wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7392 from gojimmypi/PR-Espressif-wolfcrypt-test

Browse Source 
Update Espressif Examples and Libraries
This commit is contained in:
JacobBarthelmeh
2024-05-03 15:31:23 -06:00
committed by GitHub
parent d22991bb03 5cab707d8e
commit 081731be8b
81 changed files with 5579 additions and 1136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
IDE/Espressif/ESP-IDF/README.md
View File

@ -1,8 +1,8 @@
# ESP-IDF Port
These Espressif examples have been created and tested with the latest stable release branch of
[ESP-IDF V5.1](https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/get-started/index.html).
The prior version 4.4 ESP-IDF is still supported, however version 5.1 or greater is recommended.
[ESP-IDF V5.2](https://docs.espressif.com/projects/esp-idf/en/release-v5.2/esp32/get-started/index.html).
The prior version 4.4 ESP-IDF is still supported, however version 5.2 or greater is recommended.
Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).
See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
@ -44,6 +44,28 @@ default configuration items in the wolfssl `settings.h`. With the latest version
wolfSSL, some of these defaults can be disabled with `NO_ESPIDF_DEFAULT` and customized
in your project `user_settings.h` as desired.
The `user_settings.h` include file should not be explicitly included in an project source files. Be
sure to include `settings.h` (which pulls in `user_settings.h`) before any other wolfSSL include files.
A new project should also include a compiler option suc as `CFLAGS +=-DWOLFSSL_USER_SETTINGS"` to ensure
the `user_settings.h` is included properly. See the [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/main/main.c).
```
#ifdef WOLFSSL_USER_SETTINGS
#include <wolfssl/wolfcrypt/settings.h>
#ifndef WOLFSSL_ESPIDF
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
```
See the respective project directory:
`[project-dir]/components/wolfssl/user_settings.h`
@ -116,7 +138,7 @@ See the specific examples for additional details.
## Setup for Linux (wolfSSL local copy)
This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
This is an alternate method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree
2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
@ -124,7 +146,7 @@ This is a legacy method for installation. It is recommended to use the new `CMak
## Setup for Windows
This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
This is an alternate method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`

2
IDE/Espressif/ESP-IDF/dummy_test_paths.h
View File

@ -1,6 +1,6 @@
/* wolfcrypt/test/test_paths.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

4
IDE/Espressif/ESP-IDF/examples/README.md
View File

@ -10,9 +10,9 @@ These are the core examples for wolfSSL:
- [Test](./wolfssl_test/README.md)
- [TLS Client](./wolfssl_client/README.md)
- [TLS Client](./wolfssl_client/README.md). See also [CLI Client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client) and [more TLS examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/tls).
- [TLS Server](./wolfssl_server/README.md)
- [TLS Server](./wolfssl_server/README.md). See also [CLI Server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
## Other Espressif wolfSSL Examples

6
IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
View File

@ -18,7 +18,7 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>12.2.0</GCC>
<GCC>13.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
@ -67,8 +67,8 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>release/v5.1</Version>
<Subdirectory>esp-idf/v5.1</Subdirectory>
<Version>release/v5.2</Version>
<Subdirectory>esp-idf/v5.2</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM37</COMPort>

15
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -45,6 +45,11 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -158,8 +163,8 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
# esp_timer
# driver # this will typically only be needed for wolfSSL benchmark
)
else()
@ -363,6 +368,10 @@ else()
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
"${THIS_IDF_PATH}/components/esp_netif/include"
"${THIS_IDF_PATH}/components/esp_wifi/include"
)

325
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -19,12 +19,22 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* This user_settings.h is for Espressif ESP-IDF
*
* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1
*
* Do not include any wolfssl headers here
*
* When editing this file:
* ensure wolfssl_test and wolfssl_benchmark settings match.
*/
/* The Espressif project config file. See also sdkconfig.defaults */
#include "sdkconfig.h"
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
** Some possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
@ -36,18 +46,54 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
#define NO_ESP_SDK_WIFI
/* Experimental Kyber */
#if 0
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#endif
/*
* choose ONE of these Espressif chips to define:
* ONE of these Espressif chip families will be detected from sdkconfig:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
/* See below for chipset detection from sdkconfig.h */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* SMALL_SESSION_CACHE saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desperate or no TLS used, try NO_SESSION_CACHE. */
#define NO_SESSION_CACHE
/* Small Stack uses more heap. */
#define WOLFSSL_SMALL_STACK
/* Full debugging turned off, but show malloc failure detail */
/* #define DEBUG_WOLFSSL */
#define DEBUG_WOLFSSL_MALLOC
/* See test.c that sets cert buffers; we'll set them here: */
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
/* RSA_LOW_MEM: Half as much memory but twice as slow. */
#define RSA_LOW_MEM
#define WOLFSSL_ESP32
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
@ -61,7 +107,6 @@
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
@ -79,7 +124,9 @@
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */
/* #define WOLFSSL_RIPEMD */
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
@ -92,22 +139,31 @@
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* Reminder: ED25519 requires SHA512 */
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
/* Some features not enabled for ESP8266: */
#if defined(CONFIG_IDF_TARGET_ESP8266) || \
defined(CONFIG_IDF_TARGET_ESP32C2)
/* TODO determine low memory configuration for ECC. */
#else
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#endif
#define HAVE_ED25519
/* Optional OPENSSL compatibility */
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #Optional HAVE_PKCS7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
/* HAVE_PKCS7 may enable HAVE_PBKDF2 see settings.h */
#define NO_PBKDF2
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
@ -127,27 +183,11 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* RSA primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
/* WC_NO_CACHE_RESISTANT: slower but more secure */
/* #define WC_NO_CACHE_RESISTANT */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* TFM_TIMING_RESISTANT: slower but more secure */
/* #define TFM_TIMING_RESISTANT */
/* #define WOLFSSL_ATECC508A_DEBUG */
@ -159,9 +199,10 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#define ESP_RSA_TIMEOUT_CNT 0x349F00
#define HASH_SIZE_LIMIT /* for test.c */
/* hash limit for test.c */
#define HASH_SIZE_LIMIT
/* USE_FAST_MATH is default */
#define USE_FAST_MATH
@ -170,6 +211,7 @@
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/* #define WOLFSSL_SP_RISCV32 */
/***** Use Integer Heap Math *****/
/* #undef USE_FAST_MATH */
@ -205,7 +247,7 @@
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
/* command-line options
--enable-keygen
--enable-certgen
--enable-certreq
@ -213,10 +255,14 @@
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
/* Chipset detection from sdkconfig.h
* Default is HW enabled unless turned off.
* Uncomment lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
#define WOLFSSL_ESP32
/* Alternatively, if there's an ECC Secure Element present: */
/* #define WOLFSSL_ESPWROOM32SE */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -234,6 +280,7 @@
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -246,6 +293,7 @@
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -259,6 +307,7 @@
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#define WOLFSSL_ESP32
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
@ -284,6 +333,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -301,6 +351,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -317,6 +368,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#define WOLFSSL_ESP32
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
@ -325,21 +377,63 @@
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define WOLFSSL_ESP8266
/* There's no hardware encryption on the ESP8266 */
/* Consider using the ESP32-C2/C3/C6
* See https://www.espressif.com/en/products/socs/esp32-c2 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8684)
/* There's no Hardware Acceleration available on ESP8684 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
/***** END CONFIG_IDF_TARGET_ESP8684 *****/
#else
/* Anything else encountered, disable HW accleration */
#warning "Unexpected CONFIG_IDF_TARGET_NN value"
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* RSA primitive specific definition, listed AFTER the Chipset detection */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Consider USE_FAST_MATH and SMALL_STACK */
#ifndef NO_RSA
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
#ifdef CONFIG_ESP_MAIN_TASK_STACK_SIZE
#if CONFIG_ESP_MAIN_TASK_STACK_SIZE < 10500
#warning "RSA may be difficult with less than 10KB Stack "/
#endif
#endif
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#endif
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
@ -353,14 +447,26 @@
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
See wolfcrypt/benchmark/benchmark.c for debug and other settings:
Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
#define DEBUG_WOLFSSL_BENCHMARK_TIMING
Turn on timer debugging (used when CPU cycles not available)
#define WOLFSSL_BENCHMARK_TIMER_DEBUG
*/
#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
/* Pause in a loop rather than exit. */
#define WOLFSSL_ESPIDF_ERROR_PAUSE
#define WOLFSSL_HW_METRICS
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* for test.c */
/* #define HASH_SIZE_LIMIT */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* Optionally turn off HW math checks */
/* #define NO_HW_MATH_TEST */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
@ -383,8 +489,8 @@
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* used by benchmark: */
#define WOLFSSL_PUBLIC_MP
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
@ -393,12 +499,75 @@
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
/***************************** Certificate Macros *****************************
*
* The section below defines macros used in typically all of the wolfSSL
* examples such as the client and server for certs stored in header files.
*
* There are various certificate examples in this header file:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* To use the sets of macros below, define *one* of these:
*
* USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1
* USE_CERT_BUFFERS_2048 - RSA 2048 bit encoded ASN1
* WOLFSSL_SM[2,3,4] - SM Ciphers
*
* For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this
* wolfSSL function for the `ca_cert_der_2048` buffer, size and types:
*
* ret = wolfSSL_CTX_load_verify_buffer(ctx,
* CTX_CA_CERT,
* CTX_CA_CERT_SIZE,
* CTX_CA_CERT_TYPE);
*
* See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer
*
* In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as
* defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference
* array size and cert type respectively.
*
* Similarly for loading the private client key:
*
* ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
* CTX_CLIENT_KEY,
* CTX_CLIENT_KEY_SIZE,
* CTX_CLIENT_KEY_TYPE);
*
* see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer
*
* Similarly, the other macros are for server certificates and keys:
* `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available.
*
* The certificate and key names are typically `static const unsigned char`
* arrays. The [NAME]_size are typically `sizeof([array name])`, and the types
* are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM).
*
* See `SSL_FILETYPE_[name]` in
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h
*
* See Abstract Syntax Notation One (ASN.1) in:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h
*
* Optional SM4 Ciphers:
*
* Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet
* be available. See:
* https://github.com/wolfSSL/wolfssl/pull/6825
* https://github.com/wolfSSL/wolfsm
*
* Uncomment these 3 macros to enable the SM Ciphers and use the macros below.
*/
/*
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
/* Conditional macros used in wolfSSL TLS client and server examples */
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
@ -414,15 +583,49 @@
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
#if defined(USE_CERT_BUFFERS_2048)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_2048
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_2048
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_1024
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_1024
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_1024
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_1024
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_1024
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#else
/* Optionally define custom cert arrays, sizes, and types here */
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#endif
#endif /* Conditional key and cert constant names */

2
IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
View File

@ -1,6 +1,6 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

39
IDE/Espressif/ESP-IDF/examples/template/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -22,8 +22,23 @@
/* Espressif */
#include <esp_log.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#ifdef WOLFSSL_USER_SETTINGS
#include <wolfssl/wolfcrypt/settings.h>
#ifndef WOLFSSL_ESPIDF
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
/* project */
#include "main.h"
@ -32,18 +47,32 @@ static const char* const TAG = "My Project";
void app_main(void)
{
#ifdef WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE
int ret = 0;
#endif
ESP_LOGI(TAG, "Hello wolfSSL!");
#ifdef HAVE_VERSION_EXTENDED_INFO
esp_ShowExtendedSystemInfo();
ret = esp_ShowExtendedSystemInfo();
#endif
#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
esp_hw_show_metrics();
ret += esp_hw_show_metrics();
#endif
#ifdef WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE
if (ret == 0) {
ESP_LOGI(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Success!", ret));
}
else {
ESP_LOGE(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Failed!", ret));
}
#elif defined(WOLFSSL_ESPIDF_EXIT_MESSAGE)
ESP_LOGI(TAG, WOLFSSL_ESPIDF_EXIT_MESSAGE);
#else
ESP_LOGI(TAG, "\n\nDone!"
"If running from idf.py monitor, press twice: Ctrl+]\n\n"
"WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
);
#endif
}

20
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
View File

@ -5,6 +5,7 @@
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.16)
add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
@ -21,13 +22,20 @@ cmake_minimum_required(VERSION 3.16)
#
# Optionally specify a location for wolfSSL component source code
# set(WOLFSSL_ROOT "c:/test/blogtest/wolfssl" )
# set(WOLFSSL_ROOT "c:/mydir/wolfssl" )
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
# set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
#
#if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
# message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
# set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
#else()
# message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
#endif()
# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
# an unintuitive error about Unknown CMake command "esptool_py_flash_project_args".
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
set(COMPONENTS
main
wolfssl
) # set components
project(wolfssl_benchmark)

7
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
View File

@ -3,9 +3,10 @@
# project subdirectory.
#
PROJECT_NAME := wolfssl_benchmark
CFLAGS += -DWOLFSSL_USER_SETTINGS
# Some of the tests are CPU intenstive, so we'll force the watchdog timer off.
# There's an espressif NO_WATCHDOG; we don't use it, as it is reset by sdkconfig.
EXTRA_CFLAGS += -DWOLFSSL_ESP_NO_WATCHDOG
PROJECT_NAME := wolfssl_benchmark
include $(IDF_PATH)/make/project.mk

