERT_TYPE);
ret_i = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
CTX_CLIENT_KEY,
CTX_CLIENT_KEY_SIZE,
CTX_CLIENT_KEY_TYPE);
if(ret_i != SSL_SUCCESS) {
wolfSSL_CTX_free(ctx) ; ctx = NULL ;
ESP_LOGE(TAG,"ERROR: failed to load key %d, please check the file.\n", ret);
ESP_LOGE(TAG, "ERROR: failed to load key %d, "
"please check the file.\n", ret_i) ;
}
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, 0);
@@ -203,27 +356,33 @@ void tls_smp_client_task()
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
servAddr.sin_port = htons(TLS_SMP_DEFAULT_PORT); /* on DEFAULT_PORT */
if (*ch >= '1' && *ch <= '9') {
/* Get the server IPv4 address from the command line call */
WOLFSSL_MSG("inet_pton");
if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
if ((ret_i = inet_pton(AF_INET,
TLS_SMP_TARGET_HOST,
&servAddr.sin_addr)) != 1) {
ESP_LOGE(TAG,"ERROR: invalid address ret=%d\n", ret);
ESP_LOGE(TAG, "ERROR: invalid address ret=%d\n", ret_i);
}
} else {
}
else {
servAddr.sin_addr.s_addr = ip4_addr->addr;
}
/* Connect to the server */
sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
, DEFAULT_PORT);
sprintf(buff,
"Connecting to server....%s(port:%d)",
TLS_SMP_TARGET_HOST,
TLS_SMP_DEFAULT_PORT);
WOLFSSL_MSG(buff);
printf("%s\n", buff);
if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
if ((ret_i = connect(sockfd,
(struct sockaddr *)&servAddr,
sizeof(servAddr))) == -1) {
ESP_LOGE(TAG,"ERROR: failed to connect ret=%d\n", ret);
ESP_LOGE(TAG, "ERROR: failed to connect ret=%d\n", ret_i);
}
WOLFSSL_MSG("Create a WOLFSSL object");
@@ -231,8 +390,25 @@ void tls_smp_client_task()
if ((ssl = wolfSSL_new(ctx)) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object\n");
}
else {
#ifdef DEBUG_WOLFSSL
ESP_LOGI(TAG, "\nCreated WOLFSSL object:");
ShowCiphers(ssl);
#endif
}
#if defined(WOLFSSL_SM2)
/* SM TLS1.3 Cipher needs to have key share explicitly set. */
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
if (ret == WOLFSSL_SUCCESS) {
ESP_LOGI(TAG, "Successfully set WOLFSSL_ECC_SM2P256V1");
}
else {
ESP_LOGE(TAG, "FAILED to set WOLFSSL_ECC_SM2P256V1");
}
#endif
/* when using atecc608a on esp32-wroom-32se */
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
atcatls_set_callbacks(ctx);
@@ -248,10 +424,10 @@ void tls_smp_client_task()
WOLFSSL_MSG("Connect to wolfSSL on the server side");
/* Connect to wolfSSL on the server side */
if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
ESP_LOGE(TAG,"ERROR: failed to connect to wolfSSL\n");
}
if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
#ifdef DEBUG_WOLFSSL
ShowCiphers(ssl);
#endif
/* Get a message for the server from stdin */
WOLFSSL_MSG("Message for server: ");
memset(buff, 0, sizeof(buff));
@@ -261,7 +437,8 @@ void tls_smp_client_task()
len = XSTRLEN(sndMsg);
strncpy(buff, sndMsg, len);
buff[len] = '\0';
} else {
}
else {
sprintf(buff, "message from esp32 tls client\n");
len = strnlen(buff, sizeof(buff));
}
@@ -278,7 +455,15 @@ void tls_smp_client_task()
/* Print to stdout any data the server sends */
printf("Server: ");
printf("%s", buff);
printf("%s\n", buff);
}
else {
ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL\n");
}
#ifdef DEBUG_WOLFSSL
ShowCiphers(ssl);
#endif
/* Cleanup and return */
wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
@@ -287,5 +472,32 @@ void tls_smp_client_task()
vTaskDelete(NULL);
return; /* Return reporting a success */
return TLS_SMP_CLIENT_TASK_RET;
}
#if defined(SINGLE_THREADED)
/* we don't initialize a single thread, so no init function here */
#else
/* create task */
WOLFSSL_ESP_TASK tls_smp_client_init(void* args)
{
int ret;
#if ESP_IDF_VERSION_MAJOR >= 4
TaskHandle_t _handle;
#else
xTaskHandle _handle;
#endif
/* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
ret = xTaskCreate(tls_smp_client_task,
TLS_SMP_CLIENT_TASK_NAME,
TLS_SMP_CLIENT_TASK_WORDS,
NULL,
TLS_SMP_CLIENT_TASK_PRIORITY,
&_handle);
if (ret != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
}
return TLS_SMP_CLIENT_TASK_RET;
}
#endif

71
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h Normal file
View File

@@ -0,0 +1,71 @@
/* server-tls.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _SERVER_TLS_
#define _SERVER_TLS_
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include "sdkconfig.h"
/* See main/Kconfig.projbuild for default configuration settings */
#ifdef CONFIG_WOLFSSL_TARGET_HOST
#define TLS_SMP_TARGET_HOST CONFIG_WOLFSSL_TARGET_HOST
#else
#define TLS_SMP_TARGET_HOST "192.168.1.38"
#endif
#ifdef CONFIG_WOLFSSL_TARGET_PORT
#define TLS_SMP_DEFAULT_PORT CONFIG_WOLFSSL_TARGET_PORT
#else
#define TLS_SMP_DEFAULT_PORT 11111
#endif
#define TLS_SMP_CLIENT_TASK_NAME "tls_client_example"
#define TLS_SMP_CLIENT_TASK_WORDS 22240
#define TLS_SMP_CLIENT_TASK_PRIORITY 8
#if defined(SINGLE_THREADED)
#define WOLFSSL_ESP_TASK int
#else
#include "freertos/FreeRTOS.h"
#define WOLFSSL_ESP_TASK void
#endif
typedef struct {
int port;
int loops;
} tls_args;
/* Function to show the ciphers available / in use. */
#if defined(DEBUG_WOLFSSL)
int ShowCiphers(WOLFSSL* ssl);
#endif
/* This is the TLS Client function, possibly in an RTOS thread. */
WOLFSSL_ESP_TASK tls_smp_client_task(void* args);
/* init will create an RTOS task, otherwise server is simply function call. */
#if defined(SINGLE_THREADED)
/* no init neded */
#else
WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
#endif
#endif /* _SERVER_TLS_ */

24
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h Normal file
View File

@@ -0,0 +1,24 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _MAIN_H_
#define _MAIN_H_
#endif

54
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* common Espressif time_helper v5.6.3.001 */
#ifndef _TIME_HELPER_H
#define _TIME_HELPER_H
/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
* See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
*/
#ifdef __cplusplus
extern "C" {
#endif
/* a function to show the current data and time */
int esp_show_current_datetime();
/* worst case, if GitHub time not available, used fixed time */
int set_fixed_default_time(void);
/* set time from string (e.g. GitHub commit time) */
int set_time_from_string(char* time_buffer);
/* set time from NTP servers,
* also initially calls set_fixed_default_time or set_time_from_string */
int set_time(void);
/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
int set_time_wait_for_ntp(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef _TIME_HELPER_H */

84
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
View File

@@ -1,4 +1,4 @@
/* user_settings.h
/* wifi_connect.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,26 +18,76 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _TLS_WIFI_H_
#define _TLS_WIFI_H_
#ifndef _WIFI_CONNECT_H_
#define _WIFI_CONNECT_H_
#include "esp_idf_version.h"
#include "esp_log.h"
#include "esp_wifi.h"
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp_event.h"
#else
#include "esp_event_loop.h"
#endif
#include <esp_idf_version.h>
#include <esp_log.h>
#define DEFAULT_PORT 11111
#define TLS_SMP_CLIENT_TASK_NAME "tls_client_example"
#define TLS_SMP_CLIENT_TASK_WORDS 10240
#define TLS_SMP_CLIENT_TASK_PRIORITY 8
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
#define TLS_SMP_WIFI_PASS CONFIG_WIFI_PASSWORD
#define TLS_SMP_TARGET_HOST CONFIG_TARGET_HOST
#define USE_WIFI_EXAMPLE
#ifdef USE_WIFI_EXAMPLE
#include "esp_netif.h"
#include "protocol_examples_common.h" /* see project CMakeLists.txt */
#endif
/**
******************************************************************************
******************************************************************************
** USER APPLICATION SETTINGS BEGIN
******************************************************************************
******************************************************************************
**/
/* when using a private config with plain text passwords,
* file my_private_config.h should be excluded from git updates */
/* #define USE_MY_PRIVATE_CONFIG */
#ifdef USE_MY_PRIVATE_CONFIG
#if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
#include "/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
#include "/mnt/c/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
#include "~/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
#include "~/Documents/my_private_config.h"
#else
#warning "did not detect environment. using ~/my_private_config.h"
#include "~/my_private_config.h"
#endif
#else
/*
** The examples use WiFi configuration that you can set via project
** configuration menu
**
** If you'd rather not, just change the below entries to strings with
** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
*/
#ifdef CONFIG_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
#else
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#ifdef CONFIG_ESP_WIFI_PASSWORD
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#else
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
#endif
#endif
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
int wifi_init_sta(void);
int wifi_show_ip(void);
#endif /* _WIFI_CONNECT_H_ */

267
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c Normal file
View File

@@ -0,0 +1,267 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include "sdkconfig.h"
#include "main.h"
/* ESP specific */
#include <nvs_flash.h>
#include <esp_log.h>
#include <esp_event.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#ifndef WOLFSSL_ESPIDF
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
/* this project */
#include "client-tls.h"
#include "time_helper.h"
#ifndef CONFIG_IDF_TARGET_ESP32H2
/* There's no WiFi on ESP32-H2.
* For wired ethernet, see:
* https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
#include "wifi_connect.h"
#endif
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
static const char* const TAG = "TLS Client";
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
/* when you want to use a custom slot allocation */
/* enable the definition CUSTOM_SLOT_ALLOCATION. */
#if defined(CUSTOM_SLOT_ALLOCATION)
static byte mSlotList[ATECC_MAX_SLOT];
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
/* initialize slot array */
void my_atmel_slotInit()
{
int i;
for(i = 0;i < ATECC_MAX_SLOT;i++) {
mSlotList[i] = ATECC_INVALID_SLOT;
}
}
/* allocate slot depending on slotType */
int my_atmel_alloc(int slotType)
{
int i, slot = -1;
switch(slotType){
case ATMEL_SLOT_ENCKEY:
slot = 4;
break;
case ATMEL_SLOT_DEVICE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE_ENC:
slot = 4;
break;
case ATMEL_SLOT_ANY:
for(i = 0;i < ATECC_MAX_SLOT;i++){
if(mSlotList[i] == ATECC_INVALID_SLOT){
slot = i;
break;
}
}
}
return slot;
}
/* free slot array */
void my_atmel_free(int slotId)
{
if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
mSlotList[slotId] = ATECC_INVALID_SLOT;
}
}
#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
/* for FreeRTOS */
void app_main(void)
{
int stack_start = 0;
esp_err_t ret = 0;
ESP_LOGI(TAG, "---------------- wolfSSL TLS Client Example ------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
#ifdef ESP_TASK_MAIN_STACK
ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
#endif
#ifdef TASK_EXTRA_STACK_SIZE
ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
#endif
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
CONFIG_ESP_MAIN_TASK_STACK_SIZE,
(int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
/* Returns the high water mark of the stack associated with xTask. That is,
* the minimum free stack space there has been (in bytes not words, unlike
* vanilla FreeRTOS) since the task started. The smaller the returned
* number the closer the task has come to overflowing its stack.
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
*/
stack_start = uxTaskGetStackHighWaterMark(NULL);
ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
#endif
#ifdef HAVE_VERSION_EXTENDED_INFO
esp_ShowExtendedSystemInfo();
#endif
/* Set time for cert validation.
* Some lwIP APIs, including SNTP functions, are not thread safe. */
ret = set_time(); /* need to setup NTP before WiFi */
/* Optionally erase flash */
/* ESP_ERROR_CHECK(nvs_flash_erase()); */
#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
ESP_ERROR_CHECK(nvs_flash_init());
#if defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
#else
#ifdef CONFIG_EXAMPLE_WIFI_SSID
if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
ESP_LOGW(TAG, " Do you have a WiFi AP called myssid, or ");
ESP_LOGW(TAG, " did you forget the ESP-IDF configuration?");
}
#else
#define CONFIG_EXAMPLE_WIFI_SSID "myssid"
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
#endif
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());
ESP_ERROR_CHECK(example_connect());
#endif
#else
ESP_ERROR_CHECK(nvs_flash_init());
/* Initialize NVS */
ret = nvs_flash_init();
if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
ESP_ERROR_CHECK(nvs_flash_erase());
ret = nvs_flash_init();
}
ESP_ERROR_CHECK(ret);
#if defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
#else
/* Initialize WiFi */
ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
ret = wifi_init_sta();
while (ret != 0) {
ESP_LOGI(TAG, "Waiting...");
vTaskDelay(60000 / portTICK_PERIOD_MS);
ESP_LOGI(TAG, "Trying WiFi again...");
ret = wifi_init_sta();
}
#endif
#endif
/* Once we are connected to the network, start & wait for NTP time */
ret = set_time_wait_for_ntp();
if (ret < -1) {
/* a value of -1 means there was no NTP server, so no need to wait */
ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
esp_show_current_datetime();
}
/* HWM is maximum amount of stack space that has been unused, in bytes
* not words (unlike vanilla freeRTOS). */
ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
CONFIG_ESP_MAIN_TASK_STACK_SIZE
- (uxTaskGetStackHighWaterMark(NULL))
);
ESP_LOGI(TAG, "Starting TLS Client task ...\n");
#if defined(SINGLE_THREADED)
/* just call the task */
tls_smp_client_task((void*)NULL);
#else
tls_args args[1] = {0};
/* start a thread with the task */
args[0].loops = 10;
args[0].port = 11111;
tls_smp_client_init(args);
/* optional additional client threads
tls_smp_client_init(args);
tls_smp_client_init(args);
tls_smp_client_init(args);
tls_smp_client_init(args);
tls_smp_client_init(args);
tls_smp_client_init(args);
tls_smp_client_init(args);
*/
#endif
ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
vTaskDelete(NULL);
/* done */
while (1) {
ESP_LOGV(TAG, "\n\nLoop...\n\n");
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- (uxTaskGetStackHighWaterMark(NULL) ));
#endif
#if defined(SINGLE_THREADED)
ESP_LOGV(TAG, "\n\nDone!\n\n");
while (1);
#else
vTaskDelay(60000);
#endif
} /* done whle */
} /* app_main */

