diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c index 8778b5454..bb5582c56 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c @@ -163,6 +163,8 @@ void app_main(void) return; } atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free); + #else + (void) TAG; #endif #endif wolf_benchmark_task(); diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt index bf716c65b..7312c0dba 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt @@ -2,5 +2,10 @@ # CMakeLists in this exact order for cmake to work correctly cmake_minimum_required(VERSION 3.5) +# (Not part of the boilerplate) +# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection. +# disable the following line if there isn't the directory +set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common) + include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(wolfssl_client) diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile index ac04b5fe5..f3854ff18 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile @@ -6,6 +6,7 @@ PROJECT_NAME := wolfssl_client CFLAGS += -DWOLFSSL_USER_SETTINGS +# if there isn't the directory, please disable the line below. +EXTRA_COMPONENT_DIRS = $(IDF_PATH)/examples/common_components/protocol_examples_common include $(IDF_PATH)/make/project.mk - diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c index 000684e0e..cde4c6ec2 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c @@ -131,6 +131,7 @@ void tls_smp_client_task() size_t len; struct hostent *hp; struct ip4_addr *ip4_addr; + const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n"; /* declare wolfSSL objects */ WOLFSSL_CTX *ctx; @@ -257,8 +258,8 @@ void tls_smp_client_task() if(sendGet){ printf("SSL connect ok, sending GET...\n"); - len = 28; - strncpy(buff, "GET /index.html HTTP/1.0\r\n\r\n", 28); + len = XSTRLEN(sndMsg); + strncpy(buff, sndMsg, len); buff[len] = '\0'; } else { sprintf(buff, "message from esp32 tls client\n"); diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h index ede9e7a9b..430529103 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h @@ -21,9 +21,14 @@ #ifndef _TLS_WIFI_H_ #define _TLS_WIFI_H_ +#include "esp_idf_version.h" #include "esp_log.h" #include "esp_wifi.h" +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 +#include "esp_event.h" +#else #include "esp_event_loop.h" +#endif #define DEFAULT_PORT 11111 diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c index ad7a4ee93..e1aa83d7f 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c @@ -27,6 +27,9 @@ #include "lwip/netdb.h" #include "lwip/apps/sntp.h" #include "nvs_flash.h" +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 +#include "protocol_examples_common.h" +#endif const static int CONNECTED_BIT = BIT0; static EventGroupHandle_t wifi_event_group; @@ -48,12 +51,13 @@ static void set_time() time_t now; struct tm timeinfo; char strftime_buf[64]; - - utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */ + /* please update the time if seeing unknown failure. */ + /* this could cause TLS communication failure due to time expiration */ + utctime.tv_sec = 1567125910; /* dummy time: Fri Aug 30 09:45:00 2019 */ utctime.tv_usec = 0; tz.tz_minuteswest = 0; tz.tz_dsttime = 0; - + settimeofday(&utctime, &tz); time(&now); @@ -62,9 +66,11 @@ static void set_time() strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo); ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf); +#if ESP_IDF_VERSION_MAJOR < 4 /* wait until wifi connect */ xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT, false, true, portMAX_DELAY); +#endif /* now we start client tasks. */ tls_smp_client_init(); } @@ -120,6 +126,15 @@ void app_main(void) tcpip_adapter_init(); /* */ +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 + (void) wifi_event_handler; + ESP_ERROR_CHECK(esp_event_loop_create_default()); + /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig. + * Read "Establishing Wi-Fi or Ethernet Connection" section in + * examples/protocols/README.md for more information about this function. + */ + ESP_ERROR_CHECK(example_connect()); +#else wifi_event_group = xEventGroupCreate(); ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL)); wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); @@ -141,6 +156,7 @@ void app_main(void) ESP_LOGI(TAG, "wifi_init_sta finished."); ESP_LOGI(TAG, "connect to ap SSID:%s password:%s", TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS); +#endif ESP_LOGI(TAG, "Set dummy time..."); set_time(); } diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt index 12c649649..0d591ea0d 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt @@ -2,6 +2,10 @@ # CMakeLists in this exact order for cmake to work correctly cmake_minimum_required(VERSION 3.5) +# (Not part of the boilerplate) +# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection. +# disable the following line if there isn't the directory +set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common) include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(wolfssl_server) diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile index 5fa6a42bd..e3bb4037f 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile @@ -7,5 +7,8 @@ PROJECT_NAME := tls_server CFLAGS += -DWOLFSSL_USER_SETTINGS +# if there isn't the directory, please disable the line below. +EXTRA_COMPONENT_DIRS = $(IDF_PATH)/examples/common_components/protocol_examples_common + include $(IDF_PATH)/make/project.mk diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h index 18a76126d..5718ad34d 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h @@ -1,4 +1,4 @@ -/* wifi_connect.h +/* wifi_connect.h * * Copyright (C) 2006-2019 wolfSSL Inc. * @@ -21,9 +21,14 @@ #ifndef _TLS_WIFI_H_ #define _TLS_WIFI_H_ +#include "esp_idf_version.h" #include "esp_log.h" #include "esp_wifi.h" +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 +#include "esp_event.h" +#else #include "esp_event_loop.h" +#endif #define DEFAULT_PORT 11111 diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c index f8d018096..06730b16a 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c @@ -133,6 +133,7 @@ void tls_smp_server_task() size_t len; int shutdown = 0; int ret; + const char msg[] = "I hear you fa shizzle!"; /* declare wolfSSL objects */ WOLFSSL_CTX* ctx; @@ -245,7 +246,7 @@ void tls_smp_server_task() } /* Write our reply into buff */ memset(buff, 0, sizeof(buff)); - memcpy(buff, "I hear ya fa shizzle!", sizeof(buff)); + memcpy(buff, msg, sizeof(msg)); len = strnlen(buff, sizeof(buff)); /* Reply back to the client */ if (wolfSSL_write(ssl, buff, len) != len) { diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c index 87034401d..f4829ce02 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c @@ -27,6 +27,9 @@ #include "lwip/netdb.h" #include "lwip/apps/sntp.h" #include "nvs_flash.h" +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 +#include "protocol_examples_common.h" +#endif const static int CONNECTED_BIT = BIT0; static EventGroupHandle_t wifi_event_group; @@ -45,8 +48,9 @@ static void set_time() time_t now; struct tm timeinfo; char strftime_buf[64]; - - utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */ + /* please update the time if seeing unknown failure. */ + /* this could cause TLS communication failure due to time expiration */ + utctime.tv_sec = 1567125910; /* dummy time: Fri Aug 30 09:45:00 2019 */ utctime.tv_usec = 0; tz.tz_minuteswest = 0; tz.tz_dsttime = 0; @@ -59,9 +63,11 @@ static void set_time() strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo); ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf); +#if ESP_IDF_VERSION_MAJOR < 4 /* wait until wifi connect */ xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT, false, true, portMAX_DELAY); +#endif /* now we start client tasks. */ tls_smp_server_init(); } @@ -117,6 +123,15 @@ void app_main(void) tcpip_adapter_init(); /* */ +#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1 + (void) wifi_event_handler; + ESP_ERROR_CHECK(esp_event_loop_create_default()); + /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig. + * Read "Establishing Wi-Fi or Ethernet Connection" section in + * examples/protocols/README.md for more information about this function. + */ + ESP_ERROR_CHECK(example_connect()); +#else wifi_event_group = xEventGroupCreate(); ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL)); wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); @@ -138,6 +153,7 @@ void app_main(void) ESP_LOGI(TAG, "wifi_init_sta finished."); ESP_LOGI(TAG, "connect to ap SSID:%s password:%s", TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS); - ESP_LOGI(TAG, "Set Dummy time..."); +#endif + ESP_LOGI(TAG, "Set dummy time..."); set_time(); } diff --git a/src/internal.c b/src/internal.c index e96755cf9..9c62b3672 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4655,6 +4655,32 @@ int DhAgree(WOLFSSL* ssl, DhKey* dhKey, #ifdef HAVE_PK_CALLBACKS +int wolfSSL_CTX_IsPrivatePkSetForKeyType(WOLFSSL_CTX* ctx, byte keyType) +{ + int pkcbset = 0; + (void)ctx; +#if defined(HAVE_ECC) || defined(HAVE_ED25519) || !defined(NO_RSA) + if (0 + #ifdef HAVE_ECC + || (ctx->EccSignCb != NULL && keyType == ecc_dsa_sa_algo) + #endif + #ifdef HAVE_ED25519 + || (ctx->Ed25519SignCb != NULL && keyType == ed25519_sa_algo) + #endif + #ifndef NO_RSA + || (ctx->RsaSignCb != NULL && keyType == rsa_sa_algo) + || (ctx->RsaDecCb != NULL && keyType == rsa_kea) + #ifdef WC_RSA_PSS + || (ctx->RsaPssSignCb != NULL && keyType == rsa_pss_sa_algo) + #endif + #endif + ) { + pkcbset = 1; + } +#endif + return pkcbset; +} + int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx) { int pkcbset = 0; @@ -18046,7 +18072,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) #ifdef HAVE_PK_CALLBACKS /* allow no private key if using PK callbacks and CB is set */ - if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)) { + if (wolfSSL_CTX_IsPrivatePkSetForKeyType(ssl->ctx, ssl->buffers.keyType)) { *length = GetPrivateKeySigSize(ssl); return 0; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 6911040a9..b797388ff 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18408,6 +18408,8 @@ int ecc_test(void) printf("ecc_test_make_pub failed!: %d\n", ret); goto done; } +#else + (void) ecc_test_make_pub;/* for compiler warning */ #endif #ifdef WOLFSSL_CERT_GEN ret = ecc_test_cert_gen(&rng); diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 3d43a5ab7..28da4290e 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3254,6 +3254,8 @@ WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x5 #ifdef HAVE_PK_CALLBACKS WOLFSSL_API int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx); +WOLFSSL_API int wolfSSL_CTX_IsPrivatePkSetForKeyType(WOLFSSL_CTX* ctx, + byte keyType); #endif #ifdef HAVE_ENCRYPT_THEN_MAC