7
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
View File

@ -19,6 +19,13 @@ other local port to `COM20` as needed:
change port com20=com23
```
## Bulk Testing
If you have a test jig with multiple ESP32 devices and you'd like to run this wolfcrypt benchmark on all of them, check out
the `testAll.sh` and `testMonitor.sh` scripts in the [../wolfssl_test](../wolfssl_test/README.md) directory. Copy those
bash script files to this project. See the `esp32[NN]_PORT` and `esp32[NN]_PUTTY` settings in `testMonitor.sh` that will
be machine-specific.
## VisualGDB
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.

10
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.vgdbproj
View File

@ -18,9 +18,9 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>11.2.0</GCC>
<GDB>9.2.90</GDB>
<Revision>2</Revision>
<GCC>13.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
</ToolchainID>
<RelativeSourceDirectory>..</RelativeSourceDirectory>
@ -67,8 +67,8 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>release/v5.0</Version>
<Subdirectory>esp-idf/v5.0</Subdirectory>
<Version>release/v5.2</Version>
<Subdirectory>esp-idf/v5.2</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM20</COMPort>

302
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -19,16 +19,95 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.0.011 for detect test/benchmark
# Version 5.7.0 template update + THIS_IDF_PATH
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSL_ROOT "c:/test/my_wolfssl" )
if ( "${WOLFSSL_ROOT}" STREQUAL "")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# Optional compiler definitions to help with system name detection (typically printed by app diagnostics)
if(VERBOSE_COMPONENT_MESSAGES)
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# Don't include lwip requirement for benchmark and test apps.
if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test") )
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
endif()
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@ -45,6 +124,11 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -71,27 +155,41 @@ function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
endif()
endfunction()
# *********************************************************************************************
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
# Example usage:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
# *********************************************************************************************
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
message(STATUS "Found WOLFSSL_ROOT via prior specification.")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
message(FATAL_ERROR "WOLFSSL_ROOT Variable defined, but path not found: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif()
endif()
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
@ -109,16 +207,47 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
return()
endif()
# Maintain CURRENT_SEARCH_DIR, but check various suffixes with CURRENT_SEARCH_DIR_ALT
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl-master"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-master)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in master-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
@ -138,7 +267,8 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
# When the parent is current directory, cannot go any further. We didn't find wolfssl.
# When the search directory is empty, we'll give up.
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
@ -149,17 +279,47 @@ endfunction()
# Example usage:
#
# Simply find the WOLFSSL_DIRECTORY by searching parent directories:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
#
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
message(STATUS "${_variableName}=${${_variableName}}")
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
message(STATUS "")
endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
${THIS_INCLUDE_TIMER}
${THIS_INCLUDE_DRIVER} # this will typically only be needed for wolfSSL benchmark
)
else()
@ -171,24 +331,52 @@ else()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
IS_WOLFSSL_SOURCE("${WOLFSSL_ROOT}" FOUND_WOLFSSL)
if(FOUND_WOLFSSL)
message(STATUS "Found WOLFSSL_ROOT via CMake specification.")
else()
# WOLFSSL_ROOT Path specified in CMakeLists.txt is not a valid path
message(FATAL_ERROR "WOLFSSL_ROOT CMake Variable defined, but path not found: ${WOLFSSL_ROOT}\n"
"Try correcting WOLFSSL_ROOT in your project CMakeFile.txt or setting environment variable.")
# Abort CMake after fatal error.
endif()
else()
message(STATUS "NEW wolfssl directory not found.")
message(STATUS "Searching for wolfSL source code...")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "Failed: wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
message(FATAL_ERROR "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
# Abort CMake after fatal error.
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
# During regression tests, optionally copy source locally and use: set(USE_LOCAL_TEST_BENCH 1)
set(USE_LOCAL_TEST_BENCH 0)
if(NOT USE_LOCAL_TEST_BENCH)
if( "${CMAKE_PROJECT_NAME}" STREQUAL "hello-world" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/test")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
@ -200,16 +388,19 @@ else()
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h is in the local project.
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
# add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
file(GLOB EXCLUDE_ASM *.S)
file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
file(GLOB EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
@ -232,11 +423,13 @@ else()
message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
# Abort CMake after fatal error.
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@ -286,6 +479,7 @@ else()
message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
"${WOLFSSL_ROOT}/include/user_settings.h "
" (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
# Abort CMake after fatal error.
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
@ -355,17 +549,22 @@ else()
message(STATUS "Could not find RTOS path")
endif()
endif()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/port/Espressif\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
"${THIS_IDF_PATH}/components/esp_netif/include"
"${THIS_IDF_PATH}/components/esp_wifi/include"
)
# Optionally include cryptoauthlib if present
if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
endif()
@ -374,7 +573,7 @@ else()
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
# Some files are known to be included elsewhere, or not used for Espressif
set(COMPONENT_SRCEXCLUDE
"\"${WOLFSSL_ROOT}/src/bio.c\""
"\"${WOLFSSL_ROOT}/src/conf.c\""
@ -390,6 +589,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
@ -426,17 +627,34 @@ else()
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
PRIV_REQUIRES
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
# some optional diagnostics
if (1)
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
message(STATUS "${_variableName}=${${_variableName}}")
if ( ("${_variableName}" STREQUAL "bootloader_binary_files")
OR ("${_variableName}" STREQUAL "Component paths")
OR ("${_variableName}" STREQUAL "component_targets")
OR ("${_variableName}" STREQUAL "__COMPONENT_TARGETS")
OR ("${_variableName}" STREQUAL "CONFIGS_LIST")
OR ("${_variableName}" STREQUAL "__CONFIG_VARIABLES")
OR ("${_variableName}" STREQUAL "val")
OR ("${_variableName}" MATCHES "^__idf_")
)
# Truncate the displayed value:
string(SUBSTRING "${${_variableName}}" 0 70 truncatedValue)
message(STATUS "${_variableName} = ${truncatedValue} ... (truncated)")
else()
message(STATUS "${_variableName}=${${_variableName}}")
endif()
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
@ -523,6 +741,8 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")

280
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
View File

@ -1,40 +1,240 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
COMPONENT_ADD_INCLUDEDIRS := . ./include
COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
COMPONENT_SRCDIRS := src wolfcrypt/src
COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += wolfcrypt/benchmark
COMPONENT_SRCDIRS += wolfcrypt/test
CFLAGS +=-DWOLFSSL_USER_SETTINGS
COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += src/bio.o
#
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# In the wolfSSL GitHub examples for Espressif,
# the root is 7 directories up from here:
WOLFSSL_ROOT := ../../../../../../../
# NOTE: The wolfSSL include diretory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT).
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt/port/Espressif
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# WOLFSSL_ROOT := ""
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)src
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/test
COMPONENT_SRCDIRS += include
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)src/bio.o
##
## wolfSSL
##
COMPONENT_OBJS := $(WOLFSSL_ROOT)src/bio.o
# COMPONENT_OBJS += src/conf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ocsp.o
# COMPONENT_OBJS += src/pk.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/wolfio.o
# COMPONENT_OBJS += src/x509.o
# COMPONENT_OBJS += src/x509_str.o
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asn.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/async.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sakke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/selftest.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_first.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_last.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/benchmark/benchmark.o
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/test/test.o
##
## wolfcrypt
##
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src

428
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -19,12 +19,22 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* This user_settings.h is for Espressif ESP-IDF
*
* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1
*
* Do not include any wolfssl headers here
*
* When editing this file:
* ensure wolfssl_test and wolfssl_benchmark settings match.
*/
/* The Espressif project config file. See also sdkconfig.defaults */
#include "sdkconfig.h"
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
** Some possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
@ -36,18 +46,175 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
#define NO_ESP_SDK_WIFI
/* Experimental Kyber */
#if 0
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#endif
/*
* choose ONE of these Espressif chips to define:
* ONE of these Espressif chip families will be detected from sdkconfig:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
/* See below for chipset detection from sdkconfig.h */
#define WOLFSSL_ESP32
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* SMALL_SESSION_CACHE saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desperate or no TLS used, try NO_SESSION_CACHE. */
#define NO_SESSION_CACHE
/* Small Stack uses more heap. */
#define WOLFSSL_SMALL_STACK
/* Full debugging turned off, but show malloc failure detail */
/* #define DEBUG_WOLFSSL */
#define DEBUG_WOLFSSL_MALLOC
/* See test.c that sets cert buffers; we'll set them here: */
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
/* RSA_LOW_MEM: Half as much memory but twice as slow. */
#define RSA_LOW_MEM
/* Uncommon settings for testing only */
#define TEST_ESPIDF_ALL_WOLFSSL
#ifdef TEST_ESPIDF_ALL_WOLFSSL
#define WOLFSSL_MD2
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WC_RC2
#define WOLFSSL_ALLOW_RC4
#define HAVE_POLY1305
#define WOLFSSL_AES_128
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_CFB
#define WOLFSSL_AES_XTS
/* #define WC_SRTP_KDF */
/* TODO Causes failure with Espressif AES HW Enabled */
/* #define HAVE_AES_ECB */
/* #define HAVE_AESCCM */
/* TODO sanity check when missing HAVE_AES_ECB */
#define WOLFSSL_WOLFSSH
#define HAVE_AESGCM
#define WOLFSSL_AES_COUNTER
#define HAVE_FFDHE
#define HAVE_FFDHE_2048
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO Full size SRP is disabled on the ESP8266 at this time.
* Low memory issue? */
#define WOLFCRYPT_HAVE_SRP
/* MIN_FFDHE_FP_MAX_BITS = (MIN_FFDHE_BITS * 2); see settings.h */
#define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
#elif defined(CONFIG_IDF_TARGET_ESP32) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
/* TODO: SRP Not enabled, known to fail on this target
* See https://github.com/wolfSSL/wolfssl/issues/7210 */
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32H2)
/* SRP Known to be working on this target::*/
#define WOLFCRYPT_HAVE_SRP
#define FP_MAX_BITS (8192 * 2)
#else
/* For everything else, give a try and see if SRP working: */
#define WOLFCRYPT_HAVE_SRP
#define FP_MAX_BITS (8192 * 2)
#endif
#define HAVE_DH
/* TODO: there may be a problem with HAVE_CAMELLIA with HW AES disabled.
* Do not define NO_WOLFSSL_ESP32_CRYPT_AES when enabled: */
/* #define HAVE_CAMELLIA */
/* DSA requires old SHA */
#define HAVE_DSA
/* Needs SHA512 ? */
#define HAVE_HPKE
/* Not for Espressif? */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32H2) || \
defined(CONFIG_IDF_TARGET_ESP8266)
#if defined(CONFIG_IDF_TARGET_ESP8266)
#undef HAVE_ECC
#undef HAVE_ECC_CDH
#undef HAVE_CURVE25519
/* TODO does CHACHA also need alignment? Failing on ESP8266
* See SHA256 __attribute__((aligned(4))); and WC_SHA256_ALIGN */
#ifdef HAVE_CHACHA
#error "HAVE_CHACHA not supported on ESP8266"
#endif
#ifdef HAVE_XCHACHA
#error "HAVE_XCHACHA not supported on ESP8266"
#endif
#else
#define HAVE_XCHACHA
#define HAVE_CHACHA
/* TODO Not enabled at this time, needs further testing:
* #define WC_SRTP_KDF
* #define HAVE_COMP_KEY
* #define WOLFSSL_HAVE_XMSS
*/
#endif
/* TODO AES-EAX not working on this platform */
/* Optionally disable DH
* #undef HAVE_DH
* #undef HAVE_FFDHE
*/
/* ECC_SHAMIR out of memory on ESP32-C2 during ECC */
#ifndef HAVE_ECC
#define ECC_SHAMIR
#endif
#else
#define WOLFSSL_AES_EAX
#define ECC_SHAMIR
#endif
/* Only for WOLFSSL_IMX6_CAAM / WOLFSSL_QNX_CAAM ? */
/* #define WOLFSSL_CAAM */
/* #define WOLFSSL_CAAM_BLOB */
#define WOLFSSL_AES_SIV
#define WOLFSSL_CMAC
#define WOLFSSL_CERT_PIV
/* HAVE_SCRYPT may turn on HAVE_PBKDF2 see settings.h */
/* #define HAVE_SCRYPT */
#define SCRYPT_TEST_ALL
#define HAVE_X963_KDF
#endif
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
@ -61,7 +228,6 @@
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
@ -79,7 +245,9 @@
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */
/* #define WOLFSSL_RIPEMD */
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
@ -95,24 +263,34 @@
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
/* Some features not enabled for ESP8266: */
#if defined(CONFIG_IDF_TARGET_ESP8266) || \
defined(CONFIG_IDF_TARGET_ESP32C2)
/* TODO determine low memory configuration for ECC. */
#else
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#endif
#define HAVE_ED25519
/* Optional OPENSSL compatibility */
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
/* #Optional HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
/* HAVE_PKCS7 may enable HAVE_PBKDF2 see settings.h */
#define NO_PBKDF2
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@ -126,27 +304,11 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
/* WC_NO_CACHE_RESISTANT: slower but more secure */
/* #define WC_NO_CACHE_RESISTANT */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* TFM_TIMING_RESISTANT: slower but more secure */
/* #define TFM_TIMING_RESISTANT */
/* #define WOLFSSL_ATECC508A_DEBUG */
@ -206,7 +368,7 @@
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
/* command-line options
--enable-keygen
--enable-certgen
--enable-certreq
@ -214,10 +376,14 @@
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
/* Chipset detection from sdkconfig.h
* Default is HW enabled unless turned off.
* Uncomment lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
#define WOLFSSL_ESP32
/* Alternatively, if there's an ECC Secure Element present: */
/* #define WOLFSSL_ESPWROOM32SE */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -235,6 +401,7 @@
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -247,6 +414,7 @@
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -260,6 +428,7 @@
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#define WOLFSSL_ESP32
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
@ -285,6 +454,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -302,6 +472,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -318,6 +489,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#define WOLFSSL_ESP32
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
@ -326,7 +498,11 @@
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define WOLFSSL_ESP8266
/* There's no hardware encryption on the ESP8266 */
/* Consider using the ESP32-C2/C3/C6
* See https://www.espressif.com/en/products/socs/esp32-c2 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
@ -343,13 +519,42 @@
#else
/* Anything else encountered, disable HW accleration */
#warning "Unexpected CONFIG_IDF_TARGET_NN value"
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* RSA primitive specific definition, listed AFTER the Chipset detection */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Consider USE_FAST_MATH and SMALL_STACK */
#ifndef NO_RSA
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
#ifdef CONFIG_ESP_MAIN_TASK_STACK_SIZE
#if CONFIG_ESP_MAIN_TASK_STACK_SIZE < 10500
#warning "RSA may be difficult with less than 10KB Stack "/
#endif
#endif
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#endif
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
@ -363,6 +568,14 @@
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
See wolfcrypt/benchmark/benchmark.c for debug and other settings:
Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
#define DEBUG_WOLFSSL_BENCHMARK_TIMING
Turn on timer debugging (used when CPU cycles not available)
#define WOLFSSL_BENCHMARK_TIMER_DEBUG
*/
/* Pause in a loop rather than exit. */
@ -396,8 +609,9 @@
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* used by benchmark: */
#define WOLFSSL_PUBLIC_MP
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
@ -406,12 +620,75 @@
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
/***************************** Certificate Macros *****************************
*
* The section below defines macros used in typically all of the wolfSSL
* examples such as the client and server for certs stored in header files.
*
* There are various certificate examples in this header file:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* To use the sets of macros below, define *one* of these:
*
* USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1
* USE_CERT_BUFFERS_2048 - RSA 2048 bit encoded ASN1
* WOLFSSL_SM[2,3,4] - SM Ciphers
*
* For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this
* wolfSSL function for the `ca_cert_der_2048` buffer, size and types:
*
* ret = wolfSSL_CTX_load_verify_buffer(ctx,
* CTX_CA_CERT,
* CTX_CA_CERT_SIZE,
* CTX_CA_CERT_TYPE);
*
* See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer
*
* In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as
* defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference
* array size and cert type respectively.
*
* Similarly for loading the private client key:
*
* ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
* CTX_CLIENT_KEY,
* CTX_CLIENT_KEY_SIZE,
* CTX_CLIENT_KEY_TYPE);
*
* see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer
*
* Similarly, the other macros are for server certificates and keys:
* `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available.
*
* The certificate and key names are typically `static const unsigned char`
* arrays. The [NAME]_size are typically `sizeof([array name])`, and the types
* are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM).
*
* See `SSL_FILETYPE_[name]` in
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h
*
* See Abstract Syntax Notation One (ASN.1) in:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h
*
* Optional SM4 Ciphers:
*
* Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet
* be available. See:
* https://github.com/wolfSSL/wolfssl/pull/6825
* https://github.com/wolfSSL/wolfsm
*
* Uncomment these 3 macros to enable the SM Ciphers and use the macros below.
*/
/*
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
/* Conditional macros used in wolfSSL TLS client and server examples */
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
@ -427,24 +704,49 @@
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
#if defined(USE_CERT_BUFFERS_2048)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
/* See settings.h for some of the possible hardening options:
*
* #define NO_ESPIDF_DEFAULT
* #define WC_NO_CACHE_RESISTANT
* #define WC_AES_BITSLICED
* #define HAVE_AES_ECB
* #define HAVE_AES_DIRECT
*/
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_2048
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_2048
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_1024
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_1024
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_1024
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_1024
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_1024
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#else
/* Optionally define custom cert arrays, sizes, and types here */
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#endif
#endif /* Conditional key and cert constant names */

3
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
View File

@ -3,6 +3,7 @@
#
# This Makefile can be left empty. By default, it will take the sources in the
# src/ directory, compile them and link them into lib(subdirectory_name).a
# in the build directory. This behaviour is entirely configurable,
# in the build directory. This behavior is entirely configurable,
# please read the ESP-IDF documents if you need to do this.
#
# (Uses default behavior of compiling all source files in directory, adding 'include' to include path.)

2
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
View File

@ -1,6 +1,6 @@
/* benchmark main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

75
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
View File

@ -1,6 +1,6 @@
/* benchmark main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -20,8 +20,8 @@
*/
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
#include <esp_log.h>
/* wolfSSL */
/* The wolfSSL user_settings.h file is automatically included by the settings.h
@ -29,6 +29,7 @@
* The settings.h should also be listed above wolfssl library include files. */
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#ifndef WOLFSSL_ESPIDF
#error "Problem with wolfSSL user_settings. " \
@ -40,10 +41,24 @@
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/benchmark/benchmark.h>
/* Hardware; include after other libraries,
* particularly after freeRTOS from settings.h */
#include <driver/uart.h>
/* set to 0 for one benchmark,
** set to 1 for continuous benchmark loop */
#define BENCHMARK_LOOP 0
#define THIS_MONITOR_UART_RX_BUFFER_SIZE 200
#ifdef CONFIG_ESP8266_XTAL_FREQ_26
/* 26MHz crystal: 74880 bps */
#define THIS_MONITOR_UART_BAUD_DATE 74880
#else
/* 40MHz crystal: 115200 bps */
#define THIS_MONITOR_UART_BAUD_DATE 115200
#endif
/* check BENCH_ARGV in sdkconfig to determine need to set WOLFSSL_BENCH_ARGV */
#ifdef CONFIG_BENCH_ARGV
#define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
@ -199,17 +214,42 @@ void app_main(void)
{
int stack_start = 0;
uart_config_t uart_config = {
.baud_rate = THIS_MONITOR_UART_BAUD_DATE,
.data_bits = UART_DATA_8_BITS,
.parity = UART_PARITY_DISABLE,
.stop_bits = UART_STOP_BITS_1,
};
esp_err_t ret = 0;
stack_start = esp_sdk_stack_pointer();
/* uart_set_pin(UART_NUM_0, TX_PIN, RX_PIN,
* UART_PIN_NO_CHANGE, UART_PIN_NO_CHANGE); */
/* Some targets may need to have UART speed set, such as ESP8266 */
ESP_LOGI(TAG, "UART init");
uart_param_config(UART_NUM_0, &uart_config);
uart_driver_install(UART_NUM_0,
THIS_MONITOR_UART_RX_BUFFER_SIZE, 0, 0, NULL, 0);
ESP_LOGI(TAG, "---------------- wolfSSL Benchmark Example -------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "Stack Start: 0x%x", stack_start);
#ifdef WOLFSSL_ESP_NO_WATCHDOG
ESP_LOGW(TAG, "Found WOLFSSL_ESP_NO_WATCHDOG, disabling...");
esp_DisableWatchdog();
#endif
#if defined(HAVE_VERSION_EXTENDED_INFO) && defined(WOLFSSL_HAS_METRICS)
esp_ShowExtendedSystemInfo();
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "app_main CONFIG_BENCH_ARGV = %s", WOLFSSL_BENCH_ARGV);
/* when using atecc608a on esp32-wroom-32se */
@ -238,7 +278,7 @@ void app_main(void)
do {
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
wolf_benchmark_task();
wolf_benchmark_task(); /* TODO capture return value! */
ESP_LOGI(TAG, "Stack used: %d\n",
stack_start - uxTaskGetStackHighWaterMark(NULL));
@ -255,8 +295,33 @@ void app_main(void)
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
#endif
#ifdef WOLFSSL_ESPIDF_EXIT_MESSAGE
ESP_LOGI(TAG, WOLFSSL_ESPIDF_EXIT_MESSAGE);
/* note wolfCrypt_Cleanup() should always be called when finished.
** This is called at the end of wolf_test_task();
*/
#if defined(DEBUG_WOLFSSL) && defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
esp_hw_show_mp_metrics();
#endif
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- (uxTaskGetStackHighWaterMark(NULL)));
#endif
#ifdef WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE
if (ret == 0) {
ESP_LOGI(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Success!", ret));
}
else {
ESP_LOGE(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Failed!", ret));
}
#elif defined(WOLFSSL_ESPIDF_EXIT_MESSAGE)
ESP_LOGI(TAG, WOLFSSL_ESPIDF_EXIT_MESSAGE);
#else
ESP_LOGI(TAG, "\n\nDone!\n\n"
"If running from idf.py monitor, press twice: Ctrl+]");
#endif
/* after the test, we'll just wait */

65
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
View File

@ -1,34 +1,87 @@
# Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig.
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults
CONFIG_BENCH_ARGV="-lng 0"
CONFIG_FREERTOS_HZ=1000
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
#
# Default main stack size
# Default main stack size. See user_settings.h
#
# This is typically way bigger than needed for stack size. See user_settings.h
#
CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500
# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
# Legacy stack size for older ESP-IDF versions
CONFIG_MAIN_TASK_STACK_SIZE=55500
CONFIG_MAIN_TASK_STACK_SIZE=10500
#
# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled
CONFIG_NEWLIB_NANO_FORMAT=n
#
# Watchdog Timers
#
# We don't want to have the watchdog timeout during tests
# We don't want to have the watchdog timeout during tests & benchmarks
#
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n
# Panic & Watchdog
CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000
CONFIG_ESP_TASK_WDT_EN=n
CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y
CONFIG_ESP_INT_WDT=n
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y
# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# Performance
# CONFIG_COMPILER_OPTIMIZATION_PERF=y
# Set max COU frequency (falls back as needed for lower maximum)
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
# FreeRTOS ticks at 1ms interval
CONFIG_FREERTOS_UNICORE=y
CONFIG_FREERTOS_HZ=1000
#
# Compiler options
#
CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
# CONFIG_COMPILER_OPTIMIZATION_SIZE is not set
# CONFIG_COMPILER_OPTIMIZATION_PERF is not set
# CONFIG_COMPILER_OPTIMIZATION_NONE is not set
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT is not set
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_DISABLE is not set
CONFIG_COMPILER_FLOAT_LIB_FROM_GCCLIB=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
# CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT is not set
CONFIG_COMPILER_HIDE_PATHS_MACROS=y
# CONFIG_COMPILER_CXX_EXCEPTIONS is not set
# CONFIG_COMPILER_CXX_RTTI is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_NONE is not set
CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
# CONFIG_COMPILER_STACK_CHECK_MODE_STRONG is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_ALL is not set
CONFIG_COMPILER_STACK_CHECK=y
# CONFIG_COMPILER_WARN_WRITE_STRINGS is not set
# CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS is not set
# CONFIG_COMPILER_DISABLE_GCC12_WARNINGS is not set
# CONFIG_COMPILER_DUMP_RTL_FILES is not set
# end of Compiler options
# We don't know that the min is actually v2,
# but this is the earliest tested.
CONFIG_ESP32C3_REV_MIN_2=y
#
# Partition Table

29
IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
View File

@ -185,4 +185,33 @@ I hear you fa shizzle!
./examples/server/server -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
#### Linux Client using Kyber to ESP32 Server
```
# Ensure build with Kyber enabled:
# ./configure --enable-kyber=all --enable-experimental && make
./examples/client/client -h 192.168.1.38 -v 4 -l TLS_AES_128_GCM_SHA256 --pqc KYBER_LEVEL5
```
#### ESP32 Client to WSL Linux Server
In Windows Powershell, (elevated permissions) forward the port _after_ starting the listening server:
```bash
netsh interface portproxy add v4tov4 listenport=11111 listenaddress=0.0.0.0 connectport=11111 connectaddress=127.0.0.1
```
After the server exits, remove the port proxy forward:
```bash
netsh interface portproxy delete v4tov4 listenport=11111 listenaddress=0.0.0.0
```
For additional information, see [Accessing network applications with WSL](https://learn.microsoft.com/en-us/windows/wsl/networking).
## Additional Information
See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).

6
IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
View File

@ -18,7 +18,7 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>12.2.0</GCC>
<GCC>13.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
@ -67,8 +67,8 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>release/v5.1</Version>
<Subdirectory>esp-idf/v5.1</Subdirectory>
<Version>release/v5.2</Version>
<Subdirectory>esp-idf/v5.2</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM19</COMPort>

15
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -45,6 +45,11 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -363,6 +368,10 @@ else()
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
${THIS_IDF_PATH}/components/esp_event/include
${THIS_IDF_PATH}/components/esp_netif/include
${THIS_IDF_PATH}/components/esp_wifi/include
)
@ -374,7 +383,7 @@ else()
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
# Some files are known to be included elsewhere, or not used for Espressif
set(COMPONENT_SRCEXCLUDE
"\"${WOLFSSL_ROOT}/src/bio.c\""
"\"${WOLFSSL_ROOT}/src/conf.c\""
@ -390,6 +399,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""

18
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -56,13 +56,15 @@ CFLAGS +=-DWOLFSSL_USER_SETTINGS
# The root is 7 directories up from here:
WOLFSSL_ROOT := ../../../../../../..
# NOTE: The wolfSSL include diretory (e.g. user_settings.h) is
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := ./include
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt/port/Espressif
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
@ -142,15 +144,15 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_kyber.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
@ -223,6 +225,9 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
@ -242,3 +247,4 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
## wolfcrypt
##
# COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src

90
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
View File

@ -22,9 +22,30 @@
/* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.6.6-01 */
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#include "sdkconfig.h"
/* #define DEBUG_WOLFSSL */
/* #define DEBUG_WOLFSSL_VERBOSE */
/* Experimental Kyber */
#if 0
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* With limited RAM, we'll disable some of the Kyber sizes: */
#define WOLFSSL_NO_KYBER1024
#define WOLFSSL_NO_KYBER768
#define NO_SESSION_CACHE
#endif
#endif
/* Pick a cert buffer size: */
/* #define USE_CERT_BUFFERS_2048 */
/* #define USE_CERT_BUFFERS_1024 */
#define USE_CERT_BUFFERS_2048
/* The Espressif sdkconfig will have chipset info.
**
@ -40,23 +61,34 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* We don't use WiFi helpers yet, so don't compile in the esp-sdk-lib WiFi */
#define NO_ESP_SDK_WIFI
/*
* ONE of these Espressif chipsets should be defined:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*
* following ifdef detection only for syntax highlighting:
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#ifdef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESPWROOM32SE
#endif
#ifdef WOLFSSL_ESP8266
#undef WOLFSSL_ESP8266
#endif
#ifdef WOLFSSL_ESP32
#undef WOLFSSL_ESP32
#endif
/* See below for chipset detection from sdkconfig.h */
/* Small session cache saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desparate, try NO_SESSION_CACHE. */
#define SMALL_SESSION_CACHE
* When really desperate, try NO_SESSION_CACHE. */
#define MICRO_SESSION_CACHE
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
@ -70,7 +102,7 @@
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
#define WOLFSSL_SMALL_STACK
#define HAVE_ECC
#define RSA_LOW_MEM
@ -100,25 +132,36 @@
/* when you want to use SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
/* #define WOLFSSL_SHA512 */
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* Some known low-memory devices have features not enabled by default. */
#else
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
/* #define WOLFSSL_SHA3 */
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* ED25519 requires SHA512 */
/* #define HAVE_ED25519 */
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#endif
/* Optional OpenSSL compatibility */
/* #define OPENSSL_EXTRA */
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@ -181,7 +224,9 @@
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#define HAVE_SESSION_TICKET
#ifndef NO_SESSION_CACHE
#define HAVE_SESSION_TICKET
#endif
/* #define HAVE_HASHDRBG */
@ -359,6 +404,7 @@
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
@ -379,7 +425,7 @@
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* #define NO_HW_MATH_TEST */ /* Optionally turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
@ -402,8 +448,8 @@
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* used by benchmark: */
#define WOLFSSL_PUBLIC_MP
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
@ -497,7 +543,6 @@
#define WOLFSSL_BASE16
#else
#if defined(USE_CERT_BUFFERS_2048)
#include <wolfssl/certs_test.h>
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
@ -517,7 +562,6 @@
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
#include <wolfssl/certs_test.h>
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1

132
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
View File

@ -38,6 +38,13 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#if defined(WOLFSSL_WC_KYBER)
#include <wolfssl/wolfcrypt/kyber.h>
#include <wolfssl/wolfcrypt/wc_kyber.h>
#endif
#if defined(USE_CERT_BUFFERS_2048) || defined(USE_CERT_BUFFERS_1024)
#include <wolfssl/certs_test.h>
#endif
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
@ -180,18 +187,23 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
struct hostent *hp;
struct ip4_addr *ip4_addr;
int ret_i; /* interim return values */
int err; /* interim return values */
int sockfd;
int doPeerCheck;
int sendGet;
#ifdef DEBUG_WOLFSSL
int this_heap = 0;
#endif
#ifndef NO_DH
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
#endif
size_t len;
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
size_t len;
wolfSSL_Debugging_ON();
WOLFSSL_ENTER(TLS_SMP_CLIENT_TASK_NAME);
@ -351,11 +363,10 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
/* Connect to the server */
sprintf(buff,
"Connecting to server....%s(port:%d)",
"Connecting to server....%s (port:%d)",
TLS_SMP_TARGET_HOST,
TLS_SMP_DEFAULT_PORT);
WOLFSSL_MSG(buff);
printf("%s\n", buff);
ESP_LOGI(TAG, "%s\n", buff);
if ((ret_i = connect(sockfd,
(struct sockaddr *)&servAddr,
@ -363,6 +374,10 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
ESP_LOGE(TAG, "ERROR: failed to connect ret=%d\n", ret_i);
}
#if defined(WOLFSSL_EXPERIMENTAL_SETTINGS)
ESP_LOGW(TAG, "WOLFSSL_EXPERIMENTAL_SETTINGS is enabled");
#endif
WOLFSSL_MSG("Create a WOLFSSL object");
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
@ -372,6 +387,36 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
#ifdef DEBUG_WOLFSSL
ESP_LOGI(TAG, "\nCreated WOLFSSL object:");
ShowCiphers(ssl);
this_heap = esp_get_free_heap_size();
ESP_LOGI(TAG, "tls_smp_client_task heap @ %p = %d",
&this_heap, this_heap);
#endif
#if defined(WOLFSSL_HAVE_KYBER)
#if defined(WOLFSSL_KYBER1024)
ESP_LOGI(TAG, "WOLFSSL_HAVE_KYBER is enabled, setting key share: "
"WOLFSSL_P256_KYBER_LEVEL5");
ret_i = wolfSSL_UseKeyShare(ssl, WOLFSSL_P521_KYBER_LEVEL5);
#elif defined(WOLFSSL_KYBER768)
ESP_LOGI(TAG, "WOLFSSL_HAVE_KYBER is enabled, setting key share: "
"WOLFSSL_P256_KYBER_LEVEL3");
ret_i = wolfSSL_UseKeyShare(ssl, WOLFSSL_P256_KYBER_LEVEL3);
#elif defined(WOLFSSL_KYBER512)
/* This will typically be a low memory situation, such as ESP8266 */
ESP_LOGI(TAG, "WOLFSSL_HAVE_KYBER is enabled, setting key share: "
"WOLFSSL_P256_KYBER_LEVEL1");
ret_i = wolfSSL_UseKeyShare(ssl, WOLFSSL_P256_KYBER_LEVEL1);
#else
ESP_LOGW(TAG, "WOLFSSL_HAVE_KYBER enabled but no key size available.");
ret_i = ESP_FAIL;
#endif
if (ret_i == SSL_SUCCESS) {
ESP_LOGI(TAG, "UseKeyShare Kyber success");
}
else {
ESP_LOGE(TAG, "UseKeyShare Kyber failed");
}
#else
ESP_LOGI(TAG, "WOLFSSL_HAVE_KYBER is not enabled");
#endif
}
@ -396,7 +441,11 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
#endif
#endif
#ifdef DEBUG_WOLFSSL
this_heap = esp_get_free_heap_size();
ESP_LOGI(TAG, "tls_smp_client_task heap(2) @ %p = %d",
&this_heap, this_heap);
#endif
/* Attach wolfSSL to the socket */
ret_i = wolfSSL_set_fd(ssl, sockfd);
if (ret_i == WOLFSSL_SUCCESS) {
@ -406,42 +455,86 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
ESP_LOGE(TAG, "ERROR: failed wolfSSL_set_fd. Error: %d\n", ret_i);
}
WOLFSSL_MSG("Connect to wolfSSL on the server side");
/* Connect to wolfSSL on the server side */
ESP_LOGI(TAG, "Connect to wolfSSL server...");
ret_i = wolfSSL_connect(ssl);
if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
#ifdef DEBUG_WOLFSSL
this_heap = esp_get_free_heap_size();
ESP_LOGI(TAG, "tls_smp_client_task heap(3) @ %p = %d",
&this_heap, this_heap);
#endif
if (ret_i == SSL_SUCCESS) {
#ifdef DEBUG_WOLFSSL
ShowCiphers(ssl);
#endif
ESP_LOGI(TAG, "Connect success! Sending message...");
/* Get a message for the server from stdin */
WOLFSSL_MSG("Message for server: ");
memset(buff, 0, sizeof(buff));
if (sendGet) {
printf("SSL connect ok, sending GET...\n");
len = XSTRLEN(sndMsg);
strncpy(buff, sndMsg, len);
buff[len] = '\0';
}
else {
sprintf(buff, "message from esp32 tls client\n");
sprintf(buff, "Hello from Espressif wolfSSL TLS client!\n");
len = strnlen(buff, sizeof(buff));
}
buff[len] = '\0';
ESP_LOGI(TAG, "SSL connect ok, sending message:\n\n%s\n", buff);
/* Send the message to the server */
if (wolfSSL_write(ssl, buff, len) != len) {
do {
err = 0; /* reset error */
ret_i = wolfSSL_write(ssl, buff, len);
if (ret_i <= 0) {
err = wolfSSL_get_error(ssl, 0);
}
} while (err == WOLFSSL_ERROR_WANT_WRITE ||
err == WOLFSSL_ERROR_WANT_READ);
if (ret_i != len) {
ESP_LOGE(TAG, "ERROR: failed to write\n");
}
else {
ESP_LOGI(TAG, "Message sent! Awaiting response...");
}
/* Read the server data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
do {
err = 0; /* reset error */
ret_i =wolfSSL_read(ssl, buff, sizeof(buff));
if (ret_i <= 0) {
err = wolfSSL_get_error(ssl, 0);
}
} while ((err == WOLFSSL_ERROR_WANT_READ) ||
(err == WOLFSSL_ERROR_WANT_WRITE) );
if (ret_i < 0) {
ESP_LOGE(TAG, "ERROR: failed to read\n");
}
/* Print to stdout any data the server sends */
printf("Server: ");
printf("%s\n", buff);
/* Show any data the server sends */
ESP_LOGI(TAG, "Server response: \n\n%s\n", buff);
ret_i = wolfSSL_shutdown(ssl);
while (ret_i == WOLFSSL_SHUTDOWN_NOT_DONE) {
ret_i = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
if (ret_i == WOLFSSL_SUCCESS) {
ESP_LOGI(TAG, "Bidirectional shutdown complete\n");
break;
}
else if (ret_i != WOLFSSL_SHUTDOWN_NOT_DONE) {
ESP_LOGE(TAG, "Bidirectional shutdown failed\n");
break;
}
}
if (ret_i != WOLFSSL_SUCCESS) {
ESP_LOGE(TAG, "Bidirectional shutdown failed\n");
}
} /* wolfSSL_connect(ssl) == SSL_SUCCESS) */
else {
ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL. "
"Error: %d\n", ret_i);
@ -450,8 +543,8 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
ShowCiphers(ssl);
#endif
/* Cleanup and return */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ESP_LOGI(TAG, "Cleanup and exit");
wolfSSL_free(ssl); /* Release the wolfSSL object memory */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the connection to the server */
@ -485,7 +578,8 @@ WOLFSSL_ESP_TASK tls_smp_client_init(void* args)
#endif
/* Note that despite vanilla FreeRTOS using WORDS for a parameter,
* Espressif uses BYTES for the task stack size here: */
* Espressif uses BYTES for the task stack size here.
* See https://docs.espressif.com/projects/esp-idf/en/v4.3/esp32/api-reference/system/freertos.html */
ret = xTaskCreate(tls_smp_client_task,
TLS_SMP_CLIENT_TASK_NAME,
TLS_SMP_CLIENT_TASK_BYTES,

22
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
View File

@ -29,9 +29,9 @@
/* See main/Kconfig.projbuild for default configuration settings */
#ifdef CONFIG_WOLFSSL_TARGET_HOST
#define TLS_SMP_TARGET_HOST CONFIG_WOLFSSL_TARGET_HOST
#define TLS_SMP_TARGET_HOST "192.168.1.36"
#else
#define TLS_SMP_TARGET_HOST "192.168.1.37"
#define TLS_SMP_TARGET_HOST "192.168.1.41"
#endif
#ifdef CONFIG_WOLFSSL_TARGET_PORT
@ -44,9 +44,23 @@
/* Reminder: Vanilla FreeRTOS is words, Espressif is bytes. */
#if defined(WOLFSSL_ESP8266)
#define TLS_SMP_CLIENT_TASK_BYTES (6 * 1024)
#if defined(WOLFSSL_HAVE_KYBER)
/* Minimum ESP8266 stack size = 10K with Kyber.
* Note there's a maximum not far away as Kyber needs heap
* and the total DRAM is typically only 80KB total. */
#define TLS_SMP_CLIENT_TASK_BYTES (11 * 1024)
#else
/* Minimum ESP8266 stack size = 6K without Kyber */
#define TLS_SMP_CLIENT_TASK_BYTES (6 * 1024)
#endif
#else
#define TLS_SMP_CLIENT_TASK_BYTES (8 * 1024)
#if defined(WOLFSSL_HAVE_KYBER)
/* Minimum ESP32 stack size = 12K with Kyber enabled. */
#define TLS_SMP_CLIENT_TASK_BYTES (12 * 1024)
#else
/* Minimum ESP32 stack size = 8K without Kyber */
#define TLS_SMP_CLIENT_TASK_BYTES (8 * 1024)
#endif
#endif
#define TLS_SMP_CLIENT_TASK_PRIORITY 8

2
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
View File

@ -1,6 +1,6 @@
/* wifi_connect.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
View File

@ -124,6 +124,7 @@ void my_atmel_free(int slotId)
void app_main(void)
{
int stack_start = 0;
int this_heap = 0;
esp_err_t ret = 0;
ESP_LOGI(TAG, "---------------- wolfSSL TLS Client Example ------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
@ -260,7 +261,6 @@ void app_main(void)
/* HWM is maximum amount of stack space that has been unused, in bytes
* not words (unlike vanilla freeRTOS). */
int this_heap;
this_heap = esp_get_free_heap_size();
ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
CONFIG_ESP_MAIN_TASK_STACK_SIZE

13
IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
View File

@ -117,8 +117,8 @@ int set_fixed_default_time(void)
* but let's set a default time, just in case */
struct tm timeinfo = {
.tm_year = 2024 - 1900,
.tm_mon = 1,
.tm_mday = 05,
.tm_mon = 3,
.tm_mday = 01,
.tm_hour = 13,
.tm_min = 01,
.tm_sec = 05
@ -203,7 +203,8 @@ int set_time_from_string(const char* time_buffer)
/* we found a match for all componets */
const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
};
for (int i = 0; i < 12; i++) {
if (strcmp(month_str, months[i]) == 0) {
@ -216,7 +217,7 @@ int set_time_from_string(const char* time_buffer)
this_timeinfo.tm_hour = hour;
this_timeinfo.tm_min = minute;
this_timeinfo.tm_sec = second;
this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
this_timeinfo.tm_year = year - 1900; /* Years since 1900 */
interim_time = mktime(&this_timeinfo);
now = (struct timeval){ .tv_sec = interim_time };
@ -350,7 +351,7 @@ int set_time_wait_for_ntp(void)
ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
#else
ESP_LOGE(TAG, "HAS_ESP_NETIF_SNTP not defined");
ESP_LOGW(TAG, "HAS_ESP_NETIF_SNTP not defined");
#endif /* HAS_ESP_NETIF_SNTP */
esp_show_current_datetime();
@ -370,7 +371,7 @@ int set_time_wait_for_ntp(void)
#endif
if (ret == ESP_OK) {
ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
ESP_LOGI(TAG, "Successfully set time via NTP servers.");
}
else {
ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "

78
IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
View File

@ -1,5 +1,41 @@
# sdkconfig.defaults for ESP8266 + ESP32
# Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig.
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults
CONFIG_BENCH_ARGV="-lng 0"
CONFIG_FREERTOS_HZ=1000
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
#
# Default main stack size. See user_settings.h
#
# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
# Legacy stack size for older ESP-IDF versions
CONFIG_MAIN_TASK_STACK_SIZE=10500
#
# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled
CONFIG_NEWLIB_NANO_FORMAT=n
#
# Watchdog Timers
#
# We don't want to have the watchdog timeout during tests & benchmarks
#
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n
# Panic & Watchdog
CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000
CONFIG_ESP_TASK_WDT_EN=n
CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y
CONFIG_ESP_INT_WDT=n
# ESP8266 Watchdog:
CONFIG_TASK_WDT=n
CONFIG_TASK_WDT_PANIC=n
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y
@ -7,9 +43,51 @@ CONFIG_ESP_PANIC_PRINT_HALT=y
# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# Performance
# CONFIG_COMPILER_OPTIMIZATION_PERF=y
# Set max COU frequency (falls back as needed for lower maximum)
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
# FreeRTOS ticks at 1ms interval
CONFIG_FREERTOS_UNICORE=y
CONFIG_FREERTOS_HZ=1000
#
# Compiler options
#
CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
# CONFIG_COMPILER_OPTIMIZATION_SIZE is not set
# CONFIG_COMPILER_OPTIMIZATION_PERF is not set
# CONFIG_COMPILER_OPTIMIZATION_NONE is not set
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT is not set
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_DISABLE is not set
CONFIG_COMPILER_FLOAT_LIB_FROM_GCCLIB=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
# CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT is not set
CONFIG_COMPILER_HIDE_PATHS_MACROS=y
# CONFIG_COMPILER_CXX_EXCEPTIONS is not set
# CONFIG_COMPILER_CXX_RTTI is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_NONE is not set
CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
# CONFIG_COMPILER_STACK_CHECK_MODE_STRONG is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_ALL is not set
CONFIG_COMPILER_STACK_CHECK=y
# CONFIG_COMPILER_WARN_WRITE_STRINGS is not set
# CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS is not set
# CONFIG_COMPILER_DISABLE_GCC12_WARNINGS is not set
# CONFIG_COMPILER_DUMP_RTL_FILES is not set
# end of Compiler options
# We don't know that the min is actually v2,
# but this is the earliest tested.
CONFIG_ESP32C3_REV_MIN_2=y
#
# Partition Table
#

2
IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj
View File

@ -53,7 +53,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
<ComPortName>COM70</ComPortName>
<ComPortName>COM80</ComPortName>
<AdvancedSettings>
<BaudRate>74880</BaudRate>
<DataBits>8</DataBits>

13
IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
View File

@ -68,6 +68,19 @@ Linux Server
./examples/server/server -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
```
#### ESP32 Client to WSL Linux Server
In Windows Powershell, (elevated permissions) forward the port _after_ starting the listening server:
```bash
netsh interface portproxy add v4tov4 listenport=11111 listenaddress=0.0.0.0 connectport=11111 connectaddress=127.0.0.1
```
After the server exits, remove the port proxy forward:
```bash
netsh interface portproxy delete v4tov4 listenport=11111 listenaddress=0.0.0.0
```
Cipers to consider