333
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c Normal file
View File

@@ -0,0 +1,333 @@
/* time_helper.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* common Espressif time_helper v5.6.3.002 */
#include "esp_idf_version.h"
#include "sdkconfig.h"
#include "time_helper.h"
#include <esp_log.h>
#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
#define HAS_ESP_NETIF_SNTP 1
#include <lwip/apps/sntp.h>
#include <esp_netif_sntp.h>
#else
#include <string.h>
#include <esp_sntp.h>
#endif
#else
/* TODO Consider pre IDF v5? */
#endif
/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
* See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
*/
const static char* TAG = "time_helper";
/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
#ifndef TIME_ZONE
/*
* PST represents Pacific Standard Time.
* +8 specifies the offset from UTC (Coordinated Universal Time), indicating
* that Pacific Time is UTC-8 during standard time.
* PDT represents Pacific Daylight Time.
* M3.2.0 indicates that Daylight Saving Time (DST) starts on the
* second (2) Sunday (0) of March (3).
* M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
*/
#define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
#endif /* not defined: TIME_ZONE, so we are setting our own */
#define NTP_RETRY_COUNT 10
/* NELEMS(x) number of elements
* To determine the number of elements in the array, we can divide the total
* size of the array by the size of the array element.
* See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
**/
#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
#define NTP_SERVER_LIST ( (char*[]) { \
"pool.ntp.org", \
"time.nist.gov", \
"utcnist.colorado.edu" \
} \
)
/* #define NTP_SERVER_COUNT using NELEMS:
*
* (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
*/
#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
/* We should find max value in sdkconfig, if not set it to our count:*/
#define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
#endif
char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
/* our NTP server list is global info */
extern char* ntpServerList[NTP_SERVER_COUNT];
/* Show the current date and time */
int esp_show_current_datetime()
{
time_t now;
char strftime_buf[64];
struct tm timeinfo;
time(&now);
setenv("TZ", TIME_ZONE, 1);
tzset();
localtime_r(&now, &timeinfo);
strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
return 0;
}
/* the worst-case scenario is a hard-coded date/time */
int set_fixed_default_time(void)
{
/* ideally, we'd like to set time from network,
* but let's set a default time, just in case */
struct tm timeinfo = {
.tm_year = 2023 - 1900,
.tm_mon = 10,
.tm_mday = 02,
.tm_hour = 13,
.tm_min = 01,
.tm_sec = 05
};
struct timeval now;
time_t interim_time;
int ret = -1;
/* set interim static time */
interim_time = mktime(&timeinfo);
ESP_LOGI(TAG, "Adjusting time from fixed value");
now = (struct timeval){ .tv_sec = interim_time };
ret = settimeofday(&now, NULL);
return ret;
}
/* set_time_from_string(s)
*
* returns 0 = success if able to set the time from the provided string
* error for any other value, typically -1 */
int set_time_from_string(char* time_buffer)
{
/* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
const char *format = "%3s %3s %d %d:%d:%d %d %s";
struct tm this_timeinfo;
struct timeval now;
time_t interim_time;
char offset[6]; /* expecting trailing single quote, not used */
char day_str[4];
char month_str[4];
int day, year, hour, minute, second;
int quote_offset = 0;
int ret = 0;
/* we are expecting the string to be encapsulated in single quotes */
if (*time_buffer == 0x27) {
quote_offset = 1;
}
ret = sscanf(time_buffer + quote_offset,
format,
day_str, month_str,
&day, &hour, &minute, &second, &year, &offset);
if (ret == 8) {
/* we found a match for all componets */
const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
for (int i = 0; i < 12; i++) {
if (strcmp(month_str, months[i]) == 0) {
this_timeinfo.tm_mon = i;
break;
}
}
this_timeinfo.tm_mday = day;
this_timeinfo.tm_hour = hour;
this_timeinfo.tm_min = minute;
this_timeinfo.tm_sec = second;
this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
interim_time = mktime(&this_timeinfo);
now = (struct timeval){ .tv_sec = interim_time };
ret = settimeofday(&now, NULL);
ESP_LOGI(TAG, "Time updated to %s", time_buffer);
}
else {
ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
set_fixed_default_time();
ret = -1;
}
return ret;
}
/* set time; returns 0 if succecssfully configured with NTP */
int set_time(void)
{
#ifndef NTP_SERVER_COUNT
ESP_LOGW(TAG, "Warning: no sntp server names defined. "
"Setting to empty list");
#define NTP_SERVER_COUNT 0
#warning "NTP not properly configured"
#endif /* not defined: NTP_SERVER_COUNT */
#ifdef HAS_ESP_NETIF_SNTP
#if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
NTP_SERVER_COUNT,
ESP_SNTP_SERVER_LIST(ntpServerList[0])
);
#else
esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
#endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
#endif /* HAS_ESP_NETIF_SNTP */
int ret = 0;
int i = 0; /* counter for time servers */
ESP_LOGI(TAG, "Setting the time. Startup time:");
esp_show_current_datetime();
#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
/* initialy set a default approximate time from recent git commit */
ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
esp_show_current_datetime();
ret = -4;
#else
/* otherwise set a fixed time that was hard coded */
set_fixed_default_time();
ret = -3;
#endif
#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
config.smooth_sync = true;
#endif
if (NTP_SERVER_COUNT) {
/* next, let's setup NTP time servers
*
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
*
* WARNING: do not set operating mode while SNTP client is running!
*/
/* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL); */
sntp_setoperatingmode(SNTP_OPMODE_POLL);
if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
"CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
}
ESP_LOGI(TAG, "sntp_setservername:");
for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
const char* thisServer = ntpServerList[i];
if (strncmp(thisServer, "\x00", 1) == 0) {
/* just in case we run out of NTP servers */
break;
}
ESP_LOGI(TAG, "%s", thisServer);
sntp_setservername(i, thisServer);
}
#ifdef HAS_ESP_NETIF_SNTP
ret = esp_netif_sntp_init(&config);
#else
ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
"of updated SNTP libraries");
#endif
if (ret == ESP_OK) {
ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
}
else {
ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
}
sntp_init();
switch (ret) {
case ESP_ERR_INVALID_STATE:
break;
default:
break;
}
ESP_LOGI(TAG, "sntp_init done.");
}
else {
ESP_LOGW(TAG, "No sntp time servers found.");
ret = -1;
}
return ret;
}
/* wait for NTP to actually set the time */
int set_time_wait_for_ntp(void)
{
int ret = 0;
#ifdef HAS_ESP_NETIF_SNTP
int ntp_retry = 0;
const int ntp_retry_count = NTP_RETRY_COUNT;
ret = esp_netif_sntp_start();
ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
#endif /* HAS_ESP_NETIF_SNTP */
esp_show_current_datetime();
#ifdef HAS_ESP_NETIF_SNTP
while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
ntp_retry,
ntp_retry_count);
esp_show_current_datetime();
}
#endif /* HAS_ESP_NETIF_SNTP */
#ifdef TIME_ZONE
setenv("TZ", TIME_ZONE, 1);
tzset();
#endif
if (ret == ESP_OK) {
ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
}
else {
ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
"result = 0x%0x: %s",
ret, esp_err_to_name(ret));
}
return ret;
}

335
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
View File

@@ -18,92 +18,52 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*ESP specific */
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "wifi_connect.h"
#include "lwip/sockets.h"
#include "lwip/netdb.h"
#include "lwip/apps/sntp.h"
#include "nvs_flash.h"
#include <freertos/FreeRTOS.h>
#include <freertos/task.h>
#include <freertos/event_groups.h>
#include <esp_wifi.h>
#include <esp_log.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include "user_settings.h"
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
#if ESP_IDF_VERSION_MAJOR >= 5
#elif ESP_IDF_VERSION_MAJOR >= 4
#include "protocol_examples_common.h"
#else
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
/* proto-type */
extern void tls_smp_client_task();
static void tls_smp_client_init();
const static char *TAG = "tls_client";
static void set_time()
{
/* set dummy wallclock time. */
struct timeval utctime;
struct timezone tz;
struct strftime_buf;
time_t now;
struct tm timeinfo;
char strftime_buf[64];
/* please update the time if seeing unknown failure when loading cert. */
/* this could cause TLS communication failure due to time expiration */
/* increasing 31536000 seconds is close to spanning 356 days. */
utctime.tv_sec = 1695513105; /* dummy time: Sat Sep 23 17:05:31 PDT 2023 */
utctime.tv_usec = 0;
tz.tz_minuteswest = 0;
tz.tz_dsttime = 0;
settimeofday(&utctime, &tz);
time(&now);
localtime_r(&now, &timeinfo);
strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
#if ESP_IDF_VERSION_MAJOR < 4
/* wait until wifi connect */
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY);
#endif
/* now we start client tasks. */
tls_smp_client_init();
}
/* create task */
static void tls_smp_client_init(void)
{
int ret;
#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if ESP_IDF_VERSION_MAJOR >= 4
TaskHandle_t _handle;
/* likely using examples, see wifi_connect.h */
#else
xTaskHandle _handle;
/* TODO - still supporting pre V4 ? */
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
#if (ESP_IDF_VERSION_MAJOR == 5)
#define HAS_WPA3_FEATURES
#else
#undef HAS_WPA3_FEATURES
#endif
#else
/* TODO Consider pre IDF v5? */
#endif
/* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
ret = xTaskCreate(tls_smp_client_task,
TLS_SMP_CLIENT_TASK_NAME,
TLS_SMP_CLIENT_TASK_WORDS,
NULL,
TLS_SMP_CLIENT_TASK_PRIORITY,
&_handle);
if (ret != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
}
}
/* breadcrumb prefix for logging */
const static char *TAG = "wifi_connect";
#if ESP_IDF_VERSION_MAJOR < 4
/* event handler for wifi events */
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -133,99 +93,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
}
return ESP_OK;
}
#else
#ifdef CONFIG_ESP_MAXIMUM_RETRY
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#else
#define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
/* entry point */
void app_main(void)
#if CONFIG_ESP_WIFI_AUTH_OPEN
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
#elif CONFIG_ESP_WIFI_AUTH_WEP
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
#endif
#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
#define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#endif
/* FreeRTOS event group to signal when we are connected*/
static EventGroupHandle_t s_wifi_event_group;
/* The event group allows multiple bits for each event, but we only care about two events:
* - we are connected to the AP with an IP
* - we failed to connect after the maximum amount of retries */
#define WIFI_CONNECTED_BIT BIT0
#define WIFI_FAIL_BIT BIT1
static int s_retry_num = 0;
ip_event_got_ip_t* event;
static void event_handler(void* arg,
esp_event_base_t event_base,
int32_t event_id,
void* event_data)
{
ESP_LOGI(TAG, "Start app_main...");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
esp_wifi_connect();
}
else if (event_base == WIFI_EVENT &&
event_id == WIFI_EVENT_STA_DISCONNECTED) {
if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
esp_wifi_connect();
s_retry_num++;
ESP_LOGI(TAG, "retry to connect to the AP");
}
else {
xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
}
ESP_LOGI(TAG, "connect to the AP fail");
}
else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
event = (ip_event_got_ip_t*) event_data;
wifi_show_ip();
s_retry_num = 0;
xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
}
}
#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
ESP_LOGI(TAG, "");
ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
ESP_LOGI(TAG, "");
#endif
int wifi_init_sta(void)
{
int ret = ESP_OK;
#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
#endif
s_wifi_event_group = xEventGroupCreate();
#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
#endif
ESP_ERROR_CHECK(esp_netif_init());
#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32C3)
/* not available for C3 at this time */
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
ESP_ERROR_CHECK(nvs_flash_init());
ESP_LOGI(TAG, "Initialize wifi");
#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
(ESP_IDF_VERSION_MAJOR >= 5)
esp_netif_init();
#else
tcpip_adapter_init();
#endif
/* */
#if ESP_IDF_VERSION_MAJOR >= 4
ESP_ERROR_CHECK(esp_event_loop_create_default());
/* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
* Read "Establishing Wi-Fi or Ethernet Connection" section in
* examples/protocols/README.md for more information about this function.
*/
ESP_ERROR_CHECK(example_connect());
#else
wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
esp_netif_create_default_wifi_sta();
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
esp_event_handler_instance_t instance_any_id;
esp_event_handler_instance_t instance_got_ip;
ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
ESP_EVENT_ANY_ID,
&event_handler,
NULL,
&instance_any_id));
ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
IP_EVENT_STA_GOT_IP,
&event_handler,
NULL,
&instance_got_ip));
wifi_config_t wifi_config = {
.sta = {
.ssid = TLS_SMP_WIFI_SSID,
.password = TLS_SMP_WIFI_PASS,
.ssid = EXAMPLE_ESP_WIFI_SSID,
.password = EXAMPLE_ESP_WIFI_PASS,
/* Authmode threshold resets to WPA2 as default if password matches
* WPA2 standards (pasword len => 8). If you want to connect the
* device to deprecated WEP/WPA networks, Please set the threshold
* value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
* length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
* standards. */
.threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
#ifdef HAS_WPA3_FEATURES
.sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
#endif
},
};
/* WiFi station mode */
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
/* Wifi Set the configuration of the ESP32 STA or AP */
ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
/* Start Wifi */
ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
#ifdef CONFIG_EXAMPLE_WIFI_SSID
if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
ESP_LOGW(TAG, " Do you have a WiFi AP called \"myssid\", ");
ESP_LOGW(TAG, " or did you forget the ESP-IDF configuration?");
}
#else
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
#endif
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished.");
ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
#endif
ESP_LOGI(TAG, "Set dummy time...");
set_time();
/* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
* or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
* The bits are set by event_handler() (see above) */
EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
pdFALSE,
pdFALSE,
portMAX_DELAY);
/* xEventGroupWaitBits() returns the bits before the call returned,
* hence we can test which event actually happened. */
#if defined(SHOW_SSID_AND_PASSWORD)
ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else {
ESP_LOGE(TAG, "UNEXPECTED EVENT");
}
#else
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "Connected to AP");
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to AP");
ret = -1;
}
else {
ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
ret = -2;
}
#endif
return ret;
}
int wifi_show_ip(void)
{
/* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
return 0;
}
#endif