6
IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
View File

@ -18,7 +18,7 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
<GCC>12.2.0</GCC>
<GCC>13.2.0</GCC>
<GDB>12.1</GDB>
<Revision>1</Revision>
</Version>
@ -67,8 +67,8 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
<Version>release/v5.1</Version>
<Subdirectory>esp-idf/v5.1</Subdirectory>
<Version>release/v5.2</Version>
<Subdirectory>esp-idf/v5.2</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM19</COMPort>

17
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -45,6 +45,11 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -158,8 +163,8 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
# esp_timer
# driver # this will typically only be needed for wolfSSL benchmark
)
else()
@ -363,6 +368,10 @@ else()
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
${THIS_IDF_PATH}/components/esp_event/include
${THIS_IDF_PATH}/components/esp_netif/include
${THIS_IDF_PATH}/components/esp_wifi/include
)
@ -390,6 +399,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""

288
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
View File

@ -1,40 +1,248 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
COMPONENT_ADD_INCLUDEDIRS := . ./include
COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
COMPONENT_SRCDIRS := src wolfcrypt/src
COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += wolfcrypt/benchmark
COMPONENT_SRCDIRS += wolfcrypt/test
CFLAGS +=-DWOLFSSL_USER_SETTINGS
COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += src/bio.o
#
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
# In the wolfSSL GitHub examples for Espressif:
# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
# When this wolfssl component.mk makefile is in [project]/components/wolfssl
# The root is 7 directories up from here:
WOLFSSL_ROOT := ../../../../../../..
# NOTE: The wolfSSL include diretory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := ./include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# wolfSSL
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
# wolfcrypt
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
# Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)/wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/src/bio.o
##
## wolfSSL
##
COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o
# COMPONENT_OBJS += src/conf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
# COMPONENT_OBJS += src/pk.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
# COMPONENT_OBJS += src/x509.o
# COMPONENT_OBJS += src/x509_str.o
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
##
## wolfcrypt
##
# COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src

254
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -19,12 +19,36 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.6.6-01 */
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
#include "sdkconfig.h"
#define DEBUG_WOLFSSL
/* #define DEBUG_WOLFSSL_VERBOSE */
/* Experimental Kyber */
#if 0
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* With limited RAM, we'll disable some of the Kyber sizes: */
#define WOLFSSL_NO_KYBER1024
#define WOLFSSL_NO_KYBER768
#endif
#endif
/* Pick a cert buffer size: */
/* #define USE_CERT_BUFFERS_2048 */
/* #define USE_CERT_BUFFERS_1024 */
#define USE_CERT_BUFFERS_2048
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
** Some possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
@ -36,18 +60,34 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* We don't use WiFi helpers yet, so don't compile in the esp-sdk-lib WiFi */
#define NO_ESP_SDK_WIFI
/*
* choose ONE of these Espressif chips to define:
* ONE of these Espressif chipsets should be defined:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*
* following ifdef detection only for syntax highlighting:
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
#ifdef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESPWROOM32SE
#endif
#ifdef WOLFSSL_ESP8266
#undef WOLFSSL_ESP8266
#endif
#ifdef WOLFSSL_ESP32
#undef WOLFSSL_ESP32
#endif
/* See below for chipset detection from sdkconfig.h */
#define WOLFSSL_ESP32
/* Small session cache saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desperate, try NO_SESSION_CACHE. */
#define MICRO_SESSION_CACHE
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
@ -61,7 +101,10 @@
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
#define WOLFSSL_SMALL_STACK
#define HAVE_ECC
#define RSA_LOW_MEM
/* TLS 1.3 */
#define WOLFSSL_TLS13
@ -79,39 +122,45 @@
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */
/* #define WOLFSSL_RIPEMD */
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
/* when you want to use SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* Some known low-memory devices have features not enabled by default. */
#else
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
#define HAVE_ED25519 /* ED25519 requires SHA512 */
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#endif
/* Optional OpenSSL compatibility */
/* #define OPENSSL_EXTRA */
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@ -125,7 +174,7 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* rsa primitive specific definition */
/* RSA primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
@ -145,8 +194,6 @@
#endif
#endif
#define RSA_LOW_MEM
/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
@ -173,10 +220,6 @@
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
#define WOLFSSL_SMALL_STACK
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
@ -190,7 +233,6 @@
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
@ -203,7 +245,7 @@
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
/* command-line options
--enable-keygen
--enable-certgen
--enable-certreq
@ -211,10 +253,11 @@
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
/* Chipset detection from sdkconfig.h
* Default is HW enabled unless turned off.
* Uncomment lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -232,6 +275,7 @@
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -244,6 +288,7 @@
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -257,6 +302,7 @@
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#define WOLFSSL_ESP32
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
@ -282,6 +328,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -299,6 +346,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -315,6 +363,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#define WOLFSSL_ESP32
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
@ -323,7 +372,11 @@
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define WOLFSSL_ESP8266
/* There's no hardware encryption on the ESP8266 */
/* Consider using the ESP32-C2/C3/C6
* See https://www.espressif.com/en/products/socs/esp32-c2 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
@ -340,6 +393,7 @@
#else
/* Anything else encountered, disable HW accleration */
#warning "Unexpected CONFIG_IDF_TARGET_NN value"
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
@ -347,6 +401,7 @@
#endif /* CONFIG_IDF_TARGET Check */
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
@ -367,7 +422,7 @@
/* #define HASH_SIZE_LIMIT */ /* for test.c */
/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
/* #define NO_HW_MATH_TEST */ /* Optionally turn off HW math checks */
/* Optionally include alternate HW test library: alt_hw_test.h */
/* When enabling, the ./components/wolfssl/CMakeLists.txt file
@ -390,8 +445,8 @@
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* used by benchmark: */
#define WOLFSSL_PUBLIC_MP
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
@ -400,12 +455,75 @@
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
/***************************** Certificate Macros *****************************
*
* The section below defines macros used in typically all of the wolfSSL
* examples such as the client and server for certs stored in header files.
*
* There are various certificate examples in this header file:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* To use the sets of macros below, define *one* of these:
*
* USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1
* USE_CERT_BUFFERS_2048 - RSA 2048 bit encoded ASN1
* WOLFSSL_SM[2,3,4] - SM Ciphers
*
* For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this
* wolfSSL function for the `ca_cert_der_2048` buffer, size and types:
*
* ret = wolfSSL_CTX_load_verify_buffer(ctx,
* CTX_CA_CERT,
* CTX_CA_CERT_SIZE,
* CTX_CA_CERT_TYPE);
*
* See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer
*
* In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as
* defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference
* array size and cert type respectively.
*
* Similarly for loading the private client key:
*
* ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
* CTX_CLIENT_KEY,
* CTX_CLIENT_KEY_SIZE,
* CTX_CLIENT_KEY_TYPE);
*
* see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer
*
* Similarly, the other macros are for server certificates and keys:
* `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available.
*
* The certificate and key names are typically `static const unsigned char`
* arrays. The [NAME]_size are typically `sizeof([array name])`, and the types
* are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM).
*
* See `SSL_FILETYPE_[name]` in
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h
*
* See Abstract Syntax Notation One (ASN.1) in:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h
*
* Optional SM4 Ciphers:
*
* Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet
* be available. See:
* https://github.com/wolfSSL/wolfssl/pull/6825
* https://github.com/wolfSSL/wolfsm
*
* Uncomment these 3 macros to enable the SM Ciphers and use the macros below.
*/
/*
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
/* Conditional macros used in wolfSSL TLS client and server examples */
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
@ -421,15 +539,45 @@
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
#if defined(USE_CERT_BUFFERS_2048)
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_2048
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_2048
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_1024
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_1024
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_1024
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_1024
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_1024
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#else
/* Optionally define custom cert arrays, sizes, and types here */
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#endif
#endif /* Conditional key and cert constant names */

2
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
View File

@ -1,6 +1,6 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
View File

@ -1,6 +1,6 @@
/* server-tls.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

5
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -38,7 +38,8 @@ int esp_show_current_datetime();
int set_fixed_default_time(void);
/* set time from string (e.g. GitHub commit time) */
int set_time_from_string(char* time_buffer);
/* When not using the new esp-sdk-lib.h helpers: */
/* int set_time_from_string(char* time_buffer); */
/* set time from NTP servers,
* also initially calls set_fixed_default_time or set_time_from_string */

14
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
View File

@ -1,6 +1,6 @@
/* wifi_connect.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -28,7 +28,7 @@
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_SERVER_TASK_NAME "tls_sever_example"
#define TLS_SMP_SERVER_TASK_WORDS 22240
#define TLS_SMP_SERVER_TASK_BYTES 22240
#define TLS_SMP_SERVER_TASK_PRIORITY 8
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
@ -77,13 +77,19 @@
#ifdef CONFIG_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
#else
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
/* See new esp-sdk-lib.h helpers: */
#ifndef EXAMPLE_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#endif
#ifdef CONFIG_ESP_WIFI_PASSWORD
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#else
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
/* See new esp-sdk-lib.h helpers: */
#ifndef EXAMPLE_ESP_WIFI_PASS
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
#endif
#endif
#endif

15
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -234,24 +234,15 @@ void app_main(void)
/* done */
while (1) {
ESP_LOGV(TAG, "\n\nLoop...\n\n");
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack delta: %d\n", stack_start
- uxTaskGetStackHighWaterMark(NULL));
#endif
#if defined(SINGLE_THREADED)
ESP_LOGV(TAG, "\n\nDone!\n\n");
while (1);
#else
vTaskDelay(60000);
/* Delete this main task to free up memory */
ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
vTaskDelete(NULL);
#endif
} /* done whle */
} /* done while */
} /* app_main */

96
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
View File

@ -1,6 +1,6 @@
/* server-tls.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -31,10 +31,16 @@
/* socket includes */
#include <lwip/netdb.h>
#include <lwip/sockets.h>
#include <netinet/tcp.h> /* For TCP options */
#include <sys/socket.h>
#ifndef TCP_RTO_MIN
#define TCP_RTO_MIN 1500
#endif
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include "user_settings.h"
#include <wolfssl/certs_test.h>
#include <wolfssl/ssl.h>
#ifdef WOLFSSL_TRACK_MEMORY
@ -50,30 +56,6 @@
#define DEFAULT_MAX_DHKEY_BITS 2048
#endif
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
#define CTX_CA_CERT_SIZE sizeof_root_sm2
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_CERT server_sm2
#define CTX_SERVER_CERT_SIZE sizeof_server_sm2
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
#define CTX_SERVER_KEY server_sm2_priv
#define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
#else
#include <wolfssl/certs_test.h>
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
/* Project */
#include "wifi_connect.h"
#include "time_helper.h"
@ -112,7 +94,6 @@ int ShowCiphers(WOLFSSL* ssl)
return ret;
}
/* FreeRTOS */
/* server task */
WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
@ -133,7 +114,10 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
int ret;
socklen_t size = sizeof(clientAddr);
size_t len;
#if 0
/* optionally set TCP RTO. See also below. */
int rto_min = 200; /* Minimum TCP RTO in milliseconds */
#endif
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
@ -157,16 +141,18 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
ESP_LOGE(TAG, "ERROR: failed to create the socket");
}
/* Optionally set TCP RTO
setsockopt(sockfd, IPPROTO_TCP, TCP_RTO_MIN, &rto_min, sizeof(rto_min)); */
/* Create and initialize WOLFSSL_CTX */
WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
// ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); /* only TLS 1.3 */
/* ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); for only TLS 1.3 */
if (ctx == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
}
#else
/* TODO remove duplicate */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
}
@ -304,8 +290,8 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
ESP_LOGI(TAG, "accept clients...");
/* Continue to accept clients until shutdown is issued */
while (!shutdown) {
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Stack used: %d\n", TLS_SMP_SERVER_TASK_BYTES
- uxTaskGetStackHighWaterMark(NULL) );
WOLFSSL_MSG("Waiting for a connection...");
wifi_show_ip();
@ -314,16 +300,33 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
== -1) {
ESP_LOGE(TAG, "ERROR: failed to accept the connection");
}
#if defined(WOLFSSL_EXPERIMENTAL_SETTINGS)
ESP_LOGW(TAG, "WOLFSSL_EXPERIMENTAL_SETTINGS is enabled");
#endif
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
}
#if defined(WOLFSSL_HAVE_KYBER)
else {
/* If success creating CTX and Kyber enabled, set key share: */
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_P521_KYBER_LEVEL5);
if (ret == SSL_SUCCESS) {
ESP_LOGI(TAG, "UseKeyShare WOLFSSL_P521_KYBER_LEVEL5 success");
}
else {
ESP_LOGE(TAG, "UseKeyShare WOLFSSL_P521_KYBER_LEVEL5 failed");
}
}
#else
ESP_LOGI(TAG, "WOLFSSL_HAVE_KYBER is not enabled");
#endif
/* show what cipher connected for this WOLFSSL* object */
ShowCiphers(ssl);
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, connd);
/* Establish TLS connection */
ret = wolfSSL_accept(ssl);
if (ret == SSL_SUCCESS) {
@ -333,23 +336,18 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
ESP_LOGE(TAG, "wolfSSL_accept error %d",
wolfSSL_get_error(ssl, ret));
}
WOLFSSL_MSG("Client connected successfully");
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "Client connected successfully");
/* Read the client data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
ESP_LOGE(TAG, "ERROR: failed to read");
}
/* Print to stdout any data the client sends */
ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
WOLFSSL_MSG("Client sends:");
WOLFSSL_MSG(buff);
ESP_LOGI(TAG, "Client sends: %s", buff);
/* Check for server shutdown command */
if (strncmp(buff, "shutdown", 8) == 0) {
WOLFSSL_MSG("Shutdown command issued!");
ESP_LOGI(TAG, "Shutdown command issued!");
shutdown = 1;
}
/* Write our reply into buff */
@ -360,10 +358,12 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
if (wolfSSL_write(ssl, buff, len) != len) {
ESP_LOGE(TAG, "ERROR: failed to write");
}
ESP_LOGI(TAG, "Done! Cleanup...");
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
close(connd); /* Close the connection to the client */
}
} /* !shutdown */
/* Cleanup and return */
wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
@ -397,12 +397,14 @@ WOLFSSL_ESP_TASK tls_smp_server_init(void* args)
#else
xTaskHandle _handle;
#endif
/* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
/* Note that despite vanilla FreeRTOS using WORDS for a parameter,
* Espressif uses BYTES for the task stack size here.
* See https://docs.espressif.com/projects/esp-idf/en/v4.3/esp32/api-reference/system/freertos.html */
ESP_LOGI(TAG, "Creating tls_smp_server_task with stack size = %d",
TLS_SMP_SERVER_TASK_WORDS);
TLS_SMP_SERVER_TASK_BYTES);
ret_i = xTaskCreate(tls_smp_server_task,
TLS_SMP_SERVER_TASK_NAME,
TLS_SMP_SERVER_TASK_WORDS, /* not bytes! */
TLS_SMP_SERVER_TASK_BYTES,
(void*)&thisPort,
TLS_SMP_SERVER_TASK_PRIORITY,
&_handle);
@ -411,7 +413,7 @@ WOLFSSL_ESP_TASK tls_smp_server_init(void* args)
ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
}
/* vTaskStartScheduler(); // called automatically in ESP-IDF */
/* vTaskStartScheduler(); called automatically in ESP-IDF */
return TLS_SMP_CLIENT_TASK_RET;
}
#endif

2
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
View File

@ -1,6 +1,6 @@
/* time_helper.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
View File

@ -1,6 +1,6 @@
/* wifi_connect.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

74
IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
View File

@ -1,79 +1,15 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
# v1.1
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.16)
cmake_minimum_required(VERSION 3.5)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
#
# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
# USE_MY_PRIVATE_CONFIG path for my_private_config.h
#
# Expected path varies:
#
# WSL: /mnt/c/workspace
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
set(COMPONENTS
main
wolfssl
# cryptoauthlib
) # set components
# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
# an unintuitive error about Unknown CMake command "esptool_py_flash_project_args".
project(wolfssl_test)

9
IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
View File

@ -3,9 +3,12 @@
# project subdirectory.
#
PROJECT_NAME := wolfssl_test
CFLAGS += -DWOLFSSL_USER_SETTINGS
include $(IDF_PATH)/make/project.mk
# Some of the tests are CPU intenstive, so we'll force the watchdog timer off.
# There's an espressif NO_WATCHDOG; we don't use it, as it is reset by sdkconfig.
EXTRA_CFLAGS += -DWOLFSSL_ESP_NO_WATCHDOG
PROJECT_NAME := wolfssl_test
include $(IDF_PATH)/make/project.mk

4
IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32.vgdbproj
View File

@ -71,7 +71,7 @@
<Subdirectory>esp-idf/v5.0</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
<COMPort>COM9</COMPort>
<COMPort>COM19</COMPort>
<SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
<UseCCache>false</UseCCache>
<DeviceID>ESP32</DeviceID>
@ -93,7 +93,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
<ComPortName>COM20</ComPortName>
<ComPortName>COM19</ComPortName>
<AdvancedSettings>
<BaudRate>115200</BaudRate>
<DataBits>8</DataBits>

302
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
@ -19,16 +19,95 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.6.0.011 for detect test/benchmark
# Version 5.7.0 template update + THIS_IDF_PATH
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSL_ROOT "c:/test/my_wolfssl" )
if ( "${WOLFSSL_ROOT}" STREQUAL "")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# Optional compiler definitions to help with system name detection (typically printed by app diagnostics)
if(VERBOSE_COMPONENT_MESSAGES)
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# Don't include lwip requirement for benchmark and test apps.
if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test") )
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
endif()
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@ -45,6 +124,11 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -71,27 +155,41 @@ function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
endif()
endfunction()
# *********************************************************************************************
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
# Example usage:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
# *********************************************************************************************
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
message(STATUS "Found WOLFSSL_ROOT via prior specification.")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
message(FATAL_ERROR "WOLFSSL_ROOT Variable defined, but path not found: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif()
endif()
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
@ -109,16 +207,47 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
return()
endif()
# Maintain CURRENT_SEARCH_DIR, but check various suffixes with CURRENT_SEARCH_DIR_ALT
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl-master"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-master)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in master-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
@ -138,7 +267,8 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
# When the parent is current directory, cannot go any further. We didn't find wolfssl.
# When the search directory is empty, we'll give up.
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
@ -149,17 +279,47 @@ endfunction()
# Example usage:
#
# Simply find the WOLFSSL_DIRECTORY by searching parent directories:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
#
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
message(STATUS "${_variableName}=${${_variableName}}")
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
message(STATUS "")
endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
esp_timer
driver # this will typically only be needed for wolfSSL benchmark
${THIS_INCLUDE_TIMER}
${THIS_INCLUDE_DRIVER} # this will typically only be needed for wolfSSL benchmark
)
else()
@ -171,24 +331,52 @@ else()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
IS_WOLFSSL_SOURCE("${WOLFSSL_ROOT}" FOUND_WOLFSSL)
if(FOUND_WOLFSSL)
message(STATUS "Found WOLFSSL_ROOT via CMake specification.")
else()
# WOLFSSL_ROOT Path specified in CMakeLists.txt is not a valid path
message(FATAL_ERROR "WOLFSSL_ROOT CMake Variable defined, but path not found: ${WOLFSSL_ROOT}\n"
"Try correcting WOLFSSL_ROOT in your project CMakeFile.txt or setting environment variable.")
# Abort CMake after fatal error.
endif()
else()
message(STATUS "NEW wolfssl directory not found.")
message(STATUS "Searching for wolfSL source code...")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "Failed: wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
message(FATAL_ERROR "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
# Abort CMake after fatal error.
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
# During regression tests, optionally copy source locally and use: set(USE_LOCAL_TEST_BENCH 1)
set(USE_LOCAL_TEST_BENCH 0)
if(NOT USE_LOCAL_TEST_BENCH)
if( "${CMAKE_PROJECT_NAME}" STREQUAL "hello-world" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/test")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
endif()
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
@ -200,16 +388,19 @@ else()
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h is in the local project.
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
# add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
file(GLOB EXCLUDE_ASM *.S)
file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
file(GLOB EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
@ -232,11 +423,13 @@ else()
message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
# Abort CMake after fatal error.
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@ -286,6 +479,7 @@ else()
message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
"${WOLFSSL_ROOT}/include/user_settings.h "
" (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
# Abort CMake after fatal error.
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
@ -355,17 +549,22 @@ else()
message(STATUS "Could not find RTOS path")
endif()
endif()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/port/Espressif\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
"${THIS_IDF_PATH}/components/esp_netif/include"
"${THIS_IDF_PATH}/components/esp_wifi/include"
)
# Optionally include cryptoauthlib if present
if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
endif()
@ -374,7 +573,7 @@ else()
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
# Some files are known to be included elsewhere, or not used for Espressif
set(COMPONENT_SRCEXCLUDE
"\"${WOLFSSL_ROOT}/src/bio.c\""
"\"${WOLFSSL_ROOT}/src/conf.c\""
@ -390,6 +589,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
@ -426,17 +627,34 @@ else()
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
PRIV_REQUIRES
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
# some optional diagnostics
if (1)
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
message(STATUS "${_variableName}=${${_variableName}}")
if ( ("${_variableName}" STREQUAL "bootloader_binary_files")
OR ("${_variableName}" STREQUAL "Component paths")
OR ("${_variableName}" STREQUAL "component_targets")
OR ("${_variableName}" STREQUAL "__COMPONENT_TARGETS")
OR ("${_variableName}" STREQUAL "CONFIGS_LIST")
OR ("${_variableName}" STREQUAL "__CONFIG_VARIABLES")
OR ("${_variableName}" STREQUAL "val")
OR ("${_variableName}" MATCHES "^__idf_")
)
# Truncate the displayed value:
string(SUBSTRING "${${_variableName}}" 0 70 truncatedValue)
message(STATUS "${_variableName} = ${truncatedValue} ... (truncated)")
else()
message(STATUS "${_variableName}=${${_variableName}}")
endif()
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
@ -523,6 +741,8 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")

280
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
View File

@ -1,40 +1,240 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
COMPONENT_ADD_INCLUDEDIRS := . ./include
COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
COMPONENT_SRCDIRS := src wolfcrypt/src
COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += wolfcrypt/benchmark
COMPONENT_SRCDIRS += wolfcrypt/test
CFLAGS +=-DWOLFSSL_USER_SETTINGS
COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += src/bio.o
#
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# In the wolfSSL GitHub examples for Espressif,
# the root is 7 directories up from here:
WOLFSSL_ROOT := ../../../../../../../
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT).
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt/port/Espressif
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# WOLFSSL_ROOT := ""
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)src
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/test
COMPONENT_SRCDIRS += include
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)src/bio.o
##
## wolfSSL
##
COMPONENT_OBJS := $(WOLFSSL_ROOT)src/bio.o
# COMPONENT_OBJS += src/conf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ocsp.o
# COMPONENT_OBJS += src/pk.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/wolfio.o
# COMPONENT_OBJS += src/x509.o
# COMPONENT_OBJS += src/x509_str.o
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asn.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/async.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sakke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/selftest.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_first.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_last.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/benchmark/benchmark.o
##
## wolfcrypt test (optional)
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/test/test.o
##
## wolfcrypt
##
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src

430
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -19,12 +19,22 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This user_settings.h is for Espressif ESP-IDF */
#include <sdkconfig.h>
/* This user_settings.h is for Espressif ESP-IDF
*
* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1
*
* Do not include any wolfssl headers here
*
* When editing this file:
* ensure wolfssl_test and wolfssl_benchmark settings match.
*/
/* The Espressif project config file. See also sdkconfig.defaults */
#include "sdkconfig.h"
/* The Espressif sdkconfig will have chipset info.
**
** Possible values:
** Some possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
@ -36,18 +46,175 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
#define NO_ESP_SDK_WIFI
/* Experimental Kyber */
#if 0
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#endif
/*
* choose ONE of these Espressif chips to define:
* ONE of these Espressif chip families will be detected from sdkconfig:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
/* See below for chipset detection from sdkconfig.h */
#define WOLFSSL_ESP32
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
/* #define SINGLE_THREADED */
/* SMALL_SESSION_CACHE saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desperate or no TLS used, try NO_SESSION_CACHE. */
#define NO_SESSION_CACHE
/* Small Stack uses more heap. */
#define WOLFSSL_SMALL_STACK
/* Full debugging turned off, but show malloc failure detail */
/* #define DEBUG_WOLFSSL */
#define DEBUG_WOLFSSL_MALLOC
/* See test.c that sets cert buffers; we'll set them here: */
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
/* RSA_LOW_MEM: Half as much memory but twice as slow. */
#define RSA_LOW_MEM
/* Uncommon settings for testing only */
#define TEST_ESPIDF_ALL_WOLFSSL
#ifdef TEST_ESPIDF_ALL_WOLFSSL
#define WOLFSSL_MD2
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WC_RC2
#define WOLFSSL_ALLOW_RC4
#define HAVE_POLY1305
#define WOLFSSL_AES_128
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_CFB
#define WOLFSSL_AES_XTS
/* #define WC_SRTP_KDF */
/* TODO Causes failure with Espressif AES HW Enabled */
/* #define HAVE_AES_ECB */
/* #define HAVE_AESCCM */
/* TODO sanity check when missing HAVE_AES_ECB */
#define WOLFSSL_WOLFSSH
#define HAVE_AESGCM
#define WOLFSSL_AES_COUNTER
#define HAVE_FFDHE
#define HAVE_FFDHE_2048
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO Full size SRP is disabled on the ESP8266 at this time.
* Low memory issue? */
#define WOLFCRYPT_HAVE_SRP
/* MIN_FFDHE_FP_MAX_BITS = (MIN_FFDHE_BITS * 2); see settings.h */
#define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
#elif defined(CONFIG_IDF_TARGET_ESP32) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
/* TODO: SRP Not enabled, known to fail on this target
* See https://github.com/wolfSSL/wolfssl/issues/7210 */
#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32H2)
/* SRP Known to be working on this target::*/
#define WOLFCRYPT_HAVE_SRP
#define FP_MAX_BITS (8192 * 2)
#else
/* For everything else, give a try and see if SRP working: */
#define WOLFCRYPT_HAVE_SRP
#define FP_MAX_BITS (8192 * 2)
#endif
#define HAVE_DH
/* TODO: there may be a problem with HAVE_CAMELLIA with HW AES disabled.
* Do not define NO_WOLFSSL_ESP32_CRYPT_AES when enabled: */
/* #define HAVE_CAMELLIA */
/* DSA requires old SHA */
#define HAVE_DSA
/* Needs SHA512 ? */
#define HAVE_HPKE
/* Not for Espressif? */
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP32H2) || \
defined(CONFIG_IDF_TARGET_ESP8266)
#if defined(CONFIG_IDF_TARGET_ESP8266)
#undef HAVE_ECC
#undef HAVE_ECC_CDH
#undef HAVE_CURVE25519
/* TODO does CHACHA also need alignment? Failing on ESP8266
* See SHA256 __attribute__((aligned(4))); and WC_SHA256_ALIGN */
#ifdef HAVE_CHACHA
#error "HAVE_CHACHA not supported on ESP8266"
#endif
#ifdef HAVE_XCHACHA
#error "HAVE_XCHACHA not supported on ESP8266"
#endif
#else
#define HAVE_XCHACHA
#define HAVE_CHACHA
/* TODO Not enabled at this time, needs further testing:
* #define WC_SRTP_KDF
* #define HAVE_COMP_KEY
* #define WOLFSSL_HAVE_XMSS
*/
#endif
/* TODO AES-EAX not working on this platform */
/* Optionally disable DH
* #undef HAVE_DH
* #undef HAVE_FFDHE
*/
/* ECC_SHAMIR out of memory on ESP32-C2 during ECC */
#ifndef HAVE_ECC
#define ECC_SHAMIR
#endif
#else
#define WOLFSSL_AES_EAX
#define ECC_SHAMIR
#endif
/* Only for WOLFSSL_IMX6_CAAM / WOLFSSL_QNX_CAAM ? */
/* #define WOLFSSL_CAAM */
/* #define WOLFSSL_CAAM_BLOB */
#define WOLFSSL_AES_SIV
#define WOLFSSL_CMAC
#define WOLFSSL_CERT_PIV
/* HAVE_SCRYPT may turn on HAVE_PBKDF2 see settings.h */
/* #define HAVE_SCRYPT */
#define SCRYPT_TEST_ALL
#define HAVE_X963_KDF
#endif
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
@ -61,7 +228,6 @@
/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
/* TLS 1.3 */
#define WOLFSSL_TLS13
@ -79,7 +245,9 @@
#define HAVE_AESGCM
#define WOLFSSL_RIPEMD
/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */
/* #define WOLFSSL_RIPEMD */
/* when you want to use SHA224 */
#define WOLFSSL_SHA224
@ -95,24 +263,34 @@
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
/* Some features not enabled for ESP8266: */
#if defined(CONFIG_IDF_TARGET_ESP8266) || \
defined(CONFIG_IDF_TARGET_ESP32C2)
/* TODO determine low memory configuration for ECC. */
#else
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#endif
#define HAVE_ED25519
/* Optional OPENSSL compatibility */
#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
/* #Optional HAVE_PKCS7 */
#define HAVE_PKCS7
#if defined(HAVE_PKCS7)
/* HAVE_PKCS7 may enable HAVE_PBKDF2 see settings.h */
#define NO_PBKDF2
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
/* when you want to use aes counter mode */
/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@ -126,27 +304,11 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
/* rsa primitive specific definition */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
/* WC_NO_CACHE_RESISTANT: slower but more secure */
/* #define WC_NO_CACHE_RESISTANT */
#if defined(CONFIG_IDF_TARGET_ESP32)
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#define RSA_LOW_MEM
/* TFM_TIMING_RESISTANT: slower but more secure */
/* #define TFM_TIMING_RESISTANT */
/* #define WOLFSSL_ATECC508A_DEBUG */
@ -158,7 +320,7 @@
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#define ESP_RSA_TIMEOUT_CNT 0x349F00
/* hash limit for test.c */
#define HASH_SIZE_LIMIT
@ -206,7 +368,7 @@
#undef WOLFSSL_SYS_CA_CERTS
*/
/*
/* command-line options
--enable-keygen
--enable-certgen
--enable-certreq
@ -214,10 +376,14 @@
--enable-asn-template
*/
/* Default is HW enabled unless turned off.
** Uncomment these lines to force SW instead of HW acceleration */
/* Chipset detection from sdkconfig.h
* Default is HW enabled unless turned off.
* Uncomment lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32)
#define WOLFSSL_ESP32
/* Alternatively, if there's an ECC Secure Element present: */
/* #define WOLFSSL_ESPWROOM32SE */
/* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -235,6 +401,7 @@
/***** END CONFIG_IDF_TARGET_ESP32 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -247,6 +414,7 @@
/***** END CONFIG_IDF_TARGET_ESP32S2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
/* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
@ -260,6 +428,7 @@
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
#define WOLFSSL_ESP32
/* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
* single QFN 4x4 mm package. Out of released documentation, Technical
* Reference Manual as well as ESP-IDF Programming Guide is applicable
@ -285,6 +454,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -302,6 +472,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C3 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32C6)
#define WOLFSSL_ESP32
/* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
/* #define NO_ESP32_CRYPT */
@ -318,6 +489,7 @@
/***** END CONFIG_IDF_TARGET_ESP32C6 *****/
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
#define WOLFSSL_ESP32
/* wolfSSL Hardware Acceleration not yet implemented */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
@ -326,7 +498,11 @@
/***** END CONFIG_IDF_TARGET_ESP32H2 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO: Revisit ESP8266 */
#define WOLFSSL_ESP8266
/* There's no hardware encryption on the ESP8266 */
/* Consider using the ESP32-C2/C3/C6
* See https://www.espressif.com/en/products/socs/esp32-c2 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
@ -343,13 +519,42 @@
#else
/* Anything else encountered, disable HW accleration */
#warning "Unexpected CONFIG_IDF_TARGET_NN value"
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#endif /* CONFIG_IDF_TARGET Check */
/* RSA primitive specific definition, listed AFTER the Chipset detection */
#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Consider USE_FAST_MATH and SMALL_STACK */
#ifndef NO_RSA
#define ESP32_USE_RSA_PRIMITIVE
#if defined(CONFIG_IDF_TARGET_ESP32)
#ifdef CONFIG_ESP_MAIN_TASK_STACK_SIZE
#if CONFIG_ESP_MAIN_TASK_STACK_SIZE < 10500
#warning "RSA may be difficult with less than 10KB Stack "/
#endif
#endif
/* NOTE HW unreliable for small values! */
/* threshold for performance adjustment for HW primitive use */
/* X bits of G^X mod P greater than */
#undef ESP_RSA_EXPT_XBITS
#define ESP_RSA_EXPT_XBITS 32
/* X and Y of X * Y mod P greater than */
#undef ESP_RSA_MULM_BITS
#define ESP_RSA_MULM_BITS 16
#endif
#endif
#endif
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
@ -363,6 +568,14 @@
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define ESP_DISABLE_HW_TASK_LOCK
See wolfcrypt/benchmark/benchmark.c for debug and other settings:
Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
#define DEBUG_WOLFSSL_BENCHMARK_TIMING
Turn on timer debugging (used when CPU cycles not available)
#define WOLFSSL_BENCHMARK_TIMER_DEBUG
*/
/* Pause in a loop rather than exit. */
@ -396,8 +609,9 @@
** [Z = X * Y mod M] in esp_mp_mulmod() */
/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#define WOLFSSL_PUBLIC_MP /* used by benchmark */
#define USE_CERT_BUFFERS_2048
/* used by benchmark: */
#define WOLFSSL_PUBLIC_MP
/* when turning on ECC508 / ECC608 support
#define WOLFSSL_ESPWROOM32SE
@ -406,12 +620,75 @@
#define ATCA_WOLFSSL
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
/***************************** Certificate Macros *****************************
*
* The section below defines macros used in typically all of the wolfSSL
* examples such as the client and server for certs stored in header files.
*
* There are various certificate examples in this header file:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* To use the sets of macros below, define *one* of these:
*
* USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1
* USE_CERT_BUFFERS_2048 - RSA 2048 bit encoded ASN1
* WOLFSSL_SM[2,3,4] - SM Ciphers
*
* For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this
* wolfSSL function for the `ca_cert_der_2048` buffer, size and types:
*
* ret = wolfSSL_CTX_load_verify_buffer(ctx,
* CTX_CA_CERT,
* CTX_CA_CERT_SIZE,
* CTX_CA_CERT_TYPE);
*
* See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer
*
* In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as
* defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference
* array size and cert type respectively.
*
* Similarly for loading the private client key:
*
* ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
* CTX_CLIENT_KEY,
* CTX_CLIENT_KEY_SIZE,
* CTX_CLIENT_KEY_TYPE);
*
* see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer
*
* Similarly, the other macros are for server certificates and keys:
* `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available.
*
* The certificate and key names are typically `static const unsigned char`
* arrays. The [NAME]_size are typically `sizeof([array name])`, and the types
* are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM).
*
* See `SSL_FILETYPE_[name]` in
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h
*
* See Abstract Syntax Notation One (ASN.1) in:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h
*
* Optional SM4 Ciphers:
*
* Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet
* be available. See:
* https://github.com/wolfSSL/wolfssl/pull/6825
* https://github.com/wolfSSL/wolfsm
*
* Uncomment these 3 macros to enable the SM Ciphers and use the macros below.
*/
/*
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
/* Conditional macros used in wolfSSL TLS client and server examples */
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
#include <wolfssl/certs_test_sm.h>
#define CTX_CA_CERT root_sm2
@ -427,24 +704,49 @@
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16
#else
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#endif
#if defined(USE_CERT_BUFFERS_2048)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
/* See settings.h for some of the possible hardening options:
*
* #define NO_ESPIDF_DEFAULT
* #define WC_NO_CACHE_RESISTANT
* #define WC_AES_BITSLICED
* #define HAVE_AES_ECB
* #define HAVE_AES_DIRECT
*/
#define CTX_SERVER_CERT server_cert_der_2048
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_2048
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_2048
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_2048
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
#define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_CERT client_cert_der_1024
#define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024
#define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_CLIENT_KEY client_key_der_1024
#define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_1024
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_CERT server_cert_der_1024
#define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024
#define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
#define CTX_SERVER_KEY server_key_der_1024
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#else
/* Optionally define custom cert arrays, sizes, and types here */
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#endif
#endif /* Conditional key and cert constant names */

79
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
View File

@ -3,78 +3,7 @@
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(COMPONENT_SRCS "main.c")
# when using time helper:
# set(COMPONENT_SRCS "main.c" "time_helper.c")
set(COMPONENT_ADD_INCLUDEDIRS ".")
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
# wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
message(STATUS "")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
idf_component_register(SRCS main.c
INCLUDE_DIRS "."
"./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
#
# Save the THIS_VAR as a string in a macro called VAR_OUPUT
#
# VAR_OUPUT: the name of the macro to define
# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
#
function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
# is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
# if we had a successful operation, save the THIS_VAR in VAR_OUPUT
if(${IS_VALID_VALUE})
# strip newline chars in THIS_VAR parameter and save in VAR_VALUE
string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
# we'll could percolate the value to the parent for possible later use
# set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
# but we're only using it here in this function
set(${VAR_OUPUT} ${VAR_VALUE})
# we'll print what we found to the console
message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
# the interesting part is defining the VAR_OUPUT name a value to use in the app
add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
else()
# if we get here, check the execute_process command and parameters.
message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
set(${VAR_OUPUT} "Unknown")
endif()
endfunction() # LIBWOLFSSL_SAVE_INFO
if(NOT CMAKE_BUILD_EARLY_EXPANSION)
# LIBWOLFSSL_VERSION_GIT_HASH
execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_SHORT_HASH
execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH_DATE
execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
endif()
message(STATUS "")
idf_component_register(SRCS
"main.c"
INCLUDE_DIRS
".")