31
IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv Normal file
View File

@@ -0,0 +1,31 @@
# to view: idf.py partition-table
#
# ESP-IDF Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs, data, nvs, 0x9000, 24K,
phy_init,data, phy, 0xf000, 4K,
factory, app, factory, 0x10000, 1500K,
# For other settings, see:
# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
#
# Here is the summary printed for the "Single factory app, no OTA" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x6000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
#
#
# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x4000,
# otadata, data, ota, 0xd000, 0x2000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
# ota_0, app, ota_0, 0x110000, 1M,
# ota_1, app, ota_1, 0x210000, 1M,
Can't render this file because it contains an unexpected character in line 13 and column 39.

91
IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
View File

@@ -1,11 +1,96 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
cmake_minimum_required(VERSION 3.16)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# (Not part of the boilerplate)
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
# disable the following line if there isn't the directory
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
endif()
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(wolfssl_server)

80
IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
View File

@@ -1,5 +1,13 @@
# wolfSSL Server Example
## VisualGDB
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
## ESP-IDF Commandline
The Example contains a wolfSSL simple server.
1. `idf.py menuconfigure` to configure the project
@@ -20,3 +28,75 @@ When you want to test the wolfSSL simple server demo
e.g ./example/client/client -h xx.xx.xx
See the README.md file in the upper level 'examples' directory for more information about examples.
```
# . /mnt/c/SysGCC/esp32/esp-idf/master/export.sh
. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
cd /mnt/c/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_server
# optionally erase
idf.py erase-flash -p /dev/ttyS19 -b 115200
# Program flash
idf.py flash -p /dev/ttyS19 -b 115200 monitor
```
Linux Client to x108 SM server
```
cd /mnt/c/workspace/wolfssl-gojimmypi
# show the ciphers
./examples/client/client -e
./examples/client/client -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
Linux Server
```
./examples/server/server -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
Cipers to consider
```
TLS13-AES128-GCM-SHA256:
TLS13-AES256-GCM-SHA384:
TLS13-CHACHA20-POLY1305-SHA256:
TLS13-SM4-GCM-SM3:
TLS13-SM4-CCM-SM3:
ECDHE-ECDSA-SM4-CBC-SM3:
ECDHE-ECDSA-SM4-GCM-SM3:
ECDHE-ECDSA-SM4-CCM-SM3
DHE-RSA-AES128-SHA:
DHE-RSA-AES256-SHA:
ECDHE-RSA-AES128-SHA:
ECDHE-RSA-AES256-SHA:
ECDHE-ECDSA-AES128-SHA:
ECDHE-ECDSA-AES256-SHA:
DHE-RSA-AES128-SHA256:
DHE-RSA-AES256-SHA256:
DHE-RSA-AES128-GCM-SHA256:
DHE-RSA-AES256-GCM-SHA384:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES256-GCM-SHA384:
ECDHE-RSA-AES128-SHA256:
ECDHE-ECDSA-AES128-SHA256:
ECDHE-RSA-AES256-SHA384:
ECDHE-ECDSA-AES256-SHA384:
ECDHE-RSA-CHACHA20-POLY1305:
ECDHE-ECDSA-CHACHA20-POLY1305:
DHE-RSA-CHACHA20-POLY1305:
ECDHE-RSA-CHACHA20-POLY1305-OLD:
ECDHE-ECDSA-CHACHA20-POLY1305-OLD:
DHE-RSA-CHACHA20-POLY1305-OLD:
```

512
IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md Normal file
View File

@@ -0,0 +1,512 @@
# SM Cipher Notes
### Install SM
```
cd /mnt/c/workspace/wolfsm-$USER
./install.sh ../wolfssl-$USER
```
### Build Linux SM Examples
```
./autogen.sh
./configure --enable-sm3 --enable-sm4-gcm --enable-sm2 \
--enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
--enable-sm4-gcm --enable-sm4-ccm
make clean && make
```
### TLS 1.3 Server
```
./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
### TLS 1.3 Client
```
./examples/client/client -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
### TLS 1.2 Client to Local Linux Server
```
./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
-c ./certs/sm2/client-sm2.pem \
-k ./certs/sm2/client-sm2-priv.pem \
-A ./certs/sm2/root-sm2.pem -C
```
### TLS 1.2 Client to ESP32 Server
```
./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
-c ./certs/sm2/client-sm2.pem \
-k ./certs/sm2/client-sm2-priv.pem \
-A ./certs/sm2/root-sm2.pem -C
```
### Others...
```
# Success: Linux Client to ESP32 Server TLS1.2
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
# Success: Linux Client to ESP32 Server TLS1.3
# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
```
```
ESP32-to-ESP32
TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
```
Tried both PEM and DER format.
The latest server is PEM format, triple-checked to have the embedded server
be the same as the Linux server files.
| Usage | Certificate | Key | Certificate Authority file, default ./certs/client-cert.pem |
| ----- | ---------------------------------- | ----------------------------------- | --------------------------------- |
| server | -c ./certs/sm2/server-sm2.pem | -k ./certs/sm2/server-sm2-priv.pem | -A ./certs/sm2/client-sm2.pem -V |
| client | -c ./certs/sm2/client-sm2.pem | -k ./certs/sm2/client-sm2-priv.pem | -A ./certs/sm2/root-sm2.pem -C |
| emdedded:
| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2 |
### Code
See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
![code](./code.png)
### Linux client talking to embedded server:
```
/examples/client/client -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
wolfSSL_connect error -188, ASN no signer error to confirm failure
wolfSSL error: wolfSSL_connect failed
```
Output:
```
ets Jul 29 2019 12:21:46
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:7000
load:0x40078000,len:15452
ho 0 tail 12 room 4
load:0x40080400,len:3840
entry 0x4008064c
I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
I (29) boot: compile time 13:40:31
I (29) boot: chip revision: v3.0
I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
I (39) boot.esp32: SPI Speed : 40MHz
I (44) boot.esp32: SPI Mode : DIO
I (48) boot.esp32: SPI Flash Size : 2MB
I (53) boot: Enabling RNG early entropy source...
I (58) boot: Partition Table:
I (62) boot: ## Label Usage Type ST Offset Length
I (69) boot: 0 nvs WiFi data 01 02 00009000 00006000
I (77) boot: 1 phy_init RF data 01 01 0000f000 00001000
I (84) boot: 2 factory factory app 00 00 00010000 00177000
I (92) boot: End of partition table
I (96) boot_comm: chip revision: 3, min. application chip revision: 0
I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h ( 16) load
I (533) boot: Loaded app from partition at offset 0x10000
I (533) boot: Disabling RNG early entropy source...
I (545) cpu_start: Pro cpu up.
I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
I (532) cpu_start: App cpu up.
I (561) cpu_start: Pro cpu start user code
I (561) cpu_start: cpu freq: 160000000 Hz
I (561) cpu_start: Application information:
I (566) cpu_start: Project name: wolfssl_server
I (571) cpu_start: App version: v5.6.3-stable-1088-g560c84b2b-d
I (578) cpu_start: Compile time: Jul 19 2023 22:20:09
I (585) cpu_start: ELF file SHA256: 3e6e571c9e87bf44...
I (591) cpu_start: ESP-IDF: v5.0-dirty
I (596) heap_init: Initializing. RAM available for dynamic allocation:
I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
I (636) spi_flash: detected chip: generic
I (639) spi_flash: flash io: dio
W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the
size in the binary image header.
I (657) cpu_start: Starting scheduler on PRO CPU.
I (0) cpu_start: Starting scheduler on APP CPU.
I (725) tls_server: ESP_WIFI_MODE_STA
I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
I (735) system_api: Base MAC address is not set
I (735) system_api: read default base MAC address from EFUSE
I (755) wifi:wifi firmware version: 0d470ef
I (755) wifi:wifi certification version: v7.0
I (755) wifi:config NVS flash: enabled
I (755) wifi:config nano formating: disabled
I (755) wifi:Init data frame dynamic rx buffer num: 32
I (765) wifi:Init management frame dynamic rx buffer num: 32
I (765) wifi:Init management short buffer num: 32
I (775) wifi:Init dynamic tx buffer num: 32
I (775) wifi:Init static rx buffer size: 1600
I (775) wifi:Init static rx buffer num: 10
I (785) wifi:Init dynamic rx buffer num: 32
I (785) wifi_init: rx ba win: 6
I (795) wifi_init: tcpip mbox: 32
I (795) wifi_init: udp mbox: 6
I (795) wifi_init: tcp mbox: 6
I (805) wifi_init: tcp tx win: 5744
I (805) wifi_init: tcp rx win: 5744
I (815) wifi_init: tcp mss: 1440
I (815) wifi_init: WiFi IRAM OP enabled
I (815) wifi_init: WiFi RX IRAM OP enabled
I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
I (935) wifi:enable tsf
I (935) tls_server: wifi_init_sta finished.
I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
I (945) wifi:state: init -> auth (b0)
I (945) wifi:state: auth -> assoc (0)
I (955) wifi:state: assoc -> run (10)
W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
I (995) wifi:pm start, type: 1
I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
I (3225) tls_server: got ip:192.168.1.108
I (3235) Time Helper: sntp_setservername:
I (3235) Time Helper: pool.ntp.org
I (3245) Time Helper: time.nist.gov
I (3245) Time Helper: utcnist.colorado.edu
I (3255) Time Helper: sntp_init done.
TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
I (3315) wolfssl: Start wolfSSL_Init()
I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
I (3325) wolfssl: start socket())
I (3335) wolfssl: Create and initialize WOLFSSL_CTX
I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
I (3365) tls_server: Start SM2
I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
I (3435) wolfssl: Loading certificate...
I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
I (3445) wolfssl: wolfSSL Entering PemToDer
I (3455) wolfssl: Checking cert signature type
I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
I (3465) wolfssl: Got Cert Header
I (3475) wolfssl: wolfSSL Entering GetObjectId
I (3475) wolfssl: Got Algo ID
I (3475) wolfssl: Getting Name
I (3485) wolfssl: Getting Cert Name
I (3485) wolfssl: Getting Name
I (3495) wolfssl: Getting Cert Name
I (3495) wolfssl: Got Subject Name
I (3495) wolfssl: wolfSSL Entering GetAlgoId
I (3505) wolfssl: wolfSSL Entering GetObjectId
I (3505) wolfssl: wolfSSL Entering GetObjectId
I (3515) wolfssl: Got Key
I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
I (3535) tls_server: Loaded server_sm2
I (3535) wolfssl: Loading key info...
I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
I (3545) wolfssl: wolfSSL Entering PemToDer
I (3555) wolfssl: wolfSSL Entering GetAlgoId
I (3555) wolfssl: wolfSSL Entering GetObjectId
I (3565) wolfssl: wolfSSL Entering GetAlgoId
I (3565) wolfssl: wolfSSL Entering GetObjectId
I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
I (3595) wolfssl: Processing CA PEM file
I (3595) wolfssl: wolfSSL Entering PemToDer
I (3605) wolfssl: Adding a CA
I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
I (3615) wolfssl: Got Cert Header
I (3625) wolfssl: wolfSSL Entering GetObjectId
I (3625) wolfssl: Got Algo ID
I (3635) wolfssl: Getting Name
I (3635) wolfssl: Getting Cert Name
I (3635) wolfssl: Getting Name
I (3645) wolfssl: Getting Cert Name
I (3645) wolfssl: Got Subject Name
I (3655) wolfssl: wolfSSL Entering GetAlgoId
I (3655) wolfssl: wolfSSL Entering GetObjectId
I (3665) wolfssl: wolfSSL Entering GetObjectId
I (3665) wolfssl: Got Key
I (3665) wolfssl: Parsed Past Key
I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
I (3675) wolfssl: wolfSSL Entering GetObjectId
I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
I (3685) wolfssl: wolfSSL Entering GetObjectId
I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
I (3705) wolfssl: wolfSSL Entering GetObjectId
I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
I (3715) wolfssl: wolfSSL Entering GetObjectId
I (3715) wolfssl: wolfSSL Entering DecodeAltNames
I (3725) wolfssl: Unsupported name type, skipping
I (3725) wolfssl: wolfSSL Entering GetObjectId
I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
I (3735) wolfssl: wolfSSL Entering GetObjectId
I (3745) wolfssl: wolfSSL Entering GetObjectId
I (3745) wolfssl: wolfSSL Entering GetObjectId
I (3755) wolfssl: Parsed new CA
I (3755) wolfssl: No key size check done on CA
I (3765) wolfssl: Freeing Parsed CA
I (3765) wolfssl: Freeing der CA
I (3775) wolfssl: OK Freeing der CA
I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
I (3785) wolfssl: Processed a CA
I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
I (3795) tls_server: Success: load verify buffer
I (3805) tls_server: Finish SM2
I (3805) tls_server: accept clients...
I (3815) wolfssl: Waiting for a connection...
I (14485) wolfssl: wolfSSL Entering wolfSSL_new
I (14495) wolfssl: wolfSSL Entering ReinitSSL
I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
I (14545) wolfssl: wolfSSL Entering ReinitSSL
I (14545) wolfssl: growing input buffer
I (14555) wolfssl: received record layer msg
I (14555) wolfssl: got HANDSHAKE
I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
I (14575) wolfssl: processing client hello
I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
I (14595) wolfssl: wolfSSL Entering DoClientHello
I (14595) wolfssl: downgrading to TLSv1.2
I (14605) wolfssl: Matched No Compression
I (14605) wolfssl: Adding signature algorithms extension
I (14615) wolfssl: Signature Algorithms extension received
I (14615) wolfssl: Point Formats extension received
I (14625) wolfssl: Supported Groups extension received
I (14625) wolfssl: Unknown TLS extension type
I (14635) wolfssl: Unknown TLS extension type
I (14635) wolfssl: wolfSSL Entering MatchSuite
I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
I (14645) wolfssl: Requires ECC
I (14655) wolfssl: Verified suite validity
I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
I (14685) wolfssl: Shrinking input buffer
I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
I (14705) wolfssl: wolfSSL Entering SendServerHello
I (14705) wolfssl: growing output buffer
I (14715) internal.c: GrowOutputBuffer ok
I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
I (14725) wolfssl: Point Formats extension to write
W (14735) wolfio: ssl->wflags = 0
I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57
I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8
I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20
I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58
I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00
I (14765) wolfio: 06 00 0b 00 02 01 00
W (14775) wolfio: sz = 87
I (14775) wolfssl: Shrinking output buffer
I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
I (14785) wolfssl: accept state SERVER_HELLO_SENT
I (14795) wolfssl: wolfSSL Entering SendCertificate
I (14795) wolfssl: growing output buffer
I (14805) internal.c: GrowOutputBuffer ok
W (14815) wolfio: ssl->wflags = 0
I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30
I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30
I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b
I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06
I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30
I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31
I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53
I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06
I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c
I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d
I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16
I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f
I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01
I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33
I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31
I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30
I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03
I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e
I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14
I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c
I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53
I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55
I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e
I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01
I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c
I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2
I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30
I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c
I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f
I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa
I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f
I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0
I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30
I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b
I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f
I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb
I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30
I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06
I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06
I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07
I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04
I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83
I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d
I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3
I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1
I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f
I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68
W (15135) wolfio: sz = 747
I (15135) wolfssl: Shrinking output buffer
I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
I (15145) wolfssl: accept state CERT_SENT
I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
I (15165) wolfssl: accept state CERT_STATUS_SENT
I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
I (15175) wolfssl: Using ephemeral ECDH
I (15175) wolfssl: wolfSSL Entering EccMakeKey
I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
I (15535) wolfssl: Trying ECC private key, RSA didn't work
I (15535) wolfssl: wolfSSL Entering GetAlgoId
I (15545) wolfssl: wolfSSL Entering GetObjectId
I (15555) wolfssl: Using ECC private key
I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
I (15925) wolfssl: growing output buffer
I (15925) internal.c: GrowOutputBuffer ok
W (15925) wolfio: ssl->wflags = 0
I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5
I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3
I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f
I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27
I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08
I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad
I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac
I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a
I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c
I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6
W (15995) wolfio: sz = 154
I (16005) wolfssl: Shrinking output buffer
I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
I (16025) wolfssl: accept state CERT_REQ_SENT
I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
I (16035) wolfssl: growing output buffer
I (16035) internal.c: GrowOutputBuffer ok
W (16045) wolfio: ssl->wflags = 0
I (16045) wolfio: 16 03 03 00 04 0e 00 00 00
W (16045) wolfio: sz = 9
I (16055) wolfssl: Embed Send error
I (16055) wolfssl: Connection reset
I (16065) int: Sent = -3
W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
E (16075) int: SOCKET_ERROR_E 2
I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
I (16085) wolfssl: wolfSSL error occurred, error = -308
I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
E (16085) tls_server: wolfSSL_accept error -308
I (16105) wolfssl: Client connected successfully
I (16105) wolfssl: wolfSSL Entering wolfSSL_read
I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
I (16125) wolfssl: wolfSSL Entering ReceiveData
I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
E (16145) tls_server: ERROR: failed to read
I (16145) wolfssl: Client sends:
I (16145) wolfssl:
I (16155) wolfssl: wolfSSL Entering wolfSSL_write
I (16155) wolfssl: handshake not complete, trying to finish
I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
I (16175) wolfssl: wolfSSL Entering ReinitSSL
W (16185) wolfio: ssl->wflags = 0
I (16185) wolfio: 16 03 03 00 04 0e 00 00 00
W (16185) wolfio: sz = 9
I (16195) wolfssl: Embed Send error
I (16195) wolfssl: General error
I (16205) int: Sent = -1
E (16205) int: SOCKET_ERROR_E
I (16205) wolfssl: wolfSSL error occurred, error = -308
I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
E (16225) tls_server: ERROR: failed to write
I (16235) wolfssl: wolfSSL Entering wolfSSL_free
I (16235) wolfssl: Free'ing server ssl
I (16245) wolfssl: Shrinking output buffer
I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
I (16255) wolfssl: wolfSSL_FreeSession full free
I (16265) wolfssl: CTX ref count not 0 yet, no free
I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
I (16275) wolfssl: Waiting for a connection...
```
### Wireshark:
![wireshark](./wireshark.png)

52
IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md Normal file
View File

@@ -0,0 +1,52 @@
# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
-------- |------------- |------------- |
ChipSet | ESP-IDF v4.4 | ESP-IDF v5.0 |
-------- |------------- |------------- |
ESP32 | x | |
ESP32-S2 | | |
ESP32-S3 | x | x |
ESP32-C3 | x | x |
ESP32-C6 | | |
The default directories are:
- `C:\SysGCC` - The root directory install of VisualGDB
- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
- `C:\SysGCC\esp8266`- The default for ESP8266
## Resources
- [wolfSSL Website](https://www.wolfssl.com/)
- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
## Support
For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
<-- edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->

8
IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln → IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
View File

@@ -1,9 +1,9 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.33027.164
# Visual Studio Version 17
VisualStudioVersion = 17.7.34031.279
MinimumVisualStudioVersion = 10.0.40219.1
Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_server", "VisualGDB_wolfssl_server.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_server_IDF_v5_ESP32", "wolfssl_server_IDF_v5_ESP32.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -26,6 +26,6 @@ Global
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {719A8CBE-E881-4B20-89F3-9910520E1067}
SolutionGuid = {8024AC13-8021-400B-976F-30C392D5BBD3}
EndGlobalSection
EndGlobal

22
IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj → IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
View File

@@ -1,5 +1,5 @@
<?xml version="1.0"?>
<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
@@ -18,9 +18,9 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>8.4.0</GCC>
<GDB>8.1.0</GDB>
<Revision>9</Revision>
<GCC>12.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
</ToolchainID>
<RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>v4.4.1</Version>
<Subdirectory>esp-idf/v4.4.1</Subdirectory>
<Version>release/v5.1</Version>
<Subdirectory>esp-idf/v5.1</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM20</COMPort>
<COMPort>COM19</COMPort>
<SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
<UseCCache>false</UseCCache>
<DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
<ComPortName>COM20</ComPortName>
<ComPortName>COM19</ComPortName>
<AdvancedSettings>
<BaudRate>115200</BaudRate>
<DataBits>8</DataBits>
@@ -104,7 +104,7 @@
</Connection>
<LastConnectionTime>0</LastConnectionTime>
<EchoTypedCharacters>false</EchoTypedCharacters>
<ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
<ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
<ReconnectAutomatically>false</ReconnectAutomatically>
<DisplayMode>ASCII</DisplayMode>
<Colors>
@@ -220,7 +220,7 @@
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
<CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
<CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />
@@ -252,7 +252,7 @@
</Configuration>
</DebugMethod>
<AutoDetectRTOS>true</AutoDetectRTOS>
<SemihostingSupport>Auto</SemihostingSupport>
<SemihostingSupport>Disabled</SemihostingSupport>
<SemihostingPollingDelay>0</SemihostingPollingDelay>
<StepIntoEntryPoint>false</StepIntoEntryPoint>
<ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>

291
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
View File

@@ -19,7 +19,7 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.3.001
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@@ -28,102 +28,7 @@ cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of wolfSSL:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-gojimmypi")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# TODO
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# Check to see if we're already in wolfssl, and only if WOLFSSL_ROOT not specified
if ("${WOLFSSL_ROOT}" STREQUAL "")
# wolfssl examples are 7 directories deep from wolfssl repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in wolfssl examples!
get_filename_component(WOLFSSL_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using wolfSSL example with root ${WOLFSSL_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for wolfssl. (8 directories up, then down one)
#
# For example wolfSSL examples:
# C:\workspace\wolfssl-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssl_benchmark\components\wolfssl
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssl
#
# 1 2 3 4 5 6 7 8
set(THIS_RELATIVE_PATH "../../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
endif()
endif()
# search other possible locations
if ("${WOLFSSL_ROOT}" STREQUAL "")
# there's not a hard-coded WOLFSSL_ROOT value above, so let's see if we can find it.
if( "$ENV{WOLFSSL_ROOT}" STREQUAL "" )
message(STATUS "Environment Variable WOLFSSL_ROOT not set. Will search common locations.")
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@@ -140,77 +45,157 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the wolfssl component, and other
# components that may depend on wolfssl, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssl repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "wolfssl" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for wolfssl will be in a user-clone called "wolfssl-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssl-${THIS_USER} directory.")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl-${THIS_USER}" ABSOLUTE)
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in user-suffix ${WOLFSSL_ROOT}")
else()
# If there's not a user-clone called "wolfssl-[username]",
# perhaps there's simply a git clone called "wolfssl"?
message(STATUS "Did not find wolfssl-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in standard ${WOLFSSL_ROOT}")
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find wolfssl in ${WOLFSSL_ROOT}")
endif()
endif()
set(${RESULT} "" PARENT_SCOPE)
endif()
endfunction()
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
# there's an environment variable, so use it.
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}")
if( EXISTS "${WOLFSSL_ROOT}" )
get_filename_component(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if("${FOUND_WOLFSSL}")
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
# end of search for wolfssl component root
else()
# There's already a value assigned; we won't search for anything else.
message(STATUS "Found user-specified WOLFSSL_ROOT value.")
endif() # WOLFSSL_ROOT user defined
# After all the logic above, does our WOLFSSL_ROOT actually exist?
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
else()
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}. Try setting environment variable or git clone.")
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# loop through all the parents, looking for wolfssl
while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
return()
endif()
endif()
# Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
# if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
# Move up one directory level
set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
# If not found, set the output variable to empty before exiting
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
endfunction()
# Example usage:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
)
else()
# not CMAKE_BUILD_EARLY_EXPANSION
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "NEW wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
# TODO: Make this a universal makefile that detects if benchmark / test needed
# Sometimes problematic with SM; consider gating detection.
#"\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
#"\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
@@ -314,9 +299,12 @@ else()
# next check if there's a [root]/include/config.h
if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
message(FATAL_ERROR "Found stray wolfSSL config.h in "
"${WOLFSSL_ROOT}/include/config.h "
" (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h )")
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
@@ -399,6 +387,14 @@ else()
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${EXCLUDE_ASM}\""
)
@@ -443,6 +439,7 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION

481
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
View File

@@ -19,21 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This is the user_settings.h file for the wolfssl_server TLS example.
* For application-specific settings, please see server-tls.h file */
#include <sdkconfig.h> /* essential to chip set detection */
/* optional timezone used when setting time */
#define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
/* #define SHOW_SSID_AND_PASSWORD */ /* remove this to not show in startup log */
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
@@ -46,6 +33,7 @@
** CONFIG_IDF_TARGET_ESP32C6
*/
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -55,64 +43,25 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
#if defined(CONFIG_IDF_TARGET_ESP32)
/* HW Enabled by default for ESP32. To disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* HW Disabled by default for ESP32-S2. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* HW Enabled by default for ESP32. To disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#elif defined(CONFIG_IDF_TARGET_ESP32C2)
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* HW Disabled by default for ESP32-C3. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* HW Disabled by default for ESP32-C6. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* HW Disabled by default for ESP32-H2. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#else
/* HW Disabled by default for all other ESP32-[?]. */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
@@ -124,45 +73,44 @@
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* when you want to use SHA224 */
/* #define WOLFSSL_SHA224 */
#define NO_OLD_TLS
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
/* #define WOLFSSL_SHA3 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
#define HAVE_ED25519 /* ED25519 requires SHA512 */
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* optional DH */
/* #define PROJECT_DH */
#ifdef PROJECT_DH
#define HAVE_DH
#define HAVE_FFDHE_2048
#endif
/* when you want to use aes counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@@ -177,22 +125,28 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* RSA primitive specific definition */
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 36
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
/* #define WOLFSSL_ESP32_HW_LOCK_DEBUG */
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -201,86 +155,259 @@
/* #define NO_ASN_TIME */
/* #define XTIME time */
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
/* see esp_ShowExtendedSystemInfo in esp32-crypt.h for startup log info */
#define HASH_SIZE_LIMIT /* for test.c */
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
/* debug options */
/* #define ESP_VERIFY_MEMBLOCK */
#define WOLFSSL_HW_METRICS
/* #define DEBUG_WOLFSSL_VERBOSE */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8684)
/* There's no Hardware Acceleration available on ESP8684 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP8684 *****/
#else
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
#define WOLFSSL_HW_METRICS
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number Multiplication:
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number Modular Exponentiation:
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number Modular Multiplication
** [Z = X × Y mod M] in esp_mp_mulmod() */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* this is known to fail in TFM: */
/* #define HONOR_MATH_USED_LENGTH */
/* this is known to fail in TFM */
/* #define CHECK_MP_READ_UNSIGNED_BIN */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm */
/* Uncomment this section to enable SM
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
/* see https://github.com/wolfSSL/wolfssl/pull/6537
*
* see settings.h for other features turned on with SM4 ciphers.
*/
#undef USE_CERT_BUFFERS_1024
#define USE_CERT_BUFFERS_1024
#undef WOLFSSL_SM4_ECB
#define WOLFSSL_SM4_ECB
#undef WOLFSSL_SM4_CBC
#define WOLFSSL_SM4_CBC
#undef WOLFSSL_SM4_CTR
#define WOLFSSL_SM4_CTR
#undef WOLFSSL_SM4_GCM
#define WOLFSSL_SM4_GCM
#undef WOLFSSL_SM4_CCM
#define WOLFSSL_SM4_CCM
#define HAVE_POLY1305
#define HAVE_CHACHA
#undef HAVE_AESGCM
#define HAVE_AESGCM
#undef HAVE_ECC
#define HAVE_ECC
/* see https://github.com/wolfSSL/wolfssl/pull/6825 */
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
@@ -290,25 +417,10 @@
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
/*
* SM optional cipher suite settings:
*
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-CCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CCM-SM3"
*/
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3:" \
"TLS13-SM4-CCM-SM3:" \
"TLS-SM4-GCM-SM3:" /* not a valid command-line cipher */ \
"TLS-SM4-CCM-SM3:" /* not a valid command-line cipher */ \
"ECDHE-ECDSA-SM4-CBC-SM3:" \
"ECDHE-ECDSA-SM4-GCM-SM3:" \
"ECDHE-ECDSA-SM4-CCM-SM3"
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
/* default settings */
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
@@ -320,61 +432,4 @@
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
/*
* Optional Cipher Suite Specification
*
* nothing defined, default used = "TLS13-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-CHACHA20-POLY1305-SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS_CHACHA20_POLY1305_SHA256"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS_SM4_CCM_SM3"
*/
#endif
#undef HAVE_ECC
#define HAVE_ECC
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* #define NO_HW_MATH_TEST */
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/* use SP_MATH */
/*
#undef USE_FAST_MATH
#define WOLFSSL_SP_MATH_ALL
*/
/* use integer heap math */
/*
#undef USE_FAST_MATH
#define USE_INTEGER_HEAP_MATH
*/
/* optionally use DPORT_ACCESS_READ_BUFFER */
/*
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
*/

43
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
View File

@@ -1,12 +1,36 @@
# wolfSSL Espressif Example Project/main CMakeLists.txt
# v1.0
#
# wolfssl server test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,8 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
register_component()
## register_component()
idf_component_register(SRCS main.c
wifi_connect.c
time_helper.c
server-tls.c
INCLUDE_DIRS "."
"./include")
#
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -73,3 +103,4 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
endif()
message(STATUS "")

9
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild Normal file
View File

@@ -0,0 +1,9 @@
menu "Example Configuration"
config WOLFSSL_TARGET_PORT
int "Target port"
default 11111
help
Host listening port for the example to connect.
endmenu

24
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h Normal file
View File

@@ -0,0 +1,24 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _MAIN_H_
#define _MAIN_H_
#endif

60
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h Normal file
View File

@@ -0,0 +1,60 @@
/* server-tls.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _SERVER_TLS_
#define _SERVER_TLS_
#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
#include <wolfssl/ssl.h>
#include "sdkconfig.h"
#if defined(SINGLE_THREADED)
#define WOLFSSL_ESP_TASK int
#else
#include "freertos/FreeRTOS.h"
#define WOLFSSL_ESP_TASK void
#endif
#ifdef CONFIG_WOLFSSL_TARGET_PORT
#define TLS_SMP_DEFAULT_PORT CONFIG_WOLFSSL_TARGET_PORT
#else
#define TLS_SMP_DEFAULT_PORT 11111
#endif
typedef struct {
int port;
int loops;
} tls_args;
/* Function to show the ciphers available / in use. */
#if defined(DEBUG_WOLFSSL)
int ShowCiphers(WOLFSSL* ssl);
#endif
/* This is the TLS Server function, possibly in an RTOS thread. */
WOLFSSL_ESP_TASK tls_smp_server_task(void *args);
/* init will create an RTOS task, otherwise server is simply function call. */
#if defined(SINGLE_THREADED)
/* no init neded */
#else
WOLFSSL_ESP_TASK tls_smp_server_init(void* args);
#endif
#endif /* _SERVER_TLS_ */

54
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* common Espressif time_helper v5.6.3.001 */
#ifndef _TIME_HELPER_H
#define _TIME_HELPER_H
/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
* See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
*/
#ifdef __cplusplus
extern "C" {
#endif
/* a function to show the current data and time */
int esp_show_current_datetime();
/* worst case, if GitHub time not available, used fixed time */
int set_fixed_default_time(void);
/* set time from string (e.g. GitHub commit time) */
int set_time_from_string(char* time_buffer);
/* set time from NTP servers,
* also initially calls set_fixed_default_time or set_time_from_string */
int set_time(void);
/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
int set_time_wait_for_ntp(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef _TIME_HELPER_H */

79
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
View File

@@ -18,25 +18,80 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _TLS_WIFI_H_
#define _TLS_WIFI_H_
#ifndef _WIFI_CONNECT_H_
#define _WIFI_CONNECT_H_
#include "esp_idf_version.h"
#include "esp_log.h"
#include "esp_wifi.h"
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp_event.h"
#else
#include "esp_event_loop.h"
#endif
#include <esp_idf_version.h>
#include <esp_log.h>
#define DEFAULT_PORT 11111
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_SERVER_TASK_NAME "tls_sever_example"
#define TLS_SMP_SERVER_TASK_WORDS 10240
#define TLS_SMP_SERVER_TASK_WORDS 22240
#define TLS_SMP_SERVER_TASK_PRIORITY 8
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
#define TLS_SMP_WIFI_PASS CONFIG_WIFI_PASSWORD
#define USE_WIFI_EXAMPLE
#ifdef USE_WIFI_EXAMPLE
#include "esp_netif.h"
#include "protocol_examples_common.h" /* see project CMakeLists.txt */
#endif
/**
******************************************************************************
******************************************************************************
** USER APPLICATION SETTINGS BEGIN
******************************************************************************
******************************************************************************
**/
/* when using a private config with plain text passwords,
* file my_private_config.h should be excluded from git updates */
/* #define USE_MY_PRIVATE_CONFIG */
#ifdef USE_MY_PRIVATE_CONFIG
#if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
#include "/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
#include "/mnt/c/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
#include "~/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
#include "~/Documents/my_private_config.h"
#else
#warning "did not detect environment. using ~/my_private_config.h"
#include "~/my_private_config.h"
#endif
#else
/*
** The examples use WiFi configuration that you can set via project
** configuration menu
**
** If you'd rather not, just change the below entries to strings with
** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
*/
#ifdef CONFIG_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
#else
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#ifdef CONFIG_ESP_WIFI_PASSWORD
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#else
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
#endif
#endif
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
int wifi_init_sta(void);
int wifi_show_ip(void);
#endif /* _WIFI_CONNECT_H_ */

257
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c Normal file
View File

@@ -0,0 +1,257 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include "sdkconfig.h"
#include "main.h"
/* ESP specific */
#include <nvs_flash.h>
#include <esp_log.h>
#include <esp_event.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#ifndef WOLFSSL_ESPIDF
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
/* this project */
#include "server-tls.h"
#include "time_helper.h"
#ifndef CONFIG_IDF_TARGET_ESP32H2
/* There's no WiFi on ESP32-H2.
* For wired ethernet, see:
* https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
#include "wifi_connect.h"
#endif
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
static const char* const TAG = "TLS Client";
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
/* when you want to use a custom slot allocation */
/* enable the definition CUSTOM_SLOT_ALLOCATION. */
#if defined(CUSTOM_SLOT_ALLOCATION)
static byte mSlotList[ATECC_MAX_SLOT];
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
/* initialize slot array */
void my_atmel_slotInit()
{
int i;
for(i = 0;i < ATECC_MAX_SLOT;i++) {
mSlotList[i] = ATECC_INVALID_SLOT;
}
}
/* allocate slot depending on slotType */
int my_atmel_alloc(int slotType)
{
int i, slot = -1;
switch(slotType){
case ATMEL_SLOT_ENCKEY:
slot = 4;
break;
case ATMEL_SLOT_DEVICE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE_ENC:
slot = 4;
break;
case ATMEL_SLOT_ANY:
for(i = 0;i < ATECC_MAX_SLOT;i++){
if(mSlotList[i] == ATECC_INVALID_SLOT){
slot = i;
break;
}
}
}
return slot;
}
/* free slot array */
void my_atmel_free(int slotId)
{
if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
mSlotList[slotId] = ATECC_INVALID_SLOT;
}
}
#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
/* for FreeRTOS */
void app_main(void)
{
int stack_start = 0;
esp_err_t ret = 0;
ESP_LOGI(TAG, "---------------- wolfSSL TLS Server Example ------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
#ifdef ESP_TASK_MAIN_STACK
ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
#endif
#ifdef TASK_EXTRA_STACK_SIZE
ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
#endif
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
CONFIG_ESP_MAIN_TASK_STACK_SIZE,
(int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
/* Returns the high water mark of the stack associated with xTask. That is,
* the minimum free stack space there has been (in bytes not words, unlike
* vanilla FreeRTOS) since the task started. The smaller the returned
* number the closer the task has come to overflowing its stack.
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
*/
stack_start = uxTaskGetStackHighWaterMark(NULL);
ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
#endif
#ifdef HAVE_VERSION_EXTENDED_INFO
esp_ShowExtendedSystemInfo();
#endif
/* Set time for cert validation.
* Some lwIP APIs, including SNTP functions, are not thread safe. */
ret = set_time(); /* need to setup NTP before WiFi */
/* Optionally erase flash */
/* ESP_ERROR_CHECK(nvs_flash_erase()); */
#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
ESP_ERROR_CHECK(nvs_flash_init());
#if defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
#else
#ifdef CONFIG_EXAMPLE_WIFI_SSID
if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
ESP_LOGW(TAG, " Do you have a WiFi AP called myssid, or ");
ESP_LOGW(TAG, " did you forget the ESP-IDF configuration?");
}
#else
#define CONFIG_EXAMPLE_WIFI_SSID "myssid"
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
#endif
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());
ESP_ERROR_CHECK(example_connect());
#endif
#else
ESP_ERROR_CHECK(nvs_flash_init());
/* Initialize NVS */
ret = nvs_flash_init();
if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
ESP_ERROR_CHECK(nvs_flash_erase());
ret = nvs_flash_init();
}
ESP_ERROR_CHECK(ret);
#if defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
#else
/* Initialize WiFi */
ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
ret = wifi_init_sta();
while (ret != 0) {
ESP_LOGI(TAG, "Waiting...");
vTaskDelay(60000 / portTICK_PERIOD_MS);
ESP_LOGI(TAG, "Trying WiFi again...");
ret = wifi_init_sta();
}
#endif
#endif
/* Once we are connected to the network, start & wait for NTP time */
ret = set_time_wait_for_ntp();
if (ret < -1) {
/* a value of -1 means there was no NTP server, so no need to wait */
ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
esp_show_current_datetime();
}
/* HWM is maximum amount of stack space that has been unused, in bytes
* not words (unlike vanilla freeRTOS). */
ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
CONFIG_ESP_MAIN_TASK_STACK_SIZE
- (uxTaskGetStackHighWaterMark(NULL))
);
ESP_LOGI(TAG, "Starting TLS Server...\n");
#if defined(SINGLE_THREADED)
/* just call the task */
tls_smp_server_task((void*)NULL);
#else
tls_args args[1] = {0};
/* start a thread with the task */
tls_smp_server_init(args); /* NULL will use the DEFAULT_PORT value */
#endif
/* done */
while (1) {
ESP_LOGV(TAG, "\n\nLoop...\n\n");
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack delta: %d\n", stack_start
- uxTaskGetStackHighWaterMark(NULL));
#endif
#if defined(SINGLE_THREADED)
ESP_LOGV(TAG, "\n\nDone!\n\n");
while (1);
#else
vTaskDelay(60000);
ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
vTaskDelete(NULL);
#endif
} /* done whle */
} /* app_main */