10
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
View File

@ -1,3 +1,9 @@
#
# Main Makefile. This is basically the same as a component makefile.
#
# Main component makefile.
#
# This Makefile can be left empty. By default, it will take the sources in the
# src/ directory, compile them and link them into lib(subdirectory_name).a
# in the build directory. This behavior is entirely configurable,
# please read the ESP-IDF documents if you need to do this.
#
# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)

2
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
View File

@ -1,6 +1,6 @@
/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

32
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
View File

@ -1,32 +0,0 @@
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _TIME_HELPER_H
#ifdef __cplusplus
extern "C" {
#endif
int set_time(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef _TIME_HELPER_H */

139
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -24,22 +24,43 @@
#include "sdkconfig.h"
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user settings. Check components/wolfssl/include"
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#ifdef WOLFSSL_USER_SETTINGS
#include <wolfssl/wolfcrypt/settings.h>
#ifndef WOLFSSL_ESPIDF
#warning "Problem with wolfSSL user_settings."
#warning "Check components/wolfssl/include"
#endif
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#include "driver/uart.h"
/* set to 0 for one benchmark,
** set to 1 for continuous benchmark loop */
/* set to 0 for one test,
** set to 1 for continuous test loop */
#define TEST_LOOP 0
#define THIS_MONITOR_UART_RX_BUFFER_SIZE 200
#ifdef CONFIG_ESP8266_XTAL_FREQ_26
/* 26MHz crystal: 74880 bps */
#define THIS_MONITOR_UART_BAUD_DATE 74880
#else
/* 40MHz crystal: 115200 bps */
#define THIS_MONITOR_UART_BAUD_DATE 115200
#endif
/*
** the wolfssl component can be installed in either:
**
@ -55,13 +76,9 @@
/*
** although the wolfcrypt/test includes a default time setting,
** see the enclosed optional time helper for adding NNTP.
** be sure to add "time_helper.c" in main/CMakeLists.txt
*/
** see wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h */
#undef WOLFSSL_USE_TIME_HELPER
#if defined(WOLFSSL_USE_TIME_HELPER)
#include "time_helper.h" */
#endif
/* see wolfssl/wolfcrypt/test/test.h */
extern void wolf_crypt_task();
@ -132,14 +149,36 @@ void my_atmel_free(int slotId)
/* entry point */
void app_main(void)
{
int stack_start = 0;
uart_config_t uart_config = {
.baud_rate = THIS_MONITOR_UART_BAUD_DATE,
.data_bits = UART_DATA_8_BITS,
.parity = UART_PARITY_DISABLE,
.stop_bits = UART_STOP_BITS_1,
};
esp_err_t ret = 0;
wc_ptr_t stack_start = esp_sdk_stack_pointer();
/* uart_set_pin(UART_NUM_0, TX_PIN, RX_PIN,
* UART_PIN_NO_CHANGE, UART_PIN_NO_CHANGE); */
/* Some targets may need to have UART speed set. TODO: which? */
ESP_LOGI(TAG, "UART init");
uart_param_config(UART_NUM_0, &uart_config);
uart_driver_install(UART_NUM_0,
THIS_MONITOR_UART_RX_BUFFER_SIZE, 0, 0, NULL, 0);
ESP_LOGI(TAG, "------------------ wolfSSL Test Example ----------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "Stack Start: 0x%x", stack_start);
#ifdef WOLFSSL_ESP_NO_WATCHDOG
ESP_LOGW(TAG, "Found WOLFSSL_ESP_NO_WATCHDOG, disabling...");
esp_DisableWatchdog();
#endif
#ifdef ESP_TASK_MAIN_STACK
ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
@ -166,51 +205,9 @@ void app_main(void)
esp_ShowExtendedSystemInfo();
#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
#if defined(CONFIG_IDF_TARGET_ESP32)
ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
/* not available for other platformas at this time */
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
/* check to see if we are using hardware encryption
* TODO: move this to esp_util.c */
#if defined(NO_ESP32_CRYPT)
ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
#else
#if defined(CONFIG_IDF_TARGET_ESP32C2)
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-C2.");
#elif defined(CONFIG_IDF_TARGET_ESP32C3)
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-C3.");
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S2.");
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S3.");
#else
ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
#endif
#endif
#if defined (WOLFSSL_USE_TIME_HELPER)
set_time();
#endif
@ -256,19 +253,10 @@ void app_main(void)
** This is called at the end of wolf_test_task();
*/
if (ret == 0) {
ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", ret);
}
else {
ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", ret);
/* see wolfssl/wolfcrypt/error-crypt.h */
}
#if defined(DEBUG_WOLFSSL) && !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
#if defined(DEBUG_WOLFSSL) && defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
esp_hw_show_mp_metrics();
#endif
/* after the test, we'll just wait */
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
@ -276,7 +264,14 @@ void app_main(void)
- (uxTaskGetStackHighWaterMark(NULL)));
#endif
#ifdef WOLFSSL_ESPIDF_EXIT_MESSAGE
#ifdef WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE
if (ret == 0) {
ESP_LOGI(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Success!", ret));
}
else {
ESP_LOGE(TAG, WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE("Failed!", ret));
}
#elif defined(WOLFSSL_ESPIDF_EXIT_MESSAGE)
ESP_LOGI(TAG, WOLFSSL_ESPIDF_EXIT_MESSAGE);
#else
ESP_LOGI(TAG, "\n\nDone!\n\n"

120
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
View File

@ -1,120 +0,0 @@
/* time_helper.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <string.h>
#include <lwip/apps/sntp.h>
#include "sdkconfig.h"
#include "esp_log.h"
#include "time_helper.h"
const static char* TAG = "Time Helper";
#define TIME_ZONE "PST-8"
/* NELEMS(x) number of elements
* To determine the number of elements in the array, we can divide the total size of
* the array by the size of the array element
* See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
**/
#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
#define NTP_SERVER_LIST ( (char*[]) { \
"pool.ntp.org", \
"time.nist.gov", \
"utcnist.colorado.edu" \
} \
)
/* #define NTP_SERVER_COUNT using NELEMS:
*
* (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
*/
#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
/* our NTP server list is global info */
extern char* ntpServerList[NTP_SERVER_COUNT];
int set_time(void)
{
/* we'll also return a result code of zero */
int res = 0;
int i = 0; /* counter for time servers */
time_t interim_time;
/* ideally, we'd like to set time from network,
* but let's set a default time, just in case */
struct tm timeinfo = {
.tm_year = 2022 - 1900,
.tm_mon = 11,
.tm_mday = 15,
.tm_hour = 3,
.tm_min = 25,
.tm_sec = 0
};
struct timeval now;
#ifndef NTP_SERVER_COUNT
#define NTP_SERVER_COUNT 0
char* ntpServerList[NTP_SERVER_COUNT];
#endif /* not defined: NTP_SERVER_COUNT */
#ifndef TIME_ZONE
#define TIME_ZONE "PST-8"
#endif /* not defined: TIME_ZONE */
/* set interim static time */
interim_time = mktime(&timeinfo);
now = (struct timeval){ .tv_sec = interim_time };
settimeofday(&now, NULL);
/* set timezone */
setenv("TZ", TIME_ZONE, 1);
tzset();
if (NTP_SERVER_COUNT) {
/* next, let's setup NTP time servers
*
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
*/
sntp_setoperatingmode(SNTP_OPMODE_POLL);
ESP_LOGI(TAG, "sntp_setservername:");
for (i = 0; i < NTP_SERVER_COUNT; i++) {
const char* thisServer = ntpServerList[i];
if (strncmp(thisServer, "\x00", 1) == 0) {
/* just in case we run out of NTP servers */
break;
}
ESP_LOGI(TAG, "%s", thisServer);
sntp_setservername(i, thisServer);
}
sntp_init();
ESP_LOGI(TAG, "sntp_init done.");
}
else {
ESP_LOGI(TAG, "No sntp time servers found.");
}
return res;
}

32
IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.h
View File

@ -1,32 +0,0 @@
#ifndef _TIME_HELPER_H
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef __cplusplus
extern "C" {
#endif
int set_time(void);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef _TIME_HELPER_H */

75
IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
View File

@ -1,41 +1,88 @@
# This tag is used to include this file in the ESP Component Registry:
# sdkconfig.defaults for ESP8266 + ESP32
# Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig.
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults
CONFIG_BENCH_ARGV="-lng 0"
CONFIG_FREERTOS_HZ=1000
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
#
# Default main stack size
# Default main stack size. See user_settings.h
#
# This is typically way bigger than needed for stack size. See user_settings.h
#
CONFIG_ESP_MAIN_TASK_STACK_SIZE=55000
# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
# Legacy stack size for older ESP-IDF versions
CONFIG_MAIN_TASK_STACK_SIZE=55000
CONFIG_MAIN_TASK_STACK_SIZE=10500
#
# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled
CONFIG_NEWLIB_NANO_FORMAT=n
#
# Watchdog Timers
#
# We don't want to have the watchdog timeout during tests
# We don't want to have the watchdog timeout during tests & benchmarks
#
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n
# Panic & Watchdog
CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000
CONFIG_ESP_TASK_WDT_EN=n
CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y
CONFIG_ESP_INT_WDT=n
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y
# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# Performance
# CONFIG_COMPILER_OPTIMIZATION_PERF=y
# Set max COU frequency (falls back as needed for lower maximum)
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
# FreeRTOS ticks at 1ms interval
CONFIG_FREERTOS_UNICORE=y
CONFIG_FREERTOS_HZ=1000
#
# Compiler options
#
CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
# CONFIG_COMPILER_OPTIMIZATION_SIZE is not set
# CONFIG_COMPILER_OPTIMIZATION_PERF is not set
# CONFIG_COMPILER_OPTIMIZATION_NONE is not set
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT is not set
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_DISABLE is not set
CONFIG_COMPILER_FLOAT_LIB_FROM_GCCLIB=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
# CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT is not set
CONFIG_COMPILER_HIDE_PATHS_MACROS=y
# CONFIG_COMPILER_CXX_EXCEPTIONS is not set
# CONFIG_COMPILER_CXX_RTTI is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_NONE is not set
CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
# CONFIG_COMPILER_STACK_CHECK_MODE_STRONG is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_ALL is not set
CONFIG_COMPILER_STACK_CHECK=y
# CONFIG_COMPILER_WARN_WRITE_STRINGS is not set
# CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS is not set
# CONFIG_COMPILER_DISABLE_GCC12_WARNINGS is not set
# CONFIG_COMPILER_DUMP_RTL_FILES is not set
# end of Compiler options
# minimum C3 chip revision known to work is 2.
# rev 0 and 1 not available for testing.
# all revisions expected to work.
CONFIG_ESP32C3_REV_MIN_0=
CONFIG_ESP32C3_REV_MIN_1=
# We don't know that the min is actually v2,
# but this is the earliest tested.
CONFIG_ESP32C3_REV_MIN_2=y
CONFIG_ESP32C3_REV_MIN_3=
#
# Partition Table

67
IDE/Espressif/ESP-IDF/examples/wolfssl_test/testAll.sh Normal file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#
# testAll.sh [keyword suffix]
#
# Build and compile the wolfssl_test for all platforms.
#
# Supply optional keyword suffix value for log file names.
#
# See testMonitor.sh for USB port settings.
#
# Define ESPIDF_PUTTY_MONITOR to a non-blank value to call putty.
# instead of using `idf.py monitor`
#==============================================================================
# Run shell check to ensure this a good script.
shellcheck "$0"
# Save the current PATH to a temporary variable
ORIGINAL_PATH="$PATH"
export ESPIDF_PUTTY_MONITOR="TRUE"
THIS_SUFFIX="$1"
# Clear IDF path to ensure it is set by export.sh
IDF_PATH=
# set the path for this workspace IDF path (where export.sh is located)
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
echo "Run ESP32 export.sh from ${WRK_IDF_PATH}"
# shell check should not follow into the ESP-IDF export.sh
# shellcheck disable=SC1091
. "${WRK_IDF_PATH}"/export.sh
echo "IDF_PATH = $IDF_PATH"
./testMonitor.sh wolfssl_test esp32 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c3 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32c6 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32s2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32s3 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp32h2 "$THIS_SUFFIX" || exit 1
./testMonitor.sh wolfssl_test esp8684 "$THIS_SUFFIX" || exit 1
# ESP8266 uses a different toolchain
# Restore the original PATH
export PATH=$ORIGINAL_PATH
IDF_PATH=
WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4
echo "Run ESP8266 export.sh from ${WRK_IDF_PATH}"
# shell check should not follow into the ESP-IDF export.sh
# shellcheck disable=SC1091
. "$WRK_IDF_PATH"/export.sh
echo "IDF_PATH = $IDF_PATH"
./testMonitor.sh wolfssl_test esp8266 PR || exit 1
# Restore the original PATH
export PATH=$ORIGINAL_PATH
echo "Done!"

227
IDE/Espressif/ESP-IDF/examples/wolfssl_test/testMonitor.sh Normal file
View File

@ -0,0 +1,227 @@
#!/bin/bash
#
# Syntax:
# ./testMonitor.sh <example_name> <target> <keyword>
#
# Example:
#
# ./testMonitor.sh wolfssl_test esp32c6 WIP
#
# Define ESPIDF_PUTTY_MONITOR to a non-blank value to call putty
# instead of using `idf.py monitor`
#========================================================================================
# Run shell check to ensure this a good script.
shellcheck "$0"
PUTTY_EXE="/mnt/c/tools/putty.exe"
THIS_HOME_DIR="$(pwd)"
# export WOLFSSL_ESPIDF="/mnt/c/workspace/wolfssl-master/IDE/Espressif/ESP-IDF/examples"
# the first parameter is expected to be a project name in the WOLFSSL_ESPIDF directory.
if [ $# -lt 3 ]; then
echo "Usage: $0 <example_name> <target> <keyword>"
exit 1
else
THIS_EXAMPLE="$1"
# pushd "${WOLFSSL_ESPIDF}" || exit 1
# pushd "./${THIS_EXAMPLE}" || exit 1
THIS_TARGET="$2"
THIS_KEYWORD="$3"
fi
echo "testMonitor current path:"
pwd
#ESP32c2 monitor is 78800
# These are the WSL Serial Ports for each respective ESP32 SoC Device.
# Unfortunately they are currently hard coded and computer-specific.
esp32_PORT="/dev/ttyS9"
esp32c2_PORT="/dev/ttyS79"
esp32c3_PORT="/dev/ttyS35"
esp32c6_PORT="/dev/ttyS36"
esp32h2_PORT="/dev/ttyS31"
esp32s2_PORT="/dev/ttyS30"
esp32s3_PORT="/dev/ttyS24"
esp8266_PORT="/dev/ttyS70"
esp8684_PORT="/dev/ttyS49"
# esp32c2_PORT="/dev/ttyS49" #8684
# Load putty profiles. Note profiles names need to have been previously
# defined and saved in putty! These are the saved sessions in putty:
esp32_PUTTY="COM9"
esp32c2_PUTTY="COM79 - ESP32-C2 74880"
esp32c3_PUTTY="COM35"
esp32c6_PUTTY="COM36"
esp32h2_PUTTY="COM31"
esp32s2_PUTTY="COM30"
esp32s3_PUTTY="COM24"
esp8684_PUTTY="COM49"
esp8266_PUTTY="COM70 - 74880"
echo "esp32_PORT: $esp32_PORT"
echo "esp32c2_PORT: $esp32c2_PORT"
echo "esp32c3_PORT: $esp32c3_PORT"
echo "esp32c6_PORT: $esp32c6_PORT"
echo "esp32s2_PORT: $esp32s2_PORT"
echo "esp32s3_PORT: $esp32s3_PORT"
echo "esp32h2_PORT: $esp32h2_PORT"
echo "esp8266_PORT: $esp8266_PORT"
echo "esp8684_PORT: $esp8684_PORT"
# given a THIS_TARGET, assign THIS_TARGET_PORT to the respective port.
THIS_TARGET_PORT="${THIS_TARGET}_PORT"
# Check that THIS_TARGET_PORT is defined.
if [ -z "$THIS_TARGET_PORT" ]; then
echo "Error: No port defined for ${THIS_TARGET}"
exit 1
else
echo "THIS_TARGET_PORT=${THIS_TARGET_PORT}"
fi
THIS_TARGET_PORT="${!THIS_TARGET_PORT}"
echo THIS_TARGET_PORT="${THIS_TARGET_PORT}"
# The use of putty is optional
THIS_TARGET_PUTTY="${THIS_TARGET}_PUTTY"
if [ -z "$ESPIDF_PUTTY_MONITOR" ]; then
echo "Using ESP-IDF monitor"
else
# Check that THIS_TARGET_PUTTY is defined.
echo ""
echo "Using saved putty profile session names:"
echo "esp32_PUTTY: $esp32_PUTTY"
echo "esp32c2_PUTTY: $esp32c2_PUTTY"
echo "esp32c3_PUTTY: $esp32c3_PUTTY"
echo "esp32c6_PUTTY: $esp32c6_PUTTY"
echo "esp32s2_PUTTY: $esp32s2_PUTTY"
echo "esp32s3_PUTTY: $esp32s3_PUTTY"
echo "esp32h2_PUTTY: $esp32h2_PUTTY"
echo "esp8684_PUTTY: $esp8684_PUTTY"
echo "esp8266_PUTTY: $esp8266_PUTTY"
echo ""
if [ -z "$THIS_TARGET_PUTTY" ]; then
echo "Error: No putty profile defined for ${THIS_TARGET}"
exit 1
else
echo "THIS_TARGET_PUTTY=${THIS_TARGET_PUTTY}"
fi
THIS_TARGET_PUTTY="${!THIS_TARGET_PUTTY}"
echo THIS_TARGET_PUTTY="${THIS_TARGET_PUTTY}"
fi
if [[ "$THIS_TARGET" == "esp8684" ]]; then
echo "Treating esp8684 like an esp32c2"
THIS_TARGET=esp32c2
fi
# Assemble some log file names.
echo ""
BUILD_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_build_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
FLASH_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_flash_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
THIS_LOG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_output_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
THIS_CFG="${THIS_HOME_DIR}/logs/${THIS_EXAMPLE}_user_settings_IDF_v5.1_${THIS_TARGET}_${THIS_KEYWORD}.txt"
# cp ./components/wolfssl/include/user_settings.h "${THIS_CFG}"
echo "BUILD_LOG = ${BUILD_LOG}"
echo "FLASH_LOG = ${FLASH_LOG}"
echo "THIS_LOG = ${THIS_LOG}"
echo "THIS_CFG = ${THIS_CFG}"
if [[ "$THIS_TARGET" == "esp8266" ]]; then
# idf.py for the ESP8266 does not support --version
echo "ESP8266 using $IDF_PATH"
else
idf.py --version > "${BUILD_LOG}" 2>&1
fi
echo "Full clean for $THIS_TARGET..."
#---------------------------------------------------------------------
idf.py fullclean >> "${BUILD_LOG}" 2>&1
THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then
echo ""
echo "Error during fullclean. Deleting build directory."
rm -rf ./build
fi
#---------------------------------------------------------------------
if [[ "$THIS_TARGET" == "esp8266" ]]; then
#always start with a fresh sdkconfig-debug (or sdkconfig-release) from defaults
rm -f ./sdkconfig-debug
rm -f ./sdkconfig-release
# idf.py for the ESP8266 does not support --set-target
echo "Target is $THIS_TARGET"
# Since we don't "set-target" for the ESP8266, ensure the sdkconfig is not present
rm -f ./sdkconfig
else
# Start with fresh sdkconfig
rm -f ./sdkconfig
# ESP8266 debug and release files not used for non-ESP8266 targets here,delete anyhow:
rm -f ./sdkconfig-debug
rm -f ./sdkconfig-release
echo "idf.py set-target $THIS_TARGET"
idf.py "set-target" "$THIS_TARGET" >> "${BUILD_LOG}" 2>&1
THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then
echo ""
echo "Error during set-target"
exit 1
fi
fi
#---------------------------------------------------------------------
echo ""
echo "Build $THIS_TARGET..."
echo "idf.py build"
idf.py build >> "${BUILD_LOG}" 2>&1
THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then
echo ""
echo "Error during build for $THIS_TARGET"
echo ""
echo ""
exit 1
fi
#---------------------------------------------------------------------
echo ""
echo "Flash $THIS_TARGET..."
echo "idf.py flash -p ${THIS_TARGET_PORT} -b 115200"
idf.py flash -p "${THIS_TARGET_PORT}" -b 115200 2>&1 | tee -a "${FLASH_LOG}"
THIS_ERROR_CODE=$?
if [ $THIS_ERROR_CODE -ne 0 ]; then
echo ""
echo "Error during flash"
exit 1
fi
# popd || exit 1
# popd || exit 1
# Note both of the options spawn a separate process:
if [ -z "$ESPIDF_PUTTY_MONITOR" ]; then
echo "Monitor..."
echo ./wolfssl_monitor.py --port "${THIS_TARGET_PORT}" --baudrate 115200 --logfile "${THIS_LOG}"
./wolfssl_monitor.py --port "${THIS_TARGET_PORT}" --baudrate 115200 --logfile "${THIS_LOG}" &
else
echo "Calling putty..."
echo "$PUTTY_EXE -load \"$THIS_TARGET_PUTTY\""
$PUTTY_EXE -load "$THIS_TARGET_PUTTY" &
fi