347
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
View File

@@ -1,4 +1,4 @@
/* server-tls-callback.c
/* server-tls.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,122 +18,121 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* the usual suspects */
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include "server-tls.h"
/* Espressif FreeRTOS */
#ifndef SINGLE_THREADED
#include <freertos/FreeRTOS.h>
#include <freertos/task.h>
#include <freertos/event_groups.h>
#endif
/* socket includes */
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
#include <lwip/netdb.h>
#include <lwip/sockets.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include "user_settings.h"
#include <wolfssl/ssl.h>
#include <wolfssl/certs_test.h>
/* ESP specific */
#include "wifi_connect.h"
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
static const char* const TAG = "tls_server";
#if defined(DEBUG_WOLFSSL)
static void ShowCiphers(void)
{
char ciphers[4096];
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
if (ret == WOLFSSL_SUCCESS)
printf("%s\n", ciphers);
}
#ifndef NO_DH
/* see also wolfssl/test.h */
#undef DEFAULT_MIN_DHKEY_BITS
#define DEFAULT_MIN_DHKEY_BITS 1024
#undef DEFAULT_MAX_DHKEY_BITS
#define DEFAULT_MAX_DHKEY_BITS 2048
#endif
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#else
#include <wolfssl/certs_test.h>
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
/* Project */
#include "wifi_connect.h"
#include "time_helper.h"
/* when you want to use a custom slot allocation */
/* enable the definition CUSTOM_SLOT_ALLOCATION. */
#if defined(CUSTOM_SLOT_ALLOCATION)
static const char* const TAG = "server-tls";
int stack_start = -1;
static byte mSlotList[ATECC_MAX_SLOT];
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
/* initialize slot array */
void my_atmel_slotInit()
int ShowCiphers(WOLFSSL* ssl)
{
int i;
#define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
const char* cipher_used;
int ret = 0;
for(i=0;i<ATECC_MAX_SLOT; i++) {
mSlotList[i] = ATECC_INVALID_SLOT;
if (ssl == NULL) {
ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
if (ret == WOLFSSL_SUCCESS) {
for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
if (ciphers[i] == ':') {
ciphers[i] = '\n';
}
}
ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
}
else {
ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error: %d", ret);
}
}
else {
cipher_used = wolfSSL_get_cipher_name(ssl);
ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
}
/* allocate slot depending on slotType */
int my_atmel_alloc(int slotType)
return ret;
}
/* FreeRTOS */
/* server task */
WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
{
int i, slot = -1;
#if defined(SINGLE_THREADED)
#define TLS_SMP_SERVER_TASK_RET ret
#else
#define TLS_SMP_SERVER_TASK_RET
#endif
char buff[256];
const char msg[] = "I hear you fa shizzle!";
switch(slotType){
case ATMEL_SLOT_ENCKEY:
slot = 4;
break;
case ATMEL_SLOT_DEVICE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE:
slot = 0;
break;
case ATMEL_SLOT_ECDHE_ENC:
slot = 4;
break;
case ATMEL_SLOT_ANY:
for(i=0;i<ATECC_MAX_SLOT;i++){
if(mSlotList[i] == ATECC_INVALID_SLOT){
slot = i;
break;
}
}
}
return slot;
}
/* free slot array */
void my_atmel_free(int slotId)
{
if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
mSlotList[slotId] = ATECC_INVALID_SLOT;
}
}
#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
void tls_smp_server_task()
{
int sockfd;
int connd;
struct sockaddr_in servAddr;
struct sockaddr_in clientAddr;
socklen_t size = sizeof(clientAddr);
char buff[256];
size_t len;
int sockfd;
int connd;
int shutdown = 0;
int ret;
const char msg[] = "I hear you fa shizzle!";
socklen_t size = sizeof(clientAddr);
size_t len;
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
@@ -142,9 +141,8 @@ void tls_smp_server_task()
WOLFSSL_ENTER("tls_smp_server_task");
#ifdef DEBUG_WOLFSSL
WOLFSSL_MSG("Debug ON");
wolfSSL_Debugging_ON();
ShowCiphers();
ShowCiphers(NULL);
#endif
/* Initialize wolfSSL */
@@ -161,9 +159,99 @@ void tls_smp_server_task()
/* Create and initialize WOLFSSL_CTX */
WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
// ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); /* only TLS 1.3 */
if (ctx == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
}
#else
/* TODO remove duplicate */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
}
#endif
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
ESP_LOGI(TAG, "Start SM3\n");
/* Optional set explicit ciphers
ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
if (ret == SSL_SUCCESS) {
ESP_LOGI(TAG, "Set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
}
else {
ESP_LOGE(TAG, "ERROR: failed to set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
}
*/
ShowCiphers(NULL);
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
WOLFSSL_MSG("Loading certificate...");
/* -c Load server certificates into WOLFSSL_CTX */
ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
CTX_SERVER_CERT,
CTX_SERVER_CERT_SIZE,
CTX_SERVER_CERT_TYPE
);
/* optional wolfSSL_CTX_use_certificate_buffer
ret = wolfSSL_CTX_use_certificate_buffer(ctx,
server_sm2,
sizeof_server_sm2,
WOLFSSL_FILETYPE_PEM);
*/
if (ret == SSL_SUCCESS) {
ESP_LOGI(TAG, "Loaded server_sm2\n");
}
else {
ESP_LOGE(TAG, "ERROR: failed to load cert\n");
}
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
#ifndef NO_DH
#define DEFAULT_MIN_DHKEY_BITS 1024
#define DEFAULT_MAX_DHKEY_BITS 2048
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
#endif
#ifndef NO_RSA
#define DEFAULT_MIN_RSAKEY_BITS 1024
short minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
ret = wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits);
#endif
WOLFSSL_MSG("Loading key info...");
/* -k Load server key into WOLFSSL_CTX */
ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
CTX_SERVER_KEY,
CTX_SERVER_KEY_SIZE,
CTX_SERVER_KEY_TYPE);
if (ret == SSL_SUCCESS) {
ESP_LOGI(TAG, "Loaded PrivateKey_buffer server_sm2_priv\n");
}
else {
ESP_LOGE(TAG, "ERROR: failed to load "
"PrivateKey_buffer server_sm2_priv\n");
}
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
/* -A load authority */
ret = wolfSSL_CTX_load_verify_buffer(ctx,
client_sm2,
sizeof_client_sm2,
WOLFSSL_FILETYPE_PEM);
if (ret == SSL_SUCCESS) {
ESP_LOGI(TAG, "Success: load verify buffer\n");
}
else {
ESP_LOGE(TAG, "ERROR: failed to load verify buffer\n");
}
ESP_LOGI(TAG, "Finish SM2\n");
#else
WOLFSSL_MSG("Loading certificate...");
/* Load server certificates into WOLFSSL_CTX */
@@ -181,14 +269,17 @@ void tls_smp_server_task()
ESP_LOGE(TAG, "ERROR: failed to load privatekey");
}
/* TO DO when using ECDSA, it loads the provisioned certificate and present it.*/
/* TO DO when using ECDSA, it uses the generated key instead of loading key */
#endif
/* TODO when using ECDSA,it loads the provisioned certificate and present it.
TODO when using ECDSA,it uses the generated key instead of loading key */
/* Initialize the server address struct with zeros */
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
servAddr.sin_port = htons(TLS_SMP_DEFAULT_PORT); /* on port */
servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */
/* Bind the server socket to our port */
@@ -210,11 +301,15 @@ void tls_smp_server_task()
atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
#endif
#endif
ESP_LOGI(TAG, "accept clients...");
/* Continue to accept clients until shutdown is issued */
while (!shutdown) {
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
WOLFSSL_MSG("Waiting for a connection...");
/* Accept client connections */
wifi_show_ip();
/* Accept client socket connections */
if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
== -1) {
ESP_LOGE(TAG, "ERROR: failed to accept the connection");
@@ -223,20 +318,33 @@ void tls_smp_server_task()
if ((ssl = wolfSSL_new(ctx)) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
}
/* show what cipher connected for this WOLFSSL* object */
ShowCiphers(ssl);
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, connd);
/* Establish TLS connection */
ret = wolfSSL_accept(ssl);
if (ret != SSL_SUCCESS) {
ESP_LOGE(TAG, "wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
if (ret == SSL_SUCCESS) {
ShowCiphers(ssl);
}
else {
ESP_LOGE(TAG, "wolfSSL_accept error %d",
wolfSSL_get_error(ssl, ret));
}
WOLFSSL_MSG("Client connected successfully");
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
/* Read the client data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
ESP_LOGE(TAG, "ERROR: failed to read");
}
/* Print to stdout any data the client sends */
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
WOLFSSL_MSG("Client sends:");
WOLFSSL_MSG(buff);
/* Check for server shutdown command */
@@ -257,11 +365,54 @@ void tls_smp_server_task()
close(connd); /* Close the connection to the client */
}
/* Cleanup and return */
wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the socket listening for clients */
vTaskDelete(NULL);
return; /* Return reporting a success */
return TLS_SMP_SERVER_TASK_RET;
}
#if defined(SINGLE_THREADED)
/* we don't initialize a thread */
#else
/* create task */
WOLFSSL_ESP_TASK tls_smp_server_init(void* args)
{
#if defined(SINGLE_THREADED)
#define TLS_SMP_CLIENT_TASK_RET ret
#else
#define TLS_SMP_CLIENT_TASK_RET
#endif
int thisPort = 0;
int ret_i = 0; /* interim return result */
if (thisPort == 0) {
thisPort = TLS_SMP_DEFAULT_PORT;
}
#if ESP_IDF_VERSION_MAJOR >= 4
TaskHandle_t _handle;
#else
xTaskHandle _handle;
#endif
/* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
ESP_LOGI(TAG, "Creating tls_smp_server_task with stack size = %d",
TLS_SMP_SERVER_TASK_WORDS);
ret_i = xTaskCreate(tls_smp_server_task,
TLS_SMP_SERVER_TASK_NAME,
TLS_SMP_SERVER_TASK_WORDS, /* not bytes! */
(void*)&thisPort,
TLS_SMP_SERVER_TASK_PRIORITY,
&_handle);
if (ret_i != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
}
/* vTaskStartScheduler(); // called automatically in ESP-IDF */
return TLS_SMP_CLIENT_TASK_RET;
}
#endif

333
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c Normal file
View File

@@ -0,0 +1,333 @@
/* time_helper.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* common Espressif time_helper v5.6.3.002 */
#include "sdkconfig.h"
#include "time_helper.h"
#include <esp_log.h>
#include <esp_idf_version.h>
#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
#define HAS_ESP_NETIF_SNTP 1
#include <lwip/apps/sntp.h>
#include <esp_netif_sntp.h>
#else
#include <string.h>
#include <esp_sntp.h>
#endif
#else
/* TODO Consider pre IDF v5? */
#endif
/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
* See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
*/
const static char* TAG = "time_helper";
/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
#ifndef TIME_ZONE
/*
* PST represents Pacific Standard Time.
* +8 specifies the offset from UTC (Coordinated Universal Time), indicating
* that Pacific Time is UTC-8 during standard time.
* PDT represents Pacific Daylight Time.
* M3.2.0 indicates that Daylight Saving Time (DST) starts on the
* second (2) Sunday (0) of March (3).
* M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
*/
#define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
#endif /* not defined: TIME_ZONE, so we are setting our own */
#define NTP_RETRY_COUNT 10
/* NELEMS(x) number of elements
* To determine the number of elements in the array, we can divide the total
* size of the array by the size of the array element.
* See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
**/
#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
#define NTP_SERVER_LIST ( (char*[]) { \
"pool.ntp.org", \
"time.nist.gov", \
"utcnist.colorado.edu" \
} \
)
/* #define NTP_SERVER_COUNT using NELEMS:
*
* (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
*/
#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
/* We should find max value in sdkconfig, if not set it to our count:*/
#define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
#endif
char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
/* our NTP server list is global info */
extern char* ntpServerList[NTP_SERVER_COUNT];
/* Show the current date and time */
int esp_show_current_datetime()
{
time_t now;
char strftime_buf[64];
struct tm timeinfo;
time(&now);
setenv("TZ", TIME_ZONE, 1);
tzset();
localtime_r(&now, &timeinfo);
strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
return 0;
}
/* the worst-case scenario is a hard-coded date/time */
int set_fixed_default_time(void)
{
/* ideally, we'd like to set time from network,
* but let's set a default time, just in case */
struct tm timeinfo = {
.tm_year = 2023 - 1900,
.tm_mon = 10,
.tm_mday = 02,
.tm_hour = 13,
.tm_min = 01,
.tm_sec = 05
};
struct timeval now;
time_t interim_time;
int ret = -1;
/* set interim static time */
interim_time = mktime(&timeinfo);
ESP_LOGI(TAG, "Adjusting time from fixed value");
now = (struct timeval){ .tv_sec = interim_time };
ret = settimeofday(&now, NULL);
return ret;
}
/* set_time_from_string(s)
*
* returns 0 = success if able to set the time from the provided string
* error for any other value, typically -1 */
int set_time_from_string(char* time_buffer)
{
/* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
const char *format = "%3s %3s %d %d:%d:%d %d %s";
struct tm this_timeinfo;
struct timeval now;
time_t interim_time;
char offset[6]; /* expecting trailing single quote, not used */
char day_str[4];
char month_str[4];
int day, year, hour, minute, second;
int quote_offset = 0;
int ret = 0;
/* we are expecting the string to be encapsulated in single quotes */
if (*time_buffer == 0x27) {
quote_offset = 1;
}
ret = sscanf(time_buffer + quote_offset,
format,
day_str, month_str,
&day, &hour, &minute, &second, &year, &offset);
if (ret == 8) {
/* we found a match for all componets */
const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
for (int i = 0; i < 12; i++) {
if (strcmp(month_str, months[i]) == 0) {
this_timeinfo.tm_mon = i;
break;
}
}
this_timeinfo.tm_mday = day;
this_timeinfo.tm_hour = hour;
this_timeinfo.tm_min = minute;
this_timeinfo.tm_sec = second;
this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
interim_time = mktime(&this_timeinfo);
now = (struct timeval){ .tv_sec = interim_time };
ret = settimeofday(&now, NULL);
ESP_LOGI(TAG, "Time updated to %s", time_buffer);
}
else {
ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
set_fixed_default_time();
ret = -1;
}
return ret;
}
/* set time; returns 0 if succecssfully configured with NTP */
int set_time(void)
{
#ifndef NTP_SERVER_COUNT
ESP_LOGW(TAG, "Warning: no sntp server names defined. "
"Setting to empty list");
#define NTP_SERVER_COUNT 0
#warning "NTP not properly configured"
#endif /* not defined: NTP_SERVER_COUNT */
#ifdef HAS_ESP_NETIF_SNTP
#if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
NTP_SERVER_COUNT,
ESP_SNTP_SERVER_LIST(ntpServerList[0])
);
#else
esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
#endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
#endif /* HAS_ESP_NETIF_SNTP */
int ret = 0;
int i = 0; /* counter for time servers */
ESP_LOGI(TAG, "Setting the time. Startup time:");
esp_show_current_datetime();
#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
/* initialy set a default approximate time from recent git commit */
ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
esp_show_current_datetime();
ret = -4;
#else
/* otherwise set a fixed time that was hard coded */
set_fixed_default_time();
ret = -3;
#endif
#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
config.smooth_sync = true;
#endif
if (NTP_SERVER_COUNT) {
/* next, let's setup NTP time servers
*
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
*
* WARNING: do not set operating mode while SNTP client is running!
*/
/* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL); */
sntp_setoperatingmode(SNTP_OPMODE_POLL);
if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
"CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
}
ESP_LOGI(TAG, "sntp_setservername:");
for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
const char* thisServer = ntpServerList[i];
if (strncmp(thisServer, "\x00", 1) == 0) {
/* just in case we run out of NTP servers */
break;
}
ESP_LOGI(TAG, "%s", thisServer);
sntp_setservername(i, thisServer);
}
#ifdef HAS_ESP_NETIF_SNTP
ret = esp_netif_sntp_init(&config);
#else
ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
"of updated SNTP libraries");
#endif
if (ret == ESP_OK) {
ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
}
else {
ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
}
sntp_init();
switch (ret) {
case ESP_ERR_INVALID_STATE:
break;
default:
break;
}
ESP_LOGI(TAG, "sntp_init done.");
}
else {
ESP_LOGW(TAG, "No sntp time servers found.");
ret = -1;
}
return ret;
}
/* wait for NTP to actually set the time */
int set_time_wait_for_ntp(void)
{
int ret = 0;
#ifdef HAS_ESP_NETIF_SNTP
int ntp_retry = 0;
const int ntp_retry_count = NTP_RETRY_COUNT;
ret = esp_netif_sntp_start();
ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
#endif /* HAS_ESP_NETIF_SNTP */
esp_show_current_datetime();
#ifdef HAS_ESP_NETIF_SNTP
while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
ntp_retry,
ntp_retry_count);
esp_show_current_datetime();
}
#endif /* HAS_ESP_NETIF_SNTP */
#ifdef TIME_ZONE
setenv("TZ", TIME_ZONE, 1);
tzset();
#endif
if (ret == ESP_OK) {
ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
}
else {
ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
"result = 0x%0x: %s",
ret, esp_err_to_name(ret));
}
return ret;
}

332
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
View File

@@ -18,92 +18,51 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*ESP specific */
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "wifi_connect.h"
#include "lwip/sockets.h"
#include "lwip/netdb.h"
#include "lwip/apps/sntp.h"
#include "nvs_flash.h"
#include <freertos/FreeRTOS.h>
#include <freertos/task.h>
#include <freertos/event_groups.h>
#include <esp_wifi.h>
#include <esp_log.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
#if ESP_IDF_VERSION_MAJOR >= 5
#elif ESP_IDF_VERSION_MAJOR >= 4
#include "protocol_examples_common.h"
#else
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
/* prefix for logging */
const static char *TAG = "tls_server";
/* proto-type definition */
extern void tls_smp_server_task();
static void tls_smp_server_init();
static void set_time()
{
/* set dummy wallclock time. */
struct timeval utctime;
struct timezone tz;
struct strftime_buf;
time_t now;
struct tm timeinfo;
char strftime_buf[64];
/* please update the time if seeing unknown failure when loading cert. */
/* this could cause TLS communication failure due to time expiration */
/* increasing 31536000 seconds is close to spanning 356 days. */
utctime.tv_sec = 1695513105; /* dummy time: Sat Sep 23 17:05:31 PDT 2023 */
utctime.tv_usec = 0;
tz.tz_minuteswest = 0;
tz.tz_dsttime = 0;
settimeofday(&utctime, &tz);
time(&now);
localtime_r(&now, &timeinfo);
strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
#if ESP_IDF_VERSION_MAJOR < 4
/* wait until wifi connect */
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY);
#endif
/* now we start client tasks. */
tls_smp_server_init();
}
/* create task */
static void tls_smp_server_init(void)
{
int ret;
#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if ESP_IDF_VERSION_MAJOR >= 4
TaskHandle_t _handle;
/* likely using examples, see wifi_connect.h */
#else
xTaskHandle _handle;
/* TODO - still supporting pre V4 ? */
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
#if (ESP_IDF_VERSION_MAJOR == 5)
#define HAS_WPA3_FEATURES
#else
#undef HAS_WPA3_FEATURES
#endif
#else
/* TODO Consider pre IDF v5? */
#endif
/* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
ret = xTaskCreate(tls_smp_server_task,
TLS_SMP_SERVER_TASK_NAME,
TLS_SMP_SERVER_TASK_WORDS,
NULL,
TLS_SMP_SERVER_TASK_PRIORITY,
&_handle);
if (ret != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
}
}
/* breadcrumb prefix for logging */
const static char *TAG = "wifi_connect";
#if ESP_IDF_VERSION_MAJOR < 4
/* event handler for wifi events */
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -133,97 +92,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
}
return ESP_OK;
}
#else
#ifdef CONFIG_ESP_MAXIMUM_RETRY
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#else
#define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
/* entry point */
void app_main(void)
#if CONFIG_ESP_WIFI_AUTH_OPEN
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
#elif CONFIG_ESP_WIFI_AUTH_WEP
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
#endif
#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
#define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#endif
/* FreeRTOS event group to signal when we are connected*/
static EventGroupHandle_t s_wifi_event_group;
/* The event group allows multiple bits for each event, but we only care about two events:
* - we are connected to the AP with an IP
* - we failed to connect after the maximum amount of retries */
#define WIFI_CONNECTED_BIT BIT0
#define WIFI_FAIL_BIT BIT1
static int s_retry_num = 0;
ip_event_got_ip_t* event;
static void event_handler(void* arg,
esp_event_base_t event_base,
int32_t event_id,
void* event_data)
{
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
esp_wifi_connect();
}
else if (event_base == WIFI_EVENT &&
event_id == WIFI_EVENT_STA_DISCONNECTED) {
if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
esp_wifi_connect();
s_retry_num++;
ESP_LOGI(TAG, "retry to connect to the AP");
}
else {
xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
}
ESP_LOGI(TAG, "connect to the AP fail");
}
else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
event = (ip_event_got_ip_t*) event_data;
wifi_show_ip();
s_retry_num = 0;
xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
}
}
#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
ESP_LOGI(TAG, "");
ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
ESP_LOGI(TAG, "");
#endif
int wifi_init_sta(void)
{
int ret = ESP_OK;
#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
#endif
s_wifi_event_group = xEventGroupCreate();
#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
#endif
ESP_ERROR_CHECK(esp_netif_init());
#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32C3)
/* not available for C3 at this time */
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
ESP_ERROR_CHECK(nvs_flash_init());
ESP_LOGI(TAG, "Initialize wifi");
/* TCP/IP adapter initialization */
#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
(ESP_IDF_VERSION_MAJOR >= 5)
esp_netif_init();
#else
tcpip_adapter_init();
#endif
/* */
#if ESP_IDF_VERSION_MAJOR >= 4
ESP_ERROR_CHECK(esp_event_loop_create_default());
/* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
* Read "Establishing Wi-Fi or Ethernet Connection" section in
* examples/protocols/README.md for more information about this function.
*/
ESP_ERROR_CHECK(example_connect());
#else
wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
esp_netif_create_default_wifi_sta();
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
esp_event_handler_instance_t instance_any_id;
esp_event_handler_instance_t instance_got_ip;
ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
ESP_EVENT_ANY_ID,
&event_handler,
NULL,
&instance_any_id));
ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
IP_EVENT_STA_GOT_IP,
&event_handler,
NULL,
&instance_got_ip));
wifi_config_t wifi_config = {
.sta = {
.ssid = TLS_SMP_WIFI_SSID,
.password = TLS_SMP_WIFI_PASS,
.ssid = EXAMPLE_ESP_WIFI_SSID,
.password = EXAMPLE_ESP_WIFI_PASS,
/* Authmode threshold resets to WPA2 as default if password matches
* WPA2 standards (pasword len => 8). If you want to connect the
* device to deprecated WEP/WPA networks, Please set the threshold
* value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
* length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
* standards. */
.threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
#ifdef HAS_WPA3_FEATURES
.sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
#endif
},
};
/* WiFi station mode */
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
/* Wifi Set the configuration of the ESP32 STA or AP */
ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
/* Start Wifi */
ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
#ifdef CONFIG_EXAMPLE_WIFI_SSID
if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
ESP_LOGW(TAG, " Do you have a WiFi AP called \"myssid\", ");
ESP_LOGW(TAG, " or did you forget the ESP-IDF configuration?");
}
#else
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
#endif
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished.");
ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
#endif
ESP_LOGI(TAG, "Set dummy time...");
set_time();
/* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
* or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
* The bits are set by event_handler() (see above) */
EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
pdFALSE,
pdFALSE,
portMAX_DELAY);
/* xEventGroupWaitBits() returns the bits before the call returned,
* hence we can test which event actually happened. */
#if defined(SHOW_SSID_AND_PASSWORD)
ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else {
ESP_LOGE(TAG, "UNEXPECTED EVENT");
}
#else
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "Connected to AP");
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to AP");
ret = -1;
}
else {
ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
ret = -2;
}
#endif
return ret;
}
int wifi_show_ip(void)
{
/* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
return 0;
}
#endif

31
IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv Normal file
View File

@@ -0,0 +1,31 @@
# to view: idf.py partition-table
#
# ESP-IDF Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs, data, nvs, 0x9000, 24K,
phy_init,data, phy, 0xf000, 4K,
factory, app, factory, 0x10000, 1500K,
# For other settings, see:
# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
#
# Here is the summary printed for the "Single factory app, no OTA" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x6000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
#
#
# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
#
# # ESP-IDF Partition Table
# # Name, Type, SubType, Offset, Size, Flags
# nvs, data, nvs, 0x9000, 0x4000,
# otadata, data, ota, 0xd000, 0x2000,
# phy_init, data, phy, 0xf000, 0x1000,
# factory, app, factory, 0x10000, 1M,
# ota_0, app, ota_0, 0x110000, 1M,
# ota_1, app, ota_1, 0x210000, 1M,
Can't render this file because it contains an unexpected character in line 13 and column 39.