292
IDE/Espressif/ESP-IDF/examples/wolfssl_test/wolfssl_test_ESP8266.vgdbproj Normal file
View File

@ -0,0 +1,292 @@
<?xml version="1.0"?>
<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
<PathStyle>Unknown</PathStyle>
</CustomSourceDirectories>
<AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
<ProjectModeSettings>
<ProjectGUID>c9687472-a434-43a7-9026-7914f425b9b4</ProjectGUID>
<GroupSourcesByTypes>true</GroupSourcesByTypes>
<GroupSourcesByPaths>true</GroupSourcesByPaths>
<HeaderScanMode>SourceDirs</HeaderScanMode>
</ProjectModeSettings>
</Project>
<Build xsi:type="com.visualgdb.build.external.esp-idf">
<BuildLogMode xsi:nil="true" />
<ToolchainID>
<ID>com.visualgdb.xtensa-lx106-elf</ID>
<Version>
<GCC>8.4.0</GCC>
<GDB>8.1</GDB>
<Revision>1</Revision>
</Version>
</ToolchainID>
<IDFCheckout>
<Version>release/v3.4</Version>
<Subdirectory>rtos-sdk/v3.4</Subdirectory>
<Type>RTOS_SDK</Type>
</IDFCheckout>
<BuildThreadCount>0</BuildThreadCount>
</Build>
<CustomBuild>
<PreSyncActions />
<PreBuildActions />
<PostBuildActions />
<PreCleanActions />
<PostCleanActions />
</CustomBuild>
<CustomDebug>
<PreDebugActions />
<PostDebugActions />
<DebugStopActions />
<BreakMode>Default</BreakMode>
<CustomBreakCommand>
<SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
<RemoteHost>
<HostName>BuildMachine</HostName>
<Transport>BuiltinShortcut</Transport>
</RemoteHost>
<BackgroundMode xsi:nil="true" />
</CustomBreakCommand>
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
<ComPortName>COM80</ComPortName>
<AdvancedSettings>
<BaudRate>74880</BaudRate>
<DataBits>8</DataBits>
<Parity>None</Parity>
<StopBits>One</StopBits>
<FlowControl>None</FlowControl>
</AdvancedSettings>
</Connection>
<LastConnectionTime>0</LastConnectionTime>
<EchoTypedCharacters>false</EchoTypedCharacters>
<ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
<ReconnectAutomatically>false</ReconnectAutomatically>
<DisplayMode>ASCII</DisplayMode>
<Colors>
<Background>
<Alpha>255</Alpha>
<Red>0</Red>
<Green>0</Green>
<Blue>0</Blue>
</Background>
<Disconnected>
<Alpha>255</Alpha>
<Red>169</Red>
<Green>169</Green>
<Blue>169</Blue>
</Disconnected>
<Text>
<Alpha>255</Alpha>
<Red>211</Red>
<Green>211</Green>
<Blue>211</Blue>
</Text>
<Echo>
<Alpha>255</Alpha>
<Red>144</Red>
<Green>238</Green>
<Blue>144</Blue>
</Echo>
<Inactive>
<Alpha>255</Alpha>
<Red>169</Red>
<Green>169</Green>
<Blue>169</Blue>
</Inactive>
</Colors>
<HexSettings>
<MaximumBytesPerLine>16</MaximumBytesPerLine>
<ShowTextView>true</ShowTextView>
<BreaksAroundEcho>true</BreaksAroundEcho>
<AutoSend>true</AutoSend>
<SendAsHex>true</SendAsHex>
<TimeoutForAutoBreak>0</TimeoutForAutoBreak>
</HexSettings>
<LineEnding>LF</LineEnding>
<TreatLFAsCRLF>false</TreatLFAsCRLF>
<KeepOpenAfterExit>false</KeepOpenAfterExit>
<ShowAfterProgramming>true</ShowAfterProgramming>
</DeviceTerminalSettings>
<CustomShortcuts>
<Shortcuts />
<ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
</CustomShortcuts>
<UserDefinedVariables />
<ImportedPropertySheets />
<CodeSense>
<Enabled>True</Enabled>
<ExtraSettings>
<HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
<SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
<DiscoverySettings>
<Mode>Enabled</Mode>
<SearchInProjectDir>true</SearchInProjectDir>
<SearchInSourceDirs>true</SearchInSourceDirs>
<SearchInIncludeSubdirs>true</SearchInIncludeSubdirs>
</DiscoverySettings>
<CheckForClangFormatFiles>true</CheckForClangFormatFiles>
<FormattingEngine xsi:nil="true" />
</ExtraSettings>
<CodeAnalyzerSettings>
<Enabled>false</Enabled>
<SelectedAnalyzers>
<string>apiModeling.google.GTest</string>
<string>core.builtin.BuiltinFunctions</string>
<string>core.builtin.NoReturnFunctions</string>
<string>core.CallAndMessage</string>
<string>core.DivideZero</string>
<string>core.DynamicTypePropagation</string>
<string>core.NonnilStringConstants</string>
<string>core.NonNullParamChecker</string>
<string>core.NullDereference</string>
<string>core.StackAddressEscape</string>
<string>core.UndefinedBinaryOperatorResult</string>
<string>core.uninitialized.ArraySubscript</string>
<string>core.uninitialized.Assign</string>
<string>core.uninitialized.Branch</string>
<string>core.uninitialized.CapturedBlockVariable</string>
<string>core.uninitialized.UndefReturn</string>
<string>core.VLASize</string>
<string>cplusplus.NewDelete</string>
<string>cplusplus.NewDeleteLeaks</string>
<string>cplusplus.SelfAssignment</string>
<string>deadcode.DeadStores</string>
<string>nullability.NullPassedToNonnull</string>
<string>nullability.NullReturnedFromNonnull</string>
<string>security.insecureAPI.getpw</string>
<string>security.insecureAPI.gets</string>
<string>security.insecureAPI.mkstemp</string>
<string>security.insecureAPI.mktemp</string>
<string>security.insecureAPI.UncheckedReturn</string>
<string>security.insecureAPI.vfork</string>
<string>unix.API</string>
<string>unix.cstring.BadSizeArg</string>
<string>unix.cstring.NullArg</string>
<string>unix.Malloc</string>
<string>unix.MallocSizeof</string>
<string>unix.MismatchedDeallocator</string>
<string>unix.StdCLibraryFunctions</string>
<string>unix.Vfork</string>
</SelectedAnalyzers>
<ExtraArguments>
<string>-analyzer-store=region</string>
<string>-analyzer-opt-analyze-nested-blocks</string>
<string>-analyzer-eagerly-assume</string>
</ExtraArguments>
</CodeAnalyzerSettings>
</CodeSense>
<Configurations>
<VisualGDBConfiguration>
<Name>Debug</Name>
<BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.extension">
<OutputSubdirectory>build/Debug</OutputSubdirectory>
<SDKConfigFile>sdkconfig-debug</SDKConfigFile>
<EnableVerboseBuild>false</EnableVerboseBuild>
</BuildSettingsExtension>
</VisualGDBConfiguration>
<VisualGDBConfiguration>
<Name>Release</Name>
<BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.extension">
<OutputSubdirectory>build/Release</OutputSubdirectory>
<SDKConfigFile>sdkconfig-release</SDKConfigFile>
<EnableVerboseBuild>false</EnableVerboseBuild>
</BuildSettingsExtension>
</VisualGDBConfiguration>
</Configurations>
<ProgramArgumentsSuggestions />
<Debug xsi:type="com.visualgdb.debug.embedded">
<AdditionalStartupCommands>
<GDBPreStartupCommands />
<GDBStartupCommands />
<GDBFinalizationCommands />
</AdditionalStartupCommands>
<AdditionalGDBSettings>
<Features>
<DisableAutoDetection>false</DisableAutoDetection>
<UseFrameParameter>false</UseFrameParameter>
<SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
<ListLocalsSupported>false</ListLocalsSupported>
<ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
<ThreadInfoSupported>false</ThreadInfoSupported>
<PendingBreakpointsSupported>false</PendingBreakpointsSupported>
<SupportTargetCommand>false</SupportTargetCommand>
<ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
</Features>
<EnableSmartStepping>false</EnableSmartStepping>
<FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
<ForceSingleThreadedMode>false</ForceSingleThreadedMode>
<UseAppleExtensions>false</UseAppleExtensions>
<CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
<MakeLogFile>false</MakeLogFile>
<IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
<UseRelativePathsOnly>false</UseRelativePathsOnly>
<ExitAction>None</ExitAction>
<DisableDisassembly>false</DisableDisassembly>
<ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
<StepIntoNewInstanceEntry />
<ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
<DisableSignals>false</DisableSignals>
<EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
<AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
<TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
<EnableNonStopMode>false</EnableNonStopMode>
<MaxBreakpointLimit>0</MaxBreakpointLimit>
<EnableVerboseMode>true</EnableVerboseMode>
<EnablePrettyPrinters>false</EnablePrettyPrinters>
</AdditionalGDBSettings>
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp8266">
<CommandLine>-f interface/ftdi/tigard.cfg -f target/esp8266.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />
<ConnectUnderReset>false</ConnectUnderReset>
</ExtraParameters>
<LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
<ProgramMode>Enabled</ProgramMode>
<StartupCommands>
<string>set remotetimeout 60</string>
<string>target remote :$$SYS:GDB_PORT$$</string>
<string>mon reset halt</string>
<string>load</string>
<string>mon xtensa_no_interrupts_during_steps on</string>
<string>mon esp8266_autofeed_watchdog on</string>
</StartupCommands>
<ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
<PreferredGDBPort>0</PreferredGDBPort>
<PreferredTelnetPort>0</PreferredTelnetPort>
<AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
<SelectedCoreIndex xsi:nil="true" />
<SuggestionLogicRevision>0</SuggestionLogicRevision>
<ResetMode>Soft</ResetMode>
<ProgramSectorSize>4096</ProgramSectorSize>
<EraseSectorSize>4096</EraseSectorSize>
<FLASHSettings>
<Size>size4M</Size>
<Frequency>freq40M</Frequency>
<Mode>QIO</Mode>
</FLASHSettings>
</Configuration>
</DebugMethod>
<AutoDetectRTOS>true</AutoDetectRTOS>
<SemihostingSupport>Disabled</SemihostingSupport>
<SemihostingPollingDelay>0</SemihostingPollingDelay>
<StepIntoEntryPoint>false</StepIntoEntryPoint>
<ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
<ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
<StopAtEntryPoint>false</StopAtEntryPoint>
<EnableVirtualHalts>false</EnableVirtualHalts>
<DynamicAnalysisSettings />
<EndOfStackSymbol>_estack</EndOfStackSymbol>
<TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
<KeepConsoleAfterExit>false</KeepConsoleAfterExit>
<UnusedStackFillPattern xsi:nil="true" />
<CheckInterfaceDrivers>true</CheckInterfaceDrivers>
</Debug>
</VisualGDBProjectSettings2>

2
IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/time_helper.c
View File

@ -1,6 +1,6 @@
/* time_helper.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/time_helper.h
View File

@ -1,6 +1,6 @@
#ifndef _TIME_HELPER_H
/*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/Espressif/ESP-IDF/libs/component.mk
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2023 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#

2
IDE/Espressif/ESP-IDF/user_settings.h
View File

@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

7
IDE/Espressif/include.am
View File

@ -133,6 +133,9 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_ser
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
# wolfSSL Test
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/testAll.sh
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/testMonitor.sh
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main
@ -151,11 +154,9 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/wolfssl_test_ESP8266.vgdbproj
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32C3.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32C6.sln

129
wolfcrypt/benchmark/benchmark.c
View File

@ -1,6 +1,6 @@
/* benchmark.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -53,6 +53,8 @@
* Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
* DEBUG_WOLFSSL_BENCHMARK_TIMING
*
* Turn on timer debugging (used when CPU cycles not available)
* WOLFSSL_BENCHMARK_TIMER_DEBUG
*/
#ifdef HAVE_CONFIG_H
@ -310,16 +312,36 @@
#endif /* WOLFSSL_NO_FLOAT_FMT */
#ifdef WOLFSSL_ESPIDF
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
/* Benchmark uses 64 bit integer formatting support. When new nanolib is
* enabled, all if the values in report are blank. */
#ifdef CONFIG_NEWLIB_NANO_FORMAT
#if CONFIG_NEWLIB_NANO_FORMAT == 1
#error "Nano newlib fomatting must not be enabled for benchmark"
#endif
#endif
#ifdef configTICK_RATE_HZ
/* Define CPU clock cycles per tick of FreeRTOS clock
* CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ is typically a value like 240
* configTICK_RATE_HZ is typically 100 or 1000.
**/
#if defined(CONFIG_IDF_TARGET_ESP8266)
#ifndef CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
#define CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ \
CONFIG_ESP8266_DEFAULT_CPU_FREQ_MHZ
#endif
#ifndef CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
#define CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ configCPU_CLOCK_HZ
#endif
#endif
#define CPU_TICK_CYCLES ( \
(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE) \
/ configTICK_RATE_HZ \
)
#endif
#endif /* WOLFSSL_ESPIDF configTICK_RATE_HZ */
#if defined(CONFIG_IDF_TARGET_ESP32C2)
#include "driver/gptimer.h"
static gptimer_handle_t esp_gptimer = NULL;
@ -336,18 +358,24 @@
#define RESOLUTION_SCALE 100
static gptimer_handle_t esp_gptimer = NULL;
static gptimer_config_t esp_timer_config = {
.clk_src = GPTIMER_CLK_SRC_DEFAULT,
.direction = GPTIMER_COUNT_UP,
.resolution_hz = CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * (MILLION_VALUE / RESOLUTION_SCALE), /* CONFIG_XTAL_FREQ = 40, CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = 160 */
};
.clk_src = GPTIMER_CLK_SRC_DEFAULT,
.direction = GPTIMER_COUNT_UP,
/* CONFIG_XTAL_FREQ = 40,
* CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = 160 */
.resolution_hz = CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ *
(MILLION_VALUE / RESOLUTION_SCALE),
};
#endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
#elif defined(CONFIG_IDF_TARGET_ESP32) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
#include <xtensa/hal.h>
#elif defined(CONFIG_IDF_TARGET_ESP8266)
/* no CPU HAL for ESP8266, we'll use RTOS tick calc extimates */
#include <FreeRTOS.h>
#elif defined(CONFIG_IDF_TARGET_ESP32H2)
/* TODO add ESP32-H2 benchmark support */
#else
/* Other platform */
#endif
@ -1287,10 +1315,10 @@ static const char* bench_result_words3[][5] = {
/* TAG for ESP_LOGx() */
static const char* TAG = "wolfssl_benchmark";
static THREAD_LS_T word64 begin_cycles;
static THREAD_LS_T word64 begin_cycles_ticks;
static THREAD_LS_T word64 end_cycles;
static THREAD_LS_T word64 total_cycles;
static THREAD_LS_T word64 begin_cycles = 0;
static THREAD_LS_T word64 begin_cycles_ticks = 0;
static THREAD_LS_T word64 end_cycles = 0;
static THREAD_LS_T word64 total_cycles = 0;
/* the return value, as a global var */
static THREAD_LS_T word64 _esp_get_cycle_count_ex = 0;
@ -1382,19 +1410,20 @@ static const char* bench_result_words3[][5] = {
uint64_t thisIncrement = 0; /* The adjusted increment amount. */
uint64_t expected_diff = 0; /* FreeRTOS estimated expected CPU diff.*/
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
uint32_t tickCount = 0; /* Current rtos tick counter. */
uint32_t tickDiff = 0; /* Tick difference from last check. */
uint32_t tickBeginDiff = 0; /* Tick difference from beginning. */
uint64_t tickCount = 0; /* Currrent rtos tick counter. */
uint64_t tickDiff = 0; /* Tick difference from last check. */
uint64_t tickBeginDiff = 0; /* Tick difference from beginning. */
#endif
#ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
uint64_t thisTimerVal = 0; /* Timer Value as alternate to compare */
uint64_t diffDiff = 0; /* Difference between CPU & Timer differences:
* (current - last) */
#endif
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6)
#ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
uint64_t thisTimerVal = 0; /* Timer Value as alternate to compare */
uint64_t diffDiff = 0; /* Difference between CPU & Timer differences:
* (current - last) */
ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisTimerVal));
thisTimerVal = thisTimerVal * RESOLUTION_SCALE;
#endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
@ -1407,9 +1436,19 @@ static const char* bench_result_words3[][5] = {
/* TODO: Why doesn't esp_cpu_get_cycle_count work for Xtensa?
* Calling current_time(1) to reset time causes thisVal overflow,
* on Xtensa, but not on RISC-V architecture. See also, below */
#ifndef __XTENSA__
#if defined(CONFIG_IDF_TARGET_ESP8266) || (ESP_IDF_VERSION_MAJOR < 5)
#ifndef configCPU_CLOCK_HZ
/* esp_cpu_get_cycle_count not available in ESP-IDF v4 */
#define configCPU_CLOCK_HZ \
(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE)
#endif
/* There's no CPU counter on the ESP8266 (Tensilica). Using RTOS */
thisVal = (uint64_t)xTaskGetTickCount() *
(uint64_t)(configCPU_CLOCK_HZ / CONFIG_FREERTOS_HZ);
#elif defined(__XTENSA__)
thisVal = esp_cpu_get_cycle_count();
#else
/* Not Tensilica(ESP8266), not Xtensa(ESP32/-S2/-S3, then RISC-V */
thisVal = xthal_get_ccount(); /* or esp_cpu_get_cycle_count(); */
#endif
#endif
@ -1420,9 +1459,9 @@ static const char* bench_result_words3[][5] = {
tickDiff = tickCount - last_tickCount; /* ticks since bench start */
expected_diff = CPU_TICK_CYCLES * tickDiff; /* CPU expected count */
ESP_LOGV(TAG, "CPU_TICK_CYCLES = %d", (int)CPU_TICK_CYCLES);
ESP_LOGV(TAG, "tickCount = %lu", tickCount);
ESP_LOGV(TAG, "last_tickCount = %lu", last_tickCount);
ESP_LOGV(TAG, "tickDiff = %lu", tickDiff);
ESP_LOGV(TAG, "tickCount = %llu", tickCount);
ESP_LOGV(TAG, "last_tickCount = %u", last_tickCount);
ESP_LOGV(TAG, "tickDiff = %llu", tickDiff);
ESP_LOGV(TAG, "expected_diff1 = %llu", expected_diff);
}
#endif
@ -1446,10 +1485,13 @@ static const char* bench_result_words3[][5] = {
** overflow CPU tick count, all will be well.
*/
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
ESP_LOGW(TAG,
"Alert: Detected xthal_get_ccount overflow at %llu, "
"adding UINT_MAX.",
thisVal);
ESP_LOGW(TAG, "Alert: Detected xthal_get_ccount overflow at "
"(%llu < %llu) adding UINT_MAX = %llu.",
thisVal, _esp_cpu_count_last, (uint64_t) UINT_MAX);
#endif
#if !defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ) && \
!defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
#error "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ not found"
#endif
/* double check expected diff calc */
@ -1476,9 +1518,9 @@ static const char* bench_result_words3[][5] = {
tickBeginDiff = tickCount - begin_cycles_ticks;
ESP_LOGI(TAG, "begin_cycles_ticks = %llu", begin_cycles_ticks);
ESP_LOGI(TAG, "tickDiff = %lu", tickDiff);
ESP_LOGI(TAG, "tickDiff = %llu", tickDiff);
ESP_LOGI(TAG, "expected_diff = %llu", expected_diff);
ESP_LOGI(TAG, "tickBeginDiff = %lu", tickBeginDiff);
ESP_LOGI(TAG, "tickBeginDiff = %llu", tickBeginDiff);
ESP_LOGW(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
}
@ -1543,16 +1585,26 @@ static const char* bench_result_words3[][5] = {
* when resetting CPU cycle counter? FreeRTOS tick collision?
* thisVal = esp_cpu_get_cycle_count(); See also, above
* or thisVal = xthal_get_ccount(); */
#if ESP_IDF_VERSION_MAJOR < 5
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* There's no CPU counter on the ESP8266, so we'll estimate
* cycles based on defined CPU frequency from sdkconfig and
* the RTOS tick frequency */
_esp_cpu_count_last = (uint64_t)xTaskGetTickCount() *
(uint64_t)(configCPU_CLOCK_HZ / CONFIG_FREERTOS_HZ);
#elif ESP_IDF_VERSION_MAJOR < 5
_esp_cpu_count_last = xthal_get_ccount();
#else
_esp_cpu_count_last = esp_cpu_get_cycle_count();
#endif
#endif
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
ESP_LOGI(TAG, "_esp_cpu_count_last = %llu", _esp_cpu_count_last);
#endif
/* Return the 64 bit extended total from 32 bit counter. */
return _esp_get_cycle_count_ex;
}
} /* esp_get_cycle_count_ex for esp_get_cpu_benchmark_cycles() */
/* implement other architecture cycle counters here */
@ -2202,11 +2254,10 @@ static WC_INLINE int bench_stats_check(double start)
int ret = 0;
double this_current_time;
this_current_time = current_time(0); /* get the timestamp, no reset */
#if defined(DEBUG_WOLFSSL_BENCHMARK_TIMING)
#if (WOLFSSL_ESPIDF)
ESP_LOGI(TAG, "bench_stats_check Current time %f, start %f",
this_current_time, start );
#endif
#if defined(DEBUG_WOLFSSL_BENCHMARK_TIMING) && defined(WOLFSSL_ESPIDF)
ESP_LOGV(TAG, "bench_stats_check: Current time %f, start %f",
this_current_time, start );
#endif
ret = ((this_current_time - start) < BENCH_MIN_RUNTIME_SEC
@ -12867,9 +12918,9 @@ void bench_sphincsKeySign(byte level, byte optim)
typiclly in app_startup.c */
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
ESP_LOGV(TAG, "tickCount = %lu", tickCount);
ESP_LOGV(TAG, "tickCount = %d", tickCount);
if (tickCount == last_tickCount) {
ESP_LOGW(TAG, "last_tickCount unchanged? %lu", tickCount);
ESP_LOGW(TAG, "last_tickCount unchanged? %d", tickCount);
}
if (tickCount < last_tickCount) {
@ -12879,13 +12930,13 @@ void bench_sphincsKeySign(byte level, byte optim)
if (reset) {
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
ESP_LOGW(TAG, "Assign last_tickCount = %lu", tickCount);
ESP_LOGW(TAG, "Assign last_tickCount = %d", tickCount);
#endif
last_tickCount = tickCount;
}
else {
#ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
ESP_LOGW(TAG, "No Reset last_tickCount = %lu", tickCount);
ESP_LOGV(TAG, "No Reset last_tickCount = %d", tickCount);
#endif
}

3
wolfcrypt/src/include.am
View File

@ -117,6 +117,9 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/Espressif/esp32_sha.c \
wolfcrypt/src/port/Espressif/esp32_util.c \
wolfcrypt/src/port/Espressif/esp32_mp.c \
wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.c \
wolfcrypt/src/port/Espressif/esp_sdk_time_lib.c \
wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.c \
wolfcrypt/src/port/Espressif/README.md \
wolfcrypt/src/port/arm/cryptoCell.c \
wolfcrypt/src/port/arm/cryptoCellHash.c \

23
wolfcrypt/src/port/Espressif/README.md
View File

@ -70,6 +70,29 @@ To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe exa
static int __attribute__((section(".iram1"))) memblock_peek(volatile u_int32_t mem_address)
```
### VisualGDB
Each project example has a `VisuaGDB` directory with sample project files for [Sysprogs VisualGDB](https://visualgdb.com).
For installing multiple toolchains, see the [documentation](https://visualgdb.com/documentation/espidf/).
The library naming format used at wolfSSL:
```
HKEY_CURRENT_USER\Software\Sysprogs\GNUToolchains
```
| Registry String Value Name | Value Data |
| -------------------------------- |----------------------- |
| `SysGCC-xtensa-lx106-elf-8.4.0` | `C:\SysGCC\esp8266` |
| `SysGCC-xtensa-esp32-elf-8.4.0` | `C:\SysGCC\esp32-8.4` |
| `SysGCC-xtensa-esp32-elf-13.2.0` | `C:\SysGCC\esp32` |
| `SysGCC-xtensa-esp32-elf-12.4.0` | `C:\SysGCC\esp32-12.4` |
| `SysGCC-xtensa-esp32-elf-11.2.0` | `C:\SysGCC\esp32-11.2` |
Note the latest toolchain value is the default install name of `C:\SysGCC\esp32`.
### Benchmarks
w/ `USE_FAST_MATH` and `WOLFSSL_SMALL_STACK` options

2
wolfcrypt/src/port/Espressif/esp32_aes.c
View File

@ -1,6 +1,6 @@
/* esp32_aes.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
wolfcrypt/src/port/Espressif/esp32_mp.c
View File

@ -1,6 +1,6 @@
/* esp32_mp.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
wolfcrypt/src/port/Espressif/esp32_sha.c
View File

@ -1,6 +1,6 @@
/* esp32_sha.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

144
wolfcrypt/src/port/Espressif/esp32_util.c
View File

@ -1,6 +1,6 @@
/* esp32_util.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -36,6 +36,7 @@
#include <esp_err.h>
#if ESP_IDF_VERSION_MAJOR > 4
#include <hal/efuse_hal.h>
#include <rtc_wdt.h>
#endif
/* wolfSSL */
#include <wolfssl/wolfcrypt/wolfmath.h> /* needed to print MATH_INT_T value */
@ -118,7 +119,7 @@ int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
* call the ESP-IDF mutex UNlock; xSemaphoreGive
*
*/
int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
esp_err_t esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
if (mutex == NULL) {
WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
return BAD_MUTEX_E;
@ -151,6 +152,13 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
#if defined(WOLFSSL_ESPIDF)
static int ShowExtendedSystemInfo_platform_espressif(void)
{
#ifdef WOLFSSL_ESP_NO_WATCHDOG
ESP_LOGI(TAG, "Found WOLFSSL_ESP_NO_WATCHDOG");
#else
ESP_LOGW(TAG, "Watchdog active; "
"missing WOLFSSL_ESP_NO_WATCHDOG definition.");
#endif
#if defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
WOLFSSL_VERSION_PRINTF("CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ: %u MHz",
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ);
@ -219,8 +227,10 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
/* not supported at this time */
#endif
/* check to see if we are using hardware encryption */
#if defined(NO_ESP32_CRYPT)
/* check to see if we are using hardware encryption */
#if defined(CONFIG_IDF_TARGET_ESP8266)
WOLFSSL_VERSION_PRINTF("No HW acceleration on ESP8266.");
#elif defined(NO_ESP32_CRYPT)
WOLFSSL_VERSION_PRINTF("NO_ESP32_CRYPT defined! "
"HW acceleration DISABLED.");
#else
@ -246,7 +256,7 @@ static int ShowExtendedSystemInfo_platform_espressif(void)
#error "ESP32_CRYPT not yet supported on this IDF TARGET"
#endif
/* Even though enabled, some specifics may be disabled */
/* Even though enabled, some specifics may be disabled */
#if defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_HASH is defined!"
"(disabled HW SHA).");
@ -385,11 +395,11 @@ int esp_current_boot_count(void)
/* See macro helpers above; not_defined is macro name when *not* defined */
static int show_macro(char* s, char* not_defined)
{
char hd1[] = "Macro Name Defined Not Defined";
char hd2[] = "------------------------- --------- -------------";
char msg[] = "......................... ";
/* 012345678901234567890123456789012345678901234567890 */
/* 1 2 3 4 5 */
const char hd1[] = "Macro Name Defined Not Defined";
char hd2[] = "------------------------- --------- -------------";
char msg[] = "......................... ";
/* 012345678901234567890123456789012345678901234567890 */
/* 1 2 3 4 5 */
size_t i = 0;
#define MAX_STATUS_NAME_LENGTH 25
#define ESP_SMS_ENA_POS 30
@ -424,7 +434,7 @@ static int show_macro(char* s, char* not_defined)
}
/* Show some interesting settings */
int ShowExtendedSystemInfo_config(void)
esp_err_t ShowExtendedSystemInfo_config(void)
{
esp_ShowMacroStatus_need_header = 1;
@ -454,6 +464,7 @@ int ShowExtendedSystemInfo_config(void)
/* Optimizations */
show_macro("RSA_LOW_MEM", STR_IFNDEF(RSA_LOW_MEM));
show_macro("SMALL_SESSION_CACHE", STR_IFNDEF(SMALL_SESSION_CACHE));
/* Security Hardening */
show_macro("WC_NO_HARDEN", STR_IFNDEF(WC_NO_HARDEN));
@ -473,6 +484,8 @@ int ShowExtendedSystemInfo_config(void)
show_macro("WOLFSSL_AES_NO_UNROLL", STR_IFNDEF(WOLFSSL_AES_NO_UNROLL));
show_macro("TFM_TIMING_RESISTANT", STR_IFNDEF(TFM_TIMING_RESISTANT));
show_macro("ECC_TIMING_RESISTANT", STR_IFNDEF(ECC_TIMING_RESISTANT));
/* WC_RSA_BLINDING takes up additional space: */
show_macro("WC_RSA_BLINDING", STR_IFNDEF(WC_RSA_BLINDING));
show_macro("NO_WRITEV", STR_IFNDEF(NO_WRITEV));
@ -482,7 +495,7 @@ int ShowExtendedSystemInfo_config(void)
show_macro("WOLFSSL_NO_CURRDIR", STR_IFNDEF(WOLFSSL_NO_CURRDIR));
show_macro("WOLFSSL_LWIP", STR_IFNDEF(WOLFSSL_LWIP));
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
#if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT)
ESP_LOGI(TAG, "Compiler Optimization: Default");
#elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE)
@ -494,7 +507,7 @@ int ShowExtendedSystemInfo_config(void)
#else
ESP_LOGI(TAG, "Compiler Optimization: Unknown");
#endif
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
return ESP_OK;
}
@ -629,7 +642,7 @@ int ShowExtendedSystemInfo(void)
#ifdef INCLUDE_uxTaskGetStackHighWaterMark
ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
#endif
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ShowExtendedSystemInfo_config();
ShowExtendedSystemInfo_git();
@ -643,29 +656,111 @@ int ShowExtendedSystemInfo(void)
return ESP_OK;
}
int esp_ShowExtendedSystemInfo(void)
esp_err_t esp_ShowExtendedSystemInfo(void)
{
/* Someday the ShowExtendedSystemInfo may be global.
* See https://github.com/wolfSSL/wolfssl/pull/6149 */
return ShowExtendedSystemInfo();
}
/*
* Disable the watchdog timer (use with caution)
*/
esp_err_t esp_DisableWatchdog(void)
{
esp_err_t ret = ESP_OK;
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* magic bit twiddle to disable WDT on ESP8266 */
*((volatile uint32_t*) 0x60000900) &= ~(1);
#elif CONFIG_IDF_TARGET_ESP32S3
ESP_LOGW(TAG, "esp_DisableWatchdog TODO S3");
#else
#if ESP_IDF_VERSION_MAJOR >= 5
{
#if defined(CONFIG_IDF_TARGET_ESP32)
rtc_wdt_protect_off();
rtc_wdt_disable();
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6) || \
defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGW(TAG, "No known rtc_wdt_protect_off for this platform.");
#else
rtc_wdt_protect_off();
rtc_wdt_disable();
#endif
}
#else
ESP_LOGW(TAG, "esp_DisableWatchdog not implemented on ESP_OIDF v%d",
ESP_IDF_VERSION_MAJOR);
#endif
#endif
#ifdef DEBUG_WOLFSSL
ESP_LOGI(TAG, "Watchdog disabled.");
#endif
return ret;
}
/*
* Enable the watchdog timer.
*/
esp_err_t esp_EnabledWatchdog(void)
{
esp_err_t ret = ESP_OK;
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* magic bit twiddle to enable WDT on ESP8266 */
*((volatile uint32_t*) 0x60000900) |= 1;
#elif CONFIG_IDF_TARGET_ESP32S3
ESP_LOGW(TAG, "esp_EnableWatchdog TODO S3");
#else
#if ESP_IDF_VERSION_MAJOR >= 5
{
#if defined(CONFIG_IDF_TARGET_ESP32)
rtc_wdt_protect_on();
rtc_wdt_enable();
#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP32C3) || \
defined(CONFIG_IDF_TARGET_ESP32C6) || \
defined(CONFIG_IDF_TARGET_ESP32H2)
ESP_LOGW(TAG, "No known rtc_wdt_protect_off for this platform.");
#else
rtc_wdt_protect_on();
rtc_wdt_enable();
#endif
}
#else
ESP_LOGW(TAG, "esp_DisableWatchdog not implemented on ESP_OIDF v%d",
ESP_IDF_VERSION_MAJOR);
#endif
#endif
#ifdef DEBUG_WOLFSSL
ESP_LOGI(TAG, "Watchdog enabled.");
#endif
return ret;
}
/* Print a MATH_INT_T attribute list.
*
* Note with the right string parameters, the result can be pasted as
* initialization code.
*/
int esp_show_mp_attributes(char* c, MATH_INT_T* X)
esp_err_t esp_show_mp_attributes(char* c, MATH_INT_T* X)
{
static const char* MP_TAG = "MATH_INT_T";
int ret = ESP_OK;
esp_err_t ret = ESP_OK;
if (X == NULL) {
ret = ESP_FAIL;
ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL");
}
else {
ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(MP_TAG, "%s.used = %d;", c, X->used);
#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
ESP_LOGI(MP_TAG, "%s.sign = %d;", c, X->sign);
@ -679,10 +774,10 @@ int esp_show_mp_attributes(char* c, MATH_INT_T* X)
* Note with the right string parameters, the result can be pasted as
* initialization code.
*/
int esp_show_mp(char* c, MATH_INT_T* X)
esp_err_t esp_show_mp(char* c, MATH_INT_T* X)
{
static const char* MP_TAG = "MATH_INT_T";
int ret = MP_OKAY;
esp_err_t ret = ESP_OK;
int words_to_show = 0;
if (X == NULL) {
@ -717,16 +812,16 @@ int esp_show_mp(char* c, MATH_INT_T* X)
i /* the index, again, for comment */
);
}
ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
}
return ret;
}
/* Perform a full mp_cmp and binary compare.
* (typically only used during debugging) */
int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
esp_err_t esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
{
int ret = MP_OKAY;
esp_err_t ret = ESP_OK;
int e = memcmp(A, B, sizeof(mp_int));
if (mp_cmp(A, B) == MP_EQ) {
if (e == 0) {
@ -769,6 +864,7 @@ int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
}
if (ret == MP_OKAY) {
ret = ESP_OK;
ESP_LOGV(TAG, "esp_mp_cmp equal for %s and %s!",
name_A, name_B);
}
@ -779,7 +875,7 @@ int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
return ret;
}
int esp_hw_show_metrics(void)
esp_err_t esp_hw_show_metrics(void)
{
#if defined(WOLFSSL_HW_METRICS)
#if defined(WOLFSSL_ESP32_CRYPT)

275
wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.c Normal file
View File

@ -0,0 +1,275 @@
/* esp_sdk_mem_lib.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#ifdef WOLFSSL_USER_SETTINGS
#include <wolfssl/wolfcrypt/settings.h>
#endif
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#if defined(WOLFSSL_USER_SETTINGS)
#include <wolfssl/wolfcrypt/types.h>
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
/* Espressif */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <esp_log.h>
#include <esp_err.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
static const char* TAG = "mem lib";
static intptr_t _starting_stack_pointer = 0;
static int _stack_used = 0;
/* see
* C:\SysGCC\esp8266\rtos-sdk\v3.4\components\esp8266\ld\esp8266.project.ld.in
*/
extern wc_ptr_t _data_start[];
extern wc_ptr_t _data_end[];
extern wc_ptr_t _rodata_start[];
extern wc_ptr_t _rodata_end[];
extern wc_ptr_t _bss_start[];
extern wc_ptr_t _bss_end[];
extern wc_ptr_t _rtc_data_start[];
extern wc_ptr_t _rtc_data_end[];
extern wc_ptr_t _rtc_bss_start[];
extern wc_ptr_t _rtc_bss_end[];
extern wc_ptr_t _iram_start[];
extern wc_ptr_t _iram_end[];
#if defined(CONFIG_IDF_TARGET_ESP8266)
extern wc_ptr_t _init_start[];
extern wc_ptr_t _init_end[];
#endif
extern wc_ptr_t _iram_text_start[];
extern wc_ptr_t _iram_text_end[];
extern wc_ptr_t _iram_bss_start[];
extern wc_ptr_t _iram_bss_end[];
extern wc_ptr_t _noinit_start[];
extern wc_ptr_t _noinit_end[];
extern wc_ptr_t _text_start[];
extern wc_ptr_t _text_end[];
extern wc_ptr_t _heap_start[];
extern wc_ptr_t _heap_end[];
extern wc_ptr_t _rtc_data_start[];
extern wc_ptr_t _rtc_data_end[];
extern void* _thread_local_start;
extern void* _thread_local_end;
/* See https://github.com/esp8266/esp8266-wiki/wiki/Memory-Map */
#define MEM_MAP_IO_START ((void*)(0x3FF00000))
#define MEM_MAP_IO_END ((void*)(0x3FF0FFFF))
#define USER_DATA_START ((void*)(0x3FFE8000))
#define USER_DATA_END ((void*)(0x3FFE8000 + 0x14000))
#define ETS_SYS_START ((void*)(0x3FFFC000))
#define ETS_SYS_END ((void*)(0x3FFFC000 + 0x4000))
#define IRAM1_START ((void*)(0x40100000))
#define IRAM1_END ((void*)(0x40100000 + 0x8000))
#define IRAMF1_START ((void*)(0x40108000))
#define IRAMF1_END ((void*)(0x40108000 + 0x4000))
#define IRAMF2_START ((void*)(0x4010C000))
#define IRAMF2_END ((void*)(0x4010C000 + 0x4000))
enum sdk_memory_segment
{
/* Ensure this list exactly matches order in sdk_memory_segment_text */
mem_map_io = 0,
thread_local,
data,
user_data_ram,
bss,
noinit,
ets_system,
iram1,
iramf1,
iramf2,
iram,
iram_text,
iram_bss,
init,
text,
rodata,
rtc_data,
SDK_MEMORY_SEGMENT_COUNT
};
static void* sdk_memory_segment_start[SDK_MEMORY_SEGMENT_COUNT + 1] = {};
static void* sdk_memory_segment_end[SDK_MEMORY_SEGMENT_COUNT + 1] = {};
static const char* sdk_memory_segment_text[SDK_MEMORY_SEGMENT_COUNT + 1] = {
"C memory map io ",
"* thread_local ",
"C data ",
"* user data ram ",
"* bss ",
"* noinit ",
"C ets system ",
"C iram1 ",
"C iramf1 ",
"C iramf2 ",
"* iram ",
"* iram_text ",
"* iram_bss ",
"* init ",
"* text ",
"* rodata ",
"* rtc data ",
"last item",
};
/* Given a given memory segment [m]: assign text names, starting and ending
* addresses. See also sdk_var_whereis() that requires this initialization. */
int sdk_log_meminfo(enum sdk_memory_segment m, void* start, void* end)
{
const char* str;
int len = 0;
str = sdk_memory_segment_text[m];
sdk_memory_segment_start[m] = start;
sdk_memory_segment_end[m] = end;
/* For ESP8266 See ./build/[Debug|Release]/esp8266/esp8266.project.ld */
/* For ESP32 See ./build/VisualGDB/Debug/esp-idf/esp_system/ld/ */
if (m == SDK_MEMORY_SEGMENT_COUNT) {
ESP_LOGI(TAG, " Linker Memory Map");
ESP_LOGI(TAG, "-----------------------------------------------------");
ESP_LOGI(TAG, " Start End Length");
}
else {
len = (uint32_t)end - (uint32_t)start;
ESP_LOGI(TAG, "%s: %p ~ %p : 0x%05x (%d)", str, start, end, len, len );
}
return ESP_OK;
}
/* Show all known linker memory segment names, starting & ending addresses. */
int sdk_init_meminfo(void) {
void* sample_heap_var;
int sample_stack_var = 0;
sdk_log_meminfo(SDK_MEMORY_SEGMENT_COUNT, NULL, NULL); /* print header */
sdk_log_meminfo(mem_map_io, MEM_MAP_IO_START, MEM_MAP_IO_END);
sdk_log_meminfo(thread_local, _thread_local_start, _thread_local_end);
sdk_log_meminfo(data, _data_start, _data_end);
sdk_log_meminfo(user_data_ram, USER_DATA_START, USER_DATA_END);
sdk_log_meminfo(bss, _bss_start, _bss_end);
sdk_log_meminfo(noinit, _noinit_start, _noinit_end);
sdk_log_meminfo(ets_system, ETS_SYS_START, ETS_SYS_END);
sdk_log_meminfo(rodata, _rodata_start, _rodata_end);
sdk_log_meminfo(iram1, IRAM1_START, IRAM1_END);
sdk_log_meminfo(iramf1, IRAMF1_START, IRAMF1_END);
sdk_log_meminfo(iramf2, IRAMF2_START, IRAMF2_END);
sdk_log_meminfo(iram, _iram_start, _iram_end);
sdk_log_meminfo(iram_text, _iram_text_start, _iram_text_end);
sdk_log_meminfo(iram_bss, _iram_bss_start, _iram_bss_end);
#if defined(CONFIG_IDF_TARGET_ESP8266)
sdk_log_meminfo(init, _init_start, _init_end);
#endif
sdk_log_meminfo(text, _text_start, _text_end);
sdk_log_meminfo(rtc_data, _rtc_data_start, _rtc_data_end);
ESP_LOGI(TAG, "-----------------------------------------------------");
sample_heap_var = malloc(1);
if (sample_heap_var == NULL) {
ESP_LOGE(TAG, "Unable to allocate heap memory in sdk_var_whereis().");
}
else {
sdk_var_whereis("sample_stack_var", (void*)&sample_stack_var);
sdk_var_whereis("sample_heap_var", sample_heap_var);
free(sample_heap_var);
}
return ESP_OK;
}
/* Returns ESP_OK if found in known memory map, ESP_FAIL otherwise */
esp_err_t sdk_var_whereis(const char* v_name, void* v) {
esp_err_t ret = ESP_FAIL;
for (enum sdk_memory_segment m = 0 ;m < SDK_MEMORY_SEGMENT_COUNT; m++) {
if (v >= sdk_memory_segment_start[m] &&
v <= sdk_memory_segment_end[m]) {
ret = ESP_OK;
ESP_LOGI(TAG, "Variable [%s] found at %p in %s", v_name, v,
sdk_memory_segment_text[m]);
if (m == user_data_ram) {
}
}
}
if (ret == ESP_FAIL) {
ESP_LOGW(TAG, "%s not found in known memory map: %p", v_name, v);
}
return ret;
}
intptr_t esp_sdk_stack_pointer(void)
{
intptr_t sp = 0;
#if defined(CONFIG_IDF_TARGET_ARCH_RISCV)
if (CONFIG_IDF_TARGET_ARCH_RISCV == 1) {
__asm volatile("mv %0, sp" : "=r" (sp));
}
#elif defined(CONFIG_IDF_TARGET_ARCH_XTENSA)
if (CONFIG_IDF_TARGET_ARCH_XTENSA == 1) {
__asm volatile("mov %0, sp" : "=r"(sp));
}
#endif
if (_starting_stack_pointer == 0) {
_starting_stack_pointer = sp;
}
_stack_used = _starting_stack_pointer - sp;
return sp;
}
esp_err_t esp_sdk_mem_lib_init(void)
{
int ret = ESP_OK;
sdk_init_meminfo();
ESP_LOGI(TAG, "esp_sdk_mem_lib_init Ver %d", ESP_SDK_MEM_LIB_VERSION);
return ret;
}
#ifndef SINGLE_THREADED
#include "semphr.h"
#endif
void* wc_debug_pvPortMalloc(size_t size,
const char* file, int line, const char* fname) {
void* ret = NULL;
ret = pvPortMalloc(size);
if (ret == NULL) {
ESP_LOGE("malloc", "%s:%d (%s)", file, line, fname);
ESP_LOGE("malloc", "Failed Allocating memory of size: %d bytes", size);
}
return ret;
}
#endif

441
wolfcrypt/src/port/Espressif/esp_sdk_time_lib.c Normal file
View File

@ -0,0 +1,441 @@
/* esp_sdk_time_lib.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* Reminder: user_settings.h is needed and included from settings.h
* Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
/* Espressif */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <esp_log.h>
#include <esp_err.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#define ESP_SDK_TIME_LIB_VERSION 1
static const char* TAG = "time lib";
esp_err_t esp_sdk_time_lib_init(void)
{
int ret = ESP_OK;
ESP_LOGI(TAG, "esp_sdk_time_lib_init Ver %d", ESP_SDK_TIME_LIB_VERSION);
return ret;
}
#if defined(CONFIG_IDF_TARGET_ESP8266)
#include <time.h>
#elif defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR == 1)
#define HAS_ESP_NETIF_SNTP 1
#include <lwip/apps/sntp.h>
#include <esp_netif_sntp.h>
#elif (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR > 1)
#define HAS_ESP_NETIF_SNTP 1
#include <lwip/apps/sntp.h>
#include <esp_netif_sntp.h>
#else
#include <string.h>
#include <esp_sntp.h>
#endif
#else
/* TODO Consider non ESP-IDF environments */
#endif
/* ESP-IDF uses a 64-bit signed integer to represent time_t
* starting from release v5.0
* See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
*/
/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
#ifndef TIME_ZONE
/*
* PST represents Pacific Standard Time.
* +8 specifies the offset from UTC (Coordinated Universal Time),
* indicating that Pacific Time is UTC-8 during standard time.
* PDT represents Pacific Daylight Time.
* M3.2.0 indicates that Daylight Saving Time (DST) starts on the
* second (2) Sunday (0) of March (3).
* M11.1.0 indicates that DST ends on the first (1) Sunday (0)
* of November (11)
*/
#define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
#endif /* not defined: TIME_ZONE, so we are setting our own */
#define NTP_RETRY_COUNT 10
/* NELEMS(x) number of elements
* To determine the number of elements in the array, we can divide the total
* size of the array by the size of the array element.
* See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
**/
#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
#define NTP_SERVER_LIST ( (char*[]) { \
"pool.ntp.org", \
"time.nist.gov", \
"utcnist.colorado.edu" \
} \
)
/* #define NTP_SERVER_COUNT using NELEMS:
*
* (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
*/
#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
/* We should find max value in sdkconfig, if not set it to our count:*/
#define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
#endif
/* our NTP server list is global info */
extern char* ntpServerList[NTP_SERVER_COUNT];
char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
/* Show the current date and time */
int esp_show_current_datetime(void)
{
time_t now;
char strftime_buf[64];
struct tm timeinfo;
time(&now);
setenv("TZ", TIME_ZONE, 1);
tzset();
localtime_r(&now, &timeinfo);
strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
return ESP_OK;
}
/* the worst-case scenario is a hard-coded date/time */
int set_fixed_default_time(void)
{
/* ideally, we'd like to set time from network,
* but let's set a default time, just in case */
struct tm timeinfo = {
.tm_year = 2024 - 1900,
.tm_mon = 1,
.tm_mday = 05,
.tm_hour = 13,
.tm_min = 01,
.tm_sec = 05
};
struct timeval now;
time_t interim_time;
int ret = -1;
/* set interim static time */
interim_time = mktime(&timeinfo);
ESP_LOGI(TAG, "Adjusting time from fixed value");
now = (struct timeval){ .tv_sec = interim_time };
#if defined(CONFIG_IDF_TARGET_ESP8266)
(void)now;
#else
ret = settimeofday(&now, NULL);
#endif
ESP_LOGI(TAG, "settimeofday result = %d", ret);
return ret;
}
/* probably_valid_time_string(s)
*
* some sanity checks on time string before calling sscanf()
*
* returns 0 == ESP_OK == Success if str is likely a valid time.
* -1 == ESP_FAIL otherwise
*/
int probably_valid_time_string(const char* str)
{
int ret = ESP_OK;
size_t length = 0;
size_t spaces = 0;
size_t colons = 0;
while (str[length] != '\0') {
if (str[length] == ' ') {
spaces++;
}
if (str[length] == ':') {
colons++;
}
length++;
}
if ((length > 32) || (spaces < 4) || (spaces > 5) || (colons > 2)) {
ret = ESP_FAIL;
ESP_LOGE(TAG, "ERROR, failed time sanity check: %s", str);
}
return ret;
}
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO implement time functions for ESP8266 */
int set_time_from_string(const char* time_buffer)
{
ESP_LOGE(TAG, "set_time_from_string not implemented for ESP8266");
return ESP_FAIL;
}
int set_time(void)
{
ESP_LOGE(TAG, "set_time not implemented for ESP8266");
return ESP_FAIL;
}
int set_time_wait_for_ntp(void)
{
ESP_LOGE(TAG, "set_time_wait_for_ntp not implemented for ESP8266");
return ESP_FAIL;
}
#else
/* ESP32 Time Helpers */
/* set_time_from_string(s)
*
* returns 0 = success if able to set the time from the provided string
* error for any other value, typically -1 */
int set_time_from_string(const char* time_buffer)
{
/* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
char offset[28]; /* large arrays, just in case there's still bad data */
char day_str[28];
char month_str[28];
const char *format = "%3s %3s %d %d:%d:%d %d %s";
struct tm this_timeinfo;
struct timeval now;
time_t interim_time;
int day, year, hour, minute, second;
int quote_offset = 0;
int ret = 0;
/* perform some basic sanity checkes */
ret = probably_valid_time_string(time_buffer);
if (ret == ESP_OK) {
/* we are expecting the string to be encapsulated in single quotes */
if (*time_buffer == 0x27) {
quote_offset = 1;
}
ret = sscanf(time_buffer + quote_offset,
format,
day_str, month_str,
&day, &hour, &minute, &second, &year, &offset);
if (ret == 8) {
/* we found a match for all componets */
const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
};
for (int i = 0; i < 12; i++) {
if (strcmp(month_str, months[i]) == 0) {
this_timeinfo.tm_mon = i;
break;
}
}
this_timeinfo.tm_mday = day;
this_timeinfo.tm_hour = hour;
this_timeinfo.tm_min = minute;
this_timeinfo.tm_sec = second;
this_timeinfo.tm_year = year - 1900; /* Years since 1900 */
interim_time = mktime(&this_timeinfo);
now = (struct timeval){ .tv_sec = interim_time };
ret = settimeofday(&now, NULL);
ESP_LOGI(TAG, "Time updated to %s", time_buffer);
}
else {
ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.",
time_buffer);
ESP_LOGI(TAG, "Trying fixed date that was hard-coded....");
set_fixed_default_time();
ret = ESP_FAIL;
}
}
return ret;
}
/* set time; returns 0 if succecssfully configured with NTP */
int set_time(void)
{
#ifndef NTP_SERVER_COUNT
ESP_LOGW(TAG, "Warning: no sntp server names defined. "
"Setting to empty list");
#define NTP_SERVER_COUNT 0
#warning "NTP not properly configured"
#endif /* not defined: NTP_SERVER_COUNT */
#ifdef HAS_ESP_NETIF_SNTP
#if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
NTP_SERVER_COUNT,
ESP_SNTP_SERVER_LIST(ntpServerList[0])
);
#else
esp_sntp_config_t config =
ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
#endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
#endif /* HAS_ESP_NETIF_SNTP */
int ret = 0;
int i = 0; /* counter for time servers */
ESP_LOGI(TAG, "Setting the time. Startup time:");