69
IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
View File

@@ -1,12 +1,79 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
cmake_minimum_required(VERSION 3.16)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
set(COMPONENTS
main
wolfssl
# cryptoauthlib
) # set components
project(wolfssl_test)

32
IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
View File

@@ -1,6 +1,27 @@
# wolfSSL Crypt Test Example
The Example contains of wolfSSL test program.
This is the ESP32 Version of the [wolfSSL wolfcrypt test application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/test).
<!-- This file is included in the ESP Registry. There should be no relative URL links. -->
## ESP Registry
The easiest way to get started with wolfSSL is by using the
[ESP Registry](https://components.espressif.com/components/wolfssl/wolfssl/) examples.
```
. ~/esp/esp-idf/export.sh
idf.py create-project-from-example "wolfssl/wolfssl^5.6.0-stable:wolfssl_test"
cd wolfssl_benchmark
idf.py -b 115200 flash monitor
```
## VisualGDB
Open the VisualGDB Visual Studio Project file in the [VisualGDB directory]() and click the "Start" button.
No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -20,9 +41,10 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
Example build on WSL, assuming `git clone` from `c:\workspace`:
```
# Optionally install wolfSSL component
# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
./setup.sh
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
# switch to test example
cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
@@ -49,7 +71,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
ets Jun 8 2016 00:22:57

156
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
View File

@@ -19,7 +19,7 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.0.009 for FIND_WOLFSSL_DIRECTORY
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@@ -50,9 +50,9 @@ message(STATUS "THIS_USER = ${THIS_USER}")
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of wolfSSL:
# set the root of wolfSSL in top-level project CMakelists.txt:
# set(WOLFSSL_ROOT "C:/some path/with/spaces")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-gojimmypi")
# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
# or assume this is an example 7 subdirectories below:
@@ -177,136 +177,30 @@ else()
"Try setting WOLFSSL_ROOT environment variable or git clone.")
endif()
if( 0 )
# Check to see if we're already in wolfssl, and only if WOLFSSL_ROOT not specified
if ("${WOLFSSL_ROOT}" STREQUAL "")
# wolfssl examples are 7 directories deep from wolfssl repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in wolfssl examples!
get_filename_component(WOLFSSL_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using wolfSSL example with root ${WOLFSSL_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for wolfssl. (8 directories up, then down one)
#
# For example wolfSSL examples:
# C:\workspace\wolfssl-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssl_benchmark\components\wolfssl
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssl
#
# 1 2 3 4 5 6 7 8
set(THIS_RELATIVE_PATH "../../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
endif()
endif()
# search other possible locations
if ("${WOLFSSL_ROOT}" STREQUAL "")
# there's not a hard-coded WOLFSSL_ROOT value above, so let's see if we can find it.
if( "$ENV{WOLFSSL_ROOT}" STREQUAL "" )
message(STATUS "Environment Variable WOLFSSL_ROOT not set. Will search common locations.")
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
message(STATUS "could not find USER or USERNAME")
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USERNAME}")
endif()
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USER}")
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the wolfssl component, and other
# components that may depend on wolfssl, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssl repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "wolfssl" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for wolfssl will be in a user-clone called "wolfssl-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssl-${THIS_USER} directory.")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl-${THIS_USER}" ABSOLUTE)
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in user-suffix ${WOLFSSL_ROOT}")
else()
# If there's not a user-clone called "wolfssl-[username]",
# perhaps there's simply a git clone called "wolfssl"?
message(STATUS "Did not find wolfssl-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSL_ROOT "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "Found wolfssl in standard ${WOLFSSL_ROOT}")
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find wolfssl in ${WOLFSSL_ROOT}")
endif()
endif()
endif()
else()
# there's an environment variable, so use it.
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}")
if( EXISTS "${WOLFSSL_ROOT}" )
get_filename_component(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
# end of search for wolfssl component root
else()
# There's already a value assigned; we won't search for anything else.
message(STATUS "Found user-specified WOLFSSL_ROOT value.")
endif() # WOLFSSL_ROOT user defined
# After all the logic above, does our WOLFSSL_ROOT actually exist?
if( EXISTS "${WOLFSSL_ROOT}" )
message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
else()
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}. Try setting environment variable or git clone.")
endif()
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
"\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -405,7 +299,12 @@ endif()
# next check if there's a [root]/include/config.h
if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
message(FATAL_ERROR "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h")
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
message(STATUS "******************************************************************************")
message(STATUS "******************************************************************************")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
@@ -488,6 +387,14 @@ endif()
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${EXCLUDE_ASM}\""
)
@@ -532,6 +439,7 @@ endif()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION

354
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
View File

@@ -19,23 +19,21 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
*/
#include <sdkconfig.h>
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -45,10 +43,22 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
/* #define DEBUG_WOLFSSL_VERBOSE */
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
@@ -61,22 +71,41 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
@@ -97,20 +126,28 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* RSA primitive specific definition */
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#define EPS_RSA_EXPT_XBTIS 36
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#define ESP_RSA_MULM_BITS 2000
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
#define RSA_LOW_MEM
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -123,46 +160,291 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
/* hash limit for test.c */
#define HASH_SIZE_LIMIT
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/* #define WOLFSSL_SP_RISCV32 */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* when you want not to use HW acceleration on ESP32 (below for S3, etc */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
/* ESP32-S2 disabled by default; not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* when you want not to use HW acceleration on ESP32-S3 */
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* ESP32-C3 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* ESP32-C6 disabled by default, not implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* ESP32-H2 disabled by default, not implemented */
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8684)
/* There's no Hardware Acceleration available on ESP8684 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP8684 *****/
#else
/* anything else unknown will have HW disabled by default */
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
/* Pause in a loop rather than exit. */
#define WOLFSSL_ESPIDF_ERROR_PAUSE
#define WOLFSSL_HW_METRICS
/* for test.c */
/* #define HASH_SIZE_LIMIT */
/* Optionally turn off HW math checks */
/* #define NO_HW_MATH_TEST */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
/* See settings.h for some of the possible hardening options:
*
* #define NO_ESPIDF_DEFAULT
* #define WC_NO_CACHE_RESISTANT
* #define WC_AES_BITSLICED
* #define HAVE_AES_ECB
* #define HAVE_AES_DIRECT
*/

5
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
View File

@@ -1,4 +1,3 @@
#
# wolfssl crypt test
#
@@ -23,7 +22,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
register_component()
idf_component_register(SRCS main.c
INCLUDE_DIRS "."
"./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)

24
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h Normal file
View File

@@ -0,0 +1,24 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _MAIN_H_
#define _MAIN_H_
#endif

32
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _TIME_HELPER_H
#ifdef __cplusplus
extern "C" {
#endif
int set_time(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef _TIME_HELPER_H */

101
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
View File

@@ -27,11 +27,14 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user settings. Check components/wolfssl/include"
#endif
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
/*
** the wolfssl component can be installed in either:
@@ -59,7 +62,6 @@
/* see wolfssl/wolfcrypt/test/test.h */
extern void wolf_crypt_task();
static const char* const TAG = "wolfssl_test";
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
@@ -123,65 +125,80 @@ void my_atmel_free(int slotId)
#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
/* entry point */
void app_main(void)
{
int rc = 0;
int stack_start = 0;
esp_err_t ret = 0;
ESP_LOGI(TAG, "------------------ wolfSSL Test Example ----------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
#ifdef ESP_TASK_MAIN_STACK
ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
#endif
#ifdef TASK_EXTRA_STACK_SIZE
ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
#endif
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
CONFIG_ESP_MAIN_TASK_STACK_SIZE,
(int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
/* Returns the high water mark of the stack associated with xTask. That is,
* the minimum free stack space there has been (in bytes not words, unlike
* vanilla FreeRTOS) since the task started. The smaller the returned
* number the closer the task has come to overflowing its stack.
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
*/
stack_start = uxTaskGetStackHighWaterMark(NULL);
ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
#ifdef HAVE_VERSION_EXTENDED_INFO
esp_ShowExtendedSystemInfo();
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32C3)
/* not available for C3 at this time */
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
/* not available for C6 at this time */
#if defined(CONFIG_IDF_TARGET_ESP32)
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
/* not available for other platformas at this time */
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
/* check to see if we are using hardware encryption */
/* check to see if we are using hardware encryption
* TODO: move this to esp_util.c */
#if defined(NO_ESP32_CRYPT)
ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
#else
#if defined(CONFIG_IDF_TARGET_ESP32C3)
#error "ESP32_CRYPT not yet supported on ESP32-C3"
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-C3.");
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#error "ESP32_CRYPT not yet supported on ESP32-S2"
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S2.");
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
/* #error "ESP32_CRYPT not yet supported on ESP32-S3" */
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S3.");
#else
ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
#endif
@@ -191,7 +208,7 @@ void app_main(void)
set_time();
#endif
/* when using atecc608a on esp32-wroom-32se */
/* when using atecc608a on esp32-WROOM-32se */
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
#if defined(CUSTOM_SLOT_ALLOCATION)
@@ -211,24 +228,42 @@ void app_main(void)
/* Although wolfCrypt_Init() may be explicitly called above,
** Note it is still always called in wolf_test_task.
*/
rc = wolf_test_task();
int loops = 0;
do {
#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
esp_hw_show_metrics();
#endif
ret = wolf_test_task();
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "loops = %d", loops);
loops++;
}
while (ret == 0);
ESP_LOGI(TAG, "loops = %d", loops);
/* note wolfCrypt_Cleanup() should always be called when finished.
** This is called at the end of wolf_test_task();
*/
if (rc == 0) {
ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", rc);
if (ret == 0) {
ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", ret);
}
else {
ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", rc);
ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", ret);
/* see wolfssl/wolfcrypt/error-crypt.h */
}
#if defined(DEBUG_WOLFSSL) && !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
esp_hw_show_mp_metrics();
#endif
/* after the test, we'll just wait */
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- (uxTaskGetStackHighWaterMark(NULL) / 4));
- (uxTaskGetStackHighWaterMark(NULL)));
#endif
ESP_LOGI(TAG, "\n\nDone!\n\n"

1
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
View File

@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <string.h>
#include <lwip/apps/sntp.h>

2
IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
View File

@@ -1,3 +1,5 @@
# This tag is used to include this file in the ESP Component Registry:
#
# Default main stack size
#

10
IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
View File

@@ -6,6 +6,12 @@ This IDF version does NOT contain a local component and exists only to test wolf
The recommended configuration is to have only the CMakeLists.txt in the local project components\wolfssl directory. See the [wolfssl_test](../wolfssl_test/README.md) example.
## VisualGDB
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -35,7 +41,7 @@ cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
# build and flash, in this example to COM20
idf.py build flash -p /dev/ttyS20 -b 921600 monitor
idf.py build flash -p /dev/ttyS20 -b 115200 monitor
```
## Example Output
@@ -45,7 +51,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
ets Jun 8 2016 00:22:57

203
IDE/Espressif/ESP-IDF/user_settings.h
View File

@@ -19,23 +19,21 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#undef WOLFSSL_ESPIDF
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP32
#undef WOLFSSL_ESP8266
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
*/
#include <sdkconfig.h>
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
@@ -45,10 +43,22 @@
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#define WOLFSSL_ESP32
/* #define DEBUG_WOLFSSL_VERBOSE */
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* When you don't want to use the old SHA */
/* #define NO_SHA */
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
@@ -61,22 +71,41 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
/* when you want to use SINGLE THREAD */
/* #define SINGLE_THREADED */
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
#define NO_FILESYSTEM
#define NO_OLD_TLS
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
/* #define WOLFSSL_SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
#define HAVE_ED25519 /* ED25519 requires SHA512 */
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
/* Optional OPENSSL compatibility *
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
@@ -101,9 +130,10 @@
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
/* threshold for performance adjustment for HW primitive use */
/* NOTE HW unreliable for small values on older original ESP32!*/
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
@@ -114,10 +144,10 @@
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* debug options */
/* #define DEBUG_WOLFSSL */
/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@@ -130,6 +160,58 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#define HASH_SIZE_LIMIT /* for test.c */
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
/*
#undef WOLFSSL_KEY_GEN
#undef WOLFSSL_CERT_REQ
#undef WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_EXT
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
@@ -145,7 +227,7 @@
/* These are defined automatically in esp32-crypt.h, here for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
/* end CONFIG_IDF_TARGET_ESP32 */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
/***** END CONFIG_IDF_TARGET_ESP32 *****/
@@ -174,8 +256,34 @@
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/***** END CONFIG_IDF_TARGET_ESP32S3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
* to both ESP32-C2 and ESP8684.
*
* See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
/* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
/* These are defined automatically in esp32-crypt.h, here for clarity */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
#define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
/* There's no AES or RSA/Math accelerator on the ESP32-C2
* Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
@@ -215,6 +323,13 @@
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#else
/* Anything else encountered, disable HW accleration */
#define NO_ESP32_CRYPT
@@ -223,6 +338,60 @@
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
*/
#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
#define WOLFSSL_HW_METRICS
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
* will need the name of the library in the idf_component_register
* for the PRIV_REQUIRES list. */
/* #define INCLUDE_ALT_HW_TEST */
/* optionally turn off individual math HW acceleration features */
/* Turn off Large Number ESP32 HW Multiplication:
** [Z = X * Y] in esp_mp_mul() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
/* Turn off Large Number ESP32 HW Modular Exponentiation:
** [Z = X^Y mod M] in esp_mp_exptmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
/* Turn off Large Number ESP32 HW Modular Multiplication
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
#define HAVE_PK_CALLBACKS
#define WOLFSSL_ATECC508A
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
#define WOLFSSL_SM2
#define WOLFSSL_SM3

93
IDE/Espressif/include.am
View File

@@ -6,6 +6,8 @@
# distribution file set will not contain GitHub info
#
# see: https://github.com/wolfSSL/wolfssl/pull/5955
#
# Don't list any config.h files here
EXTRA_DIST+= IDE/Espressif/ESP-IDF/compileAllExamples.sh
EXTRA_DIST+= IDE/Espressif/ESP-IDF/dummy_config_h
@@ -19,30 +21,43 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/user_settings.h
# Template
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
# Benchmark
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.sln
@@ -54,47 +69,91 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_
# TLS Client
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
# TLS Server
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
# wolfSSL Test
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32C3.sln