esp_show_current_datetime();
#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
/* initialy set a default approximate time from recent git commit */
ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
LIBWOLFSSL_VERSION_GIT_HASH_DATE);
set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");
esp_show_current_datetime();
ret = -4;
#else
/* otherwise set a fixed time that was hard coded */
set_fixed_default_time();
esp_show_current_datetime();
ret = -3;
#endif
#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
config.smooth_sync = true;
#endif
if (NTP_SERVER_COUNT) {
/* next, let's setup NTP time servers
*
* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
*
* WARNING: do not set operating mode while SNTP client is running!
*/
/* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL); */
sntp_setoperatingmode(SNTP_OPMODE_POLL);
if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
"CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
}
ESP_LOGI(TAG, "sntp_setservername:");
for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
const char* thisServer = ntpServerList[i];
if (strncmp(thisServer, "\x00", 1) == 0) {
/* just in case we run out of NTP servers */
break;
}
ESP_LOGI(TAG, "%s", thisServer);
sntp_setservername(i, thisServer);
ret = ESP_OK;
}
#ifdef HAS_ESP_NETIF_SNTP
ret = esp_netif_sntp_init(&config);
#else
ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
"of updated SNTP libraries");
#endif
if (ret == ESP_OK) {
ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
}
else {
ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
}
sntp_init();
switch (ret) {
case ESP_ERR_INVALID_STATE:
break;
default:
break;
}
ESP_LOGI(TAG, "sntp_init done.");
}
else {
ESP_LOGW(TAG, "No sntp time servers found.");
ret = -1;
}
esp_show_current_datetime();
ESP_LOGI(TAG, "time helper existing with result = %d", ret);
return ret;
}
/* wait for NTP to actually set the time */
int set_time_wait_for_ntp(void)
{
int ret = 0;
#ifdef HAS_ESP_NETIF_SNTP
int ntp_retry = 0;
const int ntp_retry_count = NTP_RETRY_COUNT;
ret = esp_netif_sntp_start();
ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
#else
ESP_LOGE(TAG, "HAS_ESP_NETIF_SNTP not defined");
#endif /* HAS_ESP_NETIF_SNTP */
esp_show_current_datetime();
#ifdef HAS_ESP_NETIF_SNTP
while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
ntp_retry,
ntp_retry_count);
esp_show_current_datetime();
}
#endif /* HAS_ESP_NETIF_SNTP */
#ifdef TIME_ZONE
setenv("TZ", TIME_ZONE, 1);
tzset();
#endif
if (ret == ESP_OK) {
ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
}
else {
ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
"result = 0x%0x: %s",
ret, esp_err_to_name(ret));
}
return ret;
}
#endif /* ESP32 or ESP8266 time helpers */
#endif

468
wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.c Normal file
View File

@ -0,0 +1,468 @@
/* esp_sdk_wifi_lib.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* Reminder: user_settings.h is needed and included from settings.h
* Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
#ifndef NO_ESP_SDK_WIFI
/* Espressif */
#include "sdkconfig.h" /* programmatically generated from sdkconfig */
#include <esp_log.h>
#include <esp_err.h>
#include <esp_wifi.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#define ESP_SDK_WIFI_LIB_VERSION 1
static const char* TAG = "wifi lib";
esp_err_t esp_sdk_wifi_lib_init(void)
{
int ret = ESP_OK;
ESP_LOGI(TAG, "esp_sdk_wifi_lib_init Ver %d", ESP_SDK_WIFI_LIB_VERSION);
return ret;
}
/* When there's too little heap, WiFi quietly refuses to connect */
#define WIFI_LOW_HEAP_WARNING 21132
#if defined(CONFIG_IDF_TARGET_ESP8266)
#elif ESP_IDF_VERSION_MAJOR >= 5 && defined(FOUND_PROTOCOL_EXAMPLES_DIR)
/* example path set in cmake file */
#elif ESP_IDF_VERSION_MAJOR >= 4
#include "protocol_examples_common.h"
#else
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
#if defined(CONFIG_IDF_TARGET_ESP8266)
#elif defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
#if ESP_IDF_VERSION_MAJOR >= 4
/* likely using examples, see wifi_connect.h */
#else
/* TODO - still supporting pre V4 ? */
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
#if (ESP_IDF_VERSION_MAJOR == 5)
#define HAS_WPA3_FEATURES
#else
#undef HAS_WPA3_FEATURES
#endif
#else
/* TODO Consider pre IDF v5? */
#endif
#if defined(CONFIG_IDF_TARGET_ESP8266)
#ifndef CONFIG_ESP_MAX_STA_CONN
#define CONFIG_ESP_MAX_STA_CONN 4
#endif
#define EXAMPLE_MAX_STA_CONN CONFIG_ESP_MAX_STA_CONN
#define WIFI_CONNECTED_BIT BIT0
#define WIFI_FAIL_BIT BIT1
#ifndef CONFIG_ESP_MAXIMUM_RETRY
#define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
/* FreeRTOS event group to signal when we are connected*/
static EventGroupHandle_t s_wifi_event_group;
static int s_retry_num = 0;
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#if 0
static void event_handler(void* arg, esp_event_base_t event_base,
int32_t event_id, void* event_data)
{
if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
esp_wifi_connect();
} else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED) {
if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
esp_wifi_connect();
s_retry_num++;
ESP_LOGI(TAG, "retry to connect to the AP");
} else {
xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
}
ESP_LOGI(TAG,"connect to the AP fail");
} else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
ip_event_got_ip_t* event = (ip_event_got_ip_t*) event_data;
ESP_LOGI(TAG, "got ip:%s",
ip4addr_ntoa(&event->ip_info.ip));
s_retry_num = 0;
xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
}
}
#else
static void event_handler(void* arg, esp_event_base_t event_base,
int32_t event_id, void* event_data)
{
if (event_base == WIFI_EVENT) {
if (event_id == WIFI_EVENT_STA_START) {
esp_wifi_connect();
ESP_LOGV(TAG, "Connect event!!");
}
else {
if (event_id == WIFI_EVENT_STA_DISCONNECTED) {
if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
esp_wifi_connect();
s_retry_num++;
ESP_LOGI(TAG, ">> Retry to connect to the AP");
}
else {
xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
}
ESP_LOGI(TAG, ">> Connect to the AP fail");
} /* WIFI_EVENT_STA_DISCONNECTED */
else if(event_id == IP_EVENT_STA_GOT_IP) {
ip_event_got_ip_t* event = (ip_event_got_ip_t*) event_data;
ESP_LOGI(TAG, "got ip:%s", ip4addr_ntoa(&event->ip_info.ip));
s_retry_num = 0;
xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
} /* IP_EVENT_STA_GOT_IP */
} /* not WIFI_EVENT_STA_START */
} /* event_base == WIFI_EVENT */
} /* event_handler */
#endif
esp_err_t esp_sdk_wifi_init_sta(void)
{
word32 this_heap;
s_wifi_event_group = xEventGroupCreate();
tcpip_adapter_init();
ESP_ERROR_CHECK(esp_event_loop_create_default());
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
ESP_ERROR_CHECK(esp_event_handler_register(WIFI_EVENT, ESP_EVENT_ANY_ID,
&event_handler, NULL));
ESP_ERROR_CHECK(esp_event_handler_register(IP_EVENT, IP_EVENT_STA_GOT_IP,
&event_handler, NULL));
wifi_config_t wifi_config = {
.sta = {
.ssid = EXAMPLE_ESP_WIFI_SSID,
.password = EXAMPLE_ESP_WIFI_PASS
},
};
/* Setting a password implies station will connect to all security modes
* including WEP/WPA. However these modes are deprecated and not advisable
* to be used. In case your Access point doesn't support WPA2, these mode
* can be enabled by commenting below line */
if (strlen((char *)wifi_config.sta.password)) {
wifi_config.sta.threshold.authmode = WIFI_AUTH_WPA2_PSK;
}
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished. Connecting...");
this_heap = esp_get_free_heap_size();
ESP_LOGI(TAG, "this heap = %d", this_heap);
if (this_heap < WIFI_LOW_HEAP_WARNING) {
ESP_LOGW(TAG, "Warning: WiFi low heap: %d", WIFI_LOW_HEAP_WARNING);
}
/* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
* or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
* The bits are set by event_handler()
* (see above) */
EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
pdFALSE,
pdFALSE,
portMAX_DELAY);
ESP_LOGI(TAG, "xEventGroupWaitBits finished.");
#if 0
/* xEventGroupWaitBits() returns the bits before the call returned, hence we can test which event actually
* happened. */
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "connected to ap SSID:%s",
EXAMPLE_ESP_WIFI_SSID);
} else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
EXAMPLE_ESP_WIFI_SSID, EXAMPLE_ESP_WIFI_PASS);
} else {
ESP_LOGE(TAG, "UNEXPECTED EVENT");
}
#else
/* xEventGroupWaitBits() returns the bits before the call returned,
* hence we can test which event actually happened. */
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "Connected to AP SSID: %s",
EXAMPLE_ESP_WIFI_SSID);
}
else {
if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to SSID: %s, password:%s",
EXAMPLE_ESP_WIFI_SSID, EXAMPLE_ESP_WIFI_PASS);
}
else {
ESP_LOGE(TAG, "UNEXPECTED EVENT");
}
}
#endif
ESP_ERROR_CHECK(esp_event_handler_unregister(IP_EVENT, IP_EVENT_STA_GOT_IP,
&event_handler));
ESP_ERROR_CHECK(esp_event_handler_unregister(WIFI_EVENT, ESP_EVENT_ANY_ID,
&event_handler));
vEventGroupDelete(s_wifi_event_group);
return ESP_OK;
}
#elif ESP_IDF_VERSION_MAJOR < 4
/* event handler for wifi events */
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
{
switch (event->event_id)
{
case SYSTEM_EVENT_STA_START:
esp_wifi_connect();
break;
case SYSTEM_EVENT_STA_GOT_IP:
#if ESP_IDF_VERSION_MAJOR >= 4
ESP_LOGI(TAG, "got ip:" IPSTR "\n",
IP2STR(&event->event_info.got_ip.ip_info.ip));
#else
ESP_LOGI(TAG, "got ip:%s",
ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
#endif
/* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
esp_wifi_connect();
xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
break;
default:
break;
}
return ESP_OK;
}
#else
#ifdef CONFIG_ESP_MAXIMUM_RETRY
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#else
#define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
#if CONFIG_ESP_WIFI_AUTH_OPEN
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
#elif CONFIG_ESP_WIFI_AUTH_WEP
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
#endif
#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
#define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#endif
/* FreeRTOS event group to signal when we are connected*/
static EventGroupHandle_t s_wifi_event_group;
/* The event group allows multiple bits for each event,
* but we only care about two events:
* - we are connected to the AP with an IP
* - we failed to connect after the maximum amount of retries */
#define WIFI_CONNECTED_BIT BIT0
#define WIFI_FAIL_BIT BIT1
static int s_retry_num = 0;
ip_event_got_ip_t* event;
static void event_handler(void* arg,
esp_event_base_t event_base,
int32_t event_id,
void* event_data)
{
if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
esp_wifi_connect();
}
else if (event_base == WIFI_EVENT &&
event_id == WIFI_EVENT_STA_DISCONNECTED) {
if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
esp_wifi_connect();
s_retry_num++;
ESP_LOGI(TAG, "retry to connect to the AP");
}
else {
xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
}
ESP_LOGI(TAG, "connect to the AP fail");
}
else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
event = (ip_event_got_ip_t*) event_data;
/* wifi_show_ip(); */
s_retry_num = 0;
xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
}
}
esp_err_t wc_wifi_init_sta(void)
{
esp_err_t ret = ESP_OK;
s_wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());
esp_netif_create_default_wifi_sta();
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
esp_event_handler_instance_t instance_any_id;
esp_event_handler_instance_t instance_got_ip;
ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
ESP_EVENT_ANY_ID,
&event_handler,
NULL,
&instance_any_id));
ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
IP_EVENT_STA_GOT_IP,
&event_handler,
NULL,
&instance_got_ip));
wifi_config_t wifi_config = {
.sta = {
.ssid = EXAMPLE_ESP_WIFI_SSID,
.password = EXAMPLE_ESP_WIFI_PASS,
/* Authmode threshold resets to WPA2 as default if password matches
* WPA2 standards (pasword len => 8). If you want to connect the
* device to deprecated WEP/WPA networks, Please set the threshold
* value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
* length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
* standards. */
.threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
#ifdef HAS_WPA3_FEATURES
.sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
#endif
},
};
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
#ifdef CONFIG_EXAMPLE_WIFI_SSID
if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
ESP_LOGW(TAG, " Do you have a WiFi AP called \"myssid\", ");
ESP_LOGW(TAG, " or did you forget the ESP-IDF configuration?");
}
#else
ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
#endif
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished.");
/* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
* or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
* The bits are set by event_handler() (see above) */
EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
pdFALSE,
pdFALSE,
portMAX_DELAY);
/* xEventGroupWaitBits() returns the bits before the call returned,
* hence we can test which event actually happened. */
#if defined(SHOW_SSID_AND_PASSWORD)
ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
EXAMPLE_ESP_WIFI_SSID,
EXAMPLE_ESP_WIFI_PASS);
}
else {
ESP_LOGE(TAG, "UNEXPECTED EVENT");
}
#else
if (bits & WIFI_CONNECTED_BIT) {
ESP_LOGI(TAG, "Connected to AP");
}
else if (bits & WIFI_FAIL_BIT) {
ESP_LOGI(TAG, "Failed to connect to AP");
ret = -1;
}
else {
ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
ret = -2;
}
#endif
return ret;
}
esp_err_t wc_wifi_show_ip(void)
{
/* TODO Causes panic: ESP_LOGI(TAG, "got ip:" IPSTR,
* IP2STR(&event->ip_info.ip)); */
return ESP_OK;
}
#endif
#endif /* !NO_ESP_SDK_WIFI */
#endif /* WOLFSSL_ESPIDF */

1
wolfssl/wolfcrypt/include.am
View File

@ -108,6 +108,7 @@ noinst_HEADERS+= \
wolfssl/wolfcrypt/port/st/stm32.h \
wolfssl/wolfcrypt/port/st/stsafe.h \
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h \
wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h \
wolfssl/wolfcrypt/port/arm/cryptoCell.h \
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h \
wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h \

229
wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h Normal file
View File

@ -0,0 +1,229 @@
/* esp-sdk-lib.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __ESP_SDK_LIB_H__
#define __ESP_SDK_LIB_H__
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
/* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt: */
/* set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
#ifndef WOLFSSL_USER_SETTINGS
#error "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
#endif
/* FreeRTOS */
#include <freertos/FreeRTOS.h>
#include <freertos/task.h>
#include <freertos/event_groups.h>
/* Espressif */
#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
#include <esp_idf_version.h>
#include <esp_log.h>
#define ESP_SDK_MEM_LIB_VERSION 1
/**
******************************************************************************
******************************************************************************
** USER APPLICATION SETTINGS BEGIN
******************************************************************************
******************************************************************************
**/
/* when using a private config with plain text passwords,
* file my_private_config.h should be excluded from git updates */
/* #define USE_MY_PRIVATE_CONFIG */
/* Note that IntelliSense may not work properly in the next section for the
* Espressif SDK 3.4 on the ESP8266. Macros should still be defined.
* See the project-level Makefile. Example found in:
* https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/template
*
* The USE_MY_PRIVATE_[OS]_CONFIG is typically an environment variable that
* triggers the make (not cmake) to add compiler defines.
*/
#if defined(USE_MY_PRIVATE_WINDOWS_CONFIG)
#include "/workspace/my_private_config.h"
#elif defined(USE_MY_PRIVATE_WSL_CONFIG)
#include "/mnt/c/workspace/my_private_config.h"
#elif defined(USE_MY_PRIVATE_LINUX_CONFIG)
#include "~/workspace/my_private_config.h"
#elif defined(USE_MY_PRIVATE_MAC_CONFIG)
#include "~/Documents/my_private_config.h"
#elif defined(USE_MY_PRIVATE_CONFIG)
/* This section works best with cmake & non-environment variable setting */
#if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
#define WOLFSSL_CMAKE
#include "/workspace/my_private_config.h"
#elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WINDOWS)
#define WOLFSSL_MAKE
#include "/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
#define WOLFSSL_CMAKE
#include "/mnt/c/workspace/my_private_config.h"
#elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WSL)
#define WOLFSSL_MAKE
#include "/mnt/c/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
#define WOLFSSL_CMAKE
#include "~/workspace/my_private_config.h"
#elif defined(WOLFSSL_MAKE_SYSTEM_NAME_LINUX)
#define WOLFSSL_MAKE
#include "~/workspace/my_private_config.h"
#elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
#include "~/Documents/my_private_config.h"
#elif defined(WOLFSSL_MAKE_SYSTEM_NAME_APPLE)
#define WOLFSSL_MAKE
#include "~/Documents/my_private_config.h"
#elif defined(OS_WINDOWS)
#include "/workspace/my_private_config.h"
#else
/* Edit as needed for your private config: */
#warning "default private config using /workspace/my_private_config.h"
#include "/workspace/my_private_config.h"
#endif
#else
/*
** The examples use WiFi configuration that you can set via project
** configuration menu
**
** If you'd rather not, just change the below entries to strings with
** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
*/
#if defined(CONFIG_ESP_WIFI_SSID)
/* tyically from ESP32 with ESP-IDF v4 ot v5 */
#define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
#elif defined(CONFIG_EXAMPLE_WIFI_SSID)
/* typically from ESP8266 rtos-sdk/v3.4 */
#undef EXAMPLE_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID
#else
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#if defined(CONFIG_ESP_WIFI_PASSWORD)
/* tyically from ESP32 with ESP-IDF v4 or v5 */
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#elif defined(CONFIG_EXAMPLE_WIFI_SSID)
/* typically from ESP8266 rtos-sdk/v3.4 */
#undef EXAMPLE_ESP_WIFI_PASS
#define EXAMPLE_ESP_WIFI_PASS CONFIG_EXAMPLE_WIFI_PASSWORD
#else
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
#endif
#endif
#ifdef __cplusplus
extern "C" {
#endif
WOLFSSL_LOCAL esp_err_t esp_sdk_time_mem_init(void);
WOLFSSL_LOCAL esp_err_t sdk_var_whereis(const char* v_name, void* v);
WOLFSSL_LOCAL intptr_t esp_sdk_stack_pointer(void);
/******************************************************************************
* Time helpers
******************************************************************************/
WOLFSSL_LOCAL esp_err_t esp_sdk_time_lib_init(void);
/* a function to show the current data and time */
WOLFSSL_LOCAL esp_err_t esp_show_current_datetime(void);
/* worst case, if GitHub time not available, used fixed time */
WOLFSSL_LOCAL esp_err_t set_fixed_default_time(void);
/* set time from string (e.g. GitHub commit time) */
WOLFSSL_LOCAL esp_err_t set_time_from_string(const char* time_buffer);
/* set time from NTP servers,
* also initially calls set_fixed_default_time or set_time_from_string */
WOLFSSL_LOCAL esp_err_t set_time(void);
/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
WOLFSSL_LOCAL esp_err_t set_time_wait_for_ntp(void);
#ifndef NO_ESP_SDK_WIFI
/******************************************************************************
* WiFi helpers
******************************************************************************/
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
#define TLS_SMP_WIFI_PASS CONFIG_WIFI_PASSWORD
/* Optionally enable WiFi. Typically not used for wolfcrypt tests */
/* #define USE_WIFI_EXAMPLE */
#ifdef USE_WIFI_EXAMPLE
#include "esp_netif.h"
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* TODO find and implement ESP8266 example include */
#else
#include "protocol_examples_common.h" /* see project CMakeLists.txt */
#endif
#endif
/* ESP lwip */
#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
WOLFSSL_LOCAL esp_err_t esp_sdk_wifi_lib_init(void);
WOLFSSL_LOCAL esp_err_t esp_sdk_wifi_init_sta(void);
WOLFSSL_LOCAL esp_err_t esp_sdk_wifi_show_ip(void);
#endif /* !NO_ESP_SDK_WIFI */
/******************************************************************************
* Debug helpers
******************************************************************************/
WOLFSSL_LOCAL esp_err_t sdk_init_meminfo(void);
WOLFSSL_LOCAL void* wc_debug_pvPortMalloc(size_t size,
const char* file, int line, const char* fname);
#ifdef __cplusplus
} /* extern "C" */
#endif
/* Check for traps */
#if defined(CONFIG_IDF_TARGET_ESP8266)
#if !defined(NO_SESSION_CACHE) && \
!defined(MICRO_SESSION_CACHE) && \
!defined(SMALL_SESSION_CACHE)
#warning "Limited DRAM/IRAM on ESP8266. Check session cache settings"
#endif
#endif
#endif /* WOLFSSL_ESPIDF */
#endif /* __ESP_SDK_LIB_H__ */

20
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
View File

@ -1,6 +1,6 @@
/* esp32-crypt.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -51,6 +51,12 @@
#define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "."
#endif
#if defined(CONFIG_IDF_TARGET)
#define FOUND_CONFIG_IDF_TARGET CONFIG_IDF_TARGET
#else
#define FOUND_CONFIG_IDF_TARGET "(unknown device)"
#endif
/* Optional exit message.
* The WOLFSSL_COMPLETE keyword exits wolfSSL test harness script. */
#define WOLFSSL_ESPIDF_EXIT_MESSAGE \
@ -58,6 +64,14 @@
"\n\nWOLFSSL_COMPLETE" \
"\n\nIf running from idf.py monitor, press twice: Ctrl+]"
#define WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE(s, err) \
"\n\nDevice: " FOUND_CONFIG_IDF_TARGET \
"\n\nExit code: %d " \
"\n\n"s \
"\n\nWOLFSSL_COMPLETE" \
"\n\nIf running from idf.py monitor, press twice: Ctrl+]", \
(err)
/* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
*
* see wolfssl/wolfcrypt/error-crypt.h
@ -495,6 +509,10 @@ extern "C"
WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
WOLFSSL_LOCAL esp_err_t esp_DisableWatchdog(void);
WOLFSSL_LOCAL esp_err_t esp_EnableWatchdog(void);
/* Compare MATH_INT_T A to MATH_INT_T B
* During debug, the strings name_A and name_B can help
* identify variable name. */

38
wolfssl/wolfcrypt/settings.h
View File

@ -1,6 +1,6 @@
/* settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@ -508,6 +508,9 @@
/* WC_RSA_BLINDING takes up extra space! */
#define WC_RSA_BLINDING
/* Cache Resistant features are on by default, but has performance
* penalty on embedded systems. May not be needed here. Disabled: */
#define WC_NO_CACHE_RESISTANT
#endif /* !WOLFSSL_ESPIDF_NO_DEFAULT */
@ -1062,17 +1065,34 @@ extern void uITRON4_free(void *p) ;
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFSSL_TRACK_MEMORY)
#define XMALLOC(s, h, type) ((void)(h), (void)(type), pvPortMalloc((s)))
/* XMALLOC */
#if defined(WOLFSSL_ESPIDF) && \
(defined(DEBUG_WOLFSSL) || defined(DEBUG_WOLFSSL_MALLOC))
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#define XMALLOC(s, h, type) \
((void)(h), (void)(type), wc_debug_pvPortMalloc( \
(s), (__FILE__), (__LINE__), (__FUNCTION__) ))
#else
#define XMALLOC(s, h, type) \
((void)(h), (void)(type), pvPortMalloc((s)))
#endif
/* XFREE */
#define XFREE(p, h, type) ((void)(h), (void)(type), vPortFree((p)))
/* XREALLOC */
#if defined(WOLFSSL_ESPIDF)
/* In IDF, realloc(p, n) is equivalent to
* heap_caps_realloc(p, s, MALLOC_CAP_8BIT)
* there's no pvPortRealloc available */
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
/* FreeRTOS pvPortRealloc() implementation can be found here:
* https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
/* In the Espressif EDP-IDF, realloc(p, n) is equivalent to
* heap_caps_realloc(p, s, MALLOC_CAP_8BIT)
* There's no pvPortRealloc available: */
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
#elif defined(USE_INTEGER_HEAP_MATH) || defined(OPENSSL_EXTRA)
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
/* FreeRTOS pvPortRealloc() implementation can be found here:
* https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
#define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
#else
/* no XREALLOC available */
#endif
#endif